def _search_for_type(self, type_attribute: str) -> list:
"""The actual request to misp. Skip attributes which are proposed for deletion.
:param type_attribute: MISP event attribute type to search for
:returns: List of values per event matching type_attribute"""
results = self.misp.search(type_attribute=type_attribute, deleted=False)
attribute_values = []
self._debug('Processing MISP results...')
bar = progressbar.ProgressBar(max_value=progressbar.UnknownLength)
for idx, events in enumerate(results.get('response', None)):
bar.update(idx)
event_info = events.get('Event').get('info')
event_id = events.get('Event').get('id')
if self.ignore and event_id in self.ignore:
continue
attribute_values.append({'info': event_info,
'id': event_id,
'values': []})
for values in events.get('Event').get('Attribute'):
# Skip attributed which are proposed to delete
shadow_attribute = values.get('ShadowAttribute', None)
if len(shadow_attribute) > 0 and shadow_attribute[0].get('proposal_to_delete', False):
continue
# Skip attributes which are not marked for ids export
if not values.get('to_ids', None):
continue
if type_attribute in values.get('type'):
attribute_values[idx]['values'].append(values.get('value'))
return attribute_values
评论列表
文章目录
