fix: [trackers] fix webhook export

This commit is contained in:
terrtia 2024-07-10 15:10:07 +02:00
parent 3d3b4d6da2
commit ab52db2b56
No known key found for this signature in database
GPG key ID: 1E1B1F50D84613D0
3 changed files with 32 additions and 20 deletions

View file

@ -7,6 +7,8 @@ Importer Class
Import Content Import Content
""" """
import json
import logging
import os import os
import requests import requests
import sys import sys
@ -18,10 +20,9 @@ sys.path.append(os.environ['AIL_BIN'])
# Import Project packages # Import Project packages
################################# #################################
from exporter.abstract_exporter import AbstractExporter from exporter.abstract_exporter import AbstractExporter
from lib.ail_core import get_ail_uuid
# from ConfigLoader import ConfigLoader logger = logging.getLogger()
# from lib.objects.abstract_object import AbstractObject
# from lib.Tracker import Tracker
class WebHookExporter(AbstractExporter, ABC): class WebHookExporter(AbstractExporter, ABC):
def __init__(self, url=''): def __init__(self, url=''):
@ -35,11 +36,9 @@ class WebHookExporter(AbstractExporter, ABC):
try: try:
response = requests.post(self.url, json=data) response = requests.post(self.url, json=data)
if response.status_code >= 400: if response.status_code >= 400:
print(f"Webhook request failed for {self.url}\nReason: {response.reason}") logger.error(f"Webhook request failed for {self.url}\nReason: {response.reason}")
# self.redis_logger.error(f"Webhook request failed for {webhook_to_post}\nReason: {response.reason}")
except Exception as e: except Exception as e:
print(f"Webhook request failed for {self.url}\nReason: Something went wrong {e}") logger.error(f"Webhook request failed for {self.url}\nReason: Something went wrong {e}")
# self.redis_logger.error(f"Webhook request failed for {webhook_to_post}\nReason: Something went wrong")
class WebHookExporterTracker(WebHookExporter): class WebHookExporterTracker(WebHookExporter):
@ -48,17 +47,26 @@ class WebHookExporterTracker(WebHookExporter):
super().__init__(url=url) super().__init__(url=url)
# TODO Change exported keys # TODO Change exported keys
def export(self, tracker, obj): def export(self, tracker, obj, matches=[]):
self.set_url(tracker.get_webhook()) self.set_url(tracker.get_webhook())
data = {'trackerId': tracker.get_uuid(), data = {'version': 0,
'trackerType': tracker.get_type(), 'type': 'tracker:match',
'tags': tracker.get_tags(), 'ail_uuid': get_ail_uuid(),
'tracker': {
'uuid': tracker.get_uuid(),
'type': tracker.get_type(),
'tags': list(tracker.get_tags()),
'tracker': tracker.get_tracked(), 'tracker': tracker.get_tracked(),
# object },
'itemId': obj.get_id(), 'obj': {'type': obj.get_type(),
'itemURL': obj.get_link()} 'subtype': obj.get_subtype(r_str=True),
# Item 'id': obj.get_id(),
# data['itemDate'] = obj.get_date() 'tags': list(obj.get_tags()),
# data["itemSource"] = obj.get_source() 'url': obj.get_link()
},
}
if matches:
data['matches'] = matches
# data = json.dumps(data)
self._export(data) self._export(data)

View file

@ -133,7 +133,9 @@ class Tracker_Regex(AbstractModule):
self.exporters['mail'].export(tracker, obj, matches) self.exporters['mail'].export(tracker, obj, matches)
if tracker.webhook_export(): if tracker.webhook_export():
self.exporters['webhook'].export(tracker, obj) if not matches:
matches = self.extract_matches(re_matches)
self.exporters['webhook'].export(tracker, obj, matches)
if __name__ == "__main__": if __name__ == "__main__":

View file

@ -151,7 +151,9 @@ class Tracker_Yara(AbstractModule):
# Webhook # Webhook
if tracker.webhook_export(): if tracker.webhook_export():
self.exporters['webhook'].export(tracker, self.obj) if not matches:
matches = self.extract_matches(data)
self.exporters['webhook'].export(tracker, self.obj, matches)
return yara.CALLBACK_CONTINUE return yara.CALLBACK_CONTINUE