TI IOC Automation - FETCH #2274
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: TI IOC Automation - FETCH | |
| on: | |
| schedule: | |
| - cron: '0 * * * *' | |
| workflow_dispatch: | |
| jobs: | |
| download-and-commit: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| - name: Download 14-day log file | |
| run: | | |
| curl -o IOCs/network-indicators/honeypot/iocs-14d.csv https://prod.fileserv03.supreme.sh/pkc/ssh/logs/honey-14d.log | |
| - name: Download 30-day log file | |
| run: | | |
| curl -o IOCs/network-indicators/honeypot/iocs-30d.csv https://prod.fileserv03.supreme.sh/pkc/ssh/logs/honey-30d.log | |
| - name: Attack Pattern Log import | |
| run: | | |
| curl -o IOCs/network-indicators/honeypot/attack-pattern/full-14d.csv https://prod.fileserv03.supreme.sh/pkc/ssh/logs/attack_pattern_14d.json | |
| - name: Commit and push if there are changes | |
| run: | | |
| git config --global user.name 'ntwrite [via GH Actions]' | |
| git config --global user.email 'cam@supreme.sh' | |
| git add IOCs/network-indicators/honeypot/iocs-14d.csv IOCs/network-indicators/honeypot/iocs-30d.csv IOCs/network-indicators/honeypot/attack-pattern/full-14d.csv | |
| git diff --staged --quiet || git commit -m "IOC Automation - Pulling" | |
| git push || echo "No changes to commit" | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |