Python OrcaClient.get_alerts_by_filter 예제들

프로그래밍 언어: Python

네임스페이스/패키지 이름: Orca

클래스/타입: OrcaClient

메소드/함수: get_alerts_by_filter

hotexamples.com에서의 예제들: 2

Python OrcaClient.get_alerts_by_filter - 2개의 예제가 발견되었습니다. 이것들은 오픈소스 프로젝트에서 추출된 Python의 Orca.OrcaClient.get_alerts_by_filter에 대한 실세계 최고 등급의 예제들입니다. 예제들을 평가하여 예제의 품질 향상에 도움을 줄 수 있습니다.

자주 사용되는 메소드들

보기 숨기기

get_alerts_by_filter(2)

get_asset(2)

validate_api_key(2)

OrcaClient(1)

get_all_alerts(1)

예제 #1

파일 보기

파일: Orca_test.py 프로젝트: AVAILOTECH/x2o-demisto-content

def test_get_alerts_by_non_existent_type_should_return_empty_list(requests_mock, orca_client: OrcaClient) -> None:
    NON_EXISTENT_ALERT_TYPE = "non_existent_alert_type"
    mock_response = {
        "version": "0.1.0",
        "status": "success",
        "total_items": 0,
        "total_ungrouped_items": 0,
        "total_supported_items": 10000,
        "data": []}

    requests_mock.get(f"{ORCA_API_DNS_NAME}/alerts?type={NON_EXISTENT_ALERT_TYPE}", json=mock_response)
    res = orca_client.get_alerts_by_filter(alert_type=NON_EXISTENT_ALERT_TYPE)
    assert res == []

예제 #2

파일 보기

파일: Orca_test.py 프로젝트: AVAILOTECH/x2o-demisto-content

def test_get_alerts_by_type_malware_should_succeed(requests_mock, orca_client: OrcaClient) -> None:
    mock_response = {
        "version": "0.1.0",
        "status": "success",
        "total_items": 6,
        "total_ungrouped_items": 6,
        "total_supported_items": 10000,
        "data": [
            {
                "type": "malware",
                "rule_id": "r1111ea1111",
                "type_string": "Malware",
                "type_key": "/test_eicar_file",
                "category": "Malware",
                "description": "Malware EICAR-Test-File found on asset",
                "details": "We have detected a file infected with EICAR-Test-File on the asset.",
                "recommendation": "Remediate the host and attend additional alerts on the host to close the infection path.",
                "alert_labels": [
                    "malware_found"
                ],
                "asset_category": "Storage",
                "cloud_provider_id": "111111111111",
                "cloud_provider": "aws",
                "cloud_account_id": "10b11111-1111-1111-91d5-11111de11111",
                "cloud_vendor_id": "111111111111",
                "account_name": "111111111111",
                "asset_unique_id": "storage_111111e11111_scan-me-s3-bucket-s8rrr",
                "asset_name": "scan-me-s3-bucket-s8rrr",
                "asset_type": "storage",
                "asset_type_string": "AWS S3 Bucket",
                "group_unique_id": "storage_111111e11111_scan-me-s3-bucket-s8rrr",
                "group_name": "scan-me-s3-bucket-s8rrr",
                "group_type": "storage",
                "group_type_string": "NonGroup",
                "group_val": "nongroup",
                "cluster_unique_id": "storage_111111e11111_scan-me-s3-bucket-s8rrr",
                "cluster_name": "scan-me-s3-bucket-s8rrr",
                "cluster_type": "storage",
                "level": 0,
                "asset_state": "enabled",
                "asset_labels": [
                    "internet_facing",
                    "pii"
                ],
                "asset_vendor_id": "scan-me-s3-bucket-s8rrr",
                "asset_regions": [
                    "us-east-1"
                ],
                "asset_regions_names": [
                    "N. Virginia"
                ],
                "source": "test_eicar_file",
                "findings": {
                    "malware": [
                        {
                            "type": "malware",
                            "labels": [
                                "malware_found"
                            ],
                            "virus_names": [
                                "EICAR-Test-File"
                            ],
                            "modification_time": "2020-04-26T14:26:11+00:00",
                            "file": "/test_eicar_file",
                            "sha256": "275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f",
                            "sha1": "3395856ce81f2b7382dee72602f798b642f14140",
                            "md5": "44d88612fea8a8f36de82e1278abb02f",
                            "has_macro": False
                        }
                    ]
                },
                "configuration": {
                    "user_status": "closed",
                    "jira_issue_link": "https://www.jira.com/myproject",
                    "jira_issue": "TP-41"
                },
                "state": {
                    "alert_id": "orca-59",
                    "status": "in_progress",
                    "status_time": "2020-12-30T09:57:33+00:00",
                    "created_at": "2020-11-08T12:58:52+00:00",
                    "last_seen": "2020-12-30T10:35:46+00:00",
                    "score": 1,
                    "severity": "compromised",
                    "low_since": None,
                    "high_since": "2020-12-15T15:33:49+00:00",
                    "in_verification": None
                },
                "priv": {
                    "key": "3ea22222274111114b011111bb311111",
                    "score": 1,
                    "orig_score": 1,
                    "alert_id": "orca-59",
                    "full_scan_time": "2020-12-30T10:35:46+00:00",
                    "organization_id": "11111111-1111-1111-1111-c111881c1111",
                    "organization_name": "Orca Security",
                    "context": "data",
                    "account_action_id_ctx": {
                        "data": "11111111-1111-1111-1111-8a529a011111"
                    },
                    "scan_id_ctx": {
                        "data": "11111111-1111-1111-1111-8a529a011111_111111111111_bucket-111111e11111-us-east-1"
                    },
                    "first_seen": "2020-11-08T13:03:37+00:00"
                },
                "hdr": {
                    "asset_category": "Storage",
                    "organization_id": "11111111-1111-1111-1111-c111881c1111",
                    "organization_name": "Orca Security",
                    "cloud_provider": "aws",
                    "cloud_provider_id": "111111111111",
                    "cloud_account_id": "10b11111-1111-1111-91d5-11111de11111",
                    "context": "data",
                    "asset_unique_id": "storage_111111e11111_scan-me-s3-bucket-s8rrr",
                    "asset_type": "storage",
                    "asset_type_string": "AWS S3 Bucket",
                    "asset_name": "scan-me-s3-bucket-s8rrr",
                    "group_unique_id": "storage_111111e11111_scan-me-s3-bucket-s8rrr",
                    "group_name": "scan-me-s3-bucket-s8rrr",
                    "group_type": "storage",
                    "group_type_string": "NonGroup",
                    "cluster_unique_id": "storage_111111e11111_scan-me-s3-bucket-s8rrr",
                    "cluster_type": "storage",
                    "cluster_name": "scan-me-s3-bucket-s8rrr",
                    "level": 0,
                    "group_val": "nongroup",
                    "asset_vendor_id": "scan-me-s3-bucket-s8rrr",
                    "cloud_vendor_id": "111111111111",
                    "asset_state": "enabled",
                    "account_name": "111111111111",
                    "asset_labels": [
                        "internet_facing"
                    ]
                },
                "insert_time": "2020-12-30T10:45:21+00:00"
            }
        ]
    }
    requests_mock.get(f"{ORCA_API_DNS_NAME}/alerts?type=malware", json=mock_response)
    res = orca_client.get_alerts_by_filter(alert_type="malware")
    assert res[0] == mock_response['data'][0]