mirror of https://github.com/MISP/misp-modules
testing
parent
b28d1871f7
commit
fe047eafc7
|
@ -30,9 +30,9 @@ def handler(q=False):
|
||||||
|
|
||||||
ip = request['attribute']['value']
|
ip = request['attribute']['value']
|
||||||
apiKey = request['config']['apiKey']
|
apiKey = request['config']['apiKey']
|
||||||
|
# Correct
|
||||||
|
response = handle_ip(apiKey, ip)
|
||||||
return {'error': 'Going to the handleIP method'}
|
return {'error': 'Going to the handleIP method'}
|
||||||
# response = handle_ip(apiKey, ip)
|
|
||||||
# return {'error': 'Going to the handleIP method'}
|
|
||||||
|
|
||||||
|
|
||||||
def handle_ip(apiKey, ip):
|
def handle_ip(apiKey, ip):
|
||||||
|
@ -44,32 +44,37 @@ def handle_ip(apiKey, ip):
|
||||||
|
|
||||||
|
|
||||||
# Check if the IP address is not reserved for special use
|
# Check if the IP address is not reserved for special use
|
||||||
|
try:
|
||||||
if results.get('message'):
|
if results.get('message'):
|
||||||
if 'bogon' in results['message']:
|
if 'bogon' in results['message']:
|
||||||
return {'error': 'The IP address(bogon IP) is reserved for special use'}
|
return {'error': 'The IP address(bogon IP) is reserved for special use'}
|
||||||
else:
|
else:
|
||||||
return {'error': 'Error Occurred during IP data Extraction from Message'}
|
return {'error': 'Error Occurred during IP data Extraction from Message'}
|
||||||
|
|
||||||
# Initiate the MISP data structures
|
|
||||||
misp_event = MISPEvent()
|
|
||||||
input_attribute = MISPAttribute()
|
|
||||||
misp_event.add_attribute(**input_attribute)
|
|
||||||
|
|
||||||
# Parse the geolocation information related to the IP address
|
|
||||||
ipObject = MISPObject('ip-api-address')
|
|
||||||
mapping = get_mapping()
|
|
||||||
try:
|
|
||||||
for field, relation in mapping.items():
|
|
||||||
ipObject.add_attribute(relation, results[field])
|
|
||||||
except Exception:
|
except Exception:
|
||||||
return {'error': 'Error while Adding attributes'}
|
return {'error': 'line 54'}
|
||||||
misp_event.add_object(ipObject)
|
try:
|
||||||
|
misp_event = MISPEvent()
|
||||||
|
except Exception:
|
||||||
|
return {'error': 'line 58'}
|
||||||
|
# input_attribute = MISPAttribute()
|
||||||
|
# misp_event.add_attribute(**input_attribute)
|
||||||
|
|
||||||
|
|
||||||
|
ipObject = MISPObject('ip-api-address')
|
||||||
|
return {'error': 'line 64'}
|
||||||
|
# mapping = get_mapping().json()
|
||||||
|
# try:
|
||||||
|
# for field, relation in mapping.items():
|
||||||
|
# ipObject.add_attribute(relation, results[field])
|
||||||
|
# except Exception:
|
||||||
|
# return {'error': 'Error while Adding attributes'}
|
||||||
|
# misp_event.add_object(ipObject)
|
||||||
|
#
|
||||||
# Return the results in MISP format
|
# Return the results in MISP format
|
||||||
event = json.loads(misp_event.to_json())
|
# event = json.loads(misp_event.to_json())
|
||||||
return {
|
# return {
|
||||||
'results': {key: event[key] for key in ('Attribute', 'Object')}
|
# 'results': {key: event[key] for key in ('Attribute', 'Object')}
|
||||||
}
|
# }
|
||||||
|
|
||||||
|
|
||||||
def query_ipgeolocation(apiKey, ip):
|
def query_ipgeolocation(apiKey, ip):
|
||||||
|
|
Loading…
Reference in New Issue