mirror of https://github.com/CIRCL/AIL-framework
chg: [api] add new endpoints: get tag metadata + get all tags
parent
98fb6ecef7
commit
5e1ae8a893
|
@ -65,6 +65,20 @@ def is_valid_tags_taxonomies_galaxy(list_tags, list_tags_galaxy):
|
|||
return False
|
||||
return True
|
||||
|
||||
def get_tag_metadata(tag):
|
||||
first_seen = r_serv_tags.hget('tag_metadata:{}'.format(tag), 'first_seen')
|
||||
last_seen = r_serv_tags.hget('tag_metadata:{}'.format(tag), 'last_seen')
|
||||
return {'tag': tag, 'first_seen': first_seen, 'last_seen': last_seen}
|
||||
|
||||
def is_tag_in_all_tag(tag):
|
||||
if r_serv_tags.sismember('list_tags', tag):
|
||||
return True
|
||||
else:
|
||||
return False
|
||||
|
||||
def get_all_tags():
|
||||
return list(r_serv_tags.smembers('list_tags'))
|
||||
|
||||
def get_item_tags(item_id):
|
||||
tags = r_serv_metadata.smembers('tag:'+item_id)
|
||||
if tags:
|
||||
|
|
108
doc/README.md
108
doc/README.md
|
@ -449,6 +449,111 @@ curl https://127.0.0.1:7000/api/delete/item/tag --header "Authorization: iHc1_Ch
|
|||
|
||||
|
||||
|
||||
## Tag management
|
||||
|
||||
|
||||
### Get all AIL tags: `api/get/tag/all`
|
||||
|
||||
#### Description
|
||||
Get all tags used in AIL.
|
||||
|
||||
**Method** : `GET`
|
||||
|
||||
#### JSON response
|
||||
- `tags`
|
||||
- list of tag
|
||||
- *list*
|
||||
#### Example
|
||||
```
|
||||
curl https://127.0.0.1:7000/api/get/tag/all --header "Authorization: iHc1_ChZxj1aXmiFiF1mkxxQkzawwriEaZpPqyTQj " -H "Content-Type: application/json"
|
||||
```
|
||||
|
||||
#### Expected Success Response
|
||||
**HTTP Status Code** : `200`
|
||||
```json
|
||||
{
|
||||
"tags": [
|
||||
"misp-galaxy:backdoor=\"Rosenbridge\"",
|
||||
"infoleak:automatic-detection=\"pgp-private-key\"",
|
||||
"infoleak:automatic-detection=\"pgp-signature\"",
|
||||
"infoleak:automatic-detection=\"base64\"",
|
||||
"infoleak:automatic-detection=\"encrypted-private-key\"",
|
||||
"infoleak:submission=\"crawler\"",
|
||||
"infoleak:automatic-detection=\"binary\"",
|
||||
"infoleak:automatic-detection=\"pgp-public-key-block\"",
|
||||
"infoleak:automatic-detection=\"hexadecimal\"",
|
||||
"infoleak:analyst-detection=\"private-key\"",
|
||||
"infoleak:submission=\"manual\"",
|
||||
"infoleak:automatic-detection=\"private-ssh-key\"",
|
||||
"infoleak:automatic-detection=\"iban\"",
|
||||
"infoleak:automatic-detection=\"pgp-message\"",
|
||||
"infoleak:automatic-detection=\"certificate\"",
|
||||
"infoleak:automatic-detection=\"credential\"",
|
||||
"infoleak:automatic-detection=\"cve\"",
|
||||
"infoleak:automatic-detection=\"google-api-key\"",
|
||||
"infoleak:automatic-detection=\"phone-number\"",
|
||||
"infoleak:automatic-detection=\"rsa-private-key\"",
|
||||
"misp-galaxy:backdoor=\"SLUB\"",
|
||||
"infoleak:automatic-detection=\"credit-card\"",
|
||||
"misp-galaxy:stealer=\"Vidar\"",
|
||||
"infoleak:automatic-detection=\"private-key\"",
|
||||
"infoleak:automatic-detection=\"api-key\"",
|
||||
"infoleak:automatic-detection=\"mail\""
|
||||
]
|
||||
}
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
### Get tag metadata: `api/get/tag/metadata/<tag>`
|
||||
|
||||
#### Description
|
||||
Get tag metadata.
|
||||
|
||||
**Method** : `GET`
|
||||
|
||||
#### Parameters
|
||||
- `tag`
|
||||
- tag name
|
||||
- *str*
|
||||
- mandatory
|
||||
|
||||
#### JSON response
|
||||
- `tag`
|
||||
- tag name
|
||||
- *str*
|
||||
- `first_seen`
|
||||
- date: first seen
|
||||
- *str - YYMMDD*
|
||||
- `last_seen`
|
||||
- date: first seen
|
||||
- *str - YYMMDD*
|
||||
#### Example
|
||||
```
|
||||
curl https://127.0.0.1:7000/api/get/tag/metadata/infoleak:submission=\"manual\" --header "Authorization: iHc1_ChZxj1aXmiFiF1mkxxQkzawwriEaZpPqyTQj " -H "Content-Type: application/json"
|
||||
```
|
||||
|
||||
#### Expected Success Response
|
||||
**HTTP Status Code** : `200`
|
||||
```json
|
||||
{
|
||||
"first_seen": "20190605",
|
||||
"last_seen": "20190726",
|
||||
"tag": "infoleak:submission=\"manual\""
|
||||
}
|
||||
```
|
||||
|
||||
#### Expected Fail Response
|
||||
**HTTP Status Code** : `404`
|
||||
```json
|
||||
{"status": "error", "reason": "Tag not found"}
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
## Import management
|
||||
|
||||
|
@ -593,9 +698,6 @@ curl -k https://127.0.0.1:7000/api/import/item/b20a69f1-99ad-4cb3-b212-7ce24b763
|
|||
### Text search by daterange
|
||||
##### ``api/search/textIndexer/item`` POST
|
||||
|
||||
### Get all tags list
|
||||
##### ``api/get/tag/all``
|
||||
|
||||
### Get tagged items by daterange
|
||||
##### ``api/search/tag/item`` POST
|
||||
|
||||
|
|
|
@ -485,6 +485,31 @@ def get_item_content(item_id):
|
|||
res = Item.get_item(data)
|
||||
return Response(json.dumps(res[0], indent=2, sort_keys=True), mimetype='application/json'), res[1]
|
||||
|
||||
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
|
||||
# # # # # # # # # # # # # # TAGS # # # # # # # # # # # # # # # # #
|
||||
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
|
||||
|
||||
@restApi.route("api/get/tag/metadata/<tag>", methods=['GET'])
|
||||
@token_required('admin')
|
||||
def get_tag_metadata(tag):
|
||||
if not Tag.is_tag_in_all_tag(tag):
|
||||
return Response(json.dumps({'status': 'error', 'reason':'Tag not found'}, indent=2, sort_keys=True), mimetype='application/json'), 404
|
||||
metadata = Tag.get_tag_metadata(tag)
|
||||
return Response(json.dumps(metadata, indent=2, sort_keys=True), mimetype='application/json'), 200
|
||||
|
||||
@restApi.route("api/get/tag/all", methods=['GET'])
|
||||
@token_required('admin')
|
||||
def get_all_tags():
|
||||
res = {'tags': Tag.get_all_tags()}
|
||||
return Response(json.dumps(res, indent=2, sort_keys=True), mimetype='application/json'), 200
|
||||
|
||||
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
|
||||
# # # # # # # # # # # # # IMPORT # # # # # # # # # # # # # # # # # #
|
||||
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
|
||||
|
||||
|
||||
|
||||
|
||||
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
|
||||
#
|
||||
# POST JSON FORMAT
|
||||
|
|
Loading…
Reference in New Issue