diff --git a/misp_modules/modules/export_mod/__init__.py b/misp_modules/modules/export_mod/__init__.py index 69f1c001..ee457cff 100644 --- a/misp_modules/modules/export_mod/__init__.py +++ b/misp_modules/modules/export_mod/__init__.py @@ -1 +1 @@ -__all__ = ['testexport','cef_export'] +__all__ = ['testexport','cef_export','liteexport'] diff --git a/misp_modules/modules/export_mod/liteexport.py b/misp_modules/modules/export_mod/liteexport.py new file mode 100755 index 00000000..b22c3505 --- /dev/null +++ b/misp_modules/modules/export_mod/liteexport.py @@ -0,0 +1,83 @@ +import json +import base64 + +misperrors = {'error': 'Error'} + +moduleinfo = {'version': '1', + 'author': 'TM', + 'description': 'export lite', + 'module-type': ['export']} + +#~ config form admin site but do not work +#~ moduleconfig = ["indent_json_export"] +moduleconfig = [] + +#~ mispattributes = {'input':'all'} ? +mispattributes = {} +outputFileExtension = "json" +responseType = "application/json" + +def handler(q=False): + if q is False: + return False + request = json.loads(q) + if "config" in request: + config = request["config"] + else: + config = {"indent_json_export":None} + + if 'data' not in request: + return False + + #~ Misp json structur + liteEvent = {'Event':{}} + + for evt in request['data']: + rawEvent = evt['Event'] + liteEvent['Event']['info'] = rawEvent['info'] + liteEvent['Event']['Attribute'] = [] + + attrs = evt['Attribute'] + for attr in attrs: + if 'Internal reference' not in attr['category']: + liteAttr = {} + liteAttr['category'] = attr['category'] + liteAttr['type'] = attr['type'] + liteAttr['value'] = attr['value'] + liteEvent['Event']['Attribute'].append(liteAttr) + + return {"response":[], + 'data': str(base64.b64encode( + bytes( + json.dumps(liteEvent, indent=config['indent_json_export']), + 'utf-8')), + 'utf-8') + } + +def introspection(): + modulesetup = {} + try: + responseType + modulesetup['responseType'] = responseType + except NameError: + pass + try: + userConfig + modulesetup['userConfig'] = userConfig + except NameError: + pass + try: + outputFileExtension + modulesetup['outputFileExtension'] = outputFileExtension + except NameError: + pass + try: + inputSource + modulesetup['inputSource'] = inputSource + except NameError: + pass + return modulesetup + +def version(): + moduleinfo['config'] = moduleconfig + return moduleinfo