chg: Add a generic MISP object generator

2017-11-15 17:37:17 +01:00 · 2017-11-15 17:37:17 +01:00 · bfe9867b2e
parent 0f21a561b0
commit bfe9867b2e
4 changed files with 21 additions and 15 deletions
--- a/examples/add_generic_object.py
+++ b/examples/add_generic_object.py
@ -3,7 +3,7 @@

 import json
 from pymisp import PyMISP
-from pymisp.tools.abstractgenerator import AbstractMISPObjectGenerator
+from pymisp.tools import GenericObjectGenerator
 from keys import misp_url, misp_key, misp_verifycert
 import argparse

@ -12,19 +12,6 @@ Sample usage:
 ./add_generic_object.py -e 5065 -t email -l '[{"to": "undisclosed@ppp.com"}, {"to": "second.to@mail.com"}]'
 """

-
-class GenericObject(AbstractMISPObjectGenerator):
-    def __init__(self, type, attr_list):
-        super(GenericObject, self).__init__(type)
-        self.__data = attr_list
-        self.generate_attributes()
-
-    def generate_attributes(self):
-        for attribute in self.__data:
-            for key, value in attribute.items():
-                self.add_attribute(key, value=value)
-
-
 if __name__ == '__main__':
    parser = argparse.ArgumentParser(description='Create a MISP Object selectable by type starting from a dictionary')
    parser.add_argument("-e", "--event", required=True, help="Event ID to update")
@ -40,5 +27,6 @@ if __name__ == '__main__':
        print ("Template for type %s not found! Valid types are: %s" % (args.type, valid_types))
        exit()

-    misp_object = GenericObject(args.type.replace("|", "-"), json.loads(args.attr_list))
+    misp_object = GenericObjectGenerator(args.type.replace("|", "-"))
+    misp_object.generate_attributes(json.loads(args.attr_list))
    r = pymisp.add_object(args.event, template_id, misp_object)
--- a/pymisp/mispevent.py
+++ b/pymisp/mispevent.py
@ -727,6 +727,7 @@ class MISPObject(AbstractMISP):
                attribute = MISPObjectAttribute(self.__definition['attributes'][object_relation])
            else:
                # Woopsie, this object_relation is unknown, no sane defaults for you.
+                logger.warning("The template ({}) doesn't have the object_relation ({}) you're trying to add.".format(self.name, object_relation))
                attribute = MISPObjectAttribute({})
        else:
            attribute = MISPObjectAttribute({})
--- a/pymisp/tools/init.py
+++ b/pymisp/tools/init.py
@ -6,3 +6,4 @@ from .elfobject import ELFObject, ELFSectionObject  # noqa
 from .machoobject import MachOObject, MachOSectionObject  # noqa
 from .create_misp_object import make_binary_objects  # noqa
 from .abstractgenerator import AbstractMISPObjectGenerator  # noqa
+from .genericgenerator import GenericObjectGenerator  # noqa
--- a/pymisp/tools/genericgenerator.py
+++ b/pymisp/tools/genericgenerator.py
@ -0,0 +1,16 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+from .abstractgenerator import AbstractMISPObjectGenerator
+
+
+class GenericObjectGenerator(AbstractMISPObjectGenerator):
+
+    def generate_attributes(self, attributes):
+        for attribute in attributes:
+            for object_relation, value in attribute.items():
+                if isinstance(value, dict):
+                    self.add_attribute(object_relation, **value)
+                else:
+                    # In this case, we need a valid template, as all the other parameters will be pre-set.
+                    self.add_attribute(object_relation, value=value)