def import_bundle(self, bundle, min_classification=None):
"""\
Import a submission bundle into the system
Required:
bundle : bundle to import (string, bytes or file_handle)
Optional:
min_classification : Minimum classification at which the bundle is imported. (string)
Returns {'success': True/False } depending if it was imported or not
"""
if isinstance(bundle, str):
if len(bundle) <= 1024 and os.path.exists(bundle):
with open(bundle, 'rb') as f:
contents = f.read()
else:
contents = bundle
elif "read" in dir(bundle):
contents = bundle.read()
else:
raise TypeError("Invalid bundle")
kw = {}
if min_classification:
kw['min_classification'] = min_classification
return self._connection.post(api_path('bundle', **kw), data=contents)
def file(self, sid, sha256, results=None, errors=None):
"""\
Return all errors and results for a file as part of a specific submission.
Required:
sid : Submission ID. (string)
sha256 : File key. (string)
Optional:
resuls : Also include results with the given result keys. (list of strings)
errors : Also include errors with the given error keys. (list of strings)
Throws a Client exception if the submission and/or file does not exist.
"""
kw = {}
if errors:
kw['extra_error_keys'] = errors
if results:
kw['extra_result_keys'] = results
path = api_path('submission', sid, 'file', sha256)
if kw:
return self._connection.post(path, data=dumps(kw))
else:
return self._connection.get(path)
def restore(self, data):
"""\
Restore an old backup of the system configuration
Required:
data : Backup yaml data
"""
return self._connection.put(api_path('service', 'restore'), data=data)
def __call__(self, heuristic_id):
"""\
Get a specific heuristic's details from the system.
Required:
heuristic_id: (string) ID of the heuristic.
"""
return self._connection.get(api_path('heuristics', heuristic_id))
def add(self, data):
"""\
Add a service using its yaml manifest
Required:
data : service_manifest.yml content
"""
return self._connection.put(api_path('service'), data=data)
def __call__(self, username):
"""\
Get the current user's settings.
Required:
username : User key (string)
"""
return self._connection.get(api_path('user', 'settings', username))
def delete(self, username):
"""\
Remove the account specified by the username.
Required:
username : Name of the user to remove from the system
"""
return self._connection.delete(api_path('user', username))
def add(self, service, new_source):
"""\
Add a signature source for a given service
Required:
service : Service to which we want to add the source to
source_data : Data of the signature source
"""
return self._connection.put(api_path('signature', 'sources', service), json=new_source)
def delete(self, service, name):
"""\
Delete a signature source by name for a given service
Required:
service : Service to which we want to delete the source from
name : Name of the source you want to remove
"""
return self._connection.delete(api_path('signature', 'sources', service, name))
def add(self, username, user_data):
"""\
Add a user to the system
Required:
username : Name of the user to add to the system
user_data : Profile data of the user to add
"""
return self._connection.put(api_path('user', username), json=user_data)
def delete(self, workflow_id):
"""\
Remove the specified workflow.
Required:
workflow_id : id of the workflow
Throws a Client exception if the workflow does not exist.
"""
return self._connection.delete(api_path('workflow', workflow_id))
def delete(self, service_name):
"""\
Remove a service from the system
Required:
service_name: Name of the service to delete
Throws a Client exception if the service does not exist.
"""
return self._connection.delete(api_path('service', service_name))
def __call__(self, username):
"""\
Return the settings for the given username.
Required:
username: User key. (string).
Throws a Client exception if the submission does not exist.
"""
return self._connection.get(api_path('user', username))
def __call__(self, username):
"""\
Loads the user's avatar.
Required:
username : User key (string)
Throws a Client exception if the user does not exist.
"""
return self._connection.get(api_path('user', 'avatar', username))
def update(self, username, user_data):
"""\
Update a user profile in the system.
Required:
username : Name of the user to update in the system
user_data : Profile data of the user to update
"""
return self._connection.post(api_path('user', username),
json=user_data)
def __call__(self, workflow_id):
"""\
Get the detail for a workflow
Required:
workflow_id: Id of the workflow (string)
Throws a Client exception if the workflow does not exist.
"""
return self._connection.get(api_path('workflow', workflow_id))
def __call__(self, error_key):
"""\
Get the error details for a given error key
Required:
error_key: Error key to get the details for (string)
Throws a Client exception if the error does not exist.
"""
return self._connection.get(api_path('error', error_key))
def delete(self, signature_id):
"""\
Delete a signature based off its ID
Required:
signature_id : ID of the signature to be deleted
Throws a Client exception if the signature does not exist.
"""
return self._connection.delete(api_path('signature', signature_id))
def update(self, service, name, source_data):
"""\
Update a signature source by name for a given service
Required:
service : Service to which we want to update the signature source from
name : Name of the signature source you want to update
source_data : Data of the signature source
"""
return self._connection.post(api_path('signature', 'sources', service, name), json=source_data)
def __call__(self, signature_id):
"""\
Return the signature with the given ID and revision.
Required:
signature_id : Signature ID including
Throws a Client exception if the signature does not exist.
"""
return self._connection.get(api_path('signature', signature_id))
def __call__(self, sid):
"""\
Return the submission record for the given sid.
Required:
sid : Submission ID. (string)
Throws a Client exception if the submission does not exist.
"""
return self._connection.get(api_path('submission', sid))
def __call__(self, alert_id):
"""\
Return the full alert for a given alert_id.
Required:
alert_id: Alert key. (string)
Throws a Client exception if the alert does not exist.
"""
return self._connection.get(api_path('alert', alert_id))
def add(self, workflow):
"""\
Add a workflow to the system
Required:
workflow : data of the workflow
Throws a Client exception if the workflow information is wrong.
"""
return self._connection.put(api_path('workflow'), json=workflow)
def delete(self, sid):
"""\
Delete the submission and related records for the given sid.
Required:
sid : Submission ID. (string)
Throws a Client exception if the submission does not exist.
"""
return self._connection.delete(api_path('submission', sid))
def __call__(self, key):
"""\
Return the result with the given key.
Required:
key : Result key.
Throws a Client exception if the error does not exist.
"""
return self._connection.get(api_path('result', key))
def list(self, query="*:*", rows=10, offset=0):
"""\
List the potential workflows (per page)
Required:
query : query to filter the workflow
rows : number of items returned
offset : offset in the results to start returning data
"""
return self._connection.get(
api_path('search', 'workflow', **get_function_kwargs('self')))
def update(self, username, avatar):
"""\
Update the user's avatar.
Required:
username : User key (string)
avatar : New avatar for the user
Throws a Client exception if the user does not exist.
"""
return self._connection.post(api_path('user', 'avatar', username),
data=avatar)
def update(self, username, favorites):
"""\
Update the user's favorite queries.
Required:
username : User key (string)
favorites : New favorites for the user
Throws a Client exception if the user does not exist.
"""
return self._connection.post(api_path('user', 'favorites', username),
json=favorites)
def set_verdict(self, sid, verdict):
"""\
Set the verdict of a submission based on its ID.
Required:
sid : Submission ID. (string)
verdict : Verdict that the user thinks the submission is (malicious, non_malicious)
Throws a Client exception if the submission does not exist.
"""
return self._connection.put(
api_path('submission', 'verdict', sid, verdict))
def set(self, service_name, service_data):
"""\
Calculate the delta between the original service config and
the posted service config then saves that delta as the current
service delta.
Required:
service_name : Name of the service to change the configuration
service_data : New configuration for the service
"""
return self._connection.post(api_path('service', service_name),
json=service_data)
