From ed030da39aefdd3bf9bfc7fb669ce0c085221c25 Mon Sep 17 00:00:00 2001 From: Men-hau <101662967+Men-hau@users.noreply.github.com> Date: Tue, 7 Nov 2023 12:22:39 +0100 Subject: [PATCH 1/2] Create thehive_import_sekoia_feed.md --- .../thehive_import_sekoia_feed.md | 58 +++++++++++++++++++ 1 file changed, 58 insertions(+) create mode 100644 _shared_content/intelligence_center/integrations/thehive_import_sekoia_feed.md diff --git a/_shared_content/intelligence_center/integrations/thehive_import_sekoia_feed.md b/_shared_content/intelligence_center/integrations/thehive_import_sekoia_feed.md new file mode 100644 index 0000000000..3d75899fe1 --- /dev/null +++ b/_shared_content/intelligence_center/integrations/thehive_import_sekoia_feed.md @@ -0,0 +1,58 @@ +# Import Sekoia intelligence + +Here are some examples on how to import one object of Sekoia intelligence in Cortex + +## 1. Indicator + +1. Go to Sekoia.io connector _Analyzers > SEKOIAIntelligenceCenter_ and click on button Run +![TheHive_Sekoia_connector1](/assets/intelligence_center/search_SekoiaCTI-1_indicators.png){: style="width: 80%; max-width: 80%"} + +2. Fill the information +![TheHive_Sekoia_connector2a](/assets/intelligence_center/search_SekoiaCTI-2_indicators.png){: style="width: 60%; max-width: 60%"} + +3. Check the indicator in Jobs History +![TheHive_Sekoia_job](/assets/intelligence_center/search_SekoiaCTI-3_indicators.png){: style="width: 60%; max-width: 60%"} + +4. Check the Sekoia.io indicator +![TheHive_Sekoia_feed1](/assets/intelligence_center/search_SekoiaCTI-4_indicators.png){: style="width: 100%; max-width: 100%"} + +5. Indicator in Sekoia.io Intelligence page +![TheHive_Sekoia_objects](/assets/intelligence_center/searchCTI_Sekoia_objects.png){: style="width: 40%; max-width: 40%"} + + + +## 2. Observable Context + +1. Go to Sekoia.io connector _Analyzers > SEKOIAIntelligenceCenter_ and click on button Run +![TheHive_Sekoia_connector1](/assets/intelligence_center/search_SekoiaCTI-1_context.png){: style="width: 80%; max-width: 80%"} + +2. Fill the information +![TheHive_Sekoia_connector2b](/assets/intelligence_center/search_SekoiaCTI-2_context.png){: style="width: 60%; max-width: 60%"} + +3. Check the observable in Jobs History +![TheHive_Sekoia_job](/assets/intelligence_center/search_SekoiaCTI-3_context.png){: style="width: 60%; max-width: 60%"} + +4. Check the Sekoia.io observable +![TheHive_Sekoia_feed1](/assets/intelligence_center/search_SekoiaCTI-4_context.png){: style="width: 100%; max-width: 100%"} + +5. Observable in Sekoia.io Intelligence page +![TheHive_Sekoia_Observable](/assets/intelligence_center/searchCTI_Sekoia_observables.png){: style="width: 40%; max-width: 40%"} + + + +## 3. Observable + +1. Go to Sekoia.io connector _Analyzers > SEKOIAIntelligenceCenter_ (any) and click on button Run +![TheHive_Sekoia_connector1](/assets/intelligence_center/search_SekoiaCTI-1_observables.png){: style="width: 80%; max-width: 80%"} + +2. Fill the information +![TheHive_Sekoia_connector2c](/assets/intelligence_center/search_SekoiaCTI-2_observables.png){: style="width: 60%; max-width: 60%"} + +3. Check the observable in Jobs History +![TheHive_Sekoia_job](/assets/intelligence_center/search_SekoiaCTI-3_observables.png){: style="width: 60%; max-width: 60%"} + +4. Check the Sekoia.io observable +![TheHive_Sekoia_feed1](/assets/intelligence_center/search_SekoiaCTI-4_observables.png){: style="width: 100%; max-width: 100%"} + +5. Observable in Sekoia.io Intelligence page +![TheHive_Sekoia_Observable](/assets/intelligence_center/searchCTI_Sekoia_observables.png){: style="width: 40%; max-width: 40%"} From e84990a51e82a5fe439108fc8c7ff5b1dafa31b4 Mon Sep 17 00:00:00 2001 From: Men-hau <101662967+Men-hau@users.noreply.github.com> Date: Tue, 7 Nov 2023 17:25:18 +0100 Subject: [PATCH 2/2] Update thehive_import_sekoia_feed.md --- .../integrations/thehive_import_sekoia_feed.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/_shared_content/intelligence_center/integrations/thehive_import_sekoia_feed.md b/_shared_content/intelligence_center/integrations/thehive_import_sekoia_feed.md index 3d75899fe1..d50cab4864 100644 --- a/_shared_content/intelligence_center/integrations/thehive_import_sekoia_feed.md +++ b/_shared_content/intelligence_center/integrations/thehive_import_sekoia_feed.md @@ -1,6 +1,6 @@ -# Import Sekoia intelligence +# Verify Sekoia feed artefact in Cortex -Here are some examples on how to import one object of Sekoia intelligence in Cortex +Here are some examples on how to verify Sekoia feed artefact in Cortex and import its content: ## 1. Indicator