IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
.. image:: docs/static/LogoIntel_MQ.svg :alt: IntelMQ
|Build Status| |codecov.io| |CII Badge|
IntelMQ is a solution for IT security teams (CERTs & CSIRTs, SOCs, abuse departments, etc.) for collecting and processing security feeds (such as log files) using a message queuing protocol. It's a community driven initiative called IHAP (Incident Handling Automation Project) which was conceptually designed by European CERTs/CSIRTs during several InfoSec events. Its main goal is to give to incident responders an easy way to collect & process threat intelligence thus improving the incident handling processes of CERTs.
IntelMQ can be used for - automated incident handling - situational awareness - automated notifications - as data collector for other tools - etc.
IntelMQ's design was influenced by
AbuseHelper__, however it was re-written from scratch and aims at:
It follows the following basic meta-guidelines:
For support questions please reach out on the
the intelmq-users mailing list_
Several pieces of software evolved around IntelMQ. For example, check out
IntelMQ Manager_ which is a web based interface to easily manage an IntelMQ system.
More tools can be found in the
Ecosystem chapter in the documentation_.
IntelMQ is a community project depending on your contributions. Please consider sharing your work.
Developers Guide_ for documentation.
Intelmq-dev Mailing list_ to get answers to your development questions:
Github issues_ lists all the open feature requests, bug reports and ideas.
channel #intelmq on irc.freenode.net__.
This software is licensed under GNU Affero General Public License version 3
This project was partially funded by the CEF framework
.. figure:: docs/static/ceflogo.png :alt: Co-financed by the Connecting Europe Facility of the European Union
.. |Build Status| image:: https://github.com/certtools/intelmq/workflows/Nosetest%20test%20suite/badge.svg :target: https://github.com/certtools/intelmq/actions .. |codecov.io| image:: https://codecov.io/github/certtools/intelmq/coverage.svg?branch=develop :target: https://codecov.io/github/certtools/intelmq?branch=master .. |CII Badge| image:: https://bestpractices.coreinfrastructure.org/projects/4186/badge :target: https://bestpractices.coreinfrastructure.org/projects/4186/