def analyze_threat(threat_id: str, threat: dict = None):
_logger.info(f'incoming threat: {threat_id}')
try:
if not threat:
threat = get_threat(threat_id)
if not filter_threat(threat):
_logger.info(f'threat {threat_id} is been filtered')
return
threat_info = threat['threatInfo']
file_hash = threat_info.get('sha256') or threat_info.get('sha1') or threat_info.get('md5')
analysis = None
if file_hash:
_logger.debug(f'trying to analyze by hash {file_hash}')
try:
analysis = FileAnalysis(file_hash=file_hash)
analysis.send()
except errors.HashDoesNotExistError:
_logger.debug(f'hash {file_hash} not found on server, fetching the file from endpoint')
analysis = None
if not analysis:
analysis = analyze_by_file(threat_id)
analysis.send(requester='s1')
_logger.debug('waiting for analysis completion')
analysis.wait_for_completion()
_logger.debug('analysis completed')
send_note(threat_id, analysis)
except Exception as ex:
_logger.exception(f'failed to process threat {threat_id}')
send_failure_note(str(ex), threat_id)
def test_send_analysis_by_file_sent_analysis_without_wait_and_get_status_finish(
self):
# Arrange
with responses.RequestsMock() as mock:
mock.add('POST',
url=self.full_url + '/analyze',
status=201,
json={'result_url': 'a/sd/asd'})
mock.add('GET',
url=self.full_url + '/analyses/asd',
status=200,
json={
'result': 'report',
'status': 'succeeded'
})
analysis = FileAnalysis(file_path='a')
with patch(self.patch_prop, mock_open(read_data='data')):
# Act
analysis.send()
analysis.wait_for_completion()
# Assert
self.assertEqual(analysis.status, consts.AnalysisStatusCode.FINISH)
def send_file_without_wait(file_path):
api.set_global_api('<api_key>')
analysis = FileAnalysis(file_path=file_path)
analysis.send()
analysis.wait_for_completion()
pprint(analysis.result())
def analysis_by_hash_without_wait(file_hash: str):
api.set_global_api('<api_key>')
analysis = FileAnalysis(file_hash=file_hash)
analysis.send()
analysis.wait_for_completion()
pprint(analysis.result())
