How to use the cbapi.errors.InvalidObjectError function in cbapi
To help you get started, we’ve selected a few cbapi examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
carbonblack / cbapi-python / src / cbapi / psc / threathunter / models.py View on Github 
def validate(self):
"""Validates this report's state.
:raise InvalidObjectError: if the report's state is invalid
"""
super(Report, self).validate()
if self.link and not validators.url(self.link):
raise InvalidObjectError("link should be a valid URL")
if self.iocs_v2:
[ioc.validate() for ioc in self._iocs_v2]def ignore(self):
"""Sets the ignore status on this report.
Only watchlist reports have an ignore status.
:raises InvalidObjectError: if `id` is missing or this report is not from a watchlist
"""
if not self.id:
raise InvalidObjectError("missing Report ID")
if not self._from_watchlist:
raise InvalidObjectError("ignoring only applies to watchlist reports")
url = "/threathunter/watchlistmgr/v3/orgs/{}/reports/{}/ignore".format(
self._cb.credentials.org_key,
self.id
)
self._cb.put_object(url, None)def delete(self):
"""Deletes this feed from the ThreatHunter server.
:raise InvalidObjectError: if `id` is missing
"""
if not self.id:
raise InvalidObjectError("missing feed ID")
url = "/threathunter/feedmgr/v2/orgs/{}/feeds/{}".format(
self._cb.credentials.org_key,
self.id
)
self._cb.delete_object(url)def replace_reports(self, reports):
"""Replace this feed's reports with the given reports.
:param reports: the reports to replace with
:type reports: list(:py:class:`Report`)
:raise InvalidObjectError: if `id` is missing
"""
if not self.id:
raise InvalidObjectError("missing feed ID")
rep_dicts = [report._info for report in reports]
body = {"reports": rep_dicts}
url = "/threathunter/feedmgr/v2/orgs/{}/feeds/{}/reports".format(
self._cb.credentials.org_key,
self.id
)
self._cb.post_object(url, body)def ignore(self):
"""Sets the ignore status on this IOC.
Only watchlist IOCs have an ignore status.
:raises InvalidObjectError: if `id` is missing or this IOC is not from a watchlist
"""
if not self.id:
raise InvalidObjectError("missing Report ID")
if not self._report_id:
raise InvalidObjectError("ignoring only applies to watchlist IOCs")
url = "/threathunter/watchlistmgr/v3/orgs/{}/reports/{}/iocs/{}/ignore".format(
self._cb.credentials.org_key,
self._report_id,
self.id
)
self._cb.put_object(url, None):raise InvalidObjectError: if the IOC structure's state is invalid
"""
super(IOC, self).validate()
for md5 in self.md5:
if not validators(md5):
raise InvalidObjectError("invalid MD5 checksum: {}".format(md5))
for ipv4 in self.ipv4:
if not validators(ipv4):
raise InvalidObjectError("invalid IPv4 address: {}".format(ipv4))
for ipv6 in self.ipv6:
if not validators(ipv6):
raise InvalidObjectError("invalid IPv6 address: {}".format(ipv6))
for dns in self.dns:
if not validators(dns):
raise InvalidObjectError("invalid domain: {}".format(dns))
for query in self.query:
if not self._cb.validate(query["search_query"]):
raise InvalidObjectError("invalid search query: {}".format(query["search_query"]))def enable_tags(self):
"""Enable tagging for this watchlist.
:raise InvalidObjectError: if `id` is missing
"""
if not self.id:
raise InvalidObjectError("missing Watchlist ID")
url = "/threathunter/watchlistmgr/v3/orgs/{}/watchlists/{}/tag".format(
self._cb.credentials.org_key,
self.id
)
self._cb.put_object(url, None)def ignored(self):
"""Returns whether or not this IOC is ignored
>>> if ioc.ignored:
... ioc.unignore()
:return: the ignore status
:rtype: bool
:raise InvalidObjectError: if this IOC is missing an `id` or is not a watchlist IOC
"""
if not self.id:
raise InvalidObjectError("missing IOC ID")
if not self._report_id:
raise InvalidObjectError("ignore status only applies to watchlist IOCs")
url = "/threathunter/watchlistmgr/v3/orgs/{}/reports/{}/iocs/{}/ignore".format(
self._cb.credentials.org_key,
self._report_id,
self.id
)
resp = self._cb.get_object(url)
return resp["ignored"]def download_url(self, expiration_seconds=3600):
"""Returns a URL that can be used to download the file
for this binary. Returns None if no download can be found.
:param expiration_seconds: How long the download should be valid for
:raise InvalidObjectError: if URL retrieval should be retried
:return: A pre-signed AWS download URL
:rtype: str
"""
downloads = self._cb.select(Downloads, [self.sha256],
expiration_seconds=expiration_seconds)
if self.sha256 in downloads.not_found:
return None
elif self.sha256 in downloads.error:
raise InvalidObjectError("{} should be retried".format(self.sha256))
else:
return next((item.url
for item in downloads.found
if self.sha256 == item.sha256), None)def unignore(self):
"""Removes the ignore status on this IOC.
Only watchlist IOCs have an ignore status.
:raises InvalidObjectError: if `id` is missing or this IOC is not from a watchlist
"""
if not self.id:
raise InvalidObjectError("missing Report ID")
if not self._report_id:
raise InvalidObjectError("ignoring only applies to watchlist IOCs")
url = "/threathunter/watchlistmgr/v3/orgs/{}/reports/{}/iocs/{}/ignore".format(
self._cb.credentials.org_key,
self._report_id,
self.id
)
self._cb.delete_object(url)
Popular cbapi functions
- cbapi.CbApi
- cbapi.errors.ApiError
- cbapi.errors.InvalidObjectError
- cbapi.errors.ServerError
- cbapi.example_helpers.build_cli_parser
- cbapi.example_helpers.eprint
- cbapi.example_helpers.get_cb_defense_object
- cbapi.example_helpers.get_cb_psc_object
- cbapi.example_helpers.get_cb_response_object
- cbapi.example_helpers.get_cb_threathunter_object
- cbapi.models.UnrefreshableModel
- cbapi.psc.livequery.rest_api.CbLiveQueryAPI
- cbapi.psc.rest_api.CbPSCBaseAPI
- cbapi.response.CbEnterpriseResponseAPI
- cbapi.response.models.Binary
- cbapi.response.models.Process
- cbapi.response.models.Sensor
- cbapi.six
- cbapi.six.iteritems
- cbapi.six.moves.urllib.parse