Skip to content

Commit

Permalink
Merge pull request #2501 from certtools/smtp_batch_docs
Browse files Browse the repository at this point in the history
ENH: smtp_batch output alternative mails docs
  • Loading branch information
sebix authored Jun 10, 2024
2 parents 63a0209 + 1e25231 commit f9474b2
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 10 deletions.
3 changes: 2 additions & 1 deletion CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,8 @@
#### Experts

#### Outputs
- `intelmq.bots.outputs.misp.output_feed`: handle failures if saved current event wasn't saved or is incorrect (PR by Kamil Mankowski).
- `intelmq.bots.outputs.misp.output_feed`: Handle failures if saved current event wasn't saved or is incorrect (PR by Kamil Mankowski).
- `intelmq.bots.outputs.smtp_batch.output`: Documentation on multiple recipients added (PR#2501 by Edvard Rejthar).

### Documentation

Expand Down
24 changes: 15 additions & 9 deletions docs/user/bots.md
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ This document contains complete reference of bots implemented by IntelMQ and how
Each bot has it's own configuration. The configuration consists of two types of parameters:

- **Generic parameters** that are common to all the bots and need to be set for each bot.

- **Runtime parameters** are needed by the bot itself during runtime. Some of these parameters can be inherited from the [global configuration](../admin/configuration/intelmq.md#runtimeyaml) (which is applied to all the bots), but can be overridden in the individual bot configuration.

## Generic Parameters
Expand Down Expand Up @@ -930,7 +930,7 @@ oldest files available!).

The resulting reports contain the following special field:

- `extra.file_name`: The name of the downloaded file, with fixed filename extension.
- `extra.file_name`: The name of the downloaded file, with fixed filename extension.

**Module:** `intelmq.bots.collectors.shadowserver.collector_reports_api`

Expand Down Expand Up @@ -2119,7 +2119,7 @@ No additional parameters.

---

### Shadowserver <div id="intelmq.bots.parsers.shadowserver.parser" />
### Shadowserver <div id="intelmq.bots.parsers.shadowserver.parser" />

The Shadowserver parser operates on CSV formatted data.

Expand All @@ -2132,11 +2132,11 @@ correct mapping of the columns:
1. **Automatic report type detection**

Since IntelMQ version 2.1 the parser can detect the feed based on metadata provided by the collector.

When processing a report, this bot takes `extra.file_name` from the report and looks in `config.py` how the report
should be parsed. If this lookup is not possible, and the `feedname` is not given as parameter, the feed cannot be
parsed.

The field `extra.file_name` has the following structure: `%Y-%m-%d-${report_name}[-suffix].csv` where the optional
suffix can be something like `country-geo`. For example, some possible filenames
are `2019-01-01-scan_http-country-geo.csv` or `2019-01-01-scan_tftp.csv`. The important part is the `report_name`,
Expand Down Expand Up @@ -3650,9 +3650,9 @@ if extra.tags :supersetof ['iot', 'vulnerable'] { ... }
```
if time.observation :before '1 week' { ... }
```
* `:after` tests if the date value occurred after given time ago; see `:before`
```
if time.observation :after '2015-09-12' { ... } # happened after midnight the 12th Sep
```
Expand Down Expand Up @@ -5006,7 +5006,13 @@ You can schedule the batch sending easily with a cron script, I.E. put this into

**`alternative_mails`**

(optional, string) Path to CSV in the form `[email protected],[email protected]`. Needed when some of the recipients ask you to forward their e-mails to another address.
(optional, string) Path to CSV in the form `[email protected],[email protected]`. Needed when some of the recipients ask you to forward their e-mails to another address. Delimit multiple recipients by the semicolon. The field is internally parsed by [Envelope](https://github.com/CZ-NIC/envelope#recipients) so pretty anything is allowed:

```
[email protected],[email protected]
[email protected],[email protected];[email protected]
[email protected], Mary <[email protected]>; John <[email protected]>
```
**`attachment_name`**
Expand Down Expand Up @@ -5070,7 +5076,7 @@ You can schedule the batch sending easily with a cron script, I.E. put this into
(required, string/array/object) SMTP server information and credentials. See [SMTP parameter](https://github.com/CZ-NIC/envelope#sending) of the envelope module.
Examples:
Examples:
```yaml
smtp_server: "mailer"
smtp_server: {"host": "mailer", "port": 587, "user": "john", "password": "123"}
Expand Down

0 comments on commit f9474b2

Please sign in to comment.