mirror of https://github.com/MISP/misp-modules
updated
parent
15a6adce86
commit
c32d772275
|
@ -15,6 +15,22 @@ moduleinfo = {
|
||||||
}
|
}
|
||||||
moduleconfig = ['apiKey']
|
moduleconfig = ['apiKey']
|
||||||
|
|
||||||
|
_IPGEO_MAPPING ={
|
||||||
|
'isp':'ISP',
|
||||||
|
'asn':'asn',
|
||||||
|
'city':'city',
|
||||||
|
'country_name':'country',
|
||||||
|
'country_code2':'country-code',
|
||||||
|
'latitude':'latitude',
|
||||||
|
'longitude':'longitude',
|
||||||
|
'organization':'organization',
|
||||||
|
'continent_name':'region',
|
||||||
|
'continent_code':'region-code',
|
||||||
|
'state_prov':'state',
|
||||||
|
'zipcode':'zipcode',
|
||||||
|
'ip':'ip-src'
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
def handler(q=False):
|
def handler(q=False):
|
||||||
# Input checks
|
# Input checks
|
||||||
|
@ -50,8 +66,7 @@ def handler(q=False):
|
||||||
|
|
||||||
ipObject = MISPObject('ip-api-address')
|
ipObject = MISPObject('ip-api-address')
|
||||||
# Correct
|
# Correct
|
||||||
mapping = get_mapping()
|
for field, relation in _IPGEO_MAPPING.items():
|
||||||
for field, relation in mapping.items():
|
|
||||||
ipObject.add_attribute(relation, query[field])
|
ipObject.add_attribute(relation, query[field])
|
||||||
ipObject.add_reference(input_attribute.uuid, 'locates')
|
ipObject.add_reference(input_attribute.uuid, 'locates')
|
||||||
misp_event.add_object(ipObject)
|
misp_event.add_object(ipObject)
|
||||||
|
|
Loading…
Reference in New Issue