cif-router [elasticsearch] - AttributeError: 'list' object has no attribute 'split'

[ghost]

While getting feeds with multiple tags (Source is csirt-smrt) they came as:

    "tags": [
        "suspicious",
        "hijacked"
    ],

But the router response will be like this:

Nov 29 12:12:06 localhost cif-router[34927]: 2016-11-29 12:12:06,862 - ERROR - cif.store[133][MainThread] - 'list' object has no attribute 'split'
Nov 29 12:12:06 localhost cif-router[34927]: Traceback (most recent call last):
Nov 29 12:12:06 localhost cif-router[34927]:   File "/usr/local/lib/python2.7/dist-packages/cif-3.0.0a10+25.g56907e2.dirty-py2.7.egg/cif/store/__init__.py", line 116, in handle_message
Nov 29 12:12:06 localhost cif-router[34927]:     rv = handler(token.decode('utf-8'), data)
Nov 29 12:12:06 localhost cif-router[34927]:   File "/usr/local/lib/python2.7/dist-packages/cif-3.0.0a10+25.g56907e2.dirty-py2.7.egg/cif/store/__init__.py", line 184, in handle_indicators_create
Nov 29 12:12:06 localhost cif-router[34927]:     return self.store.indicators_upsert(data)
Nov 29 12:12:06 localhost cif-router[34927]:   File "/usr/local/lib/python2.7/dist-packages/cif-3.0.0a10+25.g56907e2.dirty-py2.7.egg/cif/store/zelasticsearch/indicator.py", line 154, in indicators_upsert
Nov 29 12:12:06 localhost cif-router[34927]:     filters['tags'] = d['tags'].split(',')
Nov 29 12:12:06 localhost cif-router[34927]: AttributeError: 'list' object has no attribute 'split'

Commit and PR in a few minutes

[wesyoung]

@tk-hendrik also, keep an eye out later this week for a release that will significantly improve csirt-smrt performance.

https://github.com/csirtgadgets/csirtg-smrt-py/pull/66

it's tagged right now in pypi as '0.0.0a15' if you wanna mess with it locally.