From 769ff9e36209a35e98098ff38b58392c19d86092 Mon Sep 17 00:00:00 2001 From: Sascha Rommelfangen Date: Mon, 22 May 2017 14:24:16 +0200 Subject: [PATCH] reverted back to before ids flag test --- mail_to_misp.py | 15 +++------------ 1 file changed, 3 insertions(+), 12 deletions(-) diff --git a/mail_to_misp.py b/mail_to_misp.py index ba1a7fc..3c68a03 100755 --- a/mail_to_misp.py +++ b/mail_to_misp.py @@ -133,28 +133,19 @@ for entry in urllist: if debug: target.write(entry + "\n") target.write(str(ids_flag)) - if ids_flag is True: - misp.add_url(new_event, entry, category='Network activity', to_ids=True) - else: - misp.add_url(new_event, entry, category='Network activity', to_ids=False) + misp.add_url(new_event, entry, category='Network activity', to_ids=ids_flag) if debug: target.write(hostname + "\n") port = f.get_port() comment = "" if port: comment = "on port: " + str(port) - if ids_flag is True: - misp.add_hostname(new_event, hostname, comment=comment, category='Network activity', to_ids=True) - else: - misp.add_hostname(new_event, hostname, comment=comment, category='Network activity', to_ids=False) + misp.add_hostname(new_event, hostname, comment=comment, category='Network activity', to_ids=ids_flag) try: for rdata in dns.resolver.query(hostname, 'A'): if debug: target.write(str(rdata) + "\n") - if ids_flag is True: - misp.add_ipdst(new_event, str(rdata), category='Network activity', to_ids=True, comment=hostname) - else: - misp.add_ipdst(new_event, str(rdata), category='Network activity', to_ids=False, comment=hostname) + misp.add_ipdst(new_event, str(rdata), category='Network activity', to_ids=ids_flag, comment=hostname) except: if debug: target.write("DNS unsuccessful\n")