Forum Discussion
Missing indicators in Sentinel (Threat Intelligence Platforms)
I still use the old data connector Threat Intelligence Platforms and SecurityGraphAPI along with it to integrate MISP with Sentinel and unfortunately there's a situation when not all indicators appea...
have you checked to see if there are double ups, Microsoft Security Graph API will automatically delete any double ups of the same IOC based information
Thank you for the reply and I'm aware it takes care of duplicates, but that's not it in this case. Datasets are completely different, I even checked a IOCs just to make sure. :v
IOCs that I want are being sent only when: I set the filter to pick them up and run script manually.
But thank you for the suggestion!
IOCs that I want are being sent only when: I set the filter to pick them up and run script manually.
But thank you for the suggestion!
- Other thoughts i have without knowing your environment
have you tried the new Threat Intelligence API as a possible workaround for this?
Are the MISP instance names different or the same etc,
Within the python script you can specify the name of the MISP instance, has this been tried?
