mirror of
https://github.com/ail-project/ail-framework.git
synced 2024-11-10 00:28:22 +00:00
fix: [Investigation] edit misp event + add misp instance url
This commit is contained in:
parent
1d9fba49e8
commit
7470792902
3 changed files with 29 additions and 15 deletions
|
@ -447,25 +447,24 @@ def create_investigation_event(investigation_uuid):
|
||||||
if misp_obj:
|
if misp_obj:
|
||||||
event.add_object(misp_obj)
|
event.add_object(misp_obj)
|
||||||
|
|
||||||
#taxonomies_tags, galaxies_tags = Tag.sort_tags_taxonomies_galaxies(investigation.get_tags())
|
|
||||||
#event.Tag = taxonomies_tags
|
|
||||||
#event.Galaxy = galaxies_tags
|
|
||||||
#print(galaxies_tags)
|
|
||||||
#event.add_galaxy(galaxies_tags)
|
|
||||||
|
|
||||||
# if publish:
|
# if publish:
|
||||||
# event.publish()
|
# event.publish()
|
||||||
|
|
||||||
# res = event.to_json()
|
|
||||||
|
|
||||||
# print(event.to_json())
|
# print(event.to_json())
|
||||||
misp = PyMISP(misp_url, misp_key, misp_verifycert)
|
misp = PyMISP(misp_url, misp_key, misp_verifycert)
|
||||||
misp_event = misp.add_event(event)
|
if misp.event_exists(event.uuid):
|
||||||
#print(misp_event)
|
misp_event = misp.update_event(event)
|
||||||
|
else:
|
||||||
|
misp_event = misp.add_event(event)
|
||||||
|
|
||||||
# # TODO: handle error
|
# # TODO: handle error
|
||||||
event_metadata = extract_event_metadata(misp_event)
|
event_metadata = extract_event_metadata(misp_event)
|
||||||
print(event_metadata)
|
if event_metadata.get('uuid'):
|
||||||
|
if misp_url[-1] == '/':
|
||||||
|
url = misp_url[:-1]
|
||||||
|
else:
|
||||||
|
url = misp_url
|
||||||
|
investigation.add_misp_events(url)
|
||||||
return event_metadata
|
return event_metadata
|
||||||
|
|
||||||
# if __name__ == '__main__':
|
# if __name__ == '__main__':
|
||||||
|
|
|
@ -94,8 +94,7 @@ class Investigation(object):
|
||||||
|
|
||||||
def get_uuid(self, separator=False):
|
def get_uuid(self, separator=False):
|
||||||
if separator:
|
if separator:
|
||||||
res = str(uuid.uuid4())
|
return uuid.UUID(hex=self.uuid, version=4)
|
||||||
return uuid.UUID(hex=res, version=4)
|
|
||||||
else:
|
else:
|
||||||
return self.uuid
|
return self.uuid
|
||||||
|
|
||||||
|
@ -146,6 +145,9 @@ class Investigation(object):
|
||||||
last_change = datetime.datetime.fromtimestamp(float(last_change)).strftime('%Y-%m-%d %H:%M:%S')
|
last_change = datetime.datetime.fromtimestamp(float(last_change)).strftime('%Y-%m-%d %H:%M:%S')
|
||||||
return last_change
|
return last_change
|
||||||
|
|
||||||
|
def get_misp_events(self):
|
||||||
|
return r_tracking.smembers(f'investigations:misp:{self.uuid}')
|
||||||
|
|
||||||
# # TODO: DATE FORMAT
|
# # TODO: DATE FORMAT
|
||||||
def get_metadata(self, r_str=False):
|
def get_metadata(self, r_str=False):
|
||||||
if r_str:
|
if r_str:
|
||||||
|
@ -164,7 +166,8 @@ class Investigation(object):
|
||||||
'timestamp': self.get_timestamp(r_str=r_str),
|
'timestamp': self.get_timestamp(r_str=r_str),
|
||||||
'last_change': self.get_last_change(r_str=r_str),
|
'last_change': self.get_last_change(r_str=r_str),
|
||||||
'info': self.get_info(),
|
'info': self.get_info(),
|
||||||
'nb_objects': self.get_nb_objects()}
|
'nb_objects': self.get_nb_objects(),
|
||||||
|
'misp_events': self.get_misp_events()}
|
||||||
|
|
||||||
def set_name(self, name):
|
def set_name(self, name):
|
||||||
r_tracking.hset(f'investigations:data:{self.uuid}', 'name', name)
|
r_tracking.hset(f'investigations:data:{self.uuid}', 'name', name)
|
||||||
|
@ -198,6 +201,9 @@ class Investigation(object):
|
||||||
else:
|
else:
|
||||||
raise UpdateInvestigationError(f'Invalid analysis: {analysis}')
|
raise UpdateInvestigationError(f'Invalid analysis: {analysis}')
|
||||||
|
|
||||||
|
def add_misp_events(self, misp_url):
|
||||||
|
r_tracking.sadd(f'investigations:misp:{self.uuid}', misp_url)
|
||||||
|
|
||||||
def set_tags(self, tags):
|
def set_tags(self, tags):
|
||||||
# delete previous tags
|
# delete previous tags
|
||||||
r_tracking.delete(f'investigations:tags:{self.uuid}')
|
r_tracking.delete(f'investigations:tags:{self.uuid}')
|
||||||
|
@ -252,6 +258,7 @@ class Investigation(object):
|
||||||
# metadata
|
# metadata
|
||||||
r_tracking.delete(f'investigations:data:{self.uuid}')
|
r_tracking.delete(f'investigations:data:{self.uuid}')
|
||||||
r_tracking.delete(f'investigations:tags:{self.uuid}')
|
r_tracking.delete(f'investigations:tags:{self.uuid}')
|
||||||
|
r_tracking.delete(f'investigations:misp:{self.uuid}')
|
||||||
|
|
||||||
##-- Class --##
|
##-- Class --##
|
||||||
|
|
||||||
|
|
|
@ -99,12 +99,20 @@
|
||||||
<i class="fas fa-pencil-alt"></i> <b>Edit</b>
|
<i class="fas fa-pencil-alt"></i> <b>Edit</b>
|
||||||
</button>
|
</button>
|
||||||
</a>
|
</a>
|
||||||
<a class="btn btn-outline-dark" target="_blank" href="{{ url_for('import_export.export_investigation')}}?uuid={{metadata['uuid']}}">
|
<a class="btn btn-outline-dark" href="{{ url_for('import_export.export_investigation')}}?uuid={{metadata['uuid']}}">
|
||||||
<img id="misp-logo" src="{{ url_for('static', filename='image/misp-logo.png')}}" height="25">
|
<img id="misp-logo" src="{{ url_for('static', filename='image/misp-logo.png')}}" height="25">
|
||||||
Export as Event
|
Export as Event
|
||||||
</a>
|
</a>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
{% if metadata['misp_events'] %}
|
||||||
|
{% for misp_url in metadata['misp_events'] %}
|
||||||
|
<a target="_blank" href="{{misp_url}}/events/view/{{metadata['uuid'][:8]}}-{{metadata['uuid'][8:12]}}-{{metadata['uuid'][12:16]}}-{{metadata['uuid'][16:20]}}-{{metadata['uuid'][20:]}}">
|
||||||
|
{{misp_url}}/events/view/{{metadata['uuid'][:8]}}-{{metadata['uuid'][8:12]}}-{{metadata['uuid'][12:16]}}-{{metadata['uuid'][16:20]}}-{{metadata['uuid'][20:]}}</br>
|
||||||
|
</a>
|
||||||
|
{% endfor %}
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
Loading…
Reference in a new issue