misp

package module

v0.0.0-...-ddcdd88 Latest Latest Go to latest Published: Apr 7, 2025 License: MIT Imports: 9 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/codehardt/go-misp

Links

Open Source Insights

README ¶

go-misp

Query events and attributes from MISP with this Golang implementation.

Example

mispClient, err := misp.New(&http.Client{/*...*/}, "https://<your-misp>/", "<auth key>")
if err != nil {
    panic(err)
}
events, err := mispClient.SearchEvents(nil, nil, "", "", "", "", false)
if err != nil {
    panic(err)
}

Documentation ¶

Index ¶

Variables
type Attribute
type Client
- func New(httpClient *http.Client, baseURL string, auth string) (*Client, error)
- func (c *Client) SearchEvents(tags, notTags []string, from, to, last, eventid string, metadata bool, ...) (events []Event, err error)
type Event
type Object
type Org
type Tag

Constants ¶

This section is empty.

Variables ¶

View Source

var ErrToManyRequests = errors.New("too many requests")

Functions ¶

This section is empty.

Types ¶

type Attribute ¶

type Attribute struct {
	ID      int64  `json:"id,string"`
	Type    string `json:"type"`
	ToIDS   bool   `json:"to_ids"`
	Value   string `json:"value"`
	Deleted bool   `json:"deleted"`
}

Attribute of Event

type Client ¶

type Client struct {
	// contains filtered or unexported fields
}

func New ¶

func New(httpClient *http.Client, baseURL string, auth string) (*Client, error)

func (*Client) SearchEvents ¶

func (c *Client) SearchEvents(tags, notTags []string, from, to, last, eventid string, metadata bool, timestamp *time.Time, limit, page int) (events []Event, err error)

SearchEvents queries the MISP for events

type Event ¶

type Event struct {
	ID            int64       `json:"id,string"`
	Info          string      `json:"info"`
	Date          string      `json:"date"`
	Timestamp     int64       `json:"timestamp,string"`
	ThreatLevelID int8        `json:"threat_level_id,string"`
	Published     bool        `json:"published"`
	Orgc          Org         `json:"Orgc"`
	Attributes    []Attribute `json:"Attribute"`
	Objects       []Object    `json:"Object"`
	Tag           []Tag       `json:"tag"`
}

Event in MISP

type Object ¶

type Object struct {
	ID         int64       `json:"id,string"`
	Name       string      `json:"name"`
	Attributes []Attribute `json:"Attribute"`
}

type Org ¶

type Org struct {
	Name string `json:"name"`
}

Org / Orgc in Event

type Tag ¶

type Tag struct {
	ID      int64  `json:"id,string"`
	Name    string `json:"name"`
	Color   string `json:"colour"`
	HideTag bool   `json:"hide_tag"`
}

Tag of Event

Source Files ¶

View all Source files

misp.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL