本文整理汇总了Python中pymisp.PyMISP.add_tag方法的典型用法代码示例。如果您正苦于以下问题:Python PyMISP.add_tag方法的具体用法?Python PyMISP.add_tag怎么用?Python PyMISP.add_tag使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类pymisp.PyMISP的用法示例。
在下文中一共展示了PyMISP.add_tag方法的1个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: MISPCollectorBot
# 需要导入模块: from pymisp import PyMISP [as 别名]
# 或者: from pymisp.PyMISP import add_tag [as 别名]
class MISPCollectorBot(CollectorBot):
def init(self):
if PyMISP is None:
self.logger.error('Could not import pymisp. Please install it.')
self.stop()
# Initialise MISP connection
self.misp = PyMISP(self.parameters.misp_url,
self.parameters.misp_key,
self.parameters.misp_verify)
# URLs used for deleting and adding MISP event tags
self.misp_add_tag_url = urljoin(self.parameters.misp_url,
'events/addTag')
self.misp_del_tag_url = urljoin(self.parameters.misp_url,
'events/removeTag')
def process(self):
# Grab the events from MISP
misp_result = self.misp.search(
tags=self.parameters.misp_tag_to_process
)
# Process the response and events
if 'response' in misp_result:
# Extract the MISP event details
for e in misp_result['response']:
misp_event = e['Event']
# Send the results to the parser
report = self.new_report()
report.add('raw', json.dumps(misp_event, sort_keys=True))
report.add('feed.url', self.parameters.misp_url)
self.send_message(report)
# Finally, update the tags on the MISP events.
# Note PyMISP does not currently support this so we use
# the API URLs directly with the requests module.
for misp_event in misp_result['response']:
# Remove the 'to be processed' tag
self.misp.remove_tag(misp_event,
self.parameters.misp_tag_to_process)
# Add a 'processed' tag to the event
self.misp.add_tag(misp_event,
self.parameters.misp_tag_processed)