コード例 #1
0
ファイル: ztaxii11.py プロジェクト: mdavis332/csirtg-smrt-v1 
    def indicators(self,
                   collection_name,
                   starttime=(datetime.now(tzutc()) - timedelta(hours=1)),
                   endtime=datetime.now(tzutc()),
                   subscription_id=None):
        delivery_params = tm11.DeliveryParameters(VID_TAXII_HTTP_10,
                                                  self.remote,
                                                  VID_TAXII_XML_11)
        """
        poll_params = tm11.PollParameters(response_type=RT_COUNT_ONLY,
            #content_bindings=[tm11.ContentBinding(CB_STIX_XML_11)], 
            delivery_parameters=delivery_params
            )
        """
        poll_params = tm11.PollRequest.PollParameters()
        poll_req = tm11.PollRequest(message_id=tm11.generate_message_id(),
                                    collection_name=collection_name,
                                    exclusive_begin_timestamp_label=starttime,
                                    inclusive_end_timestamp_label=endtime,
                                    poll_parameters=poll_params,
                                    subscription_id=subscription_id)

        logger.debug('TAXII collection poll request: {}'.format(
            poll_req.to_xml(pretty_print=True)))

        poll_req_xml = poll_req.to_xml()
        http_resp = self.client.call_taxii_service2(self.up.hostname,
                                                    self.up.path,
                                                    VID_TAXII_XML_11,
                                                    poll_req_xml, self.up.port)
        taxii_message = t.get_message_from_http_response(
            http_resp, poll_req.message_id)

        logger.debug('TAXII collection poll response: {}'.format(
            taxii_message.to_xml(pretty_print=True)))

        if taxii_message.message_type == MSG_STATUS_MESSAGE:
            if taxii_message.status_type == ST_SUCCESS:
                logger.info(
                    'TAXII polled successfully but returned no results')
                return []
            raise RuntimeError('TAXII polling failed: {} - {}'.format(
                taxii_message.status_type, taxii_message.message))

        return self._parse_taxii_content(taxii_message.content_blocks)
コード例 #2
0
    def _prepare_poll_request(
        self,
        collection_name,
        begin_date=None,
        end_date=None,
        subscription_id=None,
        inbox_service=None,
        content_bindings=None,
        count_only=False,
    ):
        data = dict(
            message_id=self._generate_id(),
            collection_name=collection_name,
            exclusive_begin_timestamp_label=begin_date,
            inclusive_end_timestamp_label=end_date,
        )

        if subscription_id:
            data["subscription_id"] = subscription_id
        else:
            _bindings = pack_content_bindings(content_bindings, version=11)
            poll_params = {"content_bindings": _bindings}

            if inbox_service:
                message_bindings = (inbox_service.message_bindings[0]
                                    if inbox_service.message_bindings else [])

                poll_params["delivery_parameters"] = tm11.DeliveryParameters(
                    inbox_protocol=inbox_service.protocol,
                    inbox_address=inbox_service.address,
                    delivery_message_binding=message_bindings,
                )
                poll_params["allow_asynch"] = True

            if count_only:
                poll_params["response_type"] = const.RT_COUNT_ONLY
            else:
                poll_params["response_type"] = const.RT_FULL

            data["poll_parameters"] = tm11.PollRequest.PollParameters(
                **poll_params)

        return tm11.PollRequest(**data)