Merge branch 'refs/heads/add-xsoar'

TheShellLand · Jul 2, 2024 · 3a7001c · 3a7001c
2 parents 6e73e6e + c7c39e9
commit 3a7001c
Show file tree

Hide file tree

Showing 16 changed files with 177 additions and 10 deletions.
diff --git a/README.md b/README.md
@@ -49,7 +49,7 @@ Github issues and feature requests welcomed.
 | Logging         | sentryio                                                    |
 | MacOS           | airport<br/>macchanger<br/>wdutil                           |
 | Python          | logging<br/>requests                                        |
-| SOAR            | swimlane<br/>splunk soar                                    |
+| SOAR            | swimlane<br/>splunk soar<br/>xsoar                          |
 | Recon           | nmap                                                        |
 | Test Automation | selenium                                                    |
 

diff --git a/automon/integrations/requestsWrapper/client.py b/automon/integrations/requestsWrapper/client.py
@@ -15,10 +15,10 @@ def __init__(self, url: str = None, data: dict = None, headers: dict = None,
 
         self.config = config or RequestsConfig()
 
-        self.url = url
-        self.data = data
-        self.errors = None
-        self.headers = headers
+        self.url: str = url
+        self.data: dict = data
+        self.errors: bytes = b''
+        self.headers: dict = headers
         self.response = None
         self.requests = requests
         self.session = self.requests.Session()
@@ -122,6 +122,8 @@ async def get(
             if self.status_code == 200:
                 return True
 
+            self.errors = self.content
+
             return False
         except Exception as e:
             self.errors = e
@@ -151,6 +153,8 @@ async def patch(
             if self.status_code == 200:
                 return True
 
+            self.errors = self.content
+
             return False
         except Exception as e:
             self.errors = e
@@ -180,6 +184,8 @@ async def post(
             if self.status_code == 200:
                 return True
 
+            self.errors = self.content
+
             return False
         except Exception as e:
             self.errors = e
@@ -209,6 +215,8 @@ async def put(
             if self.status_code == 200:
                 return True
 
+            self.errors = self.content
+
             return False
         except Exception as e:
             self.errors = e

diff --git a/automon/integrations/requestsWrapper/rest.py b/automon/integrations/requestsWrapper/rest.py
@@ -6,6 +6,7 @@
 logger = log.logging.getLogger(__name__)
 logger.setLevel(log.DEBUG)
 
+
 class BaseRestClient:
     requests: RequestsClient
     config: RequestsConfig

diff --git a/automon/integrations/requestsWrapper/tests/test_rest.py b/automon/integrations/requestsWrapper/tests/test_rest.py
@@ -9,7 +9,7 @@
 class Client(unittest.TestCase):
     def test_get(self):
         self.assertTrue(asyncio.run(r.get('https://1.1.1.1')))
-        self.assertTrue(r.requests.get('https://1.1.1.1'))
+        self.assertTrue(asyncio.run(r.requests.get('https://1.1.1.1')))
         self.assertFalse(asyncio.run(r.get('x://127.0.0.1')))
 
 

diff --git a/automon/integrations/requestsWrapper/tests/test_rest_inherit.py b/automon/integrations/requestsWrapper/tests/test_rest_inherit.py
@@ -4,16 +4,16 @@
 from automon.integrations.requestsWrapper.rest import BaseRestClient
 
 
-class Test(BaseRestClient):
+class Inherit(BaseRestClient):
 
     def __init__(self):
-        BaseRestClient.__init__(self)
+        super().__init__()
         pass
 
 
 class Client(unittest.TestCase):
     def test_get(self):
-        self.assertTrue(asyncio.run(Test().get(url='https://1.1.1.1')))
+        self.assertTrue(asyncio.run(Inherit().get(url='https://1.1.1.1')))
 
 
 if __name__ == '__main__':

diff --git a/automon/integrations/seleniumWrapper/webdriver_chrome.py b/automon/integrations/seleniumWrapper/webdriver_chrome.py
@@ -56,7 +56,7 @@ def chromedriver_path(self):
             if os.path.exists(path):
                 return path
 
-        logger.error('missing SELENIUM_CHROMEDRIVER_PATH')
+        raise Exception('missing SELENIUM_CHROMEDRIVER_PATH')
 
     @property
     def chromedriverVersion(self):

diff --git a/automon/integrations/xsoar/__init__.py b/automon/integrations/xsoar/__init__.py
@@ -0,0 +1,2 @@
+from .client import XSOARClient
+from .config import XSOARConfig
diff --git a/automon/integrations/xsoar/client.py b/automon/integrations/xsoar/client.py
@@ -0,0 +1,68 @@
+from automon.log import logging
+from automon.integrations.requestsWrapper import RequestsClient
+
+from .config import XSOARConfig
+from .endpoints import v1
+
+logger = logging.getLogger(__name__)
+logger.setLevel(level=logging.DEBUG)
+
+
+class XSOARClient(object):
+    """XSOAR REST API client
+
+    referenc: https://cortex-panw.stoplight.io/docs/cortex-xsoar-8/kjn2q21a7yrbm-get-started-with-cortex-xsoar-8-ap-is
+    """
+
+    def __init__(
+            self,
+            host: str = None,
+            api_key: str = None,
+            api_key_id: str = None,
+            config: XSOARConfig = None
+    ):
+        self.config = config or XSOARConfig(host=host, api_key=api_key, api_key_id=api_key_id)
+        self._requests = RequestsClient()
+
+    async def is_ready(self):
+        if self.config.is_ready():
+            return True
+        return False
+
+    async def auth(self):
+        return
+
+    @property
+    def errors(self):
+        return self._requests.errors
+
+    async def get(self, endpoint: str):
+        logger.info(dict(
+            endpoint=f'{self.config.host}/{endpoint}'
+        ))
+        response = await self._requests.get(url=f'{self.config.host}/{endpoint}', headers=self.config.headers)
+
+        if response:
+            return response
+
+        logger.error(self.errors)
+        raise Exception(self.errors)
+
+    async def post(self, endpoint: str):
+        logger.info(dict(
+            endpoint=f'{self.config.host}/{endpoint}'
+        ))
+        response = self._requests.post(url=f'{self.config.host}/{endpoint}', headers=self.config.headers)
+
+        if response:
+            return response
+
+        logger.error(self.errors)
+        raise Exception(self.errors)
+
+    async def reports(self):
+        reports = await self.get(endpoint=v1.Reports.reports)
+        logger.info(dict(
+            reports=self._requests.content
+        ))
+        return reports
diff --git a/automon/integrations/xsoar/config.py b/automon/integrations/xsoar/config.py
@@ -0,0 +1,41 @@
+from automon import environ
+from automon.log import logging
+
+logger = logging.getLogger(__name__)
+logger.setLevel(level=logging.DEBUG)
+
+
+class XSOARConfig(object):
+    """XSOAR REST API client config"""
+
+    def __init__(
+            self,
+            host: str = None,
+            api_key: str = None,
+            api_key_id: str = None
+    ):
+        self.host = host or environ('XSOAR_FQDN')
+        self.api_key = api_key or environ('XSOAR_API_KEY')
+        self.api_key_id = api_key_id or environ('XSOAR_API_KEY_ID')
+
+    def is_ready(self) -> bool:
+        if not self.host:
+            logger.error(f'missing XSOAR_FQDN')
+
+        if not self.api_key:
+            logger.error(f'missing XSOAR_API_KEY')
+
+        if not self.api_key_id:
+            logger.error(f'missing XSOAR_API_KEY_ID')
+
+        if self.host and self.api_key and self.api_key_id:
+            return True
+        return False
+
+    @property
+    def headers(self):
+        return {
+            'Authorization': f'{self.api_key}',
+            'x-xdr-auth-id': f'{self.api_key_id}',
+            "Content-Type": "application/json"
+        }
diff --git a/automon/integrations/xsoar/endpoints/__init__.py b/automon/integrations/xsoar/endpoints/__init__.py
diff --git a/automon/integrations/xsoar/endpoints/v1.py b/automon/integrations/xsoar/endpoints/v1.py
@@ -0,0 +1,9 @@
+class V1:
+    xsoar: str = 'xsoar'
+    public: str = f'{xsoar}/public'
+    v1: str = f'{public}/v1'
+
+
+class Reports:
+    """xsoar/public/v1/reports"""
+    reports: str = f'{V1.v1}/reports'
diff --git a/automon/integrations/xsoar/tests/__init__.py b/automon/integrations/xsoar/tests/__init__.py
diff --git a/automon/integrations/xsoar/tests/test_client_auth.py b/automon/integrations/xsoar/tests/test_client_auth.py
@@ -0,0 +1,17 @@
+import asyncio
+import unittest
+
+from automon.integrations.xsoar import XSOARClient
+
+
+class MyTestCase(unittest.TestCase):
+    test = XSOARClient()
+
+    if asyncio.run(test.is_ready()):
+        def test_auth(self):
+            result = asyncio.run(self.test.reports())
+            pass
+
+
+if __name__ == '__main__':
+    unittest.main()
diff --git a/automon/integrations/xsoar/tests/test_config.py b/automon/integrations/xsoar/tests/test_config.py
@@ -0,0 +1,15 @@
+import unittest
+
+from automon.integrations.xsoar import XSOARConfig
+
+
+class MyTestCase(unittest.TestCase):
+    test = XSOARConfig()
+
+    if test.is_ready():
+        def test_config(self):
+            self.assertTrue(self.test.is_ready())
+
+
+if __name__ == '__main__':
+    unittest.main()
diff --git a/env-example.sh b/env-example.sh
@@ -147,3 +147,8 @@ VDS_PASSWORD=
 
 # Wdutil
 WDUTIL_PASSWORD=
+
+# XSOAR
+XSOAR_FQDN=
+XSOAR_API_KEY=
+XSOAR_API_KEY_ID=
diff --git a/requirements.txt b/requirements.txt
@@ -56,6 +56,7 @@ pytz>=2021.1
 
 # selenium
 selenium>=3.141.0
+beautifulsoup4>=4.10.0
 
 # sentry.io
 sentry-sdk>=1.5.1
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		from .client import XSOARClient
		from .config import XSOARConfig