MISP
/
misp-dashboard
mirror of https://github.com/MISP/misp-dashboard
2
0
Fork 0
Code Issues Releases Wiki Activity

feature: Draft of sightings support

pull/9/head
Sami Mokaddem 2017-11-17 11:46:51 +01:00
parent ec3ec66fa7
commit bacde8e71f
2 changed files with 14 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
trendings_helper.py
View File

@ -28,8 +28,17 @@ class Trendings_helper:
for tag in tags: for tag in tags:
self.addGenericTrending('TRENDINGS_TAGS', tag, timestamp) self.addGenericTrending('TRENDINGS_TAGS', tag, timestamp)
def addSightings(self, event, categName, timestamp): def addSightings(self, timestamp):
pass timestampDate = datetime.datetime.fromtimestamp(float(timestamp))
timestampDate_str = util.getDateStrFormat(timestampDate)
keyname = "{}:{}".format("TRENDINGS_SIGHT_sightings", timestampDate_str)
self.serv_redis_db.incrby(keyname, 1)
def addFalsePositive(self, timestamp):
timestampDate = datetime.datetime.fromtimestamp(float(timestamp))
timestampDate_str = util.getDateStrFormat(timestampDate)
keyname = "{}:{}".format("TRENDINGS_SIGHT_false_positive", timestampDate_str)
self.serv_redis_db.incrby(keyname, 1)
''' GETTER ''' ''' GETTER '''

3
zmq_subscriber.py
View File

@ -233,6 +233,9 @@ def handler_sighting(zmq_name, jsondata):
handleContribution(zmq_name, org, 'Sighting', categ, action, pntMultiplier=2) handleContribution(zmq_name, org, 'Sighting', categ, action, pntMultiplier=2)
handler_attribute(zmq_name, jsonsight, hasAlreadyBeenContributed=True) handler_attribute(zmq_name, jsonsight, hasAlreadyBeenContributed=True)
trendings_helper.addSightings()
trendings_helper.addFalsePositive()
def handler_event(zmq_name, jsonobj): def handler_event(zmq_name, jsonobj):
#fields: threat_level_id, id, info #fields: threat_level_id, id, info
jsonevent = jsonobj['Event'] jsonevent = jsonobj['Event']