2016-07-13 15:24:36 +02:00
#!/usr/bin/env python
# -*- coding: utf-8 -*-
from pymisp import PyMISP
from keys import misp_url , misp_key , misp_verifycert
from datetime import datetime
import argparse
import tools
2016-07-26 16:35:46 +02:00
2016-07-13 15:24:36 +02:00
def init ( url , key ) :
return PyMISP ( url , key , misp_verifycert , ' json ' )
2016-07-26 16:35:46 +02:00
# ######### fetch data ##########
2016-07-13 15:24:36 +02:00
if __name__ == ' __main__ ' :
2016-07-21 10:09:10 +02:00
parser = argparse . ArgumentParser ( description = ' Take a sample of events (based on last.py) and give the repartition of tags in this sample. ' )
2016-07-26 11:05:20 +02:00
parser . add_argument ( " -d " , " --days " , type = int , help = " number of days before today to search. If not define, default value is 7 " )
2016-07-26 16:35:46 +02:00
parser . add_argument ( " -b " , " --begindate " , default = ' 1970-01-01 ' , help = " The research will look for tags attached to events posted at or after the given startdate (format: yyyy-mm-dd): If no date is given, default time is epoch time (1970-1-1) " )
2016-07-21 10:09:10 +02:00
parser . add_argument ( " -e " , " --enddate " , help = " The research will look for tags attached to events posted at or before the given enddate (format: yyyy-mm-dd): If no date is given, default time is now() " )
2016-07-13 15:24:36 +02:00
args = parser . parse_args ( )
misp = init ( misp_url , misp_key )
2016-07-21 10:09:10 +02:00
if args . days is None :
2016-07-26 11:05:20 +02:00
args . days = 7
2016-07-29 13:25:26 +02:00
result = misp . download_last ( ' {} d ' . format ( args . days ) )
2016-07-26 11:05:20 +02:00
tools . checkDateConsistancy ( args . begindate , args . enddate , tools . getLastdate ( args . days ) )
if args . begindate is None :
args . begindate = tools . getLastdate ( args . days )
else :
args . begindate = tools . setBegindate ( tools . toDatetime ( args . begindate ) , tools . getLastdate ( args . days ) )
2016-07-13 15:24:36 +02:00
2016-07-26 11:05:20 +02:00
if args . enddate is None :
args . enddate = datetime . now ( )
else :
args . enddate = tools . setEnddate ( tools . toDatetime ( args . enddate ) )
2016-07-13 15:24:36 +02:00
2016-07-29 13:25:26 +02:00
events = tools . selectInRange ( tools . eventsListBuildFromArray ( result ) , begin = args . begindate , end = args . enddate )
tags = tools . tagsListBuild ( events )
result = tools . getNbOccurenceTags ( tags )
2016-07-13 15:24:36 +02:00
text = ' Studied pediod: from '
if args . begindate is None :
text = text + ' 1970-01-01 '
else :
text = text + str ( args . begindate . date ( ) )
text = text + ' to '
if args . enddate is None :
text = text + str ( datetime . now ( ) . date ( ) )
else :
text = text + str ( args . enddate . date ( ) )
2016-07-26 16:35:46 +02:00
print ( ' \n ======================================================== ' )
print ( text )
print ( result )