OpenDXL Data Transport Requirements

After you implement OpenDXL Data Transport, you cannot change your system's timezone from UTC to another timezone.  Doing so will cause TQX to stop functioning.

The following is a list of the minimum requirements to configure and use the ThreatQ Data Exchange OpenDXL Data Transport:

• Two ThreatQ instances running ThreatQ version 4.49+.  Both instances must be on the same version of ThreatQ.

  If you are implementing TQX with a ThreatQ 6x license, use the TQAdmin Configuration steps to enable OpenDXL.

  • One instance must have a Publisher license

    Publisher instances see the Data Exchange license information in their about window. This can be accessed by clicking on the settings  gear icon and selecting About from the dropdown.
    
    

  • One instance with the standard ThreatQ platform license

    All ThreatQ instances on version 4.49+ will have Subscriber permissions.  Subscribers will not see the Data Exchange license on their About window.

• ThreatQ login with an Administrator or Maintenance user role or a custom user role that includes Edit Data Exchange Feeds permissions.
• One Data Collection saved.  
• Network access for both instances.

  TQX's OpenDXL Data Transport requires a direct communications connection from Subscriber to Publisher.  This connection between the instances cannot be established using a proxy.  Users that are utilizing forwarding rules must ensure that the 8883/tcp port is open on the Publisher instance (the instance with the TQX license and running the broker service).