Update yeti.py

add object
pull/488/head
Sebdraven 2021-03-19 10:52:48 +01:00
parent 6fc3b2a860
commit 48f56b0690
1 changed files with 10 additions and 3 deletions

View File

@ -23,7 +23,7 @@ moduleconfig = ['apikey', 'url']
class Yeti(): class Yeti():
def __init__(self, url, key,attribute): def __init__(self, url, key,attribute):
self.dict = {'Ip': 'ip-dst', 'Domain': 'domain', 'Hostname': 'hostname', 'Url': 'url'} self.misp_mapping = {'Ip': 'ip-dst', 'Domain': 'domain', 'Hostname': 'hostname', 'Url': 'url'}
self.yeti_client = pyeti.YetiApi(url=url, api_key=key) self.yeti_client = pyeti.YetiApi(url=url, api_key=key)
self.attribute = attribute self.attribute = attribute
self.misp_event = MISPEvent() self.misp_event = MISPEvent()
@ -83,10 +83,16 @@ class Yeti():
if (obj_to_add['type'] == 'Ip' and self.attribute in ['hostname','domain']) or\ if (obj_to_add['type'] == 'Ip' and self.attribute in ['hostname','domain']) or\
(obj_to_add['type'] in ('Hostname', 'Domain') and self.attribute['type'] in ('ip-src', 'ip-dst')): (obj_to_add['type'] in ('Hostname', 'Domain') and self.attribute['type'] in ('ip-src', 'ip-dst')):
domain_ip_object = MISPObject('domain-ip') domain_ip_object = MISPObject('domain-ip')
domain_ip_object.add_attribute() domain_ip_object.add_attribute(**self.__get_attribute(obj_to_add))
domain_ip_object.add_reference(self.attribute['uuid'], 'related_to') domain_ip_object.add_reference(self.attribute['uuid'], 'related_to')
domain_ip_object.add_attribute(**self.attribute)
return domain_ip_object return domain_ip_object
def __get_attribute(self, obj_yeti):
typ_attribute = self.misp_mapping[obj_yeti['type']]
attr_misp = {'type':typ_attribute, 'value': obj_yeti['value']}
return attr_misp
def handler(q=False): def handler(q=False):
if q is False: if q is False:
return False return False
@ -109,7 +115,8 @@ def handler(q=False):
yeti_client = Yeti(yeti_url, apikey, attribute) yeti_client = Yeti(yeti_url, apikey, attribute)
if yeti_client: if yeti_client:
yeti_client.parse_yeti_result()
return yeti_client.get_result()
else: else:
misperrors['error'] = 'Yeti Config Error' misperrors['error'] = 'Yeti Config Error'
return misperrors return misperrors