PyMISP/examples/copy_list.py

105 lines
2.8 KiB
Python
Raw Normal View History

2016-03-21 21:24:15 +01:00
#!/usr/bin/env python
2014-04-12 17:44:47 +02:00
# -*- coding: utf-8 -*-
import sys
2014-04-16 15:14:58 +02:00
from pymisp import PyMISP
2014-04-12 17:44:47 +02:00
from keys import cert, priv
2014-04-12 17:44:47 +02:00
url_cert = 'https://misp.circl.lu'
url_priv = 'https://misppriv.circl.lu'
cert_cert = 'misp.circl.lu.crt'
cert_priv = 'misppriv.circl.lu.crt'
2014-04-12 17:44:47 +02:00
source = None
destination = None
2014-04-14 19:18:12 +02:00
def init(cert_to_priv=True):
2014-04-12 17:44:47 +02:00
global source
global destination
2015-05-03 02:47:47 +02:00
print(cert_to_priv)
if cert_to_priv:
source = PyMISP(url_cert, cert, cert_cert, 'xml')
destination = PyMISP(url_priv, priv, cert_priv, 'xml')
else:
source = PyMISP(url_priv, priv, cert_priv, 'xml')
destination = PyMISP(url_cert, cert, cert_cert, 'xml')
2014-04-12 17:44:47 +02:00
2014-04-14 19:18:12 +02:00
def _to_utf8(request):
to_return = None
if 'json' in request.headers['content-type']:
to_return = request.json()
2014-04-14 19:18:12 +02:00
else:
to_return = request.text.encode('utf-8')
return to_return
2014-04-12 17:44:47 +02:00
def copy_event(event_id):
r_src = source.get_event(event_id)
2014-04-14 19:18:12 +02:00
to_send = _to_utf8(r_src)
return destination.add_event(to_send)
2014-05-02 17:10:53 +02:00
def update_event(event_id, event_to_update):
r_src = source.get_event(event_id)
to_send = _to_utf8(r_src)
return destination.update_event(event_to_update, to_send)
2014-04-14 19:18:12 +02:00
def list_copy(filename):
with open(filename, 'r') as f:
for l in f:
copy(l)
def loop_copy():
while True:
line = sys.stdin.readline()
copy(line)
def copy(eventid):
eventid = eventid.strip()
if len(eventid) == 0 or not eventid.isdigit():
2015-05-03 02:47:47 +02:00
print('empty line or NaN.')
return
eventid = int(eventid)
2015-05-03 02:47:47 +02:00
print(eventid, 'copying...')
r = copy_event(eventid)
2014-05-02 17:10:53 +02:00
if r.status_code >= 400:
loc = r.headers['location']
if loc is not None:
event_to_update = loc.split('/')[-1]
2015-05-03 02:47:47 +02:00
print('updating', event_to_update)
2014-05-02 17:10:53 +02:00
r = update_event(eventid, event_to_update)
if r.status_code >= 400:
2015-05-03 02:47:47 +02:00
print(r.status_code, r.headers)
2014-05-02 17:10:53 +02:00
else:
2015-05-03 02:47:47 +02:00
print(r.status_code, r.headers)
print(eventid, 'done.')
2014-04-12 17:44:47 +02:00
2014-04-15 16:40:49 +02:00
def export_our_org():
circl = source.search(org='CIRCL')
return _to_utf8(circl)
2014-04-12 17:44:47 +02:00
if __name__ == '__main__':
2014-04-16 15:14:58 +02:00
import argparse
parser = argparse.ArgumentParser(
description='Copy the events from one MISP instance to an other.')
parser.add_argument('-f', '--filename', type=str,
2014-04-16 15:14:58 +02:00
help='File containing a list of event id.')
parser.add_argument(
'-l', '--loop', action='store_true',
help='Endless loop: eventid in the terminal and it will be copied.')
parser.add_argument('--priv_to_cert', action='store_false', default=True,
help='Copy from MISP priv to MISP CERT.')
2014-04-16 15:14:58 +02:00
args = parser.parse_args()
init(args.priv_to_cert)
if args.filename is not None:
list_copy(args.filename)
else:
loop_copy()