def recoverIOC(self, data_path, api_keys):
logger = Logger()
logger.info("OTXRecovery.recoverIOC")
# Record the Starting Time
startTime = time.time()
dataPath = data_path + "/" + Format.OPENIOC_10.value + "/"
key = OTX_KEY
if KEY_NAME in api_keys:
key = api_keys[KEY_NAME]
# Create data dir
if not os.path.exists(dataPath):
os.makedirs(dataPath)
otx = OTXv2(key)
pulses = otx.getall()
logger.info("Download complete - %s events received" % len(pulses) )
# For each pulse get all ioc
for pulse in pulses:
n = json_normalize(pulse)
url = OTX_GET_URL.format(n.id[0])
file_name = dataPath + n.id[0] + ".ioc"
# HTTP Request
headers = {'X-OTX-API-KEY': key, 'User-Agent': OTX_USR_AGT, "Content-Type": "application/json"}
data = {}
params = {'format': Format.OPENIOC_10.value}
response = requests.post(url, params=params, data=json.dumps(data), headers=headers)
with open(file_name, "wb") as code:
code.write(response.content)
logger.debug("Download OpenIOC ioc file: " + n.id[0] + " - " + n["name"][0] + " -> " + file_name)
# Trace the end time and calculate the duration
endTime = time.time() - startTime
logger.info('OTXRecovery finished on: ' + str(endTime) + ' seconds')
评论列表
文章目录
