add abuseipdb and crowdsec cti links for IP
This commit is contained in:
parent
33a650efda
commit
05eeab7c9c
1 changed files with 11 additions and 6 deletions
|
@ -2,10 +2,15 @@ def formatter(data, headers):
|
||||||
"""format a message sent with crowdsec http endpoints"""
|
"""format a message sent with crowdsec http endpoints"""
|
||||||
data_out = ""
|
data_out = ""
|
||||||
for row in data["body"]:
|
for row in data["body"]:
|
||||||
if "crowdsecurity" in row['scenario']:
|
if "crowdsecurity" in row["scenario"]:
|
||||||
source, scenario, *_ = row['scenario'].split('/')
|
source, scenario, *_ = row["scenario"].split("/")
|
||||||
row['scenario'] = f"[{scenario}](https://hub.crowdsec.net/author/crowdsecurity/configurations/{scenario})"
|
row[
|
||||||
data_out += f"{row['host']} has been banned {row['duration']} due to {row['scenario']}\n\n[AbuseIPDB](https://www.abuseipdb.com/check{row['host'])"
|
"scenario"
|
||||||
|
] = f"[{scenario}](https://hub.crowdsec.net/author/crowdsecurity/configurations/{scenario})"
|
||||||
|
data_out += (
|
||||||
|
f"{row['host']} has been banned {row['duration']} due to {row['scenario']}\n\n"
|
||||||
|
f"[AbuseIPDB](https://www.abuseipdb.com/check/{row['host']})|"
|
||||||
|
f"[Crowdsec](https://app.crowdsec.net/cti/{row['host']})\n\n"
|
||||||
|
)
|
||||||
data["body"] = data_out
|
data["body"] = data_out
|
||||||
return data
|
return data
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue