#56 fixed format of summary() output and short reports

TheHive-Project · Jun 15, 2017 · ee2bf0c · ee2bf0c
1 parent aa70b8f
commit ee2bf0c
Show file tree

Hide file tree

Showing 9 changed files with 32 additions and 20 deletions.
diff --git a/analyzers/CERTatPassiveDNS/certat_passivedns.py b/analyzers/CERTatPassiveDNS/certat_passivedns.py
@@ -22,16 +22,19 @@ def summary(self, raw):
         return {'hits': len(results)}
 
     def summary(self, raw):
-
-        result = {"level":"info", "taxonomy":{"namespace": "CERT.at", "predicate": "PassiveDNS", "value":0}}
+        taxonomy = {"level":"info", "namespace": "CERT.at", "predicate": "PassiveDNS", "value":0}
+        taxonomies = []
 
         results = raw.get('results')
         r = len(results)
 
         if r == 0 or r == 1:
-            result["taxonomy"]["value"] = "\"{} hit\"".format(r)
+            taxonomy["value"] = "\"{} hit\"".format(r)
         else:
-            result["taxonomy"]["value"] = "\"{} hits\"".format(r)
+            taxonomy["value"] = "\"{} hits\"".format(r)
+
+        taxonomies.append(taxonomy)
+        result = {"taxonomies": taxonomies}
 
         return result
 

diff --git a/analyzers/CIRCLPassiveDNS/circl_passivedns.py b/analyzers/CIRCLPassiveDNS/circl_passivedns.py
@@ -38,17 +38,19 @@ def query(self, domain):
 
     def summary(self, raw):
 
-        result = {"level": "info", "taxonomy": {"namespace": "CIRCL", "predicate": "PassiveDNS", "value": 0}}
+        taxonomy = {"level": "info", "namespace": "CIRCL", "predicate": "PassiveDNS", "value": 0}
+        taxonomies = []
 
         if ("results" in raw):
             r = len(raw.get('results'))
 
         if r == 0 or r == 1:
-            result["taxonomy"]["value"] = "\"{} hit\"".format(r)
+            taxonomy["value"] = "\"{} hit\"".format(r)
         else:
-            result["taxonomy"]["value"] = "\"{} hits\"".format(r)
-
+            taxonomy["value"] = "\"{} hits\"".format(r)
 
+        taxonomies.append(taxonomy)
+        result = {"taxonomies": taxonomies}
         return result
 
 

diff --git a/analyzers/CIRCLPassiveSSL/circl_passivessl.py b/analyzers/CIRCLPassiveSSL/circl_passivessl.py
@@ -68,18 +68,21 @@ def query_certificate(self, cert_hash):
 
 
     def summary(self, raw):
-        result = {"level": "info", "taxonomy": {"namespace": "CIRCL", "predicate": "PassiveSSL", "value": 0}}
+        taxonomy = {"level": "info", "namespace": "CIRCL", "predicate": "PassiveSSL", "value": 0}
+        taxonomies = []
 
         if (self.data_type == 'hash') and ("query" in raw):
             r = raw.get('query', 0).get('hits', 0)
         if (self.data_type == 'ip') and ("certificates" in raw):
             r = len(raw['certificates'])
 
         if r == 0 or r == 1:
-            result["taxonomy"]["value"] = "\"{} hit\"".format(r)
+            taxonomy["value"] = "\"{} hit\"".format(r)
         else:
-            result["taxonomy"]["value"] = "\"{} hits\"".format(r)
+            taxonomy["value"] = "\"{} hits\"".format(r)
+        taxonomies.append(taxonomy)
 
+        result = {"taxonomies": taxonomies}
         return result
 
 

diff --git a/analyzers/DNSDB/dnsdb.py b/analyzers/DNSDB/dnsdb.py
@@ -40,15 +40,19 @@ def update_date(self, field, row):
         return row
 
     def summary(self, raw):
-        result = {"level": "info", "taxonomy": {"namespace": "Farsight", "predicate": "DNSDB", "value": 0}}
+        taxonomy = {"level": "info", "namespace": "Farsight", "predicate": "DNSDB", "value": 0}
+        taxonomies = []
 
         if ("records" in raw):
             r = len(raw["records"])
 
         if r == 0 or r == 1:
-            result["taxonomy"]["value"] = "\"{} record\"".format(r)
+            taxonomy["value"] = "\"{} record\"".format(r)
         else:
-            result["taxonomy"]["value"] = "\"{} records\"".format(r)
+            taxonomy["value"] = "\"{} records\"".format(r)
+        taxonomies.append(taxonomy)
+
+        result = {'taxonomies': taxonomies}
 
         return result
 

diff --git a/thehive-templates/CERTatPassiveDNS_1_0/short.html b/thehive-templates/CERTatPassiveDNS_1_0/short.html
@@ -1,3 +1,3 @@
-<span class="label" ng-init="t = content.taxonomy" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[content.level]">
+<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
     {{t.namespace}}:{{t.predicate}}={{t.value}}
-</span>
+</span>&nbsp;
diff --git a/thehive-templates/CIRCLPassiveDNS_1_0/short.html b/thehive-templates/CIRCLPassiveDNS_1_0/short.html
@@ -1,3 +1,3 @@
-<span class="label" ng-init="t = content.taxonomy" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[content.level]">
+<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
     {{t.namespace}}:{{t.predicate}}={{t.value}}
 </span>&nbsp;
diff --git a/thehive-templates/CIRCLPassiveSSL_1_0/short.html b/thehive-templates/CIRCLPassiveSSL_1_0/short.html
@@ -1,3 +1,3 @@
-<span class="label" ng-init="t = content.taxonomy" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[content.level]">
+<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
     {{t.namespace}}:{{t.predicate}}={{t.value}}
 </span>&nbsp;
diff --git a/thehive-templates/DNSDB_IPHistory_1_0/short.html b/thehive-templates/DNSDB_IPHistory_1_0/short.html
@@ -1,3 +1,3 @@
-<span class="label" ng-init="t = content.taxonomy" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[content.level]">
+<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
     {{t.namespace}}:{{t.predicate}}={{t.value}}
 </span>&nbsp;
diff --git a/thehive-templates/DNSDB_NameHistory_1_0/short.html b/thehive-templates/DNSDB_NameHistory_1_0/short.html
@@ -1,3 +1,3 @@
-<span class="label" ng-init="t = content.taxonomy" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[content.level]">
+<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
     {{t.namespace}}:{{t.predicate}}={{t.value}}
 </span>&nbsp;