Enrichment of Events and Attributes #1318

DeveloperNamedMax · 2025-02-18T11:37:31Z

According to the MISP OpenAPI specification, there is an endpoint (POST /attributes/enrich/{attribute_id}) and (POST /events/enrichEvent/{eventId) for enriching events and attributes. However, I've been unable to find a corresponding higher-level function in PyMISP for this endpoint.

Is there an existing method for enriching events/attributes that I might be missing?

Currently using:

PyMISP’s direct_call():

mispdirect_call(f'/attributes/enrich/{attribute_id}', data=enrichment_modules)
mispdirect_call(f'/events/enrichEvent/{event_id}', data=enrichment_modules)

Requests directly:

response = requests.post(
    f'{misp_root_url}/attributes/enrich/{attribute_id}',
    json=enrichment_modules,
    verify=True,
    headers=headers
)

response = requests.post(
    f'{misp_root_url}/events/enrichEvent/{event_id}',
    json=enrichment_modules,
    verify=True,
    headers=headers
)

The text was updated successfully, but these errors were encountered:

Rafiot · 2025-02-18T12:23:09Z

It's missing in PyMISP, I'll add it asap (unless you do it first, I'm happily merging PRs).

Related #1318

Rafiot · 2025-02-19T15:57:00Z

I'll test it a bit more, but looks like it's going t be in the next release :)

Rafiot self-assigned this Feb 18, 2025

Rafiot added a commit that referenced this issue Feb 19, 2025

new: Enrich event/attribute endpoints

0f632ba

Related #1318

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Enrichment of Events and Attributes #1318

Enrichment of Events and Attributes #1318

DeveloperNamedMax commented Feb 18, 2025

Rafiot commented Feb 18, 2025

Rafiot commented Feb 19, 2025

Enrichment of Events and Attributes #1318

Enrichment of Events and Attributes #1318

Comments

DeveloperNamedMax commented Feb 18, 2025

Rafiot commented Feb 18, 2025

Rafiot commented Feb 19, 2025