or run

tessl search
Log in

Version

Workspace
tessl
Visibility
Public
Created
Last updated
Describes
pypipkg:pypi/pymisp@2.5.x

evals

scenario-3

rubric.jsontask.md
tile.json

tessl/pypi-pymisp

tessl install tessl/pypi-pymisp@2.5.0

Python API for MISP threat intelligence platform enabling programmatic access to MISP instances.

Agent Success

Agent success rate when using this tile

96%

Improvement

Agent success rate improvement when using this tile compared to baseline

1.25x

Baseline

Agent success rate without this tile

77%

task.mdevals/scenario-3/

Threat Intelligence Sharing Manager

A command-line tool for managing threat intelligence sharing configurations in MISP, enabling organizations to control data distribution and collaborate through sharing groups.

Capabilities

Sharing Group Management

  • Creates a new sharing group with a name and description @test
  • Adds an organization to an existing sharing group @test
  • Retrieves details of a sharing group by ID including member organizations @test

Distribution Level Configuration

  • Sets the distribution level for an event to "organization only" @test
  • Sets the distribution level for an event to use a specific sharing group @test
  • Updates an attribute's distribution level to "all communities" @test

Implementation

@generates

API

class SharingManager:
    """
    Manages threat intelligence sharing configurations in MISP.

    Args:
        misp_url: The URL of the MISP instance
        misp_key: The API key for authentication
    """
    def __init__(self, misp_url: str, misp_key: str):
        pass

    def create_sharing_group(self, name: str, description: str) -> dict:
        """
        Creates a new sharing group.

        Args:
            name: Name of the sharing group
            description: Description of the sharing group

        Returns:
            Dictionary containing the created sharing group details including 'id'
        """
        pass

    def add_organization_to_sharing_group(self, sharing_group_id: int, org_id: int) -> bool:
        """
        Adds an organization to a sharing group.

        Args:
            sharing_group_id: ID of the sharing group
            org_id: ID of the organization to add

        Returns:
            True if successful, False otherwise
        """
        pass

    def get_sharing_group(self, sharing_group_id: int) -> dict:
        """
        Retrieves sharing group details.

        Args:
            sharing_group_id: ID of the sharing group

        Returns:
            Dictionary containing sharing group details including member organizations
        """
        pass

    def set_event_distribution(self, event_id: int, distribution_level: int, sharing_group_id: int = None) -> bool:
        """
        Sets the distribution level for an event.

        Distribution levels:
        0 = Organization only
        1 = Community only
        2 = Connected communities
        3 = All communities
        4 = Sharing group (requires sharing_group_id)

        Args:
            event_id: ID of the event
            distribution_level: Distribution level (0-4)
            sharing_group_id: Required when distribution_level is 4

        Returns:
            True if successful, False otherwise
        """
        pass

    def update_attribute_distribution(self, attribute_id: int, distribution_level: int) -> bool:
        """
        Updates the distribution level for an attribute.

        Args:
            attribute_id: ID of the attribute
            distribution_level: Distribution level (0-4)

        Returns:
            True if successful, False otherwise
        """
        pass

Dependencies { .dependencies }

pymisp { .dependency }

Provides Python API for MISP threat intelligence platform.