MISP
/
misp-modules
mirror of https://github.com/MISP/misp-modules
2
0
Fork 0
Code Issues Releases Wiki Activity

Fixed some details about the module output

pull/168/head
chrisr3d 2018-02-28 17:41:45 +01:00
parent 8f5c08e2c6
commit 323f71cdd3
No known key found for this signature in database
GPG Key ID: 6BBED1B63A6D639F
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
misp_modules/modules/import_mod/goamlimport.py
View File

@ -1,4 +1,4 @@
import json, datetime
import json, datetime, time
import xml.etree.ElementTree as ET
from collections import defaultdict
from pymisp import MISPEvent, MISPObject
@ -85,7 +85,8 @@ class GoAmlParser():
self.itterate(t, 'transaction')
def first_itteration(self):
self.misp_event.timestamp = self.tree.find('submission_date').text
submission_date = self.tree.find('submission_date').text.split('+')[0]
self.misp_event.timestamp = int(time.mktime(time.strptime(submission_date, "%Y-%m-%dT%H:%M:%S")))
for node in goAMLobjects['report']['nodes']:
element = self.tree.find(node)
if element is not None:
@ -149,7 +150,8 @@ def handler(q=False):
misperrors['error'] = "Impossible to read the file"
return misperrors
aml_parser.parse_xml()
return aml_parser.misp_event.to_json()
r = {'results': [{'types': mispattributes['output'], 'values': aml_parser.misp_event.to_json()}]}
return r
def introspection():
return mispattributes