def write_to_table_command(): table_name = demisto.args()['tableName'] records = check_type(demisto.args()['records'], list) linq_base = demisto.args().get('linqLinkBase', None) creds = get_writer_creds() linq = f"from {table_name}" sender = Sender( SenderConfigSSL(address=(WRITER_RELAY, PORT), key=creds['key'].name, cert=creds['crt'].name, chain=creds['chain'].name)) for r in records: try: sender.send(tag=table_name, msg=json.dumps(r)) except TypeError: sender.send(tag=table_name, msg=f"{r}") querylink = { 'DevoTableLink': build_link(linq, int(1000 * time.time()) - 3600000, int(1000 * time.time()), linq_base=linq_base) } entry = { 'Type': entryTypes['note'], 'Contents': { 'recordsWritten': records }, 'ContentsFormat': formats['json'], 'ReadableContentsFormat': formats['markdown'], 'EntryContext': { 'Devo.RecordsWritten': records, 'Devo.LinqQuery': linq } } entry_linq = { 'Type': entryTypes['note'], 'Contents': querylink, 'ContentsFormat': formats['json'], 'ReadableContentsFormat': formats['markdown'], 'EntryContext': { 'Devo.QueryLink': createContext(querylink) } } md = tableToMarkdown('Entries to load into Devo', records) entry['HumanReadable'] = md md_linq = tableToMarkdown( 'Link to Devo Query', {'DevoTableLink': f'[Devo Direct Link]({querylink["DevoTableLink"]})'}) entry_linq['HumanReadable'] = md_linq return [entry, entry_linq]
def test_tcp_rt_send(self): """ Tests that a TCP connection and data send it is possible """ try: engine_config = SenderConfigTCP(address=(self.tcp_server, self.tcp_port)) con = Sender(engine_config) for i in range(self.default_numbers_sendings): con.send(tag=self.my_app, msg=self.test_msg) if len(con.socket.recv(5000)) == 0: raise Exception('Not msg sent!') con.close() except Exception as error: self.fail("Problems with test: %s" % error)
def test_rt_send_no_certs(self): """ Test that tries to send a message without using certificates """ if self.test_tcp == "True": try: engine_config = SenderConfigSSL(address=(self.server, self.port)) con = Sender(engine_config) for i in range(self.default_numbers_sendings): con.send(tag=self.my_app, msg=self.test_msg) con.close() except Exception as error: return False else: return True
def test_ssl_rt_send(self): """ Test that tries to send a message through a ssl connection """ try: engine_config = SenderConfigSSL(address=self.server, port=self.port, key=self.key, cert=self.cert, chain=self.chain) con = Sender(engine_config) for i in range(0, self.default_numbers_sendings): con.send(tag=self.my_app, msg='Test SSL msg_ python_sdk_ fork') con.close() except Exception as error: self.fail("Problems with test: %s" % error)
def test_tcp_rt_send(self): """ Tests that a TCP connection and data send it is possible """ if self.test_tcp == "True": try: engine_config = SenderConfigTCP(address=self.tcp_server, port=self.tcp_port) con = Sender(engine_config) for i in range(0, 1): con.send(tag=self.my_app, msg='Test TCP msg') con.close() except Exception as error: self.fail("Problems with test: %s" % error) else: return True
def test_multiline_send(self): """ Test that tries to send a multiple line message through a ssl connection """ try: engine_config = SenderConfigSSL(address=self.server, port=self.port, key=self.key, cert=self.cert, chain=self.chain) con = Sender(engine_config) with open(self.test_file, 'r') as file: content = file.read() con.send(tag=self.my_app, msg=content, multiline=True) con.close() except Exception as error: self.fail("Problems with test: %s" % error)
def test_ssl_rt_send(self): """ Test that tries to send a message through a ssl connection """ try: engine_config = SenderConfigSSL(address=(self.server, self.port), key=self.key, cert=self.cert, chain=self.chain) con = Sender(engine_config) for i in range(self.default_numbers_sendings): con.send(tag=self.my_app, msg=self.test_msg) if len(con.socket.recv(5000)) == 0: raise Exception('Not msg sent!') con.close() except Exception as error: self.fail("Problems with test: %s" % str(error))
def test_rt_send_no_certs(self): """ Test that tries to send a message without using certificates """ if self.test_tcp == "True": try: engine_config = SenderConfigSSL(address=self.tcp_server, port=self.tcp_port, cert_reqs=False) con = Sender(engine_config) for i in range(0, self.default_numbers_sendings): con.send(tag=self.my_app, msg='Test RT msg') con.close() except Exception as error: self.fail("Problems with test: %s" % error) else: return True
def lambda_handler(event, context): # Get the object from the event and show its content type bucket = event['Records'][0]['s3']['bucket']['name'] key = urllib.parse.unquote_plus(event['Records'][0]['s3']['object']['key']) try: print("File to process %s" % key) response = s3.get_object(Bucket=bucket, Key=key) body = response['Body'] data = body.read() # If the name has a .gz extension, then decompress the data if key[-3:] == '.gz': data = zlib.decompress(data, 16 + zlib.MAX_WBITS) config = Configuration("config.json") con = Sender(config=config.get("sender")) # Send json events to Devo print("Starting to send lines to Devo") counter = 0 for line in data.splitlines(): events_json = json.loads(line) for single_event in events_json["Records"]: dumped_event = json.dumps(single_event) aws_account_id = "a" if single_event.get("getuserIdentity", None) is not None: if single_event.get("getuserIdentity")\ .get("accountId", None) is not None: aws_account_id = single_event["getuserIdentity"][ "accountId"] elif single_event.get("account", None) is not None: aws_account_id = single_event["account"] elif single_event.get("recipientAccountId", None) is not None: aws_account_id = single_event["recipientAccountId"] aws_region = "b" if single_event.get("awsRegion", None) is not None: aws_region = single_event["awsRegion"] elif single_event.get("region", None) is not None: aws_region = single_event["region"] tag = "{!s}.{!s}.{!s}".format(config.get("tag"), aws_account_id, aws_region) counter += con.send(tag=encode(tag), msg=encode(dumped_event), zip=False) con.close() print("Finished sending lines to Devo (%d)" % counter) except Exception as e: print(e) print("Error getting file '%s' from bucket '%s'. Make sure they \ exist and your bucket is in the same region as this function." % (key, bucket))
def test_ssl_rt_send(self): """ Test that tries to send a message through a ssl connection """ try: engine_config = SenderConfigSSL(address=(self.server, self.port), key=self.key, cert=self.cert, chain=self.chain, check_hostname=False, verify_mode=CERT_NONE) con = Sender(engine_config) for i in range(self.default_numbers_sendings): con.send(tag=self.my_app, msg=self.test_msg) data_received = con.socket.recv(5000) print(b"\n" + data_received) if len(data_received) == 0: raise Exception('Not msg sent!') con.close() except Exception as error: self.fail("Problems with test: %s" % str(error))
def test_ssl_zip_send(self): """ Test that tries to send a message through a ssl connection """ try: engine_config = SenderConfigSSL(address=self.server, port=self.port, key=self.key, cert=self.cert, chain=self.chain) con = Sender(engine_config, sockettimeout=15) for i in range(self.default_numbers_sendings): con.send(tag=self.my_bapp, msg=self.test_msg.encode("utf-8"), zip=True) con.flush_buffer() if len(con.socket.recv(1000)) == 0: raise Exception('Not msg sent!') con.close() except Exception as error: self.fail("Problems with test: %s" % error)
def test_multiline_send(self): """ Test that tries to send a multiple line message through a ssl connection """ try: engine_config = SenderConfigSSL(address=(self.server, self.port), key=self.key, cert=self.cert, chain=self.chain, check_hostname=False, verify_mode=CERT_NONE) con = Sender(engine_config) with open(self.test_file, 'r') as file: content = file.read() con.send(tag=self.my_app, msg=content, multiline=True) con.flush_buffer() data_received = con.socket.recv(5000) print(b"\n" + data_received) if len(data_received) == 0: raise Exception('Not msg sent!') con.close() except Exception as error: self.fail("Problems with test: %s" % error)
def lambda_handler(event, context): # Get the object from the event and show its content type bucket = event['Records'][0]['s3']['bucket']['name'] key = urllib.parse.unquote_plus(event['Records'][0]['s3']['object']['key']) try: print("File to process %s" % key) response = s3.get_object(Bucket=bucket, Key=key) body = response['Body'] data = body.read() ###### START: From this point until END, you need to ###### carefully review the code to make sure all ###### variables match your environment. # If the name has a .gz extension, then decompress the data if key[-3:] == '.gz': data = zlib.decompress(data, 16 + zlib.MAX_WBITS) config = Configuration("config.json") con = Sender(config=config.get("sender")) # Send json events to Devo print("Starting to send lines to Devo") counter = 0 for line in data.splitlines(): events_json = json.loads(line) for single_event in events_json["Records"]: counter += con.send(tag=encode(config.get("tag")), msg=encode(json.dumps(single_event)), zip=False) con.close() print("Finished sending lines to Devo (%d)" % counter) ###### END of code containing key variables. except Exception as e: print(e) print("Error getting file '%s' from bucket '%s'. Make sure they \ exist and your bucket is in the same region as this function." % (key, bucket))
import os from devo.sender import Sender, SenderConfigSSL server = "us.elb.relay.logtrust.net" port = 443 key = os.getenv('DEVO_SENDER_KEY') cert = os.getenv('DEVO_SENDER_CERT') chain = os.getenv('DEVO_SENDER_CHAIN') file = "".join((os.path.dirname(os.path.abspath(__file__)), os.sep, "example_data", os.sep, "example.csv")) engine_config = SenderConfigSSL(address=(server, port), key=key, cert=cert, chain=chain) con = Sender(engine_config) with open(file) as f: for line in f: con.send(tag="my.app.sdk.example", msg=line) con.close()
}, address="https://apiv2-eu.devo.com/search/query", config=ClientConfig(response="json/simple/compact", stream=True, processor=SIMPLECOMPACT_TO_OBJ)) response = api.query(query="from demo.ecommerce.data select *", dates={ 'from': "today()-1*day()", 'to': "today()" }) server = "us.elb.relay.logtrust.net" port = 443 key = os.getenv('DEVO_SENDER_KEY') cert = os.getenv('DEVO_SENDER_CERT') chain = os.getenv('DEVO_SENDER_CHAIN') engine_config = SenderConfigSSL(address=(server, port), key=key, cert=cert, chain=chain) con = Sender(engine_config) for item in response: con.send(tag="my.app.sdk.api", msg="{!s} - {!s}".format(item.get("eventdate"), item.get("method"))) con.close()
import os from devo.sender import Sender, SenderConfigSSL server = "us.elb.relay.logtrust.net" port = 443 key = os.getenv('DEVO_SENDER_KEY') cert = os.getenv('DEVO_SENDER_CERT') chain = os.getenv('DEVO_SENDER_CHAIN') engine_config = SenderConfigSSL(address=(server, port), key=key, cert=cert, chain=chain) con = Sender(engine_config) for _ in range(1000): con.send(tag="my.app.sdk.example", msg="Hello world", zip=True) # Its important fill the buffer ever con.fill_buffer() con.close()
import os from devo.sender import Sender, SenderConfigSSL server = "us.elb.relay.logtrust.net" port = 443 key = os.getenv('DEVO_SENDER_KEY') cert = os.getenv('DEVO_SENDER_CERT') chain = os.getenv('DEVO_SENDER_CHAIN') engine_config = SenderConfigSSL(address=(server, port), key=key, cert=cert, chain=chain) con = Sender(engine_config) for index in range(10): con.send(tag="my.app.sdk.example", msg="Hello world {!s}".format(index)) con.close()