Class: Mihari::Emitters::MISP
- Inherits:
-
Base
- Object
- Base
- Mihari::Emitters::MISP
show all
- Defined in:
- lib/mihari/emitters/misp.rb
Constant Summary
Mixins::Retriable::DEFAULT_ON
Instance Attribute Summary collapse
Instance Method Summary
collapse
Methods inherited from Base
inherited, #run
#retry_on_error
#configuration_keys?, #configuration_values, #configured?
Constructor Details
#initialize(artifacts:, rule:, **options) ⇒ MISP
Returns a new instance of MISP.
23
24
25
26
27
28
|
# File 'lib/mihari/emitters/misp.rb', line 23
def initialize(artifacts:, rule:, **options)
super(artifacts: artifacts, rule: rule, **options)
@url = options[:url] || Mihari.config.misp_url
@api_key = options[:api_key] || Mihari.config.misp_api_key
end
|
Instance Attribute Details
#api_key ⇒ String?
10
11
12
|
# File 'lib/mihari/emitters/misp.rb', line 10
def api_key
@api_key
end
|
13
14
15
|
# File 'lib/mihari/emitters/misp.rb', line 13
def artifacts
@artifacts
end
|
16
17
18
|
# File 'lib/mihari/emitters/misp.rb', line 16
def rule
@rule
end
|
#url ⇒ String?
7
8
9
|
# File 'lib/mihari/emitters/misp.rb', line 7
def url
@url
end
|
Instance Method Details
#emit ⇒ ::MISP::Event
54
55
56
57
58
59
60
61
62
63
64
|
# File 'lib/mihari/emitters/misp.rb', line 54
def emit
return if artifacts.empty?
client.create_event({
Event: {
info: rule.title,
Attribute: artifacts.map { |artifact| build_attribute(artifact) },
Tag: rule.tags.map { |tag| { name: tag } }
}
})
end
|
#valid? ⇒ Boolean
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
# File 'lib/mihari/emitters/misp.rb', line 31
def valid?
unless url? && api_key?
Mihari.logger.info("MISP URL is not set") unless url?
Mihari.logger.info("MISP API key is not set") unless api_key?
return false
end
unless ping?
Mihari.logger.info("MISP URL (#{url}) is not reachable")
return false
end
true
end
|