chg: [relations] Favor machines for Event relations

src/MISP_maltego/resources/maltego/misp_MISPEventToAll.machine

@@ -4,9 +4,16 @@ machine("misp.MISPEventToAll",
         description: "Automatically expands MISP Objects to their attributes") {
     start {
         run("MISP_maltego.EventToAttributes")
+        run("MISP_maltego.AttributeToEvent")
         paths {
+            path {
                 run("MISP_maltego.ObjectToAttributes")
+                run("MISP_maltego.AttributeToEvent")
+            }
+            path {
                 run("MISP_maltego.GalaxyToRelations")
             }
         }
+        
+    }
 }

src/MISP_maltego/transforms/attributetoevent.py

@@ -1,6 +1,4 @@
-from canari.maltego.entities import Hash, Domain, IPv4Address, URL, DNSName, AS, Website, NSRecord, PhoneNumber, EmailAddress, File, Hashtag, Company, Alias, Twitter
 from canari.maltego.transform import Transform
-from canari.maltego.message import Bookmark
 # from canari.framework import EnableDebugWindow
 from MISP_maltego.transforms.common.util import get_misp_connection, event_to_entity, get_attribute_in_event, attribute_to_entity
 from MISP_maltego.transforms.common.entities import Unknown
@@ -24,6 +22,13 @@ class AttributeInMISP(Transform):
 
     def do_transform(self, request, response, config):
         maltego_misp_attribute = request.entity
+        # skip MISP Events (value = int)
+        try:
+            int(maltego_misp_attribute.value)
+            return response
+        except Exception:
+            pass
+
         misp = get_misp_connection(config)
         events_json = misp.search(controller='events', values=maltego_misp_attribute.value, withAttachments=False)
         in_misp = False
@@ -48,6 +53,13 @@ class AttributeToEvent(Transform):
 
     def do_transform(self, request, response, config):
         maltego_misp_attribute = request.entity
+        # skip MISP Events (value = int)
+        try:
+            int(maltego_misp_attribute.value)
+            return response
+        except Exception:
+            pass
+
         misp = get_misp_connection(config)
         events_json = misp.search(controller='events', values=maltego_misp_attribute.value, withAttachments=False)
         in_misp = False

src/MISP_maltego/transforms/eventtoattributes.py

@@ -24,7 +24,7 @@ class EventToAttributes(Transform):
 
     # The transform input entity type.
     input_type = MISPEvent
-    description = 'Expands an Event to Attributes, Tags, Galaxies and related events'
+    description = 'Expands an Event to Attributes, Tags, Galaxies'
 
     def do_transform(self, request, response, config):
         maltego_misp_event = request.entity
@@ -49,8 +49,8 @@ class EventToAttributes(Transform):
             for c in g['GalaxyCluster']:
                 response += galaxycluster_to_entity(c)
 
-        for e in event_json['Event']['RelatedEvent']:
+        # for e in event_json['Event']['RelatedEvent']:
-            response += event_to_entity(e, link_style=LinkStyle.DashDot)
+        #     response += event_to_entity(e, link_style=LinkStyle.DashDot)
 
         for a in event_json['Event']["Attribute"]:
             for entity in attribute_to_entity(a, event_tags=event_tags):