intelmq.bots.parsers.github_feed package

Submodules

intelmq.bots.parsers.github_feed.parser module

Github IOC feeds’ parser

intelmq.bots.parsers.github_feed.parser.BOT

alias of GithubFeedParserBot

class intelmq.bots.parsers.github_feed.parser.GithubFeedParserBot(*args, **kwargs)

Bases: ParserBot

Parse known GitHub feeds

class StrangerealIntelDailyIOC(logger)

Bases: object

parse(event, json_content: dict)

Parse the specific feed to sufficient fields

Parameters:

• event – output event object

• json_content – IOC(s) in JSON format

init()

parse(report, json_content: dict)

A generator yielding the single elements of the data.

Comments, headers etc. can be processed here. Data needed by self.parse_line can be saved in self.tempdata (list).

Default parser yields stripped lines. Override for your use or use an existing parser, e.g.:

parse = ParserBot.parse_csv

You should do that for recovering lines too.

recover_line = ParserBot.recover_line_csv

process()

intelmq.bots.parsers.github_feed.parser.parse_domain_indicator(event, ioc_indicator: str)

intelmq.bots.parsers.github_feed.parser.parse_hash_indicator(event, ioc_indicator: str, hash_type: str)

intelmq.bots.parsers.github_feed.parser.parse_ip_indicator(event, ioc_indicator: str)

intelmq.bots.parsers.github_feed.parser.parse_url_indicator(event, ioc_indicator: str)

Module contents