Skip to content

Commit 66bf650

Browse files
author
Stefano Ortolani
committedJan 21, 2020
change: migrate to analysis API when submitting tasks to Lastline
1 parent a88f199 commit 66bf650

File tree

8 files changed

+464
-300
lines changed

8 files changed

+464
-300
lines changed
 

‎doc/README.md

+3-1
Original file line numberDiff line numberDiff line change
@@ -613,6 +613,7 @@ A module to submit files or URLs to Joe Sandbox for an advanced analysis, and re
613613
Query Lastline with an analysis link and parse the report into MISP attributes and objects.
614614
The analysis link can also be retrieved from the output of the [lastline_submit](https://github.com/MISP/misp-modules/tree/master/misp_modules/modules/expansion/lastline_submit.py) expansion module.
615615
- **features**:
616+
>The module requires a Lastline Portal `username` and `password`.
616617
>The module uses the new format and it is able to return MISP attributes and objects.
617618
>The module returns the same results as the [lastline_import](https://github.com/MISP/misp-modules/tree/master/misp_modules/modules/import_mod/lastline_import.py) import module.
618619
- **input**:
@@ -630,7 +631,7 @@ The analysis link can also be retrieved from the output of the [lastline_submit]
630631

631632
Module to submit a file or URL to Lastline.
632633
- **features**:
633-
>The module requires a Lastline API key and token (or username and password).
634+
>The module requires a Lastline Analysis `api_token` and `key`.
634635
>When the analysis is completed, it is possible to import the generated report by feeding the analysis link to the [lastline_query](https://github.com/MISP/misp-modules/tree/master/misp_modules/modules/expansion/lastline_query.py) module.
635636
- **input**:
636637
>File or URL to submit to Lastline.
@@ -1701,6 +1702,7 @@ A module to import data from a Joe Sandbox analysis json report.
17011702

17021703
Module to import and parse reports from Lastline analysis links.
17031704
- **features**:
1705+
>The module requires a Lastline Portal `username` and `password`.
17041706
>The module uses the new format and it is able to return MISP attributes and objects.
17051707
>The module returns the same results as the [lastline_query](https://github.com/MISP/misp-modules/tree/master/misp_modules/modules/expansion/lastline_query.py) expansion module.
17061708
- **input**:

‎doc/expansion/lastline_query.json

+1-1
Original file line numberDiff line numberDiff line change
@@ -5,5 +5,5 @@
55
"input": "Link to a Lastline analysis.",
66
"output": "MISP attributes and objects parsed from the analysis report.",
77
"references": ["https://www.lastline.com"],
8-
"features": "The module uses the new format and it is able to return MISP attributes and objects.\nThe module returns the same results as the [lastline_import](https://github.com/MISP/misp-modules/tree/master/misp_modules/modules/import_mod/lastline_import.py) import module."
8+
"features": "The module requires a Lastline Portal `username` and `password`.\nThe module uses the new format and it is able to return MISP attributes and objects.\nThe module returns the same results as the [lastline_import](https://github.com/MISP/misp-modules/tree/master/misp_modules/modules/import_mod/lastline_import.py) import module."
99
}

‎doc/expansion/lastline_submit.json

+1-1
Original file line numberDiff line numberDiff line change
@@ -5,5 +5,5 @@
55
"input": "File or URL to submit to Lastline.",
66
"output": "Link to the report generated by Lastline.",
77
"references": ["https://www.lastline.com"],
8-
"features": "The module requires a Lastline API key and token (or username and password).\nWhen the analysis is completed, it is possible to import the generated report by feeding the analysis link to the [lastline_query](https://github.com/MISP/misp-modules/tree/master/misp_modules/modules/expansion/lastline_query.py) module."
8+
"features": "The module requires a Lastline Analysis `api_token` and `key`.\nWhen the analysis is completed, it is possible to import the generated report by feeding the analysis link to the [lastline_query](https://github.com/MISP/misp-modules/tree/master/misp_modules/modules/expansion/lastline_query.py) module."
99
}

‎doc/import_mod/lastline_import.json

+1-1
Original file line numberDiff line numberDiff line change
@@ -5,5 +5,5 @@
55
"input": "Link to a Lastline analysis.",
66
"output": "MISP attributes and objects parsed from the analysis report.",
77
"references": ["https://www.lastline.com"],
8-
"features": "The module uses the new format and it is able to return MISP attributes and objects.\nThe module returns the same results as the [lastline_query](https://github.com/MISP/misp-modules/tree/master/misp_modules/modules/expansion/lastline_query.py) expansion module."
8+
"features": "The module requires a Lastline Portal `username` and `password`.\nThe module uses the new format and it is able to return MISP attributes and objects.\nThe module returns the same results as the [lastline_query](https://github.com/MISP/misp-modules/tree/master/misp_modules/modules/expansion/lastline_query.py) expansion module."
99
}

0 commit comments

Comments
 (0)
Please sign in to comment.