Merge pull request #106 from truckydev/master

Lite export of an event

misp_modules/modules/export_mod/__init__.py

@@ -1 +1 @@
-__all__ = ['testexport','cef_export']
+__all__ = ['testexport','cef_export','liteexport']

misp_modules/modules/export_mod/liteexport.py

@@ -0,0 +1,83 @@
+import json
+import base64
+
+misperrors = {'error': 'Error'}
+
+moduleinfo = {'version': '1', 
+			'author': 'TM',
+			'description': 'export lite',
+			'module-type': ['export']}
+
+#~ config form admin site but do not work
+#~ moduleconfig = ["indent_json_export"]
+moduleconfig = []
+
+#~ mispattributes = {'input':'all'} ?
+mispattributes = {}
+outputFileExtension = "json"
+responseType = "application/json"
+
+def handler(q=False):
+	if q is False:
+		return False
+	request = json.loads(q)
+	if "config" in request:
+		config  = request["config"]
+	else:
+		config  = {"indent_json_export":None}
+
+	if 'data' not in request:
+		return False
+
+	#~ Misp json structur
+	liteEvent = {'Event':{}}
+
+	for evt in request['data']:
+		rawEvent = evt['Event']
+		liteEvent['Event']['info'] = rawEvent['info']
+		liteEvent['Event']['Attribute'] = []
+		
+		attrs = evt['Attribute']
+		for attr in attrs:
+			if 'Internal reference' not in attr['category']:
+				liteAttr = {}
+				liteAttr['category'] = attr['category']
+				liteAttr['type'] = attr['type']
+				liteAttr['value'] = attr['value']
+				liteEvent['Event']['Attribute'].append(liteAttr)
+
+	return {"response":[],
+			'data': str(base64.b64encode(
+				bytes(
+					json.dumps(liteEvent, indent=config['indent_json_export']),
+					'utf-8')),
+				'utf-8')
+			}
+
+def introspection():
+	modulesetup = {}
+	try:
+		responseType
+		modulesetup['responseType'] = responseType
+	except NameError:
+	  pass
+	try:
+		userConfig
+		modulesetup['userConfig'] = userConfig
+	except NameError:
+		pass
+	try:
+		outputFileExtension
+		modulesetup['outputFileExtension'] = outputFileExtension
+	except NameError:
+		pass
+	try:
+		inputSource
+		modulesetup['inputSource'] = inputSource
+	except NameError:
+		pass
+	return modulesetup
+
+def version():
+	moduleinfo['config'] = moduleconfig
+	return moduleinfo