Merge branch 'master' into support_osquery_win_named_obj

pull/240/head
Alexandre Dulaunoy 2018-10-26 07:48:26 +02:00 committed by GitHub
commit 7ae9b767fc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 15 additions and 0 deletions

View File

@ -116,6 +116,8 @@ Create your module in [misp_modules/modules/expansion/](misp_modules/modules/exp
Don't forget to return an error key and value if an error is raised to propagate it to the MISP user-interface. Don't forget to return an error key and value if an error is raised to propagate it to the MISP user-interface.
Your module's script name should also be added in the `__all__` list of `<module type folder>/__init__.py` in order for it to be loaded.
~~~python ~~~python
... ...
# Checking for required value # Checking for required value
@ -207,6 +209,19 @@ def handler(q=False):
codecs.encode(src, "rot-13")} codecs.encode(src, "rot-13")}
~~~ ~~~
#### export module
For an export module, the `request["data"]` object corresponds to a list of events (dictionaries) to handle.
Iterating over events attributes is performed using their `Attribute` key.
~~~python
...
for event in request["data"]:
for attribute in event["Attribute"]:
# do stuff w/ attribute['type'], attribute['value'], ...
...
### Returning Binary Data ### Returning Binary Data
If you want to return a file or other data you need to add a data attribute. If you want to return a file or other data you need to add a data attribute.