1

我正在尝试通过使用 github 上 azure 的默认文档将威胁指标从我的 MISP 实例推送到 azure sentinel:https ://github.com/microsoftgraph/security-api-solutions/tree/master/Samples/MISP

我按照文档执行了这些步骤,但是 python3 script.py 给了我以下错误:

Traceback (most recent call last):
  File "script.py", line 100, in <module>
    main()
  File "script.py", line 96, in main
    request_manager.handle_indicator(request_body)
  File "/var/azure/sentinel/security-api-solutions/Samples/MISP/RequestManager.py", line 197, in handle_indicator
    self._post_to_graph()
  File "/var/azure/sentinel/security-api-solutions/Samples/MISP/RequestManager.py", line 184, in _post_to_graph
    self._log_post(response)
  File "/var/azure/sentinel/security-api-solutions/Samples/MISP/RequestManager.py", line 98, in _log_post
    if len(response['value']) > 0:
KeyError: 'value'

这是调用 RequestManager.py 中的内置方法,用于将指标发布到 Graph API

4

1 回答 1

1

不知道您的 Python 问题的答案,但您是否尝试过直接针对您的应用程序使用威胁情报平台连接器?它现在处于公开预览状态。

于 2020-01-05T12:42:51.790 回答