Skip to content

Commit

Permalink
Merge pull request #248 from intelowlproject/develop
Browse files Browse the repository at this point in the history
5.0.0
  • Loading branch information
mlodic authored May 8, 2024
2 parents d8df8ec + 6c32281 commit 1a5ff68
Show file tree
Hide file tree
Showing 7 changed files with 32 additions and 62 deletions.
3 changes: 3 additions & 0 deletions .github/CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,8 @@
# Changelog

## [5.0.0](https://github.com/intelowlproject/pyintelowl/releases/tag/5.0.0)
- Fixes for Playbook Analysis

## [4.4.7](https://github.com/intelowlproject/pyintelowl/releases/tag/4.4.7)
- Fixed Running Playbook without TLP set

Expand Down
2 changes: 1 addition & 1 deletion docs/conf.py
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
import os
import sys

VERSION = "4.4.7"
VERSION = "5.0.0"
GITHUB_URL = "https://github.com/intelowlproject/pyintelowl"

sys.path.append(os.path.abspath("../"))
Expand Down
2 changes: 1 addition & 1 deletion pyintelowl/cli/_jobs_utils.py
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@ def _render_job_reports_table(rows, title: str, verbose=False):
]
if verbose:
for field in ["report", "errors", "runtime_configuration"]:
cols.append(get_json_syntax(el[field]) if el[field] else None)
cols.append(get_json_syntax(el[field]) if el.get(field, "") else None)
table.add_row(*cols)
return table

Expand Down
37 changes: 10 additions & 27 deletions pyintelowl/cli/analyse.py
Original file line number Diff line number Diff line change
Expand Up @@ -80,19 +80,8 @@
# doing it twice to remove --analyzers-list and --connectors-list
__playbook_analyse_options.pop(0)
__playbook_analyse_options.pop(0)

__playbook_analyse_options.append(
click.option(
"-pl",
"--playbooks-list",
type=str,
default="",
help="""
Comma separated list of playbook names to invoke.
Defaults to all configured playbooks.
""",
),
)
__playbook_analyse_options.pop(3)
__playbook_analyse_options.pop(2)


@click.group("analyse")
Expand Down Expand Up @@ -184,57 +173,53 @@ def file(

@analyse.command(help="Send playbook analysis request for an observable")
@click.argument("value")
@click.argument("playbook")
@add_options(__playbook_analyse_options)
@click.pass_context
def playbook_observable(
ctx: ClickContext,
value: str,
playbooks_list: str,
playbook: str,
tags_list: str,
tlp: str,
check,
check_minutes_ago: int,
runtime_config,
should_poll: bool,
):
playbooks_list = playbooks_list.split(",") if len(playbooks_list) else []
tags_labels = tags_list.split(",") if len(tags_list) else []
if runtime_config:
runtime_config = get_json_data(runtime_config)
else:
runtime_config = {}
try:
print("here")
ctx.obj._new_analysis_playbook_cli(
value,
"observable",
check,
playbook,
tlp,
playbooks_list,
runtime_config,
tags_labels,
should_poll,
check_minutes_ago,
)
print("here3")
except IntelOwlClientException as e:
ctx.obj.logger.fatal(str(e))


@analyse.command(help="Send playbook analysis request for an observable")
@click.argument("filepath", type=click.Path(exists=True, resolve_path=True))
@click.argument("playbook")
@add_options(__playbook_analyse_options)
@click.pass_context
def playbook_file(
ctx: ClickContext,
filepath: str,
playbooks_list: str,
playbook: str,
tags_list: str,
tlp: str,
check,
check_minutes_ago: int,
runtime_config,
should_poll: bool,
):
playbooks_list = playbooks_list.split(",") if len(playbooks_list) else []
tags_labels = tags_list.split(",") if len(tags_list) else []
if runtime_config:
runtime_config = get_json_data(runtime_config)
Expand All @@ -244,13 +229,11 @@ def playbook_file(
ctx.obj._new_analysis_playbook_cli(
filepath,
"file",
check,
playbook,
tlp,
playbooks_list,
runtime_config,
tags_labels,
should_poll,
check_minutes_ago,
)
except IntelOwlClientException as e:
ctx.obj.logger.fatal(str(e))
Expand Down
40 changes: 12 additions & 28 deletions pyintelowl/pyintelowl.py
Original file line number Diff line number Diff line change
Expand Up @@ -213,8 +213,8 @@ def send_file_analysis_playbook_request(
self,
filename: str,
binary: bytes,
tlp: TLPType = None,
playbooks_requested: List[str] = None,
playbook_requested: str,
tlp: TLPType = "CLEAR",
runtime_configuration: Dict = None,
tags_labels: List[str] = None,
) -> Dict:
Expand All @@ -227,9 +227,7 @@ def send_file_analysis_playbook_request(
Filename
binary (bytes):
File contents as bytes
playbooks_requested (List[str], optional):
List of specific playbooks to invoke.
Defaults to ``[]`` i.e. all playbooks.
playbook_requested (str, optional):
tlp (str, optional):
TLP for the analysis.
(options: ``WHITE, GREEN, AMBER, RED``).
Expand All @@ -245,14 +243,12 @@ def send_file_analysis_playbook_request(
Dict: JSON body
"""
try:
if not playbooks_requested:
playbooks_requested = []
if not tags_labels:
tags_labels = []
if not runtime_configuration:
runtime_configuration = {}
data = {
"playbooks_requested": playbooks_requested,
"playbook_requested": playbook_requested,
"tags_labels": tags_labels,
}
# send this value only if populated,
Expand Down Expand Up @@ -357,8 +353,8 @@ def send_observable_analysis_request(
def send_observable_analysis_playbook_request(
self,
observable_name: str,
tlp: TLPType = None,
playbooks_requested: List[str] = None,
playbook_requested: str,
tlp: TLPType = "CLEAR",
runtime_configuration: Dict = None,
tags_labels: List[str] = None,
observable_classification: str = None,
Expand All @@ -369,9 +365,7 @@ def send_observable_analysis_playbook_request(
Args:
observable_name (str):
Observable value
playbooks_requested (List[str], optional):
List of specific playbooks to invoke.
Defaults to ``[]`` i.e. all playbooks.
playbook_requested str:
tlp (str, optional):
TLP for the analysis.
(options: ``WHITE, GREEN, AMBER, RED``).
Expand All @@ -392,8 +386,6 @@ def send_observable_analysis_playbook_request(
Dict: JSON body
"""
try:
if not playbooks_requested:
playbooks_requested = []
if not tags_labels:
tags_labels = []
if not runtime_configuration:
Expand All @@ -415,7 +407,7 @@ def send_observable_analysis_playbook_request(
)
data = {
"observables": [[observable_classification, observable_name]],
"playbooks_requested": playbooks_requested,
"playbook_requested": playbook_requested,
"tags_labels": tags_labels,
"runtime_configuration": runtime_configuration,
}
Expand Down Expand Up @@ -777,32 +769,24 @@ def _new_analysis_playbook_cli(
self,
obj: str,
type_: str,
check,
playbook: str,
tlp: TLPType = None,
playbooks_list: List[str] = None,
runtime_configuration: Dict = None,
tags_labels: List[str] = None,
should_poll: bool = False,
minutes_ago: int = None,
) -> None:
"""
For internal use by the pyintelowl CLI.
"""
if not playbooks_list:
playbooks_list = []
if not runtime_configuration:
runtime_configuration = {}
if not tags_labels:
tags_labels = []

if len(playbooks_list) == 0:
print(("No Playbooks selected!\n"))
return

self.logger.info(
f"""Requesting analysis..
{type_}: [blue]{obj}[/]
playbooks: [i green]{playbooks_list}[/]
playbook: [i green]{playbook}[/]
tags: [i green]{tags_labels}[/]
"""
)
Expand All @@ -811,8 +795,8 @@ def _new_analysis_playbook_cli(
if type_ == "observable":
resp = self.send_observable_analysis_playbook_request(
observable_name=obj,
playbook_requested=playbook,
tlp=tlp,
playbooks_requested=playbooks_list,
runtime_configuration=runtime_configuration,
tags_labels=tags_labels,
)
Expand All @@ -821,8 +805,8 @@ def _new_analysis_playbook_cli(
resp = self.send_file_analysis_playbook_request(
filename=path.name,
binary=path.read_bytes(),
playbook_requested=playbook,
tlp=tlp,
playbooks_requested=playbooks_list,
runtime_configuration=runtime_configuration,
tags_labels=tags_labels,
)
Expand Down
2 changes: 1 addition & 1 deletion pyintelowl/version.py
Original file line number Diff line number Diff line change
@@ -1 +1 @@
__version__ = "4.4.7"
__version__ = "5.0.0"
8 changes: 4 additions & 4 deletions tests/test_general.py
Original file line number Diff line number Diff line change
Expand Up @@ -185,10 +185,10 @@ def test_send_file_analysis_request_failure(self, mocked_requests):
def test_send_observable_playbook_analysis_request(self, mocked_requests):
observable_name = self.domain
runtime_config = {"test_key": "test_param"}
playbooks_requested = ["TEST_PLAYBOOK"]
playbook_requested = "TEST_PLAYBOOK"
result = self.client.send_observable_analysis_playbook_request(
observable_name,
playbooks_requested=playbooks_requested,
playbook_requested=playbook_requested,
runtime_configuration=runtime_config,
)

Expand All @@ -202,14 +202,14 @@ def test_send_observable_playbook_analysis_request(self, mocked_requests):
)
)
def test_send_file_playbook_analysis_request(self, mocked_requests):
playbooks_requested = ["TEST_PLAYBOOK"]
playbook_requested = "TEST_PLAYBOOK"
filename = self.filepath
binary = get_file_data(self.filepath)
runtime_config = {"test_key": "test_param"}
result = self.client.send_file_analysis_playbook_request(
filename,
binary,
playbooks_requested=playbooks_requested,
playbook_requested=playbook_requested,
runtime_configuration=runtime_config,
)

Expand Down

0 comments on commit 1a5ff68

Please sign in to comment.