From 743aa3c66792d8c17e4d10a1f9d7169e0ac670b8 Mon Sep 17 00:00:00 2001
From: Jerome Leonard <jerome@upbeat.fr>
Date: Fri, 16 Jun 2017 16:31:44 +0200
Subject: [PATCH] #56 update MISP summary() and short reports

---
 analyzers/MISP/misp.py                | 12 ++++++++++--
 thehive-templates/MISP_2_0/short.html |  3 ++-
 2 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/analyzers/MISP/misp.py b/analyzers/MISP/misp.py
index a33e3d410..007da2c81 100755
--- a/analyzers/MISP/misp.py
+++ b/analyzers/MISP/misp.py
@@ -14,6 +14,8 @@ def __init__(self):
                                name=self.getParam('config.name', None))
 
     def summary(self, raw):
+        taxonomy = {"level": "info", "namespace": "MISP", "predicate": "Search", "value": 0}
+        taxonomies = []
 
         data = []
         for r in raw['results']:
@@ -23,9 +25,15 @@ def summary(self, raw):
 
         # return number of unique events
         if data == []:
-            return {'results': 0}
+            taxonomy["value"] = 0
+            taxonomies.append(taxonomy)
         else:
-            return {'results': len(list(set(data)))}
+            taxonomy["value"] = "\"{} event(s)\"".format(len(list(set(data))))
+
+        result = {"taxonomies": taxonomies}
+        return result
+
+
 
     def run(self):
         if self.data_type == 'hash':
diff --git a/thehive-templates/MISP_2_0/short.html b/thehive-templates/MISP_2_0/short.html
index 325aeb912..563ca58f3 100644
--- a/thehive-templates/MISP_2_0/short.html
+++ b/thehive-templates/MISP_2_0/short.html
@@ -1,2 +1,3 @@
-<span class="label label-info">MISP:Search="{{content.results}} event(s)"
+<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
+    {{t.namespace}}:{{t.predicate}}={{t.value}}
 </span>&nbsp;