Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

update: octoxlabs integration #37676

Merged
merged 11 commits into from
Dec 31, 2024
Merged

update: octoxlabs integration #37676

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
69e10d1
initial: scroll
ogulcanhero Dec 13, 2024
f5280b5
add: new commands
ogulcanhero Dec 13, 2024
b03dc58
add: tests and fix docs and typo func names
ogulcanhero Dec 16, 2024
9b31ff6
fix: version number
ogulcanhero Dec 16, 2024
a9c703a
fix: pre-commit problems
ogulcanhero Dec 16, 2024
40c677e
add: new tests for coverage
ogulcanhero Dec 16, 2024
9c075c7
Merge branch 'contrib/ogulcanhero_octoxlabs' into octoxlabs
ogulcanhero Dec 17, 2024
358f06f
fix: yml file descriptions
ogulcanhero Dec 19, 2024
5fe2ea8
Merge branch 'octoxlabs' of github.com:ogulcanhero/content into octox…
ogulcanhero Dec 19, 2024
eba9efb
fix: yml file descriptions-2
ogulcanhero Dec 19, 2024
67b6c87
Merge branch 'contrib/ogulcanhero_octoxlabs' into octoxlabs
ahmetkotan Dec 19, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
176 changes: 175 additions & 1 deletion Packs/OctoxLabs/Integrations/OctoxLabs/OctoxLabs.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
from CommonServerPython import * # noqa # pylint: disable=unused-wildcard-import

Check failure on line 1 in Packs/OctoxLabs/Integrations/OctoxLabs/OctoxLabs.py

View workflow job for this annotation

GitHub Actions / pre-commit / pre-commit

XSOAR Linter E9010 

 : Some commands from yml file are not implemented in the python file, Please make sure that every command is implemented in your code. The commands that are not implemented are ['octoxlabs-search-user-inventory', 'octoxlabs-search-scroll-users']
from CommonServerUserPython import * # noqa

from octoxlabs import OctoxLabs
Expand All @@ -6,6 +6,8 @@
import urllib3
from typing import Any, Dict, List, Callable, Optional

# from Packs.Base.Scripts.CommonServerPython.CommonServerPython import CommandResults

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it necessary?

# Disable insecure warnings
urllib3.disable_warnings() # pylint: disable=no-member

Expand All @@ -28,7 +30,12 @@
"octoxlabs-get-discoveries": get_discoveries,
"octoxlabs-get-last-discovery": get_last_discovery,
"octoxlabs-search-devices": search_devices,
"octoxlabs-search-users-inventory": search_users_inventory,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This command is missing from the .yml file

"octoxlabs-search-applications": search_applications,
"octoxlabs-search-avm": search_avm,
"octoxlabs-get-device": get_device,
"octoxlabs-get-user-inventory-detail": get_user_inventory_detail,
"octoxlabs-get-application-detail": get_application_detail,
"octoxlabs-get-queries": get_queries,
"octoxlabs-get-query-by-id": get_query_by_id,
"octoxlabs-get-query-by-name": get_query_by_name,
Expand All @@ -43,6 +50,10 @@
"octoxlabs-get-user-by-username": get_user_by_username,
"octoxlabs-get-groups": get_groups,
"octoxlabs-get-permissions": get_permissions,
"octoxlabs-search-scroll-devices": search_scroll_devices,
"octoxlabs-search-scroll-users-inventory": search_scroll_users,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This command is missing from the .yml file

"octoxlabs-search-scroll-applications": search_scroll_applications,
"octoxlabs-search-scroll-avm": search_scroll_avm,
}
command_function: Optional[Callable] = commands.get(command_name, None)
if command_function:
Expand Down Expand Up @@ -507,6 +518,167 @@
)


def search_users_inventory(octox: OctoxLabs, args: Dict[str, Any]) -> CommandResults:
fields = args.get("fields", None)
if isinstance(fields, str):
fields = [f.strip() for f in fields.split(",")]

count, users = octox.search_users(
query=args.get("query", ""),
fields=fields,
page=args.get("page", 1),
size=args.get("size", 50),
discovery_id=args.get("discovery_id", None),
)

return CommandResults(
outputs_prefix="OctoxLabs.UsersInventory",
outputs={
"count": count,
"results": users,
},
)


def search_applications(octox: OctoxLabs, args: Dict[str, Any]) -> CommandResults:
fields = args.get("fields", None)
if isinstance(fields, str):
fields = [f.strip() for f in fields.split(",")]

count, applications = octox.search_applications(
query=args.get("query", ""),
fields=fields,
page=args.get("page", 1),
size=args.get("size", 50),
discovery_id=args.get("discovery_id", None),
)

return CommandResults(
outputs_prefix="OctoxLabs.Applications",
outputs={
"count": count,
"results": applications,
},
)


def search_avm(octox: OctoxLabs, args: Dict[str, Any]) -> CommandResults:
count, avm = octox.search_avm(
query=args.get("query", ""),
page=args.get("page", 1),
size=args.get("size", 50),
discovery_id=args.get("discovery_id", None),
)

return CommandResults(
outputs_prefix="OctoxLabs.AVM",
outputs={
"count": count,
"results": avm,
},
)


def get_user_inventory_detail(octox: OctoxLabs, args: Dict[str, Any]) -> CommandResults:
user = octox.get_user_inventory_detail(
username=args.get("username"), discovery_id=args.get("discovery_id", None)
)
return CommandResults(outputs_prefix="OctoxLabs.UserInv", outputs=user)


def get_application_detail(octox: OctoxLabs, args: Dict[str, Any]) -> CommandResults:
application = octox.get_application_detail(
application_id=args.get("application_id"),
discovery_id=args.get("discovery_id", None),
)
return CommandResults(outputs_prefix="OctoxLabs.Application", outputs=application)


def search_scroll_devices(octox: OctoxLabs, args: Dict[str, Any]) -> CommandResults:
fields = args.get("fields", None)
if isinstance(fields, str):
fields = [f.strip() for f in fields.split(",")]

count, scroll_id, devices = octox.search_scroll_devices(
query=args.get("query", ""),
fields=fields,
scroll_id=args.get("scroll_id", None),
size=args.get("size", 50),
discovery_id=args.get("discovery_id", None),
)

return CommandResults(
outputs_prefix="OctoxLabs.ScrolledDevices",
outputs={
"count": count,
"scroll_id": scroll_id,
"results": devices,
},
)


def search_scroll_users(octox: OctoxLabs, args: Dict[str, Any]) -> CommandResults:
fields = args.get("fields", None)
if isinstance(fields, str):
fields = [f.strip() for f in fields.split(",")]

count, scroll_id, users = octox.search_scroll_users(
query=args.get("query", ""),
fields=fields,
scroll_id=args.get("scroll_id", None),
size=args.get("size", 50),
discovery_id=args.get("discovery_id", None),
)

return CommandResults(
outputs_prefix="OctoxLabs.ScrolledUsers",
outputs={
"count": count,
"scroll_id": scroll_id,
"results": users,
},
)


def search_scroll_applications(octox: OctoxLabs, args: Dict[str, Any]) -> CommandResults:
fields = args.get("fields", None)
if isinstance(fields, str):
fields = [f.strip() for f in fields.split(",")]

count, scroll_id, applications = octox.search_scroll_applications(
query=args.get("query", ""),
fields=fields,
scroll_id=args.get("scroll_id", None),
size=args.get("size", 50),
discovery_id=args.get("discovery_id", None),
)

return CommandResults(
outputs_prefix="OctoxLabs.ScrolledApplications",
outputs={
"count": count,
"scroll_id": scroll_id,
"results": applications,
},
)

def search_scroll_avm(octox: OctoxLabs, args: Dict[str, Any]) -> CommandResults:
count, scroll_id, avm = octox.search_scroll_avm(
query=args.get("query", ""),
scroll_id=args.get("scroll_id", None),
size=args.get("size", 50),
discovery_id=args.get("discovery_id", None),
)

return CommandResults(
outputs_prefix="OctoxLabs.ScrolledAVM",
outputs={
"count": count,
"scroll_id": scroll_id,
"results": avm,
},
)

""" MAIN FUNCTION """


Expand All @@ -518,10 +690,12 @@
"""
ip = demisto.params().get("octox_ip")
token = demisto.params().get("octox_token", {"password": ""}).get("password")
https_proxy = demisto.params().get("https_proxy", None)
no_verify = demisto.params().get("no_verify", True)

demisto.debug(f"Command being called is {demisto.command()}")
try:
octox = OctoxLabs(ip=ip, token=token)
octox = OctoxLabs(ip=ip, token=token, https_proxy=https_proxy, no_verify=no_verify)
return_results(
run_command(
octox=octox, command_name=demisto.command(), args=demisto.args()
Expand Down
Loading
Loading