def get_all(self, page=1, count=10, complete=False): url = "/events" url = '{0}?count={1}&page={2}&sorting%5Bcreated_at%5D=desc'.format(url, count, page).replace('&', 'BLA') events_json = self.__request(url, 'GET', None ) events_json = json.loads(events_json) events_json = events_json.get('data', list()) result = list() for event_json in events_json: event = Event() event.populate(event_json) result.append(event) return result
def populate(self, json): item = json['event'] self.event = Event() self.event.populate(item) # Check if not a report if json.get('report', None) or json.get('reference', None): item = json.get('report', None) if item: self.report = Report() self.report.populate(item) item = json.get('reference', None) if item: self.reference = Reference() self.reference.populate(item) else: item = json.get('observable', None) if item: self.observable = Observable() self.observable.populate(item) item = json.get('object', None) if item: self.object = Object() self.object.populate(item) item = json.get('attribute', None) if item: self.attribute = Attribute() self.attribute.populate(item)
def get_unvalidated_events(self, count=10, page=1): url = "/validate/unvalidated?count={0}&page={1}&sorting%5Bcreated_at%5D=desc".format(count, page) events_json = self.__request(url, 'GET', None ) event_dict = json.loads(events_json) events_dict = event_dict.get('data', list()) result = list() for event_dict in events_dict: event = Event() event.populate(event_dict) result.append(event) return result
def parse_events(self, xml, full=True): events = xml.iterfind('./Event') rest_events = [] for event in events: rest_event = Event() event_id = self.set_event_header(event, rest_event) if full: observables = self.parse_attributes(rest_event, event) rest_event.observables = observables # Append reference # check if there aren't any empty reports result = list() for event_report in rest_event.reports: if event_report.references: result.append(event_report) report = Report() report.identifier = uuid4() self.set_properties(report, False) # self.set_extended_logging(report, rest_event) # IMPORTANT logging of this should not be set, as this should onbly be visible for the owner/inserter value = u'{0}{1} Event ID {2}'.format('', self.tag, event_id) reference = self.create_reference(None, uuid4(), None, 'reference_external_identifier', value, None, False, rest_event, False) report.references.append(reference) value = u'{0}/events/view/{1}'.format(self.api_url, event_id) reference = self.create_reference(None, uuid4(), None, 'link', value, None, False, rest_event, False) report.references.append(reference) result.append(report) rest_event.reports = result setattr(rest_event, 'misp_id', event_id) rest_events.append(rest_event) return rest_events
class SearchResult(RestBase): def __init__(self): RestBase.__init__(self) self.event = None self.object = None self.observable = None self.attribute = None self.report = None self.reference = None def populate(self, json): item = json['event'] self.event = Event() self.event.populate(item) # Check if not a report if json.get('report', None) or json.get('reference', None): item = json.get('report', None) if item: self.report = Report() self.report.populate(item) item = json.get('reference', None) if item: self.reference = Reference() self.reference.populate(item) else: item = json.get('observable', None) if item: self.observable = Observable() self.observable.populate(item) item = json.get('object', None) if item: self.object = Object() self.object.populate(item) item = json.get('attribute', None) if item: self.attribute = Attribute() self.attribute.populate(item)