mirror of https://github.com/MISP/MISP-maltego
31 lines
1.0 KiB
Python
31 lines
1.0 KiB
Python
|
#############################################
|
||
|
|
# MISP API Domain to Event
|
||
|
|
#
|
||
|
|
# Author: Emmanuel Bouillon
|
||
|
|
# Email: emmanuel.bouillon.sec@gmail.com
|
||
|
|
# Date: 24/11/2015
|
||
|
|
#############################################
|
||
|
|
import sys
|
||
|
|
from misp_util import *
|
||
|
|
from pymisp import PyMISP
|
||
|
|
import json
|
||
|
|
|
||
|
|
if __name__ == '__main__':
|
||
|
|
m = init()
|
||
|
|
mt = MaltegoTransform()
|
||
|
|
event_id = sys.argv[1]
|
||
|
|
try:
|
||
|
|
event = m.get_event(event_id)
|
||
|
|
event_json = event.json()
|
||
|
|
eid = event_json['Event']['id']
|
||
|
|
einfo = event_json['Event']['info']
|
||
|
|
eorgc = event_json['Event']['orgc']
|
||
|
|
me = MaltegoEntity('maltego.MISPEvent',eid);
|
||
|
|
me.addAdditionalFields('EventLink', 'EventLink', False, BASE_URL + '/events/view/' + eid )
|
||
|
|
me.addAdditionalFields('Org', 'Org', False, eorgc)
|
||
|
|
me.addAdditionalFields('notes#', 'notes', False, eorgc + ": " + einfo)
|
||
|
|
mt.addEntityToMessage(me);
|
||
|
|
except Exception as e:
|
||
|
|
mt.addUIMessage("[ERROR] " + str(e))
|
||
|
|
mt.returnOutput()
|