It seems that the proxy settings defined inlocal/misp42splunk_settings.conf are not used for a lot of the commands, it even throws errors for most of the search commands.
There are some calls to helper.get_proxy in misp_common.py, however this is only defined for alert_actions_base.py
I was able to make proxy work in my enviroment by changing the proxy code in misp_common.py to the following:
# get proxy parameters if any
config_args['proxies'] = dict()
if int(app_config['misp_use_proxy']) == 1:
misp_settings_file = os.path.join(
_SPLUNK_PATH, 'etc', 'apps', app_name,
'local', app_name + '_settings.conf')
proxy = None
if os.path.exists(misp_settings_file):
settingsConf = cli.readConfFile(misp_settings_file)
foundStanza = False
for name, content in list(settingsConf.items()):
if "proxy" == str(name):
proxy = content
foundStanza = True
if not foundStanza:
raise Exception(
"local/misp42splunk_settings.conf does not contain "
"any stanza proxy")
if proxy:
proxy_url = '://'
if 'proxy_username' in proxy:
if proxy['proxy_username'] not in ['', None]:
proxy_url = proxy_url + \
proxy['proxy_username'] + ':' \
+ proxy['proxy_password'] + '@'
proxy_url = proxy_url + proxy['proxy_url'] + \
':' + proxy['proxy_port'] + '/'
config_args['proxies'] = {
"http": "http" + proxy_url,
"https": "http" + proxy_url
}
Hello,
It seems that the proxy settings defined in
local/misp42splunk_settings.conf
are not used for a lot of the commands, it even throws errors for most of the search commands. There are some calls tohelper.get_proxy
in misp_common.py, however this is only defined for alert_actions_base.pyI was able to make proxy work in my enviroment by changing the proxy code in misp_common.py to the following: