-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathSiemplifyJob.py
156 lines (132 loc) · 6.89 KB
/
SiemplifyJob.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
import sys
import json
from Siemplify import Siemplify
from SiemplifyUtils import extract_script_param, is_python_37, is_str_instance
import SiemplifyUtils
import SiemplifyVaultUtils
class SiemplifyJob(Siemplify):
def __init__(self):
super(SiemplifyJob, self).__init__()
if is_python_37():
raw_context_data = sys.stdin.buffer.read()
else:
raw_context_data = sys.stdin.read()
context_data = json.loads(raw_context_data.decode("utf-8-sig"))
self.parameters = self._fix_parameters(context_data['parameters'])
self.unique_identifier = context_data.get('unique_identifier')
self.use_proxy_settings = context_data.get('use_proxy_settings', False)
self.vault_settings = context_data.get('vault_settings', None)
if self.use_proxy_settings:
self.init_proxy_settings()
def get_configuration(self, provider, environment=None, integration_instance=None):
"""
Get integration configuration
:param provider: {string} integration name (e.g. "VirusTotal")
:param environment: {string} configuration for specific environment or 'all'
:param integration_instance: {string} the identifier of the integration instance.
:return: {dict} configuration details
"""
return super(SiemplifyJob, self).get_configuration(provider, environment, integration_instance)
def get_system_info(self,start_time_unixtime_ms):
return super(SiemplifyJob, self).get_system_info(start_time_unixtime_ms)
def get_job_context_property(self, identifier, property_key):
return super(SiemplifyJob, self).get_context_property(3, identifier, property_key)
def set_job_context_property(self, identifier, property_key, property_value):
return super(SiemplifyJob, self).set_context_property(3, identifier, property_key,property_value)
def get_scoped_job_context_property(self, property_key):
"""
Get scoped job context property, uses the unique identifier of a job
:param property_key: {string} key of the context property of the job
:return: value of a specific key
"""
return self.get_job_context_property(self.unique_identifier, property_key)
def set_scoped_job_context_property(self, property_key, property_value):
"""
Set scoped job context property, uses the unique identifier of a job
:param property_key: {string} key of the context property of the job
:param property_value: {string} value of the context property of the job
:return:
"""
return self.set_job_context_property(self.unique_identifier, property_key, property_value)
def save_publisher_logs(self, records):
"""
Save publisher log records
:param records: {list} records to be saved
:return:
"""
address = "{0}/{1}".format(self.API_ROOT, "external/v1/sdk/AddAgentLogs?format=snake")
response = self.session.post(address, json=records)
self.validate_siemplify_error(response)
@property
def log_location(self):
return "SDK_Jobs"
def get_failed_actions(self, number_of_hours):
"""
Get all the etl jobs that had failed in the last hours
:return: {dict} failed jobs
"""
address = "{0}/{1}/{2}{3}".format(self.API_ROOT, "external/v1/sdk/GetFailedActions", number_of_hours, "?format=snake")
response = self.session.get(address)
self.validate_siemplify_error(response)
return response.json()
def get_failed_etljobs(self, number_of_hours):
"""
Get all the etl jobs that had failed in the last hours
:return: {dict} failed jobs
"""
address = "{0}/{1}/{2}{3}".format(self.API_ROOT, "external/v1/sdk/GetFailedETLOperations", number_of_hours, "?format=snake")
response = self.session.get(address)
self.validate_siemplify_error(response)
return response.json()
def get_faulted_jobs(self, number_of_hours):
"""
Get all the jobs that had failed in the last hours
:return: {dict} failed jobs
"""
address = "{0}/{1}/{2}{3}".format(self.API_ROOT, "external/v1/sdk/GetFailedJobs", number_of_hours, "?format=snake")
response = self.session.get(address)
self.validate_siemplify_error(response)
return response.json()
def get_faulted_connectors(self, start_unix_time, end_unix_time):
"""
Get all the connectors that had failed in the last hours
:return: {dict} failed connectors
"""
request = {
"start_unix_time": start_unix_time,
"end_unix_time": end_unix_time,
}
address = "{0}/{1}/{2}".format(self.API_ROOT, "external/v1/sdk/GetFailedConnectors", "?format=snake")
response = self.session.post(address, json=request)
self.validate_siemplify_error(response)
return response.json()
def send_mail(self, subject, message, recipients, attachment_file_name, attachment_content):
request = {
"subject": subject,
"message": message,
"recipients": recipients,
"attachment_file_name": attachment_file_name,
"attachment_content": attachment_content,
}
address = "{0}/{1}/{2}".format(self.API_ROOT, "external/v1/sdk/SendEmailWithAttachment", "?format=snake")
response = self.session.post(address, json=request)
self.validate_siemplify_error(response)
def extract_job_param(self, param_name, default_value=None, input_type=str, is_mandatory=False, print_value=False):
script_param = extract_script_param(siemplify=self,
input_dictionary=self.parameters,
param_name=param_name,
default_value=default_value,
input_type=input_type,
is_mandatory=is_mandatory,
print_value=print_value)
if not self.vault_settings:
return script_param
return SiemplifyVaultUtils.extract_vault_param(script_param, self.vault_settings)
def save_timestamp(self, datetime_format=False, timezone=False, new_timestamp=SiemplifyUtils.unix_now()):
return super(SiemplifyJob, self).save_timestamp(datetime_format, timezone, new_timestamp, 3, self.script_name)
def fetch_timestamp(self, datetime_format=False, timezone=False):
return super(SiemplifyJob, self).fetch_timestamp(datetime_format, timezone,3, self.script_name)
def fetch_and_save_timestamp(self,datetime_format=False, timezone=False, new_timestamp=SiemplifyUtils.unix_now()):
last_run_time = self.fetch_timestamp(datetime_format, timezone)
self.save_timestamp(datetime_format, timezone, new_timestamp)
return last_run_time