import requests
from AwsSecHub import amazon_security_hub_batch_upload, create_default_insights, setup_sec_hub, \
enable_batch_import_findings
from CommonUtils import open_config_file, write_to_log, format_date_smc_filter
from MapToAsff import create_asff_object
import itertools
from smc import session
from smc_monitoring.monitors.logs import LogQuery
from smc_monitoring.wsocket import FetchAborted
from MapToCef import format_smc_logs_to_cef
from azure_agent_connector import send_sentinel_data
cfg = open_config_file()
def __get_latest_api_version(smc_url):
resp = requests.get(smc_url+'/api')
js = resp.json()
return js['version'][len(js['version']) - 1]['rel']
def __setup_smc_query_filter(smc_filter):
latest_date = cfg['latest-date']
time_query = f' && default_false(($OrigTimestamp > time64("{latest_date}")))'
if latest_date:
return smc_filter + time_query
else:
import os
from os import system
from CommonUtils import open_config_file
if not os.path.exists('omsagent-1.12.15-0.universal.x64.sh'):
system(open_config_file()['azure-agent-script'])