#56 update CIRCL PassiveDNS summary() and short reports

TheHive-Project · Jun 13, 2017 · 605bd1f · 605bd1f
1 parent f42f98c
commit 605bd1f
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 2 deletions.
diff --git a/analyzers/CIRCLPassiveDNS/circl_passivedns.py b/analyzers/CIRCLPassiveDNS/circl_passivedns.py
@@ -37,7 +37,22 @@ def query(self, domain):
         return clean_result
 
     def summary(self, raw):
-        return {'hits': len(raw.get('results'))}
+
+        result = {"level": "info", "taxonomy": {"namespace": "CIRCL", "predicate": "PassiveDNS", "value": 0}}
+
+        if ("results" in raw):
+            r = len(raw.get('results'))
+
+        if r == 0 or r == 1:
+            result["taxonomy"]["value"] = "\"{} hit\"".format(r)
+        else:
+            result["taxonomy"]["value"] = "\"{} hits\"".format(r)
+
+
+        return result
+
+
+
 
     def run(self):
         query = ''

diff --git a/thehive-templates/CIRCLPassiveDNS_1_0/short.html b/thehive-templates/CIRCLPassiveDNS_1_0/short.html
@@ -1 +1,3 @@
-<span ng-if="content" class="label label-info">CIRCL:PassiveDNS= {{content.hits}} hits</span>&nbsp;
+<span class="label" ng-init="t = content.taxonomy" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[content.level]">
+    {{t.namespace}}:{{t.predicate}}={{t.value}}
+</span>&nbsp;