new: Add bindings to PyMISPWarninglists

2018-01-25 17:56:30 +01:00 · 2018-01-25 17:56:30 +01:00 · 250190e8a8
parent 837372cf3e
commit 250190e8a8
3 changed files with 49 additions and 0 deletions
--- a/examples/warninglists.py
+++ b/examples/warninglists.py
@ -0,0 +1,22 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+from pymisp import PyMISP
+from pymisp.tools import load_warninglists
+import argparse
+from keys import misp_url, misp_key
+
+
+if __name__ == '__main__':
+
+    parser = argparse.ArgumentParser(description='Load the warninglists.')
+    parser.add_argument("-p", "--package", action='store_true', help="from the PyMISPWarninglists package.")
+    parser.add_argument("-r", "--remote", action='store_true', help="from the MISP instance.")
+
+    args = parser.parse_args()
+
+    if args.package:
+        print(load_warninglists.from_package())
+    elif args.remote:
+        pm = PyMISP(misp_url, misp_key)
+        print(load_warninglists.from_instance(pm))
--- a/pymisp/init.py
+++ b/pymisp/init.py
@ -39,6 +39,7 @@ try:
    from .tools import Neo4j  # noqa
    from .tools import stix  # noqa
    from .tools import openioc  # noqa
+    from .tools import load_warninglists  # noqa
    logger.debug('pymisp loaded properly')
 except ImportError as e:
    logger.warning('Unable to load pymisp properly: {}'.format(e))
--- a/pymisp/tools/load_warninglists.py
+++ b/pymisp/tools/load_warninglists.py
@ -0,0 +1,26 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+try:
+    from pymispwarninglists import WarningLists
+    has_pymispwarninglists = True
+except ImportError:
+    has_pymispwarninglists = False
+
+
+def from_instance(pymisp_instance, slow_search=False):
+    """Load the warnindlist from an existing MISP instance
+    :pymisp_instance: Already instantialized PyMISP instance."""
+
+    warninglists_index = pymisp_instance.get_warninglists()['Warninglists']
+    all_warningslists = []
+    for warninglist in warninglists_index:
+        wl = pymisp_instance.get_warninglist(warninglist['Warninglist']['id'])['Warninglist']
+        wl['list'] = wl.pop('WarninglistEntry')
+        all_warningslists.append(wl)
+
+    return WarningLists(slow_search, all_warningslists)
+
+
+def from_package(slow_search=False):
+    return WarningLists(slow_search)