mirror of https://github.com/MISP/PyMISP
new: Add log search
parent
9a7caa71fb
commit
2c0da24437
|
@ -1730,7 +1730,7 @@ class PyMISP(object):
|
||||||
"""Get the list of existing roles"""
|
"""Get the list of existing roles"""
|
||||||
url = urljoin(self.root_url, '/roles')
|
url = urljoin(self.root_url, '/roles')
|
||||||
response = self._prepare_request('GET', url)
|
response = self._prepare_request('GET', url)
|
||||||
return self._check_response(response)['response']
|
return self._check_response(response)
|
||||||
|
|
||||||
# ############## Tags ##################
|
# ############## Tags ##################
|
||||||
|
|
||||||
|
|
|
@ -383,3 +383,41 @@ class ExpandedPyMISP(PyMISP):
|
||||||
if line:
|
if line:
|
||||||
to_return.append({fname: value for fname, value in zip(fieldnames, line)})
|
to_return.append({fname: value for fname, value in zip(fieldnames, line)})
|
||||||
return to_return
|
return to_return
|
||||||
|
|
||||||
|
def search_logs(self, limit: Optional[int]=None, page: Optional[int]=None,
|
||||||
|
log_id: Optional[int]=None, title: Optional[str]=None,
|
||||||
|
created: Optional[DateTypes]=None, model: Optional[str]=None,
|
||||||
|
action: Optional[str]=None, user_id: Optional[int]=None,
|
||||||
|
change: Optional[str]=None, email: Optional[str]=None,
|
||||||
|
org: Optional[str]=None, description: Optional[str]=None,
|
||||||
|
ip: Optional[str]=None):
|
||||||
|
'''Search in logs
|
||||||
|
|
||||||
|
Note: to run substring queries simply append/prepend/encapsulate the search term with %
|
||||||
|
|
||||||
|
:param limit: Limit the number of results returned, depending on the scope (for example 10 attributes or 10 full events).
|
||||||
|
:param page: If a limit is set, sets the page to be returned. page 3, limit 100 will return records 201->300).
|
||||||
|
:param log_id: Log ID
|
||||||
|
:param title: Log Title
|
||||||
|
:param created: Creation timestamp
|
||||||
|
:param model: Model name that generated the log entry
|
||||||
|
:param action: The thing that was done
|
||||||
|
:param user_id: ID of the user doing the action
|
||||||
|
:param change: Change that occured
|
||||||
|
:param email: Email of the user
|
||||||
|
:param org: Organisation of the User doing the action
|
||||||
|
:param description: Description of the action
|
||||||
|
:param ip: Origination IP of the User doing the action
|
||||||
|
'''
|
||||||
|
query = locals()
|
||||||
|
query.pop('self')
|
||||||
|
if log_id is not None:
|
||||||
|
query['id'] = query.pop('log_id')
|
||||||
|
|
||||||
|
url = urljoin(self.root_url, 'admin/logs/index')
|
||||||
|
# Remove None values.
|
||||||
|
# TODO: put that in self._prepare_request
|
||||||
|
query = {k: v for k, v in query.items() if v is not None}
|
||||||
|
response = self._prepare_request('POST', url, data=json.dumps(query))
|
||||||
|
normalized_response = self._check_response(response)
|
||||||
|
return normalized_response
|
||||||
|
|
Loading…
Reference in New Issue