Exemple #1
0
def __add_comment(issue_key, body):
    try:
        logger.debug(f'[JIRA  ] Adding comment to issue `{issue_key}`.')
        return jc.add_comment(issue_key, body)
    except JIRAError as jc_err:
        logger.error(jc_err)
    except Exception as err:
        logger.error(err)
Exemple #2
0
def __search_assignable_users_for_projects():
    try:
        logger.debug(
            f'[JIRA  ] Searching for assignable users for project `{JIRA_PROJECT_KEY}`.'
        )
        assignable = jc.search_assignable_users_for_projects(
            '', JIRA_PROJECT_KEY)
    except JIRAError as jc_err:
        logger.error(jc_err)
    except Exception as err:
        logger.error(err)
Exemple #3
0
def __assign_user(issue_key, accountId=None):
    assigned = False
    try:
        logger.debug(f'[JIRA  ] Assigning user for issue `{issue_key}`..')
        if not accountId:
            logger.debug(
                f'[JIRA  ] No accountId provided. Selecting random user.')
            users = __search_assignable_users_for_projects()
            if users:
                logger.debug(
                    f'[JIRA  ] User search: {len(users)} users found.')
                accountId = random.choice(users).accountId
            else:
                logger.error(
                    f'[JIRA  ] No assignable users were found for this project.'
                )
                return assigned
            assigned = jc.assign_issue(issue_key, accountId)
            logger.debug(f'[JIRA  ] User assigned: {assigned}')
    except JIRAError as jc_err:
        logger.error(jc_err)
    except Exception as err:
        logger.error(err)

    return assigned
Exemple #4
0
def main():
    if len(sys.argv) > 1:
        hosts = sys.argv[1]
        hosts = hosts.split(',')
        results = is_threat(hosts)
        if results:
            for result in results:
                logger.debug(f'[TH-INT] From feed: {result["feed_url"]}')
                print(f'Host: {result["host"]}')
                print(f'Threat: {"true" if result["found"] else "false"}')
                print(f'Confidence: {result["confidence"]}')
                print()
    else:
        logger.error(f'[TH-INT] Missing argument for `host`')
        print('Please specify a host to look for as the first argument.')
Exemple #5
0
def __determine_priority(issue, classification):
    logger.debug(f'[JIRA  ] Determining priority for issue `{issue.key}`.')
    pri = '2'
    classification = classification.lower()
    if classification == 'malware':
        pri = '1'
    elif classification == 'phishing':
        pri = '2'
    elif classification == 'fraud':
        pri = '2'
    elif classification == 'spam':
        pri = '3'
    elif classification == 'legitimate':
        pri = '5'

    __set_priority(issue, pri)
Exemple #6
0
def __set_priority(issue, priority_key):
    try:
        logger.debug(f'[JIRA  ] Setting priority for issue `{issue.key}`.')
        issue.update(fields={
            'priority': {
                'id': priority_key,
                'name': PRIORITIES.get(priority_key)
            }
        })
        logger.debug(
            f'[JIRA  ] Priority for issue `{issue.key}` set to `{PRIORITIES.get(priority_key)}` ({priority_key}).'
        )
    except JIRAError as jc_err:
        logger.error(jc_err)
    except Exception as err:
        logger.error(err)
Exemple #7
0
def __add_attachment(issue_key, filepath, filename='email'):
    try:
        logger.debug(f'[JIRA  ] Adding attachment to issue `{issue_key}`.')
        return jc.add_attachment(issue_key, filepath, filename)
    except JIRAError as jc_err:
        logger.error(jc_err)
        __add_comment(issue_key,
                      f'Uploading of email attachment `{filename}` failed.')
    except FileNotFoundError:
        logger.error(f'[JIRA  ] File `{filepath}` does not exist.')
    except Exception as err:
        logger.error(
            f'[JIRA  ] An error occurred while uploading an attachment to issue `{issue_key}`.'
        )
        logger.error(err)
        __add_comment(issue_key,
                      f'Uploading of email attachment `{filename}` failed.')
Exemple #8
0
def __create_issue(summary, description, issue_type='Task'):
    try:
        logger.debug(
            f'[JIRA  ] Creating new issue for project `{JIRA_PROJECT_KEY}`.')
        issue = {
            'project': {
                'key': JIRA_PROJECT_KEY
            },
            'summary': summary,
            'description': description,
            'issuetype': {
                'name': issue_type
            },
        }
        return jc.create_issue(fields=issue)
    except JIRAError as jc_err:
        logger.error(jc_err)
    except Exception as err:
        logger.error(err)
Exemple #9
0
def create_issue(classification,
                 confidence_level,
                 recipient,
                 email_sender,
                 email_subject,
                 timedate,
                 attachment_filepath=None,
                 comment=''):
    try:
        summary, desc = __parse_template(classification, confidence_level,
                                         recipient, email_sender,
                                         email_subject, timedate)
        issue = __create_issue(summary, desc)
        if issue:
            __determine_priority(issue, classification)

            if int(float(confidence_level)) < MIN_CONFIDENCE_LEVEL:
                logger.debug(
                    f'[JIRA  ] Assigning user to handle manually due to low confidence level [level: {confidence_level}]'
                )
                assigned = __assign_user(issue.key)
                logger.debug(
                    f'[JIRA  ] Setting priority to `Highest` due to low confidence level [level: {confidence_level}]'
                )
                __set_priority(issue, '1')
            if attachment_filepath:
                __add_attachment(issue.key, attachment_filepath, 'email')
            if comment:
                __add_comment(issue.key, comment)
        else:
            logger.error(
                f'[JIRA  ] An error occurred while creating the issue in JIRA.'
            )
    except JIRAError as jc_err:
        logger.error(jc_err)
    except Exception as err:
        logger.error(err)
Exemple #10
0
def __is_in_feed(host, feed):
    feed = __strip_feed(feed)
    if __is_ip(host):
        if host in feed:
            logger.debug(f'[TH-INT] Host {host} found in feed (src: IP, exact)')
            return True, 1.0
    if __is_url(host):
        fqdn_path = __get_fqdn_path(host)
        if fqdn_path in feed:
            logger.debug(f'[TH-INT] Host {host} found in feed (src: FQDN/path, exact)')
            return True, 1.0
        fqdn = __get_fqdn(host)
        if fqdn in feed:
            logger.debug(f'[TH-INT] Host {host} found in feed (src: FQDN, exact)')
            return True, 1.0
    if host in feed:
        logger.debug(f'[TH-INT] Host {host} found in feed (src: full, exact)')
        return True, 1.0

    # No direct match, look deeper.
    # Look for partial matches
    match = [line for line in feed if host in line]
    if __is_url(host):
        fqdn_path = __get_fqdn_path(host)
        match = [line for line in feed if fqdn_path in line]
        if match:
            logger.debug(f'[TH-INT] Host {host} found in feed (src: FQDN/path, partial) [match: {match}]')
            return True, 0.8
        fqdn = __get_fqdn(host)
        match = [line for line in feed if fqdn in line]
        if match:
            logger.debug(f'[TH-INT] Host {host} found in feed (src: FQDN, partial) [match: {match}]')
            return True, 0.6
    if __is_ip(host):
        match = [line for line in feed if host in line]
        if match:
            logger.debug(f'[TH-INT] Host {host} found in feed (src: IP, partial) [match: {match}]')
            return True, 0.6
    if match:
        logger.debug(f'[TH-INT] Host {host} found in feed (src: full, partial) [match: {match}]')
        return True, 0.7

    return False, 0.0