Open teward opened 1 year ago
This method is expecting the ID of the sharing group. It is possible to have multiple sharing groups with the same name on a MISP instance, so searching like that will require to either optionally return a list, or ignore any group after we found one, causing even more inconsistency.
If you know the group you're looking for (by ID), you can use the get_sharing_group
method.
The
get_sharing_group
function in PyMISP objects seems to not function as intended when searching by strings.In an instance, we have a sharing group that is titled exactly "Tor Nodes Data". The
get_sharing_group
object suggests that it might be possible to use a sharing group name to get the sharing group by text search as such:However, this returns a hard error when passed to the MISP API backend:
This suggests that abstract search of this form does not work. If this is not a usable search mechanism, it will not be easy/trivial to get data out from what sharing group(s) a user is part of in order to use it for filtration in a
misp.search
call later.The only way I've discovered as a work around to do this would be akin to this:
It seems this type of search functionality should be part of
get_sharing_group
if we're accepting abstract strings in the code.