fix: [cleanup] minor visual improvements

2020-05-15 09:29:05 +02:00 · 2020-05-15 09:29:05 +02:00 · ab9b93ff23
parent bba7e0baa5
commit ab9b93ff23
2 changed files with 14 additions and 16 deletions
--- a/src/MISP_maltego/transforms/attributetoevent.py
+++ b/src/MISP_maltego/transforms/attributetoevent.py
@ -16,9 +16,10 @@ __status__ = 'Development'


 class SearchInMISP(Transform):
-    """Search an attribute, event in MISP, allowing the use of % at the front and end"""
+    """Use % at the front/end for wildcard search"""
    input_type = Unknown
    display_name = 'Search in MISP'
+    description = "Use % at the front/end for wildcard search"
    remote = True

    def do_transform(self, request, response, config):
@ -122,7 +123,7 @@ class SearchInMISP(Transform):

 class AttributeToEvent(Transform):
    input_type = Unknown
-    display_name = 'to MISP Event'
+    display_name = 'to MISP Events'
    remote = True

    def do_transform(self, request, response, config):
@ -161,7 +162,6 @@ class AttributeToEvent(Transform):
            tag_name = get_entity_property(request.entity, 'Temp')
            if not tag_name:
                tag_name = request.entity.value
-            # TODO convert this to an index search to be much faster
            events_json = conn.misp.search_index(tags=tag_name)
            for e in events_json:
                response += event_to_entity({'Event': e}, link_direction=LinkDirection.OutputToInput)
--- a/src/MISP_maltego/transforms/common/util.py
+++ b/src/MISP_maltego/transforms/common/util.py
@ -12,8 +12,6 @@ import requests
 import tempfile
 import time

-# FIXME from galaxy 'to MISP Event' is confusing
-
 __version__ = '1.4.4'  # also update version in setup.py

 tag_note_prefixes = ['tlp:', 'PAP:', 'de-vs:', 'euci:', 'fr-classif:', 'nato:']
@ -205,15 +203,15 @@ def attribute_to_entity(a, link_label=None, event_tags=[], only_self=False):

    # complement the event tags with the attribute tags.
    if 'Tag' in a and not only_self:
-            for t in a['Tag']:
-                combined_tags.append(t['name'])
-                # ignore all misp-galaxies
-                if t['name'].startswith('misp-galaxy'):
-                    continue
-                # ignore all those we add as notes
-                if tag_matches_note_prefix(t['name']):
-                    continue
-                yield Hashtag(t['name'], bookmark=Bookmark.Green)
+        for t in a['Tag']:
+            combined_tags.append(t['name'])
+            # ignore all misp-galaxies
+            if t['name'].startswith('misp-galaxy'):
+                continue
+            # ignore all those we add as notes
+            if tag_matches_note_prefix(t['name']):
+                continue
+            yield Hashtag(t['name'], bookmark=Bookmark.Green)

    notes = convert_tags_to_note(combined_tags)

@ -251,7 +249,7 @@ def attribute_to_entity(a, link_label=None, event_tags=[], only_self=False):

    # not supported in our maltego mapping are not handled

-    # LATER : relationships from attributes - not yet supported by MISP yet, but there are references in the datamodel
+    # LATER relationships from attributes - not yet supported by MISP yet, but there are references in the datamodel


 def object_to_attributes(o, e):
@ -293,7 +291,7 @@ def get_attribute_in_object(o, attribute_type=False, attribute_value=False, drop
                if drop:    # drop the attribute from the object
                    o['Attribute'].pop(i)
                break
-        # TODO implement substring matching
+        # substring matching
        if substring:
            keyword = attribute_value.strip('%')
            if attribute_value.startswith('%') and attribute_value.endswith('%'):