tessl/pypi-pymisp
Python API for MISP threat intelligence platform enabling programmatic access to MISP instances.
Overall
score
96%
core-api.mddocs/
Core API Client
The PyMISP class serves as the main interface for interacting with MISP instances, providing authentication, connection management, and access to all MISP functionality.
Capabilities
Client Initialization
Initialize PyMISP client with connection parameters and authentication credentials.
class PyMISP:
def __init__(
self,
url: str,
key: str,
ssl: bool | str = True,
debug: bool = False,
proxies: MutableMapping[str, str] | None = None,
cert: str | tuple[str, str] | None = None,
auth: AuthBase | None = None,
tool: str = '',
timeout: float | tuple[float, float] | None = None,
http_headers: dict[str, str] | None = None,
https_adapter: requests.adapters.BaseAdapter | None = None,
http_auth_header_name: str = 'Authorization'
) -> None:
"""
Initialize PyMISP client.
Parameters:
- url: MISP instance URL (required)
- key: API authentication key (required)
- ssl: SSL certificate verification (True/False) or CA bundle path
- debug: Enable debug logging
- proxies: HTTP/HTTPS proxy configuration
- cert: Client certificate for mutual TLS authentication
- auth: Custom authentication handler
- tool: Tool identifier for user agent string
- timeout: Request timeout (seconds) or (connect, read) tuple
- http_headers: Additional HTTP headers
- https_adapter: Custom HTTPS adapter
- http_auth_header_name: Authentication header name
"""Client Properties
Access client information and MISP instance details.
@property
def version(self) -> dict[str, Any] | list[dict[str, Any]]:
"""Get PyMISP library version information."""
@cached_property
def misp_instance_version(self) -> dict[str, Any] | list[dict[str, Any]]:
"""Get connected MISP instance version and capabilities."""
@property
def recommended_pymisp_version(self) -> dict[str, Any] | list[dict[str, Any]]:
"""Get recommended PyMISP version for this MISP instance."""
@property
def describe_types_local(self) -> dict[str, Any] | list[dict[str, Any]]:
"""Get local MISP attribute type descriptions from package."""
@property
def describe_types_remote(self) -> dict[str, Any] | list[dict[str, Any]]:
"""Get remote MISP attribute type descriptions from server."""
@property
def pymisp_version_main(self) -> dict[str, Any] | list[dict[str, Any]]:
"""Get latest PyMISP version from GitHub main branch."""Server Configuration
Manage server settings and system administration.
def toggle_global_pythonify(self) -> None:
"""Toggle global pythonify setting for all responses."""
def set_server_setting(self, setting: str, value: str | int | bool, force: bool = False) -> dict[str, Any] | list[dict[str, Any]]:
"""Set MISP server configuration setting."""
def get_server_setting(self, setting: str) -> dict[str, Any] | list[dict[str, Any]]:
"""Get MISP server configuration setting."""
def server_settings(self) -> dict[str, Any] | list[dict[str, Any]]:
"""Get all server configuration settings."""
def restart_workers(self) -> dict[str, Any] | list[dict[str, Any]]:
"""Restart MISP background worker processes."""
def db_schema_diagnostic(self) -> dict[str, Any] | list[dict[str, Any]]:
"""Get database schema diagnostic information."""
def update_misp(self) -> dict[str, Any] | list[dict[str, Any]]:
"""Trigger MISP instance update process."""Access Control & Diagnostics
Manage access control and system diagnostics.
def remote_acl(self, debug_type: str = 'findMissingFunctionNames') -> dict[str, Any] | list[dict[str, Any]]:
"""
Check remote access control list status.
Parameters:
- debug_type: 'findMissingFunctionNames', 'printAllFunctionNames', or 'printRoleAccess'
"""Usage Examples
Basic Client Setup
from pymisp import PyMISP
# Basic initialization
misp = PyMISP('https://misp.example.com', 'your-api-key')
# With additional options
misp = PyMISP(
url='https://misp.example.com',
key='your-api-key',
ssl=True,
debug=False,
timeout=30,
proxies={'https': 'proxy.company.com:8080'}
)Version Information
# Get PyMISP version
version_info = misp.version
print(f"PyMISP Version: {version_info['version']}")
# Get MISP instance version
instance_version = misp.misp_instance_version
print(f"MISP Version: {instance_version['version']}")
# Get recommended PyMISP version
recommended = misp.recommended_pymisp_version
print(f"Recommended PyMISP: {recommended['version']}")Server Configuration
# Get supported attribute types
types = misp.describe_types_remote
print(f"Categories: {list(types['categories'])}")
print(f"Attribute types: {list(types['types'].keys())}")
# Configure server settings
misp.set_server_setting('MISP.background_jobs', True)
setting_value = misp.get_server_setting('MISP.background_jobs')
print(f"Background jobs enabled: {setting_value}")
# Restart workers
restart_result = misp.restart_workers()
print(f"Workers restart: {restart_result}")Error Handling
from pymisp.exceptions import PyMISPError, MISPServerError, NoURL, NoKey
try:
misp = PyMISP('https://misp.example.com', 'invalid-key')
events = misp.events()
except NoURL:
print("No MISP URL provided")
except NoKey:
print("No API key provided")
except MISPServerError as e:
print(f"Server error: {e}")
except PyMISPError as e:
print(f"PyMISP error: {e}")Types
from typing import Any, MutableMapping, TypeVar
from requests.auth import AuthBase
from requests.adapters import BaseAdapter
# Type aliases used in PyMISP
SearchType = TypeVar('SearchType', str, int)
SearchParameterTypes = TypeVar('SearchParameterTypes', str, list[str | int], dict[str, str | int])
ToIDSType = TypeVar('ToIDSType', str, int, bool)Install with Tessl CLI
npx tessl i tessl/pypi-pymispdocs
evals
scenario-1
scenario-2
scenario-3
scenario-4
scenario-5
scenario-6
scenario-7
scenario-8
scenario-9
scenario-10