Hello,
I’d like to enrich a Splunk ES Threat Intel database and I'm trying to find an easy way to import AlienVault Open Threat Exchange (OTX) data to Splunk. Could anyone give me an advice please?
Thanks for the help.
Regards,
Alex.
you mean this?
https://splunkbase.splunk.com/app/4336/#/details
Did you managed to do it ?
I also have issues with adding this taxii feeds to the ES.
No, unfortunately I did not 😞
So frustrating
In for wanting this answered.
W*h*a*t?