#56 update CERT.at PassiveDNS summary() and short reports

TheHive-Project · Jun 13, 2017 · 421199e · 421199e
1 parent 99e137e
commit 421199e
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 1 deletion.
diff --git a/analyzers/CERTatPassiveDNS/certat_passivedns.py b/analyzers/CERTatPassiveDNS/certat_passivedns.py
@@ -21,5 +21,20 @@ def summary(self, raw):
         results = raw.get('results')
         return {'hits': len(results)}
 
+    def summary(self, raw):
+
+        result = {"level":"info", "taxonomy":{"namespace": "CERT.at", "predicate": "PassiveDNS", "value":0}}
+
+        results = raw.get('results')
+        r = len(results)
+
+        if r == 0 or r == 1:
+            result["taxonomy"]["value"] = "\"{} hit\"".format(r)
+        else:
+            result["taxonomy"]["value"] = "\"{} hits\"".format(r)
+
+        return result
+
+
 if __name__ == '__main__':
     CERTatPassiveDNSAnalyzer().run()
diff --git a/thehive-templates/CERTatPassiveDNS_0_1/short.html b/thehive-templates/CERTatPassiveDNS_0_1/short.html
@@ -1 +1,3 @@
-<span class="label label-info">CERT.at:PDNS="{{content.hits}} hits"</span>&nbsp;
+<span class="label" ng-init="t = content.taxonomy" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[content.level]">
+    {{t.namespace}}:{{t.predicate}}={{t.value}}
+</span>