def populate_indicator_actions(drop): """ Populate default set of Indicator Actions into the system. :param drop: Drop the existing collection before trying to populate. :type: boolean """ # define your indicator actions here actions = ['Blocked Outbound At Firewall', 'Blocked Outbound At Desktop Firewall'] if drop: IndicatorAction.drop_collection() if len(IndicatorAction.objects()) < 1: for action in actions: ia = IndicatorAction() ia.name = action ia.save() print "Indicator Actions: added %s actions!" % len(actions) else: print "Indicator Actions: existing documents detected. skipping!"
def populate_indicator_actions(drop): """ Populate default set of Indicator Actions into the system. :param drop: Drop the existing collection before trying to populate. :type: boolean """ # define your indicator actions here actions = ['Blocked Outbound At Firewall', 'Blocked Outbound At Desktop Firewall'] if drop: IndicatorAction.drop_collection() if len(IndicatorAction.objects()) < 1: for action in actions: ia = IndicatorAction() ia.name = action ia.save() print "Indicator Actions: added %s actions!" % len(actions) else: print "Indicator Actions: existing documents detected. skipping!"
def add_new_indicator_action(action, analyst): """ Add a new indicator action to CRITs. :param action: The action to add to CRITs. :type action: str :param analyst: The user adding this action. :returns: True, False """ action = action.strip() try: idb_action = IndicatorAction.objects(name=action).first() if idb_action: return False idb_action = IndicatorAction() idb_action.name = action idb_action.save(username=analyst) return True except ValidationError: return False
def add_new_indicator_action(action, analyst): """ Add a new indicator action to CRITs. :param action: The action to add to CRITs. :type action: str :param analyst: The user adding this action. :returns: True, False """ action = action.strip() try: idb_action = IndicatorAction.objects(name=action).first() if idb_action: return False idb_action = IndicatorAction() idb_action.name = action idb_action.save(username=analyst) return True except ValidationError: return False