fix: [Investigation] edit misp event + add misp instance url

ail-project · Mar 11, 2022 · 7470792 · 7470792
1 parent 1d9fba4
commit 7470792
Show file tree

Hide file tree

Showing 3 changed files with 29 additions and 15 deletions.
diff --git a/bin/export/MispExport.py b/bin/export/MispExport.py
@@ -447,25 +447,24 @@ def create_investigation_event(investigation_uuid):
         if misp_obj:
             event.add_object(misp_obj)
 
-    #taxonomies_tags, galaxies_tags = Tag.sort_tags_taxonomies_galaxies(investigation.get_tags())
-    #event.Tag = taxonomies_tags
-    #event.Galaxy = galaxies_tags
-    #print(galaxies_tags)
-    #event.add_galaxy(galaxies_tags)
-
     # if publish:
     #     event.publish()
 
-    # res = event.to_json()
-
     # print(event.to_json())
     misp = PyMISP(misp_url, misp_key, misp_verifycert)
-    misp_event = misp.add_event(event)
-    #print(misp_event)
+    if misp.event_exists(event.uuid):
+        misp_event = misp.update_event(event)
+    else:
+        misp_event = misp.add_event(event)
 
     # # TODO: handle error
     event_metadata = extract_event_metadata(misp_event)
-    print(event_metadata)
+    if event_metadata.get('uuid'):
+        if misp_url[-1] == '/':
+            url =  misp_url[:-1]
+        else:
+            url =  misp_url
+        investigation.add_misp_events(url)
     return event_metadata
 
 # if __name__ == '__main__':

diff --git a/bin/lib/Investigations.py b/bin/lib/Investigations.py
@@ -94,8 +94,7 @@ def __init__(self, investigation_uuid):
 
     def get_uuid(self, separator=False):
         if separator:
-            res = str(uuid.uuid4())
-            return uuid.UUID(hex=res, version=4)
+            return uuid.UUID(hex=self.uuid, version=4)
         else:
             return self.uuid
 
@@ -146,6 +145,9 @@ def get_last_change(self, r_str=False):
             last_change = datetime.datetime.fromtimestamp(float(last_change)).strftime('%Y-%m-%d %H:%M:%S')
         return last_change
 
+    def get_misp_events(self):
+        return r_tracking.smembers(f'investigations:misp:{self.uuid}')
+
     # # TODO: DATE FORMAT
     def get_metadata(self, r_str=False):
         if r_str:
@@ -164,7 +166,8 @@ def get_metadata(self, r_str=False):
                 'timestamp': self.get_timestamp(r_str=r_str),
                 'last_change': self.get_last_change(r_str=r_str),
                 'info': self.get_info(),
-                'nb_objects': self.get_nb_objects()}
+                'nb_objects': self.get_nb_objects(),
+                'misp_events': self.get_misp_events()}
 
     def set_name(self, name):
         r_tracking.hset(f'investigations:data:{self.uuid}', 'name', name)
@@ -198,6 +201,9 @@ def set_analysis(self, analysis):
         else:
             raise UpdateInvestigationError(f'Invalid analysis: {analysis}')
 
+    def add_misp_events(self, misp_url):
+        r_tracking.sadd(f'investigations:misp:{self.uuid}', misp_url)
+
     def set_tags(self, tags):
         # delete previous tags
         r_tracking.delete(f'investigations:tags:{self.uuid}')
@@ -252,6 +258,7 @@ def delete(self):
         # metadata
         r_tracking.delete(f'investigations:data:{self.uuid}')
         r_tracking.delete(f'investigations:tags:{self.uuid}')
+        r_tracking.delete(f'investigations:misp:{self.uuid}')
 
 ##--  Class  --##
 

diff --git a/var/www/templates/investigations/view_investigation.html b/var/www/templates/investigations/view_investigation.html
@@ -99,12 +99,20 @@ <h4 class="card-title">{{metadata['info']}}</h4>
 												<i class="fas fa-pencil-alt"></i> <b>Edit</b>
 											</button>
 										</a>
-										<a class="btn btn-outline-dark" target="_blank" href="{{ url_for('import_export.export_investigation')}}?uuid={{metadata['uuid']}}">
+										<a class="btn btn-outline-dark" href="{{ url_for('import_export.export_investigation')}}?uuid={{metadata['uuid']}}">
 											<img id="misp-logo" src="{{ url_for('static', filename='image/misp-logo.png')}}" height="25">
 											Export as Event
 										</a>
 									</div>
 
+									{% if metadata['misp_events'] %}
+										{% for misp_url in metadata['misp_events'] %}
+											<a target="_blank" href="{{misp_url}}/events/view/{{metadata['uuid'][:8]}}-{{metadata['uuid'][8:12]}}-{{metadata['uuid'][12:16]}}-{{metadata['uuid'][16:20]}}-{{metadata['uuid'][20:]}}">
+												{{misp_url}}/events/view/{{metadata['uuid'][:8]}}-{{metadata['uuid'][8:12]}}-{{metadata['uuid'][12:16]}}-{{metadata['uuid'][16:20]}}-{{metadata['uuid'][20:]}}</br>
+											</a>
+										{% endfor %}
+									{% endif %}
+
 								</div>
 							</div>
 						</div>