How to use the resilient.SimpleHTTPException function in resilient
To help you get started, we’ve selected a few resilient examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
ibmresilient / resilient-community-apps / rc-data-feed / rc_data_feed / components / feed_ingest.py View on Github 
# ensure the incident is found
try:
incident = self.rest_client_helper.get("/incidents/{}".format(inc_id))
for object_type in object_type_names:
if not self.lookup.get(object_type):
LOG.error("Method for synchronization not found: %s", object_type)
else:
try:
type_info = type_info_index.get(object_type, None) # datatables will not have a type_info object at this time
sync_count = self.lookup[object_type](self.rest_client_helper, inc_id, type_info)
LOG.debug("inc_id: %s %s : %s", inc_id, object_type, sync_count)
except AttributeError:
LOG.error("Query error for synchronization method: %s", object_type)
except SimpleHTTPException:
pass:param data: Content to be added as note
:return: Response from Resilient for debug
"""
try:
uri = '/incidents/{}/comments'.format(incident_id)
resilient_client = self.rest_client()
heading = "Raw Proofpoint TRAP Event Payload:\n"
note = {
'format': 'text',
'content': '{}{}'.format(heading, pprint.pformat(data, indent=4))
}
payload = {'text': note}
comment_response = resilient_client.post(uri=uri, payload=payload)
return comment_response
except SimpleHTTPException as ex:
LOG.error("Failed to add note for incident %d: %s", incident_id, ex)
def _get_incident_fields(res_client):
try:
fields = res_client.get('/types/incident/fields')
if fields:
fields = {field["name"]: field["input_type"] for field in fields}
return fields
else:
LOG.error("Failed to get incident fields from Resilient")
raise Exception("Failed to get incident fields from Resilient")
except SimpleHTTPException as error:
LOG.exception("Failed to get incident fields from Resilient")
raise},
{
'field_name': 'plan_status',
'method': 'equals',
'value': 'A'
}
]
}],
'sorts': [{
'field_name': 'create_date',
'type': 'desc'
}]
}
try:
r_incidents = resilient_client.post(query_uri, query)
except SimpleHTTPException:
# Some versions of Resilient 30.2 onward have a bug that prevents query for numeric fields.
# To work around this issue, let's try a different query, and filter the results. (Expensive!)
query_uri = '/incidents/query?return_level=normal&field_handle={}'.format(threat_id)
query = {
'filters': [{
'conditions': [
{
'field_name': 'properties.{}'.format(idtype),
'method': 'has_a_value'
},
{
'field_name': 'plan_status',
'method': 'equals',
'value': 'A'
}
]"discovered_date": time_now}
# Create the incident
incident = client.post(uri, new_incident)
inc_id = incident["id"]
params = {
'ActionPlanGUID': ActionPlanGUID,
'Comment': "Created Resilient Incident ID #" + str(inc_id)
}
result = set_action_plan_comment(rf_opts, params)
print("Created incident {}".format(inc_id))
except resilient.SimpleHTTPException as ecode:
print("create failed : {}".format(ecode))# Construct the basic incident DTO that will be posted
inc_name = ap['RiskModelName']
inc_description = ap['Threats'] + ', ' + ap['FocusEntityCaption'] + ', #' + str(ap['ID'])
new_incident = {"name": inc_name,
"description": inc_description,
"incident_type_ids": inc_types,
"discovered_date": time_now}
# Create the incident
incident = client.post(uri, new_incident)
inc_id = incident["id"]
print("Created incident {}".format(inc_id))
except resilient.SimpleHTTPException as ecode:
print("create failed : {}".format(ecode))http_body = query_definition.vars.get("http-body")
if isinstance(http_body, string_types):
http_body = json.loads(http_body)
LOG.debug("HTTP body: %s", http_body)
session = requests.Session()
error = None
response = None
try:
response = session.request(http_method, rest_url,
headers=http_headers,
json=http_body,
verify=verify,
timeout=timeout)
if response.status_code not in [200, 201]:
raise SimpleHTTPException(response)
response = response.json()
except Exception as exc:
if not query_definition.onerror:
raise
LOG.error(exc)
error = u"{}".format(exc)
if error:
mapdata = copy.deepcopy(event_message)
mapdata.update(query_definition.vars)
mapdata.update({"query": query_definition.query})
mapdata.update({"error": error})
error_template = json.dumps({"events": [query_definition.onerror]}, indent=2)
error_rendered = template_functions.render_json(error_template, mapdata)
response = error_renderedresilient
Python client module for the IBM SOAR REST API
Package Health Score
66 / 100Popular resilient functions
- resilient.ArgumentParser
- resilient.client_w.Client
- resilient.get_client
- resilient.get_config_file
- resilient.ImportDefinition
- resilient.parse_parameters
- resilient.primitives.Barrier
- resilient.primitives.Cancellable
- resilient.primitives.Cancellable._stopped
- resilient.primitives.Cancellable.task_no
- resilient.primitives.NamedTask
- resilient.primitives.TaskId
- resilient.SimpleClient
- resilient.SimpleHTTPException