CVE Graph
Closed this issue · 1 comments
sreemanshanker commented
Hello, this is not an issue, but a query.
Great work you have here. I was wondering how did you get the CVE data for the signatures triggered. I tried looking at your dashboard, but it refers to a visualization which you have not posted.
I was wondering if you could share the visualization, and how you got the CVE details inside. This is a really useful feature.
Thank you in advance!
robcowart commented
I have a script that strips them out of the signature definitions, and creates the file snort_cve.yml dictionary. Incoming events are then enriched with this information based on the signature ID.