MISP
/
PyMISP
mirror of https://github.com/MISP/PyMISP
2
0
Fork 0
Code Issues Releases Wiki Activity

new: Method to POST a STIX file to MISP and create a new event.

pull/395/head
Raphaël Vinot 2019-05-21 16:47:10 +02:00
parent bab28e17db
commit 121d8853e2
1 changed files with 24 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
pymisp/aping.py
View File

@ -7,6 +7,7 @@ from .mispevent import MISPEvent, MISPAttribute, MISPSighting, MISPLog, MISPObje
from typing import TypeVar, Optional, Tuple, List, Dict, Union from typing import TypeVar, Optional, Tuple, List, Dict, Union
from datetime import date, datetime from datetime import date, datetime
import csv import csv
from pathlib import Path
import logging import logging
from urllib.parse import urljoin from urllib.parse import urljoin
@ -630,3 +631,26 @@ class ExpandedPyMISP(PyMISP):
url = urljoin(self.root_url, f'/admin/roles/set_default/{role_id}') url = urljoin(self.root_url, f'/admin/roles/set_default/{role_id}')
response = self._prepare_request('POST', url) response = self._prepare_request('POST', url)
return self._check_response(response) return self._check_response(response)
def upload_stix(self, path, version: str='2'):
"""Upload a STIX file to MISP.
:param path: Path to the STIX on the disk (can be a path-like object, or a pseudofile)
:param version: Can be 1 or 2
"""
if isinstance(path, (str, Path)):
with open(path, 'rb') as f:
to_post = f.read()
else:
to_post = path.read()
if isinstance(to_post, bytes):
to_post = to_post.decode()
if str(version) == '1':
url = urljoin(self.root_url, '/events/upload_stix')
response = self._prepare_request('POST', url, data=to_post, output_type='xml')
else:
url = urljoin(self.root_url, '/events/upload_stix/2')
response = self._prepare_request('POST', url, data=to_post)
return response