chg: Add support for python 3.6+ API, cleanup

certtools · Nov 20, 2019 · 439fe94 · 439fe94
1 parent ac1e46b
commit 439fe94
Showing 1 changed file with 34 additions and 31 deletions.
diff --git a/intelmq/bots/collectors/misp/collector.py b/intelmq/bots/collectors/misp/collector.py
@@ -11,12 +11,19 @@
 
 """
 import json
-from urllib.parse import urljoin
+import sys
 
 from intelmq.lib.bot import CollectorBot
 
 try:
-    from pymisp import PyMISP
+    if sys.version_info >= (3, 6):
+        try:
+            from pymisp import ExpandedPyMISP as PyMISP
+        except ImportError:
+            from pymisp import PyMISP
+    else:
+        from pymisp import PyMISP
+
 except ImportError:
     PyMISP = None
 
@@ -32,12 +39,6 @@ def init(self):
                            self.parameters.misp_key,
                            self.parameters.misp_verify)
 
-        # URLs used for deleting and adding MISP event tags
-        self.misp_add_tag_url = urljoin(self.parameters.misp_url,
-                                        'events/addTag')
-        self.misp_del_tag_url = urljoin(self.parameters.misp_url,
-                                        'events/removeTag')
-
     def process(self):
         # Grab the events from MISP
         misp_result = self.misp.search(
@@ -46,29 +47,31 @@ def process(self):
 
         # Process the response and events
         if 'response' in misp_result:
-
-            # Extract the MISP event details
-            for e in misp_result['response']:
-                misp_event = e['Event']
-
-                # Send the results to the parser
-                report = self.new_report()
-                report.add('raw', json.dumps(misp_event, sort_keys=True))
-                report.add('feed.url', self.parameters.misp_url)
-                self.send_message(report)
-
-            # Finally, update the tags on the MISP events.
-            # Note PyMISP does not currently support this so we use
-            # the API URLs directly with the requests module.
-
-            for misp_event in misp_result['response']:
-                # Remove the 'to be processed' tag
-                self.misp.remove_tag(misp_event,
-                                     self.parameters.misp_tag_to_process)
-
-                # Add a 'processed' tag to the event
-                self.misp.add_tag(misp_event,
-                                  self.parameters.misp_tag_processed)
+            # Old response content
+            misp_result = misp_result['response']
+
+        # Extract the MISP event details
+        for e in misp_result:
+            misp_event = e['Event']
+
+            # Send the results to the parser
+            report = self.new_report()
+            report.add('raw', json.dumps(misp_event, sort_keys=True))
+            report.add('feed.url', self.parameters.misp_url)
+            self.send_message(report)
+
+        # Finally, update the tags on the MISP events.
+        # Note PyMISP does not currently support this so we use
+        # the API URLs directly with the requests module.
+
+        for misp_event in misp_result:
+            # Remove the 'to be processed' tag
+            self.misp.untag(misp_event['uuid'],
+                            self.parameters.misp_tag_to_process)
+
+            # Add a 'processed' tag to the event
+            self.misp.tag(misp_event['uuid'],
+                          self.parameters.misp_tag_processed)
 
 
 BOT = MISPCollectorBot