mirror of https://github.com/MISP/PyMISP
Allow statistics date_from date_to
- date_from + date_to - move misp object creation after argument parserpull/438/head
parent
3d2930db12
commit
c149886a88
|
@ -17,6 +17,7 @@ from keys import misp_url, misp_key, misp_verifycert
|
||||||
import argparse
|
import argparse
|
||||||
import os
|
import os
|
||||||
from datetime import datetime
|
from datetime import datetime
|
||||||
|
from datetime import date
|
||||||
import time
|
import time
|
||||||
import sys
|
import sys
|
||||||
import smtplib
|
import smtplib
|
||||||
|
@ -40,7 +41,7 @@ def init(url, key, verifycert):
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
def get_data(misp, timeframe):
|
def get_data(misp, timeframe, date_from = None, date_to = None):
|
||||||
'''
|
'''
|
||||||
Get the event date to build our report
|
Get the event date to build our report
|
||||||
'''
|
'''
|
||||||
|
@ -61,6 +62,9 @@ def get_data(misp, timeframe):
|
||||||
report = {}
|
report = {}
|
||||||
|
|
||||||
try:
|
try:
|
||||||
|
if date_from and date_to:
|
||||||
|
stats_event_response = misp.search(date_from=date_from, date_to=date_to)
|
||||||
|
else:
|
||||||
stats_event_response = misp.search(last=timeframe)
|
stats_event_response = misp.search(last=timeframe)
|
||||||
|
|
||||||
# Number of new or updated events since timestamp
|
# Number of new or updated events since timestamp
|
||||||
|
@ -348,14 +352,28 @@ def print_report(report_body, attachments, smtp_from, smtp_to, smtp_server, misp
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
parser = argparse.ArgumentParser(description='Generate a report of your MISP statistics.')
|
parser = argparse.ArgumentParser(description='Generate a report of your MISP statistics.')
|
||||||
parser.add_argument('-t', '--timeframe', required=True, help='Timeframe to include in the report ')
|
group = parser.add_mutually_exclusive_group(required=True)
|
||||||
|
group.add_argument('-t', '--timeframe',action='store', help='Timeframe to include in the report')
|
||||||
|
group.add_argument('-f', '--date_from',action='store', help='Start date of query (YYYY-MM-DD)')
|
||||||
|
parser.add_argument('-u', '---date-to', action='store', help='End date of query (YYYY-MM-DD)')
|
||||||
parser.add_argument('-e', '--mispevent', action='store_true', help='Include MISP event titles')
|
parser.add_argument('-e', '--mispevent', action='store_true', help='Include MISP event titles')
|
||||||
parser.add_argument('-m', '--mail', action='store_true', help='Mail the report')
|
parser.add_argument('-m', '--mail', action='store_true', help='Mail the report')
|
||||||
parser.add_argument('-o', '--mailoptions', action='store', help='mailoptions: \'smtp_from=INSERT_FROM;smtp_to=INSERT_TO;smtp_server=localhost\'')
|
parser.add_argument('-o', '--mailoptions', action='store', help='mailoptions: \'smtp_from=INSERT_FROM;smtp_to=INSERT_TO;smtp_server=localhost\'')
|
||||||
misp = init(misp_url, misp_key, misp_verifycert)
|
|
||||||
|
|
||||||
args = parser.parse_args()
|
args = parser.parse_args()
|
||||||
|
misp = init(misp_url, misp_key, misp_verifycert)
|
||||||
|
|
||||||
timeframe = args.timeframe
|
timeframe = args.timeframe
|
||||||
|
if not timeframe:
|
||||||
|
date_from = args.date_from
|
||||||
|
if not args.date_to:
|
||||||
|
today = date.today()
|
||||||
|
date_to = today.strftime("%Y-%m-%d")
|
||||||
|
else:
|
||||||
|
date_to = args.date_to
|
||||||
|
else:
|
||||||
|
date_from = None
|
||||||
|
date_to = None
|
||||||
|
|
||||||
ts_format = '%Y-%m-%d %H:%M:%S'
|
ts_format = '%Y-%m-%d %H:%M:%S'
|
||||||
threat_levels = ['High', 'Medium', 'Low', 'Undef']
|
threat_levels = ['High', 'Medium', 'Low', 'Undef']
|
||||||
|
@ -374,7 +392,8 @@ if __name__ == '__main__':
|
||||||
if s.split('=')[0] == 'smtp_server':
|
if s.split('=')[0] == 'smtp_server':
|
||||||
smtp_server = s.split('=')[1]
|
smtp_server = s.split('=')[1]
|
||||||
|
|
||||||
report = get_data(misp, timeframe)
|
report = get_data(misp, timeframe, date_from, date_to)
|
||||||
if(report):
|
if(report):
|
||||||
report_body, attachments = build_report(report, timeframe, misp_url)
|
report_body, attachments = build_report(report, timeframe, misp_url)
|
||||||
print_report(report_body, attachments, smtp_from, smtp_to, smtp_server, misp_url)
|
print_report(report_body, attachments, smtp_from, smtp_to, smtp_server, misp_url)
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue