def virustotal_passive(self, indicator, indicator_type):
current_time = datetime.datetime.utcnow()
scraper = VirusTotalScraper()
scraper.run(indicator)
passive = scraper.parse_passive()
source = "VirusTotal"
if passive:
# Delete old entries before inserting new ones - not ideal solution but will work for now
HostRecord.objects.filter(query_keyword=indicator, resolution_source=source).delete()
if indicator_type == "ip":
ip_location = geolocate_ip(indicator)
HostRecord.objects.bulk_create([
HostRecord(domain_name=record[1],
ip_address=indicator,
ip_location=ip_location,
resolution_date=record[0],
resolution_source=source,
query_keyword=indicator,
query_date=current_time) for record in passive
])
elif indicator_type == "domain":
HostRecord.objects.bulk_create([
HostRecord(domain_name=indicator,
ip_address=record[1],
ip_location=geolocate_ip(record[1]),
resolution_date=record[0],
resolution_source=source,
query_keyword=indicator,
query_date=current_time) for record in passive
])
