diff --git a/bin/export/MispExport.py b/bin/export/MispExport.py
index f038fbac..26b1f28a 100755
--- a/bin/export/MispExport.py
+++ b/bin/export/MispExport.py
@@ -447,25 +447,24 @@ def create_investigation_event(investigation_uuid):
if misp_obj:
event.add_object(misp_obj)
- #taxonomies_tags, galaxies_tags = Tag.sort_tags_taxonomies_galaxies(investigation.get_tags())
- #event.Tag = taxonomies_tags
- #event.Galaxy = galaxies_tags
- #print(galaxies_tags)
- #event.add_galaxy(galaxies_tags)
-
# if publish:
# event.publish()
- # res = event.to_json()
-
# print(event.to_json())
misp = PyMISP(misp_url, misp_key, misp_verifycert)
- misp_event = misp.add_event(event)
- #print(misp_event)
+ if misp.event_exists(event.uuid):
+ misp_event = misp.update_event(event)
+ else:
+ misp_event = misp.add_event(event)
# # TODO: handle error
event_metadata = extract_event_metadata(misp_event)
- print(event_metadata)
+ if event_metadata.get('uuid'):
+ if misp_url[-1] == '/':
+ url = misp_url[:-1]
+ else:
+ url = misp_url
+ investigation.add_misp_events(url)
return event_metadata
# if __name__ == '__main__':
diff --git a/bin/lib/Investigations.py b/bin/lib/Investigations.py
index 70fd6554..55775830 100755
--- a/bin/lib/Investigations.py
+++ b/bin/lib/Investigations.py
@@ -94,8 +94,7 @@ class Investigation(object):
def get_uuid(self, separator=False):
if separator:
- res = str(uuid.uuid4())
- return uuid.UUID(hex=res, version=4)
+ return uuid.UUID(hex=self.uuid, version=4)
else:
return self.uuid
@@ -146,6 +145,9 @@ class Investigation(object):
last_change = datetime.datetime.fromtimestamp(float(last_change)).strftime('%Y-%m-%d %H:%M:%S')
return last_change
+ def get_misp_events(self):
+ return r_tracking.smembers(f'investigations:misp:{self.uuid}')
+
# # TODO: DATE FORMAT
def get_metadata(self, r_str=False):
if r_str:
@@ -164,7 +166,8 @@ class Investigation(object):
'timestamp': self.get_timestamp(r_str=r_str),
'last_change': self.get_last_change(r_str=r_str),
'info': self.get_info(),
- 'nb_objects': self.get_nb_objects()}
+ 'nb_objects': self.get_nb_objects(),
+ 'misp_events': self.get_misp_events()}
def set_name(self, name):
r_tracking.hset(f'investigations:data:{self.uuid}', 'name', name)
@@ -198,6 +201,9 @@ class Investigation(object):
else:
raise UpdateInvestigationError(f'Invalid analysis: {analysis}')
+ def add_misp_events(self, misp_url):
+ r_tracking.sadd(f'investigations:misp:{self.uuid}', misp_url)
+
def set_tags(self, tags):
# delete previous tags
r_tracking.delete(f'investigations:tags:{self.uuid}')
@@ -252,6 +258,7 @@ class Investigation(object):
# metadata
r_tracking.delete(f'investigations:data:{self.uuid}')
r_tracking.delete(f'investigations:tags:{self.uuid}')
+ r_tracking.delete(f'investigations:misp:{self.uuid}')
##-- Class --##
diff --git a/var/www/templates/investigations/view_investigation.html b/var/www/templates/investigations/view_investigation.html
index 9bfe824d..2cc7a776 100644
--- a/var/www/templates/investigations/view_investigation.html
+++ b/var/www/templates/investigations/view_investigation.html
@@ -99,12 +99,20 @@
Edit
-
+
}})
Export as Event
+ {% if metadata['misp_events'] %}
+ {% for misp_url in metadata['misp_events'] %}
+
+ {{misp_url}}/events/view/{{metadata['uuid'][:8]}}-{{metadata['uuid'][8:12]}}-{{metadata['uuid'][12:16]}}-{{metadata['uuid'][16:20]}}-{{metadata['uuid'][20:]}}
+
+ {% endfor %}
+ {% endif %}
+