MISP
/
PyMISP
mirror of https://github.com/MISP/PyMISP
2
0
Fork 0
Code Issues Releases Wiki Activity

Use sane_defaults from describeTypes.json if unable to fetch it from the instance.

pull/34/head
Raphaël Vinot 2016-10-10 12:24:17 +02:00
parent 8817674dd0
commit 78919272ab
2 changed files with 728 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
pymisp/api.py
View File

@ -102,21 +102,24 @@ class PyMISP(object):
except Exception as e: except Exception as e:
raise PyMISPError('Unable to connect to MISP ({}). Please make sure the API key and the URL are correct (http/https is required): {}'.format(self.root_url, e)) raise PyMISPError('Unable to connect to MISP ({}). Please make sure the API key and the URL are correct (http/https is required): {}'.format(self.root_url, e))
session = self.__prepare_session() try:
response = session.get(urljoin(self.root_url, 'attributes/describeTypes.json')) session = self.__prepare_session()
self.describe_types = self._check_response(response) response = session.get(urljoin(self.root_url, 'attributes/describeTypes.json'))
if self.describe_types.get('error'): describe_types = self._check_response(response)
for e in self.describe_types.get('error'): if describe_types.get('error'):
raise PyMISPError('Failed: {}'.format(e)) for e in describe_types.get('error'):
raise PyMISPError('Failed: {}'.format(e))
self.describe_types = describe_types['result']
if not self.describe_types.get('sane_defaults'):
raise PyMISPError('The MISP server your are trying to reach is outdated (<2.4.52). Please use PyMISP v2.4.51.1 (pip install -I PyMISP==v2.4.51.1) and/or contact your administrator.')
except:
describe_types = json.load(open(os.path.join(self.ressources_path, 'describeTypes.json'), 'r'))
self.describe_types = describe_types['result']
self.categories = self.describe_types['result']['categories'] self.categories = self.describe_types['categories']
self.types = self.describe_types['result']['types'] self.types = self.describe_types['types']
self.category_type_mapping = self.describe_types['result']['category_type_mappings'] self.category_type_mapping = self.describe_types['category_type_mappings']
if self.describe_types['result'].get('sane_defaults'): self.sane_default = self.describe_types['sane_defaults']
# New in 2.5.52
self.sane_default = self.describe_types['result']['sane_defaults']
else:
raise PyMISPError('The MISP server your are trying to reach is outdated (<2.4.52). Please use PyMISP v2.4.51.1 (pip install -I PyMISP==v2.4.51.1) and/or contact your administrator.')
def __prepare_session(self, output='json'): def __prepare_session(self, output='json'):
""" """
@ -291,7 +294,7 @@ class PyMISP(object):
# ############################################## # ##############################################
def _prepare_full_event(self, distribution, threat_level_id, analysis, info, date=None, published=False): def _prepare_full_event(self, distribution, threat_level_id, analysis, info, date=None, published=False):
misp_event = MISPEvent(self.describe_types['result']) misp_event = MISPEvent(self.describe_types)
misp_event.set_all_values(info=info, distribution=distribution, threat_level_id=threat_level_id, misp_event.set_all_values(info=info, distribution=distribution, threat_level_id=threat_level_id,
analysis=analysis, date=date) analysis=analysis, date=date)
if published: if published:
@ -299,7 +302,7 @@ class PyMISP(object):
return misp_event return misp_event
def _prepare_full_attribute(self, category, type_value, value, to_ids, comment=None, distribution=5): def _prepare_full_attribute(self, category, type_value, value, to_ids, comment=None, distribution=5):
misp_attribute = MISPAttribute(self.describe_types['result']) misp_attribute = MISPAttribute(self.describe_types)
misp_attribute.set_all_values(type=type_value, value=value, category=category, misp_attribute.set_all_values(type=type_value, value=value, category=category,
to_ids=to_ids, comment=comment, distribution=distribution) to_ids=to_ids, comment=comment, distribution=distribution)
return misp_attribute return misp_attribute
@ -323,13 +326,13 @@ class PyMISP(object):
def publish(self, event): def publish(self, event):
if event['Event']['published']: if event['Event']['published']:
return {'error': 'Already published'} return {'error': 'Already published'}
e = MISPEvent(self.describe_types['result']) e = MISPEvent(self.describe_types)
e.load(event) e.load(event)
e.publish() e.publish()
return self.update_event(event['Event']['id'], json.dumps(e, cls=EncodeUpdate)) return self.update_event(event['Event']['id'], json.dumps(e, cls=EncodeUpdate))
def change_threat_level(self, event, threat_level_id): def change_threat_level(self, event, threat_level_id):
e = MISPEvent(self.describe_types['result']) e = MISPEvent(self.describe_types)
e.load(event) e.load(event)
e.threat_level_id = threat_level_id e.threat_level_id = threat_level_id
return self.update_event(event['Event']['id'], json.dumps(e, cls=EncodeUpdate)) return self.update_event(event['Event']['id'], json.dumps(e, cls=EncodeUpdate))
@ -356,7 +359,7 @@ class PyMISP(object):
if proposal: if proposal:
response = self.proposal_add(event['Event']['id'], attributes) response = self.proposal_add(event['Event']['id'], attributes)
else: else:
e = MISPEvent(self.describe_types['result']) e = MISPEvent(self.describe_types)
e.load(event) e.load(event)
e.attributes += attributes e.attributes += attributes
response = self.update_event(event['Event']['id'], json.dumps(e, cls=EncodeUpdate)) response = self.update_event(event['Event']['id'], json.dumps(e, cls=EncodeUpdate))

707
pymisp/data/describeTypes.json
View File

File diff suppressed because one or more lines are too long