chg: Fixes & update Jupyter

pull/301/head
Raphaël Vinot 2018-11-20 01:39:20 +01:00
parent c2f7c01b5d
commit 3113fcad55
4 changed files with 33 additions and 20 deletions

View File

@ -787,7 +787,7 @@
"name": "python",
"nbconvert_exporter": "python",
"pygments_lexer": "ipython3",
"version": "3.6.5"
"version": "3.6.7"
}
},
"nbformat": 4,

View File

@ -22,10 +22,10 @@
"outputs": [],
"source": [
"# The URL of the MISP instance to connect to\n",
"misp_url = 'http://127.0.0.1:9090/'\n",
"misp_url = 'http://127.0.0.1:8080/'\n",
"# Can be found in the MISP web interface under \n",
"# http://+MISP_URL+/users/view/me -> Authkey\n",
"misp_key = 'btm3o1j6SzKUEsHiNz0vTMYzPfcc5eIKpfaWFADj'\n",
"misp_key = 'BSip0zVadeFDeolkX2g7MHx8mrlr0uE04hh6CQj0'\n",
"# Should PyMISP verify the MISP certificate\n",
"misp_verifycert = False"
]
@ -67,9 +67,10 @@
"metadata": {},
"outputs": [],
"source": [
"from pymisp import PyMISP\n",
"from pymisp import ExpandedPyMISP, PyMISP\n",
"\n",
"misp = PyMISP(misp_url, misp_key, misp_verifycert)"
"misp = ExpandedPyMISP(misp_url, misp_key, misp_verifycert)\n",
"misp_old = PyMISP(misp_url, misp_key, misp_verifycert)"
]
},
{
@ -96,7 +97,7 @@
" threat_level_id=1,\n",
" analysis=1,\n",
" info=\"Event from notebook\")\n",
"print(\"Event id: %s\" % event['Event']['id'])"
"print(\"Event id: %s\" % event.id)"
]
},
{
@ -120,7 +121,7 @@
"event_obj.analysis = 1\n",
"event_obj.info = \"Event from notebook 2\"\n",
"event = misp.add_event(event_obj)\n",
"event_id = event['Event']['id']\n",
"event_id = event.id\n",
"print(\"Event id: %s\" % event_id)"
]
},
@ -237,7 +238,7 @@
"source": [
"# Add the attribute to the event\n",
"## Fetch the event from MISP\n",
"event_dict = misp.get(event_id)['Event']\n",
"event_dict = misp_old.get(event_id)['Event']\n",
"\n",
"## Convert it to a PyMISP Event\n",
"event = MISPEvent()\n",
@ -248,7 +249,25 @@
"event.add_attribute(type='domain', value='circl.lu', disable_correlation=True)\n",
"\n",
"## Push the updated event to MISP\n",
"event_dict = misp.update(event)\n",
"event_dict = misp.update_event(event)\n",
"print(event_dict)"
]
},
{
"cell_type": "code",
"execution_count": null,
"metadata": {},
"outputs": [],
"source": [
"# New Python 3.6 API\n",
"event = misp.get(event_id)\n",
"\n",
"## Add the attribute to the event\n",
"event.add_attribute(**attribute)\n",
"event.add_attribute(type='domain', value='circl.lu', disable_correlation=True)\n",
"\n",
"## Push the updated event to MISP\n",
"event_dict = misp.update_event(event)\n",
"print(event_dict)"
]
},
@ -273,8 +292,6 @@
"outputs": [],
"source": [
"results = misp.search_index(eventinfo='notebook')\n",
"# The data is stored in the field 'response'\n",
"results = results['response']\n",
"\n",
"for event in results:\n",
" print(event['id'], ':', event['info'])"
@ -304,12 +321,8 @@
"source": [
"# Search attributes (specified in controller) where the attribute type is 'ip-src'\n",
"# And the to_ids flag is set\n",
"response = misp.search(controller='attributes', type_attribute='ip-src', to_ids=False)\n",
"# The data is stored in the field 'response'\n",
"results = response['response']\n",
"attributes = misp.search(controller='attributes', type_attribute='ip-src', to_ids=0, pythonify=True)\n",
"\n",
"# Get all related event\n",
"attributes = results['Attribute']\n",
"event_ids = set()\n",
"for attr in attributes:\n",
" event_ids.add(event_id)\n",
@ -317,7 +330,7 @@
"# Fetch all related events\n",
"for event_id in event_ids:\n",
" event = misp.get_event(event_id)\n",
" print(event['Event']['info'])"
" print(event.info)"
]
},
{
@ -451,7 +464,7 @@
"name": "python",
"nbconvert_exporter": "python",
"pygments_lexer": "ipython3",
"version": "3.6.5"
"version": "3.6.7"
}
},
"nbformat": 4,

View File

@ -498,7 +498,7 @@
"name": "python",
"nbconvert_exporter": "python",
"pygments_lexer": "ipython3",
"version": "3.6.5"
"version": "3.6.7"
}
},
"nbformat": 4,

View File

@ -2258,7 +2258,7 @@ class PyMISP(object):
"""Returns the list of Object templates available on the MISP instance"""
url = urljoin(self.root_url, 'objectTemplates')
response = self._prepare_request('GET', url)
return self._check_response(response)['response']
return self._check_response(response)
def get_object_template_id(self, object_uuid):
"""Gets the template ID corresponting the UUID passed as parameter"""