samitainio
commented
1 month ago The documentation that I followed can be found here:
Function: search()
- Parameters: with_attachments bool | None – If set, encodes the attachments / zipped malware samples as base64 in the data field within each attribute
- Deprecated: Parameters: withAttachments bool | None – synonym for with_attachments
Now my code had it written like with_attachments as per that documentation and it does nothing when written like this.
Then I noticed the OpenAPI documentation had it written as withAttachments so I figured to try it even though the docs say it is deprecated. It started working.
Documentation requires updating or verification what is actually used and what is not.
Issue: fixed and this issue may be closed at your convenience - keeping it open so the resolution doesn't get buried and devs see this
Rafiot
This might be a PEBKAC issue but I just can't get the PyMISP
search()function to return events so that the file attachments that have been saved inside objects, mainly from the report object, would be included in the returned JSON. I have set thewith_attachmentstoTruebut it doesn't seem to do anything for these files. What am I missing here or is this a bug?I've been trying to get this work on the following versions: MISP:
Currently installed version… v2.4.192 (694da4e641d0912ec9ff84cf68ae530477fad616)PyMISP on the MISP server:2.4.190PyMISP on the client:2.4.190For everything else the
search()is returning everything as expected as far as I can see.If I manually export same MISP events from the UI then the files are included. Any insight into the matter would be greatly appreacited!