def share_misp(api_user, package_id):
url = '%s' % (SNSConfig.get_rs_get_share_misp_url())
params = {}
params['package_id'] = package_id
headers = _get_ctirs_api_http_headers(api_user)
rsp = requests.get(url, headers=headers, params=params, verify=False)
return rsp.json()
def get_package_info_from_package_id(api_user, package_id):
url = '%s' % (SNSConfig.get_rs_get_content_url())
params = {}
params['package_id'] = package_id
headers = _get_ctirs_api_http_headers(api_user)
rsp = requests.get(url, headers=headers, params=params, verify=False)
return rsp.json()
def query(api_user, query_string):
url = '%s' % (SNSConfig.get_rs_query_url())
headers = _get_ctirs_api_http_headers(api_user)
params = {}
#index, size 追加
params['query_string'] = query_string
rsp = requests.get(url, headers=headers, params=params, verify=False)
return rsp.json()['feeds']
def regist_ctim_rs(api_user, package_name, stix_file_path):
with open(stix_file_path, 'rb') as fp:
files = {
'stix': fp,
}
headers = _get_ctirs_api_http_headers(api_user)
payload = {
'community_name': SNSConfig.get_rs_community_name(),
'package_name': package_name,
}
requests.post(SNSConfig.get_rs_regist_stix_url(),
headers=headers,
files=files,
data=payload,
verify=False)
return
def get_feeds_from_rs(
api_user,
start_time=None,
last_feed_datetime=None,
user_id=None,
range_small_datetime=None, # 期間範囲指定の小さい方(古い方)。この時間を含む
range_big_datetime=None, # 期間範囲指定の大きい方(新しい方)。この時間を含む
query_string=None,
index=0,
size=-1):
# start_time は aware な datetime
url = '%s' % (SNSConfig.get_rs_get_feeds_url())
headers = _get_ctirs_api_http_headers(api_user)
params = {}
# start_time 指定があった場合は設定する
if start_time is not None:
# 2018-02-22 08:54:47.187184 のようなフォーマットをGMTでおくる
params['start_time'] = get_dtstr_from_datetime(start_time)
# last_feed_datetime 指定があった場合は設定する
if last_feed_datetime is not None:
# 2018-02-22 08:54:47.187184 のようなフォーマットをGMTでおくる
params['last_feed'] = get_dtstr_from_datetime(last_feed_datetime)
# range_small_datetime 指定があった場合は設定する
if range_small_datetime is not None:
# 2018-02-22 08:54:47.187184 のようなフォーマットをGMTでおくる
params['range_small_datetime'] = get_dtstr_from_datetime(
range_small_datetime)
# range_big_datetime 指定があった場合は設定する
if range_big_datetime is not None:
# 2018-02-22 08:54:47.187184 のようなフォーマットをGMTでおくる
params['range_big_datetime'] = get_dtstr_from_datetime(
range_big_datetime)
# query_string 指定があった場合は設定する
if query_string is not None:
params['query_string'] = query_string
# index, size 追加
params['index'] = str(index)
params['size'] = str(size)
# user_id 指定があった場合は設定する
if user_id is not None:
params['user_id'] = user_id
params['instance'] = SNSConfig.get_sns_identity_name()
rsp = requests.get(url, headers=headers, params=params, verify=False)
return rsp.json()['feeds']
def get_matching_from_rs(api_user, id_):
url = '%s' % (SNSConfig.get_rs_get_matching_url())
headers = _get_ctirs_api_http_headers(api_user)
params = {
'package_id': id_,
'exact': True,
}
rsp = requests.get(url, headers=headers, params=params, verify=False)
return rsp.json()['data']
def get_package_info_from_package_id(api_user, package_id, version=None):
url = '%s' % (SNSConfig.get_rs_get_content_url())
params = {}
params['package_id'] = package_id
if version:
params['version'] = version
headers = _get_ctirs_api_http_headers(api_user)
rsp = requests.get(url, headers=headers, params=params, verify=False)
if rsp.status_code != 200:
raise Exception('Error occured: status=%d' % (rsp.status_code))
return rsp.json()
def post_stix_v2_sightings(api_user, observed_data_id, first_seen, last_seen,
count):
data = {}
headers = _get_ctirs_api_http_headers(api_user)
if first_seen is not None:
data['first_seen'] = first_seen
if last_seen is not None:
data['last_seen'] = last_seen
if count is not None:
data['count'] = count
url_pattern = '%s' % (SNSConfig.get_rs_post_stix_file_v2_sighting())
url = url_pattern % (observed_data_id)
rsp = requests.post(url, headers=headers, data=data, verify=False)
return rsp.json()