def main(options): logging.basicConfig(level=logging.DEBUG, format='%(asctime)s %(levelname)s: %(message)s [%(filename)s:%(funcName)s]') if not options.verbose: logging.disable(logging.DEBUG) output_file = os.path.abspath(options.output) if output_file: if os.path.isdir(output_file): log.error('cannot specify a directory as the output location') sys.exit(1) elif not os.path.isfile(output_file): utils.safe_makedirs(os.path.split(output_file)[0]) else: output_file = os.path.join(os.getcwd(), 'iocs.yara') log.info('Output not specified. Writing output to [{}]'.format(output_file)) iocm = YaraIOCManager() iocm.insert(options.iocs) if len(iocm) < 0: log.error('No IOCs inserted into ioc_manager') sys.exit(1) iocm.emit_yara() iocm.write_yara(output_file) sys.exit(0)
def write_pruned_iocs(self, directory=None, pruned_source=None): """ Writes IOCs to a directory that have been pruned of some or all IOCs. :param directory: Directory to write IOCs to. If not provided, the current working directory is used. :param pruned_source: Iterable containing a set of iocids. Defaults to self.iocs_10. :return: """ """ write_pruned_iocs to a directory if directory is None, write the iocs to the current working directory """ if pruned_source is None: pruned_source = self.pruned_11_iocs if len(pruned_source) < 1: log.error('no iocs available to write out') return False if not directory: directory = os.getcwd() if os.path.isfile(directory): log.error('cannot writes iocs to a directory') return False utils.safe_makedirs(directory) output_dir = os.path.abspath(directory) # serialize the iocs for iocid in pruned_source: ioc_obj = self.iocs_10[iocid] ioc_obj.write_ioc_to_file(output_dir=output_dir, force=True) return True
def write_iocs(self, directory=None, source=None): """ :param directory: Directory to write IOCs to. If not provided, the current working directory is used. :param source: Dictionary contianing iocid -> IOC mapping. Defaults to self.iocs_11. :return: """ """ write iocs from self.iocxml to a directory if directory is None, write the iocs to the current working directory source: allows specifying a different dictionry of elmentTree ioc objects """ if not source: source = self.iocs_11 if len(source) < 1: log.error('no iocs available to write out') return False if not directory: directory = os.getcwd() if os.path.isfile(directory): log.error('cannot writes iocs to a directory') return False output_dir = os.path.abspath(directory) utils.safe_makedirs(output_dir) log.info('Writing IOCs to %s' % (str(output_dir))) # serialize the iocs for iocid in source: ioc_obj = source[iocid] ioc_obj.write_ioc_to_file(output_dir=output_dir, force=True) return True
def main(options): logging.basicConfig( level=logging.DEBUG, format= '%(asctime)s %(levelname)s: %(message)s [%(filename)s:%(funcName)s]') if not options.verbose: logging.disable(logging.DEBUG) output_file = os.path.abspath(options.output) if output_file: if os.path.isdir(output_file): log.error('cannot specify a directory as the output location') sys.exit(1) elif not os.path.isfile(output_file): utils.safe_makedirs(os.path.split(output_file)[0]) else: output_file = os.path.join(os.getcwd(), 'iocs.yara') log.info( 'Output not specified. Writing output to [{}]'.format(output_file)) iocm = YaraIOCManager() iocm.insert(options.iocs) if len(iocm) < 0: log.error('No IOCs inserted into ioc_manager') sys.exit(1) iocm.emit_yara() iocm.write_yara(output_file) sys.exit(0)
def write_iocs(self, directory=None, source=None): """ Serializes IOCs to a directory. :param directory: Directory to write IOCs to. If not provided, the current working directory is used. :param source: Dictionary contianing iocid -> IOC mapping. Defaults to self.iocs_10. This is not normally modifed by a user for this class. :return: """ """ if directory is None, write the iocs to the current working directory source: allows specifying a different dictionry of elmentTree ioc objects """ if not source: source = self.iocs_10 if len(source) < 1: log.error('no iocs available to write out') return False if not directory: directory = os.getcwd() if os.path.isfile(directory): log.error('cannot writes iocs to a directory') return False source_iocs = set(source.keys()) source_iocs = source_iocs.difference(self.pruned_11_iocs) source_iocs = source_iocs.difference(self.null_pruned_iocs) if not source_iocs: log.error( 'no iocs available to write out after removing pruned/null iocs' ) return False utils.safe_makedirs(directory) output_dir = os.path.abspath(directory) log.info('Writing IOCs to %s' % (str(output_dir))) # serialize the iocs for iocid in source_iocs: ioc_obj = source[iocid] ioc_obj.write_ioc_to_file(output_dir=output_dir, force=True) return True
def write_iocs(self, directory=None, source=None): """ Serializes IOCs to a directory. :param directory: Directory to write IOCs to. If not provided, the current working directory is used. :param source: Dictionary contianing iocid -> IOC mapping. Defaults to self.iocs_10. This is not normally modifed by a user for this class. :return: """ """ if directory is None, write the iocs to the current working directory source: allows specifying a different dictionry of elmentTree ioc objects """ if not source: source = self.iocs_10 if len(source) < 1: log.error('no iocs available to write out') return False if not directory: directory = os.getcwd() if os.path.isfile(directory): log.error('cannot writes iocs to a directory') return False source_iocs = set(source.keys()) source_iocs = source_iocs.difference(self.pruned_11_iocs) source_iocs = source_iocs.difference(self.null_pruned_iocs) if not source_iocs: log.error('no iocs available to write out after removing pruned/null iocs') return False utils.safe_makedirs(directory) output_dir = os.path.abspath(directory) log.info('Writing IOCs to %s' % (str(output_dir))) # serialize the iocs for iocid in source_iocs: ioc_obj = source[iocid] ioc_obj.write_ioc_to_file(output_dir=output_dir, force=True) return True