The current behaviour around caching and reporting of caching operations could be improved. The code currently allows for downloading of MISP data in one go, and then repeated use of that data, and this has been useful for development. But it is confusing for new users or when coming back to use the tool. For consideration:

• The code reports that it is retrieving from the cache or from the server incorrectly
• The ability to read data either from the server or from the cache
• The ability to read data from the cache and then augment with newer data from the server
• It would be preferable to not lose data already in the cache where possible
• The events fetch is quick (order 30s) in comparison to the attributes fetch (order 90m)
• Currently errors are handled different between events and attributes (due to fetch times)

While it would be nice to have a process that could fail and then be restarted, of more interest is being able to periodically augment the cached data with newer data from the server.

The improve-caching branch contains a number of commits which improve the caching behaviour and adjust command-line options for more flexibility around caching and querying the server.