Modify query defs,config

2024-12-04 11:09:10 -03:00 · 2024-12-04 11:09:10 -03:00 · f48678770d
commit f48678770d
parent 5bb6197c9e
2 changed files with 17 additions and 8 deletions
--- a/config.py
+++ b/config.py
@ -34,3 +34,5 @@ IOC_TIPOS_OMITIR = [
    'pgp-private-key'
 ]

+WORKERS_THR = 4
+
--- a/defs.py
+++ b/defs.py
@ -10,6 +10,7 @@ from concurrent.futures import ThreadPoolExecutor, as_completed
 from sqlalchemy import create_engine
 from sqlalchemy.orm import sessionmaker
 from pymisp import PyMISP
+from pymisp.exceptions import PyMISPError
 import config
 import urllib3
 import requests
@ -120,7 +121,7 @@ class MISPProcessorTop:
                    
                    
            return False
-        except Exception as err:
+        except (Exception, PyMISPError) as err:
            logging.error(str(err))
            return True

@ -291,7 +292,7 @@ class MISPProcessorTop:
                        # Se elimina evento con cero atributo...
                        self.misp.delete_event(int(e['Event']['id']))
                        logging.info("Eliminando evento #" +e['Event']['id']+" por carencia de atributos")
-            except Exception as err:
+            except (Exception, PyMISPError) as err:
                logging.error(str(err))
        return resultados

@ -350,17 +351,23 @@ class MISPProcessorTop:
                    # Rango completo de fechas....
                    logging.info("Buscando IoC Desde :" + desde + " Hasta :" + hasta)
                    
-                    eventos_tmp = self.misp.search(publish_timestamp=desde)
-                    #eventos = self.misp.search(date_from=desde, date_to=hasta, published=True)
+                    #eventos_tmp = self.misp.search(publish_timestamp=desde)
+                    #eventos_tmp = self.misp.search(date_from=desde, published=True)
+
+                    eventos_tmp = self.misp.search_index(publish_timestamp=desde)

                    # Si existen eventos, se realiza proceso...
                    if eventos_tmp:
+                        logging.info("Recolectando eventos para procesar")
                        eventos = []
                        
                        # Se seleccionan eventos para establecer limite de fechas
                        for e in eventos_tmp:
-                            if datetime.fromtimestamp(int(e['Event']['publish_timestamp'])).date() <= datetime.strptime(hasta, '%Y-%m-%d').date():
-                                eventos.append(e)
+                            if datetime.fromtimestamp(int(e['publish_timestamp'])).date() <= datetime.strptime(hasta, '%Y-%m-%d').date():
+                                
+                                # Event get
+                                ev = self.misp.get_event(int(e['id']))
+                                eventos.append(ev)
                        
                        # Atributos por evento es None, se calcula promedio...
                        if a_por_evento is None:
@ -381,7 +388,7 @@ class MISPProcessorTop:
                        logging.info("Eventos por procesar :" + str(len(eventos)))
                        logging.info("Máximo de atributos a procesar por evento :" + str(prom))

-                        num_workers = 4
+                        num_workers = config.WORKERS_THR
                        logging.info(f"Usando {num_workers} workers")

                        with ThreadPoolExecutor(max_workers=num_workers) as executor:
@ -409,7 +416,7 @@ class MISPProcessorTop:
                logging.error("No se encuentran cuentas asociadas a MISP. Se detiene proceso")

            return output
-        except Exception as err:
+        except (Exception, PyMISPError) as err:
            logging.error(str(err))

    def guarda_ioc_json(self, data: list, filename: str):