intelmq.bots.parsers.abusech package¶
Submodules¶
intelmq.bots.parsers.abusech.parser_feodotracker module¶
- class intelmq.bots.parsers.abusech.parser_feodotracker.AbusechFeodoTrackerParserBot(*args, **kwargs)¶
Bases:
ParserBot
Parse the Abuse.ch Feodo Tracker feed (json)
List of source fields: [
‘ip_address’, ‘port’, ‘status’, ‘hostname’, ‘as_number’, ‘as_name’, ‘country’, ‘first_seen’, ‘last_online’, ‘malware’
]
- parse_line(line, report)¶
A generator which can yield one or more messages contained in line.
Report has the full message, thus you can access some metadata. Override for your use.
- recover_line(line: dict) str ¶
Reverse of parse for JSON pulses.
Recovers a fully functional report with only the problematic pulse. Using a string as input here is not possible, as the input may span over multiple lines. Output is not identical to the input, but has the same content.
- Parameters:
dict. (The line as) –
- Returns:
The JSON-encoded line as string.
- Return type:
str
- intelmq.bots.parsers.abusech.parser_feodotracker.BOT¶
alias of
AbusechFeodoTrackerParserBot