def _handle_lookup_url(self, param): action_result = ActionResult(dict(param)) self.add_action_result(action_result) # check for required input param url = param["url"] # build full REST endpoint with Auth signature # make GET request to CTIX OpenAPI try: endpoint = "/search/?Expires={}&AccessID={}&Signature={}&url={}".format( self._expires, self._access_id, self._generate_signature(self._access_id, self._secret_key, self._expires), url) status_code, response = self._make_request( "GET", "{}{}".format(self._baseurl, endpoint), self._verify, action_result) except Exception as e: err_msg = self._get_error_message_from_exception(e) self.save_progress(CYWARE_GET_REQ_FAILED.format(err_msg)) return action_result.set_status( phantom.APP_ERROR, "URL Lookup failed. {}".format(err_msg)) if phantom.is_fail(status_code): return action_result.get_status() # check response status_code if status_code == 200: try: if isinstance(response, list): response = response[0] if not isinstance(response, dict): return action_result.set_status( phantom.APP_ERROR, CYWARE_RESP_FROM_SERVER_NOT_JSON) # commit action_result action_result.set_summary({"message": response['message']}) action_result.add_data(response) self.save_progress(phantom.APP_SUCCESS, "URL Lookup Successful") return action_result.set_status(phantom.APP_SUCCESS, "URL Lookup Successful") except Exception as e: err_msg = self._get_error_message_from_exception(e) self.save_progress( CYWARE_ADDING_RESP_DATA_TO_ACTION_RESULT_FAILED.format( err_msg)) return action_result.set_status( phantom.APP_ERROR, CYWARE_ADDING_RESP_DATA_TO_ACTION_RESULT_FAILED.format( err_msg)) else: self.save_progress( CYWARE_GET_REQ_FAILED_WITH_NON_200_STATUS.format(status_code)) return action_result.set_status( phantom.APP_ERROR, CYWARE_GET_REQ_FAILED_WITH_NON_200_STATUS.format(status_code))
def _convert_dict_to_results(input_results): import phantom.app as phantom from phantom.action_result import ActionResult action_results = [] for i, item in enumerate(input_results): r = ActionResult() setattr(r, '_ActionResult__status_code', item['status'] == phantom.APP_SUCCESS_STR and phantom.APP_SUCCESS or phantom.APP_ERROR) setattr(r, '_ActionResult__status_message', item['message']) r.get_data().extend(item['data']) r.set_summary(item['summary']) r.set_param(item['parameter']) r.offset = i action_results.append(r) return action_results
def _lookup_ip(self, param): action_result = ActionResult(dict(param)) self.add_action_result(action_result) ip = param.get('ip') port = int(param.get('port', 137)) timeout = int(param.get('timeout', 30)) if not ip: return action_result.set_status(phantom.APP_ERROR, "IP must be provided.") nb = NetBIOS() hosts = nb.queryIPForName(ip, port, timeout) if hosts is None: return action_result.set_status(phantom.APP_ERROR, "Request timed out.") if hosts: action_result.set_summary({"hosts": len(hosts)}) action_result.add_data({"hostnames": hosts}) return action_result.set_status(phantom.APP_SUCCESS) else: return action_result.set_status(phantom.APP_ERROR, "Lookup failed.")