Python triage_command Examples

Programming Language: Python

Namespace/Package Name: RecordedFuture

Method/Function: triage_command

Examples at hotexamples.com: 3

Python triage_command - 3 examples found. These are the top rated real world Python examples of RecordedFuture.triage_command extracted from open source projects. You can rate examples to help us improve the quality of examples.

Example #1

Show file

File: RecordedFuture_test.py Project: maunicmer/content

 def test_threat_assessment_empty(self) -> None:
     """Filters away empty entities"""
     context = "phishing"
     entities = {
         "ip": ["8.8.8.8", "1.1.1.1"],
         "domain": ["www.feddoctor.com"],
         "hash": [
             "fa964842244e752950fd4ed711759382a"
             "8950e13cc2794d6f73ab7eb9169e5ee"
         ],
         "url": ["https://sites.google.com/site/unblockingnotice/"],
         "vulnerability": ["CVE-2020-8813", "CVE-2011-3874"],
         "filter":
         "yes"
     }
     resp = triage_command(self.client, entities, context)
     context = resp[0].to_context()
     self.assertIsInstance(resp[0], CommandResults)
     self.assertFalse(context["Contents"]["verdict"])
     self.assertEqual("phishing", context["Contents"]["context"])
     scores = [
         e for e in context["Contents"]['Entities'] if e['score'] == 0
     ]
     self.assertEqual(len(scores), 0,
                      "Response contains entities with zero score")  # noqa

Example #2

Show file

File: RecordedFuture_test.py Project: AVAILOTECH/x2o-demisto-content

 def test_threat_assessment(self, m) -> None:
     m.register_uri('POST',
                    'https://api.recordedfuture.com/v2/soar'
                    '/triage/contexts/phishing',
                    text=json.dumps(TRIAGE))
     context = 'phishing'
     entities = {'ip': ['8.8.8.8', '1.1.1.1'],
                 'domain': ['www.feddoctor.com'],
                 'hash': ['fa964842244e752950fd4ed711759382a'
                          '8950e13cc2794d6f73ab7eb9169e5ee'],
                 'url': ['https://sites.google.com/site/unblockingnotice/'],
                 'vulnerability': ['CVE-2020-8813', 'CVE-2011-3874']}
     resp = triage_command(self.client, entities, context)
     self.assertIsInstance(resp[len(resp) - 1], CommandResults)
     self.assertFalse(resp[len(resp) - 1].to_context()['Contents']['verdict'])
     self.assertEqual('phishing', resp[len(resp) - 1].to_context()['Contents']['context'])

Example #3

Show file

 def test_threat_assessment(self) -> None:
     context = "phishing"
     entities = {
         "ip": ["8.8.8.8", "1.1.1.1"],
         "domain": ["www.feddoctor.com"],
         "hash": [
             "fa964842244e752950fd4ed711759382a"
             "8950e13cc2794d6f73ab7eb9169e5ee"
         ],
         "url": ["https://sites.google.com/site/unblockingnotice/"],
         "vulnerability": ["CVE-2020-8813", "CVE-2011-3874"],
     }
     # mocker.patch.object(DBotScore, 'get_integration_name', return_value='Recorded Future v2')
     resp = triage_command(self.client, entities, context)
     self.assertIsInstance(resp[0], CommandResults)
     self.assertFalse(resp[0].to_context()["Contents"]["verdict"])
     self.assertEqual("phishing", resp[0].to_context()["Contents"]["context"])