def extractIndicatorOfCompromise(self):
logger = Logger()
logger.info('Start to extract indicator of compromise from data repository: {}'.format(self.data_path))
# Record the Starting Time
startTime = time.time()
indicators_to_return = []
formats = Format.getFormats()
for format in formats:
iocDB = IocHandler(self.data_path + "/" + format.value + "/")
try:
all_iocs = iocDB.get_all_ioc(format)
except InvalidDataPath:
logger.info("Ignore IOC format {}".format(format.value))
continue
logger.info("Getting IOC files with format: " + format.value)
parser = IOCParserFactory.createParser(format)
for iocFileName in all_iocs:
iocFile = iocDB.get_ioc_file(iocFileName)
indicators = parser.parseIndicator(iocFile, iocFileName)
indicators_to_return = indicators_to_return + indicators
# Trace the end time and calculate the duration
endTime = time.time() - startTime
logger.info('Extract ({}) IOCs finished on: {} seconds'.format(indicators_to_return.__len__(), str(endTime)))
return indicators_to_return
评论列表
文章目录
