def analyze_threat(threat_id: str, threat: dict = None): _logger.info(f'incoming threat: {threat_id}') try: if not threat: threat = get_threat(threat_id) if not filter_threat(threat): _logger.info(f'threat {threat_id} is been filtered') return threat_info = threat['threatInfo'] file_hash = threat_info.get('sha256') or threat_info.get('sha1') or threat_info.get('md5') analysis = None if file_hash: _logger.debug(f'trying to analyze by hash {file_hash}') try: analysis = FileAnalysis(file_hash=file_hash) analysis.send() except errors.HashDoesNotExistError: _logger.debug(f'hash {file_hash} not found on server, fetching the file from endpoint') analysis = None if not analysis: analysis = analyze_by_file(threat_id) analysis.send(requester='s1') _logger.debug('waiting for analysis completion') analysis.wait_for_completion() _logger.debug('analysis completed') send_note(threat_id, analysis) except Exception as ex: _logger.exception(f'failed to process threat {threat_id}') send_failure_note(str(ex), threat_id)
def test_send_analysis_by_file_sent_analysis_without_wait_and_get_status_finish( self): # Arrange with responses.RequestsMock() as mock: mock.add('POST', url=self.full_url + '/analyze', status=201, json={'result_url': 'a/sd/asd'}) mock.add('GET', url=self.full_url + '/analyses/asd', status=200, json={ 'result': 'report', 'status': 'succeeded' }) analysis = FileAnalysis(file_path='a') with patch(self.patch_prop, mock_open(read_data='data')): # Act analysis.send() analysis.wait_for_completion() # Assert self.assertEqual(analysis.status, consts.AnalysisStatusCode.FINISH)
def send_file_without_wait(file_path): api.set_global_api('<api_key>') analysis = FileAnalysis(file_path=file_path) analysis.send() analysis.wait_for_completion() pprint(analysis.result())
def analysis_by_hash_without_wait(file_hash: str): api.set_global_api('<api_key>') analysis = FileAnalysis(file_hash=file_hash) analysis.send() analysis.wait_for_completion() pprint(analysis.result())