MISP
/
PyMISP
mirror of https://github.com/MISP/PyMISP
2
0
Fork 0
Code Issues Releases Wiki Activity

fix: readme update + python3 + pep8 

align python path to readme specifying python3
pull/295/head
Christophe Vandeplas 2018-10-28 13:01:26 +01:00
parent 6301ed5063
commit 60575d4cf6
2 changed files with 25 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
examples/feed-generator/README.md
View File

@ -5,9 +5,26 @@ This python script can be used to generate a MISP feed based on an existing MISP
# Installation # Installation
```` ````
git clone https://github.com/CIRCL/PyMISP git clone https://github.com/MISP/PyMISP.git
cd examples/feed-generator cd examples/feed-generator
cp settings-default.py settings.py cp settings-default.py settings.py
vi settings.py #adjust your settings vi settings.py #adjust your settings
python3 generate.py python3 generate.py
```` ````
# Output
The generated feed will be stored in your `outputdir`.
It contains the files:
- `manifest.json` - containing the feed manifest (generic event information)
- `hashes.csv` - listing the hashes of the attribute values
- `*.json` - a large amount of `json` files
# Importing in MISP
To import this feed into your MISP instance:
- Sync Actions > List Feeds > Add feed
- Fill in the form while ensuring the 'source format' is set to 'MISP Feed'
For more information about feeds please read: https://misp.gitbooks.io/misp-book/content/managing-feeds/

11
examples/feed-generator/generate.py
View File

@ -1,4 +1,4 @@
#!/usr/bin/env python #!/usr/bin/env python3
# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
import sys import sys
@ -79,15 +79,17 @@ valid_attribute_distributions = []
attributeHashes = [] attributeHashes = []
def init(): def init():
# If we have an old settings.py file then this variable won't exist # If we have an old settings.py file then this variable won't exist
global valid_attribute_distributions global valid_attribute_distributions
try: try:
valid_attribute_distributions = valid_attribute_distribution_levels valid_attribute_distributions = valid_attribute_distribution_levels
except: except Exception:
valid_attribute_distributions = ['0', '1', '2', '3', '4', '5'] valid_attribute_distributions = ['0', '1', '2', '3', '4', '5']
return PyMISP(url, key, ssl) return PyMISP(url, key, ssl)
def recursiveExtract(container, containerType, leaf, eventUuid): def recursiveExtract(container, containerType, leaf, eventUuid):
temp = {} temp = {}
if containerType in ['Attribute', 'Object']: if containerType in ['Attribute', 'Object']:
@ -118,8 +120,8 @@ def recursiveExtract(container, containerType, leaf, eventUuid):
temp[childType].append(processed) temp[childType].append(processed)
return temp return temp
def saveEvent(misp, uuid): def saveEvent(misp, uuid):
result = {}
event = misp.get_event(uuid) event = misp.get_event(uuid)
if not event.get('Event'): if not event.get('Event'):
print('Error while fetching event: {}'.format(event['message'])) print('Error while fetching event: {}'.format(event['message']))
@ -130,11 +132,13 @@ def saveEvent(misp, uuid):
eventFile.write(event) eventFile.write(event)
eventFile.close() eventFile.close()
def __blockByDistribution(element): def __blockByDistribution(element):
if element['distribution'] not in valid_attribute_distributions: if element['distribution'] not in valid_attribute_distributions:
return True return True
return False return False
def saveHashes(): def saveHashes():
if not attributeHashes: if not attributeHashes:
return False return False
@ -148,7 +152,6 @@ def saveHashes():
sys.exit('Could not create the quick hash lookup file.') sys.exit('Could not create the quick hash lookup file.')
def saveManifest(manifest): def saveManifest(manifest):
try: try:
manifestFile = open(os.path.join(outputdir, 'manifest.json'), 'w') manifestFile = open(os.path.join(outputdir, 'manifest.json'), 'w')