示例#1
0
def on_finish(offense, summary):

    action_results = phantom.get_action_results(offense)

    phantom.debug("Action results: "+json.dumps(action_results))

    phantom.debug("Summary: " + summary)
    
    return
def on_finish(offense, summary):

    action_results = phantom.get_action_results(offense)

    phantom.debug("Action results: " + json.dumps(action_results))

    phantom.debug("Summary: " + summary)

    return
def on_finish(container, summary):

    # This function is called after all actions are completed.
    # Summary and/or action results can be collected here.
    summary_json = phantom.get_summary()
    summary_results = summary_json['result']
    for result in summary_results:
        action_run_id = result['id']
        action_results = phantom.get_action_results(action_run_id=action_run_id)
    return
def on_finish(container, summary):

    # This function is called after all actions are completed.
    # Summary and/or action results can be collected here.
    summary_json = phantom.get_summary()
    summary_results = summary_json['result']
    for result in summary_results:
        action_run_id = result['id']
        action_results = phantom.get_action_results(
            action_run_id=action_run_id)
    return
示例#5
0
def on_finish(container, summary):
    phantom.debug('on_finish() called')
    # This function is called after all actions are completed.
    # summary of all the action and/or all detals of actions
    # can be collected here.

    summary_json = phantom.get_summary()
    if 'result' in summary_json:
        for action_result in summary_json['result']:
            if 'action_run_id' in action_result:
                action_results = phantom.get_action_results(action_run_id=action_result['action_run_id'], result_data=False, flatten=False)
                phantom.debug(action_results)

    return
def on_finish(container, summary):
    phantom.debug('on_finish() called')
    # This function is called after all actions are completed.
    # summary of all the action and/or all detals of actions
    # can be collected here.
    
    lat_long = phantom.collect2(container=container, datapath=['geolocate_ip_1:action_result.data.*.latitude', 'geolocate_ip_1:action_result.data.*.longitude'])
    malicious_urls = phantom.collect2(container=container, datapath=['ip_reputation_1:action_result.data.*.detected_urls.*.url'])
    
    phantom.error("=== LAT/LONG ===")
    phantom.debug(lat_long)
    
    phantom.error("=== MALICIOUS URLS ===")
    for i in malicious_urls:
        phantom.debug(i)
    
    summary_json = phantom.get_summary()
    if 'result' in summary_json:
        for action_result in summary_json['result']:
            if 'action_run_id' in action_result:
                action_results = phantom.get_action_results(action_run_id=action_result['action_run_id'], result_data=False, flatten=False)
                phantom.debug(action_results)

    return