pull/618/head
Usama015 2023-06-19 21:47:24 +05:00
parent b28d1871f7
commit fe047eafc7
1 changed files with 29 additions and 24 deletions

View File

@ -30,9 +30,9 @@ def handler(q=False):
ip = request['attribute']['value'] ip = request['attribute']['value']
apiKey = request['config']['apiKey'] apiKey = request['config']['apiKey']
# Correct
response = handle_ip(apiKey, ip)
return {'error': 'Going to the handleIP method'} return {'error': 'Going to the handleIP method'}
# response = handle_ip(apiKey, ip)
# return {'error': 'Going to the handleIP method'}
def handle_ip(apiKey, ip): def handle_ip(apiKey, ip):
@ -44,32 +44,37 @@ def handle_ip(apiKey, ip):
# Check if the IP address is not reserved for special use # Check if the IP address is not reserved for special use
try:
if results.get('message'): if results.get('message'):
if 'bogon' in results['message']: if 'bogon' in results['message']:
return {'error': 'The IP address(bogon IP) is reserved for special use'} return {'error': 'The IP address(bogon IP) is reserved for special use'}
else: else:
return {'error': 'Error Occurred during IP data Extraction from Message'} return {'error': 'Error Occurred during IP data Extraction from Message'}
# Initiate the MISP data structures
misp_event = MISPEvent()
input_attribute = MISPAttribute()
misp_event.add_attribute(**input_attribute)
# Parse the geolocation information related to the IP address
ipObject = MISPObject('ip-api-address')
mapping = get_mapping()
try:
for field, relation in mapping.items():
ipObject.add_attribute(relation, results[field])
except Exception: except Exception:
return {'error': 'Error while Adding attributes'} return {'error': 'line 54'}
misp_event.add_object(ipObject) try:
misp_event = MISPEvent()
except Exception:
return {'error': 'line 58'}
# input_attribute = MISPAttribute()
# misp_event.add_attribute(**input_attribute)
ipObject = MISPObject('ip-api-address')
return {'error': 'line 64'}
# mapping = get_mapping().json()
# try:
# for field, relation in mapping.items():
# ipObject.add_attribute(relation, results[field])
# except Exception:
# return {'error': 'Error while Adding attributes'}
# misp_event.add_object(ipObject)
#
# Return the results in MISP format # Return the results in MISP format
event = json.loads(misp_event.to_json()) # event = json.loads(misp_event.to_json())
return { # return {
'results': {key: event[key] for key in ('Attribute', 'Object')} # 'results': {key: event[key] for key in ('Attribute', 'Object')}
} # }
def query_ipgeolocation(apiKey, ip): def query_ipgeolocation(apiKey, ip):