MISP
/
MISP-Taxii-Server
mirror of https://github.com/MISP/MISP-Taxii-Server
2
0
Fork 0
Code Issues Releases Wiki Activity

Adding checking if connection to MISP is valid

pull/82/head
haraksin 2020-06-15 18:08:33 -07:00
parent 461452f420
commit 6056501ff4
2 changed files with 16 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.gitignore vendored
View File

@ -6,4 +6,5 @@ config.yaml
__pycache__ __pycache__
build build
dist dist
src src
vscode/

18
misp_taxii_hooks/hooks.py
View File

@ -11,8 +11,15 @@ import logging
from pyaml import yaml from pyaml import yaml
from yaml import Loader from yaml import Loader
from io import StringIO from io import StringIO
from requests.exceptions import ConnectionError
logging_level = logging.INFO
log = logging.getLogger("__main__") log = logging.getLogger("__main__")
log.setLevel(logging_level)
handler.setLevel(logging_level)
formatter = logging.Formatter('%(asctime)s - %(name)s - %(levelname)s - %(message)s')
handler.setFormatter(formatter)
from opentaxii.signals import ( from opentaxii.signals import (
CONTENT_BLOCK_CREATED, INBOX_MESSAGE_CREATED CONTENT_BLOCK_CREATED, INBOX_MESSAGE_CREATED
@ -25,7 +32,7 @@ def env_config_helper(env_name):
return name.split(',') return name.split(',')
return os.environ[env_name] return os.environ[env_name]
else: else:
print("Missing env setting {0}. Set OPENTAXII_CONFIG or {0}.".format(env_name)) log.error("Missing env setting {0}. Set OPENTAXII_CONFIG or {0}.".format(env_name))
return "UNKNOWN" return "UNKNOWN"
def yaml_config_helper(config_name, CONFIG): def yaml_config_helper(config_name, CONFIG):
@ -38,7 +45,7 @@ def yaml_config_helper(config_name, CONFIG):
## CONFIG ## CONFIG
if "OPENTAXII_CONFIG" in os.environ: if "OPENTAXII_CONFIG" in os.environ:
print("Using config from {}".format(os.environ["OPENTAXII_CONFIG"])) log.info("Using config from {}".format(os.environ["OPENTAXII_CONFIG"]))
CONFIG = yaml.load(open(os.environ["OPENTAXII_CONFIG"], "r"), Loader=Loader) CONFIG = yaml.load(open(os.environ["OPENTAXII_CONFIG"], "r"), Loader=Loader)
# validate dedup and collections and publish # validate dedup and collections and publish
CONFIG = yaml_config_helper("dedup", CONFIG) CONFIG = yaml_config_helper("dedup", CONFIG)
@ -46,7 +53,7 @@ if "OPENTAXII_CONFIG" in os.environ:
CONFIG = yaml_config_helper("publish", CONFIG) CONFIG = yaml_config_helper("publish", CONFIG)
else: else:
print("Trying to use env variables...") log.debug("Trying to use env variables...")
misp_url = env_config_helper("MISP_URL") misp_url = env_config_helper("MISP_URL")
misp_api = env_config_helper("MISP_API") misp_api = env_config_helper("MISP_API")
misp_dedup = env_config_helper("MISP_DEDUP") misp_dedup = env_config_helper("MISP_DEDUP")
@ -139,7 +146,10 @@ def post_stix(manager, content_block, collection_ids, service_id):
# But I don't wanna read docs # But I don't wanna read docs
if (len(package.attributes) > 0): if (len(package.attributes) > 0):
log.info("Uploading event to MISP with attributes %s", [x.value for x in package.attributes]) log.info("Uploading event to MISP with attributes %s", [x.value for x in package.attributes])
event = MISP.add_event(package) try:
event = MISP.add_event(package)
except ConnectionError:
log.error("MISP-Taxii-Server - Cannot connect to MISP; please ensure that MISP is up and running at {}. Skipping MISP upload.".format(CONFIG['misp']['url']))
if ( if (
CONFIG["misp"]["publish"] == True or CONFIG["misp"]["publish"] == True or
CONFIG["misp"]["publish"] == "True" CONFIG["misp"]["publish"] == "True"