Adding deduplication as an optional item
parent
277dfcdb97
commit
c55f9994c6
|
@ -34,11 +34,17 @@ else:
|
||||||
else:
|
else:
|
||||||
print("Unknown misp API key. Set OPENTAXII_CONFIG or MISP_API.")
|
print("Unknown misp API key. Set OPENTAXII_CONFIG or MISP_API.")
|
||||||
misp_api = "UNKNOWN"
|
misp_api = "UNKNOWN"
|
||||||
|
if "MISP_DEDUP" in os.environ:
|
||||||
|
misp_dedup = os.environ["MISP_DEDUP"]
|
||||||
|
else:
|
||||||
|
print("Unknown misp deduplication setting. Set OPENTAXII_CONFIG or MISP_DEDUP.")
|
||||||
|
misp_dedup = "UNKNOWN"
|
||||||
|
|
||||||
CONFIG = {
|
CONFIG = {
|
||||||
"misp" : {
|
"misp" : {
|
||||||
"url" : misp_url,
|
"url" : misp_url,
|
||||||
"api" : misp_api
|
"api" : misp_api,
|
||||||
|
"dedup" : misp_dedup
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -64,6 +70,7 @@ def post_stix(manager, content_block, collection_ids, service_id):
|
||||||
log.info("STIX loaded succesfully.")
|
log.info("STIX loaded succesfully.")
|
||||||
values = [x.value for x in package.attributes]
|
values = [x.value for x in package.attributes]
|
||||||
log.info("Extracted %s", values)
|
log.info("Extracted %s", values)
|
||||||
|
if CONFIG['MISP_DEDUP'] == "true" or CONFIG['MISP_DEDUP'] == "True" or CONFIG['MISP_DEDUP'] == "TRUE" or CONFIG['MISP_DEDUP'] == "UNKNOWN":
|
||||||
for attrib in values:
|
for attrib in values:
|
||||||
log.info("Checking for existence of %s", attrib)
|
log.info("Checking for existence of %s", attrib)
|
||||||
search = MISP.search("attributes", values=str(attrib))
|
search = MISP.search("attributes", values=str(attrib))
|
||||||
|
|
Loading…
Reference in New Issue