def post(self): try: msg = None for field_name, files in self.request.files.items(): for file in files: filename, content_type = file['filename'], file[ 'content_type'] body = file['body'] gen_log.info('POST "%s" "%s" %d bytes', filename, content_type, len(body)) gen_log.info('POST file body:\n"%s"', body) stix_package = stix.parseString(body.decode()) patterns = common.get_search_items(stix_package) msg = {'fields': patterns} self.http_normal(200, msg=msg if msg is not None else u'OK') except: trace_msg = traceback.format_exc().decode('utf-8') emsg = u'request_msg:{0} {1}'.format(self.request.body, trace_msg) gen_log.error(u',[session-id:{0}],{1}'.format(None, emsg)) self.http_error(400, msg=trace_msg)
def post(self): def _get_stix_package(in_json): if in_json is not None and len(in_json) > 0: initialize_options() container = stixmarx.new() stix_package = container.package json_content = json.loads(in_json) if type(json_content) == list: for json_data in json_content: if "type" in json_data and json_data["type"] == "indicator": indicator = convert_indicator(json_data) stix_package.add_indicator(indicator) else: if "type" in json_content and json_content["type"] == "bundle": if "objects" in json_content and json_content["objects"] and type(json_content["objects"]) == list: for json_data in json_content["objects"]: if "type" in json_data and json_data["type"] == "indicator": indicator = convert_indicator(json_data) stix_package.add_indicator(indicator) elif "type" in json_content and json_content["type"] == "indicator": indicator = convert_indicator(json_content) stix_package.add_indicator(indicator) container.flush() container = None return stix_package else: raise RuntimeError('request body is empty.') try: msg = None for field_name, files in self.request.files.items(): for file in files: filename, content_type = file['filename'], file['content_type'] body = file['body'] gen_log.debug('POST "%s" "%s" %d bytes', filename, content_type, len(body)) gen_log.debug('POST file body:\n"%s"', body) stix_package = _get_stix_package(body) if stix_package is not None: patterns = common.get_search_items(stix_package) msg = {'fields' : patterns} self.http_normal(200, msg=msg if msg is not None else u'OK') except: trace_msg = traceback.format_exc().decode('utf-8') emsg = u'request_msg:{0} {1}'.format(self.request.body, trace_msg) gen_log.error(u',[session-id:{0}],{1}'.format(None, emsg)) self.http_error(400, msg=trace_msg)
def post(self): def _get_stix_package(ioc_xml): if ioc_xml is not None and len(ioc_xml) > 0: ns = namespaces.Namespace("http://openioc.org/openioc", "openioc", "") idgen.set_id_namespace(ns) stix_obj = to_stix(BytesIO(ioc_xml)) stix_package = STIXPackage_v1.from_xml( etree.fromstring(stix_obj.to_xml())) return stix_package else: raise RuntimeError('request body is empty.') try: msg = None for field_name, files in self.request.files.items(): for file in files: filename, content_type = file['filename'], file[ 'content_type'] body = file['body'] gen_log.debug('POST "%s" "%s" %d bytes', filename, content_type, len(body)) gen_log.debug('POST file body:\n"%s"', body) stix_package = _get_stix_package(body) if stix_package is not None: patterns = common.get_search_items(stix_package) msg = {'fields': patterns} self.http_normal(200, msg=msg if msg is not None else u'OK') except: trace_msg = traceback.format_exc().decode('utf-8') emsg = u'request_msg:{0} {1}'.format(self.request.body, trace_msg) gen_log.error(u',[session-id:{0}],{1}'.format(None, emsg)) self.http_error(400, msg=trace_msg)