Python MISPOrganisation.id Examples

Programming Language: Python

Namespace/Package Name: pymisp

Class/Type: MISPOrganisation

Method/Function: id

Examples at hotexamples.com: 3

Python MISPOrganisation.id - 3 examples found. These are the top rated real world Python examples of pymisp.MISPOrganisation.id extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

MISPOrganisation(20)

name(15)

uuid(8)

id(3)

sector(3)

contacts(2)

from_json(2)

nationality(2)

type(2)

description(1)

email(1)

local(1)

Example #1

Show file

#!/usr/bin/env python
# -*- coding: utf-8 -*-

from pymisp import ExpandedPyMISP, MISPOrganisation
from keys import misp_url, misp_key, misp_verifycert
import argparse

if __name__ == '__main__':
    parser = argparse.ArgumentParser(
        description=
        'Edit the email of the organisation designed by the organisation_id.')
    parser.add_argument(
        "-i",
        "--organisation_id",
        required=True,
        help=
        "The name of the json file describing the organisation you want to modify."
    )
    parser.add_argument("-e",
                        "--email",
                        help="Email linked to the organisation.")
    args = parser.parse_args()

    misp = ExpandedPyMISP(misp_url, misp_key, misp_verifycert)

    org = MISPOrganisation()
    org.id = args.organisation_id
    org.email = args.email

    print(misp.update_organisation(org, pythonify=True))

Example #2

Show file

# initialize PyMISP and set url for Panorama
misp = ExpandedPyMISP(url=misp_url, key=misp_key, ssl=misp_verifycert)

urlVap = "https://tap-api-v2.proofpoint.com/v2/people/vap?window=30"  # Window can be 14, 30, and 90 Days

headers = {'Authorization': "Basic " + proofpoint_key}

responseVap = requests.request("GET", urlVap, headers=headers)

jsonDataVap = json.loads(responseVap.text)

for alert in jsonDataVap["users"]:
    orgc = MISPOrganisation()
    orgc.name = 'Proofpoint'
    orgc.id = '#{ORGC.ID}'  # organisation id
    orgc.uuid = '#{ORGC.UUID}'  # organisation uuid
    # initialize and set MISPEvent()
    event = MISPEvent()
    event.Orgc = orgc
    event.info = 'Very Attacked Person ' + jsonDataVap["interval"]
    event.distribution = 0  # Optional, defaults to MISP.default_event_distribution in MISP config
    event.threat_level_id = 2  # setting this to 0 breaks the integration
    event.analysis = 0  # Optional, defaults to 0 (initial analysis)

    totalVapUsers = event.add_attribute('counter',
                                        jsonDataVap["totalVapUsers"],
                                        comment="Total VAP Users")

    averageAttackIndex = event.add_attribute('counter',
                                             jsonDataVap["averageAttackIndex"],

Example #3

Show file

    sys.exit()
if len(sys.argv) == 4:
    event_import_info = sys.argv[3]
else:
    event_import_info = False

json_import = sys.argv[1]
event_import_org = sys.argv[2]
event_import_uuid = str(uuid.uuid4())  # Unique ID
event_import_date = date.today()  # Create event with current data
event_import_distribution = 2  # Connected

# Check if organisation already exist
org = MISPOrganisation()
try:
    org.id = api.get_organisation(event_import_org, pythonify=True).id
except:
    # We need to create a new one
    org_new = MISPOrganisation()
    org_new.name = event_import_org
    org_new.uuid = str(uuid.uuid4())
    org_new.type = "CSIRT"
    org_new.sector = "Government"
    org.id = api.add_organisation(org_new, pythonify=True).id

# Create the MISP event by loading the JSON file
# This will not add the attributes, but does add the event tags and galaxies
# We also add a random UUID for uniqueness
event = MISPEvent()
event.load_file(json_import)
event.uuid = event_import_uuid