Dear all
Does anyone receive data from Microsoft Interflow?
It has a field called 'severity' which is currently mapped to the
'extra.severity' field:
https://github.com/certtools/intelmq/blob/0342b7718050b1690d9e20f137b58c769…
As in IntelMQ 3.5.0, we have a proper 'severity' field with standardized
values; the CTIP parser should now use that one as well. However, what's
unclear to me, without access to example data, is what possible values
Microsoft uses, and thus whether we need to map their values to ours.
So if you have any example data, please let us know what values they use :)
Best regards
Sebastian
--
Institute for Common Good Technology
gemeinnütziger Kulturverein - nonprofit cultural society
https://commongoodtechnology.org/
ZVR 1510673578