added taxonomies when not found and templates

2024-11-06 00:55:17 +00:00 · 2020-03-30 09:18:08 +02:00 · 2020-03-30 09:18:08 +02:00 · f0737d0e6d
commit f0737d0e6d
parent 964a59ad0e
3 changed files with 54 additions and 3 deletions
--- a/analyzers/GRR/grrclient.py
+++ b/analyzers/GRR/grrclient.py
@ -20,9 +20,11 @@ class GRRAnalyzer(Analyzer):
        namespace = 'GRR'
        predicate = 'Client id'
        
-        for client_id in raw['results']:
-            taxonomies.append(self.build_taxonomy(level, namespace, predicate, client_id))
-
+        if len(raw['results']) > 0:
+            for client_id in raw['results']:
+                taxonomies.append(self.build_taxonomy(level, namespace, predicate, client_id))
+        else:
+            taxonomies.append(self.build_taxonomy(level, namespace, predicate, "NotFound"))
        return {"taxonomies": taxonomies}

    def run(self):
--- a/thehive-templates/GRR_1_0/long.html
+++ b/thehive-templates/GRR_1_0/long.html
@ -0,0 +1,46 @@
+<div class="panel panel-info" ng-if="success && content.results.length > 0">
+    <div class="panel-heading">
+        GRR search results for
+        <strong>{{artifact.data | fang}}</strong>
+    </div>
+    <div class="panel-body">
+        <div>
+            <dl class="dl-horizontal">
+                <dt>GRR uids:</dt>
+                <dd class="wrap">
+                    <ul>
+                        <li ng-repeat="list in content.results">
+                            {{list}}
+                        </li>
+                    </ul>
+                </dd>
+            </dl>
+        </div>
+    </div>
+</div>
+
+<!-- No results -->
+<div class="panel panel-danger" ng-if="success && content.results.length == 0">
+    <div class="panel-heading">
+        GRR search results for
+        <strong>{{artifact.data | fang}}</strong>
+    </div>
+    <div class="panel-body">
+        <p>No results</p>
+    </div>
+</div>
+
+<!-- General error  -->
+<div class="panel panel-danger" ng-if="!success">
+    <div class="panel-heading">
+        <strong>{{artifact.data | fang}}</strong>
+    </div>
+    <div class="panel-body">
+        <dl class="dl-horizontal" ng-if="content.errorMessage">
+            <dt>
+                <i class="fa fa-warning"></i> GRR:
+            </dt>
+            <dd class="wrap">{{content.errorMessage}}</dd>
+        </dl>
+    </div>
+</div>
--- a/thehive-templates/GRR_1_0/short.html
+++ b/thehive-templates/GRR_1_0/short.html
@ -0,0 +1,3 @@
+<span class="label" ng-repeat="t in content.taxonomies" ng-class="{'info': 'label-info', 'safe': 'label-success', 'suspicious': 'label-warning', 'malicious':'label-danger'}[t.level]">
+    {{t.namespace}}:{{t.predicate}}="{{t.value}}"
+</span>