2024-08-13 08:21:34 +02:00
<!doctype html>
< html lang = "en" class = "no-js" >
< head >
< meta charset = "utf-8" >
< meta name = "viewport" content = "width=device-width,initial-scale=1" >
< meta name = "description" content = "MISP Modules Project" >
< meta name = "author" content = "MISP Project" >
< link rel = "canonical" href = "https://www.misp-project.org/action_mod/" >
2024-08-13 09:17:16 +02:00
< link rel = "prev" href = ".." >
2024-08-13 08:21:34 +02:00
2024-08-13 09:17:16 +02:00
< link rel = "next" href = "../expansion/" >
2024-08-13 08:21:34 +02:00
< link rel = "icon" href = "../img/favicon.ico" >
2024-08-13 09:31:43 +02:00
< meta name = "generator" content = "mkdocs-1.6.0, mkdocs-material-9.5.31" >
2024-08-13 08:21:34 +02:00
< title > Action Modules - MISP Modules Documentation< / title >
2024-08-13 09:31:43 +02:00
< link rel = "stylesheet" href = "../assets/stylesheets/main.3cba04c6.min.css" >
2024-08-13 08:21:34 +02:00
< link rel = "stylesheet" href = "../assets/stylesheets/palette.06af60db.min.css" >
< link rel = "preconnect" href = "https://fonts.gstatic.com" crossorigin >
< link rel = "stylesheet" href = "https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,700,700i%7CRoboto+Mono:400,400i,700,700i&display=fallback" >
< style > : root { --md-text-font : "Roboto" ; --md-code-font : "Roboto Mono" } < / style >
< script > _ _md _scope = new URL ( ".." , location ) , _ _md _hash = e => [ ... e ] . reduce ( ( e , _ ) => ( e << 5 ) - e + _ . charCodeAt ( 0 ) , 0 ) , _ _md _get = ( e , _ = localStorage , t = _ _md _scope ) => JSON . parse ( _ . getItem ( t . pathname + "." + e ) ) , _ _md _set = ( e , _ , t = localStorage , a = _ _md _scope ) => { try { t . setItem ( a . pathname + "." + e , JSON . stringify ( _ ) ) } catch ( e ) { } } < / script >
< / head >
< body dir = "ltr" data-md-color-scheme = "default" data-md-color-primary = "indigo" data-md-color-accent = "indigo" >
< input class = "md-toggle" data-md-toggle = "drawer" type = "checkbox" id = "__drawer" autocomplete = "off" >
< input class = "md-toggle" data-md-toggle = "search" type = "checkbox" id = "__search" autocomplete = "off" >
< label class = "md-overlay" for = "__drawer" > < / label >
< div data-md-component = "skip" >
< a href = "#mattermost" class = "md-skip" >
Skip to content
< / a >
< / div >
< div data-md-component = "announce" >
< / div >
< header class = "md-header md-header--shadow" data-md-component = "header" >
< nav class = "md-header__inner md-grid" aria-label = "Header" >
< a href = ".." title = "MISP Modules Documentation" class = "md-header__button md-logo" aria-label = "MISP Modules Documentation" data-md-component = "logo" >
< img src = "../img/misp.png" alt = "logo" >
< / a >
< label class = "md-header__button md-icon" for = "__drawer" >
< svg xmlns = "http://www.w3.org/2000/svg" viewBox = "0 0 24 24" > < path d = "M3 6h18v2H3V6m0 5h18v2H3v-2m0 5h18v2H3v-2Z" / > < / svg >
< / label >
< div class = "md-header__title" data-md-component = "header-title" >
< div class = "md-header__ellipsis" >
< div class = "md-header__topic" >
< span class = "md-ellipsis" >
MISP Modules Documentation
< / span >
< / div >
< div class = "md-header__topic" data-md-component = "header-topic" >
< span class = "md-ellipsis" >
Action Modules
< / span >
< / div >
< / div >
< / div >
< div class = "md-header__source" >
< a href = "https://github.com/MISP/misp-modules/" title = "Go to repository" class = "md-source" data-md-component = "source" >
< div class = "md-source__icon md-icon" >
2024-08-13 09:31:43 +02:00
< svg xmlns = "http://www.w3.org/2000/svg" viewBox = "0 0 448 512" > <!-- ! Font Awesome Free 6.6.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2024 Fonticons, Inc. --> < path d = "M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z" / > < / svg >
2024-08-13 08:21:34 +02:00
< / div >
< div class = "md-source__repository" >
MISP/misp-modules
< / div >
< / a >
< / div >
< / nav >
< / header >
< div class = "md-container" data-md-component = "container" >
< main class = "md-main" data-md-component = "main" >
< div class = "md-main__inner md-grid" >
< div class = "md-sidebar md-sidebar--primary" data-md-component = "sidebar" data-md-type = "navigation" >
< div class = "md-sidebar__scrollwrap" >
< div class = "md-sidebar__inner" >
< nav class = "md-nav md-nav--primary" aria-label = "Navigation" data-md-level = "0" >
< label class = "md-nav__title" for = "__drawer" >
< a href = ".." title = "MISP Modules Documentation" class = "md-nav__button md-logo" aria-label = "MISP Modules Documentation" data-md-component = "logo" >
< img src = "../img/misp.png" alt = "logo" >
< / a >
MISP Modules Documentation
< / label >
< div class = "md-nav__source" >
< a href = "https://github.com/MISP/misp-modules/" title = "Go to repository" class = "md-source" data-md-component = "source" >
< div class = "md-source__icon md-icon" >
2024-08-13 09:31:43 +02:00
< svg xmlns = "http://www.w3.org/2000/svg" viewBox = "0 0 448 512" > <!-- ! Font Awesome Free 6.6.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2024 Fonticons, Inc. --> < path d = "M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z" / > < / svg >
2024-08-13 08:21:34 +02:00
< / div >
< div class = "md-source__repository" >
MISP/misp-modules
< / div >
< / a >
< / div >
< ul class = "md-nav__list" data-md-scrollfix >
< li class = "md-nav__item" >
< a href = ".." class = "md-nav__link" >
< span class = "md-ellipsis" >
Home
< / span >
< / a >
< / li >
< li class = "md-nav__item md-nav__item--active md-nav__item--nested" >
< input class = "md-nav__toggle md-toggle " type = "checkbox" id = "__nav_2" checked >
< label class = "md-nav__link" for = "__nav_2" id = "__nav_2_label" tabindex = "0" >
< span class = "md-ellipsis" >
Modules
< / span >
< span class = "md-nav__icon md-icon" > < / span >
< / label >
< nav class = "md-nav" data-md-level = "1" aria-labelledby = "__nav_2_label" aria-expanded = "true" >
< label class = "md-nav__title" for = "__nav_2" >
< span class = "md-nav__icon md-icon" > < / span >
Modules
< / label >
< ul class = "md-nav__list" data-md-scrollfix >
< li class = "md-nav__item md-nav__item--active" >
< input class = "md-nav__toggle md-toggle" type = "checkbox" id = "__toc" >
< label class = "md-nav__link md-nav__link--active" for = "__toc" >
< span class = "md-ellipsis" >
Action Modules
< / span >
< span class = "md-nav__icon md-icon" > < / span >
< / label >
< a href = "./" class = "md-nav__link md-nav__link--active" >
< span class = "md-ellipsis" >
Action Modules
< / span >
< / a >
< nav class = "md-nav md-nav--secondary" aria-label = "Table of contents" >
< label class = "md-nav__title" for = "__toc" >
< span class = "md-nav__icon md-icon" > < / span >
Table of contents
< / label >
< ul class = "md-nav__list" data-md-component = "toc" data-md-scrollfix >
< li class = "md-nav__item" >
< a href = "#mattermost" class = "md-nav__link" >
< span class = "md-ellipsis" >
Mattermost
< / span >
< / a >
< / li >
< li class = "md-nav__item" >
< a href = "#slack" class = "md-nav__link" >
< span class = "md-ellipsis" >
Slack
< / span >
< / a >
< / li >
< li class = "md-nav__item" >
< a href = "#test-action" class = "md-nav__link" >
< span class = "md-ellipsis" >
Test action
< / span >
< / a >
< / li >
< / ul >
< / nav >
< / li >
2024-08-13 09:17:16 +02:00
< li class = "md-nav__item" >
< a href = "../expansion/" class = "md-nav__link" >
< span class = "md-ellipsis" >
Expansion Modules
< / span >
< / a >
< / li >
< li class = "md-nav__item" >
< a href = "../export_mod/" class = "md-nav__link" >
< span class = "md-ellipsis" >
Export Modules
< / span >
< / a >
< / li >
< li class = "md-nav__item" >
< a href = "../import_mod/" class = "md-nav__link" >
< span class = "md-ellipsis" >
Import Modules
< / span >
< / a >
< / li >
2024-08-13 08:21:34 +02:00
< / ul >
< / nav >
< / li >
< li class = "md-nav__item" >
< a href = "../install/" class = "md-nav__link" >
< span class = "md-ellipsis" >
Install Guides
< / span >
< / a >
< / li >
< li class = "md-nav__item" >
< a href = "../contribute/" class = "md-nav__link" >
< span class = "md-ellipsis" >
Contribute
< / span >
< / a >
< / li >
< li class = "md-nav__item md-nav__item--nested" >
< input class = "md-nav__toggle md-toggle " type = "checkbox" id = "__nav_5" >
< label class = "md-nav__link" for = "__nav_5" id = "__nav_5_label" tabindex = "0" >
< span class = "md-ellipsis" >
About
< / span >
< span class = "md-nav__icon md-icon" > < / span >
< / label >
< nav class = "md-nav" data-md-level = "1" aria-labelledby = "__nav_5_label" aria-expanded = "false" >
< label class = "md-nav__title" for = "__nav_5" >
< span class = "md-nav__icon md-icon" > < / span >
About
< / label >
< ul class = "md-nav__list" data-md-scrollfix >
< li class = "md-nav__item" >
< a href = "../license/" class = "md-nav__link" >
< span class = "md-ellipsis" >
License
< / span >
< / a >
< / li >
< / ul >
< / nav >
< / li >
< / ul >
< / nav >
< / div >
< / div >
< / div >
< div class = "md-sidebar md-sidebar--secondary" data-md-component = "sidebar" data-md-type = "toc" >
< div class = "md-sidebar__scrollwrap" >
< div class = "md-sidebar__inner" >
< nav class = "md-nav md-nav--secondary" aria-label = "Table of contents" >
< label class = "md-nav__title" for = "__toc" >
< span class = "md-nav__icon md-icon" > < / span >
Table of contents
< / label >
< ul class = "md-nav__list" data-md-component = "toc" data-md-scrollfix >
< li class = "md-nav__item" >
< a href = "#mattermost" class = "md-nav__link" >
< span class = "md-ellipsis" >
Mattermost
< / span >
< / a >
< / li >
< li class = "md-nav__item" >
< a href = "#slack" class = "md-nav__link" >
< span class = "md-ellipsis" >
Slack
< / span >
< / a >
< / li >
< li class = "md-nav__item" >
< a href = "#test-action" class = "md-nav__link" >
< span class = "md-ellipsis" >
Test action
< / span >
< / a >
< / li >
< / ul >
< / nav >
< / div >
< / div >
< / div >
< div class = "md-content" data-md-component = "content" >
< article class = "md-content__inner md-typeset" >
< h1 > Action Modules< / h1 >
< h4 id = "mattermost" > < a href = "https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/action_mod/mattermost.py" > Mattermost< / a > < a class = "headerlink" href = "#mattermost" title = "Permanent link" > ¶ < / a > < / h4 >
< p > Simplistic module to send message to a Mattermost channel.
2024-08-13 09:17:16 +02:00
[< a href = "https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/action_mod/mattermost.py" > source code< / a > ]< / p >
2024-08-13 08:21:34 +02:00
< ul >
2024-08-13 09:17:16 +02:00
< li >
< p > < strong > features< / strong > :< / p >
< blockquote > < / blockquote >
< / li >
< li >
< p > < strong > config< / strong > :< / p >
< blockquote >
< p > {'params': {'mattermost_hostname': {'type': 'string', 'description': 'The Mattermost domain or URL', 'value': 'example.mattermost.com'}, 'bot_access_token': {'type': 'string', 'description': 'Access token generated when you created the bot account'}, 'channel_id': {'type': 'string', 'description': 'The channel you added the bot to'}, 'message_template': {'type': 'large_string', 'description': 'The template to be used to generate the message to be posted', 'value': 'The < strong > template< / strong > will be rendered using < em > Jinja2< / em > !', 'jinja_supported': True}}, 'blocking': False, 'support_filters': True, 'expect_misp_core_format': False}< / p >
2024-08-13 08:21:34 +02:00
< / blockquote >
2024-08-13 09:17:16 +02:00
< / li >
< / ul >
2024-08-13 08:21:34 +02:00
< hr / >
< h4 id = "slack" > < a href = "https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/action_mod/slack.py" > Slack< / a > < a class = "headerlink" href = "#slack" title = "Permanent link" > ¶ < / a > < / h4 >
< p > Simplistic module to send messages to a Slack channel.
2024-08-13 09:17:16 +02:00
[< a href = "https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/action_mod/slack.py" > source code< / a > ]< / p >
2024-08-13 08:21:34 +02:00
< ul >
2024-08-13 09:17:16 +02:00
< li >
< p > < strong > features< / strong > :< / p >
< blockquote > < / blockquote >
< / li >
< li >
< p > < strong > config< / strong > :< / p >
< blockquote >
< p > {'params': {'slack_bot_token': {'type': 'string', 'description': 'The Slack bot token generated when you created the bot account'}, 'channel_id': {'type': 'string', 'description': 'The channel ID you want to post messages to'}, 'message_template': {'type': 'large_string', 'description': 'The template to be used to generate the message to be posted', 'value': 'The < strong > template< / strong > will be rendered using < em > Jinja2< / em > !', 'jinja_supported': True}}, 'blocking': False, 'support_filters': True, 'expect_misp_core_format': False}< / p >
2024-08-13 08:21:34 +02:00
< / blockquote >
2024-08-13 09:17:16 +02:00
< / li >
< / ul >
2024-08-13 08:21:34 +02:00
< hr / >
< h4 id = "test-action" > < a href = "https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/action_mod/testaction.py" > Test action< / a > < a class = "headerlink" href = "#test-action" title = "Permanent link" > ¶ < / a > < / h4 >
< p > This module is merely a test, always returning true. Triggers on event publishing.
2024-08-13 09:17:16 +02:00
[< a href = "https://github.com/MISP/misp-modules/tree/main/misp_modules/modules/action_mod/testaction.py" > source code< / a > ]< / p >
2024-08-13 08:21:34 +02:00
< ul >
2024-08-13 09:17:16 +02:00
< li >
< p > < strong > features< / strong > :< / p >
< blockquote > < / blockquote >
< / li >
< li >
< p > < strong > config< / strong > :< / p >
< blockquote >
< p > {'params': {'foo': {'type': 'string', 'description': 'blablabla', 'value': 'xyz'}, 'Data extraction path': {'type': 'hash_path', 'description': 'Only post content extracted from this path', 'value': 'Attribute.{n}.AttributeTag.{n}.Tag.name'}}, 'blocking': False, 'support_filters': False, 'expect_misp_core_format': False}< / p >
2024-08-13 08:21:34 +02:00
< / blockquote >
2024-08-13 09:17:16 +02:00
< / li >
< / ul >
2024-08-13 08:21:34 +02:00
< hr / >
< / article >
< / div >
< script > var target = document . getElementById ( location . hash . slice ( 1 ) ) ; target && target . name && ( target . checked = target . name . startsWith ( "__tabbed_" ) ) < / script >
< / div >
< / main >
< footer class = "md-footer" >
< div class = "md-footer-meta md-typeset" >
< div class = "md-footer-meta__inner md-grid" >
< div class = "md-copyright" >
< div class = "md-copyright__highlight" >
Copyright © 2019-2024 MISP Project
< / div >
Made with
< a href = "https://squidfunk.github.io/mkdocs-material/" target = "_blank" rel = "noopener" >
Material for MkDocs
< / a >
< / div >
< div class = "md-social" >
< a href = "https://twitter.com/MISPProject" target = "_blank" rel = "noopener" title = "twitter.com" class = "md-social__link" >
2024-08-13 09:31:43 +02:00
< svg xmlns = "http://www.w3.org/2000/svg" viewBox = "0 0 512 512" > <!-- ! Font Awesome Free 6.6.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2024 Fonticons, Inc. --> < path d = "M459.37 151.716c.325 4.548.325 9.097.325 13.645 0 138.72-105.583 298.558-298.558 298.558-59.452 0-114.68-17.219-161.137-47.106 8.447.974 16.568 1.299 25.34 1.299 49.055 0 94.213-16.568 130.274-44.832-46.132-.975-84.792-31.188-98.112-72.772 6.498.974 12.995 1.624 19.818 1.624 9.421 0 18.843-1.3 27.614-3.573-48.081-9.747-84.143-51.98-84.143-102.985v-1.299c13.969 7.797 30.214 12.67 47.431 13.319-28.264-18.843-46.781-51.005-46.781-87.391 0-19.492 5.197-37.36 14.294-52.954 51.655 63.675 129.3 105.258 216.365 109.807-1.624-7.797-2.599-15.918-2.599-24.04 0-57.828 46.782-104.934 104.934-104.934 30.213 0 57.502 12.67 76.67 33.137 23.715-4.548 46.456-13.32 66.599-25.34-7.798 24.366-24.366 44.833-46.132 57.827 21.117-2.273 41.584-8.122 60.426-16.243-14.292 20.791-32.161 39.308-52.628 54.253z" / > < / svg >
2024-08-13 08:21:34 +02:00
< / a >
< a href = "https://github.com/MISP" target = "_blank" rel = "noopener" title = "github.com" class = "md-social__link" >
2024-08-13 09:31:43 +02:00
< svg xmlns = "http://www.w3.org/2000/svg" viewBox = "0 0 480 512" > <!-- ! Font Awesome Free 6.6.0 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2024 Fonticons, Inc. --> < path d = "M186.1 328.7c0 20.9-10.9 55.1-36.7 55.1s-36.7-34.2-36.7-55.1 10.9-55.1 36.7-55.1 36.7 34.2 36.7 55.1zM480 278.2c0 31.9-3.2 65.7-17.5 95-37.9 76.6-142.1 74.8-216.7 74.8-75.8 0-186.2 2.7-225.6-74.8-14.6-29-20.2-63.1-20.2-95 0-41.9 13.9-81.5 41.5-113.6-5.2-15.8-7.7-32.4-7.7-48.8 0-21.5 4.9-32.3 14.6-51.8 45.3 0 74.3 9 108.8 36 29-6.9 58.8-10 88.7-10 27 0 54.2 2.9 80.4 9.2 34-26.7 63-35.2 107.8-35.2 9.8 19.5 14.6 30.3 14.6 51.8 0 16.4-2.6 32.7-7.7 48.2 27.5 32.4 39 72.3 39 114.2zm-64.3 50.5c0-43.9-26.7-82.6-73.5-82.6-18.9 0-37 3.4-56 6-14.9 2.3-29.8 3.2-45.1 3.2-15.2 0-30.1-.9-45.1-3.2-18.7-2.6-37-6-56-6-46.8 0-73.5 38.7-73.5 82.6 0 87.8 80.4 101.3 150.4 101.3h48.2c70.3 0 150.6-13.4 150.6-101.3zm-82.6-55.1c-25.8 0-36.7 34.2-36.7 55.1s10.9 55.1 36.7 55.1 36.7-34.2 36.7-55.1-10.9-55.1-36.7-55.1z" / > < / svg >
2024-08-13 08:21:34 +02:00
< / a >
< / div >
< / div >
< / div >
< / footer >
< / div >
< div class = "md-dialog" data-md-component = "dialog" >
< div class = "md-dialog__inner md-typeset" > < / div >
< / div >
< script id = "__config" type = "application/json" > { "base" : ".." , "features" : [ ] , "search" : "../assets/javascripts/workers/search.b8dbb3d2.min.js" , "translations" : { "clipboard.copied" : "Copied to clipboard" , "clipboard.copy" : "Copy to clipboard" , "search.result.more.one" : "1 more on this page" , "search.result.more.other" : "# more on this page" , "search.result.none" : "No matching documents" , "search.result.one" : "1 matching document" , "search.result.other" : "# matching documents" , "search.result.placeholder" : "Type to start searching" , "search.result.term.missing" : "Missing" , "select.version" : "Select version" } } < / script >
2024-08-13 09:31:43 +02:00
< script src = "../assets/javascripts/bundle.fe8b6f2b.min.js" > < / script >
2024-08-13 08:21:34 +02:00
< / body >
< / html >
