chg: Bump examples to python3

examples/add_email_object.py

@@ -1,7 +1,7 @@
 #!/usr/bin/env python3
 # -*- coding: utf-8 -*-
 
-from pymisp import PyMISP
+from pymisp import ExpandedPyMISP
 from pymisp.tools import EMailObject
 import traceback
 from keys import misp_url, misp_key, misp_verifycert
@@ -15,17 +15,16 @@ if __name__ == '__main__':
     parser.add_argument("-p", "--path", required=True, help="Path to process (expanded using glob).")
     args = parser.parse_args()
 
-    pymisp = PyMISP(misp_url, misp_key, misp_verifycert, debug=True)
+    pymisp = ExpandedPyMISP(misp_url, misp_key, misp_verifycert, debug=True)
 
     for f in glob.glob(args.path):
         try:
             eo = EMailObject(f)
-        except Exception as e:
+        except Exception:
             traceback.print_exc()
             continue
 
         if eo:
-            template_id = pymisp.get_object_template_id(eo.template_uuid)
+            response = pymisp.add_object(args.event, eo)
-            response = pymisp.add_object(args.event, template_id, eo)
             for ref in eo.ObjectReference:
                 r = pymisp.add_object_reference(ref)

examples/add_fail2ban_object.py

@@ -1,7 +1,7 @@
 #!/usr/bin/env python3
 # -*- coding: utf-8 -*-
 
-from pymisp import PyMISP, MISPEvent
+from pymisp import ExpandedPyMISP, MISPEvent
 from pymisp.tools import Fail2BanObject
 import argparse
 from base64 import b64decode
@@ -43,23 +43,23 @@ if __name__ == '__main__':
     parser.add_argument("-d", "--disable_new", action='store_true', default=False, help="Do not create a new Event.")
     args = parser.parse_args()
 
-    pymisp = PyMISP(misp_url, misp_key, misp_verifycert, debug=True)
+    pymisp = ExpandedPyMISP(misp_url, misp_key, misp_verifycert, debug=True)
     event_id = -1
     me = None
     if args.force_new:
         me = create_new_event()
     else:
-        response = pymisp.search_index(tag=args.tag, timestamp='1h')
+        response = pymisp.search_index(tag=args.tag, timestamp='1h', pythonify=True)
-        if response['response']:
+        if response:
             if args.disable_new:
-                event_id = response['response'][0]['id']
+                event_id = response[0].id
             else:
-                last_event_date = parse(response['response'][0]['date']).date()
+                last_event_date = parse(response[0].date).date()
-                nb_attr = response['response'][0]['attribute_count']
+                nb_attr = response[0].attribute_count
                 if last_event_date < date.today() or int(nb_attr) > 1000:
                     me = create_new_event()
                 else:
-                    event_id = response['response'][0]['id']
+                    event_id = response[0].id
         else:
             me = create_new_event()
 
@@ -83,5 +83,4 @@ if __name__ == '__main__':
         me.add_object(f2b)
         pymisp.add_event(me)
     elif event_id:
-        template_id = pymisp.get_object_template_id(f2b.template_uuid)
+        a = pymisp.add_object(event_id, f2b)
-        a = pymisp.add_object(event_id, template_id, f2b)

examples/add_feed.py

@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 # -*- coding: utf-8 -*-
 
-from pymisp import PyMISP
+from pymisp import ExpandedPyMISP, MISPFeed
 from keys import misp_url, misp_key, misp_verifycert
 import argparse
 
@@ -14,6 +14,12 @@ if __name__ == '__main__':
     parser.add_argument("-p", "--provider", required=True, help="Provider name")
     args = parser.parse_args()
 
-    pm = PyMISP(misp_url, misp_key, misp_verifycert, debug=True)
+    pm = ExpandedPyMISP(misp_url, misp_key, misp_verifycert, debug=True)
-    response = pm.add_feed(args.format, args.url, args.name, args.input, args.provider)
+    feed = MISPFeed()
-    print(response)
+    feed.format = args.format
+    feed.url = args.url
+    feed.name = args.name
+    feed.input = args.input
+    feed.provider = args.provider
+    response = pm.add_feed(feed, pythonify=True)
+    print(response.to_json())

examples/add_file_object.py

@@ -1,7 +1,7 @@
 #!/usr/bin/env python3
 # -*- coding: utf-8 -*-
 
-from pymisp import PyMISP
+from pymisp import ExpandedPyMISP
 from pymisp.tools import make_binary_objects
 import traceback
 from keys import misp_url, misp_key, misp_verifycert
@@ -14,28 +14,25 @@ if __name__ == '__main__':
     parser.add_argument("-p", "--path", required=True, help="Path to process (expanded using glob).")
     args = parser.parse_args()
 
-    pymisp = PyMISP(misp_url, misp_key, misp_verifycert)
+    pymisp = ExpandedPyMISP(misp_url, misp_key, misp_verifycert)
 
     for f in glob.glob(args.path):
         try:
             fo, peo, seos = make_binary_objects(f)
-        except Exception as e:
+        except Exception:
             traceback.print_exc()
             continue
 
         if seos:
             for s in seos:
-                template_id = pymisp.get_object_template_id(s.template_uuid)
+                r = pymisp.add_object(args.event, s)
-                r = pymisp.add_object(args.event, template_id, s)
 
         if peo:
-            template_id = pymisp.get_object_template_id(peo.template_uuid)
+            r = pymisp.add_object(args.event, peo)
-            r = pymisp.add_object(args.event, template_id, peo)
             for ref in peo.ObjectReference:
                 r = pymisp.add_object_reference(ref)
 
         if fo:
-            template_id = pymisp.get_object_template_id(fo.template_uuid)
+            response = pymisp.add_object(args.event, fo)
-            response = pymisp.add_object(args.event, template_id, fo)
             for ref in fo.ObjectReference:
                 r = pymisp.add_object_reference(ref)

examples/add_generic_object.py

@@ -2,7 +2,7 @@
 # -*- coding: utf-8 -*-
 
 import json
-from pymisp import PyMISP
+from pymisp import ExpandedPyMISP
 from pymisp.tools import GenericObjectGenerator
 from keys import misp_url, misp_key, misp_verifycert
 import argparse
@@ -19,21 +19,8 @@ if __name__ == '__main__':
     parser.add_argument("-l", "--attr_list", required=True, help="List of attributes")
     args = parser.parse_args()
 
-    pymisp = PyMISP(misp_url, misp_key, misp_verifycert)
+    pymisp = ExpandedPyMISP(misp_url, misp_key, misp_verifycert)
-    template = pymisp.get_object_templates_list()
-    if 'response' in template.keys():
-        template = template['response']
-    try:
-        template_ids = [x['ObjectTemplate']['id'] for x in template if x['ObjectTemplate']['name'] == args.type]
-        if len(template_ids) > 0:
-            template_id = template_ids[0]
-        else:
-            raise IndexError
-    except IndexError:
-        valid_types = ", ".join([x['ObjectTemplate']['name'] for x in template])
-        print ("Template for type %s not found! Valid types are: %s" % (args.type, valid_types))
-        exit()
 
     misp_object = GenericObjectGenerator(args.type.replace("|", "-"))
     misp_object.generate_attributes(json.loads(args.attr_list))
-    r = pymisp.add_object(args.event, template_id, misp_object)
+    r = pymisp.add_object(args.event, misp_object)

examples/add_named_attribute.py

@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 # -*- coding: utf-8 -*-
 
-from pymisp import PyMISP
+from pymisp import ExpandedPyMISP
 from keys import misp_url, misp_key, misp_verifycert
 import argparse
 
@@ -12,9 +12,6 @@ except NameError:
     pass
 
 
-def init(url, key):
-    return PyMISP(url, key, misp_verifycert, 'json', debug=True)
-
 if __name__ == '__main__':
     parser = argparse.ArgumentParser(description='Add an attribute to an event')
     parser.add_argument("-e", "--event", help="The id, uuid or json of the event to update.")
@@ -22,7 +19,7 @@ if __name__ == '__main__':
     parser.add_argument("-v", "--value", help="The value of the attribute")
     args = parser.parse_args()
 
-    misp = init(misp_url, misp_key)
+    misp = ExpandedPyMISP(misp_url, misp_key, misp_verifycert)
 
-    event = misp.add_named_attribute(args.event, args.type, args.value)
+    event = misp.add_attribute(args.event, {'type': args.type, 'value': args.value}, pythonify=True)
     print(event)

examples/add_ssh_authorized_keys.py

@@ -1,7 +1,7 @@
 #!/usr/bin/env python3
 # -*- coding: utf-8 -*-
 
-from pymisp import PyMISP
+from pymisp import ExpandedPyMISP
 from pymisp.tools import SSHAuthorizedKeysObject
 import traceback
 from keys import misp_url, misp_key, misp_verifycert
@@ -15,7 +15,7 @@ if __name__ == '__main__':
     parser.add_argument("-p", "--path", required=True, help="Path to process (expanded using glob).")
     args = parser.parse_args()
 
-    pymisp = PyMISP(misp_url, misp_key, misp_verifycert, debug=True)
+    pymisp = ExpandedPyMISP(misp_url, misp_key, misp_verifycert, debug=True)
 
     for f in glob.glob(args.path):
         try:
@@ -24,7 +24,6 @@ if __name__ == '__main__':
             traceback.print_exc()
             continue
 
-        template_id = pymisp.get_object_template_id(auth_keys.template_uuid)
+        response = pymisp.add_object(args.event, auth_keys)
-        response = pymisp.add_object(args.event, template_id, auth_keys)
         for ref in auth_keys.ObjectReference:
             r = pymisp.add_object_reference(ref)

examples/add_user.py

@@ -1,20 +1,10 @@
 #!/usr/bin/env python
 # -*- coding: utf-8 -*-
 
-from pymisp import PyMISP
+from pymisp import ExpandedPyMISP, MISPUser
 from keys import misp_url, misp_key, misp_verifycert
 import argparse
 
-# For python2 & 3 compat, a bit dirty, but it seems to be the least bad one
-try:
-    input = raw_input
-except NameError:
-    pass
-
-
-def init(url, key):
-    return PyMISP(url, key, misp_verifycert, 'json')
-
 if __name__ == '__main__':
     parser = argparse.ArgumentParser(description='Add a new user by setting the mandory fields.')
     parser.add_argument("-e", "--email", required=True, help="Email linked to the account.")
@@ -22,6 +12,11 @@ if __name__ == '__main__':
     parser.add_argument("-r", "--role_id", required=True, help="Role linked to the user.")
     args = parser.parse_args()
 
-    misp = init(misp_url, misp_key)
+    misp = ExpandedPyMISP(misp_url, misp_key, misp_verifycert, 'json')
 
-    print (misp.add_user(args.email, args.org_id, args.role_id))
+    user = MISPUser()
+    user.email = args.email
+    user.org_id = args.org_id
+    user.role_id = args.role_id
+
+    print(misp.add_user(user, pythonify=True))

examples/cache_all.py

@@ -2,13 +2,9 @@
 # -*- coding: utf-8 -*-
 
 from keys import misp_url, misp_key, misp_verifycert
-from pymisp import PyMISP
+from pymisp import ExpandedPyMISP
-
-
-def init(url, key):
-    return PyMISP(url, key, misp_verifycert, 'json')
 
 
 if __name__ == '__main__':
-    misp = init(misp_url, misp_key)
+    misp = ExpandedPyMISP(misp_url, misp_key, misp_verifycert)
     misp.cache_all_feeds()

examples/create_events.py

@@ -1,19 +1,10 @@
 #!/usr/bin/env python
 # -*- coding: utf-8 -*-
 
-from pymisp import PyMISP
+from pymisp import ExpandedPyMISP, MISPEvent
 from keys import misp_url, misp_key, misp_verifycert
 import argparse
 
-# For python2 & 3 compat, a bit dirty, but it seems to be the least bad one
-try:
-    input = raw_input
-except NameError:
-    pass
-
-
-def init(url, key):
-    return PyMISP(url, key, misp_verifycert, 'json', debug=True)
 
 if __name__ == '__main__':
     parser = argparse.ArgumentParser(description='Create an event on MISP.')
@@ -23,7 +14,13 @@ if __name__ == '__main__':
     parser.add_argument("-t", "--threat", type=int, help="The threat level ID of the newly created event, if applicable. [1-4]")
     args = parser.parse_args()
 
-    misp = init(misp_url, misp_key)
+    misp = ExpandedPyMISP(misp_url, misp_key, misp_verifycert)
 
-    event = misp.new_event(args.distrib, args.threat, args.analysis, args.info)
+    event = MISPEvent()
+    event.distribution = args.distrib
+    event.threat_level_id = args.threat
+    event.analysis = args.analysis
+    event.info = args.info
+
+    event = misp.add_event(event, pythonify=True)
     print(event)

examples/del.py

@@ -1,26 +1,11 @@
 #!/usr/bin/env python
 # -*- coding: utf-8 -*-
 
-from pymisp import PyMISP
+from pymisp import ExpandedPyMISP
-from keys import misp_url, misp_key,misp_verifycert
+from keys import misp_url, misp_key, misp_verifycert
 import argparse
 
 
-# Usage for pipe masters: ./last.py -l 5h | jq .
-
-
-def init(url, key):
-    return PyMISP(url, key, misp_verifycert, 'json', debug=True)
-
-
-def del_event(m, eventid):
-    result = m.delete_event(eventid)
-    print(result)
-
-def del_attr(m, attrid):
-    result = m.delete_attribute(attrid)
-    print(result)
-
 if __name__ == '__main__':
     parser = argparse.ArgumentParser(description='Delete an event from a MISP instance.')
     parser.add_argument("-e", "--event", help="Event ID to delete.")
@@ -28,9 +13,10 @@ if __name__ == '__main__':
 
     args = parser.parse_args()
 
-    misp = init(misp_url, misp_key)
+    misp = ExpandedPyMISP(misp_url, misp_key, misp_verifycert)
 
     if args.event:
-        del_event(misp, args.event)
+        result = misp.delete_event(args.event)
     else:
-        del_attr(misp, args.attribute)
+        result = misp.delete_attribute(args.attribute)
+    print(result)

examples/delete_user.py

@@ -1,25 +1,16 @@
 #!/usr/bin/env python
 # -*- coding: utf-8 -*-
 
-from pymisp import PyMISP
+from pymisp import ExpandedPyMISP
 from keys import misp_url, misp_key, misp_verifycert
 import argparse
 
-# For python2 & 3 compat, a bit dirty, but it seems to be the least bad one
-try:
-    input = raw_input
-except NameError:
-    pass
-
-
-def init(url, key):
-    return PyMISP(url, key, misp_verifycert, 'json')
 
 if __name__ == '__main__':
     parser = argparse.ArgumentParser(description='Delete the user with the given id. Keep in mind that disabling users (by setting the disabled flag via an edit) is always prefered to keep user associations to events intact.')
     parser.add_argument("-i", "--user_id", help="The id of the user you want to delete.")
     args = parser.parse_args()
 
-    misp = init(misp_url, misp_key)
+    misp = ExpandedPyMISP(misp_url, misp_key, misp_verifycert)
 
     print(misp.delete_user(args.user_id))

examples/edit_organisation.py

@@ -1,26 +1,20 @@
 #!/usr/bin/env python
 # -*- coding: utf-8 -*-
 
-from pymisp import PyMISP
+from pymisp import ExpandedPyMISP, MISPOrganisation
 from keys import misp_url, misp_key, misp_verifycert
 import argparse
 
-# For python2 & 3 compat, a bit dirty, but it seems to be the least bad one
-try:
-    input = raw_input
-except NameError:
-    pass
-
-
-def init(url, key):
-    return PyMISP(url, key, misp_verifycert, 'json')
-
 if __name__ == '__main__':
     parser = argparse.ArgumentParser(description='Edit the email of the organisation designed by the organisation_id.')
     parser.add_argument("-i", "--organisation_id", required=True, help="The name of the json file describing the organisation you want to modify.")
     parser.add_argument("-e", "--email", help="Email linked to the organisation.")
     args = parser.parse_args()
 
-    misp = init(misp_url, misp_key)
+    misp = ExpandedPyMISP(misp_url, misp_key, misp_verifycert)
 
-    print(misp.edit_organisation(args.organisation_id, email=args.email))
+    org = MISPOrganisation()
+    org.id = args.organisation_id
+    org.email = args.email
+
+    print(misp.update_organisation(org, pythonify=True))

examples/edit_user.py

@@ -1,19 +1,10 @@
 #!/usr/bin/env python
 # -*- coding: utf-8 -*-
 
-from pymisp import PyMISP
+from pymisp import ExpandedPyMISP, MISPUser
 from keys import misp_url, misp_key, misp_verifycert
 import argparse
 
-# For python2 & 3 compat, a bit dirty, but it seems to be the least bad one
-try:
-    input = raw_input
-except NameError:
-    pass
-
-
-def init(url, key):
-    return PyMISP(url, key, misp_verifycert, 'json')
 
 if __name__ == '__main__':
     parser = argparse.ArgumentParser(description='Edit the email of the user designed by the user_id.')
@@ -21,6 +12,9 @@ if __name__ == '__main__':
     parser.add_argument("-e", "--email", help="Email linked to the account.")
     args = parser.parse_args()
 
-    misp = init(misp_url, misp_key)
+    misp = ExpandedPyMISP(misp_url, misp_key, misp_verifycert)
+    user = MISPUser
+    user.id = args.user_id
+    user.email = args.email
 
-    print(misp.edit_user(args.user_id, email=args.email))
+    print(misp.edit_user(user, pythonify=True))

examples/fetch_events_feed.py

@@ -3,16 +3,7 @@
 
 from keys import misp_url, misp_key, misp_verifycert
 import argparse
-from pymisp import PyMISP
+from pymisp import ExpandedPyMISP
-
-# For python2 & 3 compat, a bit dirty, but it seems to be the least bad one
-try:
-    input = raw_input
-except NameError:
-    pass
-    
-def init(url, key):
-    return PyMISP(url, key, misp_verifycert, 'json', debug=False)
 
 
 if __name__ == '__main__':
@@ -20,5 +11,5 @@ if __name__ == '__main__':
     parser.add_argument("-f", "--feed", required=True, help="feed's ID to be fetched.")
     args = parser.parse_args()
 
-    misp = init(misp_url, misp_key)
+    misp = ExpandedPyMISP(misp_url, misp_key, misp_verifycert)
     misp.fetch_feed(args.feed)

examples/freetext.py

@@ -1,7 +1,7 @@
 #!/usr/bin/env python
 # -*- coding: utf-8 -*-
 
-from pymisp import PyMISP
+from pymisp import ExpandedPyMISP
 from keys import misp_url, misp_key, misp_verifycert
 import argparse
 

examples/get.py

@@ -1,15 +1,12 @@
 #!/usr/bin/env python
 # -*- coding: utf-8 -*-
 
-from pymisp import PyMISP
+from pymisp import ExpandedPyMISP
 from keys import misp_url, misp_key, misp_verifycert
 import argparse
 import os
-import json
 
 
-# Usage for pipe masters: ./last.py -l 5h | jq .
-
 proxies = {
     'http': 'http://127.0.0.1:8123',
     'https': 'http://127.0.0.1:8123',
@@ -18,18 +15,6 @@ proxies = {
 proxies = None
 
 
-def init(url, key):
-    return PyMISP(url, key, misp_verifycert, 'json', proxies=proxies)
-
-
-def get_event(m, event, out=None):
-    result = m.get_event(event)
-    if out is None:
-        print(json.dumps(result) + '\n')
-    else:
-        with open(out, 'w') as f:
-            f.write(json.dumps(result) + '\n')
-
 if __name__ == '__main__':
 
     parser = argparse.ArgumentParser(description='Get an event from a MISP instance.')
@@ -42,6 +27,11 @@ if __name__ == '__main__':
         print('Output file already exists, abort.')
         exit(0)
 
-    misp = init(misp_url, misp_key)
+    misp = ExpandedPyMISP(misp_url, misp_key, misp_verifycert, proxies=proxies)
 
-    get_event(misp, args.event, args.output)
+    event = misp.get_event(args.event, pythonify=True)
+    if args.output:
+        with open(args.output, 'w') as f:
+            f.write(event.to_json())
+    else:
+        print(event.to_json())

examples/last.py

@@ -1,32 +1,15 @@
 #!/usr/bin/env python
 # -*- coding: utf-8 -*-
 
-from pymisp import PyMISP
+from pymisp import ExpandedPyMISP
 from keys import misp_url, misp_key, misp_verifycert
 import argparse
 import os
-import json
 
 
 # Usage for pipe masters: ./last.py -l 5h | jq .
 # Usage in case of large data set and pivoting page by page: python3 last.py  -l 48h  -m 10 -p 2  | jq .[].Event.info
 
-def init(url, key):
-    return PyMISP(url, key, misp_verifycert, 'json')
-
-
-def download_last(m, last, limit='10', page='1', out=None):
-    result = m.search(last=last, limit=limit, page=page)
-    if out is None:
-        if 'response' in result:
-            print(json.dumps(result['response']))
-        else:
-            print('No results for that time period')
-            exit(0)
-    else:
-        with open(out, 'w') as f:
-            f.write(json.dumps(result['response']))
-
 if __name__ == '__main__':
     parser = argparse.ArgumentParser(description='Download latest events from a MISP instance.')
     parser.add_argument("-l", "--last", required=True, help="can be defined in days, hours, minutes (for example 5d or 12h or 30m).")
@@ -40,6 +23,17 @@ if __name__ == '__main__':
         print('Output file already exists, aborted.')
         exit(0)
 
-    misp = init(misp_url, misp_key)
+    misp = ExpandedPyMISP(misp_url, misp_key, misp_verifycert)
+    result = misp.search(publish_timestamp=args.last, limit=args.limit, page=args.page, pythonify=True)
 
-    download_last(misp, args.last, limit=args.limit, page=args.page, out=args.output)
+    if not result:
+        print('No results for that time period')
+        exit(0)
+
+    if args.output:
+        with open(args.output, 'w') as f:
+            for r in result:
+                f.write(r.to_json() + '\n')
+    else:
+        for r in result:
+            print(r.to_json())

examples/sharing_groups.py

@@ -1,25 +1,15 @@
 #!/usr/bin/env python
 # -*- coding: utf-8 -*-
 
-from pymisp import PyMISP
+from pymisp import ExpandedPyMISP
 from keys import misp_url, misp_key, misp_verifycert
 import argparse
 
-# For python2 & 3 compat, a bit dirty, but it seems to be the least bad one
-try:
-    input = raw_input
-except NameError:
-    pass
-
-
-def init(url, key):
-    return PyMISP(url, key, misp_verifycert, 'json')
 
 if __name__ == '__main__':
     parser = argparse.ArgumentParser(description='Get a list of the sharing groups from the MISP instance.')
 
-    misp = init(misp_url, misp_key)
+    misp = ExpandedPyMISP(misp_url, misp_key, misp_verifycert)
-
-    sharing_groups = misp.get_sharing_groups()
-    print (sharing_groups)
 
+    sharing_groups = misp.sharing_groups(pythonify=True)
+    print(sharing_groups)

examples/stats.py

@@ -1,19 +1,16 @@
 #!/usr/bin/env python
 # -*- coding: utf-8 -*-
 
-from pymisp import PyMISP
+from pymisp import ExpandedPyMISP
 from keys import misp_url, misp_key, misp_verifycert
 import argparse
 
 
-def init(url, key):
-    return PyMISP(url, key, misp_verifycert, 'json')
-
 if __name__ == '__main__':
     parser = argparse.ArgumentParser(description='Output attributes statistics from a MISP instance.')
     args = parser.parse_args()
 
-    misp = init(misp_url, misp_key)
+    misp = ExpandedPyMISP(misp_url, misp_key, misp_verifycert)
 
-    print (misp.get_attributes_statistics(misp, percentage=True))
+    print(misp.get_attributes_statistics(misp, percentage=True))
-    print (misp.get_attributes_statistics(context='category', percentage=True))
+    print(misp.get_attributes_statistics(context='category', percentage=True))

examples/tags.py

@@ -1,16 +1,12 @@
 #!/usr/bin/env python
 # -*- coding: utf-8 -*-
 
-from pymisp import PyMISP
+from pymisp import ExpandedPyMISP
 from keys import misp_url, misp_key, misp_verifycert
 import argparse
 import json
 
 
-def init(url, key):
-    return PyMISP(url, key, misp_verifycert, 'json', True)
-
-
 def get_tags(m):
     result = m.get_all_tags(True)
     r = result
@@ -22,6 +18,8 @@ if __name__ == '__main__':
 
     args = parser.parse_args()
 
-    misp = init(misp_url, misp_key)
+    misp = ExpandedPyMISP(misp_url, misp_key, misp_verifycert)
 
-    get_tags(misp)
+    tags = misp.tags(pythonify=True)
+    for tag in tags:
+        print(tag.to_json())

examples/tagstatistics.py

@@ -1,28 +1,18 @@
 #!/usr/bin/env python
 # -*- coding: utf-8 -*-
 
-from pymisp import PyMISP
+from pymisp import ExpandedPyMISP
 from keys import misp_url, misp_key, misp_verifycert
 import argparse
 import json
 
-# For python2 & 3 compat, a bit dirty, but it seems to be the least bad one
-try:
-    input = raw_input
-except NameError:
-    pass
-
-
-def init(url, key):
-    return PyMISP(url, key, misp_verifycert, 'json')
-
 if __name__ == '__main__':
     parser = argparse.ArgumentParser(description='Get statistics from tags.')
     parser.add_argument("-p", "--percentage", action='store_true', default=None, help="An optional field, if set, it will return the results in percentages, otherwise it returns exact count.")
     parser.add_argument("-n", "--namesort", action='store_true', default=None, help="An optional field, if set, values are sort by the namespace, otherwise the sorting will happen on the value.")
     args = parser.parse_args()
 
-    misp = init(misp_url, misp_key)
+    misp = ExpandedPyMISP(misp_url, misp_key, misp_verifycert)
 
     stats = misp.get_tags_statistics(args.percentage, args.namesort)
     print(json.dumps(stats))

examples/up.py

@@ -1,19 +1,10 @@
 #!/usr/bin/env python
 # -*- coding: utf-8 -*-
 
-from pymisp import PyMISP
+from pymisp import ExpandedPyMISP, MISPEvent
 from keys import misp_url, misp_key, misp_verifycert
 import argparse
 
-from io import open
-
-def init(url, key):
-    return PyMISP(url, key, misp_verifycert, 'json', debug=True)
-
-def up_event(m, event, content):
-    with open(content, 'r') as f:
-        result = m.update_event(event, f.read())
-    print(result)
 
 if __name__ == '__main__':
     parser = argparse.ArgumentParser(description="Update a MISP event.")
@@ -22,6 +13,9 @@ if __name__ == '__main__':
 
     args = parser.parse_args()
 
-    misp = init(misp_url, misp_key)
+    misp = ExpandedPyMISP(misp_url, misp_key, misp_verifycert)
 
-    up_event(misp, args.event, args.input)
+    me = MISPEvent()
+    me.load_file(args.input)
+
+    result = misp.update_event(args.event, me)

examples/users_list.py

@@ -1,24 +1,15 @@
 #!/usr/bin/env python
 # -*- coding: utf-8 -*-
 
-from pymisp import PyMISP
+from pymisp import ExpandedPyMISP
 from keys import misp_url, misp_key, misp_verifycert
 import argparse
 
-# For python2 & 3 compat, a bit dirty, but it seems to be the least bad one
-try:
-    input = raw_input
-except NameError:
-    pass
-
-
-def init(url, key):
-    return PyMISP(url, key, misp_verifycert, 'json')
 
 if __name__ == '__main__':
     parser = argparse.ArgumentParser(description='Get a list of the sharing groups from the MISP instance.')
 
-    misp = init(misp_url, misp_key)
+    misp = ExpandedPyMISP(misp_url, misp_key, misp_verifycert)
 
-    users_list = misp.get_users_list()
+    users_list = misp.users(pythonify=True)
-    print (users_list)
+    print(users_list)