Hello all,
I am having issues with adding AlienVault OTX as a intelligence feed into splunk.
At first, when i didn't configured the threat list as a taxii, it managed to download the threat list as a csv file.
But now, i need to configure it as a taxii for parsing matters and it just stuck on that unhelpful message "TAXII feed polling starting".
My feed configurations are :
Type *
taxii
Description *
Alien Vault OTX feed
URL *
https://otx.alienvault.com/taxii/discovery
Weight *
1
Interval
43200
POST arguments
taxii_username="" taxii_password="poo"
Maximum age
-30d
I am really frustrated and would really appreciate anyone's help.
Thanks
↧