pull/618/head
Usama015 2023-06-19 22:21:35 +05:00
parent fe047eafc7
commit 84ecb424d1
1 changed files with 22 additions and 31 deletions

View File

@ -28,14 +28,14 @@ def handler(q=False):
if request['attribute']['type'] not in mispattributes['input']: if request['attribute']['type'] not in mispattributes['input']:
return {'error': 'Unsupported attribute type.'} return {'error': 'Unsupported attribute type.'}
attribute = request['attribute']
ip = request['attribute']['value'] ip = request['attribute']['value']
apiKey = request['config']['apiKey'] apiKey = request['config']['apiKey']
# Correct # Correct
response = handle_ip(apiKey, ip) return handle_ip(apiKey, ip, attribute)
return {'error': 'Going to the handleIP method'}
def handle_ip(apiKey, ip): def handle_ip(apiKey, ip, attribute):
try: try:
results = query_ipgeolocation(apiKey, ip) results = query_ipgeolocation(apiKey, ip)
@ -44,37 +44,28 @@ def handle_ip(apiKey, ip):
# Check if the IP address is not reserved for special use # Check if the IP address is not reserved for special use
try:
if results.get('message'): if results.get('message'):
if 'bogon' in results['message']: if 'bogon' in results['message']:
return {'error': 'The IP address(bogon IP) is reserved for special use'} return {'error': 'The IP address(bogon IP) is reserved for special use'}
else: else:
return {'error': 'Error Occurred during IP data Extraction from Message'} return {'error': 'Error Occurred during IP data Extraction from Message'}
except Exception:
return {'error': 'line 54'}
try:
misp_event = MISPEvent() misp_event = MISPEvent()
except Exception: input_attribute = MISPAttribute()
return {'error': 'line 58'} input_attribute.from_dict(**attribute)
# input_attribute = MISPAttribute() misp_event.add_attribute(**input_attribute)
# misp_event.add_attribute(**input_attribute)
ipObject = MISPObject('ip-api-address') ipObject = MISPObject('ip-api-address')
return {'error': 'line 64'} # Correct
# mapping = get_mapping().json() mapping = get_mapping().json()
# try: for field, relation in mapping.items():
# for field, relation in mapping.items(): ipObject.add_attribute(relation, results[field])
# ipObject.add_attribute(relation, results[field]) misp_event.add_object(ipObject)
# except Exception:
# return {'error': 'Error while Adding attributes'}
# misp_event.add_object(ipObject)
#
# Return the results in MISP format # Return the results in MISP format
# event = json.loads(misp_event.to_json()) event = json.loads(misp_event.to_json())
# return { return {
# 'results': {key: event[key] for key in ('Attribute', 'Object')} 'results': {key: event[key] for key in ('Attribute', 'Object')}
# } }
def query_ipgeolocation(apiKey, ip): def query_ipgeolocation(apiKey, ip):