Proofpoint_tap.py script error

[Moorocks]

Hi there,

I'm running the script which is provided by you:
https://github.com/MISP/PyMISP/blob/main/examples/proofpoint_tap.py

Proofpoint and misp integration it is.

So i configured the api keys correctly in keys file and when i run the script, i get the below error:

i checked the proxy logs and could see that the traffic is being allowed.
I also checked the pp api key and it is working.
Could you please help with the issue?

[Rafiot]

None of us has access to Proofpoint so this is going to be difficult.

I'd recommend to check the event passed to add_event and check the content. Based on the error message the info field containing ['valueNotEmpty'] is weird and probably incorrect.

[goodlandsecurity]

@Moorocks please take a look at a recently updated proofpoint tap integration jupyter notebook available on my github.

i updated the code to contextualize the tap alerts a little better within misp events and also removed some unnecessary attributes from being added. i no longer have access to proofpoint, but reworked the code based on their provided example output from their API documentation.