This a partial content of the integration.log.
It seems that everytime an URL query is sent to MISP and hit a match, the system result of the full MISP database (the log file reached 14M after querying 2 or 3 URLs) !!
This is the entry we always see in Wazuh alert (see prevous screenshot)...
{'response': {'Attribute': []}}{'response': {'Attribute': [{'id': '1324', 'event_id': '4', 'object_id': '0', 'object_rel ation': None, 'category': 'Network activity', 'type': 'url', 'to_ids': True, 'uuid': '543b7c42-9104-4568-9349-32fb950d21 0b', 'timestamp': '1413184583', 'distribution': '5', 'sharing_group_id': '0', 'comment': '', 'deleted': False, 'disable_ correlation': False, 'first_seen': None, 'last_seen': None, 'value': '
http://java-se.com/o.js', 'Event': {'org_id': '1', 'distribution': '3', 'id': '4', 'info': 'OSINT Democracy in Hong Kong Under Attack blog post from Volexity (Steven Adai r)', 'orgc_id': '2', 'uuid': '543b7c14-ec70-446e-b2f7-4620950d210b'}}, {'id': '1327', 'event_id': '4', 'object_id': '0', 'object_relation': None, 'category': 'Network activity', 'type': 'url', 'to_ids': True, 'uuid': '543b7d77-a13c-4e88-9e7 8-32fb950d210b', 'timestamp': '1413184887', 'distribution': '5', 'sharing_group_id': '0', 'comment': '', 'deleted': Fals e, 'disable_correlation': False, 'first_seen': None, 'last_seen': None, 'value': '
http://985.so/bUYj', 'Event': {'org_id ': '1', 'distribution': '3', 'id': '4', 'info': 'OSINT Democracy in Hong Kong Under Attack blog post from Volexity (Stev en Adair)', 'orgc_id': '2', 'uuid': '543b7c14-ec70-446e-b2f7-4620950d210b'}}, {'id': '1328', 'event_id': '4', 'object_id ': '0', 'object_relation': None, 'category': 'Network activity', 'type': 'url', 'to_ids': True, 'uuid': '543b7d77-f9a0-4 a47-963b-32fb950d210b', 'timestamp': '1413184887', 'distribution': '5', 'sharing_group_id': '0', 'comment': '', 'deleted ': False, 'disable_correlation': False, 'first_seen': None, 'last_seen': None, 'value': '
http://985.so/bUYe', 'Event': { 'org_id': '1', 'distribution': '3', 'id': '4', 'info': 'OSINT Democracy in Hong Kong Under Attack blog post from Volexit y (Steven Adair)', 'orgc_id': '2', 'uuid': '543b7c14-ec70-446e-b2f7-4620950d210b'}}, {'id': '1329', 'event_id': '4', 'ob ject_id': '0', 'object_relation': None, 'category': 'Network activity', 'type': 'url', 'to_ids': True, 'uuid': '543b7d77 -8290-4413-b2b7-32fb950d210b', 'timestamp': '1413184887', 'distribution': '5', 'sharing_group_id': '0', 'comment': '', ' deleted': False, 'disable_correlation': False, 'first_seen': None, 'last_seen': None, 'value': '
http://985.so/b6hW', 'Ev ent': {'org_id': '1', 'distribution': '3', 'id': '4', 'info': 'OSINT Democracy in Hong Kong Under Attack blog post from Volexity (Steven Adair)', 'orgc_id': '2', 'uuid': '543b7c14-ec70-446e-b2f7-4620950d210b'}}, {'id': '1330', 'event_id': ' 4', 'object_id': '0', 'object_relation': None, 'category': 'Network activity', 'type': 'url', 'to_ids': True, 'uuid': '5 43b7d77-4a54-4ebb-a2b7-32fb950d210b', 'timestamp': '1413184887', 'distribution': '5', 'sharing_group_id': '0', 'comment' : '', 'deleted': False, 'disable_correlation': False, 'first_seen': None, 'last_seen': None, 'value': '
http://985.so/bUY f', 'Event': {'org_id': '1', 'distribution': '3', 'id': '4', 'info': 'OSINT Democracy in Hong Kong Under Attack blog pos t from Volexity (Steven Adair)', 'orgc_id': '2', 'uuid': '543b7c14-ec70-446e-b2f7-4620950d210b'}}, {'id': '3230', 'event _id': '6', 'object_id': '0', 'object_relation': None, 'category': 'Network activity', 'type': 'url', 'to_ids': True, 'uu id': '543cf25c-bbb4-4960-ae47-4d43950d210b', 'timestamp': '1413280348', 'distribution': '5', 'sharing_group_id': '0', 'c omment': '', 'deleted': False, 'disable_correlation': False, 'first_seen': None, 'last_seen': None, 'value': '
http://goo gle-traffic-analytics.com/cl.py', 'Event': {'org_id': '1', 'distribution': '3', 'id': '6', 'info': 'OSINT Shellshock exp