本文整理汇总了Python中pymisp.PyMISP.search_all方法的典型用法代码示例。如果您正苦于以下问题:Python PyMISP.search_all方法的具体用法?Python PyMISP.search_all怎么用?Python PyMISP.search_all使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类pymisp.PyMISP的用法示例。
在下文中一共展示了PyMISP.search_all方法的3个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: mispextract
# 需要导入模块: from pymisp import PyMISP [as 别名]
# 或者: from pymisp.PyMISP import search_all [as 别名]
def mispextract(fpath):
# md5="626576e5f0f85d77c460a322a92bb267"
url="https://misppriv.circl.lu"
apikey="Enter your API key HERE"
conn=internet_on()
if conn:
api=PyMISP(url,apikey,ssl=True, out_type='json' ,debug=False, proxies=None)
md5=prelim(fpath)
response = api.search_all(md5)
length=len(response["response"])
retu={"connection":True,
"positives":length
}
return retu
#print(len(list(root)))
else:
print("No connectivity with MISP")
retu={"connection":False,
"positives":0
}
return retu示例2: events
# 需要导入模块: from pymisp import PyMISP [as 别名]
# 或者: from pymisp.PyMISP import search_all [as 别名]
#!/usr/bin/env python
# -*- coding: utf-8 -*-
from pymisp import PyMISP
from keys import misp_url, misp_key, misp_verifycert
import argparse
import tools
if __name__ == '__main__':
parser = argparse.ArgumentParser(description='Take a sample of events (based on last.py of searchall.py) and create a treemap epresenting the distribution of attributes in this sample.')
parser.add_argument("-f", "--function", required=True, help='The parameter can be either set to "last" or "searchall". If the parameter is not valid, "last" will be the default setting.')
parser.add_argument("-a", "--argument", required=True, help='if function is "last", time can be defined in days, hours, minutes (for example 5d or 12h or 30m). Otherwise, this argument is the string to search')
args = parser.parse_args()
misp = PyMISP(misp_url, misp_key, misp_verifycert, 'json')
if args.function == "searchall":
result = misp.search_all(args.argument)
else:
result = misp.download_last(args.argument)
events = tools.eventsListBuildFromArray(result)
attributes = tools.attributesListBuild(events)
temp = tools.getNbAttributePerEventCategoryType(attributes)
temp = temp.groupby(level=['category', 'type']).sum()
tools.createTreemap(temp, 'Attributes Distribution', 'attribute_treemap.svg', 'attribute_table.html')
示例3: MATCH
# 需要导入模块: from pymisp import PyMISP [as 别名]
# 或者: from pymisp.PyMISP import search_all [as 别名]
WHERE rel_cnt > 5
MATCH (m)-[r:has]->(n)
RETURN m, n LIMIT 200;
"""
if __name__ == '__main__':
parser = argparse.ArgumentParser(description='Get all the events matching a value.')
parser.add_argument("-s", "--search", required=True, help="String to search.")
parser.add_argument("--host", default='localhost:7474', help="Host where neo4j is running.")
parser.add_argument("-u", "--user", default='neo4j', help="User on neo4j.")
parser.add_argument("-p", "--password", default='neo4j', help="Password on neo4j.")
parser.add_argument("-d", "--deleteall", action="store_true", default=False, help="Delete all nodes from the database")
args = parser.parse_args()
neo4j = Neo4j(args.host, args.user, args.password)
if args.deleteall:
neo4j.del_all()
misp = PyMISP(misp_url, misp_key)
result = misp.search_all(args.search)
for json_event in result['response']:
if not json_event['Event']:
print(json_event)
continue
print('Importing', json_event['Event']['info'], json_event['Event']['id'])
try:
misp_event = MISPEvent()
misp_event.load(json_event)
neo4j.import_event(misp_event)
except:
print('broken')