mirror of https://github.com/MISP/PyMISP
new: Add test cases for stix export
Raphaël Vinot
parent
bab80181f1
commit
0a01a16c6b
|
|
@ -284,7 +284,7 @@ class ExpandedPyMISP(PyMISP):
|
||||||
|
|
||||||
'''
|
'''
|
||||||
|
|
||||||
return_formats = ['openioc', 'json', 'xml', 'suricata', 'snort', 'text', 'rpz', 'csv', 'cache']
|
return_formats = ['openioc', 'json', 'xml', 'suricata', 'snort', 'text', 'rpz', 'csv', 'cache', 'stix', 'stix2']
|
||||||
|
|
||||||
if controller not in ['events', 'attributes', 'objects', 'sightings']:
|
if controller not in ['events', 'attributes', 'objects', 'sightings']:
|
||||||
raise ValueError('controller has to be in {}'.format(', '.join(['events', 'attributes', 'objects'])))
|
raise ValueError('controller has to be in {}'.format(', '.join(['events', 'attributes', 'objects'])))
|
||||||
|
|
|
||||||
|
|
@ -1 +1 @@
|
||||||
Subproject commit b6a7ccd2dce4ec3479b6ac44482aaed66d3dd02b
|
Subproject commit 36dc6efab3b01eb92790b57a552cfb32d919fb6f
|
||||||
|
|
@ -7,6 +7,8 @@ from pymisp import ExpandedPyMISP, MISPEvent, MISPOrganisation, MISPUser, Distri
|
||||||
from pymisp.tools import make_binary_objects
|
from pymisp.tools import make_binary_objects
|
||||||
from datetime import datetime, timedelta, date
|
from datetime import datetime, timedelta, date
|
||||||
from io import BytesIO
|
from io import BytesIO
|
||||||
|
import re
|
||||||
|
import json
|
||||||
|
|
||||||
import time
|
import time
|
||||||
from uuid import uuid4
|
from uuid import uuid4
|
||||||
|
|
@ -822,6 +824,21 @@ class TestComprehensive(unittest.TestCase):
|
||||||
self.admin_misp_connector.delete_event(first.id)
|
self.admin_misp_connector.delete_event(first.id)
|
||||||
self.admin_misp_connector.delete_event(second.id)
|
self.admin_misp_connector.delete_event(second.id)
|
||||||
|
|
||||||
|
def test_search_stix(self):
|
||||||
|
first = self.create_simple_event()
|
||||||
|
first.add_attribute('ip-src', '8.8.8.8')
|
||||||
|
try:
|
||||||
|
first = self.user_misp_connector.add_event(first)
|
||||||
|
stix = self.user_misp_connector.search(return_format='stix', eventid=first.id)
|
||||||
|
found = re.findall('8.8.8.8', stix)
|
||||||
|
self.assertTrue(found)
|
||||||
|
stix2 = self.user_misp_connector.search(return_format='stix2', eventid=first.id)
|
||||||
|
json.dumps(stix2, indent=2)
|
||||||
|
self.assertEqual(stix2['objects'][-1]['pattern'], "[network-traffic:src_ref.type = 'ipv4-addr' AND network-traffic:src_ref.value = '8.8.8.8']")
|
||||||
|
finally:
|
||||||
|
# Delete event
|
||||||
|
self.admin_misp_connector.delete_event(first.id)
|
||||||
|
|
||||||
def test_upload_sample(self):
|
def test_upload_sample(self):
|
||||||
first = self.create_simple_event()
|
first = self.create_simple_event()
|
||||||
second = self.create_simple_event()
|
second = self.create_simple_event()
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue