Documentation
¶
Index ¶
- Variables
- type EmptyMispResponse
- type MispAttribute
- type MispAttributeDict
- type MispAttributeQuery
- type MispAttributeResponse
- type MispCon
- type MispConfig
- type MispError
- type MispEvent
- type MispEventDict
- type MispEventQuery
- type MispEventResponse
- type MispObject
- type MispQuery
- type MispRelatedEvent
- type MispRequest
- type MispResponse
- type Org
Constants ¶
This section is empty.
Variables ¶
View Source
var ( // ErrUnknownProtocol : raised when bad protocol specified ErrUnknownProtocol = errors.New("Unknown protocol") )
Functions ¶
This section is empty.
Types ¶
type EmptyMispResponse ¶
type EmptyMispResponse struct{}
func (EmptyMispResponse) Iter ¶
func (emr EmptyMispResponse) Iter() chan MispObject
Iter : MispResponse implementation
type MispAttribute ¶
type MispAttribute struct {
ID string `json:"id"`
EventID string `json:"event_id"`
UUID string `json:"uuid"`
SharingGroupID string `json:"sharing_group_id"`
StrTimestamp string `json:"timestamp"`
Distribution string `json:"distribution"`
Category string `json:"category"`
Type string `json:"type"`
Value string `json:"value"`
ToIDS bool `json:"to_ids"`
Deleted bool `json:"deleted"`
Comment string `json:"comment"`
}
MispAttribute : define structure of attribute object returned by API
func (MispAttribute) Timestamp ¶
func (ma MispAttribute) Timestamp() time.Time
Timestamp : return Time struct according to a string time
type MispAttributeDict ¶
type MispAttributeDict struct {
Attribute []MispAttribute `json:"Attribute"`
}
MispAttributeDict : itermediate structure to handle MISP attribute search
type MispAttributeQuery ¶
type MispAttributeQuery struct {
Value string `json:"value,omitempty"`
Type string `json:"type,omitempty"`
Category string `json:"category,omitempty"`
Org string `json:"org,omitempty"`
Tags string `json:"tags,omitempty"`
From string `json:"from,omitempty"`
To string `json:"to,omitempty"`
Last string `json:"last,omitempty"`
EventID string `json:"eventid,omitempty"`
UUID string `json:"uuid,omitempty"`
}
func (MispAttributeQuery) Prepare ¶
func (maq MispAttributeQuery) Prepare() (j []byte)
Prepare : MispQuery Implementation
type MispAttributeResponse ¶
type MispAttributeResponse struct {
Response MispAttributeDict `json:"response"`
}
MispAttributeResponse : API response when attribute query is done
func (MispAttributeResponse) Iter ¶
func (mar MispAttributeResponse) Iter() (moc chan MispObject)
Iter : MispResponse implementation
type MispCon ¶
func NewInsecureCon ¶
NewInsecureCon : Return a new MispCon with insecured TLS connection settings return (MispCon)
type MispConfig ¶
type MispConfig struct {
Proto string `json:"protocol"`
Host string `json:"host"`
APIKey string `json:"api-key"`
}
MispConfig structure
func LoadConfig ¶
func LoadConfig(path string) (mc MispConfig)
LoadConfig : load a configuration file from path return (MispConfig)
type MispEvent ¶
type MispEvent struct {
ID string `json:"id"`
OrgcID string `json:"orgc_id"`
OrgID string `json:"org_id"`
Date string `json:"date"`
ThreatLevelID string `json:"threat_level_id"`
Info string `json:"info"`
Published bool `json:"published"`
UUID string `json:"uuid"`
AttributeCount string `json:"attribute_count"`
Analysis string `json:"analysis"`
StrTimestamp string `json:"timestamp"`
Distribution string `json:"distribution"`
ProposalEmailLock bool `json:"proposal_email_lock"`
Locked bool `json:"locked"`
StrPublishedTimestamp string `json:"publish_timestamp"`
SharingGroupID string `json:"sharing_group_id"`
Org Org `json:"Org"`
Orgc Org `json:"Orgc"`
Attribute []MispAttribute `json:"Attribute"`
ShadowAttribute []MispAttribute `json:"ShadowAttribute"`
RelatedEvent []MispRelatedEvent `json:"RelatedEvent"`
Galaxy []MispRelatedEvent `json:"Galaxy"`
}
MispEvent definition
func (MispEvent) PublishedTimestamp ¶
PublishedTimestamp : return Time struct according to a string time
type MispEventDict ¶
type MispEventDict struct {
Event MispEvent `json:"Event"`
}
MispEventDict : intermediate structure to handle properly MISP API results
type MispEventQuery ¶
type MispEventQuery struct {
Value string `json:"value,omitempty"`
Type string `json:"type,omitempty"`
Category string `json:"category,omitempty"`
Org string `json:"org,omitempty"`
Tags string `json:"tags,omitempty"`
QuickFilter string `json:"quickfilter,omitempty"`
From string `json:"from,omitempty"`
To string `json:"to,omitempty"`
Last string `json:"last,omitempty"`
EventID string `json:"eventid,omitempty"`
WithAttachments string `json:"withAttachments,omitempty"`
Metadata string `json:"metadata,omitempty"`
SearchAll int8 `json:"searchall,omitempty"`
}
MispEventQuery : defines the structure of query to event search API
func (MispEventQuery) Prepare ¶
func (meq MispEventQuery) Prepare() (j []byte)
Prepare : MispQuery Implementation
type MispEventResponse ¶
type MispEventResponse struct {
Response []MispEventDict `json:"response"`
}
MispEventResponse : intermediate structure to handle properly MISP API results
func (MispEventResponse) Iter ¶
func (mer MispEventResponse) Iter() (moc chan MispObject)
Iter : MispResponse implementation
type MispObject ¶
type MispObject interface{}
type MispQuery ¶
type MispQuery interface {
// Prepare the query and returns a JSON object in a form of a byte array
Prepare() []byte
}
type MispRelatedEvent ¶
type MispRelatedEvent struct {
ID string `json:"id"`
Date string `json:"date"`
ThreatLevelID string `json:"threat_level_id"`
Info string `json:"info"`
Published bool `json:"published"`
UUID string `json:"uuid"`
Analysis string `json:"analysis"`
StrTimestamp string `json:"timestamp"`
Distribution string `json:"distribution"`
OrgID string `json:"org_id"`
OrgcID string `json:"orgc_id"`
Org Org `json:"Org"`
Orgc Org `json:"Orgc"`
}
MispRelatedEvent definition
func (*MispRelatedEvent) Timestamp ¶
func (mre *MispRelatedEvent) Timestamp() time.Time
Timestamp : return Time struct according to a string time
type MispRequest ¶
type MispRequest struct {
Request MispQuery `json:"request"`
}
type MispResponse ¶
type MispResponse interface {
Iter() chan MispObject
}
Source Files
Click to show internal directories.
Click to hide internal directories.