diff --git a/.flake8 b/.flake8 index 0cf8878f..117c3bab 100644 --- a/.flake8 +++ b/.flake8 @@ -5,7 +5,6 @@ exclude = *__init__.py ignore = E114 # indentation is not a multiple of four (comment) - E116 # unexpected indentation (comment) E121 # continuation line under-indented for hanging indent E122 # continuation line missing indentation or outdented E123 # closing bracket does not match indentation of opening bracket's line diff --git a/cron/collectAttackers.py b/cron/collectAttackers.py index 7f698412..b148b030 100755 --- a/cron/collectAttackers.py +++ b/cron/collectAttackers.py @@ -330,21 +330,22 @@ def updateAttackerGeoIP(mozdefdb, attackerID, eventDictionary): ''' # geo ip should be in eventDictionary['details']['sourceipgeolocation'] - #"sourceipgeolocation": { - #"city": "Polska", - #"region_code": "73", - #"area_code": 0, - #"time_zone": "Europe/Warsaw", - #"dma_code": 0, - #"metro_code": null, - #"country_code3": "POL", - #"latitude": 52.59309999999999, - #"postal_code": null, - #"longitude": 19.089400000000012, - #"country_code": "PL", - #"country_name": "Poland", - #"continent": "EU" - #logger.debug(eventDictionary) + # "sourceipgeolocation": { + # "city": "Polska", + # "region_code": "73", + # "area_code": 0, + # "time_zone": "Europe/Warsaw", + # "dma_code": 0, + # "metro_code": null, + # "country_code3": "POL", + # "latitude": 52.59309999999999, + # "postal_code": null, + # "longitude": 19.089400000000012, + # "country_code": "PL", + # "country_name": "Poland", + # "continent": "EU" + # } + # logger.debug(eventDictionary) if 'details' in eventDictionary.keys(): if 'sourceipgeolocation' in eventDictionary['details']: attackers=mozdefdb['attackers'] diff --git a/examples/demo/sampleData2MozDef.py b/examples/demo/sampleData2MozDef.py index 309863ad..5b9dca4e 100755 --- a/examples/demo/sampleData2MozDef.py +++ b/examples/demo/sampleData2MozDef.py @@ -85,16 +85,16 @@ def postLogs(logcache): pass #for p,postdata,url in posts: #try: - #if p.result().status_code >=500: - #logger.error("exception posting to %s %r [will retry]\n"%(url,p.result().status_code)) - ##try again later when the next message in forces other attempts at posting. - #logcache.put(postdata) + #if p.result().status_code >=500: + #logger.error("exception posting to %s %r [will retry]\n"%(url,p.result().status_code)) + ##try again later when the next message in forces other attempts at posting. + #logcache.put(postdata) #except ClosedPoolError as e: - ##logger.fatal("Closed Pool Error exception posting to %s %r %r [will retry]\n"%(url,e,postdata)) - #logcache.put(postdata) + ##logger.fatal("Closed Pool Error exception posting to %s %r %r [will retry]\n"%(url,e,postdata)) + #logcache.put(postdata) #except Exception as e: - #logger.fatal("exception posting to %s %r %r [will not retry]\n"%(url,e,postdata)) - #sys.exit(1) + #logger.fatal("exception posting to %s %r %r [will not retry]\n"%(url,e,postdata)) + #sys.exit(1) def genRandomIPv4(): #random, IPs diff --git a/mq/plugins/broFixup.py b/mq/plugins/broFixup.py index 47d49418..6fa82133 100644 --- a/mq/plugins/broFixup.py +++ b/mq/plugins/broFixup.py @@ -421,7 +421,7 @@ class message(object): u'destination {dst} ' u'port {p}' ).format(**sumstruct) - # Thank you for your service + # Thank you for your service return (newmessage, metadata) if logtype == 'rdp': diff --git a/rest/index.py b/rest/index.py index af3236fc..73c5d6a4 100644 --- a/rest/index.py +++ b/rest/index.py @@ -579,13 +579,6 @@ def verisSummary(verisRegex=None): client = MongoClient(options.mongohost, options.mongoport) # use meteor db incidents= client.meteor['incidents'] - #iveris=incidents.aggregate([ - #{"$match":{"tags":{"$exists":True}}}, - #{"$unwind" : "$tags" }, - #{"$match":{"tags":{"$regex":''}}}, #regex for tag querying - #{"$group": {"_id": "$tags", "hitcount": {"$sum": 1}}}, # count by tag - #{"$sort": SON([("hitcount", -1), ("_id", -1)])}, #sort - #]) iveris=incidents.aggregate([