kellya/matrix-webhook
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

add abuseipdb and crowdsec cti links for IP

Browse source
This commit is contained in:
Alex Kelly 2022-12-02 11:20:30 -05:00
parent 33a650efda
commit 05eeab7c9c
1 changed files with 11 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
matrix_webhook/formatters/crowdsec.py
View file

@ -1,11 +1,16 @@
def formatter(data, headers): def formatter(data, headers):
""" format a message sent with crowdsec http endpoints""" """format a message sent with crowdsec http endpoints"""
data_out = "" data_out = ""
for row in data["body"]: for row in data["body"]:
if "crowdsecurity" in row['scenario']: if "crowdsecurity" in row["scenario"]:
source, scenario, *_ = row['scenario'].split('/') source, scenario, *_ = row["scenario"].split("/")
row['scenario'] = f"[{scenario}](https://hub.crowdsec.net/author/crowdsecurity/configurations/{scenario})" row[
data_out += f"{row['host']} has been banned {row['duration']} due to {row['scenario']}\n\n[AbuseIPDB](https://www.abuseipdb.com/check{row['host'])" "scenario"
] = f"[{scenario}](https://hub.crowdsec.net/author/crowdsecurity/configurations/{scenario})"
data_out += (
f"{row['host']} has been banned {row['duration']} due to {row['scenario']}\n\n"
f"[AbuseIPDB](https://www.abuseipdb.com/check/{row['host']})|"
f"[Crowdsec](https://app.crowdsec.net/cti/{row['host']})\n\n"
)
data["body"] = data_out data["body"] = data_out
return data return data