Python CortexApi 예제들

프로그래밍 언어: Python

네임스페이스/패키지 이름: cortex4py.api

클래스/타입: CortexApi

hotexamples.com에서의 예제들: 6

Python CortexApi - 6개의 예제가 발견되었습니다. 이것들은 오픈소스 프로젝트에서 추출된 Python의 cortex4py.api.CortexApi에 대한 실세계 최고 등급의 예제들입니다. 예제들을 평가하여 예제의 품질 향상에 도움을 줄 수 있습니다.

자주 사용되는 메소드들

보기 숨기기

CortexApi(4)

get_job_report(2)

run_analyzer(2)

delete_job(1)

get_analyzers(1)

예제 #1

파일 보기

    def connect(self, params={}):

        self.url = '{}://{}:{}'.format(params.get('protocol'), params.get('host'), params.get('port'))
        self.verify = params.get('verify', True)
        self.logger.info('URL: %s', self.url)

        if not params.get('proxy'):
            self.proxy = {}
        else:
            self.proxy = params.get('proxy')
            self.logger.info('Proxy specified: %s', self.proxy)

        self.logger.info("Connect: Connecting..")
        self.client = CortexApi(self.url, cert=self.verify, proxies=self.proxy)

예제 #2

파일 보기

    def connect(self, params={}):

        self.url = "{}://{}:{}".format(params.get("protocol"),
                                       params.get("host"), params.get("port"))
        self.verify = params.get("verify", True)
        self.logger.info("URL: %s", self.url)

        if not params.get("proxy"):
            self.proxy = {}
        else:
            self.proxy = params.get("proxy")
            self.logger.info("Proxy specified: %s", self.proxy)

        self.logger.info("Connect: Connecting..")
        self.client = CortexApi(self.url, cert=self.verify, proxies=self.proxy)

예제 #3

파일 보기

#!/usr/bin/env python
# -*- coding: utf-8 -*-

import sys
import json
from cortex4py.api import CortexApi
from cortex4py.api import CortexException

api = CortexApi('http://127.0.0.1:9000')

print('Run analyzer')
print('-----------------------------')
job_id = None
try:
    response = api.run_analyzer("MaxMind_GeoIP_3_0", "ip", 1, "8.8.8.8")
    print(json.dumps(response, indent=4, sort_keys=True))
    print('')
    job_id = response["id"]
except CortexException as ex:
    print('[ERROR]: Failed to run analyzer ({})'.format(ex.message))
    sys.exit(0)

print('Get Job Report')
print('-----------------------------')
try:
    response = api.get_job_report(job_id, '30s')
    print(json.dumps(response, indent=4, sort_keys=True))
    print('')
except CortexException as ex:
    print('[ERROR]: Failed to get job report ({})'.format(ex.message))
    sys.exit(0)

예제 #4

파일 보기

파일: run-file-analysis.py 프로젝트: daniel-gallagher/Cortex4py

#!/usr/bin/env python
# -*- coding: utf-8 -*-

import sys
import json
from cortex4py.api import CortexApi
from cortex4py.api import CortexException

api = CortexApi('http://127.0.0.1:9000')

print('Run analyzer')
print('-----------------------------')
try:
    job_id = None
    response = api.run_analyzer("File_Info_2_0", "file", 1, "./sample.txt")
    print(json.dumps(response, indent=4, sort_keys=True))
    print('')
    job_id = response["id"]
except CortexException as ex:
    print('[ERROR]: Failed to run file analyzer ({})'.format(ex.message))
    sys.exit(0)

print('Get Job Report')
print('-----------------------------')
try:
    response = api.get_job_report(job_id)
    print(json.dumps(response, indent=4, sort_keys=True))
    print('')
except CortexException as ex:
    print('[ERROR]: Failed to get job report ({})'.format(ex.message))
    sys.exit(0)

예제 #5

파일 보기

파일: list-analyzers.py 프로젝트: daniel-gallagher/Cortex4py

#!/usr/bin/env python
# -*- coding: utf-8 -*-

import sys
import json
from cortex4py.api import CortexApi
from cortex4py.api import CortexException

api = CortexApi('http://127.0.0.1:9000')

print('List all analyzers')
print('-----------------------------')

try:
    response = api.get_analyzers()
    print('{} analyzers found'.format(len(response)))
    print(json.dumps(response, indent=4, sort_keys=True))
    print('')
except CortexException as ex:
    print('[ERROR]: Failed to list analyzers ({})'.format(ex.message))
    sys.exit(0)

print('List analyzers for file observables')
print('-----------------------------')

try:
    response = api.get_analyzers("ip")
    print('{} analyzers found for ip observables'.format(len(response)))
    print(json.dumps(response, indent=4, sort_keys=True))
    print('')
except CortexException as ex:

예제 #6

파일 보기

THEHIVE_KEY = (boto3.client("kms").decrypt(
    CiphertextBlob=b64decode(THEHIVE_KEY),
    EncryptionContext={
        "LambdaFunctionName": os.environ["AWS_LAMBDA_FUNCTION_NAME"]
    },
)["Plaintext"].decode("utf-8"))
CORTEX_KEY = (boto3.client("kms").decrypt(
    CiphertextBlob=b64decode(CORTEX_KEY),
    EncryptionContext={
        "LambdaFunctionName": os.environ["AWS_LAMBDA_FUNCTION_NAME"]
    },
)["Plaintext"].decode("utf-8"))

# TheHive and Cortex instances
thehive = TheHiveApi(THEHIVE_URL, THEHIVE_KEY)
cortex = CortexApi(CORTEX_URL, CORTEX_KEY)

# Configure logging
logger = logging.getLogger(__name__)
logger.setLevel(logging.DEBUG if os.getenv("DEBUG", False) else logging.INFO)


def lambda_handler(event, context):
    # Validate event before proceeding
    logger.debug(event)
    if not all(key in event for key in ["object", "objectType", "operation"]):
        raise ValueError(
            "Missing 'object', 'objectType', and/or 'operation' in event")

    # Parse and validate event type
    event_type = hooks.parse_event_type(event["objectType"],