mirror of https://github.com/MISP/PyMISP
align examples on custom usage of misp_verifycert
parent
cb2dbbd481
commit
bcb963da64
|
@ -2,7 +2,7 @@
|
||||||
# -*- coding: utf-8 -*-
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
from pymisp import PyMISP
|
from pymisp import PyMISP
|
||||||
from keys import misp_url, misp_key
|
from keys import misp_url, misp_key, misp_verifycert
|
||||||
import argparse
|
import argparse
|
||||||
|
|
||||||
# For python2 & 3 compat, a bit dirty, but it seems to be the least bad one
|
# For python2 & 3 compat, a bit dirty, but it seems to be the least bad one
|
||||||
|
@ -13,7 +13,7 @@ except NameError:
|
||||||
|
|
||||||
|
|
||||||
def init(url, key):
|
def init(url, key):
|
||||||
return PyMISP(url, key, True, 'json', debug=True)
|
return PyMISP(url, key, misp_verifycert, 'json', debug=True)
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
parser = argparse.ArgumentParser(description='Add an attribute to an event')
|
parser = argparse.ArgumentParser(description='Add an attribute to an event')
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
# -*- coding: utf-8 -*-
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
from pymisp import PyMISP
|
from pymisp import PyMISP
|
||||||
from keys import misp_url, misp_key
|
from keys import misp_url, misp_key, misp_verifycert
|
||||||
import argparse
|
import argparse
|
||||||
|
|
||||||
# For python2 & 3 compat, a bit dirty, but it seems to be the least bad one
|
# For python2 & 3 compat, a bit dirty, but it seems to be the least bad one
|
||||||
|
@ -13,7 +13,7 @@ except NameError:
|
||||||
|
|
||||||
|
|
||||||
def init(url, key):
|
def init(url, key):
|
||||||
return PyMISP(url, key, True, 'json')
|
return PyMISP(url, key, misp_verifycert, 'json')
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
parser = argparse.ArgumentParser(description='Add a new user by setting the mandory fields.')
|
parser = argparse.ArgumentParser(description='Add a new user by setting the mandory fields.')
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
# -*- coding: utf-8 -*-
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
from pymisp import PyMISP
|
from pymisp import PyMISP
|
||||||
from keys import misp_url, misp_key
|
from keys import misp_url, misp_key, misp_verifycert
|
||||||
import argparse
|
import argparse
|
||||||
|
|
||||||
# For python2 & 3 compat, a bit dirty, but it seems to be the least bad one
|
# For python2 & 3 compat, a bit dirty, but it seems to be the least bad one
|
||||||
|
@ -13,7 +13,7 @@ except NameError:
|
||||||
|
|
||||||
|
|
||||||
def init(url, key):
|
def init(url, key):
|
||||||
return PyMISP(url, key, True, 'json')
|
return PyMISP(url, key, misp_verifycert, 'json')
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
parser = argparse.ArgumentParser(description='Add the user described in the given json. If no file is provided, returns a json listing all the fields used to describe a user.')
|
parser = argparse.ArgumentParser(description='Add the user described in the given json. If no file is provided, returns a json listing all the fields used to describe a user.')
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
# -*- coding: utf-8 -*-
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
from pymisp import PyMISP
|
from pymisp import PyMISP
|
||||||
from keys import misp_url, misp_key
|
from keys import misp_url, misp_key, misp_verifycert
|
||||||
import argparse
|
import argparse
|
||||||
|
|
||||||
# For python2 & 3 compat, a bit dirty, but it seems to be the least bad one
|
# For python2 & 3 compat, a bit dirty, but it seems to be the least bad one
|
||||||
|
@ -13,7 +13,7 @@ except NameError:
|
||||||
|
|
||||||
|
|
||||||
def init(url, key):
|
def init(url, key):
|
||||||
return PyMISP(url, key, True, 'json', debug=True)
|
return PyMISP(url, key, misp_verifycert, 'json', debug=True)
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
parser = argparse.ArgumentParser(description='Create an event on MISP.')
|
parser = argparse.ArgumentParser(description='Create an event on MISP.')
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
# -*- coding: utf-8 -*-
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
from pymisp import PyMISP
|
from pymisp import PyMISP
|
||||||
from keys import misp_url, misp_key
|
from keys import misp_url, misp_key, misp_verifycert
|
||||||
import argparse
|
import argparse
|
||||||
|
|
||||||
# For python2 & 3 compat, a bit dirty, but it seems to be the least bad one
|
# For python2 & 3 compat, a bit dirty, but it seems to be the least bad one
|
||||||
|
@ -13,7 +13,7 @@ except NameError:
|
||||||
|
|
||||||
|
|
||||||
def init(url, key):
|
def init(url, key):
|
||||||
return PyMISP(url, key, True, 'json')
|
return PyMISP(url, key, misp_verifycert, 'json')
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
parser = argparse.ArgumentParser(description='Delete the user with the given id. Keep in mind that disabling users (by setting the disabled flag via an edit) is always prefered to keep user associations to events intact.')
|
parser = argparse.ArgumentParser(description='Delete the user with the given id. Keep in mind that disabling users (by setting the disabled flag via an edit) is always prefered to keep user associations to events intact.')
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
# -*- coding: utf-8 -*-
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
from pymisp import PyMISP
|
from pymisp import PyMISP
|
||||||
from keys import misp_url, misp_key
|
from keys import misp_url, misp_key, misp_verifycert
|
||||||
import argparse
|
import argparse
|
||||||
|
|
||||||
# For python2 & 3 compat, a bit dirty, but it seems to be the least bad one
|
# For python2 & 3 compat, a bit dirty, but it seems to be the least bad one
|
||||||
|
@ -13,7 +13,7 @@ except NameError:
|
||||||
|
|
||||||
|
|
||||||
def init(url, key):
|
def init(url, key):
|
||||||
return PyMISP(url, key, True, 'json')
|
return PyMISP(url, key, misp_verifycert, 'json')
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
parser = argparse.ArgumentParser(description='Edit the email of the user designed by the user_id.')
|
parser = argparse.ArgumentParser(description='Edit the email of the user designed by the user_id.')
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
# -*- coding: utf-8 -*-
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
from pymisp import PyMISP
|
from pymisp import PyMISP
|
||||||
from keys import misp_url, misp_key
|
from keys import misp_url, misp_key, misp_verifycert
|
||||||
import argparse
|
import argparse
|
||||||
|
|
||||||
# For python2 & 3 compat, a bit dirty, but it seems to be the least bad one
|
# For python2 & 3 compat, a bit dirty, but it seems to be the least bad one
|
||||||
|
@ -13,7 +13,7 @@ except NameError:
|
||||||
|
|
||||||
|
|
||||||
def init(url, key):
|
def init(url, key):
|
||||||
return PyMISP(url, key, True, 'json')
|
return PyMISP(url, key, misp_verifycert, 'json')
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
parser = argparse.ArgumentParser(description='Edit the user designed by the user_id. If no file is provided, returns a json listing all the fields used to describe a user.')
|
parser = argparse.ArgumentParser(description='Edit the user designed by the user_id. If no file is provided, returns a json listing all the fields used to describe a user.')
|
||||||
|
|
|
@ -9,14 +9,14 @@
|
||||||
|
|
||||||
import sys, json, time, requests
|
import sys, json, time, requests
|
||||||
from pymisp import PyMISP
|
from pymisp import PyMISP
|
||||||
from keys import misp_url, misp_key
|
from keys import misp_url, misp_key, misp_verifycert
|
||||||
|
|
||||||
et_url = 'https://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txt'
|
et_url = 'https://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txt'
|
||||||
et_str = 'Emerging Threats '
|
et_str = 'Emerging Threats '
|
||||||
|
|
||||||
def init_misp():
|
def init_misp():
|
||||||
global mymisp
|
global mymisp
|
||||||
mymisp = PyMISP(misp_url, misp_key)
|
mymisp = PyMISP(misp_url, misp_key, misp_verifycert)
|
||||||
|
|
||||||
def load_misp_event(eid):
|
def load_misp_event(eid):
|
||||||
global et_attr
|
global et_attr
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
#!/usr/bin/env python
|
#!/usr/bin/env python
|
||||||
# -*- coding: utf-8 -*-
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
from keys import misp_url, misp_key
|
from keys import misp_url, misp_key, misp_verifycert
|
||||||
import argparse
|
import argparse
|
||||||
from pymisp import PyMISP
|
from pymisp import PyMISP
|
||||||
|
|
||||||
|
@ -12,7 +12,7 @@ except NameError:
|
||||||
pass
|
pass
|
||||||
|
|
||||||
def init(url, key):
|
def init(url, key):
|
||||||
return PyMISP(url, key, False, 'json', debug=False)
|
return PyMISP(url, key, misp_verifycert, 'json', debug=False)
|
||||||
|
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
# -*- coding: utf-8 -*-
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
from pymisp import PyMISP
|
from pymisp import PyMISP
|
||||||
from keys import misp_url, misp_key
|
from keys import misp_url, misp_key, misp_verifycert
|
||||||
import argparse
|
import argparse
|
||||||
|
|
||||||
from io import open
|
from io import open
|
||||||
|
@ -15,7 +15,7 @@ if __name__ == '__main__':
|
||||||
|
|
||||||
args = parser.parse_args()
|
args = parser.parse_args()
|
||||||
|
|
||||||
pymisp = PyMISP(misp_url, misp_key)
|
pymisp = PyMISP(misp_url, misp_key, misp_verifycert)
|
||||||
|
|
||||||
with open(args.input, 'r') as f:
|
with open(args.input, 'r') as f:
|
||||||
result = pymisp.freetext(args.event, f.read())
|
result = pymisp.freetext(args.event, f.read())
|
||||||
|
|
|
@ -7,7 +7,7 @@
|
||||||
import sys
|
import sys
|
||||||
import datetime
|
import datetime
|
||||||
from pymisp import PyMISP, MISPAttribute
|
from pymisp import PyMISP, MISPAttribute
|
||||||
from keys import misp_url, misp_key
|
from keys import misp_url, misp_key, misp_verifycert
|
||||||
|
|
||||||
cefconfig = {"Default_Severity":1, "Device_Vendor":"MISP", "Device_Product":"MISP", "Device_Version":1}
|
cefconfig = {"Default_Severity":1, "Device_Vendor":"MISP", "Device_Product":"MISP", "Device_Version":1}
|
||||||
|
|
||||||
|
@ -45,7 +45,7 @@ def make_cef(event):
|
||||||
|
|
||||||
def init_misp():
|
def init_misp():
|
||||||
global mymisp
|
global mymisp
|
||||||
mymisp = PyMISP(misp_url, misp_key)
|
mymisp = PyMISP(misp_url, misp_key, misp_verifycert)
|
||||||
|
|
||||||
|
|
||||||
def echeck(r):
|
def echeck(r):
|
||||||
|
|
|
@ -6,12 +6,12 @@
|
||||||
|
|
||||||
import sys
|
import sys
|
||||||
from pymisp import PyMISP, MISPAttribute
|
from pymisp import PyMISP, MISPAttribute
|
||||||
from keys import misp_url, misp_key
|
from keys import misp_url, misp_key, misp_verifycert
|
||||||
|
|
||||||
|
|
||||||
def init_misp():
|
def init_misp():
|
||||||
global mymisp
|
global mymisp
|
||||||
mymisp = PyMISP(misp_url, misp_key)
|
mymisp = PyMISP(misp_url, misp_key, misp_verifycert)
|
||||||
|
|
||||||
|
|
||||||
def echeck(r):
|
def echeck(r):
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
# -*- coding: utf-8 -*-
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
from pymisp import PyMISP
|
from pymisp import PyMISP
|
||||||
from keys import misp_url, misp_key
|
from keys import misp_url, misp_key, misp_verifycert
|
||||||
import argparse
|
import argparse
|
||||||
|
|
||||||
# For python2 & 3 compat, a bit dirty, but it seems to be the least bad one
|
# For python2 & 3 compat, a bit dirty, but it seems to be the least bad one
|
||||||
|
@ -13,7 +13,7 @@ except NameError:
|
||||||
|
|
||||||
|
|
||||||
def init(url, key):
|
def init(url, key):
|
||||||
return PyMISP(url, key, True, 'json')
|
return PyMISP(url, key, misp_verifycert, 'json')
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
parser = argparse.ArgumentParser(description='Get a list of the sharing groups from the MISP instance.')
|
parser = argparse.ArgumentParser(description='Get a list of the sharing groups from the MISP instance.')
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
# -*- coding: utf-8 -*-
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
from pymisp import PyMISP
|
from pymisp import PyMISP
|
||||||
from keys import misp_url, misp_key
|
from keys import misp_url, misp_key, misp_verifycert
|
||||||
import argparse
|
import argparse
|
||||||
|
|
||||||
# For python2 & 3 compat, a bit dirty, but it seems to be the least bad one
|
# For python2 & 3 compat, a bit dirty, but it seems to be the least bad one
|
||||||
|
@ -13,7 +13,7 @@ except NameError:
|
||||||
|
|
||||||
|
|
||||||
def init(url, key):
|
def init(url, key):
|
||||||
return PyMISP(url, key, True, 'json')
|
return PyMISP(url, key, misp_verifycert, 'json')
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
parser = argparse.ArgumentParser(description='Add sighting.')
|
parser = argparse.ArgumentParser(description='Add sighting.')
|
||||||
|
|
|
@ -2,12 +2,12 @@
|
||||||
# -*- coding: utf-8 -*-
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
from pymisp import PyMISP
|
from pymisp import PyMISP
|
||||||
from keys import misp_url, misp_key
|
from keys import misp_url, misp_key, misp_verifycert
|
||||||
import argparse
|
import argparse
|
||||||
|
|
||||||
|
|
||||||
def init(url, key):
|
def init(url, key):
|
||||||
return PyMISP(url, key, True)
|
return PyMISP(url, key, misp_verifycert)
|
||||||
|
|
||||||
|
|
||||||
def fetch(m, all_events, event):
|
def fetch(m, all_events, event):
|
||||||
|
|
|
@ -2,13 +2,13 @@
|
||||||
# -*- coding: utf-8 -*-
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
from pymisp import PyMISP
|
from pymisp import PyMISP
|
||||||
from keys import misp_url, misp_key
|
from keys import misp_url, misp_key, misp_verifycert
|
||||||
import argparse
|
import argparse
|
||||||
import json
|
import json
|
||||||
|
|
||||||
|
|
||||||
def init(url, key):
|
def init(url, key):
|
||||||
return PyMISP(url, key, True, 'json', True)
|
return PyMISP(url, key, misp_verifycert, 'json', True)
|
||||||
|
|
||||||
|
|
||||||
def get_tags(m):
|
def get_tags(m):
|
||||||
|
|
|
@ -2,13 +2,13 @@
|
||||||
# -*- coding: utf-8 -*-
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
from pymisp import PyMISP
|
from pymisp import PyMISP
|
||||||
from keys import misp_url, misp_key
|
from keys import misp_url, misp_key, misp_verifycert
|
||||||
import argparse
|
import argparse
|
||||||
|
|
||||||
from io import open
|
from io import open
|
||||||
|
|
||||||
def init(url, key):
|
def init(url, key):
|
||||||
return PyMISP(url, key, True, 'json', debug=True)
|
return PyMISP(url, key, misp_verifycert, 'json', debug=True)
|
||||||
|
|
||||||
def up_event(m, event, content):
|
def up_event(m, event, content):
|
||||||
with open(content, 'r') as f:
|
with open(content, 'r') as f:
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
# -*- coding: utf-8 -*-
|
# -*- coding: utf-8 -*-
|
||||||
|
|
||||||
from pymisp import PyMISP
|
from pymisp import PyMISP
|
||||||
from keys import misp_url, misp_key
|
from keys import misp_url, misp_key, misp_verifycert
|
||||||
import argparse
|
import argparse
|
||||||
|
|
||||||
# For python2 & 3 compat, a bit dirty, but it seems to be the least bad one
|
# For python2 & 3 compat, a bit dirty, but it seems to be the least bad one
|
||||||
|
@ -13,7 +13,7 @@ except NameError:
|
||||||
|
|
||||||
|
|
||||||
def init(url, key):
|
def init(url, key):
|
||||||
return PyMISP(url, key, True, 'json')
|
return PyMISP(url, key, misp_verifycert, 'json')
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
parser = argparse.ArgumentParser(description='Get a list of the sharing groups from the MISP instance.')
|
parser = argparse.ArgumentParser(description='Get a list of the sharing groups from the MISP instance.')
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
from pymisp import PyMISP
|
from pymisp import PyMISP
|
||||||
from pymisp.tools import load_warninglists
|
from pymisp.tools import load_warninglists
|
||||||
import argparse
|
import argparse
|
||||||
from keys import misp_url, misp_key
|
from keys import misp_url, misp_key, misp_verifycert
|
||||||
|
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
|
@ -18,5 +18,5 @@ if __name__ == '__main__':
|
||||||
if args.package:
|
if args.package:
|
||||||
print(load_warninglists.from_package())
|
print(load_warninglists.from_package())
|
||||||
elif args.remote:
|
elif args.remote:
|
||||||
pm = PyMISP(misp_url, misp_key)
|
pm = PyMISP(misp_url, misp_key, misp_verifycert)
|
||||||
print(load_warninglists.from_instance(pm))
|
print(load_warninglists.from_instance(pm))
|
||||||
|
|
Loading…
Reference in New Issue