chg [tidal] only generate set metadata

This commit is contained in:
niclas 2024-02-20 11:56:55 +01:00
parent a33e9e2a14
commit 059de052ad
3 changed files with 66 additions and 20 deletions

View file

@ -26,13 +26,27 @@ def create_cluster(galaxy, data):
value["description"] = campaigns["description"] value["description"] = campaigns["description"]
# Metadata fields
source = campaigns["source"]
campaign_attack_id = campaigns["campaign_attack_id"]
first_seen = campaigns["first_seen"]
last_seen = campaigns["last_seen"]
tags = campaigns["tags"]
owner = campaigns["owner_name"]
value["meta"] = {} value["meta"] = {}
value["meta"]["source"] = campaigns["source"] if source:
value["meta"]["campaign-attack-id"] = campaigns["campaign_attack_id"] value["meta"]["source"] = source
value["meta"]["first-seen"] = campaigns["first_seen"] if campaign_attack_id:
value["meta"]["last-seen"] = campaigns["last_seen"] value["meta"]["campaign-attack-id"] = campaign_attack_id
value["meta"]["tags"] = campaigns["tags"] if first_seen:
value["meta"]["owner"] = campaigns["owner_name"] value["meta"]["first-seen"] = first_seen
if last_seen:
value["meta"]["last-seen"] = last_seen
if tags:
value["meta"]["tags"] = tags
if owner:
value["meta"]["owner"] = owner
value["related"] = relations value["related"] = relations
value["uuid"] = campaigns["id"] value["uuid"] = campaigns["id"]

View file

@ -33,15 +33,33 @@ def create_cluster(galaxy, data):
value["description"] = group["description"] value["description"] = group["description"]
# Metadata fields
source = group["source"]
group_attack_id = group["group_attack_id"]
country = [country["country_name"] for country in group["country"]]
observed_country = [country["country_code"] for country in group["observed_country"]]
motive = [motive["name"] for motive in group["observed_motivation"]]
target_category = [sector["name"] for sector in group["observed_sector"]]
tags = group["tags"]
owner = group["owner_name"]
value["meta"] = {} value["meta"] = {}
value["meta"]["source"] = group["source"] if source:
value["meta"]["group-attack-id"] = group["group_attack_id"] value["meta"]["source"] = source
value["meta"]["country"] = [country["country_code"] for country in group["country"]] if group_attack_id:
value["meta"]["observed_country"] = [country["country_code"] for country in group["observed_country"]] value["meta"]["group-attack-id"] = group_attack_id
value["meta"]["motive"] = [motive["name"] for motive in group["observed_motivation"]] if country:
value["meta"]["target-category"] = [sector["name"] for sector in group["observed_sector"]] value["meta"]["country"] = country
value["meta"]["tags"] = group["tags"] if observed_country:
value["meta"]["owner"] = group["owner_name"] value["meta"]["observed_country"] = observed_country
if motive:
value["meta"]["motive"] = motive
if target_category:
value["meta"]["target-category"] = target_category
if tags:
value["meta"]["tags"] = tags
if owner:
value["meta"]["owner"] = owner
value["related"] = relations value["related"] = relations
value["uuid"] = group["id"] value["uuid"] = group["id"]

View file

@ -37,13 +37,27 @@ def create_cluster(galaxy, data):
value["description"] = software["description"] value["description"] = software["description"]
# Metadata fields
source = software["source"]
type = software["type"]
software_attack_id = software["software_attack_id"]
platforms = software["platforms"]
tags = software["tags"]
owner = software["owner_name"]
value["meta"] = {} value["meta"] = {}
value["meta"]["source"] = software["source"] if source:
value["meta"]["type"] = software["type"] value["meta"]["source"] = source
value["meta"]["software-attack-id"] = software["software_attack_id"] if type:
value["meta"]["platforms"] = software["platforms"] value["meta"]["type"] = type
value["meta"]["tags"] = software["tags"] if software_attack_id:
value["meta"]["owner"] = software["owner_name"] value["meta"]["software-attack-id"] = software_attack_id
if platforms:
value["meta"]["platforms"] = platforms
if tags:
value["meta"]["tags"] = tags
if owner:
value["meta"]["owner"] = owner
value["related"] = relations value["related"] = relations
value["uuid"] = software["id"] value["uuid"] = software["id"]