Plugin MISP to Pandora SIEM
This plugin retrieves the 500 most frequent IPs from the last 30 days of MISP events and generates a SIEM rule to detect traffic from those IPs.
Introduction
Ver. 06/03/2026 This plugin retrieves the 500 most frequent IPs from the last 30 days of MISP ev...
Compatibility Matrix
Systems where it has been tested Rocky Linux 9 Systems where it should work ...
Prerequisites
For the correct operation of the plugin, Python 3.10 or higher and the PyMISP library must be ins...
Plugin Configuration
Before running the plugin, you need to locate the script on the server, set execution permissions...
Manual Execution
Once permissions are set and access data collected, it is highly recommended to perform an initia...
Automation (Crontab)
Since MISP threat intelligence continuously receives new Indicators of Compromise (IoCs), it is e...