Python TheHiveApi._TheHiveApi__find_rows Examples

Programming Language: Python

Namespace/Package Name: thehive4py.api

Class/Type: TheHiveApi

Method/Function: _TheHiveApi__find_rows

Examples at hotexamples.com: 2

Python TheHiveApi._TheHiveApi__find_rows - 2 examples found. These are the top rated real world Python examples of thehive4py.api.TheHiveApi._TheHiveApi__find_rows extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

TheHiveApi(30)

create_alert(25)

create_case_observable(19)

find_cases(16)

get_alert(16)

get_case_observables(13)

get_case_tasks(9)

get_case(8)

promote_alert_to_case(7)

case(5)

run_analyzer(5)

create_task_log(5)

get_task_logs(5)

get_case_task(5)

create_case_task(4)

mark_alert_as_read(4)

find_alerts(4)

get_task_log(4)

get_linked_cases(4)

update_case_observables(3)

mark_alert_as_unread(3)

update_case_task(3)

find_first(3)

create_alert_artifact(2)

_TheHiveApi__find_rows(2)

find_tasks(2)

get_case_template(2)

__init__(2)

delete_alert_artifact(2)

create_case(2)

get_current_user(1)

find_case_templates(1)

health(1)

do_patch(1)

create_custom_field(1)

_check_if_custom_field_exists(1)

update_case(1)

get_case_observable(1)

Example #1

Show file

SMTP_SERVER = 'server.example.com'
SMTP_DEFAULT_SEND_FROM = '*****@*****.**'
SMTP_DEFAULT_SEND_TO = [
    '*****@*****.**',
]  # needs to be a list, even if single address
HOST_LOOKUP_ENABLED = True
PATH_TO_HOST_CSV = r'C:\Users\user\Desktop\example.csv'

# pre-populate a dictionary of user names, as only the user ID is present in case
# json. '_TheHiveApi__find_rows' is a way to access the __find_rows private method
# within the TheHiveApi class.
# See https://stackoverflow.com/questions/9145499/calling-private-function-within-the-same-class-python
# and https://www.geeksforgeeks.org/name-mangling-in-python/ for additional details
USER_DICT = {
    item['id']: item['name']
    for item in API._TheHiveApi__find_rows('/api/user/_search').json()
}

# define fields to be extracted from json response, as well as any post-processing
# desired for output formatting, all of which occur in by customParseJson()
CASE_FIELDS_TO_PARSE = [
    {
        'jsonField': 'serviceNowTicketNumber',
        'displayName': 'SNOW Ticket #(s)',
        'isCustom': True,
        'postProcessing': None,
        'functionOnPostProcessingException': None,
        'valueOnPostProcessingException': None,
    },
    {
        'jsonField': 'title',

Example #2

Show file

from thehive4py.query import *
from pymemcache.client.base import Client

memcached_host = parser.get('memcached', 'host')
memcached_port = int(parser.get('memcached', 'port'))
memcached_agetime = int(parser.get('memcached', 'agetime'))
memcached_sleeptime = int(parser.get('memcached', 'sleeptime'))
memcached = Client((memcached_host, memcached_port))

hive_url = parser.get('hive', 'url')
hive_key = parser.get('hive', 'apikey')

api = TheHiveApi(hive_url, hive_key)

ioc_query = {"ioc": "true"}
response = api._TheHiveApi__find_rows('/api/case/artifact/_search?nparent=1',
                                      query=ioc_query)


def getObservables():
    if response.status_code == 200:
        #print(json.dumps(response.json(), indent=4, sort_keys=True))
        jsondata = response.json()
        for i in jsondata:
            case_id = str(i['case']['_id'])
            case_title = i['case']['title']
            observable_value = i['data']
            observable_type = i['dataType']
            # Memcached
            if observable_value != "":
                memcached_key = observable_type + '-' + observable_value
                memcached.set(memcached_key, case_id, memcached_agetime)