parent
b50a60485f
commit
277dfcdb97
|
@ -6,3 +6,4 @@ config.yaml
|
||||||
__pycache__
|
__pycache__
|
||||||
build
|
build
|
||||||
dist
|
dist
|
||||||
|
hooks_2.py
|
|
@ -67,12 +67,22 @@ def post_stix(manager, content_block, collection_ids, service_id):
|
||||||
for attrib in values:
|
for attrib in values:
|
||||||
log.info("Checking for existence of %s", attrib)
|
log.info("Checking for existence of %s", attrib)
|
||||||
search = MISP.search("attributes", values=str(attrib))
|
search = MISP.search("attributes", values=str(attrib))
|
||||||
if search["response"]["Attribute"] != []:
|
if 'response' in search:
|
||||||
# This means we have it!
|
if search["response"]["Attribute"] != []:
|
||||||
log.info("%s is a duplicate, we'll ignore it.", attrib)
|
# This means we have it!
|
||||||
package.attributes.pop([x.value for x in package.attributes].index(attrib))
|
log.info("%s is a duplicate, we'll ignore it.", attrib)
|
||||||
|
package.attributes.pop([x.value for x in package.attributes].index(attrib))
|
||||||
|
else:
|
||||||
|
log.info("%s is unique, we'll keep it", attrib)
|
||||||
|
elif 'Attribute' in search:
|
||||||
|
if search["Attribute"] != []:
|
||||||
|
# This means we have it!
|
||||||
|
log.info("%s is a duplicate, we'll ignore it.", attrib)
|
||||||
|
package.attributes.pop([x.value for x in package.attributes].index(attrib))
|
||||||
|
else:
|
||||||
|
log.info("%s is unique, we'll keep it", attrib)
|
||||||
else:
|
else:
|
||||||
log.info("%s is unique, we'll keep it", attrib)
|
log.error("Something went wrong with search, and it doesn't have an 'attribute' or a 'response' key: {}".format(search.keys()))
|
||||||
|
|
||||||
# Push the event to MISP
|
# Push the event to MISP
|
||||||
# TODO: There's probably a proper method to do this rather than json_full
|
# TODO: There's probably a proper method to do this rather than json_full
|
||||||
|
|
Loading…
Reference in New Issue