Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat/additonal-info-sdk - TKT-864 #113

Merged
merged 2 commits into from
Sep 11, 2023
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions CHANGES
Original file line number Diff line number Diff line change
@@ -1,3 +1,7 @@
1.18.9
------
- Add additional info property to send phishing email.

1.18.8
------
- Fix is_available method.
Expand Down
2 changes: 1 addition & 1 deletion intezer_sdk/__init__.py
Original file line number Diff line number Diff line change
@@ -1 +1 @@
__version__ = '1.18.8'
__version__ = '1.18.9'
9 changes: 6 additions & 3 deletions intezer_sdk/alerts.py
Original file line number Diff line number Diff line change
Expand Up @@ -235,7 +235,8 @@ def send_phishing_email(cls,
alert_sender: Optional[str] = None,
wait: bool = False,
timeout: Optional[int] = None,
email_path: Optional[str] = None):
email_path: Optional[str] = None,
additional_info: Optional[dict] = None):
"""
Send an alert for further investigation using the Intezer Analyze API.
Should pass either raw_email or email_path.
Expand All @@ -248,6 +249,7 @@ def send_phishing_email(cls,
:param wait: Wait for the alert to finish processing before returning.
:param timeout: The timeout for the wait operation.
:param email_path: The path to the email file.
:param additional_info: Additional information to send with the alert.
:raises: :class:`requests.HTTPError` if the request failed for any reason.
:return: The Alert instance, initialized with the alert id. when the `wait` parameter is set to True, the
resulting alert object will be initialized with the alert triage data.
Expand All @@ -266,9 +268,10 @@ def send_phishing_email(cls,
file_name=cls._parse_alert_id_from_alert_stream(raw_email),
alert_source='phishing_emails',
environment=environment,
display_fields=','.join(['sender', 'received', 'subject', 'message_id', 'to']),
display_fields=','.join(['received_by', 'sender', 'received', 'subject', 'message_id', 'to']),
default_verdict=default_verdict,
alert_sender=alert_sender
alert_sender=alert_sender,
additional_info=json.dumps(additional_info) if additional_info else None
)

send_alert_params = {key: value for key, value in send_alert_params.items() if value is not None}
Expand Down