mirror of https://github.com/MISP/misp-modules
updated
parent
fe047eafc7
commit
84ecb424d1
|
@ -28,14 +28,14 @@ def handler(q=False):
|
||||||
if request['attribute']['type'] not in mispattributes['input']:
|
if request['attribute']['type'] not in mispattributes['input']:
|
||||||
return {'error': 'Unsupported attribute type.'}
|
return {'error': 'Unsupported attribute type.'}
|
||||||
|
|
||||||
|
attribute = request['attribute']
|
||||||
ip = request['attribute']['value']
|
ip = request['attribute']['value']
|
||||||
apiKey = request['config']['apiKey']
|
apiKey = request['config']['apiKey']
|
||||||
# Correct
|
# Correct
|
||||||
response = handle_ip(apiKey, ip)
|
return handle_ip(apiKey, ip, attribute)
|
||||||
return {'error': 'Going to the handleIP method'}
|
|
||||||
|
|
||||||
|
|
||||||
def handle_ip(apiKey, ip):
|
def handle_ip(apiKey, ip, attribute):
|
||||||
|
|
||||||
try:
|
try:
|
||||||
results = query_ipgeolocation(apiKey, ip)
|
results = query_ipgeolocation(apiKey, ip)
|
||||||
|
@ -44,37 +44,28 @@ def handle_ip(apiKey, ip):
|
||||||
|
|
||||||
|
|
||||||
# Check if the IP address is not reserved for special use
|
# Check if the IP address is not reserved for special use
|
||||||
try:
|
|
||||||
if results.get('message'):
|
if results.get('message'):
|
||||||
if 'bogon' in results['message']:
|
if 'bogon' in results['message']:
|
||||||
return {'error': 'The IP address(bogon IP) is reserved for special use'}
|
return {'error': 'The IP address(bogon IP) is reserved for special use'}
|
||||||
else:
|
else:
|
||||||
return {'error': 'Error Occurred during IP data Extraction from Message'}
|
return {'error': 'Error Occurred during IP data Extraction from Message'}
|
||||||
except Exception:
|
|
||||||
return {'error': 'line 54'}
|
|
||||||
try:
|
|
||||||
misp_event = MISPEvent()
|
misp_event = MISPEvent()
|
||||||
except Exception:
|
input_attribute = MISPAttribute()
|
||||||
return {'error': 'line 58'}
|
input_attribute.from_dict(**attribute)
|
||||||
# input_attribute = MISPAttribute()
|
misp_event.add_attribute(**input_attribute)
|
||||||
# misp_event.add_attribute(**input_attribute)
|
|
||||||
|
|
||||||
|
|
||||||
ipObject = MISPObject('ip-api-address')
|
ipObject = MISPObject('ip-api-address')
|
||||||
return {'error': 'line 64'}
|
# Correct
|
||||||
# mapping = get_mapping().json()
|
mapping = get_mapping().json()
|
||||||
# try:
|
for field, relation in mapping.items():
|
||||||
# for field, relation in mapping.items():
|
ipObject.add_attribute(relation, results[field])
|
||||||
# ipObject.add_attribute(relation, results[field])
|
misp_event.add_object(ipObject)
|
||||||
# except Exception:
|
|
||||||
# return {'error': 'Error while Adding attributes'}
|
|
||||||
# misp_event.add_object(ipObject)
|
|
||||||
#
|
|
||||||
# Return the results in MISP format
|
# Return the results in MISP format
|
||||||
# event = json.loads(misp_event.to_json())
|
event = json.loads(misp_event.to_json())
|
||||||
# return {
|
return {
|
||||||
# 'results': {key: event[key] for key in ('Attribute', 'Object')}
|
'results': {key: event[key] for key in ('Attribute', 'Object')}
|
||||||
# }
|
}
|
||||||
|
|
||||||
|
|
||||||
def query_ipgeolocation(apiKey, ip):
|
def query_ipgeolocation(apiKey, ip):
|
||||||
|
|
Loading…
Reference in New Issue