mirror of https://github.com/MISP/misp-modules
change history dns
parent
560dacbf7e
commit
64e7f9c8b6
|
@ -396,8 +396,10 @@ def __history_dns(results, domain, type_serv, service):
|
||||||
if 'records' in results:
|
if 'records' in results:
|
||||||
for record in results['records']:
|
for record in results['records']:
|
||||||
if 'values' in record:
|
if 'values' in record:
|
||||||
|
values = record['values']
|
||||||
|
if type(values) is list:
|
||||||
|
|
||||||
for item in record['values']:
|
for item in record['values']:
|
||||||
print(item)
|
|
||||||
r.append(
|
r.append(
|
||||||
{'types': ['domain|ip'],
|
{'types': ['domain|ip'],
|
||||||
'values': [item[type_serv]],
|
'values': [item[type_serv]],
|
||||||
|
@ -407,6 +409,16 @@ def __history_dns(results, domain, type_serv, service):
|
||||||
record['first_seen'])
|
record['first_seen'])
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
|
else:
|
||||||
|
r.append(
|
||||||
|
{'types': ['domain|ip'],
|
||||||
|
'values': [values[type_serv]],
|
||||||
|
'categories': ['Network activity'],
|
||||||
|
'comment': 'history %s of %s last seen: %s first seen: %s' %
|
||||||
|
(service, domain, record['last_seen'],
|
||||||
|
record['first_seen'])
|
||||||
|
}
|
||||||
|
)
|
||||||
return r
|
return r
|
||||||
|
|
||||||
def introspection():
|
def introspection():
|
||||||
|
|
Loading…
Reference in New Issue