def __init__(self) -> None:
"""Initialize AlienVault connector."""
config = self._read_configuration()
# AlienVault connector configuration
base_url = self._get_configuration(config, self._CONFIG_BASE_URL)
api_key = self._get_configuration(config, self._CONFIG_API_KEY)
tlp = self._get_configuration(config, self._CONFIG_TLP)
tlp_marking = self._convert_tlp_to_marking_definition(tlp)
default_latest_pulse_timestamp = self._get_configuration(
config, self._CONFIG_PULSE_START_TIMESTAMP)
report_status_str = self._get_configuration(config,
self._CONFIG_REPORT_STATUS)
report_type = self._get_configuration(config, self._CONFIG_REPORT_TYPE)
report_status = self._convert_report_status_str_to_report_status_int(
report_status_str)
guess_malware = bool(
self._get_configuration(config, self._CONFIG_GUESS_MALWARE))
guess_cve = bool(
self._get_configuration(config, self._CONFIG_GUESS_CVE))
self.interval_sec = self._get_configuration(config,
self._CONFIG_INTERVAL_SEC,
is_number=True)
update_existing_data = bool(
self._get_configuration(config, self._CONFIG_UPDATE_EXISTING_DATA))
# Create OpenCTI connector helper
self.helper = OpenCTIConnectorHelper(config)
# Create AlienVault author
author = self._create_author()
# Create AlienVault client
client = AlienVaultClient(base_url, api_key)
# Create pulse importer
self.pulse_importer = PulseImporter(
self.helper,
client,
author,
tlp_marking,
update_existing_data,
default_latest_pulse_timestamp,
report_status,
report_type,
guess_malware,
guess_cve,
)
def __init__(self) -> None:
"""Initialize AlienVault connector."""
config = self._read_configuration()
# AlienVault connector configuration
base_url = self._get_configuration(config, self._CONFIG_BASE_URL)
api_key = self._get_configuration(config, self._CONFIG_API_KEY)
tlp = self._get_configuration(config, self._CONFIG_TLP)
tlp_marking = self._convert_tlp_to_marking_definition(tlp)
create_observables = self._get_configuration(
config, self._CONFIG_CREATE_OBSERVABLES)
if create_observables is None:
create_observables = self._DEFAULT_CREATE_OBSERVABLES
else:
create_observables = bool(create_observables)
create_indicators = self._get_configuration(
config, self._CONFIG_CREATE_INDICATORS)
if create_indicators is None:
create_indicators = self._DEFAULT_CREATE_INDICATORS
else:
create_indicators = bool(create_indicators)
default_latest_pulse_timestamp = self._get_configuration(
config, self._CONFIG_PULSE_START_TIMESTAMP)
report_status_str = self._get_configuration(config,
self._CONFIG_REPORT_STATUS)
report_status = self._convert_report_status_str_to_report_status_int(
report_status_str)
report_type = self._get_configuration(config, self._CONFIG_REPORT_TYPE)
if not report_type:
report_type = self._DEFAULT_REPORT_TYPE
guess_malware = bool(
self._get_configuration(config, self._CONFIG_GUESS_MALWARE))
guess_cve = bool(
self._get_configuration(config, self._CONFIG_GUESS_CVE))
excluded_pulse_indicator_types_str = self._get_configuration(
config, self._CONFIG_EXCLUDED_PULSE_INDICATOR_TYPES)
excluded_pulse_indicator_types = set()
if excluded_pulse_indicator_types_str is not None:
excluded_pulse_indicator_types_list = convert_comma_separated_str_to_list(
excluded_pulse_indicator_types_str)
excluded_pulse_indicator_types = set(
excluded_pulse_indicator_types_list)
self.interval_sec = self._get_configuration(config,
self._CONFIG_INTERVAL_SEC,
is_number=True)
update_existing_data = bool(
self._get_configuration(config, self._CONFIG_UPDATE_EXISTING_DATA))
# Create OpenCTI connector helper
self.helper = OpenCTIConnectorHelper(config)
# Create AlienVault author
author = self._create_author()
# Create AlienVault client
client = AlienVaultClient(base_url, api_key)
# Create pulse importer
self.pulse_importer = PulseImporter(
self.helper,
client,
author,
tlp_marking,
create_observables,
create_indicators,
update_existing_data,
default_latest_pulse_timestamp,
report_status,
report_type,
guess_malware,
guess_cve,
excluded_pulse_indicator_types,
)