mirror of
https://github.com/ail-project/ail-framework.git
synced 2024-11-27 00:07:16 +00:00
fix: [TheHive feeder] create_alert: push all items tags
TODO check items status + add more item metadata
This commit is contained in:
parent
8ca6e1a73c
commit
e65f465f02
1 changed files with 6 additions and 5 deletions
|
@ -55,21 +55,22 @@ from thehive4py.models import Case, CaseTask, CustomFieldHelper
|
||||||
|
|
||||||
|
|
||||||
def create_the_hive_alert(source, path, tag):
|
def create_the_hive_alert(source, path, tag):
|
||||||
tags = list(r_serv_metadata.smembers('tag:'+path))
|
# # TODO: check items status (processed by all modules)
|
||||||
|
# # TODO: add item metadata: decoded content, link to auto crawled content, pgp correlation, cryptocurrency correlation...
|
||||||
|
# # # TODO: description, add AIL link:show items ?
|
||||||
|
tags = list( r_serv_metadata.smembers('tag:{}'.format(path)) )
|
||||||
|
|
||||||
artifacts = [
|
artifacts = [
|
||||||
AlertArtifact( dataType='uuid-ail', data=r_serv_db.get('ail:uuid') ),
|
AlertArtifact( dataType='uuid-ail', data=r_serv_db.get('ail:uuid') ),
|
||||||
AlertArtifact( dataType='file', data=path, tags=tags )
|
AlertArtifact( dataType='file', data=path, tags=tags )
|
||||||
]
|
]
|
||||||
|
|
||||||
l_tags = tag.split(',')
|
|
||||||
|
|
||||||
# Prepare the sample Alert
|
# Prepare the sample Alert
|
||||||
sourceRef = str(uuid.uuid4())[0:6]
|
sourceRef = str(uuid.uuid4())[0:6]
|
||||||
alert = Alert(title='AIL Leak',
|
alert = Alert(title='AIL Leak',
|
||||||
tlp=3,
|
tlp=3,
|
||||||
tags=l_tags,
|
tags=tags,
|
||||||
description='infoleak',
|
description='AIL Leak, triggered by {}'.format(tag),
|
||||||
type='ail',
|
type='ail',
|
||||||
source=source,
|
source=source,
|
||||||
sourceRef=sourceRef,
|
sourceRef=sourceRef,
|
||||||
|
|
Loading…
Reference in a new issue