mirror of https://github.com/MISP/misp-modules
change history dns
parent
560dacbf7e
commit
64e7f9c8b6
|
@ -396,11 +396,23 @@ def __history_dns(results, domain, type_serv, service):
|
||||||
if 'records' in results:
|
if 'records' in results:
|
||||||
for record in results['records']:
|
for record in results['records']:
|
||||||
if 'values' in record:
|
if 'values' in record:
|
||||||
for item in record['values']:
|
values = record['values']
|
||||||
print(item)
|
if type(values) is list:
|
||||||
|
|
||||||
|
for item in record['values']:
|
||||||
|
r.append(
|
||||||
|
{'types': ['domain|ip'],
|
||||||
|
'values': [item[type_serv]],
|
||||||
|
'categories': ['Network activity'],
|
||||||
|
'comment': 'history %s of %s last seen: %s first seen: %s' %
|
||||||
|
(service, domain, record['last_seen'],
|
||||||
|
record['first_seen'])
|
||||||
|
}
|
||||||
|
)
|
||||||
|
else:
|
||||||
r.append(
|
r.append(
|
||||||
{'types': ['domain|ip'],
|
{'types': ['domain|ip'],
|
||||||
'values': [item[type_serv]],
|
'values': [values[type_serv]],
|
||||||
'categories': ['Network activity'],
|
'categories': ['Network activity'],
|
||||||
'comment': 'history %s of %s last seen: %s first seen: %s' %
|
'comment': 'history %s of %s last seen: %s first seen: %s' %
|
||||||
(service, domain, record['last_seen'],
|
(service, domain, record['last_seen'],
|
||||||
|
|
Loading…
Reference in New Issue