def __init__(self, allow_negative_scores=False, **kwargs):
# negative scores introduced in CB 4.2
# negative scores indicate a measure of "goodness" versus "badness"
self.allow_negative_scores = allow_negative_scores
# these fields are required in every report
self.required = ["iocs", "timestamp", "link", "title", "id", "score"]
# these fields must be of type string
self.typestring = ["link", "title", "id", "description"]
# these fields must be of type int
self.typeint = ["timestamp", "score"]
# these fields are optional
self.optional = ["tags", "description"]
# valid IOC types are "md5", "ipv4", "dns", "query"
self.valid_ioc_types = ["md5", "ipv4", "dns", "query"]
# valid index_type options for "query" IOC
self.valid_query_ioc_types = ["events", "modules"]
if "timestamp" not in kwargs:
kwargs["timestamp"] = int(time.mktime(time.gmtime()))
self.data = kwargs
评论列表
文章目录
