new: [doc] Installation using pip

.gitignore

@@ -6,6 +6,7 @@
 *.egg-info
 *.*.swp
 /build/
+/dist/
 # Locally genenerated mtz
 /*.mtz
 

README.md

@@ -12,7 +12,7 @@ The currently supported entities are: `AS`, `DNSName`, `Domain`, `EmailAddress`,
 
 
 ## Installation and User Guide:
-Installation is fairly easy, just read the steps in the [documentation](https://github.com/MISP/MISP-maltego/blob/master/doc/README.md).
+Installation is fairly easy by using `pip`, just read the steps in the [documentation](https://github.com/MISP/MISP-maltego/blob/master/doc/README.md).
 
 The [User Guide](https://github.com/MISP/MISP-maltego/blob/master/doc/README.md#use-cases) gives some example use-cases.
 

doc/README.md

@@ -5,22 +5,15 @@ This user guide should help you through the installation of **MISP-Maltego**, an
 ## Installation
 These instructions have been tested on Ubuntu 18.04 LTS, but should be similar on other systems.
 1. Download and install [Maltego](https://www.paterva.com/web7/downloads.php)
-2. Install dependencies:  `sudo apt install git build-essential python3-setuptools python3-dev python3-pip`
+2. Install using pip: `pip3 install MISP-maltego`
-3. Clone the repository, install and create the Maltego local transform bundle.
+3. Generate the Maltego bundle: `canari create-profile MISP-maltego`
-   To the question *".canari/canari.conf already exists, would you like to overwrite it?"* you will probably want to answer yes.
+4. Import this bundle in Maltego. 
-```
-git clone https://github.com/MISP/MISP-maltego.git
-cd MISP-maltego
-sudo pip3 install .
-canari create-profile MISP_maltego
-```
-5. Import this bundle in Maltego. 
    1. Open Maltego
    2. Click on the home button (Maltego icon, top-left corner).
    3. Click on 'Import'
    4. Click on 'Import Configuration'.
    5. Load the `MISP_maltego.mtz` file and follow the prompts.
-6. Edit `$HOME/.canari/MISP_maltego.conf` and enter your `misp_url` and `misp_key`
+5. Edit `$HOME/.canari/MISP_maltego.conf` and enter your `misp_url` and `misp_key`
 
 ## Custom Entities
 MISP-Maltego tries to use as much as possible the default Paterva entities, or the most popular from the community. It however comes with a few custom entities: 

publish_to_pip.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+python3 setup.py sdist bdist_wheel
+twine upload dist/*

src/MISP_maltego/transforms/common/entities.py

@@ -37,7 +37,7 @@ class MISPObject(Entity):
 
     icon_url = 'file://MISP_maltego/resources/images/MISPObject.png'
     uuid = StringEntityField('uuid', display_name='UUID')
-    event_id = IntegerEntityField('event_id', display_name='Event ID')  # FIXME remove this once MISP provides objects correctly when requesting only the object.  See https://github.com/MISP/MISP/issues/3801
+    event_id = IntegerEntityField('event_id', display_name='Event ID')  # LATER remove this once MISP provides objects correctly when requesting only the object.  See https://github.com/MISP/MISP/issues/3801
     name = StringEntityField('name', display_name='Name', is_value=True)
     meta_category = StringEntityField('meta_category', display_name='Meta Category', matching_rule=MatchingRule.Loose)
     description = StringEntityField('description', display_name='Description', matching_rule=MatchingRule.Loose)

src/MISP_maltego/transforms/common/util.py

@@ -27,7 +27,7 @@ import time
 #     # 'maltego.Document': [''],
 #     'maltego.PhoneNumber': ['phone-number'],
 #     'maltego.EmailAddress': ['email-src', 'email-dst'],
-#     # 'maltego.Image': [''],  # LATER file image
+#     # 'maltego.Image': [''],  # TODO file image
 #     # 'maltego.Phrase': [''],
 #     'maltego.File': ['filename'],
 #     # 'maltego.Person': [''],
@@ -178,7 +178,7 @@ def attribute_to_entity(a, link_label=None, event_tags=[], only_self=False):
             for c in g['GalaxyCluster']:
                 yield galaxycluster_to_entity(c)
 
-    # TODO today the tag is attached to the event, not the attribute, this is something we want to fix soon.
+    # complement the event tags with the attribute tags.
     if 'Tag' in a and not only_self:
             for t in a['Tag']:
                 combined_tags.append(t['name'])
@@ -212,26 +212,19 @@ def attribute_to_entity(a, link_label=None, event_tags=[], only_self=False):
             if entity_obj == File:
                 labels.append(Label('hash', v_2))
             yield entity_obj_to_entity(entity_obj, v_1, t_1, labels=labels, link_label=link_label, notes=notes, bookmark=Bookmark.Green)  # LATER change the comment to include the second part of the regkey
-        else:
-            yield UIMessage("Type {} of combined type {} not supported for attribute: {}".format(t_1, a['type'], a), type=UIMessageType.Inform)
         if t_2 in mapping_misp_to_maltego:
             entity_obj = mapping_misp_to_maltego[t_2][0]
             labels = [Label('comment', a.get('comment'))]
             if entity_obj == Hash:
                 labels.append(Label('filename', v_1))
             yield entity_obj_to_entity(entity_obj, v_2, t_2, labels=labels, link_label=link_label, notes=notes, bookmark=Bookmark.Green)  # LATER change the comment to include the first part of the regkey
-        else:
-            yield UIMessage("Type {} of combined type {} not supported for attribute: {}".format(t_2, a['type'], a), type=UIMessageType.Inform)
 
     # normal attributes
     elif a['type'] in mapping_misp_to_maltego:
         entity_obj = mapping_misp_to_maltego[a['type']][0]
         yield entity_obj_to_entity(entity_obj, a['value'], a['type'], labels=[Label('comment', a.get('comment'))], link_label=link_label, notes=notes, bookmark=Bookmark.Green)
 
-    # not supported in our maltego mapping
+    # not supported in our maltego mapping are not handled
-    else:
-        yield Unknown(a['value'], type=a['type'], labels=[Label('comment', a.get('comment'))], link_label=link_label, notes=notes, bookmark=Bookmark.Green)
-        yield UIMessage("Type {} not fully supported for attribute: {}".format(a['type'], a), type=UIMessageType.Inform)
 
     # LATER : relationships from attributes - not yet supported by MISP yet, but there are references in the datamodel