From f1b3d94978ca031eccb8f9ace549cf3bfc7dd04b Mon Sep 17 00:00:00 2001 From: Jerome Leonard Date: Fri, 16 Jun 2017 14:09:00 +0200 Subject: [PATCH] #56 update Hippocampe summary() and short reports --- analyzers/Hippocampe/hippo.py | 19 +++++++++++++++++-- thehive-templates/HippoMore_1_0/short.html | 4 +++- thehive-templates/Hipposcore_1_0/short.html | 7 +++---- 3 files changed, 23 insertions(+), 7 deletions(-) diff --git a/analyzers/Hippocampe/hippo.py b/analyzers/Hippocampe/hippo.py index fbb144262..5a18ead68 100755 --- a/analyzers/Hippocampe/hippo.py +++ b/analyzers/Hippocampe/hippo.py @@ -34,10 +34,25 @@ def scoreSummary(self, raw): return result def summary(self, raw): + taxonomy = {"level": "success", "namespace": "Hippocampe", "predicate": "Score", "value": 0} + taxonomies = [] + + if (self.service == 'hipposcore'): - return self.scoreSummary(raw) + r = self.scoreSummary(raw).get("data", 0) + taxonomy["value"] = r + if r > 0: + taxonomy["level"] = "malicious" + taxonomies.append(taxonomy) elif (self.service == 'more'): - return self.moreSummary(raw) + r = self.moreSummary(raw).get("data", 0) + taxonomy["value"] = "\"{} record(s)\"".format(r) + if r > 0: + taxonomy["level"] = "malicious" + taxonomies.append(taxonomy) + + result = {"taxonomies": taxonomies} + return result def run(self): data = self.getData() diff --git a/thehive-templates/HippoMore_1_0/short.html b/thehive-templates/HippoMore_1_0/short.html index 21f96eef9..563ca58f3 100644 --- a/thehive-templates/HippoMore_1_0/short.html +++ b/thehive-templates/HippoMore_1_0/short.html @@ -1 +1,3 @@ -Hippocampe: {{content[artifact.data]}} record(s) + + {{t.namespace}}:{{t.predicate}}={{t.value}} +  diff --git a/thehive-templates/Hipposcore_1_0/short.html b/thehive-templates/Hipposcore_1_0/short.html index 67dedead2..563ca58f3 100644 --- a/thehive-templates/Hipposcore_1_0/short.html +++ b/thehive-templates/Hipposcore_1_0/short.html @@ -1,4 +1,3 @@ - - Hippocampe:Score= {{score}} - + + {{t.namespace}}:{{t.predicate}}={{t.value}} +