From 96594e97ec946934d15bd23fd185b80be7efc36a Mon Sep 17 00:00:00 2001 From: Sascha Rommelfangen Date: Thu, 18 Jul 2019 12:46:31 +0200 Subject: [PATCH] some "fixes" --- mail2misp/mail2misp.py | 13 +++++++------ mail_to_misp.py | 3 +-- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/mail2misp/mail2misp.py b/mail2misp/mail2misp.py index 9df2987..b4f87f4 100644 --- a/mail2misp/mail2misp.py +++ b/mail2misp/mail2misp.py @@ -246,7 +246,7 @@ class Mail2MISP(): if self.debug: syslog.syslog(domainname) - if domainname in self.config.internallist: # Add link to internal reference + if domainname.decode('utf-8') in self.config.internallist: # Add link to internal reference attribute = self.misp_event.add_attribute('link', entry, category='Internal reference', to_ids=False, enforceWarninglist=False) if email_object: @@ -368,14 +368,15 @@ class Mail2MISP(): self.sighting(value, source) return event - def update_event(self, event_id=None): + def update_event(self, eid=None): '''Update event on the remote MISP instance.''' if self.offline: return self.misp_event.to_json() - event = self.misp.update_event(self.misp_event, event_id=event_id) - if self.config.sighting: - for value, source in self.sightings_to_add: - self.sighting(value, source) + event = self.misp.update_event(eid, self.misp_event) + syslog.syslog(str(event)) + #if self.config.sighting: + # for value, source in self.sightings_to_add: + # self.sighting(value, source) return event diff --git a/mail_to_misp.py b/mail_to_misp.py index 7784e16..8ee9414 100755 --- a/mail_to_misp.py +++ b/mail_to_misp.py @@ -68,8 +68,7 @@ if __name__ == '__main__': mail2misp.process_body_iocs() if args.event: - misp_event = args.event - mail2misp.update_event(event_id=misp_event) + mail2misp.update_event(eid=args.event) else: mail2misp.add_event() syslog.syslog("Job finished.")