From 87b5eb84bb59806ede9fc6fd93588e9ae51eef64 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?D=C3=A9borah=20Servili?= Date: Tue, 24 Jan 2017 15:31:50 +0100 Subject: [PATCH] exemple addtag (dirty) --- examples/addtag.py | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 examples/addtag.py diff --git a/examples/addtag.py b/examples/addtag.py new file mode 100644 index 0000000..7535c17 --- /dev/null +++ b/examples/addtag.py @@ -0,0 +1,36 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + +from pymisp import PyMISP +from keys import misp_url, misp_key, misp_verifycert +import argparse +import os +import json + + +def init(url, key): + return PyMISP(url, key, misp_verifycert, 'json') + + result = m.get_event(event) + +if __name__ == '__main__': + parser = argparse.ArgumentParser(description='Get an event from a MISP instance.') + parser.add_argument("-e", "--event", required=True, help="Event ID to get.") + parser.add_argument("-a", "--attribute", help="Attribute ID to modify. A little dirty for now, argument need to be included in event") + parser.add_argument("-t", "--tag", required=True, type=int, help="Attribute ID to modify.") + parser.add_argument("-m", "--modify_attribute", action='store_true', help="If set, the tag will be add to the attribute, otherwise to the event.") + + args = parser.parse_args() + + misp = init(misp_url, misp_key) + + event = misp.get_event(args.event) + if args.modify_attribute: + for temp in event['Event']['Attribute']: + if temp['id'] == args.attribute: + attribute = temp + break + + misp.add_tag(attribute, args.tag, True) + else: + misp.add_tag(event['Event'], args.tag)