def test_find_closed_incidents():
""" does some testing looking for closed incidents """
crowdstrike = CrowdstrikeAPI(CLIENT_ID, CLIENT_SECRET)
incidents = crowdstrike.incidents_query(filter="status: '40'")
assert len(incidents) > 0
logger.debug(incidents)
def test_find_true_positives():
""" does some testing looking for true positive incidents """
crowdstrike = CrowdstrikeAPI(CLIENT_ID, CLIENT_SECRET)
incidents = crowdstrike.incidents_query(filter="tags: 'True Positive'")
assert len(incidents) > 0
logger.debug(incidents)
def test_incidents():
""" does some wide-open testing of incidents """
crowdstrike = CrowdstrikeAPI(CLIENT_ID, CLIENT_SECRET)
incidents = crowdstrike.incidents_query()
logger.debug(incidents)
assert len(incidents) > 0
for incident in incidents:
single_incident_details = crowdstrike.incidents_get_details(
ids=[incident])
#logger.info(json.dumps(single_incident_details.get('resources')[0], indent=4))
#logger.debug(single_incident_details.get('resources')[0].get('users'))
logger.debug(single_incident_details.get('resources')[0].get('users'))
logger.debug(single_incident_details.get('resources')[0].get('state'))
#logger.debug(single_incident_details.get('resources')[0].get('assigned_to', 'unassigned'))
assert not single_incident_details.get('errors')