2015-09-01 18:46:10 +02:00
#!/usr/bin/env python
# -*- coding: utf-8 -*-
2019-07-17 16:46:47 +02:00
from pymisp import ExpandedPyMISP , MISPEvent
2018-10-14 19:26:03 +02:00
from keys import misp_url , misp_key , misp_verifycert
2015-09-01 18:46:10 +02:00
import argparse
if __name__ == ' __main__ ' :
2016-03-21 21:24:15 +01:00
parser = argparse . ArgumentParser ( description = ' Create an event on MISP. ' )
2015-09-01 18:46:10 +02:00
parser . add_argument ( " -d " , " --distrib " , type = int , help = " The distribution setting used for the attributes and for the newly created event, if relevant. [0-3]. " )
parser . add_argument ( " -i " , " --info " , help = " Used to populate the event info field if no event ID supplied. " )
2018-03-10 14:04:18 +01:00
parser . add_argument ( " -a " , " --analysis " , type = int , help = " The analysis level of the newly created event, if applicable. [0-2] " )
parser . add_argument ( " -t " , " --threat " , type = int , help = " The threat level ID of the newly created event, if applicable. [1-4] " )
2015-09-01 18:46:10 +02:00
args = parser . parse_args ( )
2019-07-17 16:46:47 +02:00
misp = ExpandedPyMISP ( misp_url , misp_key , misp_verifycert )
event = MISPEvent ( )
event . distribution = args . distrib
event . threat_level_id = args . threat
event . analysis = args . analysis
event . info = args . info
2015-09-01 18:46:10 +02:00
2019-07-17 16:46:47 +02:00
event = misp . add_event ( event , pythonify = True )
2016-08-26 18:23:20 +02:00
print ( event )
