I have a threat feed that is available via using an API key only, I could not see any way to add the API key to the threat intel download option?
I can manually create a CURL command to download the file to the right folder but this will not be registered as an intel file.
Unfortunately There is no custom download like that. You'd need to write some code like python to download the file. Ensure it is in the right csv format. THEN tell ES to monitor ES/Ingest that file.
View solution in original post