def write_to_table_command():
table_name = demisto.args()['tableName']
records = check_type(demisto.args()['records'], list)
linq_base = demisto.args().get('linqLinkBase', None)
creds = get_writer_creds()
linq = f"from {table_name}"
sender = Sender(
SenderConfigSSL(address=(WRITER_RELAY, PORT),
key=creds['key'].name,
cert=creds['crt'].name,
chain=creds['chain'].name))
for r in records:
try:
sender.send(tag=table_name, msg=json.dumps(r))
except TypeError:
sender.send(tag=table_name, msg=f"{r}")
querylink = {
'DevoTableLink':
build_link(linq,
int(1000 * time.time()) - 3600000,
int(1000 * time.time()),
linq_base=linq_base)
}
entry = {
'Type': entryTypes['note'],
'Contents': {
'recordsWritten': records
},
'ContentsFormat': formats['json'],
'ReadableContentsFormat': formats['markdown'],
'EntryContext': {
'Devo.RecordsWritten': records,
'Devo.LinqQuery': linq
}
}
entry_linq = {
'Type': entryTypes['note'],
'Contents': querylink,
'ContentsFormat': formats['json'],
'ReadableContentsFormat': formats['markdown'],
'EntryContext': {
'Devo.QueryLink': createContext(querylink)
}
}
md = tableToMarkdown('Entries to load into Devo', records)
entry['HumanReadable'] = md
md_linq = tableToMarkdown(
'Link to Devo Query',
{'DevoTableLink': f'[Devo Direct Link]({querylink["DevoTableLink"]})'})
entry_linq['HumanReadable'] = md_linq
return [entry, entry_linq]
def test_tcp_rt_send(self):
"""
Tests that a TCP connection and data send it is possible
"""
try:
engine_config = SenderConfigTCP(address=(self.tcp_server,
self.tcp_port))
con = Sender(engine_config)
for i in range(self.default_numbers_sendings):
con.send(tag=self.my_app, msg=self.test_msg)
if len(con.socket.recv(5000)) == 0:
raise Exception('Not msg sent!')
con.close()
except Exception as error:
self.fail("Problems with test: %s" % error)
def test_rt_send_no_certs(self):
"""
Test that tries to send a message without using certificates
"""
if self.test_tcp == "True":
try:
engine_config = SenderConfigSSL(address=(self.server,
self.port))
con = Sender(engine_config)
for i in range(self.default_numbers_sendings):
con.send(tag=self.my_app, msg=self.test_msg)
con.close()
except Exception as error:
return False
else:
return True
def test_ssl_rt_send(self):
"""
Test that tries to send a message through a ssl connection
"""
try:
engine_config = SenderConfigSSL(address=self.server,
port=self.port,
key=self.key,
cert=self.cert,
chain=self.chain)
con = Sender(engine_config)
for i in range(0, self.default_numbers_sendings):
con.send(tag=self.my_app, msg='Test SSL msg_ python_sdk_ fork')
con.close()
except Exception as error:
self.fail("Problems with test: %s" % error)
def test_tcp_rt_send(self):
"""
Tests that a TCP connection and data send it is possible
"""
if self.test_tcp == "True":
try:
engine_config = SenderConfigTCP(address=self.tcp_server,
port=self.tcp_port)
con = Sender(engine_config)
for i in range(0, 1):
con.send(tag=self.my_app, msg='Test TCP msg')
con.close()
except Exception as error:
self.fail("Problems with test: %s" % error)
else:
return True
def test_multiline_send(self):
"""
Test that tries to send a multiple line message through a ssl connection
"""
try:
engine_config = SenderConfigSSL(address=self.server,
port=self.port,
key=self.key,
cert=self.cert,
chain=self.chain)
con = Sender(engine_config)
with open(self.test_file, 'r') as file:
content = file.read()
con.send(tag=self.my_app, msg=content, multiline=True)
con.close()
except Exception as error:
self.fail("Problems with test: %s" % error)
def test_ssl_rt_send(self):
"""
Test that tries to send a message through a ssl connection
"""
try:
engine_config = SenderConfigSSL(address=(self.server, self.port),
key=self.key,
cert=self.cert,
chain=self.chain)
con = Sender(engine_config)
for i in range(self.default_numbers_sendings):
con.send(tag=self.my_app, msg=self.test_msg)
if len(con.socket.recv(5000)) == 0:
raise Exception('Not msg sent!')
con.close()
except Exception as error:
self.fail("Problems with test: %s" % str(error))
def test_rt_send_no_certs(self):
"""
Test that tries to send a message without using certificates
"""
if self.test_tcp == "True":
try:
engine_config = SenderConfigSSL(address=self.tcp_server,
port=self.tcp_port,
cert_reqs=False)
con = Sender(engine_config)
for i in range(0, self.default_numbers_sendings):
con.send(tag=self.my_app, msg='Test RT msg')
con.close()
except Exception as error:
self.fail("Problems with test: %s" % error)
else:
return True
def lambda_handler(event, context):
# Get the object from the event and show its content type
bucket = event['Records'][0]['s3']['bucket']['name']
key = urllib.parse.unquote_plus(event['Records'][0]['s3']['object']['key'])
try:
print("File to process %s" % key)
response = s3.get_object(Bucket=bucket, Key=key)
body = response['Body']
data = body.read()
# If the name has a .gz extension, then decompress the data
if key[-3:] == '.gz':
data = zlib.decompress(data, 16 + zlib.MAX_WBITS)
config = Configuration("config.json")
con = Sender(config=config.get("sender"))
# Send json events to Devo
print("Starting to send lines to Devo")
counter = 0
for line in data.splitlines():
events_json = json.loads(line)
for single_event in events_json["Records"]:
dumped_event = json.dumps(single_event)
aws_account_id = "a"
if single_event.get("getuserIdentity", None) is not None:
if single_event.get("getuserIdentity")\
.get("accountId", None) is not None:
aws_account_id = single_event["getuserIdentity"][
"accountId"]
elif single_event.get("account", None) is not None:
aws_account_id = single_event["account"]
elif single_event.get("recipientAccountId", None) is not None:
aws_account_id = single_event["recipientAccountId"]
aws_region = "b"
if single_event.get("awsRegion", None) is not None:
aws_region = single_event["awsRegion"]
elif single_event.get("region", None) is not None:
aws_region = single_event["region"]
tag = "{!s}.{!s}.{!s}".format(config.get("tag"),
aws_account_id, aws_region)
counter += con.send(tag=encode(tag),
msg=encode(dumped_event),
zip=False)
con.close()
print("Finished sending lines to Devo (%d)" % counter)
except Exception as e:
print(e)
print("Error getting file '%s' from bucket '%s'. Make sure they \
exist and your bucket is in the same region as this function." %
(key, bucket))
def test_ssl_rt_send(self):
"""
Test that tries to send a message through a ssl connection
"""
try:
engine_config = SenderConfigSSL(address=(self.server, self.port),
key=self.key, cert=self.cert,
chain=self.chain,
check_hostname=False,
verify_mode=CERT_NONE)
con = Sender(engine_config)
for i in range(self.default_numbers_sendings):
con.send(tag=self.my_app, msg=self.test_msg)
data_received = con.socket.recv(5000)
print(b"\n" + data_received)
if len(data_received) == 0:
raise Exception('Not msg sent!')
con.close()
except Exception as error:
self.fail("Problems with test: %s" % str(error))
def test_ssl_zip_send(self):
"""
Test that tries to send a message through a ssl connection
"""
try:
engine_config = SenderConfigSSL(address=self.server,
port=self.port,
key=self.key,
cert=self.cert,
chain=self.chain)
con = Sender(engine_config, sockettimeout=15)
for i in range(self.default_numbers_sendings):
con.send(tag=self.my_bapp,
msg=self.test_msg.encode("utf-8"),
zip=True)
con.flush_buffer()
if len(con.socket.recv(1000)) == 0:
raise Exception('Not msg sent!')
con.close()
except Exception as error:
self.fail("Problems with test: %s" % error)
def test_multiline_send(self):
"""
Test that tries to send a multiple line message through a ssl connection
"""
try:
engine_config = SenderConfigSSL(address=(self.server, self.port),
key=self.key, cert=self.cert,
chain=self.chain,
check_hostname=False,
verify_mode=CERT_NONE)
con = Sender(engine_config)
with open(self.test_file, 'r') as file:
content = file.read()
con.send(tag=self.my_app, msg=content, multiline=True)
con.flush_buffer()
data_received = con.socket.recv(5000)
print(b"\n" + data_received)
if len(data_received) == 0:
raise Exception('Not msg sent!')
con.close()
except Exception as error:
self.fail("Problems with test: %s" % error)
def lambda_handler(event, context):
# Get the object from the event and show its content type
bucket = event['Records'][0]['s3']['bucket']['name']
key = urllib.parse.unquote_plus(event['Records'][0]['s3']['object']['key'])
try:
print("File to process %s" % key)
response = s3.get_object(Bucket=bucket, Key=key)
body = response['Body']
data = body.read()
###### START: From this point until END, you need to
###### carefully review the code to make sure all
###### variables match your environment.
# If the name has a .gz extension, then decompress the data
if key[-3:] == '.gz':
data = zlib.decompress(data, 16 + zlib.MAX_WBITS)
config = Configuration("config.json")
con = Sender(config=config.get("sender"))
# Send json events to Devo
print("Starting to send lines to Devo")
counter = 0
for line in data.splitlines():
events_json = json.loads(line)
for single_event in events_json["Records"]:
counter += con.send(tag=encode(config.get("tag")),
msg=encode(json.dumps(single_event)),
zip=False)
con.close()
print("Finished sending lines to Devo (%d)" % counter)
###### END of code containing key variables.
except Exception as e:
print(e)
print("Error getting file '%s' from bucket '%s'. Make sure they \
exist and your bucket is in the same region as this function." %
(key, bucket))
import os
from devo.sender import Sender, SenderConfigSSL
server = "us.elb.relay.logtrust.net"
port = 443
key = os.getenv('DEVO_SENDER_KEY')
cert = os.getenv('DEVO_SENDER_CERT')
chain = os.getenv('DEVO_SENDER_CHAIN')
file = "".join((os.path.dirname(os.path.abspath(__file__)), os.sep,
"example_data", os.sep, "example.csv"))
engine_config = SenderConfigSSL(address=(server, port),
key=key,
cert=cert,
chain=chain)
con = Sender(engine_config)
with open(file) as f:
for line in f:
con.send(tag="my.app.sdk.example", msg=line)
con.close()
},
address="https://apiv2-eu.devo.com/search/query",
config=ClientConfig(response="json/simple/compact",
stream=True,
processor=SIMPLECOMPACT_TO_OBJ))
response = api.query(query="from demo.ecommerce.data select *",
dates={
'from': "today()-1*day()",
'to': "today()"
})
server = "us.elb.relay.logtrust.net"
port = 443
key = os.getenv('DEVO_SENDER_KEY')
cert = os.getenv('DEVO_SENDER_CERT')
chain = os.getenv('DEVO_SENDER_CHAIN')
engine_config = SenderConfigSSL(address=(server, port),
key=key,
cert=cert,
chain=chain)
con = Sender(engine_config)
for item in response:
con.send(tag="my.app.sdk.api",
msg="{!s} - {!s}".format(item.get("eventdate"),
item.get("method")))
con.close()
import os
from devo.sender import Sender, SenderConfigSSL
server = "us.elb.relay.logtrust.net"
port = 443
key = os.getenv('DEVO_SENDER_KEY')
cert = os.getenv('DEVO_SENDER_CERT')
chain = os.getenv('DEVO_SENDER_CHAIN')
engine_config = SenderConfigSSL(address=(server, port),
key=key, cert=cert,
chain=chain)
con = Sender(engine_config)
for _ in range(1000):
con.send(tag="my.app.sdk.example", msg="Hello world", zip=True)
# Its important fill the buffer ever
con.fill_buffer()
con.close()
import os
from devo.sender import Sender, SenderConfigSSL
server = "us.elb.relay.logtrust.net"
port = 443
key = os.getenv('DEVO_SENDER_KEY')
cert = os.getenv('DEVO_SENDER_CERT')
chain = os.getenv('DEVO_SENDER_CHAIN')
engine_config = SenderConfigSSL(address=(server, port),
key=key, cert=cert,
chain=chain)
con = Sender(engine_config)
for index in range(10):
con.send(tag="my.app.sdk.example", msg="Hello world {!s}".format(index))
con.close()
