mirror of https://github.com/MISP/mail_to_misp
overriding warninglist enforcement when full URL with resource
parent
80413f53b8
commit
316b73644b
|
@ -260,6 +260,10 @@ for entry in urllist:
|
||||||
schema = f.get_scheme().decode('utf-8', 'ignore')
|
schema = f.get_scheme().decode('utf-8', 'ignore')
|
||||||
except:
|
except:
|
||||||
schema = False
|
schema = False
|
||||||
|
try:
|
||||||
|
resource_path = f.get_resource_path().decode('utf-8', 'ignore')
|
||||||
|
except:
|
||||||
|
resource_path = False
|
||||||
if debug:
|
if debug:
|
||||||
syslog.syslog(domainname)
|
syslog.syslog(domainname)
|
||||||
if domainname not in excludelist:
|
if domainname not in excludelist:
|
||||||
|
@ -279,8 +283,12 @@ for entry in urllist:
|
||||||
if is_valid_ipv4_address(hostname):
|
if is_valid_ipv4_address(hostname):
|
||||||
add_attribute(new_event, 'url', entry, 'Network activity', False, enforcewarninglist, sighting)
|
add_attribute(new_event, 'url', entry, 'Network activity', False, enforcewarninglist, sighting)
|
||||||
else:
|
else:
|
||||||
add_attribute(new_event, 'url', entry, 'Network activity', ids_flag, enforcewarninglist,
|
if resource_path:
|
||||||
sighting, comment=comment)
|
add_attribute(new_event, 'url', entry, 'Network activity', ids_flag, False,
|
||||||
|
sighting, comment=comment)
|
||||||
|
else:
|
||||||
|
add_attribute(new_event, 'url', entry, 'Network activity', ids_flag, enforcewarninglist,
|
||||||
|
sighting, comment=comment)
|
||||||
if debug:
|
if debug:
|
||||||
syslog.syslog(hostname)
|
syslog.syslog(hostname)
|
||||||
try:
|
try:
|
||||||
|
|
Loading…
Reference in New Issue