mirror of https://github.com/MISP/PyMISP
57 lines
2.1 KiB
Python
Executable File
57 lines
2.1 KiB
Python
Executable File
#!/usr/bin/env python
|
|
# -*- coding: utf-8 -*-
|
|
|
|
from pymisp import PyMISP
|
|
from pymisp import MISPObject
|
|
from pymisp.tools import update_objects
|
|
from keys import misp_url, misp_key, misp_verifycert
|
|
import argparse
|
|
import requests
|
|
import sys
|
|
|
|
"""
|
|
usage: add_gitlab_user.py [-h] -e EVENT [-f] -u USERNAME [-l LINK]
|
|
|
|
Fetch GitLab user details and add it in object in MISP
|
|
|
|
optional arguments:
|
|
-h, --help show this help message and exit
|
|
-e EVENT, --event EVENT
|
|
Event ID to update
|
|
-f, --force-template-update
|
|
-u USERNAME, --username USERNAME
|
|
GitLab username to add
|
|
-l LINK, --link LINK Url to access the GitLab instance, Default is
|
|
www.gitlab.com.
|
|
"""
|
|
|
|
default_url = "http://www.gitlab.com/"
|
|
|
|
parser = argparse.ArgumentParser(description='Fetch GitLab user details and add it in object in MISP')
|
|
parser.add_argument("-e", "--event", required=True, help="Event ID to update")
|
|
parser.add_argument("-f", "--force-template-update", required=False, action="store_true")
|
|
parser.add_argument("-u", "--username", required=True, help="GitLab username to add")
|
|
parser.add_argument("-l", "--link", required=False, help="Url to access the GitLab instance, Default is www.gitlab.com.", default=default_url)
|
|
args = parser.parse_args()
|
|
|
|
|
|
r = requests.get("{}api/v4/users?username={}".format(args.link, args.username))
|
|
if r.status_code != 200:
|
|
sys.exit("HTTP return is {} and not 200 as expected".format(r.status_code))
|
|
if args.force_template_update:
|
|
print("Updating MISP Object templates...")
|
|
update_objects()
|
|
|
|
gitlab_user = r.json()[0]
|
|
pymisp = PyMISP(misp_url, misp_key, misp_verifycert)
|
|
print(gitlab_user)
|
|
|
|
misp_object = MISPObject(name="gitlab-user")
|
|
misp_object.add_attribute('username', gitlab_user['username'])
|
|
misp_object.add_attribute('id', gitlab_user['id'])
|
|
misp_object.add_attribute('name', gitlab_user['name'])
|
|
misp_object.add_attribute('state', gitlab_user['state'])
|
|
misp_object.add_attribute('avatar_url', gitlab_user['avatar_url'])
|
|
misp_object.add_attribute('web_url', gitlab_user['web_url'])
|
|
retcode = pymisp.add_object(args.event, misp_object)
|