2015-11-06 11:40:43 +01:00
|
|
|
# PyMISP - Python Library to access MISP
|
|
|
|
|
2014-10-29 10:45:18 +01:00
|
|
|
PyMISP is a Python library to access [MISP](https://github.com/MISP/MISP) platforms via their REST API.
|
|
|
|
|
2015-11-06 11:40:43 +01:00
|
|
|
PyMISP allows you to fetch events, add or update events/attributes, add or update samples or search for attributes.
|
|
|
|
|
|
|
|
## Requirements
|
2014-10-29 10:45:18 +01:00
|
|
|
|
|
|
|
* [requests](http://docs.python-requests.org)
|
2014-04-16 15:43:54 +02:00
|
|
|
|
2016-06-28 15:19:08 +02:00
|
|
|
## Install from pip
|
|
|
|
~~~~
|
|
|
|
pip install pymisp
|
|
|
|
~~~~
|
|
|
|
|
|
|
|
## Install the lastest version from repo
|
2014-04-16 15:43:54 +02:00
|
|
|
|
2015-11-06 11:40:43 +01:00
|
|
|
~~~~
|
2016-06-28 15:19:08 +02:00
|
|
|
git clone https://github.com/CIRCL/PyMISP.git && cd PyMISP
|
2014-04-16 15:43:54 +02:00
|
|
|
python setup.py install
|
2015-11-06 11:40:43 +01:00
|
|
|
~~~~
|
2014-04-16 15:43:54 +02:00
|
|
|
|
2015-11-06 11:40:43 +01:00
|
|
|
## Samples and how to use PyMISP
|
2014-04-16 15:43:54 +02:00
|
|
|
|
2015-11-06 11:40:43 +01:00
|
|
|
Various examples and samples scripts are in the [examples/](examples/) directory.
|
|
|
|
|
|
|
|
In the examples directory, you will need to change the keys.py.sample to enter your MISP url and API key.
|
|
|
|
|
|
|
|
~~~~
|
|
|
|
cd examples
|
|
|
|
cp keys.py.sample keys.py
|
|
|
|
vim keys.py
|
|
|
|
~~~~
|
|
|
|
|
|
|
|
The API key of MISP is available in the Automation section of the MISP web interface.
|
|
|
|
|
|
|
|
To test if your URL and API keys are correct, you can test with examples/last.py to
|
|
|
|
fetch the last 10 events published.
|
|
|
|
|
|
|
|
~~~~
|
|
|
|
cd examples
|
|
|
|
python last.py -l 10
|
|
|
|
~~~~
|
2014-10-29 10:45:18 +01:00
|
|
|
|
2015-11-06 11:40:43 +01:00
|
|
|
## Documentation
|
2014-10-29 10:45:18 +01:00
|
|
|
|
|
|
|
[PyMISP API documentation is available](http://www.circl.lu/assets/files/PyMISP.pdf).
|
|
|
|
|
|
|
|
Documentation can be generated with epydoc:
|
|
|
|
|
|
|
|
~~~~
|
|
|
|
epydoc --url https://github.com/CIRCL/PyMISP --graph all --name PyMISP --pdf pymisp -o doc
|
|
|
|
~~~~
|