It might help to compile a list of data that should be processed and exported. I'll try to get the ball rolling with potential data sets. For example, the system would process: network traffic malware data correlation data from other systems and export: blacklists (IP, ASN,etc) alerts reports