def run(self, params={}): # Import variables from connection url = self.connection.url access_key = self.connection.access_key secret_key = self.connection.secret_key app_id = self.connection.app_id app_key = self.connection.app_key # Generate payload dictionary data = {} for key, value in params.items(): temp = util.normalize(key, value) data.update(temp) # Mimecast request mimecast_request = util.MimecastRequests() response = mimecast_request.mimecast_post(url=url, uri=PermitOrBlockSender._URI, access_key=access_key, secret_key=secret_key, app_id=app_id, app_key=app_key, data=data) return {Output.RESPONSE: response['data']}
def run(self, params={}): # Import variables from connection url = self.connection.url access_key = self.connection.access_key secret_key = self.connection.secret_key app_id = self.connection.app_id app_key = self.connection.app_key # Mimecast request mimecast_request = util.MimecastRequests() response = mimecast_request.mimecast_post( url=url, uri=GetManagedUrl._URI, access_key=access_key, secret_key=secret_key, app_id=app_id, app_key=app_key, data=None, ) # Create filter dictionary filter_ = {} for key, value in params.items(): temp = util.normalize(key, value) filter_.update(temp) data = response["data"] # Create filtered list for item in filter_: data[:] = [d for d in data if d.get(item) == filter_[item]] return {"response": data}
def run(self, params={}): # Import variables from connection url = self.connection.url access_key = self.connection.access_key secret_key = self.connection.secret_key app_id = self.connection.app_id app_key = self.connection.app_key # Generate payload dictionary data = {} for key, value in params.items(): temp = util.normalize(key, value) data.update(temp) # Mimecast request mimecast_request = util.MimecastRequests() response = mimecast_request.mimecast_post( url=url, uri=CreateManagedUrl._URI, access_key=access_key, secret_key=secret_key, app_id=app_id, app_key=app_key, data=data, ) return {"response": response["data"]}
def test(self): payload = { 'data': [] } uri = "/api/account/get-account" # Mimecast request mimecast_request = util.MimecastRequests() mimecast_request.mimecast_post(url=self.url, uri=uri, access_key=self.access_key, secret_key=self.secret_key, app_id=self.app_id, app_key=self.app_key, data=payload) return {'connection': 'successful'}
def run(self, params={}): # Import variables from connection url = self.connection.url access_key = self.connection.access_key secret_key = self.connection.secret_key app_id = self.connection.app_id app_key = self.connection.app_key id_ = params.get(Input.ID) email = params.get(Input.EMAIL_ADDRESS) domain = params.get(Input.DOMAIN) if not email and not domain: raise PluginException( cause="Invalid input.", assistance= "Email Address and Domain inputs cannot both be blank.", ) if email and domain: raise PluginException( cause="Invalid input.", assistance= "Both Email Address and Domain fields cannot be used. Choose either Email Address or Domain.", ) if email: data = {"id": id_, "emailAddress": email} else: data = {"id": id_, "domain": domain} # Mimecast request mimecast_request = util.MimecastRequests() response = mimecast_request.mimecast_post( url=url, uri=AddGroupMember._URI, access_key=access_key, secret_key=secret_key, app_id=app_id, app_key=app_key, data=data, ) output = response["data"][0] return { Output.ID: output["id"], Output.FOLDER_ID: output["folderId"], Output.EMAIL_ADDRESS: output["emailAddress"], Output.INTERNAL: output["internal"], }
def run(self, params={}): # Import variables from connection url = self.connection.url access_key = self.connection.access_key secret_key = self.connection.secret_key app_id = self.connection.app_id app_key = self.connection.app_key source_ips = params.get(Input.SOURCE_IPS) option = params.get(Input.OPTION) data = {"option": option} # Generate policy dictionary policy = {} for key, value in params.items(): temp = util.normalize(key, value) policy.update(temp) # Remove source_ips and option from policy as they should not be directly in that dictionary if params.get(Input.SOURCE_IPS): del policy["sourceIps"] del policy["option"] # Transform source_ips from comma delimited string to list if params.get(Input.SOURCE_IPS): source_ips = source_ips.split(",") # Add conditions dic to policy if source_ips: policy["conditions"] = {"sourceIPs": source_ips} # Add policy to data data["policy"] = policy # Mimecast request mimecast_request = util.MimecastRequests() response = mimecast_request.mimecast_post( url=url, uri=CreateBlockedSenderPolicy._URI, access_key=access_key, secret_key=secret_key, app_id=app_id, app_key=app_key, data=data, ) return {Output.SENDER_POLICY: response["data"]}
def run(self, params={}): # Import variables from connection url = self.connection.url access_key = self.connection.access_key secret_key = self.connection.secret_key app_id = self.connection.app_id app_key = self.connection.app_key from_ = params.get(Input.FROM) to_ = params.get(Input.TO) route = params.get(Input.ROUTE) scan_result = params.get(Input.SCAN_RESULT) url_to_filter = params.get(Input.URL_TO_FILTER) data = {'route': route, 'scanResult': scan_result} if to_: data['to'] = to_ if from_: data['from'] = from_ # Mimecast request mimecast_request = util.MimecastRequests() response = mimecast_request.mimecast_post(url=url, uri=GetTtpUrlLogs._URI, access_key=access_key, secret_key=secret_key, app_id=app_id, app_key=app_key, data=data) try: if url_to_filter: output = list() for log in response['data'][0]['clickLogs']: if re.search(r'{}'.format(url_to_filter), log['url']): output.append(log) else: output = response['data'][0]['clickLogs'] except (KeyError, IndexError): self.logger.error(response) raise PluginException( cause='Unexpected output format.', assistance= 'The output from Mimecast was not in the expected format. Please contact support for help.', data=response) return {Output.CLICK_LOGS: output}
def run(self, params={}): # Import variables from connection url = self.connection.url access_key = self.connection.access_key secret_key = self.connection.secret_key app_id = self.connection.app_id app_key = self.connection.app_key # Generate payload dictionary data = {"url": params.get(Input.ENCODED_URL)} mimecast_request = util.MimecastRequests() response = mimecast_request.mimecast_post( url=url, uri=DecodeUrl._URI, access_key=access_key, secret_key=secret_key, app_id=app_id, app_key=app_key, data=data, ) try: if not response["data"][0]["success"]: raise PluginException( cause= f"The URL {params.get(Input.ENCODED_URL)} could not be decoded.", assistance= "Please ensure that it is a Mimecast encoded URL.", data=response["fail"], ) except KeyError: raise PluginException(preset=PluginException.Preset.UNKNOWN, data=response) except IndexError: raise PluginException(preset=PluginException.Preset.UNKNOWN, data=response) try: output = response["data"][0]["url"] except KeyError: raise PluginException(preset=PluginException.Preset.UNKNOWN, data=response) except IndexError: raise PluginException(preset=PluginException.Preset.UNKNOWN, data=response) return {Output.DECODED_URL: output}
def run(self, params={}): # Import variables from connection url = self.connection.url access_key = self.connection.access_key secret_key = self.connection.secret_key app_id = self.connection.app_id app_key = self.connection.app_key group_id = params.get(Input.ID) email = params.get(Input.EMAIL_ADDRESS) domain = params.get(Input.DOMAIN) if not email and not domain: raise PluginException( cause="Invalid input.", assistance= "Email Address and Domain inputs cannot both be blank.", ) if email and domain: raise PluginException( cause="Invalid input.", assistance= "Both Email Address and Domain fields cannot be used. Choose either Email Address or Domain.", ) data = {} if email: data = {"id": group_id, "emailAddress": email} else: data = {"id": group_id, "domain": domain} # Mimecast request mimecast_request = util.MimecastRequests() _ = mimecast_request.mimecast_post( url=url, uri=DeleteGroupMember._URI, access_key=access_key, secret_key=secret_key, app_id=app_id, app_key=app_key, data=data, ) # if we get here and no mimecast_post() exception was thrown; we are good return {"success": True}
def run(self, params={}): # Import variables from connection url = self.connection.url access_key = self.connection.access_key secret_key = self.connection.secret_key app_id = self.connection.app_id app_key = self.connection.app_key id_to_remove = params.get('id') if id_to_remove: # Mimecast request, only if there is an ID to remove mimecast_request = util.MimecastRequests() response = mimecast_request.mimecast_post( url=url, uri=DeleteManagedUrl._URI, access_key=access_key, secret_key=secret_key, app_id=app_id, app_key=app_key, data={'id': id_to_remove}) return {'success': True}
def test(self): # Mimecast request mimecast_request = util.MimecastRequests() response = mimecast_request.mimecast_post( url=self.url, uri="/api/account/get-account", access_key=self.access_key, secret_key=self.secret_key, app_id=self.app_id, app_key=self.app_key, data=None, ) if response["meta"]["status"] != 200 or response["fail"] != []: self.logger.error(response) raise ConnectionTestException( cause="Server request failed.", assistance="Status code is {}, see log for details.".format(response["meta"]["status"]), data=response["fail"], ) return {"connection": "successful"}
def run(self, params={}): # Import variables from connection url = self.connection.url access_key = self.connection.access_key secret_key = self.connection.secret_key app_id = self.connection.app_id app_key = self.connection.app_key query = params.get(Input.QUERY) source = params.get(Input.SOURCE) if query: data = {"query": query, "source": source} else: data = {"source": source} # Mimecast request mimecast_request = util.MimecastRequests() response = mimecast_request.mimecast_post( url=url, uri=FindGroups._URI, access_key=access_key, secret_key=secret_key, app_id=app_id, app_key=app_key, data=data, ) try: output = response["data"][0]["folders"] except KeyError: self.logger.error(response) raise PluginException( cause="Unexpected output format.", assistance= "The output from Mimecast was not in the expected format. Please contact support for help.", data=response, ) return {Output.GROUPS: output}
def test(self): payload = {'data': []} uri = "/api/account/get-account" # Mimecast request mimecast_request = util.MimecastRequests() response = mimecast_request.mimecast_post(url=self.url, uri=uri, access_key=self.access_key, secret_key=self.secret_key, app_id=self.app_id, app_key=self.app_key, data=payload) if response['meta']['status'] != 200: self.logger.error(response) raise ConnectionTestException( cause='Server request failed.', assistance='Status code is {}, see log for details.'.format( response['meta']['status']), data=response['fail']) return {'connection': 'successful'}
def run(self, params={}): # Import variables from connection url = self.connection.url username = self.connection.username password = self.connection.password access_key = self.connection.access_key secret_key = self.connection.secret_key app_id = self.connection.app_id app_key = self.connection.app_key auth_type = self.connection.auth_type # Mimecast request mimecast_request = util.MimecastRequests() response = mimecast_request.mimecast_post(url=url, uri=GetManagedUrl._URI, username=username, password=password, auth_type=auth_type, access_key=access_key, secret_key=secret_key, app_id=app_id, app_key=app_key, data=None) # Logout logout = util.Authentication() logout_result = logout.logout(url=url, username=username, password=password, auth_type=auth_type, access_key=access_key, secret_key=secret_key, app_id=app_id, app_key=app_key) try: # Test for logout fail if logout_result['fail']: self.logger.error(logout_result['fail']) try: raise Exception( 'Could not log out. Contact support for help. Status code is {}, see log for details' .format(response['meta']['status'])) except KeyError: self.logger.error(response) raise Exception( 'Unknown error. The Mimecast server did not respond correctly, see log for details.' ) except KeyError: # Unknown key error self.logger.error(logout_result) raise Exception( 'An unhandled error response was received from the Mimecast server. Response: {}' .format(logout_result)) # Create filter dictionary filter_ = {} for key, value in params.items(): temp = util.normalize(key, value) filter_.update(temp) data = response['data'] # Create filtered list for item in filter_: data[:] = [d for d in data if d.get(item) == filter_[item]] return {'response': data}
def run(self, params={}): # Import variables from connection url = self.connection.url username = self.connection.username password = self.connection.password access_key = self.connection.access_key secret_key = self.connection.secret_key app_id = self.connection.app_id app_key = self.connection.app_key auth_type = self.connection.auth_type # Generate payload dictionary data = {} for key, value in params.items(): temp = util.normalize(key, value) data.update(temp) # Mimecast request mimecast_request = util.MimecastRequests() response = mimecast_request.mimecast_post(url=url, uri=PermitOrBlockSender._URI, username=username, password=password, auth_type=auth_type, access_key=access_key, secret_key=secret_key, app_id=app_id, app_key=app_key, data=data) # Logout logout = util.Authentication() logout_result = logout.logout(url=url, username=username, password=password, auth_type=auth_type, access_key=access_key, secret_key=secret_key, app_id=app_id, app_key=app_key) try: # Test for logout fail if logout_result['fail']: self.logger.error(logout_result['fail']) try: raise Exception( 'Could not log out. Contact support for help. Status code is {}, see log for details' .format(response['meta']['status'])) except KeyError: self.logger.error(response) raise Exception( 'Unknown error. The Mimecast server did not respond correctly, see log for details.' ) except KeyError: # Unknown key error self.logger.error(logout_result) raise Exception( 'Unknown error. The Mimecast server did not respond correctly, see log for details.' ) return {Output.RESPONSE: response['data']}
def run(self, params={}): # Import variables from connection url = self.connection.url username = self.connection.username password = self.connection.password access_key = self.connection.access_key secret_key = self.connection.secret_key app_id = self.connection.app_id app_key = self.connection.app_key auth_type = self.connection.auth_type query = params.get(Input.QUERY) source = params.get(Input.SOURCE) if query: data = {'query': query, 'source': source} else: data = {'source': source} # Mimecast request mimecast_request = util.MimecastRequests() response = mimecast_request.mimecast_post(url=url, uri=FindGroups._URI, username=username, password=password, auth_type=auth_type, access_key=access_key, secret_key=secret_key, app_id=app_id, app_key=app_key, data=data) # Logout logout = util.Authentication() logout_result = logout.logout(url=url, username=username, password=password, auth_type=auth_type, access_key=access_key, secret_key=secret_key, app_id=app_id, app_key=app_key) try: # Test for logout fail if logout_result['fail']: self.logger.error(logout_result['fail']) try: raise Exception( 'Could not log out. Contact support for help. Status code is {}, see log for details' .format(response['meta']['status'])) except KeyError: self.logger.error(response) raise Exception( 'Unknown error. The Mimecast server did not respond correctly, see log for details.' ) except KeyError: # Unknown key error self.logger.error(logout_result) raise Exception( 'Unknown error. The Mimecast server did not respond correctly, see log for details.' ) try: output = response['data'][0]['folders'] except KeyError: self.logger.error(response) raise Exception( 'The output from Mimecast was not in the expected format. Please contact support for help' ) return {Output.GROUPS: output}
def run(self, params={}): # Import variables from connection url = self.connection.url username = self.connection.username password = self.connection.password access_key = self.connection.access_key secret_key = self.connection.secret_key app_id = self.connection.app_id app_key = self.connection.app_key auth_type = self.connection.auth_type source_ips = params.get(Input.SOURCE_IPS) option = params.get(Input.OPTION) data = {'option': option} # Generate policy dictionary policy = {} for key, value in params.items(): temp = util.normalize(key, value) policy.update(temp) # Remove source_ips and option from policy as they should not be directly in that dictionary if params.get(Input.SOURCE_IPS): del policy['sourceIps'] del policy['option'] # Transform source_ips from comma delimited string to list if params.get(Input.SOURCE_IPS): source_ips = source_ips.split(',') # Add conditions dic to policy if source_ips: policy['conditions'] = {'sourceIPs': source_ips} # Add policy to data data['policy'] = policy # Mimecast request mimecast_request = util.MimecastRequests() response = mimecast_request.mimecast_post( url=url, uri=CreateBlockedSenderPolicy._URI, username=username, password=password, auth_type=auth_type, access_key=access_key, secret_key=secret_key, app_id=app_id, app_key=app_key, data=data) # Logout logout = util.Authentication() logout_result = logout.logout(url=url, username=username, password=password, auth_type=auth_type, access_key=access_key, secret_key=secret_key, app_id=app_id, app_key=app_key) try: # Test for logout fail if logout_result['fail']: self.logger.error(logout_result['fail']) try: raise Exception( 'Could not log out. Contact support for help. Status code is {}, see log for details' .format(response['meta']['status'])) except KeyError: self.logger.error(response) raise Exception( 'Unknown error. The Mimecast server did not respond correctly, see log for details.' ) except KeyError: # Unknown key error self.logger.error(logout_result) raise Exception( 'Unknown error. The Mimecast server did not respond correctly, see log for details.' ) return {Output.SENDER_POLICY: response['data']}
def run(self, params={}): # Import variables from connection url = self.connection.url username = self.connection.username password = self.connection.password access_key = self.connection.access_key secret_key = self.connection.secret_key app_id = self.connection.app_id app_key = self.connection.app_key auth_type = self.connection.auth_type from_ = params.get(Input.FROM) to_ = params.get(Input.TO) route = params.get(Input.ROUTE) scan_result = params.get(Input.SCAN_RESULT) data = {'route': route, 'scanResult': scan_result} if to_: data['to'] = to_ if from_: data['from'] = from_ # Mimecast request mimecast_request = util.MimecastRequests() response = mimecast_request.mimecast_post(url=url, uri=GetTtpUrlLogs._URI, username=username, password=password, auth_type=auth_type, access_key=access_key, secret_key=secret_key, app_id=app_id, app_key=app_key, data=data) # Logout logout = util.Authentication() logout_result = logout.logout(url=url, username=username, password=password, auth_type=auth_type, access_key=access_key, secret_key=secret_key, app_id=app_id, app_key=app_key) try: # Test for logout fail if logout_result['fail']: self.logger.error(logout_result['fail']) try: raise Exception( 'Could not log out. Contact support for help. Status code is {}, see log for details' .format(response['meta']['status'])) except KeyError: self.logger.error(response) raise Exception( 'Unknown error. The Mimecast server did not respond correctly, see log for details.' ) except KeyError: # Unknown key error self.logger.error(logout_result) raise Exception( 'Unknown error. The Mimecast server did not respond correctly, see log for details.' ) try: output = response['data'][0]['clickLogs'] except KeyError: self.logger.error(response) raise Exception( 'The output from Mimecast was not in the expected format. Please contact support for help' ) return {Output.CLICK_LOGS: output}
def run(self, params={}): # Import variables from connection url = self.connection.url username = self.connection.username password = self.connection.password access_key = self.connection.access_key secret_key = self.connection.secret_key app_id = self.connection.app_id app_key = self.connection.app_key auth_type = self.connection.auth_type id_ = params.get(Input.ID) email = params.get(Input.EMAIL_ADDRESS) domain = params.get(Input.DOMAIN) if not email and not domain: raise Exception( 'Email Address and Domain inputs can not both be blank') if email and domain: raise Exception( 'Both Email Address and Domain fields can not be used. Choose one Email Address or Domain' ) if email: data = {'id': id_, 'emailAddress': email} else: data = {'id': id_, 'domain': domain} # Mimecast request mimecast_request = util.MimecastRequests() response = mimecast_request.mimecast_post(url=url, uri=AddGroupMember._URI, username=username, password=password, auth_type=auth_type, access_key=access_key, secret_key=secret_key, app_id=app_id, app_key=app_key, data=data) # Logout logout = util.Authentication() logout_result = logout.logout(url=url, username=username, password=password, auth_type=auth_type, access_key=access_key, secret_key=secret_key, app_id=app_id, app_key=app_key) try: # Test for logout fail if logout_result['fail']: self.logger.error(logout_result['fail']) try: raise Exception( 'Could not log out. Contact support for help. Status code is {}, see log for details' .format(response['meta']['status'])) except KeyError: self.logger.error(response) raise Exception( 'Unknown error. The Mimecast server did not respond correctly, see log for details.' ) except KeyError: # Unknown key error self.logger.error(logout_result) raise Exception( 'Unknown error. The Mimecast server did not respond correctly, see log for details.' ) output = response['data'][0] return { Output.ID: output['id'], Output.FOLDER_ID: output['folderId'], Output.EMAIL_ADDRESS: output['emailAddress'], Output.INTERNAL: output['internal'] }
def run(self, params={}): # Import variables from connection url = self.connection.url access_key = self.connection.access_key secret_key = self.connection.secret_key app_id = self.connection.app_id app_key = self.connection.app_key from_ = params.get(Input.FROM) to_ = params.get(Input.TO) route = params.get(Input.ROUTE) scan_result = params.get(Input.SCAN_RESULT) url_to_filter = params.get(Input.URL_TO_FILTER) max_pages = params.get(Input.MAX_PAGES, 100) page_size = params.get(Input.PAGE_SIZE, 10) data = {'route': route, 'scanResult': scan_result} if to_: data['to'] = to_ if from_: data['from'] = from_ meta = { "pagination": { "pageSize": page_size } } if max_pages < 2: max_pages = 1 # Mimecast request mimecast_request = util.MimecastRequests() responses = [] for pages in range(max_pages): response = mimecast_request.mimecast_post(url=url, uri=GetTtpUrlLogs._URI, access_key=access_key, secret_key=secret_key, app_id=app_id, app_key=app_key, data=data, meta=meta) responses.append(response) if 'meta' not in response or \ 'pagination' not in response['meta'] or \ 'next' not in response['meta']['pagination']: break meta['pagination']['pageToken'] = response['meta']['pagination']['next'] try: output = list() if url_to_filter: for response in responses: for log in response['data'][0]['clickLogs']: if re.search(r'{}'.format(url_to_filter), log['url']): output.append(log) else: for response in responses: output.extend(response['data'][0]['clickLogs']) except (KeyError, IndexError): self.logger.error(responses) raise PluginException(cause='Unexpected output format.', assistance='The output from Mimecast was not in the expected format. Please contact support for help.', data=responses) return {Output.CLICK_LOGS: output}