def sync(self, access_token):
count = Policy.objects.count()
zone = requests.get(
'https://protectapi-au.cylance.com/zones/v2?page=1&page_size=100',
headers={
'Accept': 'application/json',
'Authorization': 'Bearer ' + access_token,
})
for row in zone.json()['page_items']:
tenant = Tenant.objects.first()
for re in range(count):
if row['policy_id'] == Policy.objects.all()[re].po_num:
policy = Policy.objects.all()[re].id
Zone.objects.update_or_create(
tenant_id=tenant.pk,
zo_num=row["id"],
name=row["name"],
criticality=row["criticality"],
update_type=row["update_type"],
zone_rule_id=row["zone_rule_id"],
policy_id=policy,
date_created=iso_to_datetime(row["date_created"]),
date_modified=iso_to_datetime(row["date_modified"]))
return True
def sync(self, access_token):
policy = requests.get(
'https://protectapi-au.cylance.com/policies/v2?page=1&page_size=100',
headers={
'Accept': 'application/json',
'Authorization': 'Bearer ' + access_token,
})
for row in policy.json()['page_items']:
tenant = Tenant.objects.first()
Policy.objects.update_or_create(
defaults={
"po_num": row["id"],
},
tenant_id=tenant.pk,
po_num=row['id'],
name=row["name"],
device_count=row["device_count"],
zone_count=row["zone_count"],
date_added=iso_to_datetime(row["date_added"]),
date_modified=iso_to_datetime(row["date_modified"]),
)
return True
def sync(self, access_token):
threat = requests.get('https://protectapi-au.cylance.com/threats/v2?page=1&page_size=200', headers={
'Accept': 'application/json',
'Authorization': 'Bearer ' + access_token,
})
for re in range(threat.json()['total_pages']):
threat = requests.get('https://protectapi-au.cylance.com/threats/v2?page={0}&page_size=200'.format(re+1), headers={
'Accept': 'application/json',
'Authorization': 'Bearer ' + access_token,
})
for row in threat.json()['page_items']:
tenant = Tenant.objects.first()
Threat.objects.update_or_create(
name=row["name"],
sha256=row["sha256"],
md5=row["md5"],
cylance_score=row["cylance_score"],
av_industry=row["av_industry"],
classification=row["classification"],
sub_classification = row["sub_classification"],
Global_Quarantined = row["global_quarantined"],
safelisted = row["safelisted"],
file_size = row["file_size"],
unique_to_cylance = row["unique_to_cylance"],
last_found=iso_to_datetime(row["last_found"]),
tenant_id=tenant.pk
)
for device in Device.objects.all():
threat_device = requests.get(
'https://protectapi-au.cylance.com/devices/v2/{0}/threats?page=1&page_size=200'.format(device.de_num),
headers={
'Accept': 'application/json',
'Authorization': 'Bearer ' + access_token, })
for i in range(threat_device.json()['total_number_of_items']):
for row in threat_device.json()['page_items']:
if Threat.objects.filter(sha256=row['sha256']).exists():
threat = Threat.objects.filter(sha256=row['sha256']).first()
ThreatDevices.objects.update_or_create(
datetime = iso_to_datetime(row['date_found']),
path = row['file_path'],
file_status = row['file_status'],
device = device,
threat = threat
)
return True
def sync(self, access_token):
for page in range(2):
globalist = requests.get(
'https://protectapi-au.cylance.com/globallists/v2?listTypeId={0}&page=7&page_size=200'
.format(page),
headers={
'Accept': 'application/json',
'Authorization': 'Bearer ' + access_token,
})
for re in range(globalist.json()['total_pages']):
globalist = requests.get(
'https://protectapi-au.cylance.com/globallists/v2?listTypeId={1}&page={0}&page_size=200'
.format(re + 1, page),
headers={
'Accept': 'application/json',
'Authorization': 'Bearer ' + access_token,
})
for row in globalist.json()['page_items']:
tenant = Tenant.objects.first()
if Threat.objects.filter(sha256=row["sha256"]).exists():
threat = Threat.objects.get(sha256=row["sha256"])
else:
threat = None
GlobalList.objects.update_or_create(
threat=threat,
tenant_id=tenant.pk,
name=row["name"],
sha256=row["sha256"],
md5=row["md5"],
cylance_score=row["cylance_score"],
av_industry=row["av_industry"],
classification=row["classification"],
sub_classification=row["sub_classification"],
list_type=row["list_type"],
category=row["category"],
added=iso_to_datetime(row["added"]),
added_by=row["added_by"],
reason=row["reason"])
return True
def sync(self, access_token):
device = requests.get(
'https://protectapi-au.cylance.com/devices/v2?page=1&page_size=100',
headers={
'Accept': 'application/json',
'Authorization': 'Bearer ' + access_token,
})
for row in device.json()['page_items']:
tenant = Tenant.objects.first()
if Policy.objects.filter(po_num=row['policy']['id']).exists():
policy = Policy.objects.filter(
po_num=row['policy']['id']).first()
Device.objects.update_or_create(
policy=policy,
tenant_id=tenant.pk,
de_num=row['id'],
name=row["name"],
state=row["state"],
agent_version=row["agent_version"],
date_first_registered=iso_to_datetime(
row["date_first_registered"]),
ip_addresses=row["ip_addresses"],
mac_addresses=row["mac_addresses"])
for zone in Zone.objects.all():
device_zone = requests.get(
'https://protectapi-au.cylance.com/devices/v2/{0}/devices?page=1&page_size=200'
.format(zone.zo_num),
headers={
'Accept': 'application/json',
'Authorization': 'Bearer ' + access_token,
})
for i in range(device_zone.json()['total_number_of_items']):
for row in device_zone.json()['page_items']:
if Device.objects.filter(de_num=row['id']).exists():
device = Device.objects.filter(
de_num=row['id']).first()
zone.device.add(device)
return True