コード例 #1
0
def get_delete_reported_email_integrations():
    """
    Get all enabled integration instances that can be used for deleting an email using the DeleteReportedEmail script.
    Returns:
        List of enabled integrations suitable for the DeleteReportedEmail script.

    """
    instances = demisto.getModules()
    return [
        data.get('brand') for data in instances.values()
        if data.get('state') == 'active'
        and data.get('brand') in EMAIL_INTEGRATIONS
    ]
コード例 #2
0
def isDemistoAPIIntegrationAvailable():

    brandName = "Demisto REST API"
    allInstances = demisto.getModules()
    brandInstances = [
        instanceName for instanceName in allInstances
        if allInstances[instanceName]['brand'].lower() == brandName.lower()
        and demisto.get(allInstances[instanceName], 'state')
        and allInstances[instanceName]['state'] == 'active'
    ]

    if brandInstances:
        return True
    else:
        return False
コード例 #3
0
def get_enabled_instances():
    enabled_instances = []
    readable_output = []
    instances = demisto.getModules()
    for instance_name, data in instances.items():
        if data.get('state') == 'active':
            enabled_instances.append(instance_name)
            readable_output.append({
                'Instance Name': instance_name,
                'Brand': data.get('brand')
            })

    return CommandResults(outputs_prefix='EnabledInstances',
                          outputs=enabled_instances,
                          readable_output=tableToMarkdown(
                              'Enabled Instances', readable_output),
                          raw_response=enabled_instances)
コード例 #4
0
def get_rest_api_instance_to_use():
    """
        This function checks if there are more than one instance of demisto rest api.

        Returns:
            Demisto Rest Api instance to use
    """
    all_instances = demisto.getModules()
    number_of_rest_api_instances = 0
    rest_api_instance_to_use = None
    for instance_name in all_instances:
        if all_instances[instance_name]['brand'] == BRAND and all_instances[instance_name]['state'] == 'active':
            rest_api_instance_to_use = instance_name
            number_of_rest_api_instances += 1
        if number_of_rest_api_instances > 1:
            return_error("GetFailedTasks: This script can only run with a single instance of the Demisto REST API. "
                         "Specify the instance name in the 'rest_api_instance' argument.")
    return rest_api_instance_to_use
コード例 #5
0
def get_instance_name_command(args: Dict[str, Any]) -> CommandResults:
    integration_name = args.get('integration_name', '')

    instances = demisto.getModules()

    found, instance_name = instance_check(instances, integration_name)

    if not found:
        raise DemistoException(
            f'No instance for integration {integration_name}.')

    return CommandResults(
        outputs_prefix='Instances',
        outputs_key_field='',
        outputs={
            'integrationName': integration_name,
            'instanceName': instance_name
        },
    )
コード例 #6
0
def main():
    try:
        args = demisto.args()
        all_instances = demisto.getModules()  # Gather existing instances

        # Look for active Cortex Data Lake instance
        check_instance(
            all_instances, "Cortex Data Lake",
            "No active Cortex Data Lake integration found, please configure one."
        )

        # The Firewall list must be a comma-separated list of FW serials
        fw_monitor_list = argToList(args.get('fw_serials'))
        if not fw_monitor_list:  # List of FW to monitor is empty, get it from Panorama
            pan_os_integration_instance_name = args.get(
                'pan_os_integration_instance_name')
            if not pan_os_integration_instance_name:
                raise Exception(
                    "A Firewall serial list or a PAN-OS integration instance name is needed."
                )
            # Look for active PAN-OS instance
            check_instance(
                all_instances, pan_os_integration_instance_name,
                f'Integration instance {pan_os_integration_instance_name}'
                f' is not active or is not a PAN-OS integration.')
            # Get FW serials
            fw_monitor_list = get_firewall_serials(
                pan_os_integration_instance_name)

        # Log the list of firewalls to be monitored
        demisto.debug(f'List of FW serials: {fw_monitor_list}')
        for current_fw in fw_monitor_list:
            if len(current_fw) not in (
                    12,
                    15):  # VM serial are 15 digits and FW serial are 12 digits
                raise Exception(
                    f'{current_fw} - incorrect Firewall serial number.')
        return_results(query_cdl(fw_monitor_list))

    except Exception as err:
        return_error(str(err), err)
コード例 #7
0
import demistomock as demisto  # noqa: F401
from CommonServerPython import *  # noqa: F401
brandName = "Demisto REST API"
instanceName = demisto.args().get('instanceName')
allInstances = demisto.getModules()
brandInstances = [
    instanceName for instanceName in allInstances
    if allInstances[instanceName]['brand'].lower() == brandName.lower()
    and demisto.get(allInstances[instanceName], 'state')
    and allInstances[instanceName]['state'] == 'active'
]
if brandInstances and instanceName in brandInstances:
    instance = allInstances.get(instanceName)
    instance['name'] = instanceName
    demisto.setContext('DemsistoAPIInstances', instance)
    demisto.results('yes')
else:
    demisto.results('no')