Skip to main content Link Search Menu Expand Document (external link)
DocIntel Docs

Kaspersky Module

The Kaspersky module enables you to synchronize your DocIntel instance with your Kaspersky Threat Intelligence Feed. All the reports with their associated tags and structured data will be imported for you to use.

Please note that this module is not part of the open-source version and is installed as an external module. If you are interested in this module, please contact antoine@docintel.org.

Installation

To install the module, follow these steps:

  1. Copy the received public key to $DOCINTEL_DATA/modules/public.pem.
  2. Download the archive and extract its contents.
  3. Copy the contents of the archive to $DOCINTEL_DATA/modules/kaspersky.
  4. Copy the licence file to $DOCINTEL_DATA/modules/kaspersky/licence.txt.
  5. Restart the application.
  6. Go to Ingestion > Collectors
  7. Click Install
  8. Select kaspersky.apt-and-crimeware-intel-reports or kaspersky.ics-intel-reports in the collector dropdown. Refer to Collector for more information about how to configure a collector.
  9. Click Install
  10. Enter your API username, password and path to the private certificate.
  11. Click save