search

carbonblack / cbfeeds

Carbon Black Feeds
Other
70 stars 31 forks source link

Query IOC for report %s missing q= on query" % self.data["id"]) #17

Closed carnal0wnage closed 6 years ago

carnal0wnage commented 6 years ago

Query IOC for report %s missing q= on query" % self.data["id"])

pretty sure the id field should not be having the q field perhaps you mean the search_query or query.

a simple putting q= into the id field just results in an error because it cant have anything thats not alphnumeric

Traceback (most recent call last):
  File "generate_feed.py", line 131, in <module>
    bytes = create(rules_file)
  File "generate_feed.py", line 123, in create
    created_feed = feed.dump()
  File "/Users/username/Documents/dev/cbfeeds-XXXXXXXXXX/cbfeedbuilder/lib/python2.7/site-packages/cbfeeds/feed.py", line 28, in dump
    self.validate()
  File "/Users/username/Documents/dev/cbfeeds-XXXXXXXXXX/cbfeedbuilder/lib/python2.7/site-packages/cbfeeds/feed.py", line 74, in validate
    serialized_data = self.dump(validate=False)
  File "/Users/username/Documents/dev/cbfeeds-XXXXXXXXXX/cbfeedbuilder/lib/python2.7/site-packages/cbfeeds/feed.py", line 29, in dump
    return json.dumps(self.data, cls=CbJSONEncoder, indent=2)
  File "/usr/local/Cellar/python@2/2.7.15_1/Frameworks/Python.framework/Versions/2.7/lib/python2.7/json/__init__.py", line 251, in dumps
    sort_keys=sort_keys, **kw).encode(obj)
  File "/usr/local/Cellar/python@2/2.7.15_1/Frameworks/Python.framework/Versions/2.7/lib/python2.7/json/encoder.py", line 209, in encode
    chunks = list(chunks)
  File "/usr/local/Cellar/python@2/2.7.15_1/Frameworks/Python.framework/Versions/2.7/lib/python2.7/json/encoder.py", line 434, in _iterencode
    for chunk in _iterencode_dict(o, _current_indent_level):
  File "/usr/local/Cellar/python@2/2.7.15_1/Frameworks/Python.framework/Versions/2.7/lib/python2.7/json/encoder.py", line 408, in _iterencode_dict
    for chunk in chunks:
  File "/usr/local/Cellar/python@2/2.7.15_1/Frameworks/Python.framework/Versions/2.7/lib/python2.7/json/encoder.py", line 332, in _iterencode_list
    for chunk in chunks:
  File "/usr/local/Cellar/python@2/2.7.15_1/Frameworks/Python.framework/Versions/2.7/lib/python2.7/json/encoder.py", line 442, in _iterencode
    o = _default(o)
  File "/Users/username/Documents/dev/cbfeeds-XXXXXXXXXX/cbfeedbuilder/lib/python2.7/site-packages/cbfeeds/feed.py", line 14, in default
    return o.dump()
  File "/Users/username/Documents/dev/cbfeeds-XXXXXXXXXX/cbfeedbuilder/lib/python2.7/site-packages/cbfeeds/feed.py", line 202, in dump
    self.validate()
  File "/Users/username/Documents/dev/cbfeeds-XXXXXXXXXX/cbfeedbuilder/lib/python2.7/site-packages/cbfeeds/feed.py", line 323, in validate
    raise CbInvalidReport("Query IOC for report %s missing q= on query" % self.data["id"])
cbfeeds.CbInvalidReport: Query IOC for report customfeed missing q= on query
carnal0wnage commented 6 years ago

not sure it's NOT me, closing for now