def create_misp_sighting(misp_client, my_misp_sighting):
misp_sighting = MISPSighting()
misp_sighting.value = my_misp_sighting
misp_sighting.timestamp = int(time.time())
misp_sighting.source = "IBM Resilient SOAR"
sighting_response = misp_client.add_sighting(misp_sighting)
return sighting_response
def add_sighting(self, entry, attribute):
if self.is_python2:
self.misp_api.sighting(uuid=attribute["uuid"],
source="{} (Cowrie)".format(
entry["sensor"]))
else:
sighting = MISPSighting()
sighting.source = "{} (Cowrie)".format(entry["sensor"])
self.misp_api.add_sighting(sighting, attribute)
def add_sighting(self, entry, attribute):
sighting = MISPSighting()
sighting.source = "{} (Cowrie)".format(entry["sensor"])
self.misp_api.add_sighting(sighting, attribute)