Import Mitre Attck to Elasticsearch

The Python script imports data Mitre Attck Enterprise matrix to Elasticsearch

This script uses python3 and pyattck and elasticsearch json libraries.

Instructions:

Step 1: Install the required libraries
```
pip3 install -r requirements.txt
```

Step 2: Make changes to the configuration_file.py with your variables

    "ELASTICSEARCH_USERNAME": "elastic",
    "ELASTICSEARCH_PASSWORD": "PASSWORD",
    "ELASTICSEARCH_HOSTNAME": "elasticsearch_URL:PORT",
    "USE_SSL": True,
    "VERIFY_CERT" : True

Step 3: Run get_mitre.py script

python3 get_mitre.py

Sample script output:

created event TA0008_T1072
created event TA0008_T1080
created event TA0008_T1550
created event TA0003_T1098
created event TA0003_T1197

how it should look in Kibana after the index pattern is created:

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
files		files
README.md		README.md
configuration_file.py		configuration_file.py
get_mitre.py		get_mitre.py
mitre_attck_template.json		mitre_attck_template.json
requirements.txt		requirements.txt

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Import Mitre Attck to Elasticsearch

The Python script imports data Mitre Attck Enterprise matrix to Elasticsearch

About

Releases

Packages

Languages

hmnguyen1201/elasticsearch_mitre_attck

Folders and files

Latest commit

History

Repository files navigation

Import Mitre Attck to Elasticsearch

The Python script imports data Mitre Attck Enterprise matrix to Elasticsearch

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages