mirror of https://github.com/MISP/PyMISP
Merge pull request #24 from Delta-Sierra/master
Fix fetching method for tag_search and tags_countpull/25/head
Raphaël Vinot
GitHub
commit
e8c266570e
|
|
@ -5,7 +5,6 @@ from pymisp import PyMISP
|
||||||
from keys import misp_url, misp_key, misp_verifycert
|
from keys import misp_url, misp_key, misp_verifycert
|
||||||
from datetime import datetime
|
from datetime import datetime
|
||||||
import argparse
|
import argparse
|
||||||
import json
|
|
||||||
import tools
|
import tools
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -15,11 +14,6 @@ def init(url, key):
|
||||||
# ######### fetch data ##########
|
# ######### fetch data ##########
|
||||||
|
|
||||||
|
|
||||||
def download_last(m, last):
|
|
||||||
result = m.download_last(last)
|
|
||||||
with open('data', 'w') as f:
|
|
||||||
f.write(json.dumps(result))
|
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
parser = argparse.ArgumentParser(description='Take a sample of events (based on last.py) and give the number of occurrence of the given tag in this sample.')
|
parser = argparse.ArgumentParser(description='Take a sample of events (based on last.py) and give the number of occurrence of the given tag in this sample.')
|
||||||
parser.add_argument("-t", "--tag", required=True, help="tag to search (search for multiple tags is possible by using |. example : \"osint|OSINT\")")
|
parser.add_argument("-t", "--tag", required=True, help="tag to search (search for multiple tags is possible by using |. example : \"osint|OSINT\")")
|
||||||
|
|
@ -33,7 +27,7 @@ if __name__ == '__main__':
|
||||||
|
|
||||||
if args.days is None:
|
if args.days is None:
|
||||||
args.days = 7
|
args.days = 7
|
||||||
download_last(misp, str(args.days) + 'd')
|
result = misp.download_last('{}d'.format(args.days))
|
||||||
|
|
||||||
tools.checkDateConsistancy(args.begindate, args.enddate, tools.getLastdate(args.days))
|
tools.checkDateConsistancy(args.begindate, args.enddate, tools.getLastdate(args.days))
|
||||||
|
|
||||||
|
|
@ -47,11 +41,11 @@ if __name__ == '__main__':
|
||||||
else:
|
else:
|
||||||
args.enddate = tools.setEnddate(tools.toDatetime(args.enddate))
|
args.enddate = tools.setEnddate(tools.toDatetime(args.enddate))
|
||||||
|
|
||||||
Events = tools.selectInRange(tools.eventsListBuildFromArray('data'), begin=args.begindate, end=args.enddate)
|
events = tools.selectInRange(tools.eventsListBuildFromArray(result), begin=args.begindate, end=args.enddate)
|
||||||
TotalPeriodEvents = tools.getNbitems(Events)
|
totalPeriodEvents = tools.getNbitems(events)
|
||||||
Tags = tools.tagsListBuild(Events)
|
tags = tools.tagsListBuild(events)
|
||||||
result = tools.isTagIn(Tags, args.tag)
|
result = tools.isTagIn(tags, args.tag)
|
||||||
TotalPeriodTags = len(result)
|
totalPeriodTags = len(result)
|
||||||
|
|
||||||
text = 'Studied pediod: from '
|
text = 'Studied pediod: from '
|
||||||
if args.begindate is None:
|
if args.begindate is None:
|
||||||
|
|
@ -66,6 +60,6 @@ if __name__ == '__main__':
|
||||||
|
|
||||||
print('\n========================================================')
|
print('\n========================================================')
|
||||||
print(text)
|
print(text)
|
||||||
print('During the studied pediod, ' + str(TotalPeriodTags) + ' events out of ' + str(TotalPeriodEvents) + ' contains at least one tag with ' + args.tag + '.')
|
print('During the studied pediod, ' + str(totalPeriodTags) + ' events out of ' + str(totalPeriodEvents) + ' contains at least one tag with ' + args.tag + '.')
|
||||||
if TotalPeriodEvents != 0:
|
if totalPeriodEvents != 0:
|
||||||
print('It represents {}% of the events in this period.'.format(round(100 * TotalPeriodTags / TotalPeriodEvents, 3)))
|
print('It represents {}% of the events in this period.'.format(round(100 * totalPeriodTags / totalPeriodEvents, 3)))
|
||||||
|
|
|
||||||
|
|
@ -5,7 +5,6 @@ from pymisp import PyMISP
|
||||||
from keys import misp_url, misp_key, misp_verifycert
|
from keys import misp_url, misp_key, misp_verifycert
|
||||||
from datetime import datetime
|
from datetime import datetime
|
||||||
import argparse
|
import argparse
|
||||||
import json
|
|
||||||
import tools
|
import tools
|
||||||
|
|
||||||
|
|
||||||
|
|
@ -15,11 +14,6 @@ def init(url, key):
|
||||||
# ######### fetch data ##########
|
# ######### fetch data ##########
|
||||||
|
|
||||||
|
|
||||||
def download_last(m, last):
|
|
||||||
result = m.download_last(last)
|
|
||||||
with open('data', 'w') as f:
|
|
||||||
f.write(json.dumps(result))
|
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
parser = argparse.ArgumentParser(description='Take a sample of events (based on last.py) and give the repartition of tags in this sample.')
|
parser = argparse.ArgumentParser(description='Take a sample of events (based on last.py) and give the repartition of tags in this sample.')
|
||||||
parser.add_argument("-d", "--days", type=int, help="number of days before today to search. If not define, default value is 7")
|
parser.add_argument("-d", "--days", type=int, help="number of days before today to search. If not define, default value is 7")
|
||||||
|
|
@ -32,7 +26,7 @@ if __name__ == '__main__':
|
||||||
|
|
||||||
if args.days is None:
|
if args.days is None:
|
||||||
args.days = 7
|
args.days = 7
|
||||||
download_last(misp, '{}d'.format(args.days))
|
result = misp.download_last('{}d'.format(args.days))
|
||||||
|
|
||||||
tools.checkDateConsistancy(args.begindate, args.enddate, tools.getLastdate(args.days))
|
tools.checkDateConsistancy(args.begindate, args.enddate, tools.getLastdate(args.days))
|
||||||
|
|
||||||
|
|
@ -46,17 +40,9 @@ if __name__ == '__main__':
|
||||||
else:
|
else:
|
||||||
args.enddate = tools.setEnddate(tools.toDatetime(args.enddate))
|
args.enddate = tools.setEnddate(tools.toDatetime(args.enddate))
|
||||||
|
|
||||||
Events = tools.eventsListBuildFromArray('data')
|
events = tools.selectInRange(tools.eventsListBuildFromArray(result), begin=args.begindate, end=args.enddate)
|
||||||
TotalEvents = tools.getNbitems(Events)
|
tags = tools.tagsListBuild(events)
|
||||||
Tags = tools.tagsListBuild(Events)
|
result = tools.getNbOccurenceTags(tags)
|
||||||
result = tools.getNbOccurenceTags(Tags)
|
|
||||||
TotalTags = tools.getNbitems(Tags)
|
|
||||||
|
|
||||||
Events = tools.selectInRange(Events, begin=args.begindate, end=args.enddate)
|
|
||||||
TotalPeriodEvents = tools.getNbitems(Events)
|
|
||||||
Tags = tools.tagsListBuild(Events)
|
|
||||||
result = tools.getNbOccurenceTags(Tags)
|
|
||||||
TotalPeriodTags = tools.getNbitems(Tags)
|
|
||||||
|
|
||||||
text = 'Studied pediod: from '
|
text = 'Studied pediod: from '
|
||||||
if args.begindate is None:
|
if args.begindate is None:
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue