From db60d29f68cfc2a20d03f157c6383ebf4bf6903c Mon Sep 17 00:00:00 2001 From: Hannah Ward Date: Tue, 6 Feb 2018 13:35:31 +0000 Subject: [PATCH] new: Add poll time span ability Use --start and --end --- scripts/run-taxii-poll.py | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/scripts/run-taxii-poll.py b/scripts/run-taxii-poll.py index 4238834..1371de1 100644 --- a/scripts/run-taxii-poll.py +++ b/scripts/run-taxii-poll.py @@ -6,6 +6,7 @@ import argparse import os import logging import sys +from datetime import datetime # Create an argument parser for our program # Will just take in a config file and logging options @@ -13,6 +14,9 @@ parser = argparse.ArgumentParser(description='Run MISP taxii pull.') parser.add_argument('-c', "--configdir", default="~/.misptaxii", help='Config directory') parser.add_argument("-v", "--verbose", action="store_true", help="More verbose logging") parser.add_argument("-s", "--stdout", action="store_true", help="Log to STDOUT") +parser.add_argument("--start", help="Date to poll from (YYYY-MM-DD), Exclusive") +parser.add_argument("--end", help="Date to poll to (YYYY-MM-DD), Inclusive") + args = parser.parse_args() # Set up a logger for logging's sake @@ -65,6 +69,9 @@ except Exception as ex: log.info("Connected") +poll_from = datetime.strptime(args.start, "%Y-%m-%d") if args.start else None +poll_to = datetime.strptime(args.end, "%Y-%m-%d") if args.end else datetime.now() + for server in config: log.info("== %s ==", server["name"]) @@ -99,8 +106,11 @@ for server in config: log.debug("Auth set.") for collection in server["collections"]: log.debug("Polling %s", collection) + log.debug("Within date range %s - %s", poll_from or "Beginning of time", poll_to) try: - for content_block in cli.poll(collection_name=collection): + for content_block in cli.poll(collection_name=collection, + begin_date=poll_from, + end_date=poll_to): try: log.debug("Pushing block %s", content_block) localClient.push(content_block.content.decode("utf-8"),