Following the previous, try the taxii server.
This time, check the services and collections settings.
--services settings
Let's take a look at the contents of the configuration file. For the configuration file, refer to ʻexamples / services.yml`.
inbox
Setting | Description |
---|---|
id: inbox | Refers to the name of the service Can be changed to any name |
type: inbox | Describe what kind of service is in charge on the taxii server - inbox:Accept when posting data to the server |
address: /services/inbox | Specify which URL to receive the response from the client |
description: Custom Inbox Service Description | Service description |
destination_collection_required: yes | Specifies whether the destination collection is required(yes/no) |
accept_all_content: yes | Specify if all content is accessible(yes/no) |
authentication_required: yes | Specifies whether authentication is required(yes/no) When authenticating, key authentication or ID/Specify Pass |
protocol_bindings: - urn:taxii.mitre.org:protocol:http:1.0 |
Specify the protocol to access the server |
discovery
Setting | Description |
---|---|
id: discovery | Refers to the name of the service Can be changed to any name |
type: discovery | Describe what kind of service is in charge on the taxii server - DISCOVERY:What service the server is(function)To refer to |
address: /services/discovery | Specify which URL to receive the response from the client |
description: Custom Discovery Service description | Service description |
advertised_services: - inbox - discovery - collection_management - poll |
Specify which services are available to the client |
protocol_bindings: - urn:taxii.mitre.org:protocol:http:1.0 - urn:taxii.mitre.org:protocol:https:1.0 |
Specify the protocol to access the server |
collection_management
Setting | Description |
---|---|
id: collection_management | Refers to the name of the service Can be changed to any name |
type: collection_management | Describe what kind of service is in charge on the taxii server - COLLECTION_MANAGEMENT:Browse the data feed provided by the server |
address: /services/collection-management | Specify which URL to receive the response from the client |
description: Custom Collection Management Service description | Service description |
protocol_bindings: - urn:taxii.mitre.org:protocol:http:1.0 - urn:taxii.mitre.org:protocol:https:1.0 |
Specify the protocol to access the server |
poll
Setting | Description |
---|---|
id: poll | Refers to the name of the service Can be changed to any name |
type: poll | Describe what kind of service is in charge on the taxii server - POLL:Refer to the data stored in the server |
address: /services/poll | Specify which URL to receive the response from the client |
description: Custom Poll Service description | Service description |
subscription_required: no | (I still don't understand the content)(yes/no) |
max_result_count: 100 | Specify the maximum number of data to pass to the client |
max_result_size: 10 | Specifies the maximum data size to pass to the client |
protocol_bindings: - urn:taxii.mitre.org:protocol:http:1.0 |
Specify the protocol to access the server |
# opentaxii-create-services -c examples/services.yml
This command creates a service. If you want to modify it, execute this command.
--collections settings
For the configuration file, refer to ʻexamples / collections.yml`.
Setting | Description |
---|---|
name: collection | name of collection |
available: true | Whether it is available or not(true/false) |
accept_all_content: true | Whether all data is accessible(true/false) |
type: DATA_SET | Handling of data in collection(DATA_SET/DATA_FEED) |
service_ids: - inbox - collection_management - poll |
Services to apply |
supported_content: - urn:stix.mitre.org:xml:1.1.1 - urn:custom.bindings.com:json:0.0.1 |
Formats supported by posted content |
# opentaxii-create-collections -c examples/collections.yml
This command creates a collection. If you want to modify it, execute this command.
Next time, I would like to check the settings for starting the server as a production environment.
OpenTAXII http://www.opentaxii.org/en/stable/
EclecticIQ/OpenTAXII https://github.com/EclecticIQ/OpenTAXII