MISP
/
PyMISP
mirror of https://github.com/MISP/PyMISP
2
0
Fork 0
Code Issues Releases Wiki Activity

Normalized auth parameters

pull/3/head
Alexandre Dulaunoy 2015-11-06 10:17:20 +01:00
parent db1221dd52
commit fc0873bed1
1 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
examples/get_network_activity.py
View File

@ -13,18 +13,18 @@
./get_network_activity.py --netflow --event 8 ./get_network_activity.py --netflow --event 8
get netflow filter for event 8 get netflow filter for event 8
./get_network_activity.py -f get_network_activity.event_id --netflow ./get_network_activity.py -f get_network_activity.event_id --netflow
get netflow filter for events in id file get netflow filter for events in id file
./get_network_activity.py -f get_network_activity.event_id ./get_network_activity.py -f get_network_activity.event_id
get output with comments get output with comments
""" """
from pymisp import PyMISP from pymisp import PyMISP
from cudeso import misp_key from keys import misp_key
from cudeso import misp_url from keys import misp_url
from cudeso import misp_verifycert from keys import misp_verifycert
source = None source = None
@ -71,7 +71,7 @@ def get_event(event_id):
if app_netflow: if app_netflow:
app_printcomment = False app_printcomment = False
if attribute["type"] == "ip-dst" and app_ip_dst: if attribute["type"] == "ip-dst" and app_ip_dst:
network_ip_dst.append([build_entry(value, event_id, title, "ip-dst")]) network_ip_dst.append([build_entry(value, event_id, title, "ip-dst")])
else: else:
if attribute["type"] == "ip-src" and app_ip_src: if attribute["type"] == "ip-src" and app_ip_src:
network_ip_src.append([build_entry(value, event_id, title, "ip-src")]) network_ip_src.append([build_entry(value, event_id, title, "ip-src")])
@ -121,7 +121,7 @@ def print_events():
if firsthost: if firsthost:
firsthost = False firsthost = False
else: else:
print " or " print " or "
print "host %s" % ip[0] print "host %s" % ip[0]
else: else:
if app_ip_src: if app_ip_src:
@ -182,7 +182,7 @@ if __name__ == '__main__':
app_event = args.event app_event = args.event
if app_event > 0: if app_event > 0:
get_event(app_event) get_event(app_event)
print_events() print_events()
elif args.filename is not None: elif args.filename is not None:
# print "app_printcomment %s app_hostname %s app_domain %s app_ip_src %s app_ip_dst %s app_ids_only %s app_printtitle %s" % (app_printcomment,app_hostname, app_domain, app_ip_src, app_ip_dst, app_ids_only, app_printtitle) # print "app_printcomment %s app_hostname %s app_domain %s app_ip_src %s app_ip_dst %s app_ids_only %s app_printtitle %s" % (app_printcomment,app_hostname, app_domain, app_ip_src, app_ip_dst, app_ids_only, app_printtitle)