MISP

Download 14
Last updated Aug 5, 2023

misp-events

Fetch MISP events

misp-events [profile=PROFILE] [proxy=PROXY] [duration=NUM{mon|w|d|h|m|s}] [from=yyyyMMddHHmmss] [to=yyyyMMddHHmmss] [pretty=t]
profile=PROFILE
Comma seperated MISP profile names
proxy=PROXY
Proxy server setting If not specified, send feed requests directly without proxy server. e.g. IP:PORT
duration=NUM{mon|w|d|h|m|s}
Scan only recent data. You should use s(second), m(minute), h(hour), d(day), mon(month) time unit. For example, 10s means data from 10 seconds earlier. if not specified, the time is set based on from
from=yyyyMMddHHmmss
Start time of range. yyyyMMddHHmmss format. If you omit time part, it will be padded by zero. if not specified, it is set to 00:00:00 of the command execution date.
to=yyyyMMddHHmmss
End time of range. yyyyMMddHHmmss format. If you omit time part, it will be padded by zero. if not specified, it is set to 00:00:00 the next day of the command execution date.
pretty=t
Enable human-friendly output.

Output Fields

FieldTypeNameDescription
_timeDateTimeCreated time
profileStringConnect profileThe identifier of MISP connect profile
event_idIntegerEvent ID
guidStringGUID
infoStringInformatione.g. ThreatFox IOCs for 2023-05-25
tagsListTagse.g. ["type:OSINT","tlp:white"]