misp-modules/misp_modules/modules/export_mod/liteexport.py

90 lines
1.8 KiB
Python
Raw Normal View History

2017-02-21 16:48:09 +01:00
import json
import base64
misperrors = {'error': 'Error'}
moduleinfo = {'version': '1',
'author': 'TM',
'description': 'export lite',
'module-type': ['export']}
2017-04-21 15:53:48 +02:00
moduleconfig = ["indent_json_export"]
2017-02-21 16:48:09 +01:00
mispattributes = {}
outputFileExtension = "json"
responseType = "application/json"
def handler(q=False):
if q is False:
return False
2017-04-21 15:53:48 +02:00
2017-02-21 16:48:09 +01:00
request = json.loads(q)
2017-04-21 15:53:48 +02:00
config = {}
2017-02-21 16:48:09 +01:00
if "config" in request:
2017-04-21 15:53:48 +02:00
config = request["config"]
2017-02-21 16:48:09 +01:00
else:
2017-04-21 15:53:48 +02:00
config = {"indent_json_export" : None}
if config['indent_json_export'] is not None:
try:
config['indent_json_export'] = int(config['indent_json_export'])
except:
config['indent_json_export'] = None
2017-02-21 16:48:09 +01:00
if 'data' not in request:
return False
2017-02-21 17:12:17 +01:00
#~ Misp json structur
2017-02-21 16:48:09 +01:00
liteEvent = {'Event':{}}
for evt in request['data']:
rawEvent = evt['Event']
liteEvent['Event']['info'] = rawEvent['info']
liteEvent['Event']['Attribute'] = []
attrs = evt['Attribute']
for attr in attrs:
2017-02-21 17:12:17 +01:00
if 'Internal reference' not in attr['category']:
liteAttr = {}
liteAttr['category'] = attr['category']
liteAttr['type'] = attr['type']
liteAttr['value'] = attr['value']
liteEvent['Event']['Attribute'].append(liteAttr)
2017-02-21 16:48:09 +01:00
2017-04-21 15:53:48 +02:00
return {'response' : [],
'data' : str(base64.b64encode(
2017-02-21 16:48:09 +01:00
bytes(
json.dumps(liteEvent, indent=config['indent_json_export']),
'utf-8')),
'utf-8')
}
def introspection():
modulesetup = {}
try:
responseType
modulesetup['responseType'] = responseType
except NameError:
pass
try:
userConfig
modulesetup['userConfig'] = userConfig
except NameError:
pass
try:
outputFileExtension
modulesetup['outputFileExtension'] = outputFileExtension
except NameError:
pass
try:
inputSource
modulesetup['inputSource'] = inputSource
except NameError:
pass
return modulesetup
def version():
moduleinfo['config'] = moduleconfig
return moduleinfo