def dotransform(request, response): try: items=ast.literal_eval(request.fields['detected_urls']) except: return response for item in items: url=item['url'] scan_date=item['scan_date'] r=URL(url) r.url=url r.linklabel=scan_date response+=r return response
def dotransform(request, response): if request.fields['behavioral'] != "": try: behavior = ast.literal_eval(request.fields['behavior_data']) except Exception as e: debug("Entity has no behavioral data") return response if behavior.has_key("network"): if behavior['network'].has_key('dns'): for item in behavior['network']['dns']: host = Domain(item['hostname']) host.linklabel = "vt_behav->hosts" response += host if item.has_key('ip'): ip = IPv4Address(item['ip']) ip.linklabel = "vt_behav->hosts" response += ip if behavior['network'].has_key('tcp'): for item in behavior['network']['tcp']: conn = item.split(":") r = IPv4Address(conn[0]) r.linklabel = "vt_behav->hosts_tcp (%s)" % str(conn[1]) response += r if behavior['network'].has_key('udp'): for item in behavior['network']['udp']: conn = item.split(":") r = IPv4Address(conn[0]) r.linklabel = "vt_behav->hosts_udp (%s)" % str(conn[1]) response += r if behavior['network'].has_key('http'): for item in behavior['network']['http']: r = URL(item['url']) r.url = item['url'] r.linklabel = "vt_behav->hosts_http (%s)" % item['method'] response += r else: debug("ripVT: No behavioral for %s" % request.value) return response