Outgoing feeds

Tip

The list of outgoing feeds bundled with EclecticIQ Intelligence Center is now found at EclecticIQ Integrations.

• Access outgoing feeds
• Configure content types
• Update strategy
• Download outgoing feed created packages
• Create and configure outgoing feeds
• Start and stop outgoing feeds

About outgoing feeds

EclecticIQ Intelligence Center uses outgoing feeds to publish and share cyber threat intelligence in multiple formats through a number of configurable transport channels.

A minimal outgoing feed configuration includes:

• A data source: the data source of an outgoing feed is always a dataset.

  You can configure as many datasets as necessary to act as sources for an outgoing feed.

  Data sources can be existing incoming feeds and enrichers, as well as existing platform user groups.

• A transport type: the vehicle carrying the data.

  Typically, this is a communications protocol such as TAXII, HTTP, FTP, IMAP, or Syslog.

• A content type: the outgoing data format the platform is publishing through the outgoing feed.

  For example, STIX, JSON, CSV, or plain text.

• An update strategy: the condition(s) defining how content is selected for inclusion in the outgoing feed.

  For example, you can choose to include in an outgoing feed task run only new content, as well as both new and existing content.