intelmq.bots.parsers.github_feed package¶
Submodules¶
intelmq.bots.parsers.github_feed.parser module¶
Github IOC feeds’ parser
-
intelmq.bots.parsers.github_feed.parser.BOT¶ alias of
intelmq.bots.parsers.github_feed.parser.GithubFeedParserBot
-
class
intelmq.bots.parsers.github_feed.parser.GithubFeedParserBot(*args, **kwargs)¶ Bases:
intelmq.lib.bot.ParserBotParse known GitHub feeds
-
class
StrangerealIntelDailyIOC(logger)¶ Bases:
object-
parse(event, json_content: dict)¶ Parse the specific feed to sufficient fields
Parameters: - event – output event object
- json_content – IOC(s) in JSON format
-
-
init()¶
-
parse(report, json_content: dict)¶ A generator yielding the single elements of the data.
Comments, headers etc. can be processed here. Data needed by self.parse_line can be saved in self.tempdata (list).
Default parser yields stripped lines. Override for your use or use an existing parser, e.g.:
parse = ParserBot.parse_csv
- You should do that for recovering lines too.
- recover_line = ParserBot.recover_line_csv
-
process()¶
-
class
-
intelmq.bots.parsers.github_feed.parser.parse_domain_indicator(event, ioc_indicator: str)¶
-
intelmq.bots.parsers.github_feed.parser.parse_hash_indicator(event, ioc_indicator: str, hash_type: str)¶
-
intelmq.bots.parsers.github_feed.parser.parse_ip_indicator(event, ioc_indicator: str)¶
-
intelmq.bots.parsers.github_feed.parser.parse_url_indicator(event, ioc_indicator: str)¶
