mirror of https://github.com/MISP/PyMISP
chg: Update search examples
Raphaël Vinot
parent
9a6fea67c4
commit
7510914c30
|
|
@ -7,10 +7,10 @@
|
|||
"outputs": [],
|
||||
"source": [
|
||||
"# The URL of the MISP instance to connect to\n",
|
||||
"misp_url = 'http://127.0.0.1:8080'\n",
|
||||
"misp_url = 'https://127.0.0.1:8443'\n",
|
||||
"# Can be found in the MISP web interface under ||\n",
|
||||
"# http://+MISP_URL+/users/view/me -> Authkey\n",
|
||||
"misp_key = 'HRizIMmaxBOXAQSzKZ874rDWUsQEk4vGAGBoljQO'\n",
|
||||
"misp_key = 'd6OmdDFvU3Seau3UjwvHS1y3tFQbaRNhJhDX0tjh'\n",
|
||||
"# Should PyMISP verify the MISP certificate\n",
|
||||
"misp_verifycert = False"
|
||||
]
|
||||
|
|
@ -79,7 +79,7 @@
|
|||
"metadata": {},
|
||||
"outputs": [],
|
||||
"source": [
|
||||
"r = misp.search_index(published=False)\n",
|
||||
"r = misp.search(published=False, metadata=True)\n",
|
||||
"print(r)"
|
||||
]
|
||||
},
|
||||
|
|
@ -96,7 +96,16 @@
|
|||
"metadata": {},
|
||||
"outputs": [],
|
||||
"source": [
|
||||
"r = misp.search_index(eventid=[17217, 1717, 1721, 17218])"
|
||||
"r = misp.search(eventid=[1,2,3], metadata=True, pythonify=True)"
|
||||
]
|
||||
},
|
||||
{
|
||||
"cell_type": "code",
|
||||
"execution_count": null,
|
||||
"metadata": {},
|
||||
"outputs": [],
|
||||
"source": [
|
||||
"r"
|
||||
]
|
||||
},
|
||||
{
|
||||
|
|
@ -112,7 +121,7 @@
|
|||
"metadata": {},
|
||||
"outputs": [],
|
||||
"source": [
|
||||
"r = misp.search_index(tags=['tlp:white'], pythonify=True)\n",
|
||||
"r = misp.search(tags=['tlp:white'], metadata=True, pythonify=True)\n",
|
||||
"for e in r:\n",
|
||||
" print(e)"
|
||||
]
|
||||
|
|
@ -132,7 +141,7 @@
|
|||
"metadata": {},
|
||||
"outputs": [],
|
||||
"source": [
|
||||
"r = misp.search_index(tags='TODO:VT-ENRICHMENT', published=False)"
|
||||
"r = misp.search(tags='TODO:VT-ENRICHMENT', published=False)"
|
||||
]
|
||||
},
|
||||
{
|
||||
|
|
@ -141,7 +150,7 @@
|
|||
"metadata": {},
|
||||
"outputs": [],
|
||||
"source": [
|
||||
"r = misp.search_index(tags=['!TODO:VT-ENRICHMENT', 'tlp:white'], published=False) # ! means \"not this tag\""
|
||||
"r = misp.search(tags=['!TODO:VT-ENRICHMENT', 'tlp:white'], metadata=True, published=False) # ! means \"not this tag\""
|
||||
]
|
||||
},
|
||||
{
|
||||
|
|
@ -157,7 +166,7 @@
|
|||
"metadata": {},
|
||||
"outputs": [],
|
||||
"source": [
|
||||
"r = misp.search_index(eventinfo='circl')"
|
||||
"r = misp.search(eventinfo='circl', metadata=True)"
|
||||
]
|
||||
},
|
||||
{
|
||||
|
|
@ -173,7 +182,7 @@
|
|||
"metadata": {},
|
||||
"outputs": [],
|
||||
"source": [
|
||||
"r = misp.search_index(org='CIRCL')"
|
||||
"r = misp.search(org='CIRCL', metadata=True)"
|
||||
]
|
||||
},
|
||||
{
|
||||
|
|
@ -189,7 +198,7 @@
|
|||
"metadata": {},
|
||||
"outputs": [],
|
||||
"source": [
|
||||
"r = misp.search_index(timestamp='1h')"
|
||||
"r = misp.search(timestamp='1h', metadata=True)"
|
||||
]
|
||||
},
|
||||
{
|
||||
|
|
@ -561,6 +570,13 @@
|
|||
"for l in logs:\n",
|
||||
" print(l.title)"
|
||||
]
|
||||
},
|
||||
{
|
||||
"cell_type": "code",
|
||||
"execution_count": null,
|
||||
"metadata": {},
|
||||
"outputs": [],
|
||||
"source": []
|
||||
}
|
||||
],
|
||||
"metadata": {
|
||||
|
|
|
|||
Loading…
Reference in New Issue