Take 'to_ids' setting in account and PEP8 checks

- Include check if 'to_ids' is included in the data returned from the import module - PEP8 checks
2019-05-06 17:31:52 +02:00 · 2019-05-06 17:31:52 +02:00 · 38a2903fc9
parent 0f49b27794
commit 38a2903fc9
1 changed files with 16 additions and 14 deletions
--- a/examples/vmray_automation.py
+++ b/examples/vmray_automation.py
@ -58,7 +58,7 @@ def get_vmray_config(url, key, default_wait_period):
                    # Is the vmray import module enabled?
                    if el['setting'] == 'Plugin.Import_vmray_import_enabled':
                        vmray_import_enabled = el['value']
-                        if vmray_import_enabled == False:
+                        if vmray_import_enabled is False:
                            break
                    # Get the VMRay API key from the MISP settings
                    elif el['setting'] == 'Plugin.Import_vmray_import_apikey':
@ -90,7 +90,6 @@ def get_vmray_config(url, key, default_wait_period):
        sys.exit('Unable to get VMRay config from MISP')


-
 def search_vmray_incomplete(m, url, wait_period, module_import_url, module_import_port, vmray_url, vmray_api, vmray_attribute_category, vmray_include_analysisid, vmray_include_imphash_ssdeep, vmray_include_extracted_files, vmray_include_analysisdetails, vmray_include_vtidetails, custom_tags_incomplete, custom_tags_complete):
    '''
       Search for the events with VMRay samples that are marked incomplete
@ -118,7 +117,8 @@ def search_vmray_incomplete(m, url, wait_period, module_import_url, module_impor
        # Not enough time has gone by to lookup the analysis jobs
        if int((time.time() - timestamp) / 60) < int(wait_period):
            if module_DEBUG:
-                print("Attribute to recent - %s " % (int(time.time() - timestamp) / 60) )
+                r_timestamp = datetime.datetime.fromtimestamp(timestamp).strftime('%Y-%m-%d %H:%M:%S')
+                print("Attribute to recent for wait_period (%s minutes) - timestamp attribute: %s (%s minutes old)" % (wait_period, r_timestamp, round((int(time.time() - timestamp) / 60), 2)))
            return False

        if module_DEBUG:
@ -160,6 +160,8 @@ def search_vmray_incomplete(m, url, wait_period, module_import_url, module_impor
                                to_ids = True
                                values = el['values']
                                types = el['types']
+                                if "to_ids" in el:
+                                    to_ids = el['to_ids']
                                if "text" in types:
                                    to_ids = False
                                comment = el['comment']
@ -171,7 +173,7 @@ def search_vmray_incomplete(m, url, wait_period, module_import_url, module_impor
                                    try:
                                        r = m.add_named_attribute(event_id, type, values, vmray_attribute_category, to_ids, comment)
                                        if module_DEBUG:
-                                            print("Add event %s: %s as %s (%s)" % (event_id, values, type, comment))
+                                            print("Add event %s: %s as %s (%s) (toids: %s)" % (event_id, values, type, comment, to_ids))
                                    except Exception as e:
                                        continue
                                        if module_DEBUG: