How to use the cbapi.six.iteritems function in cbapi

To help you get started, we’ve selected a few cbapi examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github carbonblack / cbapi-python / src / cbapi / response / models.py View on Github external
def where(self, new_query):
        nq = super(SensorQuery, self).where(new_query)
        for k, v in iteritems(nq._query):
            if k not in SensorQuery.valid_field_names:
                nq._query = {}
                raise ValueError("Field name must be one of: {0:s}".format(", ".join(SensorQuery.valid_field_names)))

        return nq
github carbonblack / cbapi-python / src / cbapi / oldmodels.py View on Github external
def reset(self):
        for k, v in iteritems(self._dirty_attributes):
            self._info[k] = v

        self._dirty_attributes = {}
github carbonblack / cbapi-python / src / cbapi / response / models.py View on Github external
0x00010000: 'DELETE',
    0x00000001: 'PROCESS_TERMINATE',
    0x00000002: 'PROCESS_CREATE_THREAD',
    0x00000004: 'PROCESS_SET_SESSIONID',
    0x00000008: 'PROCESS_VM_OPERATION',
    0x00000010: 'PROCESS_VM_READ',
    0x00000020: 'PROCESS_VM_WRITE',
    0x00000040: 'PROCESS_DUP_HANDLE',
    0x00000080: 'PROCESS_CREATE_PROCESS',
    0x00000100: 'PROCESS_SET_QUOTA',
    0x00000200: 'PROCESS_SET_INFORMATION',
    0x00000400: 'PROCESS_QUERY_INFORMATION',
    0x00000800: 'PROCESS_SUPEND_RESUME',
    0x00001000: 'PROCESS_QUERY_LIMITED_INFORMATION'
}
r_windows_rights_dict = dict((value, key) for key, value in iteritems(windows_rights_dict))


@total_ordering
@python_2_unicode_compatible
class CbEvent(object):
    def __init__(self, parent_process, timestamp, sequence, event_data):
        self.timestamp = timestamp
        self.parent = parent_process
        self.sequence = sequence
        self.__dict__.update(event_data)

        self.event_type = u'Generic Cb event'
        self.stat_titles = ['timestamp']

    def __lt__(self, other):
        return self.timestamp < other.timestamp
github carbonblack / cbapi-python / examples / protection / virus_total_connector.py View on Github external
n.type = "malicious_file"
        elif positivesPerc > self.potential_threshold:
            n.analysisResult = Notification.ResultPotentialThreat
            n.severity = "high"
            n.type = "potential_risk_file"
        else:
            n.analysisResult = Notification.ResultClean
            n.severity = "low"
            n.type = "clean_file"

        n.externalUrl = scanResults.get('permalink')

        # Enumerate scan results that have detected the issue and build our
        # 'malwareName' string for the notification
        scans = scanResults.get("scans", {})
        malware_type = [k + ":" + v["result"] for k, v in iteritems(scans) if v["detected"]]
        malware_name = [v["result"] for k, v in iteritems(scans) if v["detected"]]

        n.malwareType = "; ".join(malware_type[:4])
        n.malwareName = "; ".join(malware_name[:4])

        if len(malware_type) > 4:
            n.malwareName += "..."
            n.malwareType += "..."

        # Send notification
        n.save()

        if binary.fileHash in self.awaiting_results:
            del self.awaiting_results[binary.fileHash]

        log.info("VT analysis for %s completed. VT result is %d%% malware (%s). Reporting status: %s"
github carbonblack / cbapi-python / src / cbapi / query.py View on Github external
def _match_query(self, i):
        for k, v in iteritems(self._query):
            if isinstance(v, six.string_types):
                v = v.lower()
            target = getattr(i, k, None)
            if target is None:
                return False
            if str(target).lower() != v:
                return False
        return True