mirror of https://github.com/MISP/misp-modules
parent
43672ee9a9
commit
5d80b79bc4
|
@ -79,27 +79,24 @@ class Yeti():
|
||||||
if object_misp_url:
|
if object_misp_url:
|
||||||
self.misp_event.add_object(object_misp_url)
|
self.misp_event.add_object(object_misp_url)
|
||||||
if not object_misp_url and not object_misp_url:
|
if not object_misp_url and not object_misp_url:
|
||||||
attr = self.__get_attribute(obs_to_add)
|
self.__get_attribute(obs_to_add)
|
||||||
if attr:
|
|
||||||
self.misp_event.add_attribute(attr.type, attr.value)
|
|
||||||
|
|
||||||
def get_result(self):
|
def get_result(self):
|
||||||
event = json.loads(self.misp_event.to_json())
|
event = json.loads(self.misp_event.to_json())
|
||||||
results = {key: event[key] for key in ('Attribute', 'Object')}
|
results = {key: event[key] for key in ('Attribute', 'Object')}
|
||||||
return results
|
return results
|
||||||
|
|
||||||
def __get_attribute(self, obs_to_add):
|
def __get_attribute(self, obs_to_add):
|
||||||
attr = MISPAttribute()
|
|
||||||
attr.value = obs_to_add['value']
|
|
||||||
try:
|
try:
|
||||||
attr.type = self.misp_mapping[obs_to_add['type']]
|
type_attr = self.misp_mapping[obs_to_add['type']]
|
||||||
|
attr = self.misp_event.add_attribute(value=obs_to_add['value'], type=type_attr)
|
||||||
except KeyError:
|
except KeyError:
|
||||||
logging.error('type not found %s' % obs_to_add['type'])
|
logging.error('type not found %s' % obs_to_add['type'])
|
||||||
return
|
return
|
||||||
|
|
||||||
for t in obs_to_add['tags']:
|
for t in obs_to_add['tags']:
|
||||||
attr.tags.append(t['name'])
|
self.misp_event.add_attribute_tag(t['name'], attr['uuid'])
|
||||||
return attr
|
|
||||||
|
|
||||||
def __get_object_domain_ip(self, obj_to_add):
|
def __get_object_domain_ip(self, obj_to_add):
|
||||||
if (obj_to_add['type'] == 'Ip' and self.attribute['type'] in ['hostname','domain']) or\
|
if (obj_to_add['type'] == 'Ip' and self.attribute['type'] in ['hostname','domain']) or\
|
||||||
|
|
Loading…
Reference in New Issue