MISP observable analyzer adjustments

[mlodic]

We should revision that analyzer:

• "timeout" in PyMISP should be configurable by the user
• new option in the search: "published" to get only published event
• new option in the search: "metadata" to have lighter queries but less data

Reference:
https://github.com/MISP/PyMISP/blob/main/docs/tutorial/Search-FullOverview.ipynb

[Varlight]

Hi, I would like to work on this issue @mlodic

[mlodic]

hey, this is an urgent feature to add: if you get the time to try to work on it right now you can pick up, otherwise please select another issue to start with IntelOwl :) thank you for your understanding

[Varlight]

Alright, cool mate.

…

On Mon, 23 Oct, 2023, 12:54 pm Matteo Lodi, ***@***.***> wrote: hey, this is an urgent feature to add: if you get the time to try to work on it right now you can pick up, otherwise please select another issue to start with IntelOwl :) thank you for your understanding — Reply to this email directly, view it on GitHub <#1955 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AYNALAQ3IPVCW6TAZUGQYYLYAYLTZAVCNFSM6AAAAAA6HP6YZCVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTONZUGU4DAMJSG4> . You are receiving this because you commented.Message ID: ***@***.***>

[HanilJain]

hi wanted to contribute for this issue.
could you please assign.
also while trying this out, I'm not sure what should be and misp-url in misp analyzer while configuring it.
I setted up misp-docker and launched http://localhost:8080/ and setted this as misp-url and with api_key but doesnt works.
could you please guide over it.

[mlodic]

if you have both intelowl and misp in the same machine in 2 different docker networks, they just cannot communicate

[g4ze]

Hellou! @mlodic I'll look into this one