本文整理汇总了Python中pymisp.PyMISP.add_internal_other方法的典型用法代码示例。如果您正苦于以下问题:Python PyMISP.add_internal_other方法的具体用法?Python PyMISP.add_internal_other怎么用?Python PyMISP.add_internal_other使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类pymisp.PyMISP的用法示例。
在下文中一共展示了PyMISP.add_internal_other方法的1个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: processSTIX
# 需要导入模块: from pymisp import PyMISP [as 别名]
# 或者: from pymisp.PyMISP import add_internal_other [as 别名]
def processSTIX(pkg, args, misp_url, misp_key, ssl=True):
# Load the PyMISP functions
# misp = PyMISP(misp_url, misp_key, ssl, 'json')
misp = PyMISP(misp_url, misp_key, ssl, 'json', proxies=proxies)
# Build the event and add tags if applicable
misp_title = ""
#if '_id' in pkg:
# misp_title += str(pkg._id)+" | "
misp_title += str(pkg.stix_header.title)
if misp_title=="None":
try:
misp_title = str(pkg.stix_header.information_source.description)+" | "+str(pkg.stix_header.information_source.time.produced_time.value)
except:
misp_title = str(pkg.id_)
misp_date = str(pkg.timestamp)
event = mispBuildEvent(misp,misp_url,misp_key,misp_title,misp_date,args)
# Process force-tags if applicable
if args.forcetag:
# Add the package ID as a tag
try:
tag = str(pkg._id)
except AttributeError:
tag = ""
if tag:
forceTag(pkg, args, misp, event, tag)
# Add Internal Reference Attribute
misp.add_internal_other(event, tag)
# Add the package title as a tag
try:
tag = str(pkg.stix_header.title)
except AttributeError:
tag = ""
if tag:
forceTag(pkg, args, misp, event, tag)
# Add Internal Reference Attribute
misp.add_internal_other(event, tag)
# Add the sender's name as a tag
try:
tag = str(pkg.stix_header.information_source.identity.name)
except AttributeError:
tag = ""
if tag:
forceTag(pkg, args, misp, event, tag)
# Add Internal Reference Attribute
#
# Commenting this out because it would end up saying every STIX document
# coming from the same originator is related.
#
# misp.add_internal_other(event, tag)
# Output to screen
print "\r\n##################"
#print "ID: "+str(pkg._id)
print "Title: "+misp_title
print "Time: "+misp_date
print "##################\r\n"
all_inc_desc=""
all_ind_desc=""
# Loop through all incidents
if pkg.incidents:
for inc in pkg.incidents:
# Get incindent descriptions
for inc_desc in inc.descriptions:
if inc_desc:
inc_desc = str(inc_desc)
all_inc_desc = all_inc_desc+"=============NEW DESCRIPTION=============\r\n\r\n"+inc_desc
# Loop through all indicators
for ind in pkg.indicators:
for type in ind.indicator_types:
print "Indicator Type: "+str(type)
# Collect indicator descriptions
for ind_desc in ind.descriptions:
if ind_desc:
ind_desc = str(ind_desc)
all_ind_desc = all_ind_desc+"\r\n\r\n=============NEW DESCRIPTION=============\r\n\r\n"+ind_desc
# For processing STIX w/ composite_indicator_expression(s)
if ind.composite_indicator_expression:
for cie in ind.composite_indicator_expression:
properties=cie.observable.object_.properties
object_type=properties._XSI_TYPE
print " Observable type: "+str(object_type)
# processObject(object_type, properties)
mispBuildObject(object_type, properties, event, args)
# For processing STIX that without composite_indicator_expression(s)
#.........这里部分代码省略.........