def test_intelligence_profile(self) -> None:
"""Will fetch related entities even if related_entities param is false""" # noqa
resp = enrich_command(self.client, "184.168.221.96", "ip", True, False, "Vulnerability Analyst") # noqa
self.assertIsInstance(resp[0], CommandResults)
data = resp[0].raw_response['data']
list_of_lists = sorted([[*entry][0] for entry in data['relatedEntities']]) # noqa
expected = ['RelatedMalwareCategory', 'RelatedMalware', 'RelatedThreatActor'] # noqa
self.assertEqual(list_of_lists, sorted(expected))
def test_intelligence(self, m) -> None:
m.register_uri('GET', 'https://api.recordedfuture.com/v2/ip/1.2.3.4?'
'fields=entity,risk,timestamps,threatLists,intelCard,'
'metrics,location,relatedEntities,riskyCIDRIPs',
text=json.dumps(IP_LOOKUP))
resp = enrich_command(self.client, '1.2.3.4', 'ip', True, True)
self.assertIsInstance(resp, CommandResults)
self.assertEqual('1.2.3.4',
resp.to_context()['Contents']['data']['name'])
def test_intelligence(self) -> None:
resp = enrich_command(self.client, "184.168.221.96", "ip", True, True)
context = resp[0].to_context()["EntryContext"]['RecordedFuture.IP(val.name && val.name == obj.name)'] # noqa
self.assertIsInstance(resp[0], CommandResults)
# rules are concatenated
self.assertIn(',', context['concatRules'])
self.assertEqual(
"184.168.221.96", resp[0].to_context()["Contents"]["data"]["name"]
)