From b27bb44e6192f3e18505e01595c90837de2f5ef9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Vinot?= Date: Wed, 19 Mar 2014 19:10:36 +0100 Subject: [PATCH] initial commit --- .gitignore | 2 + README.md | 1 + pymisp/__init__.py | 0 pymisp/api.py | 111 +++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 114 insertions(+) create mode 100644 .gitignore create mode 100644 README.md create mode 100644 pymisp/__init__.py create mode 100644 pymisp/api.py diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..9845d9f --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +*.pyc +pymisp/apikey.py diff --git a/README.md b/README.md new file mode 100644 index 0000000..0269e91 --- /dev/null +++ b/README.md @@ -0,0 +1 @@ +Python API for MISP. Use the REST interface. diff --git a/pymisp/__init__.py b/pymisp/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/pymisp/api.py b/pymisp/api.py new file mode 100644 index 0000000..99f9460 --- /dev/null +++ b/pymisp/api.py @@ -0,0 +1,111 @@ +#!/usr/bin/env python +# -*- coding: utf-8 -*- + + +""" Python API for MISP """ + +import requests + +from apikey import key + +URL = 'https://misp.circl.lu/events' +URL_TMPL = URL + '/{}' +URL_XML_DOWNLOAD = URL + '/xml/download' +URL_XML_DOWNLOAD_TMPL = URL_XML_DOWNLOAD + '/{}' + + +def __prepare_session(): + """ + Prepare the headers of the session + """ + session = requests.Session() + session.headers.update({'Authorization': key, 'Accept': 'application/xml'}) + return session + +################ REST API ################ + +def get_index(): + """ + Return the index. + + Warning, there's a limit on the number of results + """ + session = __prepare_session() + return session.get(URL, verify=False) + +def get_event(event_id): + """ + Get an event + """ + session = __prepare_session() + return session.get(URL_TMPL.format(event_id), verify=False) + +def add_event(event): + """ + Add a new event + """ + session = __prepare_session() + return session.post(URL, data=event, verify=False) + +def update_event(event_id, event): + """ + Update an event + """ + session = __prepare_session() + return session.post(URL_TMPL.format(event_id), data=event, verify=False) + +def delete_event(event_id): + """ + Delete an event + """ + session = __prepare_session() + return session.delete(URL_TMPL.format(event_id), verify=False) + +########################################## + +############### XML Export ############### + +def download_all(): + """ + Download all event from the instance + """ + session = __prepare_session() + return session.get(URL_XML_DOWNLOAD, verify=False) + +def download(event_id): + """ + Download one event in XML + """ + session = __prepare_session() + return session.get(URL_XML_DOWNLOAD_TMPL.format(event_id), verify=False) + +######### REST Search ######### + +def __prepare_rest_search(values, not_values): + """ + Prepare a search + """ + to_return = '' + if values is not None: + to_return += '&&'.join(values) + if not_values is not None: + if len(to_return) > 0 : + to_return += '&&!' + else: + to_return += '!' + to_return += '&&!'.join(not_values) + return to_return + +URL_SEARCH_TMPL = 'https://misp.circl.lu/attributes/restSearch/download/{}/{}/{}/{}/{}' + + +def search(values=None, not_values=None, type_attribute=None, + category=None, org=None, tags=None, not_tags=None): + v = __prepare_rest_search(values, not_values).replace('/', '|') + t = __prepare_rest_search(tags, not_tags).replace(':', ';') + + session = __prepare_session() + return session.get(URL_SEARCH_TMPL.format(v, type_attribute, + category, org, t), verify=False) + +##########################################