MISP
/
PyMISP
mirror of https://github.com/MISP/PyMISP
2
0
Fork 0
Code Issues Releases Wiki Activity
PyMISP/examples/feed-generator-from-redis/ObjectConstructor/CowrieMISPObject.py

33 lines
1.1 KiB
Python
Raw Normal View History

Moved object constructor into their own folder
2018-03-12 15:22:58 +01:00
#!/usr/bin/env python3
import time
from pymisp.tools.abstractgenerator import AbstractMISPObjectGenerator
class CowrieMISPObject(AbstractMISPObjectGenerator):
def __init__(self, dico_val, **kargs):
self._dico_val = dico_val
self.name = "cowrie"
# Enforce attribute date with timestamp
super(CowrieMISPObject, self).__init__('cowrie',
default_attributes_parameters={'timestamp': int(time.time())},
**kargs)
self.generate_attributes()
def generate_attributes(self):
skip_list = ['time', 'duration', 'isError', 'ttylog']
for object_relation, value in self._dico_val.items():
if object_relation in skip_list or 'log_' in object_relation:
continue
Updated readme
2018-03-12 15:34:12 +01:00
Moved object constructor into their own folder
2018-03-12 15:22:58 +01:00
if object_relation == 'timestamp':
# Date already in ISO format, removing trailing Z
value = value.rstrip('Z')
if isinstance(value, dict):
self.add_attribute(object_relation, **value)
else:
self.add_attribute(object_relation, value=value)