ms['last'] = int(ds)
ms['l_id'] = ev
# false positive
elif int(ty) == 1:
misp_fp = True
misp_fp_ts = ds
misp_fp_id = ev
if misp_fp is True:
record['misp_value'] = misp_value
record['misp_fp'] = "True"
record['misp_fp_timestamp'] = str(misp_fp_ts)
record['misp_fp_event_id'] = str(misp_fp_id)
if ms_seen is True:
record['misp_value'] = misp_value
record['misp_count'] = str(ms['count'])
record['misp_first'] = str(ms['first'])
record['misp_first_event_id'] = str(ms['f_id'])
record['misp_last'] = str(ms['last'])
record['misp_last_event_id'] = str(ms['l_id'])
yield record
if __name__ == "__main__":
# set up custom logger for the app commands
logging.root
loglevel = logging_level('misp42splunk')
logging.root.setLevel(loglevel)
logging.error('logging level is set to %s', loglevel)
logging.error('PYTHON VERSION: ' + sys.version)
dispatch(MispSightCommand, sys.argv, sys.stdin, sys.stdout, __name__)
to_ids.append(r['misp_to_ids'])
v['misp_to_ids'] = to_ids
category = v['misp_category']
# append
if r['misp_category'] not in category:
category.append(r['misp_category'])
v['misp_category'] = category
attribute_uuid = v['misp_attribute_uuid']
if r['misp_attribute_uuid'] not in attribute_uuid:
attribute_uuid.append(r['misp_attribute_uuid'])
v['misp_attribute_uuid'] = attribute_uuid
if is_object_member is False:
misp_type = r['misp_type'] \
+ '|' + v['misp_type']
v['misp_type'] = misp_type
misp_value = r['misp_value'] + \
'|' + v['misp_value']
v['misp_value'] = misp_value
output_dict[key] = dict(v)
for k, v in list(output_dict.items()):
yield v
if __name__ == "__main__":
# set up logging suitable for splunkd consumption
logging.root
loglevel = logging_level()
logging.error('logging level is set to %s', loglevel)
logging.root.setLevel(loglevel)
dispatch(mispgetevent, sys.argv, sys.stdin, sys.stdout, __name__)
def set_log_level(self):
logging.root
loglevel = logging_level('misp42splunk')
logging.root.setLevel(loglevel)
logging.error('[SI-101] logging level is set to %s', loglevel)
logging.error('[SI-102] PYTHON VERSION: ' + sys.version)
