chg: [relations] Favor machines for Event relations

src/MISP_maltego/resources/maltego/misp_MISPEventToAll.machine

@@ -1,12 +1,19 @@
-machine("misp.MISPEventToAll", 
-        displayName:"Event to All", 
-        author:"Christophe Vandeplas",
-        description: "Automatically expands MISP Objects to their attributes") {
-    start {
-        run("MISP_maltego.EventToAttributes")
-        paths {
-            run("MISP_maltego.ObjectToAttributes")
-            run("MISP_maltego.GalaxyToRelations")
-        }
-    }
-}
+machine("misp.MISPEventToAll", 
+        displayName:"Event to All", 
+        author:"Christophe Vandeplas",
+        description: "Automatically expands MISP Objects to their attributes") {
+    start {
+        run("MISP_maltego.EventToAttributes")
+        run("MISP_maltego.AttributeToEvent")
+        paths {
+            path {
+                run("MISP_maltego.ObjectToAttributes")
+                run("MISP_maltego.AttributeToEvent")
+            }
+            path {
+                run("MISP_maltego.GalaxyToRelations")
+            }
+        }
+        
+    }
+}

src/MISP_maltego/transforms/attributetoevent.py

@@ -1,6 +1,4 @@
-from canari.maltego.entities import Hash, Domain, IPv4Address, URL, DNSName, AS, Website, NSRecord, PhoneNumber, EmailAddress, File, Hashtag, Company, Alias, Twitter
 from canari.maltego.transform import Transform
-from canari.maltego.message import Bookmark
 # from canari.framework import EnableDebugWindow
 from MISP_maltego.transforms.common.util import get_misp_connection, event_to_entity, get_attribute_in_event, attribute_to_entity
 from MISP_maltego.transforms.common.entities import Unknown
@@ -24,6 +22,13 @@ class AttributeInMISP(Transform):
 
     def do_transform(self, request, response, config):
         maltego_misp_attribute = request.entity
+        # skip MISP Events (value = int)
+        try:
+            int(maltego_misp_attribute.value)
+            return response
+        except Exception:
+            pass
+
         misp = get_misp_connection(config)
         events_json = misp.search(controller='events', values=maltego_misp_attribute.value, withAttachments=False)
         in_misp = False
@@ -48,6 +53,13 @@ class AttributeToEvent(Transform):
 
     def do_transform(self, request, response, config):
         maltego_misp_attribute = request.entity
+        # skip MISP Events (value = int)
+        try:
+            int(maltego_misp_attribute.value)
+            return response
+        except Exception:
+            pass
+
         misp = get_misp_connection(config)
         events_json = misp.search(controller='events', values=maltego_misp_attribute.value, withAttachments=False)
         in_misp = False

src/MISP_maltego/transforms/eventtoattributes.py

@@ -24,7 +24,7 @@ class EventToAttributes(Transform):
 
     # The transform input entity type.
     input_type = MISPEvent
-    description = 'Expands an Event to Attributes, Tags, Galaxies and related events'
+    description = 'Expands an Event to Attributes, Tags, Galaxies'
 
     def do_transform(self, request, response, config):
         maltego_misp_event = request.entity
@@ -49,8 +49,8 @@ class EventToAttributes(Transform):
             for c in g['GalaxyCluster']:
                 response += galaxycluster_to_entity(c)
 
-        for e in event_json['Event']['RelatedEvent']:
-            response += event_to_entity(e, link_style=LinkStyle.DashDot)
+        # for e in event_json['Event']['RelatedEvent']:
+        #     response += event_to_entity(e, link_style=LinkStyle.DashDot)
 
         for a in event_json['Event']["Attribute"]:
             for entity in attribute_to_entity(a, event_tags=event_tags):