misp-dashboard/zmq_subscriber.py

#!/usr/bin/env python3.5

import time, datetime
import copy
from collections import OrderedDict
from pprint import pprint
import zmq
import redis
import random
import configparser
import argparse
import os
import sys
import json
import geoip2.database

configfile = os.path.join(os.environ['VIRTUAL_ENV'], '../config.cfg')
cfg = configparser.ConfigParser()
cfg.read(configfile)

ZMQ_URL = cfg.get('RedisLog', 'zmq_url')
CHANNEL = cfg.get('RedisLog', 'channel')
CHANNELDISP = cfg.get('RedisMap', 'channelDisp')
CHANNEL_PROC = cfg.get('RedisMap', 'channelProc')
PATH_TO_DB = cfg.get('RedisMap', 'pathMaxMindDB')

serv_log = redis.StrictRedis(
        host=cfg.get('RedisLog', 'host'),
        port=cfg.getint('RedisLog', 'port'),
        db=cfg.getint('RedisLog', 'db'))
serv_coord = redis.StrictRedis(
        host=cfg.get('RedisMap', 'host'),
        port=cfg.getint('RedisMap', 'port'),
        db=cfg.getint('RedisMap', 'db'))
serv_redis_db = redis.StrictRedis(
        host=cfg.get('RedisDB', 'host'),
        port=cfg.getint('RedisDB', 'port'),
        db=cfg.getint('RedisDB', 'db'))

reader = geoip2.database.Reader(PATH_TO_DB)


def publish_log(zmq_name, name, content):
    to_send = { 'name': name, 'log': json.dumps(content), 'zmqName': zmq_name }
    serv_log.publish(CHANNEL, json.dumps(to_send))

def push_to_redis_zset(keyCateg, toAdd):
    now = datetime.datetime.now()
    today_str = str(now.year)+str(now.month)+str(now.day)
    keyname = "{}:{}".format(keyCateg, today_str)
    serv_redis_db.zincrby(keyname, toAdd)

def push_to_redis_geo(keyCateg, lon, lat, content):
    now = datetime.datetime.now()
    today_str = str(now.year)+str(now.month)+str(now.day)
    keyname = "{}:{}".format(keyCateg, today_str)
    serv_redis_db.geoadd(keyname, lon, lat, content)


def ip_to_coord(ip):
    resp = reader.city(ip)
    lat = float(resp.location.latitude)
    lon = float(resp.location.longitude)
    # 0.0001 correspond to ~10m
    # Cast the float so that it has the correct float format
    lat_corrected = float("{:.4f}".format(lat))
    lon_corrected = float("{:.4f}".format(lon))
    return { 'coord': {'lat': lat_corrected, 'lon': lon_corrected}, 'full_rep': resp }

def getCoordAndPublish(zmq_name, supposed_ip, categ):
    try:
        rep = ip_to_coord(supposed_ip)
        coord = rep['coord']
        coord_dic = {'lat': coord['lat'], 'lon': coord['lon']}
        ordDic = OrderedDict()
        ordDic['lat'] = coord_dic['lat']
        ordDic['lon'] = coord_dic['lon']
        coord_list = [coord['lat'], coord['lon']]
        push_to_redis_zset('GEO_COORD', json.dumps(ordDic))
        push_to_redis_zset('GEO_COUNTRY', rep['full_rep'].country.iso_code)
        push_to_redis_geo('GEO_RAD', coord['lon'], coord['lat'], json.dumps({ 'categ': categ, 'value': supposed_ip }))
        to_send = {
                "coord": coord,
                "categ": categ,
                "value": supposed_ip,
                "country": rep['full_rep'].country.name,
                "specifName": rep['full_rep'].subdivisions.most_specific.name,
                "cityName": rep['full_rep'].city.name,
                "regionCode": rep['full_rep'].country.iso_code,
                }
        serv_coord.publish(CHANNELDISP, json.dumps(to_send))
    except ValueError:
        print("can't resolve ip")
    except geoip2.errors.AddressNotFoundError:
        print("Address not in Database")

def getFields(obj, fields):
    jsonWalker = fields.split('.')
    itemToExplore = obj
    lastName = ""
    try:
        for i in jsonWalker:
            itemToExplore = itemToExplore[i]
            lastName = i
        if type(itemToExplore) is list:
            return { 'name': lastName , 'data': itemToExplore }
        else:
            return itemToExplore
    except KeyError as e:
        return ""


##############
## HANDLERS ##
##############

def handler_log(zmq_name, jsonevent):
    print('sending', 'log')
    return

def handler_dispatcher(zmq_name, jsonObj):
    if "Event" in jsonObj:
        handler_event(zmq_name, jsonObj)

def handler_keepalive(zmq_name, jsonevent):
    print('sending', 'keepalive')
    to_push = [ jsonevent['uptime'] ]
    publish_log(zmq_name, 'Keepalive', to_push)

def handler_sighting(zmq_name, jsonsight):
    print('sending' ,'sighting')
    return

def handler_event(zmq_name, jsonobj):
    #fields: threat_level_id, id, info
    jsonevent = jsonobj['Event']
    #redirect to handler_attribute
    if 'Attribute' in jsonevent:
        attributes = jsonevent['Attribute']
        if type(attributes) is list:
            for attr in attributes:
                jsoncopy = copy.deepcopy(jsonobj)
                jsoncopy['Attribute'] = attr
                handler_attribute(zmq_name, jsoncopy)
        else:
            handler_attribute(zmq_name, attributes)

def handler_attribute(zmq_name, jsonobj):
    # check if jsonattr is an attribute object
    if 'Attribute' in jsonobj:
        jsonattr = jsonobj['Attribute']

    to_push = []
    for field in json.loads(cfg.get('Log', 'fieldname_order')):
        if type(field) is list:
            to_join = []
            for subField in field:
                to_join.append(getFields(jsonobj, subField))
            to_add = cfg.get('Log', 'char_separator').join(to_join)
        else:
            to_add = getFields(jsonobj, field)
        to_push.append(to_add)

    #try to get coord from ip
    if jsonattr['category'] == "Network activity":
        getCoordAndPublish(zmq_name, jsonattr['value'], jsonattr['category'])

    # Push to log
    publish_log(zmq_name, 'Attribute', to_push)


def process_log(zmq_name, event):
    event = event.decode('utf8')
    topic, eventdata = event.split(' ', maxsplit=1)
    jsonevent = json.loads(eventdata)
    dico_action[topic](zmq_name, jsonevent)


def main(zmqName):
    context = zmq.Context()
    socket = context.socket(zmq.SUB)
    socket.connect(ZMQ_URL)
    socket.setsockopt_string(zmq.SUBSCRIBE, '')

    while True:
        content = socket.recv()
        content.replace(b'\n', b'') # remove \n...
        zmq_name = zmqName
        process_log(zmq_name, content)


dico_action = {
        "misp_json":                handler_dispatcher,
        "misp_json_event":          handler_event,
        "misp_json_self":           handler_keepalive,
        "misp_json_attribute":      handler_attribute,
        "misp_json_sighting":       handler_sighting,
        "misp_json_organisation":   handler_log,
        "misp_json_user":           handler_log,
        "misp_json_conversation":   handler_log
        }


if __name__ == "__main__":

    parser = argparse.ArgumentParser(description='A zmq subscriber. It subscribe to a ZNQ then redispatch it to the misp-dashboard')
    parser.add_argument('-n', '--name', required=False, dest='zmqname', help='The ZMQ feed name', default="MISP Standard ZMQ")
    parser.add_argument('-u', '--url', required=False, dest='zmqurl', help='The URL to connect to', default=ZMQ_URL)
    args = parser.parse_args()

    main(args.zmqname)
    reader.close()
Display the number of log message in a dynamic chart + started support of multiple feeds 2017-08-24 16:02:28 +02:00			`#!/usr/bin/env python3.5`

Added zrank for coord 2017-10-20 16:55:07 +02:00			`import time, datetime`
Loads of bug fixes: Added possibility to plot any field in lineChart + Fixed bug GEO where data was not from the correct date + Clear view when no data + Probably solved unsorted dic stored in redis + Support of publish_event_to_zmq 2017-10-27 15:33:09 +02:00			`import copy`
			`from collections import OrderedDict`
			`from pprint import pprint`
Display the number of log message in a dynamic chart + started support of multiple feeds 2017-08-24 16:02:28 +02:00			`import zmq`
			`import redis`
			`import random`
Support of unknown number of feeders + display log messages 2017-09-11 14:53:06 +02:00			`import configparser`
Added support of named ZMQ + automatic Led colors in dashboard 2017-10-25 10:41:46 +02:00			`import argparse`
Support of unknown number of feeders + display log messages 2017-09-11 14:53:06 +02:00			`import os`
			`import sys`
			`import json`
Started support of MISP ZMQ 2017-10-13 15:03:09 +02:00			`import geoip2.database`
Display the number of log message in a dynamic chart + started support of multiple feeds 2017-08-24 16:02:28 +02:00
Support of unknown number of feeders + display log messages 2017-09-11 14:53:06 +02:00			`configfile = os.path.join(os.environ['VIRTUAL_ENV'], '../config.cfg')`
			`cfg = configparser.ConfigParser()`
			`cfg.read(configfile)`

UI attunement - Possibility to adjust with of panels in config, immediatly change text. Bit of zmq refacto 2017-10-25 12:12:14 +02:00			`ZMQ_URL = cfg.get('RedisLog', 'zmq_url')`
			`CHANNEL = cfg.get('RedisLog', 'channel')`
			`CHANNELDISP = cfg.get('RedisMap', 'channelDisp')`
			`CHANNEL_PROC = cfg.get('RedisMap', 'channelProc')`
			`PATH_TO_DB = cfg.get('RedisMap', 'pathMaxMindDB')`
Display the number of log message in a dynamic chart + started support of multiple feeds 2017-08-24 16:02:28 +02:00
Probably fixed zmq bug in categ 2017-10-25 16:21:35 +02:00			`serv_log = redis.StrictRedis(`
Added openstreetmap maps from coord 2017-10-11 10:47:11 +02:00			`host=cfg.get('RedisLog', 'host'),`
			`port=cfg.getint('RedisLog', 'port'),`
			`db=cfg.getint('RedisLog', 'db'))`
			`serv_coord = redis.StrictRedis(`
Moved more to config + Added orange led 2017-10-24 09:32:23 +02:00			`host=cfg.get('RedisMap', 'host'),`
			`port=cfg.getint('RedisMap', 'port'),`
			`db=cfg.getint('RedisMap', 'db'))`
Probably fixed zmq bug in categ 2017-10-25 16:21:35 +02:00			`serv_redis_db = redis.StrictRedis(`
			`host=cfg.get('RedisDB', 'host'),`
			`port=cfg.getint('RedisDB', 'port'),`
			`db=cfg.getint('RedisDB', 'db'))`
Added openstreetmap maps from coord 2017-10-11 10:47:11 +02:00
UI attunement - Possibility to adjust with of panels in config, immediatly change text. Bit of zmq refacto 2017-10-25 12:12:14 +02:00			`reader = geoip2.database.Reader(PATH_TO_DB)`

Display the number of log message in a dynamic chart + started support of multiple feeds 2017-08-24 16:02:28 +02:00
Added support of named ZMQ + automatic Led colors in dashboard 2017-10-25 10:41:46 +02:00			`def publish_log(zmq_name, name, content):`
			`to_send = { 'name': name, 'log': json.dumps(content), 'zmqName': zmq_name }`
Probably fixed zmq bug in categ 2017-10-25 16:21:35 +02:00			`serv_log.publish(CHANNEL, json.dumps(to_send))`

			`def push_to_redis_zset(keyCateg, toAdd):`
			`now = datetime.datetime.now()`
			`today_str = str(now.year)+str(now.month)+str(now.day)`
			`keyname = "{}:{}".format(keyCateg, today_str)`
			`serv_redis_db.zincrby(keyname, toAdd)`
Moved publishing into a function 2017-10-24 11:29:32 +02:00
Added draft support of radius 2017-10-26 16:59:02 +02:00			`def push_to_redis_geo(keyCateg, lon, lat, content):`
			`now = datetime.datetime.now()`
			`today_str = str(now.year)+str(now.month)+str(now.day)`
			`keyname = "{}:{}".format(keyCateg, today_str)`
			`serv_redis_db.geoadd(keyname, lon, lat, content)`

Display the number of log message in a dynamic chart + started support of multiple feeds 2017-08-24 16:02:28 +02:00
Started support of MISP ZMQ 2017-10-13 15:03:09 +02:00			`def ip_to_coord(ip):`
			`resp = reader.city(ip)`
Added zrank for coord 2017-10-20 16:55:07 +02:00			`lat = float(resp.location.latitude)`
			`lon = float(resp.location.longitude)`
			`# 0.0001 correspond to ~10m`
			`# Cast the float so that it has the correct float format`
			`lat_corrected = float("{:.4f}".format(lat))`
			`lon_corrected = float("{:.4f}".format(lon))`
Added city&country in marker + autoRotation on event 2017-10-23 14:38:47 +02:00			`return { 'coord': {'lat': lat_corrected, 'lon': lon_corrected}, 'full_rep': resp }`
Started support of MISP ZMQ 2017-10-13 15:03:09 +02:00
Added support of named ZMQ + automatic Led colors in dashboard 2017-10-25 10:41:46 +02:00			`def getCoordAndPublish(zmq_name, supposed_ip, categ):`
Moved publishing into a function 2017-10-24 11:29:32 +02:00			`try:`
			`rep = ip_to_coord(supposed_ip)`
			`coord = rep['coord']`
			`coord_dic = {'lat': coord['lat'], 'lon': coord['lon']}`
Loads of bug fixes: Added possibility to plot any field in lineChart + Fixed bug GEO where data was not from the correct date + Clear view when no data + Probably solved unsorted dic stored in redis + Support of publish_event_to_zmq 2017-10-27 15:33:09 +02:00			`ordDic = OrderedDict()`
			`ordDic['lat'] = coord_dic['lat']`
			`ordDic['lon'] = coord_dic['lon']`
Moved publishing into a function 2017-10-24 11:29:32 +02:00			`coord_list = [coord['lat'], coord['lon']]`
Loads of bug fixes: Added possibility to plot any field in lineChart + Fixed bug GEO where data was not from the correct date + Clear view when no data + Probably solved unsorted dic stored in redis + Support of publish_event_to_zmq 2017-10-27 15:33:09 +02:00			`push_to_redis_zset('GEO_COORD', json.dumps(ordDic))`
Probably fixed zmq bug in categ 2017-10-25 16:21:35 +02:00			`push_to_redis_zset('GEO_COUNTRY', rep['full_rep'].country.iso_code)`
Added draft support of radius 2017-10-26 16:59:02 +02:00			`push_to_redis_geo('GEO_RAD', coord['lon'], coord['lat'], json.dumps({ 'categ': categ, 'value': supposed_ip }))`
Moved publishing into a function 2017-10-24 11:29:32 +02:00			`to_send = {`
			`"coord": coord,`
			`"categ": categ,`
			`"value": supposed_ip,`
			`"country": rep['full_rep'].country.name,`
			`"specifName": rep['full_rep'].subdivisions.most_specific.name,`
			`"cityName": rep['full_rep'].city.name,`
Added regionColor + fixed bug zmq_sub 2017-10-24 17:07:47 +02:00			`"regionCode": rep['full_rep'].country.iso_code,`
Moved publishing into a function 2017-10-24 11:29:32 +02:00			`}`
UI attunement - Possibility to adjust with of panels in config, immediatly change text. Bit of zmq refacto 2017-10-25 12:12:14 +02:00			`serv_coord.publish(CHANNELDISP, json.dumps(to_send))`
Moved publishing into a function 2017-10-24 11:29:32 +02:00			`except ValueError:`
			`print("can't resolve ip")`
Fixed bug marker from streetLocation not removing 2017-10-27 16:16:40 +02:00			`except geoip2.errors.AddressNotFoundError:`
Loads of bug fixes: Added possibility to plot any field in lineChart + Fixed bug GEO where data was not from the correct date + Clear view when no data + Probably solved unsorted dic stored in redis + Support of publish_event_to_zmq 2017-10-27 15:33:09 +02:00			`print("Address not in Database")`
Moved more to config + Added orange led 2017-10-24 09:32:23 +02:00
Added possibility to display any fields form zmq + possibility to display for objects 2017-10-27 13:19:22 +02:00			`def getFields(obj, fields):`
			`jsonWalker = fields.split('.')`
			`itemToExplore = obj`
			`lastName = ""`
			`try:`
			`for i in jsonWalker:`
			`itemToExplore = itemToExplore[i]`
			`lastName = i`
			`if type(itemToExplore) is list:`
			`return { 'name': lastName , 'data': itemToExplore }`
			`else:`
			`return itemToExplore`
			`except KeyError as e:`
			`return ""`


Moved more to config + Added orange led 2017-10-24 09:32:23 +02:00			`##############`
			`## HANDLERS ##`
			`##############`

Added support of named ZMQ + automatic Led colors in dashboard 2017-10-25 10:41:46 +02:00			`def handler_log(zmq_name, jsonevent):`
Started support of MISP ZMQ 2017-10-13 15:03:09 +02:00			`print('sending', 'log')`
			`return`

Loads of bug fixes: Added possibility to plot any field in lineChart + Fixed bug GEO where data was not from the correct date + Clear view when no data + Probably solved unsorted dic stored in redis + Support of publish_event_to_zmq 2017-10-27 15:33:09 +02:00			`def handler_dispatcher(zmq_name, jsonObj):`
			`if "Event" in jsonObj:`
			`handler_event(zmq_name, jsonObj)`

Added support of named ZMQ + automatic Led colors in dashboard 2017-10-25 10:41:46 +02:00			`def handler_keepalive(zmq_name, jsonevent):`
Started support of MISP ZMQ 2017-10-13 15:03:09 +02:00			`print('sending', 'keepalive')`
			`to_push = [ jsonevent['uptime'] ]`
Added support of named ZMQ + automatic Led colors in dashboard 2017-10-25 10:41:46 +02:00			`publish_log(zmq_name, 'Keepalive', to_push)`
Started support of MISP ZMQ 2017-10-13 15:03:09 +02:00
Support of the ZMQ_REWORK 2017-10-27 12:05:14 +02:00			`def handler_sighting(zmq_name, jsonsight):`
			`print('sending' ,'sighting')`
			`return`

Loads of bug fixes: Added possibility to plot any field in lineChart + Fixed bug GEO where data was not from the correct date + Clear view when no data + Probably solved unsorted dic stored in redis + Support of publish_event_to_zmq 2017-10-27 15:33:09 +02:00			`def handler_event(zmq_name, jsonobj):`
Moved more to config 2017-10-23 15:44:16 +02:00			`#fields: threat_level_id, id, info`
Loads of bug fixes: Added possibility to plot any field in lineChart + Fixed bug GEO where data was not from the correct date + Clear view when no data + Probably solved unsorted dic stored in redis + Support of publish_event_to_zmq 2017-10-27 15:33:09 +02:00			`jsonevent = jsonobj['Event']`
Moved publishing into a function 2017-10-24 11:29:32 +02:00			`#redirect to handler_attribute`
			`if 'Attribute' in jsonevent:`
Fixed marker bug + fixed bug multiple attributes from event 2017-10-24 12:17:10 +02:00			`attributes = jsonevent['Attribute']`
Probably fixed zmq bug in categ 2017-10-25 16:21:35 +02:00			`if type(attributes) is list:`
Fixed marker bug + fixed bug multiple attributes from event 2017-10-24 12:17:10 +02:00			`for attr in attributes:`
Loads of bug fixes: Added possibility to plot any field in lineChart + Fixed bug GEO where data was not from the correct date + Clear view when no data + Probably solved unsorted dic stored in redis + Support of publish_event_to_zmq 2017-10-27 15:33:09 +02:00			`jsoncopy = copy.deepcopy(jsonobj)`
			`jsoncopy['Attribute'] = attr`
			`handler_attribute(zmq_name, jsoncopy)`
Fixed marker bug + fixed bug multiple attributes from event 2017-10-24 12:17:10 +02:00			`else:`
Probably fixed zmq bug in categ 2017-10-25 16:21:35 +02:00			`handler_attribute(zmq_name, attributes)`
Moved more to config 2017-10-23 15:44:16 +02:00
Support of the ZMQ_REWORK 2017-10-27 12:05:14 +02:00			`def handler_attribute(zmq_name, jsonobj):`
Probably fixed zmq bug in categ 2017-10-25 16:21:35 +02:00			`# check if jsonattr is an attribute object`
Support of the ZMQ_REWORK 2017-10-27 12:05:14 +02:00			`if 'Attribute' in jsonobj:`
			`jsonattr = jsonobj['Attribute']`
Probably fixed zmq bug in categ 2017-10-25 16:21:35 +02:00
Moved more to config 2017-10-23 15:44:16 +02:00			`to_push = []`
Consider time as a default value in logs table 2017-10-23 15:47:34 +02:00			`for field in json.loads(cfg.get('Log', 'fieldname_order')):`
Added multiple fields in dataTable row 2017-10-24 15:17:52 +02:00			`if type(field) is list:`
Support of the ZMQ_REWORK 2017-10-27 12:05:14 +02:00			`to_join = []`
			`for subField in field:`
			`to_join.append(getFields(jsonobj, subField))`
			`to_add = cfg.get('Log', 'char_separator').join(to_join)`
Added multiple fields in dataTable row 2017-10-24 15:17:52 +02:00			`else:`
Support of the ZMQ_REWORK 2017-10-27 12:05:14 +02:00			`to_add = getFields(jsonobj, field)`
Added multiple fields in dataTable row 2017-10-24 15:17:52 +02:00			`to_push.append(to_add)`
Started support of MISP ZMQ 2017-10-13 15:03:09 +02:00
Probably fixed zmq bug in categ 2017-10-25 16:21:35 +02:00			`#try to get coord from ip`
Added zrank for coord 2017-10-20 16:55:07 +02:00			`if jsonattr['category'] == "Network activity":`
Added support of named ZMQ + automatic Led colors in dashboard 2017-10-25 10:41:46 +02:00			`getCoordAndPublish(zmq_name, jsonattr['value'], jsonattr['category'])`
Started support of MISP ZMQ 2017-10-13 15:03:09 +02:00
Probably fixed zmq bug in categ 2017-10-25 16:21:35 +02:00			`# Push to log`
Added support of named ZMQ + automatic Led colors in dashboard 2017-10-25 10:41:46 +02:00			`publish_log(zmq_name, 'Attribute', to_push)`
Support of unknown number of feeders + display log messages 2017-09-11 14:53:06 +02:00

Added support of named ZMQ + automatic Led colors in dashboard 2017-10-25 10:41:46 +02:00			`def process_log(zmq_name, event):`
Started support of MISP ZMQ 2017-10-13 15:03:09 +02:00			`event = event.decode('utf8')`
			`topic, eventdata = event.split(' ', maxsplit=1)`
			`jsonevent = json.loads(eventdata)`
Added support of named ZMQ + automatic Led colors in dashboard 2017-10-25 10:41:46 +02:00			`dico_action[topic](zmq_name, jsonevent)`
Started support of MISP ZMQ 2017-10-13 15:03:09 +02:00

Added support of named ZMQ + automatic Led colors in dashboard 2017-10-25 10:41:46 +02:00			`def main(zmqName):`
UI attunement - Possibility to adjust with of panels in config, immediatly change text. Bit of zmq refacto 2017-10-25 12:12:14 +02:00			`context = zmq.Context()`
			`socket = context.socket(zmq.SUB)`
			`socket.connect(ZMQ_URL)`
			`socket.setsockopt_string(zmq.SUBSCRIBE, '')`

Started support of MISP ZMQ 2017-10-13 15:03:09 +02:00			`while True:`
			`content = socket.recv()`
			`content.replace(b'\n', b'') # remove \n...`
Added support of named ZMQ + automatic Led colors in dashboard 2017-10-25 10:41:46 +02:00			`zmq_name = zmqName`
			`process_log(zmq_name, content)`
Started support of MISP ZMQ 2017-10-13 15:03:09 +02:00

			`dico_action = {`
Loads of bug fixes: Added possibility to plot any field in lineChart + Fixed bug GEO where data was not from the correct date + Clear view when no data + Probably solved unsorted dic stored in redis + Support of publish_event_to_zmq 2017-10-27 15:33:09 +02:00			`"misp_json": handler_dispatcher,`
Support of the ZMQ_REWORK 2017-10-27 12:05:14 +02:00			`"misp_json_event": handler_event,`
Moved more to config + Added orange led 2017-10-24 09:32:23 +02:00			`"misp_json_self": handler_keepalive,`
			`"misp_json_attribute": handler_attribute,`
Support of the ZMQ_REWORK 2017-10-27 12:05:14 +02:00			`"misp_json_sighting": handler_sighting,`
Moved more to config + Added orange led 2017-10-24 09:32:23 +02:00			`"misp_json_organisation": handler_log,`
			`"misp_json_user": handler_log,`
			`"misp_json_conversation": handler_log`
Started support of MISP ZMQ 2017-10-13 15:03:09 +02:00			`}`


			`if __name__ == "__main__":`
Added support of named ZMQ + automatic Led colors in dashboard 2017-10-25 10:41:46 +02:00
			`parser = argparse.ArgumentParser(description='A zmq subscriber. It subscribe to a ZNQ then redispatch it to the misp-dashboard')`
Fixed BIG TYPO ! 2017-10-27 08:49:47 +02:00			`parser.add_argument('-n', '--name', required=False, dest='zmqname', help='The ZMQ feed name', default="MISP Standard ZMQ")`
UI attunement - Possibility to adjust with of panels in config, immediatly change text. Bit of zmq refacto 2017-10-25 12:12:14 +02:00			`parser.add_argument('-u', '--url', required=False, dest='zmqurl', help='The URL to connect to', default=ZMQ_URL)`
Added support of named ZMQ + automatic Led colors in dashboard 2017-10-25 10:41:46 +02:00			`args = parser.parse_args()`

			`main(args.zmqname)`
Started support of MISP ZMQ 2017-10-13 15:03:09 +02:00			`reader.close()`