def test_create_lookup_key_index_preserves_structure(self): engine_config = SenderConfigSSL( address=(self.server, self.port), key=self.key, cert=self.cert, chain=self.chain, check_hostname=False, verify_mode=CERT_NONE, ) con = Sender(engine_config) lookup = Lookup(name=self.lookup_name, con=con) headers = ["col1", "col2", "col3"] fields = ["a", "b", "c"] expected_headers = '[{"col1":{"type":"str","key":true}},{"col2":{"type":"str"}},{"col3":{"type":"str"}}]' with mock.patch.object(lookup, "send_control", wraps=lookup.send_control) as lookup_spy: lookup.send_headers(headers=headers, key_index=0, event="START", action="FULL") lookup_spy.assert_called_with(action="FULL", event="START", headers=expected_headers) lookup.send_data_line(key_index=0, fields=fields) lookup.send_headers(headers=headers, key_index=0, event="END", action="FULL") lookup_spy.assert_called_with(action="FULL", event="END", headers=expected_headers) con.socket.shutdown(0)
def test_ssl_lookup_simplify(self): engine_config = SenderConfigSSL( address=(self.server, self.port), key=self.key, cert=self.cert, chain=self.chain, check_hostname=False, verify_mode=CERT_NONE, ) con = Sender(engine_config) lookup = Lookup(name=self.lookup_name, historic_tag=None, con=con) lookup.send_headers(headers=["KEY", "HEX", "COLOR"], key="KEY", action="START") if len(con.socket.recv(1000)) == 0: raise Exception("Not msg sent!") lookup.send_data_line(key="11", fields=["11", "HEX12", "COLOR12"]) if len(con.socket.recv(1000)) == 0: raise Exception("Not msg sent!") lookup.send_headers(headers=["KEY", "HEX", "COLOR"], key="KEY", action="END") if len(con.socket.recv(1000)) == 0: raise Exception("Not msg sent!") con.socket.shutdown(0)
def test_ssl_lookup_override(self): engine_config = SenderConfigSSL(address=(self.server, self.port), key=self.key, cert=self.cert, chain=self.chain) con = Sender(engine_config) lookup = Lookup(name=self.lookup_name, historic_tag=None, con=con) p_headers = Lookup.list_to_headers(['KEY', 'HEX', 'COLOR'], 'KEY') lookup.send_control('START', p_headers, 'FULL') lookup.send_data_line(key="11", fields=["11", "HEX12", "COLOR12"]) lookup.send_control('END', p_headers, 'FULL') con.socket.shutdown(0)
def test_ssl_lookup_simplify(self): engine_config = SenderConfigSSL(address=(self.server, self.port), key=self.key, cert=self.cert, chain=self.chain) con = Sender(engine_config) lookup = Lookup(name=self.lookup_name, historic_tag=None, con=con) lookup.send_headers(headers=['KEY', 'HEX', 'COLOR'], key='KEY', action='START') lookup.send_data_line(key="11", fields=["11", "HEX12", "COLOR12"]) lookup.send_headers(headers=['KEY', 'HEX', 'COLOR'], key='KEY', action='END') con.socket.shutdown(0)
def test_escape_quotes_in_send_data_line(self): engine_config = SenderConfigSSL( address=(self.server, self.port), key=self.key, cert=self.cert, ) con = Sender(engine_config) lookup = Lookup(name=self.lookup_name, historic_tag=None, con=con, escape_quotes=True) with mock.patch.object(Lookup, 'clean_field', wraps=Lookup.clean_field) as clean_field: lookup.send_data_line(fields=["11", 'Double quotes"']) clean_field.assert_called_with('Double quotes"', True)
def write_to_lookup_table_command(): lookup_table_name = demisto.args()['lookupTableName'] headers = check_type(demisto.args()['headers'], list) records = check_type(demisto.args()['records'], list) creds = get_writer_creds() engine_config = SenderConfigSSL(address=(WRITER_RELAY, 443), key=creds['key'].name, cert=creds['crt'].name, chain=creds['chain'].name) try: con = Sender(config=engine_config, timeout=60) lookup = Lookup(name=lookup_table_name, historic_tag=None, con=con) # Order sensitive list pHeaders = json.dumps(headers) lookup.send_control('START', pHeaders, 'INC') for r in records: lookup.send_data_line(key=r['key'], fields=r['values']) lookup.send_control('END', pHeaders, 'INC') finally: con.flush_buffer() con.socket.shutdown(0) entry = { 'Type': entryTypes['note'], 'Contents': { 'recordsWritten': records }, 'ContentsFormat': formats['json'], 'ReadableContentsFormat': formats['markdown'], 'EntryContext': { 'Devo.RecordsWritten': records } } md = tableToMarkdown('Entries to load into Devo', records) entry['HumanReadable'] = md return [entry]
def test_ssl_lookup_new_line(self): engine_config = SenderConfigSSL(address=(self.server, self.port), key=self.key, cert=self.cert, chain=self.chain) con = Sender(engine_config) lookup = Lookup(name=self.lookup_name, historic_tag=None, con=con) p_headers = Lookup.list_to_headers(['KEY', 'HEX', 'COLOR'], 'KEY') lookup.send_control('START', p_headers, 'INC') if len(con.socket.recv(1000)) == 0: raise Exception('Not msg sent!') lookup.send_data_line(key="11", fields=["11", "HEX12", "COLOR12"]) if len(con.socket.recv(1000)) == 0: raise Exception('Not msg sent!') lookup.send_control('END', p_headers, 'INC') if len(con.socket.recv(1000)) == 0: raise Exception('Not msg sent!') con.socket.shutdown(0)
import os from devo.sender import Sender, SenderConfigSSL, Lookup server = "us.elb.relay.logtrust.net" port = 443 key = os.getenv('DEVO_SENDER_KEY') cert = os.getenv('DEVO_SENDER_CERT') chain = os.getenv('DEVO_SENDER_CHAIN') lookup_name = 'Test_Lookup_Line_By_Line' engine_config = SenderConfigSSL(address=(server, port), key=key, cert=cert, chain=chain) con = Sender(engine_config) lookup = Lookup(name=lookup_name, historic_tag=None, con=con) p_headers = Lookup.list_to_headers(['KEY', 'HEX', 'COLOR'], 'KEY') lookup.send_control('START', p_headers, 'FULL') lookup.send_data_line(key="11", fields=["11", "HEX11", "COLOR11"]) lookup.send_data_line(key="22", fields=["22", "HEX22", "COLOR22"]) lookup.send_data_line(key="33", fields=["33", "HEX33", "COLOR33"]) lookup.send_control('END', p_headers, 'FULL') con.close()
import os from devo.sender import Sender, SenderConfigSSL, Lookup server = "us.elb.relay.logtrust.net" port = 443 key = os.getenv('DEVO_SENDER_KEY') cert = os.getenv('DEVO_SENDER_CERT') chain = os.getenv('DEVO_SENDER_CHAIN') lookup_name = 'Test_Lookup_Line_By_Line' engine_config = SenderConfigSSL(address=(server, port), key=key, cert=cert, chain=chain) con = Sender(engine_config) lookup = Lookup(name=lookup_name, historic_tag=None, con=con) p_headers = Lookup.list_to_headers(['KEY', 'HEX', 'COLOR'], 'KEY') lookup.send_control('START', p_headers, 'INC') lookup.send_data_line(key="22", fields=["22", "HEX22_NEW", "COLOR22_NEW"]) lookup.send_data_line(key="44", fields=["44", "HEX44", "COLOR44"]) lookup.send_control('END', p_headers, 'INC') con.close()
import os from devo.sender import Sender, SenderConfigSSL, Lookup server = "us.elb.relay.logtrust.net" port = 443 key = os.getenv('DEVO_SENDER_KEY') cert = os.getenv('DEVO_SENDER_CERT') chain = os.getenv('DEVO_SENDER_CHAIN') lookup_name = 'Test_Lookup_Line_By_Line' engine_config = SenderConfigSSL(address=(server, port), key=key, cert=cert, chain=chain) con = Sender(engine_config) lookup = Lookup(name=lookup_name, historic_tag=None, con=con) p_headers = Lookup.list_to_headers(['KEY', 'HEX', 'COLOR'], 'KEY') lookup.send_control('START', p_headers, 'INC') lookup.send_data_line(key="11", fields=["11", "HEX12", "COLOR12"], delete=True) lookup.send_control('END', p_headers, 'INC') con.close()