├── .complianceignore
├── .github
└── workflows
│ ├── build-modules.yml
│ ├── checks.yml
│ ├── generate-modules-list.yml
│ ├── test_linting.yml
│ └── test_results.yml
├── .gitignore
├── 1Password
├── CHANGELOG.md
├── Dockerfile
├── connector_1password_epm.json
├── logo.png
├── main.py
├── manifest.json
├── onepassword_modules
│ ├── __init__.py
│ ├── client
│ │ ├── __init__.py
│ │ └── auth.py
│ ├── connector_1password_epm.py
│ ├── metrics.py
│ └── models.py
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ └── test_1password_epm_connector.py
└── trigger_1password_epm.json
├── AWS
├── CHANGELOG.md
├── Dockerfile
├── aws_helpers
│ ├── __init__.py
│ ├── base.py
│ ├── s3_wrapper.py
│ ├── sqs_wrapper.py
│ └── utils.py
├── connector_s3_cloudfront.json
├── connector_s3_flowlogs.json
├── connector_s3_flowlogs_parquet.json
├── connector_s3_logs.json
├── connector_s3_ocsf.json
├── connector_s3_records.json
├── connector_sqs_messages.json
├── connectors
│ ├── __init__.py
│ ├── metrics.py
│ ├── s3
│ │ ├── __init__.py
│ │ ├── logs
│ │ │ ├── __init__.py
│ │ │ ├── base.py
│ │ │ ├── trigger_cloudtrail_logs.py
│ │ │ └── trigger_flowlog_records.py
│ │ ├── trigger_s3_cloudfront.py
│ │ ├── trigger_s3_flowlogs.py
│ │ ├── trigger_s3_flowlogs_parquet.py
│ │ ├── trigger_s3_logs.py
│ │ ├── trigger_s3_ocsf_parquet.py
│ │ └── trigger_s3_records.py
│ └── trigger_sqs_messages.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── aws_helpers
│ │ ├── __init__.py
│ │ ├── test_s3_wrapper.py
│ │ ├── test_sqs_wrapper.py
│ │ └── test_utils.py
│ ├── conftest.py
│ ├── connectors
│ │ ├── __init__.py
│ │ ├── conftest.py
│ │ ├── s3
│ │ │ ├── __init__.py
│ │ │ ├── conftest.py
│ │ │ ├── logs
│ │ │ │ ├── __init__.py
│ │ │ │ ├── base.py
│ │ │ │ ├── conftest.py
│ │ │ │ ├── mock.py
│ │ │ │ ├── test_cloudtrail_logs_trigger.py
│ │ │ │ └── test_flowlog_records_trigger.py
│ │ │ ├── test_abstract_aws_s3_queued_connector.py
│ │ │ ├── test_ocsf.parquet
│ │ │ ├── test_parquet.parquet
│ │ │ ├── test_parquet_result.json
│ │ │ ├── test_trigger_s3_cloudfront.py
│ │ │ ├── test_trigger_s3_flowlogs.py
│ │ │ ├── test_trigger_s3_flowlogs_parquet.py
│ │ │ ├── test_trigger_s3_logs.py
│ │ │ ├── test_trigger_s3_ocsf_parquet.py
│ │ │ └── test_trigger_s3_records.py
│ │ ├── test_abstract_aws_connector.py
│ │ └── test_trigger_sqs_messages.py
│ ├── data
│ │ └── 111111111111_vpcflowlogs_eu-west-3_fl-032a163fae170ae52_20220831T1255Z_2ad4bef5.parquet
│ └── helpers.py
├── trigger_cloudtrail_logs.json
├── trigger_flowlogs.json
├── trigger_s3_cloudfront.json
├── trigger_s3_flowlogs.json
├── trigger_s3_flowlogs_parquet.json
├── trigger_s3_logs.json
├── trigger_s3_ocsf.json
├── trigger_s3_records.json
└── trigger_sqs_messages.json
├── Akamai
├── CHANGELOG.md
├── Dockerfile
├── akamai_modules
│ ├── __init__.py
│ ├── client
│ │ └── __init__.py
│ ├── connector_akamai_waf.py
│ ├── logging.py
│ ├── metrics.py
│ └── models.py
├── connector_akamai_waf_logs.json
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ └── test_akamai_waf.py
└── trigger_akamai_waf_logs.json
├── Apache
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Aruba Network
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── AssetConnector
├── CHANGELOG.md
├── Dockerfile
├── asset_connector
│ ├── __init__.py
│ ├── base.py
│ ├── fake_asset_connector.py
│ └── models.py
├── connector_fake_assets.json
├── logo.svg
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
└── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── test_base.py
│ └── test_fake_asset_connector.py
├── Azure
├── CHANGELOG.md
├── Dockerfile
├── azure_helpers
│ ├── __init__.py
│ ├── io.py
│ └── storage.py
├── connector_azure_blob_storage_events.json
├── connector_azure_eventhub.json
├── connector_azure_flow_logs_collector.json
├── connector_azure_key_vault.json
├── connector_azure_network_watcher_collector.json
├── connectors
│ ├── __init__.py
│ ├── azure_eventhub.py
│ ├── blob
│ │ ├── __init__.py
│ │ ├── azure_blob.py
│ │ ├── azure_flow_logs.py
│ │ ├── azure_key_vault.py
│ │ └── azure_network_watcher.py
│ └── metrics.py
├── dev.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── azure_helpers
│ │ ├── __init__.py
│ │ └── test_storage.py
│ ├── conftest.py
│ └── connector
│ │ ├── __init__.py
│ │ ├── blob
│ │ ├── __init__.py
│ │ ├── test_azure_blob.py
│ │ ├── test_azure_key_vault.py
│ │ ├── test_flow_logs.py
│ │ └── test_network_watcher.py
│ │ ├── conftest.py
│ │ └── test_azure_eventhub.py
├── trigger_azure_blob_storage_events.json
├── trigger_azure_eventhub.json
├── trigger_azure_flow_logs_collector.json
├── trigger_azure_key_vault_events.json
└── trigger_azure_network_watcher_collector.json
├── AzureMonitor
├── CHANGELOG.md
├── CONFIGURE.md
├── Dockerfile
├── action_query_logs.json
├── azure_monitor_modules
│ ├── __init__.py
│ ├── action_base.py
│ ├── action_query.py
│ └── models.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
└── tests
│ ├── __init__.py
│ ├── conftest.py
│ └── test_query.py
├── BIND
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Beats
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── BeyondTrust
├── CHANGELOG.md
├── Dockerfile
├── beyondtrust_modules
│ ├── __init__.py
│ ├── client
│ │ ├── __init__.py
│ │ └── auth.py
│ ├── connector_pra_platform.py
│ ├── helpers.py
│ ├── logging.py
│ ├── metrics.py
│ └── models.py
├── connector_beyondtrust_pra.json
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── test_connector_pra_platform.py
│ └── test_helpers.py
└── trigger_beyondtrust_pra.json
├── BinaryEdges
├── CHANGELOG.md
├── Dockerfile
├── action_get_query_cve_ip__target_.json
├── action_get_query_dataleaks_email__email_.json
├── action_get_query_dataleaks_info.json
├── action_get_query_dataleaks_organization__domain_.json
├── action_get_query_domains_dns__target_.json
├── action_get_query_domains_ip__target_.json
├── action_get_query_domains_search.json
├── action_get_query_domains_subdomain__target_.json
├── action_get_query_image_ip__target_.json
├── action_get_query_image_search.json
├── action_get_query_image_tags.json
├── action_get_query_ip__target_.json
├── action_get_query_ip_historical__target_.json
├── action_get_query_score_ip__target_.json
├── action_get_query_search.json
├── action_get_query_search_stats.json
├── action_get_query_sensors_ip__target_.json
├── action_get_query_sensors_search.json
├── action_get_query_sensors_search_stats.json
├── action_get_query_sensors_tag__tag_.json
├── action_get_query_torrent_historical__target_.json
├── action_get_query_torrent_ip__target_.json
├── action_get_query_torrent_search.json
├── action_get_query_torrent_search_stats.json
├── action_get_user_subscription.json
├── binaryedges
│ └── __init__.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
└── tests
│ └── test_binary_edges.py
├── BitDefender
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Bitsight
├── CHANGELOG.md
├── Dockerfile
├── client
│ ├── __init__.py
│ └── http_client.py
├── connector_pull_findings.json
├── connectors
│ ├── __init__.py
│ ├── metrics.py
│ └── pull_findings_trigger.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── client
│ │ ├── __init__.py
│ │ └── test_http_client.py
│ ├── conftest.py
│ └── connectors
│ │ ├── __init__.py
│ │ ├── test_company_checkpoint.py
│ │ └── test_pull_findings_trigger.py
└── trigger_pull_findings.json
├── Broadcom
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── BroadcomCloudSwg
├── .gitignore
├── CHANGELOG.md
├── Dockerfile
├── client
│ ├── __init__.py
│ └── broadcom_cloud_swg_client.py
├── connector_broadcom_cloud_swg.json
├── connectors
│ ├── __init__.py
│ ├── broadcom_cloud_swg_connector.py
│ └── metrics.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── client
│ │ ├── __init__.py
│ │ └── test_http_client.py
│ ├── conftest.py
│ ├── connectors
│ │ ├── __init__.py
│ │ ├── test_broadcom_cloud_swg_connector.py
│ │ └── test_broadcom_date_range.py
│ └── utils
│ │ ├── __init__.py
│ │ └── test_files.py
├── trigger_broadcom_cloud_swg.json
└── utils
│ ├── __init__.py
│ └── files.py
├── CEF
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── CatoNetwork
├── .gitignore
├── CHANGELOG.md
├── Dockerfile
├── cato
│ ├── __init__.py
│ ├── cato_sase_connector.py
│ └── metrics.py
├── client
│ ├── __init__.py
│ ├── graphql_client.py
│ └── schemas
│ │ ├── __init__.py
│ │ └── events_feed.py
├── connector_cato_sase_events.json
├── logger
│ ├── __init__.py
│ ├── config.py
│ ├── formatters.py
│ └── handlers.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── cato
│ │ ├── __init__.py
│ │ └── test_cato_sase_connector.py
│ ├── client
│ │ ├── __init__.py
│ │ ├── schemas
│ │ │ ├── __init__.py
│ │ │ └── test_events_feed.py
│ │ └── test_cato_graphql_client.py
│ ├── conftest.py
│ └── logger
│ │ ├── __init__.py
│ │ ├── test_config.py
│ │ ├── test_formatters.py
│ │ └── test_handler.py
└── trigger_cato_sase_events.json
├── Censys
├── CHANGELOG.md
├── Dockerfile
├── action_censys-report.json
├── action_censys-search.json
├── action_censys-view.json
├── censys_module
│ ├── __init__.py
│ ├── base.py
│ ├── report.py
│ ├── search.py
│ └── view.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
└── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── test_report.py
│ ├── test_search.py
│ └── test_view.py
├── CertificateTransparency
├── CHANGELOG.md
├── Dockerfile
├── certificatetransparency
│ ├── __init__.py
│ └── triggers
│ │ ├── __init__.py
│ │ └── certificate_updated.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ └── test_trigger_certificate_created.py
└── trigger_certificate_update.json
├── Checkpoint
├── CHANGELOG.md
├── Dockerfile
├── connector_checkpoint_harmony_mobile_events.json
├── connectors
│ ├── __init__.py
│ ├── checkpoint_harmony_mobile.py
│ ├── client
│ │ ├── __init__.py
│ │ ├── http_client.py
│ │ └── token_refresher.py
│ ├── metrics.py
│ └── timestepper.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── test_checkpoint_harmony_mobile_connector.py
│ ├── test_http_client.py
│ └── test_token_refresher.py
└── trigger_checkpoint_harmony_mobile_events.json
├── Cisco
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Citrix
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Claroty
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Clavister
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Cloudflare
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── CrowdStrike
├── CHANGELOG.md
├── Dockerfile
├── aws
│ ├── __init__.py
│ ├── client.py
│ ├── s3.py
│ └── sqs.py
├── connector_crowdstrike_telemetry_events.json
├── crowdstrike_telemetry
│ ├── __init__.py
│ ├── metrics.py
│ ├── pull_telemetry_events.py
│ └── schemas.py
├── logger
│ ├── __init__.py
│ ├── config.py
│ ├── formatters.py
│ └── handlers.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── aws
│ │ ├── __init__.py
│ │ ├── test_client.py
│ │ ├── test_s3.py
│ │ └── test_sqs.py
│ ├── conftest.py
│ ├── crowdstrike_telemetry
│ │ ├── __init__.py
│ │ ├── test_crowdstrike.py
│ │ ├── test_module.py
│ │ └── test_schemas.py
│ └── logger
│ │ ├── __init__.py
│ │ ├── test_config.py
│ │ ├── test_formatters.py
│ │ └── test_handler.py
└── trigger_crowdstrike_telemetry_events.json
├── CrowdStrikeFalcon
├── CHANGELOG.md
├── Dockerfile
├── action_alert_add_comment.json
├── action_alert_update_status.json
├── action_block_ioc.json
├── action_deisolate_hosts.json
├── action_isolate_hosts.json
├── action_monitor_ioc.json
├── action_push_iocs_block.json
├── action_push_iocs_detect.json
├── connector_event_stream.json
├── crowdstrike_falcon
│ ├── __init__.py
│ ├── action.py
│ ├── alert_actions.py
│ ├── client
│ │ ├── __init__.py
│ │ ├── auth.py
│ │ ├── retry.py
│ │ └── schemas.py
│ ├── constants.py
│ ├── custom_iocs.py
│ ├── event_stream_trigger.py
│ ├── exceptions.py
│ ├── helpers.py
│ ├── host_actions.py
│ ├── logging.py
│ ├── metrics.py
│ └── models.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── client
│ │ ├── __init__.py
│ │ ├── test_auth.py
│ │ ├── test_client.py
│ │ └── test_retry.py
│ ├── conftest.py
│ ├── test_actions_alerts.py
│ ├── test_actions_hosts.py
│ ├── test_actions_iocs.py
│ ├── test_event_stream_trigger.py
│ └── test_helpers.py
└── trigger_event_stream.json
├── CyberArk
├── CHANGELOG.md
├── Dockerfile
├── connector_audit_logs.json
├── cyberark_modules
│ ├── __init__.py
│ ├── client
│ │ ├── __init__.py
│ │ └── auth.py
│ ├── connector_audit_logs.py
│ ├── logging.py
│ ├── metrics.py
│ └── models.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ └── test_connector_audit_logs.py
└── trigger_audit_logs.json
├── Cybereason
├── CHANGELOG.md
├── Dockerfile
├── connector_pull_events.json
├── connector_pull_events_new.json
├── cybereason_modules
│ ├── __init__.py
│ ├── client
│ │ ├── __init__.py
│ │ └── auth.py
│ ├── connector_pull_events.py
│ ├── connector_pull_events_new.py
│ ├── constants.py
│ ├── exceptions.py
│ ├── helpers.py
│ ├── logging.py
│ ├── metrics.py
│ └── models.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── client
│ │ ├── __init__.py
│ │ └── test_auth.py
│ ├── conftest.py
│ ├── data
│ │ ├── __init__.py
│ │ ├── app.html
│ │ ├── edr_malop.json
│ │ ├── edr_malop_suspicions_result.json
│ │ ├── epp_malop.json
│ │ ├── epp_malop_detail.json
│ │ └── login.html
│ ├── test_helpers.py
│ ├── test_pull_events_connector.py
│ └── test_pull_events_connector_new.py
├── trigger_pull_events.json
└── trigger_pull_events_new.json
├── Cyberwatch
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Darktrace
├── CHANGELOG.md
├── Dockerfile
├── connector_threat_visualizer_log.json
├── darktrace_modules
│ ├── __init__.py
│ ├── client
│ │ ├── __init__.py
│ │ ├── auth.py
│ │ └── retry.py
│ ├── logging.py
│ ├── metrics.py
│ ├── models.py
│ └── threat_visualizer_log_trigger.py
├── helpers.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── aianalyst_response.txt
│ ├── conftest.py
│ ├── modelbreaches_response.txt
│ ├── test_helpers.py
│ ├── test_retry.py
│ └── test_threat_visualizer_log_trigger.py
└── trigger_threat_visualizer_log.json
├── Daspren
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Datadome
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── DetectionRules
├── CHANGELOG.md
├── Dockerfile
├── detection_rules
│ ├── __init__.py
│ ├── archive.py
│ ├── cache.py
│ ├── fetcher.py
│ ├── serializer.py
│ ├── trigger_snort_rules.py
│ └── utils.py
├── logo.svg
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── snort3-community-rules.tar.gz
│ └── test_trigger_snort_rules.py
└── trigger_snort_rules.json
├── DigitalShadows
├── CHANGELOG.md
├── Dockerfile
├── digitalshadows_modules
│ ├── __init__.py
│ └── trigger_searchlight_events.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── data.py
│ └── test_searchlight_events_trigger.py
└── trigger_searchlight_alerts.json
├── Duo
├── CHANGELOG.md
├── Dockerfile
├── connector_admin_logs.json
├── dev.py
├── duo
│ ├── __init__.py
│ ├── connector.py
│ ├── iterators.py
│ ├── metrics.py
│ └── models.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ └── test_connector.py
└── trigger_admin_logs.json
├── EfficientIP
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Ekinops
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── ElasticSearch
├── CHANGELOG.md
├── CONFIGURE.md
├── Dockerfile
├── action_query_data.json
├── docs
│ └── assets
│ │ ├── step01.png
│ │ ├── step02.png
│ │ ├── step03.png
│ │ ├── step04.png
│ │ └── step05.png
├── elasticsearch_module
│ ├── __init__.py
│ ├── client.py
│ ├── constants.py
│ └── query_data_action.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
└── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── test_client.py
│ └── test_query_data_action.py
├── Eset
├── CHANGELOG.md
├── CONFIGURE.md
├── Dockerfile
├── action_eset_deisolate_endpoint_action.json
├── action_eset_isolate_endpoint_action.json
├── action_eset_scan_action.json
├── docs
│ └── assets
│ │ ├── Step01.png
│ │ ├── Step02.png
│ │ ├── Step03.png
│ │ └── Step04.png
├── eset_modules
│ ├── __init__.py
│ ├── action_base.py
│ ├── action_deisolate_endpoint.py
│ ├── action_isolate_endpoint.py
│ ├── action_scan.py
│ ├── client
│ │ ├── __init__.py
│ │ └── auth.py
│ └── models.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
└── tests
│ ├── __init__.py
│ ├── conftest.py
│ └── test_actions.py
├── ExtraHop
├── CHANGELOG.md
├── Dockerfile
├── connector_extrahop_reveal_360.json
├── dev.py
├── extrahop
│ ├── __init__.py
│ ├── client
│ │ ├── __init__.py
│ │ └── auth.py
│ ├── metrics.py
│ ├── models.py
│ └── reveal_360_trigger.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ └── test_connector.py
└── trigger_extrahop_reveal_360.json
├── F5 Networks
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Fastly
├── CHANGELOG.md
├── Dockerfile
├── connector_fastly_waf.json
├── connector_fastly_waf_audit.json
├── dev.py
├── fastly
│ ├── __init__.py
│ ├── client
│ │ ├── __init__.py
│ │ └── auth.py
│ ├── connector_fastly_waf.py
│ ├── connector_fastly_waf_audit.py
│ ├── connector_fastly_waf_base.py
│ └── metrics.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── test_fastly_waf.py
│ └── test_fastly_waf_audit.py
├── trigger_fastly_waf.json
└── trigger_fastly_waf_audit.json
├── Forcepoint
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Fortigate
├── CHANGELOG.md
├── Dockerfile
├── action_fortigate_add_address_group.json
├── action_fortigate_add_fqdn.json
├── action_fortigate_add_ip_address.json
├── fortigate
│ ├── __init__.py
│ ├── action_fortigate_add_fqdn.py
│ ├── action_fortigate_add_group_address.py
│ └── action_fortigate_add_ip_address.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
└── tests
│ ├── __init__.py
│ ├── test_action_fortigate_addaddress.py
│ ├── test_action_fortigate_addfqdn.py
│ └── test_action_fortigate_addgroup.py
├── Fortinet
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── FreeRADIUS
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── GateWatcher
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Git
├── CHANGELOG.md
├── Dockerfile
├── gitmodule
│ ├── __init__.py
│ ├── repository.py
│ ├── settings.py
│ ├── triggers
│ │ ├── __init__.py
│ │ ├── base.py
│ │ ├── file_changes.py
│ │ └── new_commit.py
│ └── utils.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── data
│ │ └── test_repo
│ │ │ ├── README.md
│ │ │ ├── directory
│ │ │ └── some_file.txt
│ │ │ ├── dot_git
│ │ │ ├── COMMIT_EDITMSG
│ │ │ ├── HEAD
│ │ │ ├── ORIG_HEAD
│ │ │ ├── config
│ │ │ ├── description
│ │ │ ├── hooks
│ │ │ │ ├── applypatch-msg.sample
│ │ │ │ ├── commit-msg.sample
│ │ │ │ ├── fsmonitor-watchman.sample
│ │ │ │ ├── post-update.sample
│ │ │ │ ├── pre-applypatch.sample
│ │ │ │ ├── pre-commit.sample
│ │ │ │ ├── pre-merge-commit.sample
│ │ │ │ ├── pre-push.sample
│ │ │ │ ├── pre-rebase.sample
│ │ │ │ ├── pre-receive.sample
│ │ │ │ ├── prepare-commit-msg.sample
│ │ │ │ ├── push-to-checkout.sample
│ │ │ │ └── update.sample
│ │ │ ├── index
│ │ │ ├── info
│ │ │ │ └── exclude
│ │ │ ├── objects
│ │ │ │ ├── 12
│ │ │ │ │ └── 378caf82b81edba41dcd84304ccc75ba3d24a3
│ │ │ │ ├── 20
│ │ │ │ │ └── 0d99e05b02f6cbb75604f30dba7f9dc5cd8a99
│ │ │ │ ├── 28
│ │ │ │ │ └── bbf964a10a76d09f264b1aadce910150b09db7
│ │ │ │ ├── 34
│ │ │ │ │ └── 4ea1eb071f8a5200c9743609f252ff6d0f61b2
│ │ │ │ ├── 37
│ │ │ │ │ └── ded6aece434c1b076ca1bfe75eee3f5ee674a2
│ │ │ │ ├── 44
│ │ │ │ │ └── e6e04b106b31ebcc874f32c115853eb4171e70
│ │ │ │ ├── 9b
│ │ │ │ │ └── 99e4b5e854f6641b92f597196e7fa4b14d9db9
│ │ │ │ ├── a8
│ │ │ │ │ └── b52a71f7595f755fc2e99d741460f3cf970eac
│ │ │ │ ├── b2
│ │ │ │ │ └── 6fd50e937871c068e9560f78abd6b9dc6ceae7
│ │ │ │ ├── b6
│ │ │ │ │ └── b7577b59f84da35141c78cd3bb4c73c560f440
│ │ │ │ ├── bd
│ │ │ │ │ └── b5d7f8e18d03d7fca0ef4383a4445ff0864ccf
│ │ │ │ ├── be
│ │ │ │ │ └── 781fa7cb15cc1e79456ad9e79e6de3319504ae
│ │ │ │ ├── ca
│ │ │ │ │ └── cb1bfd71787cd944d7fd6b6527599427a980e6
│ │ │ │ ├── cc
│ │ │ │ │ └── 8b364ad6346105bc5390c08c080166cb13b3c3
│ │ │ │ ├── d5
│ │ │ │ │ └── 6d6eb33158ff3de2e87d8d88ca16196485e9c1
│ │ │ │ ├── db
│ │ │ │ │ └── a049df562e492426a76303538cbc9fb20de7b9
│ │ │ │ ├── eb
│ │ │ │ │ └── ad2d3938b71fe2007d60c96b0570f6955ea2c5
│ │ │ │ └── f4
│ │ │ │ │ └── 176e56568797201e530b4309c57815c92d6de7
│ │ │ └── refs
│ │ │ │ ├── heads
│ │ │ │ └── main
│ │ │ │ ├── original
│ │ │ │ └── refs
│ │ │ │ │ └── heads
│ │ │ │ │ └── main
│ │ │ │ └── remotes
│ │ │ │ └── origin
│ │ │ │ └── main
│ │ │ └── root_file.txt
│ ├── test_repository.py
│ ├── test_trigger_file_changes.py
│ ├── test_trigger_new_commit.py
│ └── test_utils.py
├── trigger_file_changes.json
└── trigger_new_commit.json
├── Github
├── CHANGELOG.md
├── Dockerfile
├── connector_pull_audit_logs.json
├── github_modules
│ ├── __init__.py
│ ├── async_client
│ │ ├── __init__.py
│ │ ├── http_client.py
│ │ └── token_refresher.py
│ ├── audit_log_trigger.py
│ ├── logging.py
│ ├── metrics.py
│ └── models.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── async_client
│ │ ├── __init__.py
│ │ ├── test_http_client.py
│ │ └── test_token_refresher.py
│ ├── conftest.py
│ └── test_audit_log_trigger.py
└── trigger_pull_audit_logs.json
├── Glimps
├── CHANGELOG.md
├── Dockerfile
├── action_analyse_a_file.json
├── action_analyse_a_file_and_wait_for_result.json
├── action_export_analysis_result.json
├── action_get_profile_status.json
├── action_retrieve_analysis.json
├── action_retrieve_the_analysis.json
├── action_search_a_previous_analysis.json
├── action_search_analysis.json
├── action_submit_a_file_to_be_analysed.json
├── glimps
│ ├── __init__.py
│ ├── base.py
│ ├── deprecated.py
│ ├── export_action.py
│ ├── get_status_action.py
│ ├── models.py
│ ├── retrieve_analysis_action.py
│ ├── search_analysis_by_sha256_action.py
│ └── submit_file_to_be_analysed_action.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
└── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── eicar.txt
│ ├── test_deprecated.py
│ ├── test_export.py
│ ├── test_get_status.py
│ ├── test_retrieve_analysis.py
│ ├── test_search_analysis_by_sha256.py
│ └── test_submit_file_to_be_analysed.py
├── Google
├── CHANGELOG.md
├── Dockerfile
├── action_bigquery_query.json
├── connector_google_reports.json
├── connector_login_service.json
├── connector_pubsub_query.json
├── google_module
│ ├── __init__.py
│ ├── base.py
│ ├── big_query.py
│ ├── google_reports.py
│ ├── metrics.py
│ ├── pubsub.py
│ └── timestepper.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── test_base.py
│ ├── test_big_query.py
│ ├── test_google_reports.py
│ └── test_pubsub.py
├── trigger_google_reports.json
├── trigger_login_service.json
└── trigger_pubsub_query.json
├── HAProxy
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── HTTP
├── CHANGELOG.md
├── Dockerfile
├── action_download_file.json
├── action_request.json
├── http_module
│ ├── __init__.py
│ ├── download_file_action.py
│ └── request_action.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
└── tests
│ ├── __init__.py
│ ├── test_action_donwload_file.py
│ └── test_request.py
├── HarfangLab
├── CHANGELOG.md
├── Dockerfile
├── action_harfanglab_add_comment_to_threat.json
├── action_harfanglab_create_iocs.json
├── action_harfanglab_download_file_from_endpoint.json
├── action_harfanglab_endpoint_agent_deisolation.json
├── action_harfanglab_endpoint_agent_isolation.json
├── action_harfanglab_endpoint_group_deisolation.json
├── action_harfanglab_endpoint_group_isolation.json
├── action_harfanglab_get_agent_telemetry.json
├── action_harfanglab_gethostnamesbyip.json
├── action_harfanglab_getpipelist.json
├── action_harfanglab_getprocesslist.json
├── action_harfanglab_update_threat_status.json
├── harfanglab
│ ├── __init__.py
│ ├── base.py
│ ├── client
│ │ ├── __init__.py
│ │ └── auth.py
│ ├── download_file_from_endpoint.py
│ ├── endpoint_actions.py
│ ├── get_agent_telemetry.py
│ ├── get_hostnames_by_ip_action.py
│ ├── get_pipe_list_action.py
│ ├── get_process_list_action.py
│ ├── helpers.py
│ ├── iocs.py
│ ├── job_executor.py
│ ├── logging.py
│ ├── models.py
│ └── threat_actions.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
└── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── test_base.py
│ ├── test_create_iocs.py
│ ├── test_download_file_from_endpoint.py
│ ├── test_endpoint_deisolate_agent.py
│ ├── test_endpoint_deisolate_group.py
│ ├── test_endpoint_isolate_agent.py
│ ├── test_endpoint_isolate_group.py
│ ├── test_get_agent_telemetry.py
│ ├── test_get_hostnames_by_ip.py
│ ├── test_get_pipe_list_action.py
│ ├── test_get_process_list_action.py
│ └── test_threats_actions.py
├── IBM
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── IKnowWhatYouDownload
├── CHANGELOG.md
├── Dockerfile
├── action_iknow_ipexist.json
├── action_iknow_iphistory.json
├── action_iknow_iplist.json
├── iknowwhatyoudownload
│ ├── __init__.py
│ ├── action_iknow_ipexist.py
│ ├── action_iknow_iphistory.py
│ └── action_iknow_iplist.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
└── tests
│ ├── test_action_iknow_ipexist.py
│ ├── test_action_iknow_iphistory.py
│ └── test_action_iplist.py
├── IPInfo
├── CHANGELOG.md
├── Dockerfile
├── ipinfo
│ ├── __init__.py
│ └── trigger_fetch_ipinfo_database.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── data
│ │ └── country_asn.json.gz
│ └── test_trigger_fetch_ipinfo_database.py
└── trigger_fetch_ipinfo_database.json
├── IPtoASN
├── CHANGELOG.md
├── Dockerfile
├── iptoasn
│ ├── __init__.py
│ ├── trigger_fetch_iptoasn_database.py
│ └── utils.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── data
│ │ └── ip2asn-combined.tsv.gz
│ └── test_trigger_fetch_iptoasn_database.py
└── trigger_fetch_iptoasn_database.json
├── ISC DHCP
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Imperva
├── CHANGELOG.md
├── Dockerfile
├── LICENSE
├── README.md
├── connector_fetch_logs.json
├── imperva
│ ├── __init__.py
│ └── fetch_logs.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── test_fetch_log.py
│ ├── test_file_downloader.py
│ └── test_logs_file_index.py
└── trigger_fetch_logs.json
├── Infoblox
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Ivanti
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── JIRA
├── CHANGELOG.md
├── Dockerfile
├── action_change_issue_status.json
├── action_comment_issue.json
├── action_create_issue.json
├── dev.py
├── jira_modules
│ ├── __init__.py
│ ├── action_base.py
│ ├── action_change_issue_status.py
│ ├── action_comment_issue.py
│ ├── action_create_issue.py
│ ├── base.py
│ └── client
│ │ ├── __init__.py
│ │ └── retry.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
└── tests
│ ├── __init__.py
│ ├── test_change_issue_status.py
│ ├── test_comment_issue.py
│ └── test_create_issue.py
├── Jumpcloud
├── CHANGELOG.md
├── Dockerfile
├── connector_jumpclouddirectoryinsightsconnector.json
├── jumpcloud_modules
│ ├── __init__.py
│ ├── client
│ │ ├── __init__.py
│ │ └── auth.py
│ ├── helpers.py
│ ├── jumpcloud_pull_events.py
│ ├── logging.py
│ ├── metrics.py
│ └── models.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── test_helpers.py
│ └── test_jumpcloud_pull_events.py
└── trigger_jumpclouddirectoryinsightsconnector.json
├── Juniper
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Kaspersky
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── LICENSE
├── Lacework
├── CHANGELOG.md
├── Dockerfile
├── README.md
├── connector_lacework.json
├── lacework_module
│ ├── __init__.py
│ ├── base.py
│ ├── client
│ │ ├── __init__.py
│ │ └── auth.py
│ ├── lacework_connector.py
│ └── metrics.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── client
│ │ ├── __init__.py
│ │ ├── test_auth.py
│ │ └── test_client.py
│ ├── conftest.py
│ └── test_lacework_connector.py
└── trigger_lacework.json
├── Lookout
├── CHANGELOG.md
├── Dockerfile
├── connector_lookout_mes.json
├── logo.png
├── lookout_modules
│ ├── __init__.py
│ ├── client
│ │ ├── __init__.py
│ │ ├── auth.py
│ │ ├── server_sent_event.py
│ │ └── sse_client.py
│ ├── connector_mobile_endpoint_security.py
│ ├── logger.py
│ ├── metrics.py
│ └── models.py
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ └── test_connector_mobile_endpoint_security.py
└── trigger_lookout_mes.json
├── MISP
├── CHANGELOG.md
├── Dockerfile
├── action_misp-to-stix.json
├── action_publish-to-misp.json
├── logo.png
├── main.py
├── manifest.json
├── misp
│ ├── __init__.py
│ ├── misp2stix2_mapping.py
│ ├── misp_query.py
│ ├── misp_to_stix.py
│ ├── misp_to_stix_converter.py
│ ├── publish_to_misp.py
│ └── trigger.py
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── test_event_trigger.py
│ ├── test_misp_to_stix.py
│ └── test_publish_to_misp.py
└── trigger_event.json
├── MWDB
├── CHANGELOG.md
├── Dockerfile
├── action_config_to_observables.json
├── logo.png
├── main.py
├── manifest.json
├── mwdb_module
│ ├── __init__.py
│ ├── action_config_to_observables.py
│ ├── extractors.py
│ ├── model.py
│ ├── observables_from_config.py
│ ├── triggers.py
│ └── utils.py
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── data.py
│ ├── test_action_config_to_observables.py
│ └── test_triggers.py
└── trigger_mwdb-configs.json
├── ManageEngine
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Mandrill
├── CHANGELOG.md
├── Dockerfile
├── action_mandrill_send.json
├── logo.png
├── main.py
├── mandrill_module
│ ├── __init__.py
│ └── action_mandrill_send.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
└── tests
│ ├── __init__.py
│ └── test_action_mandrill_send.py
├── Mattermost
├── CHANGELOG.md
├── Dockerfile
├── action_mattermost_postalert.json
├── action_mattermost_postmessage.json
├── logo.png
├── main.py
├── manifest.json
├── mattermost
│ ├── __init__.py
│ ├── action_mattermost_postalert.py
│ └── action_mattermost_postmessage.py
├── poetry.lock
├── pyproject.toml
└── tests
│ ├── __init__.py
│ ├── test_action_mattermost_postalert.py
│ └── test_action_mattermost_postmessage.py
├── Microsoft
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── MicrosoftActiveDirectory
├── CHANGELOG.md
├── Dockerfile
├── action_disable_user_account.json
├── action_enable_user_account.json
├── action_reset_user_password.json
├── action_search.json
├── logo.png
├── main.py
├── manifest.json
├── microsoft_ad
│ ├── __init__.py
│ ├── base.py
│ ├── search.py
│ └── user.py
├── poetry.lock
├── pyproject.toml
└── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── test_search.py
│ └── test_user.py
├── MicrosoftDefender
├── CHANGELOG.md
├── CONFIGURE.md
├── Dockerfile
├── action_add_comment_to_alert.json
├── action_cancel_machine_action.json
├── action_get_machine_action_info.json
├── action_isolate_machine.json
├── action_push_indicators.json
├── action_restrict_code_execution.json
├── action_scan_machine.json
├── action_unisolate_machine.json
├── action_unrestrict_code_execution.json
├── action_update_alert.json
├── logo.png
├── main.py
├── manifest.json
├── microsoftdefender_modules
│ ├── __init__.py
│ ├── action_base.py
│ ├── action_cancel_machine_action.py
│ ├── action_get_machine_action.py
│ ├── action_isolate_machine.py
│ ├── action_push_indicators.py
│ ├── action_restrict_code_execution.py
│ ├── action_scan_machine.py
│ ├── action_unisolate_machine.py
│ ├── action_unrestrict_code_execution.py
│ ├── action_update_alert.py
│ ├── client
│ │ ├── __init__.py
│ │ ├── auth.py
│ │ └── retry.py
│ ├── helpers.py
│ ├── logging.py
│ └── models.py
├── poetry.lock
├── pyproject.toml
└── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── test_endpoint_actions.py
│ └── test_push_indicators_action.py
├── MicrosoftEntraID
├── CHANGELOG.md
├── Dockerfile
├── action_delete_app.json
├── action_disable_user.json
├── action_enable_user.json
├── action_get_signins.json
├── action_get_user.json
├── action_get_user_authentication_methods.json
├── action_reset_user_password.json
├── action_revoke_signin.json
├── azure_ad
│ ├── __init__.py
│ ├── base.py
│ ├── delete_app.py
│ ├── get_sign_ins.py
│ ├── get_user_authentication_methods.py
│ └── user.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
└── tests
│ ├── __init__.py
│ └── test_actions.py
├── MicrosoftOutlook
├── CHANGELOG.md
├── CONFIGURE.md
├── Dockerfile
├── action_delete_message.json
├── action_forward_message.json
├── action_get_message.json
├── action_update_message.json
├── logo.png
├── main.py
├── manifest.json
├── microsoft_outlook_modules
│ ├── __init__.py
│ ├── action_base.py
│ ├── action_delete_message.py
│ ├── action_forward_message.py
│ ├── action_get_message.py
│ ├── action_update_message.py
│ ├── client
│ │ ├── __init__.py
│ │ ├── auth.py
│ │ └── retry.py
│ └── models.py
├── poetry.lock
├── pyproject.toml
└── tests
│ ├── __init__.py
│ ├── conftest.py
│ └── test_actions.py
├── MicrosoftSentinel
├── CHANGELOG.md
├── Dockerfile
├── connector_microsoft_sentinel.json
├── logo.png
├── main.py
├── manifest.json
├── microsoft_sentinel
│ ├── __init__.py
│ ├── connector_microsoft_sentinel.py
│ ├── metrics.py
│ ├── models.py
│ └── utils.py
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── test_connector_microsoft_sentinel.py
│ └── test_utils.py
└── trigger_microsoft_sentinel.json
├── MicrosoftWindowsServer
├── .gitignore
├── CHANGELOG.md
├── Dockerfile
├── action_change_user_password.json
├── action_disable_users.json
├── action_enable_users.json
├── actions
│ ├── __init__.py
│ ├── change_user_password_action.py
│ ├── disable_users_action.py
│ └── enable_users_action.py
├── client
│ ├── __init__.py
│ ├── commands.py
│ └── windows_client.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
└── tests
│ ├── __init__.py
│ ├── actions
│ ├── __init__.py
│ ├── test_change_user_password_action.py
│ ├── test_disable_users_action.py
│ └── test_enable_users_action.py
│ ├── client
│ ├── __init__.py
│ ├── test_commands.py
│ └── test_windows_client.py
│ └── conftest.py
├── Mimecast
├── CHANGELOG.md
├── Dockerfile
├── connector_mimecast_email_security.json
├── dev.py
├── logo.png
├── main.py
├── manifest.json
├── mimecast_modules
│ ├── __init__.py
│ ├── client
│ │ ├── __init__.py
│ │ ├── auth.py
│ │ └── retry.py
│ ├── connector_mimecast_siem.py
│ ├── helpers.py
│ ├── logging.py
│ ├── metrics.py
│ └── models.py
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── test_helpers.py
│ ├── test_mimecast_siem_logs.py
│ └── test_retry.py
└── trigger_mimecast_email_security.json
├── NetFlow
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Netfilter
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Netskope
├── CHANGELOG.md
├── Dockerfile
├── connector_pubsub_lite_query.json
├── connector_pull_events_v2.json
├── dev.py
├── logo.png
├── main.py
├── manifest.json
├── netskope_modules
│ ├── __init__.py
│ ├── connector_pubsub_lite.py
│ ├── connector_pull_events_v2.py
│ ├── constants.py
│ ├── helpers.py
│ ├── logging.py
│ ├── metrics.py
│ ├── models.py
│ └── types.py
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── test_helpers.py
│ ├── test_pubsub_lite.py
│ └── test_pull_events_v2_connector.py
├── trigger_pubsub_lite_query.json
└── trigger_pull_events_v2.json
├── Netwrix
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Nybble
├── CHANGELOG.md
├── Dockerfile
├── action_create_alert.json
├── logo.png
├── main.py
├── manifest.json
├── nybble_modules
│ ├── __init__.py
│ └── create_alert.py
├── poetry.lock
├── pyproject.toml
└── tests
│ ├── __init__.py
│ ├── conftest.py
│ └── test_create_alerts.py
├── OGO
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── OSINTCollector
├── .dockerignore
├── CHANGELOG.md
├── Dockerfile
├── README.md
├── logo.svg
├── main.py
├── manifest.json
├── osintcollector
│ ├── __init__.py
│ ├── errors.py
│ ├── extract.py
│ ├── scraping
│ │ ├── __init__.py
│ │ ├── base.py
│ │ ├── csv.py
│ │ ├── errors.py
│ │ ├── html.py
│ │ ├── json.py
│ │ ├── line.py
│ │ └── regex.py
│ ├── trigger_osint.py
│ └── validators.py
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── test_extract.py
│ ├── test_scraper.py
│ └── test_trigger.py
└── trigger_osint.json
├── Office365
├── CHANGELOG.md
├── Dockerfile
├── README.md
├── connector_office365_management_activity_api.json
├── connector_office365_messagetrace.json
├── connector_office365_messagetrace_oauth.json
├── logo.png
├── main.py
├── manifest.json
├── office365
│ ├── __init__.py
│ ├── management_api
│ │ ├── __init__.py
│ │ ├── checkpoint.py
│ │ ├── configuration.py
│ │ ├── connector.py
│ │ ├── constants.py
│ │ ├── errors.py
│ │ ├── helpers.py
│ │ ├── logging.py
│ │ └── office365_client.py
│ ├── message_trace
│ │ ├── __init__.py
│ │ ├── base.py
│ │ ├── timestepper.py
│ │ ├── trigger_office365_messagetrace.py
│ │ └── trigger_office365_messagetrace_oauth.py
│ └── metrics.py
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── management_api
│ │ ├── __init__.py
│ │ ├── entity.py
│ │ ├── intake.py
│ │ ├── test_checkpoint.py
│ │ ├── test_client.py
│ │ ├── test_connector.py
│ │ └── test_helpers.py
│ └── message_trace
│ │ ├── __init__.py
│ │ ├── test_base.py
│ │ ├── test_office365_messagetrace_trigger.py
│ │ ├── test_office365_messagetrace_trigger_oauth.py
│ │ └── test_timestepper.py
├── trigger_office365_management_activity_api.json
├── trigger_office365_messagetrace.json
└── trigger_office365_messagetrace_oauth.json
├── Okta
├── CHANGELOG.md
├── Dockerfile
├── connector_pull_system_logs.json
├── logo.png
├── main.py
├── manifest.json
├── okta_modules
│ ├── __init__.py
│ ├── client
│ │ ├── __init__.py
│ │ ├── auth.py
│ │ └── retry.py
│ ├── helpers.py
│ ├── logging.py
│ ├── metrics.py
│ ├── models.py
│ └── system_log_trigger.py
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── test_helpers.py
│ ├── test_retry.py
│ └── test_system_log_trigger.py
└── trigger_pull_system_logs.json
├── Olfeo
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Onyphe
├── CHANGELOG.md
├── Dockerfile
├── action_onyphe_ctl.json
├── action_onyphe_datascan.json
├── action_onyphe_forward.json
├── action_onyphe_geoloc.json
├── action_onyphe_inetnum.json
├── action_onyphe_ip.json
├── action_onyphe_md5.json
├── action_onyphe_onionscan.json
├── action_onyphe_pastries.json
├── action_onyphe_reverse.json
├── action_onyphe_sniffer.json
├── action_onyphe_synscan.json
├── action_onyphe_threatlist.json
├── logo.png
├── main.py
├── manifest.json
├── onyphe
│ ├── __init__.py
│ ├── action_onyphe_ctl.py
│ ├── action_onyphe_datascan.py
│ ├── action_onyphe_forward.py
│ ├── action_onyphe_geoloc.py
│ ├── action_onyphe_inetnum.py
│ ├── action_onyphe_ip.py
│ ├── action_onyphe_md5.py
│ ├── action_onyphe_onionscan.py
│ ├── action_onyphe_pastries.py
│ ├── action_onyphe_reverse.py
│ ├── action_onyphe_sniffer.py
│ ├── action_onyphe_synscan.py
│ ├── action_onyphe_threatlist.py
│ ├── errors.py
│ └── utils.py
├── poetry.lock
├── pyproject.toml
└── tests
│ ├── generic_onyphe_tests.py
│ ├── test_onyphe_ctl.py
│ ├── test_onyphe_datascan.py
│ ├── test_onyphe_forward.py
│ ├── test_onyphe_geoloc.py
│ ├── test_onyphe_inetnum.py
│ ├── test_onyphe_ip.py
│ ├── test_onyphe_md5.py
│ ├── test_onyphe_onionscan.py
│ ├── test_onyphe_pastries.py
│ ├── test_onyphe_reverse.py
│ ├── test_onyphe_sniffer.py
│ ├── test_onyphe_synscan.py
│ └── test_onyphe_threatlist.py
├── OpenAI
├── CHANGELOG.md
├── Dockerfile
├── README.md
├── action_ask_gpt.json
├── logo.png
├── main.py
├── manifest.json
├── openai_module
│ ├── __init__.py
│ ├── base.py
│ └── gpt.py
├── poetry.lock
├── pyproject.toml
└── tests
│ ├── __init__.py
│ └── test_actions.py
├── OpenBSD
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── OpenLDAP
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── OpenSSH
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── OpenVPN
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── PagerDuty
├── CHANGELOG.md
├── Dockerfile
├── action_pagerduty_triggeralert.json
├── logo.png
├── main.py
├── manifest.json
├── pagerduty
│ ├── __init__.py
│ ├── action_pagerduty_trigger_alert.py
│ ├── constants.py
│ └── helpers.py
├── poetry.lock
├── pyproject.toml
└── tests
│ ├── __init__.py
│ ├── test_action_pagerduty_triggeralert.py
│ └── test_helpers.py
├── Palo Alto Networks
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── PaloAltoCortexXDR
├── CHANGELOG.md
├── Dockerfile
├── action_block_malicious_files.json
├── action_comment_alert.json
├── action_isolate_endpoint.json
├── action_quarantine_file.json
├── action_unisolate_endpoint.json
├── action_update_alert.json
├── action_xql_query.json
├── connector_cortex_edr.json
├── cortex_module
│ ├── __init__.py
│ ├── actions
│ │ ├── __init__.py
│ │ ├── action_block_malicious_files.py
│ │ ├── action_comment_alert.py
│ │ ├── action_isolate.py
│ │ ├── action_quarantine.py
│ │ ├── action_update_alert.py
│ │ └── action_xql_query.py
│ ├── base.py
│ ├── client
│ │ ├── __init__.py
│ │ └── auth.py
│ ├── cortex_edr_connector.py
│ ├── helper.py
│ └── metrics.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── actions
│ │ ├── __init__.py
│ │ ├── test_action_block_malicious_files.py
│ │ ├── test_action_comment_alert.py
│ │ ├── test_action_isolate.py
│ │ ├── test_action_quarantine.py
│ │ ├── test_action_update_alert.py
│ │ └── test_action_xql_query.py
│ ├── conftest.py
│ ├── test_cortex_edr.py
│ └── test_helper.py
└── trigger_cortex_edr.json
├── PaloAltoXSIAM
├── CHANGELOG.md
├── Dockerfile
├── action_stix_to_xsiam.json
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ └── test_stix_to_xsiam.py
└── xsiam
│ ├── __init__.py
│ ├── helpers.py
│ ├── models.py
│ └── stix_to_xsiam.py
├── PandaSecurity
├── CHANGELOG.md
├── Dockerfile
├── action_get_security_events.json
├── action_isolates_devices_.json
├── action_links_devices_to_a_managed_configuration_.json
├── action_retrieves_a_list_of_devices_.json
├── action_retrieves_a_list_of_managed_configurations_.json
├── action_retrieves_a_list_of_unmanaged_devices_.json
├── action_retrieves_counts_of_security_events_.json
├── action_retrieves_device_protection_status_.json
├── action_retrieves_full_encryption_module_status_.json
├── action_retrieves_patch_management_module_status_.json
├── action_retrieves_security_overview_information_.json
├── action_scans_devices_immediately_.json
├── action_sends_an_action_to_devices_.json
├── action_stops_device_isolation_.json
├── action_uninstalls_protection_from_devices_.json
├── aether_endpoint_security_api
│ ├── __init__.py
│ ├── base.py
│ ├── metrics.py
│ └── trigger_security_events.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── test_authorization.py
│ └── test_trigger_security_events.py
└── trigger_security_events.json
├── Postfix
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Pradeo
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Proofpoint
├── CHANGELOG.md
├── Dockerfile
├── connector_pod_events.json
├── connector_tap_events.json
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── proofpoint_modules
│ ├── __init__.py
│ ├── helpers.py
│ ├── metrics.py
│ ├── pod
│ │ ├── __init__.py
│ │ └── checkpoint.py
│ ├── trigger_pod_events.py
│ └── trigger_tap_events.py
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── data
│ │ ├── __init__.py
│ │ ├── original_maillog.json
│ │ └── original_message.json
│ ├── pod
│ │ ├── __init__.py
│ │ └── test_checkpoint.py
│ ├── test_helpers.py
│ ├── test_pod_events_trigger.py
│ └── test_tap_events_trigger.py
├── trigger_pod_events.json
└── trigger_tap_events.json
├── PublicSuffix
├── CHANGELOG.md
├── Dockerfile
├── action_get_private_domains.json
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── public_suffix
│ ├── __init__.py
│ └── get_private_domains_action.py
├── pyproject.toml
└── tests
│ └── test_get_private_domains_action.py
├── README.md
├── RSA Security
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── RSS
├── CHANGELOG.md
├── Dockerfile
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── rss
│ ├── __init__.py
│ ├── errors.py
│ ├── settings.py
│ └── trigger_rss.py
├── tests
│ ├── __init__.py
│ ├── atom.xml
│ ├── conftest.py
│ ├── nasa.xml
│ └── test_rss_trigger.py
└── trigger_rss_feed.json
├── Retarus
├── CHANGELOG.md
├── Dockerfile
├── connector_retarus_events.json
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── retarus_modules
│ ├── __init__.py
│ ├── configuration.py
│ ├── connector.py
│ ├── consumer.py
│ └── metrics.py
└── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── test_retarus_events_consumer.py
│ └── test_retarus_events_forwarder.py
├── RiskIQ
├── CHANGELOG.md
├── Dockerfile
├── action_host_cert.json
├── action_pdns-hex.json
├── action_pdns-ip.json
├── action_pdns-name.json
├── action_ssl_cert_host.json
├── action_ssl_cert_name.json
├── action_ssl_cert_serial_number.json
├── action_ssl_cert_sha1.json
├── action_whois_address.json
├── action_whois_domain.json
├── action_whois_email.json
├── action_whois_name.json
├── action_whois_nameserver.json
├── action_whois_organization.json
├── action_whois_phone.json
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── riskiq_module
│ └── __init__.py
└── tests
│ └── test_riskiq.py
├── Rubycat
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Salesforce
├── .gitignore
├── CHANGELOG.md
├── Dockerfile
├── client
│ ├── __init__.py
│ ├── http_client.py
│ ├── schemas
│ │ ├── __init__.py
│ │ ├── log_file.py
│ │ └── token.py
│ └── token_refresher.py
├── connector_salesforce_events.json
├── logger
│ ├── __init__.py
│ ├── config.py
│ ├── formatters.py
│ └── handlers.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── salesforce
│ ├── __init__.py
│ ├── connector.py
│ ├── metrics.py
│ └── models.py
├── tests
│ ├── __init__.py
│ ├── client
│ │ ├── __init__.py
│ │ ├── schemas
│ │ │ ├── __init__.py
│ │ │ ├── test_log_file.py
│ │ │ └── test_token.py
│ │ ├── test_http_client.py
│ │ └── test_token_refresher.py
│ ├── conftest.py
│ ├── logger
│ │ ├── __init__.py
│ │ ├── test_config.py
│ │ ├── test_formatters.py
│ │ └── test_handler.py
│ ├── salesforce
│ │ ├── __init__.py
│ │ └── test_connector.py
│ └── utils
│ │ ├── __init__.py
│ │ └── test_file_utils.py
├── trigger_salesforce_events.json
└── utils
│ ├── __init__.py
│ └── file_utils.py
├── Seckiot
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── SecurityScorecard
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Sekoia.io
├── .dockerignore
├── CHANGELOG.md
├── Dockerfile
├── action_activate_a_countermeasure.json
├── action_add_events_to_a_case.json
├── action_add_ioc_to_ioc_collection.json
├── action_adds_an_attribute_to_the_asset.json
├── action_adds_an_key_to_the_asset.json
├── action_assets_merge.json
├── action_associate_new_alerts_on_a_case.json
├── action_create_a_new_tracker_notification.json
├── action_create_case.json
├── action_create_rule.json
├── action_creates_a_new_asset.json
├── action_creates_a_new_asset_v2.json
├── action_delete_case.json
├── action_delete_rule.json
├── action_deletes_an_asset.json
├── action_deletes_an_asset_v2.json
├── action_deny_a_countermeasure.json
├── action_disable_rule.json
├── action_enable_rule.json
├── action_get_aggregation_query.json
├── action_get_an_alert.json
├── action_get_case.json
├── action_get_community.json
├── action_get_context.json
├── action_get_custom_priority.json
├── action_get_custom_status.json
├── action_get_custom_verdict.json
├── action_get_entity.json
├── action_get_event_field_common_values.json
├── action_get_events.json
├── action_get_intake.json
├── action_get_rule.json
├── action_inthreat_post_bundle.json
├── action_inthreat_upload_observables.json
├── action_list_alerts.json
├── action_list_assets.json
├── action_list_assets_v2.json
├── action_patch_an_alert.json
├── action_post_a_comment_on_a_case.json
├── action_post_a_comment_on_an_alert.json
├── action_post_reports_pdf.json
├── action_post_reports_url.json
├── action_predict_the_state_of_an_alert.json
├── action_push_event_to_intake.json
├── action_remove_event_from_case.json
├── action_reports_get_a_report.json
├── action_returns_an_asset.json
├── action_returns_an_asset_v2.json
├── action_synchronize_asset.json
├── action_trigger_an_action_on_the_alert_workflow.json
├── action_trigger_status_update_on_alert.json
├── action_update_case.json
├── action_update_rule.json
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── sekoiaio
│ ├── __init__.py
│ ├── intelligence_center
│ │ ├── __init__.py
│ │ ├── actions.py
│ │ ├── add_ioc_to_ioc_collection.py
│ │ ├── base.py
│ │ └── upload_observables_inthreat.py
│ ├── operation_center
│ │ ├── __init__.py
│ │ ├── assets_merge.py
│ │ ├── base_get_event.py
│ │ ├── get_aggregation_query.py
│ │ ├── get_asset.py
│ │ ├── get_event_field_common_values.py
│ │ ├── get_events.py
│ │ ├── push_event_to_intake.py
│ │ ├── synchronize_assets_with_ad.py
│ │ └── update_alert_status.py
│ ├── triggers
│ │ ├── __init__.py
│ │ ├── alerts.py
│ │ ├── base.py
│ │ ├── cases.py
│ │ ├── intelligence.py
│ │ └── messages_processor.py
│ ├── utils.py
│ └── workspace
│ │ └── __init__.py
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── ic_oc_triggers
│ │ ├── __init__.py
│ │ ├── conftest.py
│ │ ├── samples.py
│ │ ├── test_alerts.py
│ │ ├── test_base.py
│ │ ├── test_cases.py
│ │ ├── test_intelligence.py
│ │ └── test_messages_processor.py
│ ├── operation_center_action
│ │ ├── __init__.py
│ │ ├── test_assets_merge.py
│ │ ├── test_get_asset.py
│ │ ├── test_get_event_field_common_values.py
│ │ ├── test_get_events.py
│ │ ├── test_push_event_to_intake.py
│ │ ├── test_synchronize_assets.py
│ │ └── test_update_alert_status.py
│ ├── test_actions_getters.py
│ ├── test_actions_rules.py
│ ├── test_add_ioc_2_ioc_collection.py
│ ├── test_get_context.py
│ ├── test_operation_center.py
│ ├── test_post_bundle.py
│ └── test_utils.py
├── trigger_sekoiaio_alert_comment_created.json
├── trigger_sekoiaio_alert_created.json
├── trigger_sekoiaio_alert_status_changed.json
├── trigger_sekoiaio_alert_updated.json
├── trigger_sekoiaio_alert_webhook.json
├── trigger_sekoiaio_case_alerts_updated.json
├── trigger_sekoiaio_case_created.json
├── trigger_sekoiaio_case_updated.json
├── trigger_sekoiaio_feed_consumption.json
├── trigger_sekoiaio_feed_ioc_consumption.json
└── trigger_sekoiaio_securityalert.json
├── SentinelOne
├── CHANGELOG.md
├── CONFIGURE.md
├── Dockerfile
├── action_create_iocs.json
├── action_create_threat_note.json
├── action_deisolate_endpoint.json
├── action_get_malwares.json
├── action_init_scan.json
├── action_isolate_endpoint.json
├── action_query_deep_visibility.json
├── action_remote_script_execute.json
├── action_update_threat_incident.json
├── connector_sentinelone_deepvisibility.json
├── connector_sentinelone_logs.json
├── connector_sentinelone_singularity_identity.json
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── resources
│ └── export.proto
├── sentinel-mgmt-sdk.tar.gz
├── sentinelone_module
│ ├── __init__.py
│ ├── agents
│ │ ├── __init__.py
│ │ ├── init_scan.py
│ │ └── isolation.py
│ ├── base.py
│ ├── deep_visibility
│ │ ├── __init__.py
│ │ ├── consumer.py
│ │ ├── export_pb2.py
│ │ └── query.py
│ ├── exceptions.py
│ ├── filters.py
│ ├── helpers.py
│ ├── iocs
│ │ ├── __init__.py
│ │ └── create_iocs.py
│ ├── logging.py
│ ├── logs
│ │ ├── __init__.py
│ │ ├── configuration.py
│ │ ├── connector.py
│ │ ├── helpers.py
│ │ └── metrics.py
│ ├── rso
│ │ ├── __init__.py
│ │ └── execute.py
│ ├── singularity
│ │ ├── __init__.py
│ │ ├── client.py
│ │ └── connectors.py
│ └── threats
│ │ ├── __init__.py
│ │ ├── create_threat_note.py
│ │ ├── get_malwares.py
│ │ └── update_threat_incident.py
├── tests
│ ├── __init__.py
│ ├── agents
│ │ ├── __init__.py
│ │ ├── test_init_scan.py
│ │ └── test_isolation.py
│ ├── conftest.py
│ ├── deep_visibility
│ │ ├── __init__.py
│ │ ├── conftest.py
│ │ └── test_query.py
│ ├── iocs
│ │ └── test_create_iocs.py
│ ├── logs
│ │ ├── __init__.py
│ │ ├── test_connector.py
│ │ └── test_helpers.py
│ ├── rso
│ │ ├── __init__.py
│ │ └── test_execute.py
│ ├── singularity
│ │ ├── __init__.py
│ │ ├── conftest.py
│ │ ├── test_client.py
│ │ └── test_connectors.py
│ ├── test_filters.py
│ ├── test_helpers.py
│ ├── threats
│ │ ├── __init__.py
│ │ ├── test_create_threat_note.py
│ │ ├── test_get_malwares.py
│ │ └── test_update_threat_incident.py
│ └── triggers
│ │ ├── __init__.py
│ │ ├── conftest.py
│ │ └── test_consumer.py
├── trigger_sentinelone_deepvisibility.json
└── trigger_sentinelone_logs.json
├── SentinelOneDeepVisibility
├── CHANGELOG.md
├── Dockerfile
├── connector_sentinelone_deepvisibility.json
├── deep_visibility
│ ├── __init__.py
│ ├── connector_s3_logs.py
│ └── metrics.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── deep_visibility
│ │ ├── __init__.py
│ │ └── test_trigger_s3_logs.py
│ └── helpers.py
└── trigger_sentinelone_deepvisibility.json
├── ServiceNow
├── CHANGELOG.md
├── Dockerfile
├── action_servicenow_get_table.json
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── service_now
│ └── __init__.py
└── tests
│ ├── __init__.py
│ └── test_servicenow.py
├── SesameIT
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Shodan
├── CHANGELOG.md
├── Dockerfile
├── action_get_dns_domain.json
├── action_get_dns_resolve.json
├── action_get_dns_reverse.json
├── action_get_shodan_host.json
├── action_get_shodan_host_count.json
├── action_get_shodan_host_search.json
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── shodan
│ ├── __init__.py
│ └── helpers.py
└── tests
│ ├── __init__.py
│ ├── shodan_get_host_response.json
│ ├── shodan_response.json
│ ├── test_account_validation.py
│ └── test_helpers.py
├── SkyhighSecurity
├── CHANGELOG.md
├── Dockerfile
├── README.md
├── connector_skyhigh_security_swg.json
├── gateway_cloud_services
│ ├── __init__.py
│ ├── metrics.py
│ └── trigger_skyhigh_security_swg.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── api_response.csv
│ ├── conftest.py
│ └── test_gateway_cloud_services_trigger.py
└── trigger_skyhigh_security_swg.json
├── SonicWall
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Sophos
├── CHANGELOG.md
├── Dockerfile
├── action_sophos_edr_deisolate.json
├── action_sophos_edr_isolate.json
├── action_sophos_edr_run_scan.json
├── connector_sophos_events.json
├── connector_sophos_xdr_query.json
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── sophos_module
│ ├── __init__.py
│ ├── action_base.py
│ ├── action_sophos_edr_deisolate.py
│ ├── action_sophos_edr_isolate.py
│ ├── action_sophos_edr_run_scan.py
│ ├── base.py
│ ├── client
│ │ ├── __init__.py
│ │ ├── auth.py
│ │ └── exceptions.py
│ ├── helper.py
│ ├── logging.py
│ ├── metrics.py
│ ├── trigger_sophos_edr_events.py
│ └── trigger_sophos_xdr_query.py
├── tests
│ ├── __init__.py
│ ├── client
│ │ ├── __init__.py
│ │ ├── test_auth.py
│ │ └── test_client.py
│ ├── conftest.py
│ ├── test_helper.py
│ ├── test_sophos_edr_actions.py
│ ├── test_sophos_edr_trigger.py
│ └── test_sophos_xdr_query.py
├── trigger_sophos_events.json
└── trigger_sophos_xdr_query.json
├── Squid
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Stormshield
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── StormshieldSES
├── CHANGELOG.md
├── CONFIGURE.md
├── Dockerfile
├── action_stormshield_deisolate_agent.json
├── action_stormshield_isolate_agent.json
├── action_stormshield_quarantine_file.json
├── action_stormshield_restore_quarantine_file.json
├── action_stormshield_terminate_process.json
├── action_stormshield_wait_task.json
├── docs
│ └── assets
│ │ ├── Step01.png
│ │ ├── Step02.png
│ │ ├── Step03.png
│ │ ├── Step04.png
│ │ ├── Step05.png
│ │ ├── Step06.png
│ │ └── Step07.png
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── stormshield_module
│ ├── __init__.py
│ ├── base.py
│ ├── endpoint_actions.py
│ ├── exceptions.py
│ ├── process_actions.py
│ ├── quarantined_file_actions.py
│ └── wait_task.py
└── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── test_base.py
│ ├── test_endpoint_deisolation.py
│ ├── test_endpoint_isolation.py
│ ├── test_file_restoration.py
│ ├── test_quarantine_file.py
│ ├── test_terminate_process.py
│ └── test_wait_tasks.py
├── Suricata
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Systancia
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Tanium
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Tehtris
├── CHANGELOG.md
├── Dockerfile
├── connector_tehtris_events.json
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tehtris_modules
│ ├── __init__.py
│ ├── client.py
│ ├── constants.py
│ ├── metrics.py
│ ├── models.py
│ └── trigger_tehtris_events.py
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ └── test_tehtris_event_trigger.py
└── trigger_tehtris_events.json
├── Tenable
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── TheHive
├── .dockerignore
├── CHANGELOG.md
├── Dockerfile
├── LICENCE
├── action_create_alert.json
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ └── test_create_alert.py
└── thehive
│ ├── __init__.py
│ └── create_alert.py
├── TheHiveV5
├── .dockerignore
├── CHANGELOG.md
├── Dockerfile
├── LICENCE
├── action_create_alert.json
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ └── test_create_alert.py
└── thehive
│ ├── __init__.py
│ └── create_alert.py
├── ThinkstCanary
├── CHANGELOG.md
├── Dockerfile
├── connector_thinkst_canary_alerts.json
├── dev.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ └── test_thinkst_canary_connector.py
├── thinkst_canary_modules
│ ├── __init__.py
│ ├── client
│ │ ├── __init__.py
│ │ └── auth.py
│ ├── connector_thinkst_canary_alerts.py
│ ├── metrics.py
│ └── models.py
└── trigger_thinkst_canary_alerts.json
├── Tranco
├── CHANGELOG.md
├── Dockerfile
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── data
│ │ └── top-1m.csv.zip
│ └── test_triggers.py
├── tranco_module
│ ├── __init__.py
│ └── triggers.py
└── trigger_fetch-tranco-list.json
├── Trellix
├── .gitignore
├── CHANGELOG.md
├── Dockerfile
├── client
│ ├── __init__.py
│ ├── errors.py
│ ├── http_client.py
│ ├── retry.py
│ ├── schemas
│ │ ├── __init__.py
│ │ ├── attributes
│ │ │ ├── __init__.py
│ │ │ ├── edr_affectedhosts.py
│ │ │ ├── edr_alerts.py
│ │ │ ├── edr_detections.py
│ │ │ ├── edr_threats.py
│ │ │ └── epo_events.py
│ │ ├── token.py
│ │ └── trellix_response.py
│ └── token_refresher.py
├── connector_trellix_edr.json
├── connector_trellix_epo.json
├── connectors
│ ├── __init__.py
│ ├── metrics.py
│ ├── trellix_edr_connector.py
│ └── trellix_epo_connector.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── client
│ │ ├── __init__.py
│ │ ├── schemas
│ │ │ ├── __init__.py
│ │ │ ├── test_edr_affectedhost.py
│ │ │ ├── test_edr_alerts.py
│ │ │ ├── test_edr_detections.py
│ │ │ ├── test_edr_threat.py
│ │ │ ├── test_epo_event.py
│ │ │ └── test_token.py
│ │ ├── test_errors.py
│ │ ├── test_http_client.py
│ │ ├── test_retry.py
│ │ └── test_token_refresher.py
│ ├── conftest.py
│ └── connectors
│ │ ├── __init__.py
│ │ ├── conftest.py
│ │ ├── test_trellix_edr_connector.py
│ │ └── test_trellix_epo_connector.py
├── trigger_trellix_edr.json
└── trigger_trellix_epo.json
├── TrendMicro
├── CHANGELOG.md
├── Dockerfile
├── connector_email_sec.json
├── connector_vision_one_oat.json
├── connector_vision_one_workbench.json
├── dev.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── test_trigger_email_sec.py
│ ├── test_trigger_vision_one_oat.py
│ └── test_trigger_vision_one_workbench.py
├── trendmicro_modules
│ ├── __init__.py
│ ├── client
│ │ ├── __init__.py
│ │ └── auth.py
│ ├── helpers.py
│ ├── logging.py
│ ├── metrics.py
│ ├── models.py
│ ├── trigger_email_sec.py
│ ├── trigger_vision_one_base.py
│ ├── trigger_vision_one_oat.py
│ └── trigger_vision_one_workbench.py
├── trigger_email_sec.json
├── trigger_vision_one_oat.json
└── trigger_vision_one_workbench.json
├── Triage
├── CHANGELOG.md
├── Dockerfile
├── action_triage_to_observables.json
├── logo.svg
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── data.py
│ ├── test_triage_to_observables.py
│ └── test_triage_triggers.py
├── triage_modules
│ ├── __init__.py
│ ├── action_triage_to_observables.py
│ ├── trigger_triage.py
│ └── utils.py
└── trigger_triage.json
├── Ubika
├── CHANGELOG.md
├── Dockerfile
├── connector_ubika_cloud_protector_alerts.json
├── connector_ubika_cloud_protector_next_gen.json
├── connector_ubika_cloud_protector_traffic.json
├── dev.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── test_ubika_cloud_protector_alerts.py
│ ├── test_ubika_cloud_protector_next_gen.py
│ └── test_ubika_cloud_protector_traffic.py
├── trigger_ubika_cloud_protector_alerts.json
├── trigger_ubika_cloud_protector_next_gen.json
├── trigger_ubika_cloud_protector_traffic.json
└── ubika_modules
│ ├── __init__.py
│ ├── client
│ ├── __init__.py
│ └── auth.py
│ ├── connector_ubika_cloud_protector_alerts.py
│ ├── connector_ubika_cloud_protector_base.py
│ ├── connector_ubika_cloud_protector_next_gen.py
│ ├── connector_ubika_cloud_protector_traffic.py
│ ├── metrics.py
│ └── models.py
├── Umbrella
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Unbound
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Utils
├── CHANGELOG.md
├── Dockerfile
├── action_fileutils_readjsonfile.json
├── action_fileutils_readxmlfile.json
├── action_groupby.json
├── action_password_generator.json
├── action_utils_getcurrenttime.json
├── action_utils_wait.json
├── logo.svg
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── test_action_fileutils_readjsonfile.py
│ ├── test_action_fileutils_readxmlfile.py
│ ├── test_action_groupby.py
│ ├── test_action_utils_wait.py
│ ├── test_get_current_time.py
│ └── test_password_generator.py
└── utils
│ ├── __init__.py
│ ├── action_fileutils_readjsonfile.py
│ ├── action_fileutils_readxmlfile.py
│ ├── action_get_current_time.py
│ ├── action_groupby.py
│ ├── action_utils_wait.py
│ └── password_generator.py
├── VMWare
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── VadeCloud
├── CHANGELOG.md
├── Dockerfile
├── connector_vade_cloud_logs.json
├── context.json
├── dev.py
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── test_vade_cloud_logs_trigger_integration.py
│ └── test_vade_cloud_logs_trigger_unitary.py
├── trigger_vade_cloud_logs.json
└── vadecloud_modules
│ ├── __init__.py
│ ├── client
│ ├── __init__.py
│ └── auth.py
│ ├── metrics.py
│ ├── models.py
│ └── trigger_vade_cloud_logs.py
├── VadeSecure
├── CHANGELOG.md
├── Dockerfile
├── connector_m365_events.json
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── conftest.py
│ ├── test_m365_events_connector.py
│ ├── test_m365_events_trigger.py
│ └── test_m365_mixin.py
├── trigger_m365_events.json
└── vadesecure_modules
│ ├── __init__.py
│ ├── client
│ ├── __init__.py
│ └── auth.py
│ ├── connector_m365_events.py
│ ├── m365_mixin.py
│ ├── metrics.py
│ ├── models.py
│ └── trigger_m365_events.py
├── Varonis
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Vectra
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Veeam
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Virustotal
├── CHANGELOG.md
├── Dockerfile
├── action_virustotal_getcomment.json
├── action_virustotal_postcomment.json
├── action_virustotal_scandomain.json
├── action_virustotal_scanfile.json
├── action_virustotal_scanhash.json
├── action_virustotal_scanip.json
├── action_virustotal_scanurl.json
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── data
│ │ └── livehunt_response.json
│ ├── eicar.txt
│ ├── test_get_comments_virustotal.py
│ ├── test_post_comment_virustotal.py
│ ├── test_scan_domain_virustotal.py
│ ├── test_scan_file_virustotal.py
│ ├── test_scan_hash_virustotal.py
│ ├── test_scan_ip_virustotal.py
│ ├── test_scan_url_virustotal.py
│ └── test_trigger_livehunt_notification_files.py
├── trigger_virustotal_livehunt_notification_files.json
└── virustotal
│ ├── __init__.py
│ ├── action_virustotal_getcomments.py
│ ├── action_virustotal_postcomment.py
│ ├── action_virustotal_scandomain.py
│ ├── action_virustotal_scanfile.py
│ ├── action_virustotal_scanhash.py
│ ├── action_virustotal_scanip.py
│ ├── action_virustotal_scanurl.py
│ ├── api.py
│ ├── errors.py
│ ├── livehunt_notification_files_trigger.py
│ └── utils.py
├── Wallix
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── WatchGuard
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Wazuh
├── CHANGELOG.md
├── logo.png
└── manifest.json
├── Whois
├── CHANGELOG.md
├── Dockerfile
├── action_whois.json
├── logo.svg
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ └── test_whois_action.py
└── whois_module
│ ├── __init__.py
│ └── whois_action.py
├── WithSecure
├── CHANGELOG.md
├── Dockerfile
├── action_comment_incident.json
├── action_enumerate_processes.json
├── action_isolate_device_from_network.json
├── action_kill_process.json
├── action_kill_thread.json
├── action_list_detections_for_incident.json
├── action_list_devices.json
├── action_release_device_from_network_isolation.json
├── action_scan_device_for_malware.json
├── action_update_incident_status.json
├── connector_pull_security_events.json
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── client
│ │ ├── __init__.py
│ │ └── test_auth.py
│ ├── conftest.py
│ ├── test_comment_incident.py
│ ├── test_enumerate_processes.py
│ ├── test_helpers.py
│ ├── test_isolate_device_from_network_action.py
│ ├── test_kill_process.py
│ ├── test_kill_thread.py
│ ├── test_list_detections_for_incident.py
│ ├── test_list_devices_action.py
│ ├── test_release_device_from_network_isolation_action.py
│ ├── test_scan_device_for_malware.py
│ ├── test_security_event_connector.py
│ └── test_update_status_incident.py
├── trigger_pull_security_events.json
└── withsecure
│ ├── __init__.py
│ ├── client
│ ├── __init__.py
│ ├── auth.py
│ └── exceptions.py
│ ├── comment_incident.py
│ ├── constants.py
│ ├── device_operation_action.py
│ ├── enumerate_processes.py
│ ├── helpers.py
│ ├── incident_operation_action.py
│ ├── isolate_device_from_network_action.py
│ ├── kill_process.py
│ ├── kill_thread.py
│ ├── list_detections_for_incident.py
│ ├── list_devices_action.py
│ ├── logging.py
│ ├── metrics.py
│ ├── models.py
│ ├── release_device_from_network_isolation_action.py
│ ├── response_action.py
│ ├── scan_device_for_malware.py
│ ├── security_events_connector.py
│ └── update_incident_status.py
├── Wiz
├── CHANGELOG.md
├── Dockerfile
├── connector_wiz_audit_logs.json
├── connector_wiz_cloud_configuration_findings.json
├── connector_wiz_issues.json
├── connector_wiz_vulnerability_findings.json
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── __init__.py
│ ├── client
│ │ ├── __init__.py
│ │ ├── test_gql_client.py
│ │ └── test_token_refresher.py
│ ├── conftest.py
│ ├── test_wiz_audit_logs_connectory.py
│ ├── test_wiz_cloud_configuration_findings_connectory.py
│ ├── test_wiz_issues_connectory.py
│ └── test_wiz_vulnerability_findings_connectory.py
├── trigger_wiz_audit_logs.json
├── trigger_wiz_cloud_configuration_findings.json
├── trigger_wiz_issues.json
├── trigger_wiz_vulnerability_findings.json
└── wiz
│ ├── __init__.py
│ ├── client
│ ├── __init__.py
│ ├── gql_client.py
│ └── token_refresher.py
│ ├── metrics.py
│ ├── wiz_audit_logs_connector.py
│ ├── wiz_cloud_configuration_findings_connector.py
│ ├── wiz_issues_connector.py
│ └── wiz_vulnerability_findings_connector.py
├── Zscaler
├── .dockerignore
├── CHANGELOG.md
├── Dockerfile
├── action_block_ioc.json
├── action_push_iocs_block.json
├── action_unblock_ioc.json
├── logo.png
├── main.py
├── manifest.json
├── poetry.lock
├── pyproject.toml
├── tests
│ ├── test_block_ioc_integration.py
│ ├── test_block_ioc_unitary.py
│ └── test_helpers.py
└── zscaler
│ ├── __init__.py
│ ├── block_ioc.py
│ └── helpers.py
├── _utils
├── compliance
│ ├── __init__.py
│ ├── __main__.py
│ └── validators
│ │ ├── __init__.py
│ │ ├── actions_json.py
│ │ ├── base.py
│ │ ├── changelog.py
│ │ ├── connectors_json.py
│ │ ├── deps.py
│ │ ├── dockerfile.py
│ │ ├── helpers.py
│ │ ├── logo.py
│ │ ├── main.py
│ │ ├── manifest.py
│ │ ├── models.py
│ │ ├── module.py
│ │ ├── tests.py
│ │ └── triggers_json.py
├── poetry.lock
└── pyproject.toml
├── codecov.yml
├── docs
├── README.md
├── action.md
├── developement_guideline.md
├── glossary.md
├── module.md
├── organization.md
├── testing.md
└── trigger.md
└── linter.py
/.complianceignore:
--------------------------------------------------------------------------------
1 | # This is a list of files we ignore
2 |
3 | Sekoia.io/main.py
4 |
5 | # In VadeSecure trigger and connector are different
6 | VadeSecure/connector_m365_events.json
7 |
--------------------------------------------------------------------------------
/1Password/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/1Password/logo.png
--------------------------------------------------------------------------------
/1Password/main.py:
--------------------------------------------------------------------------------
1 | from onepassword_modules import OnePasswordModule
2 | from onepassword_modules.connector_1password_epm import OnePasswordConnector
3 |
4 | if __name__ == "__main__":
5 | module = OnePasswordModule()
6 | module.register(OnePasswordConnector, "get_1password_epm_events")
7 | module.run()
8 |
--------------------------------------------------------------------------------
/1Password/onepassword_modules/__init__.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from .models import OnePasswordModuleConfiguration
4 |
5 |
6 | class OnePasswordModule(Module):
7 | configuration: OnePasswordModuleConfiguration
8 |
--------------------------------------------------------------------------------
/1Password/onepassword_modules/client/auth.py:
--------------------------------------------------------------------------------
1 | from requests.auth import AuthBase
2 |
3 |
4 | class ApiKeyAuthentication(AuthBase):
5 | def __init__(self, api_token: str):
6 | self.__api_token = api_token
7 |
8 | def __call__(self, request):
9 | request.headers["Authorization"] = f"Bearer {self.__api_token}"
10 | return request
11 |
--------------------------------------------------------------------------------
/1Password/onepassword_modules/models.py:
--------------------------------------------------------------------------------
1 | from pydantic import BaseModel, Field
2 |
3 |
4 | class OnePasswordModuleConfiguration(BaseModel):
5 | base_url: str = Field(..., description="Base URL")
6 | api_token: str = Field(..., description="API token", secret=True)
7 |
--------------------------------------------------------------------------------
/1Password/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/1Password/tests/__init__.py
--------------------------------------------------------------------------------
/AWS/aws_helpers/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/AWS/aws_helpers/__init__.py
--------------------------------------------------------------------------------
/AWS/connectors/s3/logs/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/AWS/connectors/s3/logs/__init__.py
--------------------------------------------------------------------------------
/AWS/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/AWS/logo.png
--------------------------------------------------------------------------------
/AWS/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/AWS/tests/__init__.py
--------------------------------------------------------------------------------
/AWS/tests/aws_helpers/__init__.py:
--------------------------------------------------------------------------------
1 | """Tests relates to the wrappers."""
2 |
--------------------------------------------------------------------------------
/AWS/tests/connectors/__init__.py:
--------------------------------------------------------------------------------
1 | """Tests related to the connectors."""
2 |
--------------------------------------------------------------------------------
/AWS/tests/connectors/s3/__init__.py:
--------------------------------------------------------------------------------
1 | """Tests related to connectors.s3."""
2 |
--------------------------------------------------------------------------------
/AWS/tests/connectors/s3/logs/__init__.py:
--------------------------------------------------------------------------------
1 | """Contains tests related to logs package."""
2 |
--------------------------------------------------------------------------------
/AWS/tests/connectors/s3/logs/conftest.py:
--------------------------------------------------------------------------------
1 | """Some useful mocks for AWS services."""
2 |
3 | import pytest
4 |
5 | from .mock import boto3_module_patching, boto3_session_patching
6 |
7 |
8 | @pytest.fixture
9 | def aws_mock() -> None:
10 | with boto3_module_patching, boto3_session_patching:
11 | yield
12 |
--------------------------------------------------------------------------------
/AWS/tests/connectors/s3/test_ocsf.parquet:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/AWS/tests/connectors/s3/test_ocsf.parquet
--------------------------------------------------------------------------------
/AWS/tests/connectors/s3/test_parquet.parquet:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/AWS/tests/connectors/s3/test_parquet.parquet
--------------------------------------------------------------------------------
/AWS/tests/data/111111111111_vpcflowlogs_eu-west-3_fl-032a163fae170ae52_20220831T1255Z_2ad4bef5.parquet:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/AWS/tests/data/111111111111_vpcflowlogs_eu-west-3_fl-032a163fae170ae52_20220831T1255Z_2ad4bef5.parquet
--------------------------------------------------------------------------------
/Akamai/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## [Unreleased]
9 |
--------------------------------------------------------------------------------
/Akamai/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM python:3.11
2 |
3 | WORKDIR /app
4 |
5 | RUN pip install poetry
6 |
7 | # Install dependencies
8 | COPY poetry.lock pyproject.toml /app/
9 | RUN poetry config virtualenvs.create false && poetry install --only main
10 |
11 | COPY . .
12 |
13 | RUN useradd -ms /bin/bash sekoiaio-runtime
14 | USER sekoiaio-runtime
15 |
16 | ENTRYPOINT [ "python", "./main.py" ]
17 |
--------------------------------------------------------------------------------
/Akamai/akamai_modules/__init__.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from .models import AkamaiModuleConfiguration
4 |
5 |
6 | class AkamaiModule(Module):
7 | configuration: AkamaiModuleConfiguration
8 |
--------------------------------------------------------------------------------
/Akamai/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Akamai/logo.png
--------------------------------------------------------------------------------
/Akamai/main.py:
--------------------------------------------------------------------------------
1 | from akamai_modules import AkamaiModule
2 | from akamai_modules.connector_akamai_waf import AkamaiWAFLogsConnector
3 |
4 | if __name__ == "__main__":
5 | module = AkamaiModule()
6 | module.register(AkamaiWAFLogsConnector, "akamai_waf_logs")
7 | module.run()
8 |
--------------------------------------------------------------------------------
/Akamai/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Akamai/tests/__init__.py
--------------------------------------------------------------------------------
/Apache/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Apache/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Apache/logo.png
--------------------------------------------------------------------------------
/Aruba Network/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Aruba Network/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Aruba Network/logo.png
--------------------------------------------------------------------------------
/AssetConnector/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## [Unreleased]
9 |
--------------------------------------------------------------------------------
/AssetConnector/asset_connector/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/AssetConnector/asset_connector/__init__.py
--------------------------------------------------------------------------------
/AssetConnector/logo.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/AssetConnector/main.py:
--------------------------------------------------------------------------------
1 | from asset_connector.fake_asset_connector import FakeAssetConnectorModule, FakeAssetConnector
2 |
3 | if __name__ == "__main__":
4 | module = FakeAssetConnectorModule()
5 | module.register(FakeAssetConnector, "fake_asset_connector")
6 | module.run()
7 |
--------------------------------------------------------------------------------
/AssetConnector/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/AssetConnector/tests/__init__.py
--------------------------------------------------------------------------------
/Azure/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM python:3.11
2 |
3 | WORKDIR /app
4 |
5 | RUN pip install poetry
6 |
7 | # Install dependencies
8 | COPY poetry.lock pyproject.toml /app/
9 | RUN poetry config virtualenvs.create false && poetry install --only main
10 |
11 | COPY . .
12 |
13 | RUN useradd -ms /bin/bash sekoiaio-runtime
14 | USER sekoiaio-runtime
15 |
16 | ENTRYPOINT [ "python", "./main.py" ]
17 |
--------------------------------------------------------------------------------
/Azure/azure_helpers/__init__.py:
--------------------------------------------------------------------------------
1 | """Contains all useful wrappers and logic to work with Azure services."""
2 |
--------------------------------------------------------------------------------
/Azure/azure_helpers/io.py:
--------------------------------------------------------------------------------
1 | def is_gzip_compressed(content: bytes) -> bool:
2 | """
3 | Check if the current object is compressed with gzip.
4 |
5 | Args:
6 | content: bytes
7 |
8 | Returns:
9 | bool:
10 | """
11 | # check the magic number
12 | return content[0:2] == b"\x1f\x8b"
13 |
--------------------------------------------------------------------------------
/Azure/connectors/__init__.py:
--------------------------------------------------------------------------------
1 | """This module contains connector, metrics."""
2 |
--------------------------------------------------------------------------------
/Azure/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Azure/logo.png
--------------------------------------------------------------------------------
/Azure/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Azure/tests/__init__.py
--------------------------------------------------------------------------------
/Azure/tests/azure_helpers/__init__.py:
--------------------------------------------------------------------------------
1 | """Tests related to azure helpers."""
2 |
--------------------------------------------------------------------------------
/Azure/tests/connector/__init__.py:
--------------------------------------------------------------------------------
1 | """Tests related to connectors."""
2 |
--------------------------------------------------------------------------------
/Azure/tests/connector/blob/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Azure/tests/connector/blob/__init__.py
--------------------------------------------------------------------------------
/AzureMonitor/azure_monitor_modules/__init__.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from .models import AzureMonitorModuleConfiguration
4 |
5 |
6 | class AzureMonitorModule(Module):
7 | configuration: AzureMonitorModuleConfiguration
8 |
--------------------------------------------------------------------------------
/AzureMonitor/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/AzureMonitor/logo.png
--------------------------------------------------------------------------------
/AzureMonitor/main.py:
--------------------------------------------------------------------------------
1 | from azure_monitor_modules import AzureMonitorModule
2 | from azure_monitor_modules.action_query import AzureMonitorQueryAction
3 |
4 | if __name__ == "__main__":
5 | module = AzureMonitorModule()
6 | module.register(AzureMonitorQueryAction, "action_query_logs")
7 | module.run()
8 |
--------------------------------------------------------------------------------
/AzureMonitor/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/AzureMonitor/tests/__init__.py
--------------------------------------------------------------------------------
/BIND/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/BIND/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/BIND/logo.png
--------------------------------------------------------------------------------
/Beats/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Beats/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Beats/logo.png
--------------------------------------------------------------------------------
/BeyondTrust/beyondtrust_modules/__init__.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from .models import BeyondTrustModuleConfiguration
4 |
5 |
6 | class BeyondTrustModule(Module):
7 | configuration: BeyondTrustModuleConfiguration
8 |
--------------------------------------------------------------------------------
/BeyondTrust/beyondtrust_modules/models.py:
--------------------------------------------------------------------------------
1 | from pydantic import BaseModel, Field
2 |
3 |
4 | class BeyondTrustModuleConfiguration(BaseModel):
5 | base_url: str = Field(..., description="Base URL")
6 | client_id: str = Field(..., description="Client ID")
7 | client_secret: str = Field(..., description="Client secret", secret=True)
8 |
--------------------------------------------------------------------------------
/BeyondTrust/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/BeyondTrust/logo.png
--------------------------------------------------------------------------------
/BeyondTrust/main.py:
--------------------------------------------------------------------------------
1 | from beyondtrust_modules import BeyondTrustModule
2 | from beyondtrust_modules.connector_pra_platform import BeyondTrustPRAPlatformConnector
3 |
4 | if __name__ == "__main__":
5 | module = BeyondTrustModule()
6 | module.register(BeyondTrustPRAPlatformConnector, "connector_beyondtrust_pra")
7 | module.run()
8 |
--------------------------------------------------------------------------------
/BeyondTrust/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/BeyondTrust/tests/__init__.py
--------------------------------------------------------------------------------
/BinaryEdges/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/BinaryEdges/logo.png
--------------------------------------------------------------------------------
/BinaryEdges/tests/test_binary_edges.py:
--------------------------------------------------------------------------------
1 | from binaryedges import GetQueryIpTarget
2 |
3 |
4 | def test_binaryedges():
5 | assert GetQueryIpTarget.verb == "get"
6 |
--------------------------------------------------------------------------------
/BitDefender/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/BitDefender/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/BitDefender/logo.png
--------------------------------------------------------------------------------
/Bitsight/client/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Bitsight/client/__init__.py
--------------------------------------------------------------------------------
/Bitsight/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Bitsight/logo.png
--------------------------------------------------------------------------------
/Bitsight/main.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.loguru.config import init_logging
2 |
3 | from connectors import BitsightModule
4 | from connectors.pull_findings_trigger import PullFindingsConnector
5 |
6 | if __name__ == "__main__":
7 | init_logging()
8 | module = BitsightModule()
9 | module.register(PullFindingsConnector, "bitsight_findings")
10 | module.run()
11 |
--------------------------------------------------------------------------------
/Bitsight/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Bitsight/tests/__init__.py
--------------------------------------------------------------------------------
/Bitsight/tests/client/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Bitsight/tests/client/__init__.py
--------------------------------------------------------------------------------
/Bitsight/tests/connectors/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Bitsight/tests/connectors/__init__.py
--------------------------------------------------------------------------------
/Broadcom/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Broadcom/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Broadcom/logo.png
--------------------------------------------------------------------------------
/BroadcomCloudSwg/.gitignore:
--------------------------------------------------------------------------------
1 | .coverage
2 | .idea
3 | htmlcov
4 | .mypy_cache
5 | .pytest_cache
6 | *local*
7 |
--------------------------------------------------------------------------------
/BroadcomCloudSwg/client/__init__.py:
--------------------------------------------------------------------------------
1 | """Package that contains client to work with Broadcom Cloud SWG endpoints."""
2 |
--------------------------------------------------------------------------------
/BroadcomCloudSwg/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/BroadcomCloudSwg/logo.png
--------------------------------------------------------------------------------
/BroadcomCloudSwg/tests/__init__.py:
--------------------------------------------------------------------------------
1 | """All necessary tests for this integration."""
2 |
--------------------------------------------------------------------------------
/BroadcomCloudSwg/tests/client/__init__.py:
--------------------------------------------------------------------------------
1 | """Tests for client package."""
2 |
--------------------------------------------------------------------------------
/BroadcomCloudSwg/tests/connectors/__init__.py:
--------------------------------------------------------------------------------
1 | """Tests related to connectors."""
2 |
--------------------------------------------------------------------------------
/BroadcomCloudSwg/tests/utils/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/BroadcomCloudSwg/tests/utils/__init__.py
--------------------------------------------------------------------------------
/BroadcomCloudSwg/utils/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/BroadcomCloudSwg/utils/__init__.py
--------------------------------------------------------------------------------
/CEF/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/CEF/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/CEF/logo.png
--------------------------------------------------------------------------------
/CatoNetwork/.gitignore:
--------------------------------------------------------------------------------
1 | .coverage
2 | .idea
3 | htmlcov
4 | .mypy_cache
5 | .pytest_cache
6 | *local*
7 |
--------------------------------------------------------------------------------
/CatoNetwork/cato/__init__.py:
--------------------------------------------------------------------------------
1 | """Module ad connector for Cato."""
2 |
--------------------------------------------------------------------------------
/CatoNetwork/client/__init__.py:
--------------------------------------------------------------------------------
1 | """Cato client module."""
2 |
--------------------------------------------------------------------------------
/CatoNetwork/client/schemas/__init__.py:
--------------------------------------------------------------------------------
1 | """Schemas for cato graphql client."""
2 |
--------------------------------------------------------------------------------
/CatoNetwork/logger/__init__.py:
--------------------------------------------------------------------------------
1 | """Configure LOGURU logger to use by all parts of application."""
2 |
--------------------------------------------------------------------------------
/CatoNetwork/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/CatoNetwork/logo.png
--------------------------------------------------------------------------------
/CatoNetwork/main.py:
--------------------------------------------------------------------------------
1 | """Entry point for the Cato Network connector."""
2 |
3 | from cato.cato_sase_connector import CatoModule, CatoSaseConnector
4 |
5 | if __name__ == "__main__":
6 | module = CatoModule()
7 | module.register(CatoSaseConnector, "cato_sase")
8 | module.run()
9 |
--------------------------------------------------------------------------------
/CatoNetwork/tests/__init__.py:
--------------------------------------------------------------------------------
1 | """All necessary tests."""
2 |
--------------------------------------------------------------------------------
/CatoNetwork/tests/cato/__init__.py:
--------------------------------------------------------------------------------
1 | """Tests for cato connectors."""
2 |
--------------------------------------------------------------------------------
/CatoNetwork/tests/client/__init__.py:
--------------------------------------------------------------------------------
1 | """Tests for client package."""
2 |
--------------------------------------------------------------------------------
/CatoNetwork/tests/client/schemas/__init__.py:
--------------------------------------------------------------------------------
1 | """Tests for client schemas package."""
2 |
--------------------------------------------------------------------------------
/CatoNetwork/tests/logger/__init__.py:
--------------------------------------------------------------------------------
1 | """Tests related to logger package."""
2 |
--------------------------------------------------------------------------------
/Censys/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM python:3.11
2 |
3 | WORKDIR /app
4 |
5 | RUN pip install poetry
6 |
7 | # Install dependencies
8 | COPY poetry.lock pyproject.toml /app/
9 | RUN poetry config virtualenvs.create false && poetry install --only main
10 |
11 | COPY . .
12 |
13 | RUN useradd -ms /bin/bash sekoiaio-runtime
14 | USER sekoiaio-runtime
15 |
16 | ENTRYPOINT [ "python", "./main.py" ]
17 |
--------------------------------------------------------------------------------
/Censys/censys_module/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Censys/censys_module/__init__.py
--------------------------------------------------------------------------------
/Censys/censys_module/view.py:
--------------------------------------------------------------------------------
1 | from censys.base import CensysIndex
2 |
3 | from censys_module.base import CensysAction
4 |
5 |
6 | class ViewAction(CensysAction):
7 | def execute_request(self, index_class: CensysIndex, arguments: dict):
8 | return index_class.view(arguments["item"])
9 |
--------------------------------------------------------------------------------
/Censys/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Censys/logo.png
--------------------------------------------------------------------------------
/Censys/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Censys/tests/__init__.py
--------------------------------------------------------------------------------
/CertificateTransparency/certificatetransparency/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/CertificateTransparency/certificatetransparency/__init__.py
--------------------------------------------------------------------------------
/CertificateTransparency/certificatetransparency/triggers/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/CertificateTransparency/certificatetransparency/triggers/__init__.py
--------------------------------------------------------------------------------
/CertificateTransparency/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/CertificateTransparency/logo.png
--------------------------------------------------------------------------------
/CertificateTransparency/main.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from certificatetransparency.triggers.certificate_updated import CertificateUpdatedTrigger
4 |
5 | if __name__ == "__main__":
6 | module = Module()
7 | module.register(CertificateUpdatedTrigger, "certificate-updated-trigger")
8 | module.run()
9 |
--------------------------------------------------------------------------------
/CertificateTransparency/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/CertificateTransparency/tests/__init__.py
--------------------------------------------------------------------------------
/Checkpoint/connectors/client/__init__.py:
--------------------------------------------------------------------------------
1 | """Contains Checkpoint client."""
2 |
--------------------------------------------------------------------------------
/Checkpoint/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Checkpoint/logo.png
--------------------------------------------------------------------------------
/Checkpoint/main.py:
--------------------------------------------------------------------------------
1 | """Entry point for Check Point Harmony."""
2 |
3 | from connectors import CheckpointModule
4 | from connectors.checkpoint_harmony_mobile import CheckpointHarmonyMobileConnector
5 |
6 | if __name__ == "__main__":
7 | module = CheckpointModule()
8 | module.register(CheckpointHarmonyMobileConnector, "checkpoint_harmony_mobile")
9 | module.run()
10 |
--------------------------------------------------------------------------------
/Checkpoint/tests/__init__.py:
--------------------------------------------------------------------------------
1 | """All necessary tests."""
2 |
--------------------------------------------------------------------------------
/Cisco/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Cisco/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Cisco/logo.png
--------------------------------------------------------------------------------
/Citrix/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Citrix/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Citrix/logo.png
--------------------------------------------------------------------------------
/Claroty/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Claroty/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Claroty/logo.png
--------------------------------------------------------------------------------
/Clavister/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Clavister/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Clavister/logo.png
--------------------------------------------------------------------------------
/Cloudflare/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Cloudflare/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Cloudflare/logo.png
--------------------------------------------------------------------------------
/CrowdStrike/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM python:3.11
2 |
3 | WORKDIR /app
4 |
5 | RUN pip install poetry
6 |
7 | # Install dependencies
8 | COPY poetry.lock pyproject.toml /app/
9 | RUN poetry config virtualenvs.create false && poetry install --only main
10 |
11 | COPY . .
12 |
13 | RUN useradd -ms /bin/bash sekoiaio-runtime
14 | USER sekoiaio-runtime
15 |
16 | ENTRYPOINT [ "python", "./main.py" ]
--------------------------------------------------------------------------------
/CrowdStrike/aws/__init__.py:
--------------------------------------------------------------------------------
1 | """All necessary wrappers to work with AWS."""
2 |
--------------------------------------------------------------------------------
/CrowdStrike/logger/__init__.py:
--------------------------------------------------------------------------------
1 | """Configure LOGURU logger to use by all parts of application."""
2 |
--------------------------------------------------------------------------------
/CrowdStrike/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/CrowdStrike/logo.png
--------------------------------------------------------------------------------
/CrowdStrike/tests/__init__.py:
--------------------------------------------------------------------------------
1 | """All necessary tests."""
2 |
--------------------------------------------------------------------------------
/CrowdStrike/tests/aws/__init__.py:
--------------------------------------------------------------------------------
1 | """Tests related to aws package."""
2 |
--------------------------------------------------------------------------------
/CrowdStrike/tests/crowdstrike_telemetry/__init__.py:
--------------------------------------------------------------------------------
1 | """Tests related to crowdstrike_telemetry package."""
2 |
--------------------------------------------------------------------------------
/CrowdStrike/tests/logger/__init__.py:
--------------------------------------------------------------------------------
1 | """Tests related to logger package."""
2 |
--------------------------------------------------------------------------------
/CrowdStrikeFalcon/crowdstrike_falcon/__init__.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from crowdstrike_falcon.models import CrowdStrikeFalconModuleConfiguration
4 |
5 |
6 | class CrowdStrikeFalconModule(Module):
7 | configuration: CrowdStrikeFalconModuleConfiguration
8 |
--------------------------------------------------------------------------------
/CrowdStrikeFalcon/crowdstrike_falcon/constants.py:
--------------------------------------------------------------------------------
1 | VERTICLES_TYPE_MAPPING = {
2 | "mod": "modules",
3 | "pid": "processes",
4 | "dns": "domains",
5 | "aid": "devices",
6 | "uid": "users",
7 | "uses": "user-sessions",
8 | "ctg": "control-graphs",
9 | }
10 |
--------------------------------------------------------------------------------
/CrowdStrikeFalcon/crowdstrike_falcon/exceptions.py:
--------------------------------------------------------------------------------
1 | import requests
2 |
3 |
4 | class StreamError(Exception):
5 | pass
6 |
7 |
8 | class StreamNotAvailable(StreamError):
9 | def __init__(self, response: requests.Response):
10 | super().__init__(f"Stream is not available, http.status_code={response.status_code}")
11 |
--------------------------------------------------------------------------------
/CrowdStrikeFalcon/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/CrowdStrikeFalcon/logo.png
--------------------------------------------------------------------------------
/CrowdStrikeFalcon/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/CrowdStrikeFalcon/tests/__init__.py
--------------------------------------------------------------------------------
/CrowdStrikeFalcon/tests/client/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/CrowdStrikeFalcon/tests/client/__init__.py
--------------------------------------------------------------------------------
/CyberArk/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## [Unreleased]
9 |
--------------------------------------------------------------------------------
/CyberArk/cyberark_modules/__init__.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from .models import CyberArkModuleConfiguration
4 |
5 |
6 | class CyberArkModule(Module):
7 | configuration: CyberArkModuleConfiguration
8 |
--------------------------------------------------------------------------------
/CyberArk/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/CyberArk/logo.png
--------------------------------------------------------------------------------
/CyberArk/main.py:
--------------------------------------------------------------------------------
1 | from cyberark_modules import CyberArkModule
2 | from cyberark_modules.connector_audit_logs import CyberArkAuditLogsConnector
3 |
4 | if __name__ == "__main__":
5 | module = CyberArkModule()
6 | module.register(CyberArkAuditLogsConnector, "connector_audit_logs")
7 | module.run()
8 |
--------------------------------------------------------------------------------
/CyberArk/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/CyberArk/tests/__init__.py
--------------------------------------------------------------------------------
/Cybereason/cybereason_modules/__init__.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from cybereason_modules.models import CybereasonModuleConfiguration
4 |
5 |
6 | class CybereasonModule(Module):
7 | configuration: CybereasonModuleConfiguration
8 |
--------------------------------------------------------------------------------
/Cybereason/cybereason_modules/constants.py:
--------------------------------------------------------------------------------
1 | MALOP_INBOX_ENDPOINT = "rest/detection/inbox"
2 | MALOP_GET_ALL_ENDPOINT = "rest/mmng/v2/malops"
3 | MALOP_DETAIL_ENDPOINT = "rest/detection/details"
4 | AI_HUNT_MALOP_DETAIL_ENDPOINT = "rest/crimes/unified"
5 | AI_HUNT_MALOP_TYPES = ("MalopProcess", "MalopLogonSession")
6 |
--------------------------------------------------------------------------------
/Cybereason/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Cybereason/logo.png
--------------------------------------------------------------------------------
/Cybereason/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Cybereason/tests/__init__.py
--------------------------------------------------------------------------------
/Cybereason/tests/client/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Cybereason/tests/client/__init__.py
--------------------------------------------------------------------------------
/Cyberwatch/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Cyberwatch/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Cyberwatch/logo.png
--------------------------------------------------------------------------------
/Darktrace/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Darktrace/logo.png
--------------------------------------------------------------------------------
/Darktrace/main.py:
--------------------------------------------------------------------------------
1 | from darktrace_modules import DarktraceModule
2 | from darktrace_modules.threat_visualizer_log_trigger import ThreatVisualizerLogConnector
3 |
4 | if __name__ == "__main__":
5 | module = DarktraceModule()
6 | module.register(ThreatVisualizerLogConnector, "darktrace_threat_visualizer_logs")
7 | module.run()
8 |
--------------------------------------------------------------------------------
/Darktrace/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Darktrace/tests/__init__.py
--------------------------------------------------------------------------------
/Daspren/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Daspren/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Daspren/logo.png
--------------------------------------------------------------------------------
/Datadome/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Datadome/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Datadome/logo.png
--------------------------------------------------------------------------------
/DetectionRules/detection_rules/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/DetectionRules/detection_rules/__init__.py
--------------------------------------------------------------------------------
/DetectionRules/detection_rules/utils.py:
--------------------------------------------------------------------------------
1 | from datetime import datetime
2 |
3 |
4 | def datetime_to_str(date: datetime) -> str:
5 | return date.strftime("%Y-%m-%dT%H:%M:%SZ")
6 |
--------------------------------------------------------------------------------
/DetectionRules/main.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from detection_rules.trigger_snort_rules import SnortRulesTrigger
4 |
5 | if __name__ == "__main__":
6 | module = Module()
7 |
8 | module.register(SnortRulesTrigger, "snort_rules_trigger")
9 |
10 | module.run()
11 |
--------------------------------------------------------------------------------
/DetectionRules/manifest.json:
--------------------------------------------------------------------------------
1 | {
2 | "configuration": {},
3 | "description": "This module exposes a trigger to detect new snort rules on a repository",
4 | "name": "Detection Rules",
5 | "uuid": "fd4754b9-aff6-4865-92c7-bb0b1d5605c0",
6 | "slug": "detection-rules",
7 | "version": "1.25.0",
8 | "categories": [
9 | "Threat Intelligence"
10 | ]
11 | }
--------------------------------------------------------------------------------
/DetectionRules/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/DetectionRules/tests/__init__.py
--------------------------------------------------------------------------------
/DetectionRules/tests/snort3-community-rules.tar.gz:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/DetectionRules/tests/snort3-community-rules.tar.gz
--------------------------------------------------------------------------------
/DigitalShadows/digitalshadows_modules/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/DigitalShadows/digitalshadows_modules/__init__.py
--------------------------------------------------------------------------------
/DigitalShadows/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/DigitalShadows/logo.png
--------------------------------------------------------------------------------
/DigitalShadows/main.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from digitalshadows_modules.trigger_searchlight_events import SearchLightTrigger
4 |
5 | if __name__ == "__main__":
6 | module = Module()
7 | module.register(SearchLightTrigger, "searchlight_alerts_trigger")
8 | module.run()
9 |
--------------------------------------------------------------------------------
/DigitalShadows/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/DigitalShadows/tests/__init__.py
--------------------------------------------------------------------------------
/Duo/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM python:3.11
2 |
3 | WORKDIR /app
4 |
5 | RUN pip install poetry
6 |
7 | # Install dependencies
8 | COPY poetry.lock pyproject.toml /app/
9 | RUN poetry config virtualenvs.create false && poetry install --only main
10 |
11 | COPY . .
12 |
13 | RUN useradd -ms /bin/bash sekoiaio-runtime
14 | USER sekoiaio-runtime
15 |
16 | ENTRYPOINT [ "python", "./main.py" ]
17 |
--------------------------------------------------------------------------------
/Duo/duo/models.py:
--------------------------------------------------------------------------------
1 | from pydantic import BaseModel, Field
2 |
3 |
4 | class DuoModuleConfiguration(BaseModel):
5 | hostname: str = Field(..., description="API hostname")
6 | integration_key: str = Field(..., description="Admin API integration key")
7 | secret_key: str = Field(secret=True, description="Integration secret key")
8 |
--------------------------------------------------------------------------------
/Duo/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Duo/logo.png
--------------------------------------------------------------------------------
/Duo/main.py:
--------------------------------------------------------------------------------
1 | from duo import DuoModule
2 | from duo.connector import DuoAdminLogsConnector
3 |
4 | if __name__ == "__main__":
5 | module = DuoModule()
6 | module.register(DuoAdminLogsConnector, "duo_admin_logs")
7 | module.run()
8 |
--------------------------------------------------------------------------------
/Duo/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Duo/tests/__init__.py
--------------------------------------------------------------------------------
/EfficientIP/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/EfficientIP/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/EfficientIP/logo.png
--------------------------------------------------------------------------------
/Ekinops/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Ekinops/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Ekinops/logo.png
--------------------------------------------------------------------------------
/ElasticSearch/docs/assets/step01.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/ElasticSearch/docs/assets/step01.png
--------------------------------------------------------------------------------
/ElasticSearch/docs/assets/step02.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/ElasticSearch/docs/assets/step02.png
--------------------------------------------------------------------------------
/ElasticSearch/docs/assets/step03.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/ElasticSearch/docs/assets/step03.png
--------------------------------------------------------------------------------
/ElasticSearch/docs/assets/step04.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/ElasticSearch/docs/assets/step04.png
--------------------------------------------------------------------------------
/ElasticSearch/docs/assets/step05.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/ElasticSearch/docs/assets/step05.png
--------------------------------------------------------------------------------
/ElasticSearch/elasticsearch_module/constants.py:
--------------------------------------------------------------------------------
1 | import os
2 |
3 | CLIENT_WAIT_FOR_RESULT_TIMEOUT_DEFAULT = int(os.environ.get("ELASTIC_WAIT_FOR_RESULT_TIMEOUT_DEFAULT", 60))
4 | CLIENT_WAIT_FOR_RESULT_TIMEOUT_MAX = int(os.environ.get("ELASTIC_WAIT_FOR_RESULT_TIMEOUT_MAX", 600))
5 |
--------------------------------------------------------------------------------
/ElasticSearch/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/ElasticSearch/logo.png
--------------------------------------------------------------------------------
/ElasticSearch/main.py:
--------------------------------------------------------------------------------
1 | from elasticsearch_module import ElasticSearchModule
2 | from elasticsearch_module.query_data_action import QueryDataAction
3 |
4 | if __name__ == "__main__":
5 | module = ElasticSearchModule()
6 |
7 | module.register(QueryDataAction, "elasticsearch_query_data")
8 |
9 | module.run()
10 |
--------------------------------------------------------------------------------
/ElasticSearch/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/ElasticSearch/tests/__init__.py
--------------------------------------------------------------------------------
/Eset/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Eset/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM python:3.11
2 |
3 | WORKDIR /app
4 |
5 | RUN pip install poetry
6 |
7 | # Install dependencies
8 | COPY poetry.lock pyproject.toml /app/
9 | RUN poetry config virtualenvs.create false && poetry install --only main
10 |
11 | COPY . .
12 |
13 | RUN useradd -ms /bin/bash sekoiaio-runtime
14 | USER sekoiaio-runtime
15 |
16 | ENTRYPOINT [ "python", "./main.py" ]
17 |
--------------------------------------------------------------------------------
/Eset/docs/assets/Step01.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Eset/docs/assets/Step01.png
--------------------------------------------------------------------------------
/Eset/docs/assets/Step02.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Eset/docs/assets/Step02.png
--------------------------------------------------------------------------------
/Eset/docs/assets/Step03.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Eset/docs/assets/Step03.png
--------------------------------------------------------------------------------
/Eset/docs/assets/Step04.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Eset/docs/assets/Step04.png
--------------------------------------------------------------------------------
/Eset/eset_modules/__init__.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from .models import EsetModuleConfiguration
4 |
5 |
6 | class EsetModule(Module):
7 | configuration: EsetModuleConfiguration
8 |
--------------------------------------------------------------------------------
/Eset/eset_modules/models.py:
--------------------------------------------------------------------------------
1 | from pydantic import BaseModel, Field
2 |
3 |
4 | class EsetModuleConfiguration(BaseModel):
5 | region: str = Field(..., description="Region")
6 | username: str = Field(..., description="Username")
7 | password: str = Field(..., description="Password", secret=True)
8 |
--------------------------------------------------------------------------------
/Eset/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Eset/logo.png
--------------------------------------------------------------------------------
/Eset/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Eset/tests/__init__.py
--------------------------------------------------------------------------------
/ExtraHop/extrahop/__init__.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from .models import ExtraHopModuleConfiguration
4 |
5 |
6 | class ExtraHopModule(Module):
7 | configuration: ExtraHopModuleConfiguration
8 |
--------------------------------------------------------------------------------
/ExtraHop/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/ExtraHop/logo.png
--------------------------------------------------------------------------------
/ExtraHop/main.py:
--------------------------------------------------------------------------------
1 | from extrahop import ExtraHopModule
2 | from extrahop.reveal_360_trigger import ExtraHopReveal360Connector
3 |
4 | if __name__ == "__main__":
5 | module = ExtraHopModule()
6 | module.register(ExtraHopReveal360Connector, "extrahop_reveal_360")
7 | module.run()
8 |
--------------------------------------------------------------------------------
/ExtraHop/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/ExtraHop/tests/__init__.py
--------------------------------------------------------------------------------
/F5 Networks/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/F5 Networks/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/F5 Networks/logo.png
--------------------------------------------------------------------------------
/Fastly/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM python:3.11
2 |
3 | WORKDIR /app
4 |
5 | RUN pip install poetry
6 |
7 | # Install dependencies
8 | COPY poetry.lock pyproject.toml /app/
9 | RUN poetry config virtualenvs.create false && poetry install --only main
10 |
11 | COPY . .
12 |
13 | RUN useradd -ms /bin/bash sekoiaio-runtime
14 | USER sekoiaio-runtime
15 |
16 | ENTRYPOINT [ "python", "./main.py" ]
17 |
--------------------------------------------------------------------------------
/Fastly/fastly/__init__.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 |
4 | class FastlyModule(Module):
5 | pass
6 |
--------------------------------------------------------------------------------
/Fastly/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Fastly/logo.png
--------------------------------------------------------------------------------
/Fastly/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Fastly/tests/__init__.py
--------------------------------------------------------------------------------
/Forcepoint/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Forcepoint/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Forcepoint/logo.png
--------------------------------------------------------------------------------
/Fortigate/fortigate/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Fortigate/fortigate/__init__.py
--------------------------------------------------------------------------------
/Fortigate/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Fortigate/logo.png
--------------------------------------------------------------------------------
/Fortigate/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Fortigate/tests/__init__.py
--------------------------------------------------------------------------------
/Fortinet/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Fortinet/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Fortinet/logo.png
--------------------------------------------------------------------------------
/FreeRADIUS/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/FreeRADIUS/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/FreeRADIUS/logo.png
--------------------------------------------------------------------------------
/GateWatcher/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/GateWatcher/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/GateWatcher/logo.png
--------------------------------------------------------------------------------
/Git/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM python:3.11
2 |
3 | WORKDIR /app
4 |
5 | RUN pip install poetry
6 |
7 | # Install dependencies
8 | COPY poetry.lock pyproject.toml /app/
9 | RUN poetry config virtualenvs.create false && poetry install --only main
10 |
11 | COPY . .
12 |
13 | RUN useradd -ms /bin/bash sekoiaio-runtime
14 | USER sekoiaio-runtime
15 |
16 | ENTRYPOINT [ "python", "./main.py" ]
17 |
--------------------------------------------------------------------------------
/Git/gitmodule/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Git/gitmodule/__init__.py
--------------------------------------------------------------------------------
/Git/gitmodule/triggers/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Git/gitmodule/triggers/__init__.py
--------------------------------------------------------------------------------
/Git/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Git/logo.png
--------------------------------------------------------------------------------
/Git/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Git/tests/__init__.py
--------------------------------------------------------------------------------
/Git/tests/data/test_repo/README.md:
--------------------------------------------------------------------------------
1 | # test_repo
2 | GitHub repository to test GitPython interraction
3 |
--------------------------------------------------------------------------------
/Git/tests/data/test_repo/directory/some_file.txt:
--------------------------------------------------------------------------------
1 | File has some content
2 |
--------------------------------------------------------------------------------
/Git/tests/data/test_repo/dot_git/COMMIT_EDITMSG:
--------------------------------------------------------------------------------
1 | Update README.md
2 |
--------------------------------------------------------------------------------
/Git/tests/data/test_repo/dot_git/HEAD:
--------------------------------------------------------------------------------
1 | ref: refs/heads/main
2 |
--------------------------------------------------------------------------------
/Git/tests/data/test_repo/dot_git/ORIG_HEAD:
--------------------------------------------------------------------------------
1 | be781fa7cb15cc1e79456ad9e79e6de3319504ae
2 |
--------------------------------------------------------------------------------
/Git/tests/data/test_repo/dot_git/description:
--------------------------------------------------------------------------------
1 | Unnamed repository; edit this file 'description' to name the repository.
2 |
--------------------------------------------------------------------------------
/Git/tests/data/test_repo/dot_git/hooks/post-update.sample:
--------------------------------------------------------------------------------
1 | #!/usr/bin/sh
2 | #
3 | # An example hook script to prepare a packed repository for use over
4 | # dumb transports.
5 | #
6 | # To enable this hook, rename this file to "post-update".
7 |
8 | exec git update-server-info
9 |
--------------------------------------------------------------------------------
/Git/tests/data/test_repo/dot_git/index:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Git/tests/data/test_repo/dot_git/index
--------------------------------------------------------------------------------
/Git/tests/data/test_repo/dot_git/info/exclude:
--------------------------------------------------------------------------------
1 | # git ls-files --others --exclude-from=.git/info/exclude
2 | # Lines that start with '#' are comments.
3 | # For a project mostly in C, the following would be a good set of
4 | # exclude patterns (uncomment them if you want to use them):
5 | # *.[oa]
6 | # *~
7 |
--------------------------------------------------------------------------------
/Git/tests/data/test_repo/dot_git/objects/12/378caf82b81edba41dcd84304ccc75ba3d24a3:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Git/tests/data/test_repo/dot_git/objects/12/378caf82b81edba41dcd84304ccc75ba3d24a3
--------------------------------------------------------------------------------
/Git/tests/data/test_repo/dot_git/objects/20/0d99e05b02f6cbb75604f30dba7f9dc5cd8a99:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Git/tests/data/test_repo/dot_git/objects/20/0d99e05b02f6cbb75604f30dba7f9dc5cd8a99
--------------------------------------------------------------------------------
/Git/tests/data/test_repo/dot_git/objects/28/bbf964a10a76d09f264b1aadce910150b09db7:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Git/tests/data/test_repo/dot_git/objects/28/bbf964a10a76d09f264b1aadce910150b09db7
--------------------------------------------------------------------------------
/Git/tests/data/test_repo/dot_git/objects/34/4ea1eb071f8a5200c9743609f252ff6d0f61b2:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Git/tests/data/test_repo/dot_git/objects/34/4ea1eb071f8a5200c9743609f252ff6d0f61b2
--------------------------------------------------------------------------------
/Git/tests/data/test_repo/dot_git/objects/37/ded6aece434c1b076ca1bfe75eee3f5ee674a2:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Git/tests/data/test_repo/dot_git/objects/37/ded6aece434c1b076ca1bfe75eee3f5ee674a2
--------------------------------------------------------------------------------
/Git/tests/data/test_repo/dot_git/objects/44/e6e04b106b31ebcc874f32c115853eb4171e70:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Git/tests/data/test_repo/dot_git/objects/44/e6e04b106b31ebcc874f32c115853eb4171e70
--------------------------------------------------------------------------------
/Git/tests/data/test_repo/dot_git/objects/9b/99e4b5e854f6641b92f597196e7fa4b14d9db9:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Git/tests/data/test_repo/dot_git/objects/9b/99e4b5e854f6641b92f597196e7fa4b14d9db9
--------------------------------------------------------------------------------
/Git/tests/data/test_repo/dot_git/objects/a8/b52a71f7595f755fc2e99d741460f3cf970eac:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Git/tests/data/test_repo/dot_git/objects/a8/b52a71f7595f755fc2e99d741460f3cf970eac
--------------------------------------------------------------------------------
/Git/tests/data/test_repo/dot_git/objects/b2/6fd50e937871c068e9560f78abd6b9dc6ceae7:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Git/tests/data/test_repo/dot_git/objects/b2/6fd50e937871c068e9560f78abd6b9dc6ceae7
--------------------------------------------------------------------------------
/Git/tests/data/test_repo/dot_git/objects/b6/b7577b59f84da35141c78cd3bb4c73c560f440:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Git/tests/data/test_repo/dot_git/objects/b6/b7577b59f84da35141c78cd3bb4c73c560f440
--------------------------------------------------------------------------------
/Git/tests/data/test_repo/dot_git/objects/bd/b5d7f8e18d03d7fca0ef4383a4445ff0864ccf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Git/tests/data/test_repo/dot_git/objects/bd/b5d7f8e18d03d7fca0ef4383a4445ff0864ccf
--------------------------------------------------------------------------------
/Git/tests/data/test_repo/dot_git/objects/be/781fa7cb15cc1e79456ad9e79e6de3319504ae:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Git/tests/data/test_repo/dot_git/objects/be/781fa7cb15cc1e79456ad9e79e6de3319504ae
--------------------------------------------------------------------------------
/Git/tests/data/test_repo/dot_git/objects/ca/cb1bfd71787cd944d7fd6b6527599427a980e6:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Git/tests/data/test_repo/dot_git/objects/ca/cb1bfd71787cd944d7fd6b6527599427a980e6
--------------------------------------------------------------------------------
/Git/tests/data/test_repo/dot_git/objects/cc/8b364ad6346105bc5390c08c080166cb13b3c3:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Git/tests/data/test_repo/dot_git/objects/cc/8b364ad6346105bc5390c08c080166cb13b3c3
--------------------------------------------------------------------------------
/Git/tests/data/test_repo/dot_git/objects/d5/6d6eb33158ff3de2e87d8d88ca16196485e9c1:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Git/tests/data/test_repo/dot_git/objects/d5/6d6eb33158ff3de2e87d8d88ca16196485e9c1
--------------------------------------------------------------------------------
/Git/tests/data/test_repo/dot_git/objects/db/a049df562e492426a76303538cbc9fb20de7b9:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Git/tests/data/test_repo/dot_git/objects/db/a049df562e492426a76303538cbc9fb20de7b9
--------------------------------------------------------------------------------
/Git/tests/data/test_repo/dot_git/objects/eb/ad2d3938b71fe2007d60c96b0570f6955ea2c5:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Git/tests/data/test_repo/dot_git/objects/eb/ad2d3938b71fe2007d60c96b0570f6955ea2c5
--------------------------------------------------------------------------------
/Git/tests/data/test_repo/dot_git/objects/f4/176e56568797201e530b4309c57815c92d6de7:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Git/tests/data/test_repo/dot_git/objects/f4/176e56568797201e530b4309c57815c92d6de7
--------------------------------------------------------------------------------
/Git/tests/data/test_repo/dot_git/refs/heads/main:
--------------------------------------------------------------------------------
1 | f4176e56568797201e530b4309c57815c92d6de7
2 |
--------------------------------------------------------------------------------
/Git/tests/data/test_repo/dot_git/refs/original/refs/heads/main:
--------------------------------------------------------------------------------
1 | be781fa7cb15cc1e79456ad9e79e6de3319504ae
2 |
--------------------------------------------------------------------------------
/Git/tests/data/test_repo/dot_git/refs/remotes/origin/main:
--------------------------------------------------------------------------------
1 | f4176e56568797201e530b4309c57815c92d6de7
2 |
--------------------------------------------------------------------------------
/Git/tests/data/test_repo/root_file.txt:
--------------------------------------------------------------------------------
1 | This is a file.
2 |
--------------------------------------------------------------------------------
/Github/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM python:3.10
2 |
3 | WORKDIR /app
4 |
5 | RUN pip install poetry
6 |
7 | # Install dependencies
8 | COPY poetry.lock pyproject.toml /app/
9 | RUN poetry config virtualenvs.create false && poetry install --only main
10 |
11 | COPY . .
12 |
13 | RUN useradd -ms /bin/bash sekoiaio-runtime
14 | USER sekoiaio-runtime
15 |
16 | ENTRYPOINT [ "python", "./main.py" ]
17 |
--------------------------------------------------------------------------------
/Github/github_modules/__init__.py:
--------------------------------------------------------------------------------
1 | """Contains connector, trigger and implementation to interact with Github."""
2 |
3 | from sekoia_automation.module import Module
4 |
5 | from github_modules.models import GithubModuleConfiguration
6 |
7 |
8 | class GithubModule(Module):
9 | """Configuration for Github module."""
10 |
11 | configuration: GithubModuleConfiguration
12 |
--------------------------------------------------------------------------------
/Github/github_modules/async_client/__init__.py:
--------------------------------------------------------------------------------
1 | """Contains async version of github client."""
2 |
--------------------------------------------------------------------------------
/Github/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Github/logo.png
--------------------------------------------------------------------------------
/Github/main.py:
--------------------------------------------------------------------------------
1 | from github_modules.audit_log_trigger import AuditLogConnector, GithubModule
2 |
3 | if __name__ == "__main__":
4 | module = GithubModule()
5 | module.register(AuditLogConnector, "github_audit_logs")
6 | module.run()
7 |
--------------------------------------------------------------------------------
/Github/tests/__init__.py:
--------------------------------------------------------------------------------
1 | """Tests related to github_modules."""
2 |
--------------------------------------------------------------------------------
/Github/tests/async_client/__init__.py:
--------------------------------------------------------------------------------
1 | """Tests related to the async_client module."""
2 |
--------------------------------------------------------------------------------
/Glimps/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM python:3.11
2 |
3 | WORKDIR /app
4 |
5 | RUN pip install poetry
6 |
7 | # Install dependencies
8 | COPY poetry.lock pyproject.toml /app/
9 | RUN poetry config virtualenvs.create false && poetry install --only main
10 |
11 | COPY . .
12 |
13 | RUN useradd -ms /bin/bash sekoiaio-runtime
14 | USER sekoiaio-runtime
15 |
16 | ENTRYPOINT [ "python", "./main.py" ]
17 |
--------------------------------------------------------------------------------
/Glimps/glimps/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Glimps/glimps/__init__.py
--------------------------------------------------------------------------------
/Glimps/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Glimps/logo.png
--------------------------------------------------------------------------------
/Glimps/tests/__init__.py:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/Glimps/tests/eicar.txt:
--------------------------------------------------------------------------------
1 | X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
--------------------------------------------------------------------------------
/Google/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM python:3.11
2 |
3 | WORKDIR /app
4 |
5 | RUN pip install poetry
6 |
7 | # Install dependencies
8 | COPY poetry.lock pyproject.toml /app/
9 | RUN poetry config virtualenvs.create false && poetry install --only main
10 |
11 | COPY . .
12 |
13 | RUN useradd -ms /bin/bash sekoiaio-runtime
14 | USER sekoiaio-runtime
15 |
16 | ENTRYPOINT [ "python", "./main.py" ]
17 |
--------------------------------------------------------------------------------
/Google/google_module/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Google/google_module/__init__.py
--------------------------------------------------------------------------------
/Google/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Google/logo.png
--------------------------------------------------------------------------------
/Google/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Google/tests/__init__.py
--------------------------------------------------------------------------------
/HAProxy/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/HAProxy/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/HAProxy/logo.png
--------------------------------------------------------------------------------
/HTTP/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM python:3.11
2 |
3 | WORKDIR /app
4 |
5 | RUN pip install poetry
6 |
7 | # Install dependencies
8 | COPY poetry.lock pyproject.toml /app/
9 | RUN poetry config virtualenvs.create false && poetry install --only main
10 |
11 | COPY . .
12 |
13 | RUN useradd -ms /bin/bash sekoiaio-runtime
14 | USER sekoiaio-runtime
15 |
16 | ENTRYPOINT [ "python", "./main.py" ]
17 |
--------------------------------------------------------------------------------
/HTTP/http_module/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/HTTP/http_module/__init__.py
--------------------------------------------------------------------------------
/HTTP/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/HTTP/logo.png
--------------------------------------------------------------------------------
/HTTP/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/HTTP/tests/__init__.py
--------------------------------------------------------------------------------
/HarfangLab/harfanglab/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/HarfangLab/harfanglab/__init__.py
--------------------------------------------------------------------------------
/HarfangLab/harfanglab/client/auth.py:
--------------------------------------------------------------------------------
1 | from requests.auth import AuthBase
2 |
3 |
4 | class HarfangLabApiAuthentication(AuthBase):
5 | def __init__(self, token: str):
6 | self.token = token
7 |
8 | def __call__(self, request):
9 | request.headers["Authorization"] = f"Token {self.token}"
10 | return request
11 |
--------------------------------------------------------------------------------
/HarfangLab/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/HarfangLab/logo.png
--------------------------------------------------------------------------------
/HarfangLab/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/HarfangLab/tests/__init__.py
--------------------------------------------------------------------------------
/IBM/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/IBM/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/IBM/logo.png
--------------------------------------------------------------------------------
/IKnowWhatYouDownload/iknowwhatyoudownload/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/IKnowWhatYouDownload/iknowwhatyoudownload/__init__.py
--------------------------------------------------------------------------------
/IKnowWhatYouDownload/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/IKnowWhatYouDownload/logo.png
--------------------------------------------------------------------------------
/IPInfo/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM python:3.11
2 |
3 | WORKDIR /app
4 |
5 | RUN pip install poetry
6 |
7 | # Install dependencies
8 | COPY poetry.lock pyproject.toml /app/
9 | RUN poetry config virtualenvs.create false && poetry install --only main
10 |
11 | COPY . .
12 |
13 | RUN useradd -ms /bin/bash sekoiaio-runtime
14 | USER sekoiaio-runtime
15 |
16 | ENTRYPOINT [ "python", "./main.py" ]
17 |
--------------------------------------------------------------------------------
/IPInfo/ipinfo/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/IPInfo/ipinfo/__init__.py
--------------------------------------------------------------------------------
/IPInfo/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/IPInfo/logo.png
--------------------------------------------------------------------------------
/IPInfo/main.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from ipinfo.trigger_fetch_ipinfo_database import TriggerFetchIPInfoDatabase
4 |
5 | if __name__ == "__main__":
6 | module = Module()
7 | module.register(TriggerFetchIPInfoDatabase, "fetch_ipinfo_database")
8 | module.run()
9 |
--------------------------------------------------------------------------------
/IPInfo/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/IPInfo/tests/__init__.py
--------------------------------------------------------------------------------
/IPInfo/tests/data/country_asn.json.gz:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/IPInfo/tests/data/country_asn.json.gz
--------------------------------------------------------------------------------
/IPtoASN/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM python:3.11
2 |
3 | WORKDIR /app
4 |
5 | RUN pip install poetry
6 |
7 | # Install dependencies
8 | COPY poetry.lock pyproject.toml /app/
9 | RUN poetry config virtualenvs.create false && poetry install --only main
10 |
11 | COPY . .
12 |
13 | RUN useradd -ms /bin/bash sekoiaio-runtime
14 | USER sekoiaio-runtime
15 |
16 | ENTRYPOINT [ "python", "./main.py" ]
17 |
--------------------------------------------------------------------------------
/IPtoASN/iptoasn/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/IPtoASN/iptoasn/__init__.py
--------------------------------------------------------------------------------
/IPtoASN/iptoasn/utils.py:
--------------------------------------------------------------------------------
1 | from datetime import datetime
2 |
3 |
4 | def datetime_to_str(date: datetime) -> str:
5 | return date.strftime("%Y-%m-%dT%H:%M:%SZ")
6 |
--------------------------------------------------------------------------------
/IPtoASN/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/IPtoASN/logo.png
--------------------------------------------------------------------------------
/IPtoASN/main.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from iptoasn.trigger_fetch_iptoasn_database import TriggerFetchIPtoASNDatabase
4 |
5 | if __name__ == "__main__":
6 | module = Module()
7 | module.register(TriggerFetchIPtoASNDatabase, "fetch_iptoasn_database")
8 | module.run()
9 |
--------------------------------------------------------------------------------
/IPtoASN/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/IPtoASN/tests/__init__.py
--------------------------------------------------------------------------------
/IPtoASN/tests/data/ip2asn-combined.tsv.gz:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/IPtoASN/tests/data/ip2asn-combined.tsv.gz
--------------------------------------------------------------------------------
/ISC DHCP/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/ISC DHCP/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/ISC DHCP/logo.png
--------------------------------------------------------------------------------
/Imperva/imperva/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Imperva/imperva/__init__.py
--------------------------------------------------------------------------------
/Imperva/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Imperva/logo.png
--------------------------------------------------------------------------------
/Imperva/main.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from imperva.fetch_logs import LogsDownloader
4 |
5 | if __name__ == "__main__":
6 | module = Module()
7 |
8 | module.register(LogsDownloader, name="imperva_logs")
9 |
10 | module.run()
11 |
--------------------------------------------------------------------------------
/Imperva/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Imperva/tests/__init__.py
--------------------------------------------------------------------------------
/Infoblox/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Infoblox/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Infoblox/logo.png
--------------------------------------------------------------------------------
/Ivanti/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Ivanti/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Ivanti/logo.png
--------------------------------------------------------------------------------
/JIRA/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM python:3.11
2 |
3 | WORKDIR /app
4 |
5 | RUN pip install poetry
6 |
7 | # Install dependencies
8 | COPY poetry.lock pyproject.toml /app/
9 | RUN poetry config virtualenvs.create false && poetry install --only main
10 |
11 | COPY . .
12 |
13 | RUN useradd -ms /bin/bash sekoiaio-runtime
14 | USER sekoiaio-runtime
15 |
16 | ENTRYPOINT [ "python", "./main.py" ]
17 |
--------------------------------------------------------------------------------
/JIRA/jira_modules/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/JIRA/jira_modules/__init__.py
--------------------------------------------------------------------------------
/JIRA/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/JIRA/logo.png
--------------------------------------------------------------------------------
/JIRA/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/JIRA/tests/__init__.py
--------------------------------------------------------------------------------
/Jumpcloud/jumpcloud_modules/__init__.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 | from jumpcloud_modules.models import JumpcloudDirectoryInsightsModuleConfiguration
3 |
4 |
5 | class JumpcloudDirectoryInsightsModule(Module):
6 | configuration: JumpcloudDirectoryInsightsModuleConfiguration
7 |
--------------------------------------------------------------------------------
/Jumpcloud/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Jumpcloud/logo.png
--------------------------------------------------------------------------------
/Jumpcloud/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Jumpcloud/tests/__init__.py
--------------------------------------------------------------------------------
/Jumpcloud/tests/test_helpers.py:
--------------------------------------------------------------------------------
1 | from datetime import datetime
2 |
3 | from jumpcloud_modules.helpers import get_upper_second
4 |
5 |
6 | def test_get_upper_second():
7 | starting_datetime = datetime(2022, 12, 11, 23, 45, 26, 208)
8 | expected_datetime = datetime(2022, 12, 11, 23, 45, 27)
9 |
10 | assert get_upper_second(starting_datetime) == expected_datetime
11 |
--------------------------------------------------------------------------------
/Juniper/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Juniper/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Juniper/logo.png
--------------------------------------------------------------------------------
/Kaspersky/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Kaspersky/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Kaspersky/logo.png
--------------------------------------------------------------------------------
/Lacework/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM python:3.11
2 |
3 | WORKDIR /app
4 |
5 | RUN pip install poetry
6 |
7 | # Install dependencies
8 | COPY poetry.lock pyproject.toml /app/
9 | RUN poetry config virtualenvs.create false && poetry install --only main
10 |
11 | COPY . .
12 |
13 | RUN useradd -ms /bin/bash sekoiaio-runtime
14 | USER sekoiaio-runtime
15 |
16 | ENTRYPOINT [ "python", "./main.py" ]
--------------------------------------------------------------------------------
/Lacework/README.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Lacework/README.md
--------------------------------------------------------------------------------
/Lacework/lacework_module/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Lacework/lacework_module/__init__.py
--------------------------------------------------------------------------------
/Lacework/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Lacework/logo.png
--------------------------------------------------------------------------------
/Lacework/main.py:
--------------------------------------------------------------------------------
1 | from lacework_module.base import LaceworkModule
2 | from lacework_module.lacework_connector import LaceworkEventsTrigger
3 |
4 | if __name__ == "__main__":
5 | module = LaceworkModule()
6 | module.register(LaceworkEventsTrigger, "lacework_query_alerts")
7 | module.run()
8 |
--------------------------------------------------------------------------------
/Lacework/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Lacework/tests/__init__.py
--------------------------------------------------------------------------------
/Lacework/tests/client/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Lacework/tests/client/__init__.py
--------------------------------------------------------------------------------
/Lookout/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## [Unreleased]
9 |
--------------------------------------------------------------------------------
/Lookout/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM python:3.11
2 |
3 | WORKDIR /app
4 |
5 | RUN pip install poetry
6 |
7 | # Install dependencies
8 | COPY poetry.lock pyproject.toml /app/
9 | RUN poetry config virtualenvs.create false && poetry install --only main
10 |
11 | COPY . .
12 |
13 | RUN useradd -ms /bin/bash sekoiaio-runtime
14 | USER sekoiaio-runtime
15 |
16 | ENTRYPOINT [ "python", "./main.py" ]
17 |
--------------------------------------------------------------------------------
/Lookout/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Lookout/logo.png
--------------------------------------------------------------------------------
/Lookout/lookout_modules/__init__.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from .models import LookoutModuleConfiguration
4 |
5 |
6 | class LookoutModule(Module):
7 | configuration: LookoutModuleConfiguration
8 |
--------------------------------------------------------------------------------
/Lookout/main.py:
--------------------------------------------------------------------------------
1 | from lookout_modules import LookoutModule
2 | from lookout_modules.connector_mobile_endpoint_security import MobileEndpointSecurityConnector
3 |
4 | if __name__ == "__main__":
5 | module = LookoutModule()
6 | module.register(MobileEndpointSecurityConnector, "lookout_mes")
7 | module.run()
8 |
--------------------------------------------------------------------------------
/Lookout/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Lookout/tests/__init__.py
--------------------------------------------------------------------------------
/MISP/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM python:3.11
2 |
3 | WORKDIR /app
4 |
5 | RUN pip install poetry
6 |
7 | # Install dependencies
8 | COPY poetry.lock pyproject.toml /app/
9 | RUN poetry config virtualenvs.create false && poetry install --only main
10 |
11 | COPY . .
12 |
13 | RUN useradd -ms /bin/bash sekoiaio-runtime
14 | USER sekoiaio-runtime
15 |
16 | ENTRYPOINT [ "python", "./main.py" ]
17 |
--------------------------------------------------------------------------------
/MISP/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/MISP/logo.png
--------------------------------------------------------------------------------
/MISP/misp/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/MISP/misp/__init__.py
--------------------------------------------------------------------------------
/MISP/misp/misp_to_stix.py:
--------------------------------------------------------------------------------
1 | from misp.misp_to_stix_converter import STIXConverter
2 | from sekoia_automation.action import Action
3 |
4 |
5 | class MISPToSTIXAction(Action):
6 | def run(self, arguments):
7 | converter = STIXConverter()
8 |
9 | return {"bundle": converter.convert(arguments["event"])}
10 |
--------------------------------------------------------------------------------
/MISP/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/MISP/tests/__init__.py
--------------------------------------------------------------------------------
/MWDB/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM python:3.11
2 |
3 | WORKDIR /app
4 |
5 | RUN pip install poetry
6 |
7 | # Install dependencies
8 | COPY poetry.lock pyproject.toml /app/
9 | RUN poetry config virtualenvs.create false && poetry install --only main
10 |
11 | COPY . .
12 |
13 | RUN useradd -ms /bin/bash sekoiaio-runtime
14 | USER sekoiaio-runtime
15 |
16 | ENTRYPOINT [ "python", "./main.py" ]
17 |
--------------------------------------------------------------------------------
/MWDB/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/MWDB/logo.png
--------------------------------------------------------------------------------
/MWDB/mwdb_module/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/MWDB/mwdb_module/__init__.py
--------------------------------------------------------------------------------
/MWDB/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/MWDB/tests/__init__.py
--------------------------------------------------------------------------------
/ManageEngine/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/ManageEngine/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/ManageEngine/logo.png
--------------------------------------------------------------------------------
/Mandrill/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Mandrill/logo.png
--------------------------------------------------------------------------------
/Mandrill/main.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from mandrill_module.action_mandrill_send import MandrillSendAction
4 |
5 | if __name__ == "__main__":
6 | module = Module()
7 |
8 | module.register(MandrillSendAction, "mandrill_send")
9 |
10 | module.run()
11 |
--------------------------------------------------------------------------------
/Mandrill/mandrill_module/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Mandrill/mandrill_module/__init__.py
--------------------------------------------------------------------------------
/Mandrill/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Mandrill/tests/__init__.py
--------------------------------------------------------------------------------
/Mattermost/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Mattermost/logo.png
--------------------------------------------------------------------------------
/Mattermost/mattermost/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Mattermost/mattermost/__init__.py
--------------------------------------------------------------------------------
/Mattermost/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Mattermost/tests/__init__.py
--------------------------------------------------------------------------------
/Microsoft/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Microsoft/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Microsoft/logo.png
--------------------------------------------------------------------------------
/MicrosoftActiveDirectory/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/MicrosoftActiveDirectory/logo.png
--------------------------------------------------------------------------------
/MicrosoftActiveDirectory/microsoft_ad/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/MicrosoftActiveDirectory/microsoft_ad/__init__.py
--------------------------------------------------------------------------------
/MicrosoftActiveDirectory/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/MicrosoftActiveDirectory/tests/__init__.py
--------------------------------------------------------------------------------
/MicrosoftDefender/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/MicrosoftDefender/logo.png
--------------------------------------------------------------------------------
/MicrosoftDefender/microsoftdefender_modules/__init__.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from .models import MicrosoftDefenderModuleConfiguration
4 |
5 |
6 | class MicrosoftDefenderModule(Module):
7 | configuration: MicrosoftDefenderModuleConfiguration
8 |
--------------------------------------------------------------------------------
/MicrosoftDefender/microsoftdefender_modules/action_get_machine_action.py:
--------------------------------------------------------------------------------
1 | from typing import Any
2 |
3 | from .action_base import MicrosoftDefenderBaseAction
4 |
5 |
6 | class GetMachineAction(MicrosoftDefenderBaseAction):
7 | def run(self, arguments: Any) -> Any:
8 | return self.call_api(method="GET", url_path="api/machineactions/{action_id}", args=arguments, arg_mapping={})
9 |
--------------------------------------------------------------------------------
/MicrosoftDefender/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/MicrosoftDefender/tests/__init__.py
--------------------------------------------------------------------------------
/MicrosoftEntraID/azure_ad/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/MicrosoftEntraID/azure_ad/__init__.py
--------------------------------------------------------------------------------
/MicrosoftEntraID/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/MicrosoftEntraID/logo.png
--------------------------------------------------------------------------------
/MicrosoftEntraID/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/MicrosoftEntraID/tests/__init__.py
--------------------------------------------------------------------------------
/MicrosoftOutlook/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/MicrosoftOutlook/logo.png
--------------------------------------------------------------------------------
/MicrosoftOutlook/microsoft_outlook_modules/__init__.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from .models import MicrosoftOutlookModuleConfiguration
4 |
5 |
6 | class MicrosoftOutlookModule(Module):
7 | configuration: MicrosoftOutlookModuleConfiguration
8 |
--------------------------------------------------------------------------------
/MicrosoftOutlook/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/MicrosoftOutlook/tests/__init__.py
--------------------------------------------------------------------------------
/MicrosoftSentinel/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/MicrosoftSentinel/logo.png
--------------------------------------------------------------------------------
/MicrosoftSentinel/main.py:
--------------------------------------------------------------------------------
1 | from microsoft_sentinel import MicrosoftSentinelModule
2 | from microsoft_sentinel.connector_microsoft_sentinel import MicrosoftSentineldConnector
3 |
4 | if __name__ == "__main__":
5 | module = MicrosoftSentinelModule()
6 | module.register(MicrosoftSentineldConnector, "get_microsoft_sentinel_alerts")
7 | module.run()
8 |
--------------------------------------------------------------------------------
/MicrosoftSentinel/microsoft_sentinel/__init__.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from .models import (
4 | MicrosoftSentinelConfiguration,
5 | MicrosoftSentinelResponseModel,
6 | MicrosoftSentinelConnectorConfiguration,
7 | )
8 |
9 |
10 | class MicrosoftSentinelModule(Module):
11 | configuration: MicrosoftSentinelConfiguration
12 |
--------------------------------------------------------------------------------
/MicrosoftSentinel/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/MicrosoftSentinel/tests/__init__.py
--------------------------------------------------------------------------------
/MicrosoftWindowsServer/.gitignore:
--------------------------------------------------------------------------------
1 | .coverage
2 | .idea
3 | htmlcov
4 | .mypy_cache
5 | .pytest_cache
6 | *local*
7 |
--------------------------------------------------------------------------------
/MicrosoftWindowsServer/client/__init__.py:
--------------------------------------------------------------------------------
1 | """Contains the client-side code for the Microsoft module."""
2 |
--------------------------------------------------------------------------------
/MicrosoftWindowsServer/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/MicrosoftWindowsServer/logo.png
--------------------------------------------------------------------------------
/MicrosoftWindowsServer/tests/__init__.py:
--------------------------------------------------------------------------------
1 | """Tests for this integration."""
2 |
--------------------------------------------------------------------------------
/MicrosoftWindowsServer/tests/actions/__init__.py:
--------------------------------------------------------------------------------
1 | """Contains tests related to actions."""
2 |
--------------------------------------------------------------------------------
/MicrosoftWindowsServer/tests/client/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/MicrosoftWindowsServer/tests/client/__init__.py
--------------------------------------------------------------------------------
/Mimecast/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Mimecast/logo.png
--------------------------------------------------------------------------------
/Mimecast/main.py:
--------------------------------------------------------------------------------
1 | from mimecast_modules import MimecastModule
2 | from mimecast_modules.connector_mimecast_siem import MimecastSIEMConnector
3 |
4 | if __name__ == "__main__":
5 | module = MimecastModule()
6 | module.register(MimecastSIEMConnector, "mimecast_email_security")
7 | module.run()
8 |
--------------------------------------------------------------------------------
/Mimecast/mimecast_modules/__init__.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from .models import MimecastModuleConfiguration
4 |
5 |
6 | class MimecastModule(Module):
7 | configuration: MimecastModuleConfiguration
8 |
--------------------------------------------------------------------------------
/Mimecast/mimecast_modules/models.py:
--------------------------------------------------------------------------------
1 | from pydantic import BaseModel, Field
2 |
3 |
4 | class MimecastModuleConfiguration(BaseModel):
5 | client_id: str = Field(..., description="Client ID")
6 | client_secret: str = Field(secret=True, description="Client Secret") # type: ignore
7 |
--------------------------------------------------------------------------------
/Mimecast/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Mimecast/tests/__init__.py
--------------------------------------------------------------------------------
/NetFlow/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/NetFlow/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/NetFlow/logo.png
--------------------------------------------------------------------------------
/Netfilter/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Netfilter/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Netfilter/logo.png
--------------------------------------------------------------------------------
/Netskope/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Netskope/logo.png
--------------------------------------------------------------------------------
/Netskope/netskope_modules/__init__.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from netskope_modules.models import NetskopeModuleConfiguration
4 |
5 |
6 | class NetskopeModule(Module):
7 | configuration: NetskopeModuleConfiguration
8 |
--------------------------------------------------------------------------------
/Netskope/netskope_modules/constants.py:
--------------------------------------------------------------------------------
1 | MESSAGE_CANNOT_CONSUME_SERVICE = "You cannot consume this service"
2 |
--------------------------------------------------------------------------------
/Netskope/netskope_modules/models.py:
--------------------------------------------------------------------------------
1 | from pydantic import BaseModel, Field
2 |
3 |
4 | class NetskopeModuleConfiguration(BaseModel):
5 | base_url: str | None = Field(None, description="API base URL")
6 |
--------------------------------------------------------------------------------
/Netskope/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Netskope/tests/__init__.py
--------------------------------------------------------------------------------
/Netwrix/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Netwrix/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Netwrix/logo.png
--------------------------------------------------------------------------------
/Nybble/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM python:3.10
2 |
3 | WORKDIR /app
4 |
5 | RUN pip install poetry
6 |
7 | # Install dependencies
8 | COPY poetry.lock pyproject.toml /app/
9 | RUN poetry config virtualenvs.create false && poetry install --only main
10 |
11 | COPY . .
12 |
13 | RUN useradd -ms /bin/bash sekoiaio-runtime
14 | USER sekoiaio-runtime
15 |
16 | ENTRYPOINT [ "python", "./main.py" ]
17 |
--------------------------------------------------------------------------------
/Nybble/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Nybble/logo.png
--------------------------------------------------------------------------------
/Nybble/main.py:
--------------------------------------------------------------------------------
1 | from nybble_modules import NybbleModule
2 |
3 | from nybble_modules.create_alert import CreateAlertAction
4 |
5 |
6 | if __name__ == "__main__":
7 | module = NybbleModule()
8 | module.register(CreateAlertAction, "CreateAlertAction")
9 | module.run()
10 |
--------------------------------------------------------------------------------
/Nybble/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Nybble/tests/__init__.py
--------------------------------------------------------------------------------
/OGO/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/OGO/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/OGO/logo.png
--------------------------------------------------------------------------------
/OSINTCollector/.dockerignore:
--------------------------------------------------------------------------------
1 | resources/*
2 | **/*~
3 | **/__pycache__
4 | venv
5 |
--------------------------------------------------------------------------------
/OSINTCollector/main.py:
--------------------------------------------------------------------------------
1 | from osintcollector.trigger_osint import OSINTTrigger
2 | from sekoia_automation.module import Module
3 |
4 | if __name__ == "__main__":
5 | module = Module()
6 |
7 | module.register(OSINTTrigger, "osint_trigger")
8 | module.run()
9 |
--------------------------------------------------------------------------------
/OSINTCollector/osintcollector/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/OSINTCollector/osintcollector/__init__.py
--------------------------------------------------------------------------------
/OSINTCollector/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/OSINTCollector/tests/__init__.py
--------------------------------------------------------------------------------
/Office365/README.md:
--------------------------------------------------------------------------------
1 | # Office365
2 |
3 | ## MessageTrace
4 |
5 | Api reference https://docs.microsoft.com/en-us/previous-versions/office/developer/o365-enterprise-developers/jj984335%28v%3Doffice.15%29#rest-uris
6 |
--------------------------------------------------------------------------------
/Office365/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Office365/logo.png
--------------------------------------------------------------------------------
/Office365/office365/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Office365/office365/__init__.py
--------------------------------------------------------------------------------
/Office365/office365/management_api/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Office365/office365/management_api/__init__.py
--------------------------------------------------------------------------------
/Office365/office365/management_api/constants.py:
--------------------------------------------------------------------------------
1 | OFFICE365_AUTHORITY_DEFAULT = "https://login.microsoftonline.com/common"
2 | OFFICE365_URL_BASE = "https://manage.office.com/api/v1.0/{tenant_id}/activity/feed"
3 | OFFICE365_ACTIVE_SUBSCRIPTION_STATUS = "enabled"
4 |
--------------------------------------------------------------------------------
/Office365/office365/message_trace/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Office365/office365/message_trace/__init__.py
--------------------------------------------------------------------------------
/Office365/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Office365/tests/__init__.py
--------------------------------------------------------------------------------
/Office365/tests/management_api/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Office365/tests/management_api/__init__.py
--------------------------------------------------------------------------------
/Office365/tests/message_trace/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Office365/tests/message_trace/__init__.py
--------------------------------------------------------------------------------
/Okta/Dockerfile:
--------------------------------------------------------------------------------
1 | FROM python:3.11
2 |
3 | WORKDIR /app
4 |
5 | RUN pip install poetry
6 |
7 | # Install dependencies
8 | COPY poetry.lock pyproject.toml /app/
9 | RUN poetry config virtualenvs.create false && poetry install --only main
10 |
11 | COPY . .
12 |
13 | RUN useradd -ms /bin/bash sekoiaio-runtime
14 | USER sekoiaio-runtime
15 |
16 | ENTRYPOINT [ "python", "./main.py" ]
--------------------------------------------------------------------------------
/Okta/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Okta/logo.png
--------------------------------------------------------------------------------
/Okta/main.py:
--------------------------------------------------------------------------------
1 | from okta_modules import OktaModule
2 | from okta_modules.system_log_trigger import SystemLogConnector
3 |
4 | if __name__ == "__main__":
5 | module = OktaModule()
6 | module.register(SystemLogConnector, "okta_system_logs")
7 | module.run()
8 |
--------------------------------------------------------------------------------
/Okta/okta_modules/__init__.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from okta_modules.models import OktaModuleConfiguration
4 |
5 |
6 | class OktaModule(Module):
7 | configuration: OktaModuleConfiguration
8 |
--------------------------------------------------------------------------------
/Okta/okta_modules/models.py:
--------------------------------------------------------------------------------
1 | from pydantic import BaseModel, Field
2 |
3 |
4 | class OktaModuleConfiguration(BaseModel):
5 | base_url: str = Field(..., description="The url to your Okta tenant")
6 | apikey: str = Field(secret=True, description="The APIkey to authenticate calls to the API")
7 |
--------------------------------------------------------------------------------
/Okta/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Okta/tests/__init__.py
--------------------------------------------------------------------------------
/Okta/tests/test_helpers.py:
--------------------------------------------------------------------------------
1 | from datetime import datetime
2 |
3 | from okta_modules.helpers import get_upper_second
4 |
5 |
6 | def test_get_upper_second():
7 | starting_datetime = datetime(2022, 12, 11, 23, 45, 26, 208)
8 | expected_datetime = datetime(2022, 12, 11, 23, 45, 27)
9 |
10 | assert get_upper_second(starting_datetime) == expected_datetime
11 |
--------------------------------------------------------------------------------
/Olfeo/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Olfeo/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Olfeo/logo.png
--------------------------------------------------------------------------------
/Onyphe/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Onyphe/logo.png
--------------------------------------------------------------------------------
/Onyphe/onyphe/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Onyphe/onyphe/__init__.py
--------------------------------------------------------------------------------
/OpenAI/README.md:
--------------------------------------------------------------------------------
1 | Integration with OpenAI APIs
--------------------------------------------------------------------------------
/OpenAI/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/OpenAI/logo.png
--------------------------------------------------------------------------------
/OpenAI/main.py:
--------------------------------------------------------------------------------
1 | from openai_module.base import OpenAIModule
2 | from openai_module.gpt import AskGPTAction
3 |
4 | if __name__ == "__main__":
5 | module = OpenAIModule()
6 | module.register(AskGPTAction, "AskGPTAction")
7 | module.run()
8 |
--------------------------------------------------------------------------------
/OpenAI/openai_module/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/OpenAI/openai_module/__init__.py
--------------------------------------------------------------------------------
/OpenAI/openai_module/base.py:
--------------------------------------------------------------------------------
1 | from pydantic import BaseModel, Field
2 | from sekoia_automation.module import Module
3 |
4 |
5 | class OpenAIConfiguration(BaseModel):
6 | api_key: str = Field(secret=True, description="API Key to use to connect to OpenAI API endpoints")
7 |
8 |
9 | class OpenAIModule(Module):
10 | configuration: OpenAIConfiguration
11 |
--------------------------------------------------------------------------------
/OpenAI/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/OpenAI/tests/__init__.py
--------------------------------------------------------------------------------
/OpenBSD/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/OpenBSD/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/OpenBSD/logo.png
--------------------------------------------------------------------------------
/OpenLDAP/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/OpenLDAP/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/OpenLDAP/logo.png
--------------------------------------------------------------------------------
/OpenSSH/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/OpenSSH/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/OpenSSH/logo.png
--------------------------------------------------------------------------------
/OpenVPN/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/OpenVPN/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/OpenVPN/logo.png
--------------------------------------------------------------------------------
/PagerDuty/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/PagerDuty/logo.png
--------------------------------------------------------------------------------
/PagerDuty/main.py:
--------------------------------------------------------------------------------
1 | # third parties
2 | # internals
3 | from sekoia_automation.module import Module
4 |
5 | from pagerduty.action_pagerduty_trigger_alert import PagerDutyTriggerAlertAction
6 |
7 | if __name__ == "__main__":
8 | module = Module()
9 | module.register(PagerDutyTriggerAlertAction, "pagerduty_trigger_alert")
10 | module.run()
11 |
--------------------------------------------------------------------------------
/PagerDuty/pagerduty/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/PagerDuty/pagerduty/__init__.py
--------------------------------------------------------------------------------
/PagerDuty/pagerduty/constants.py:
--------------------------------------------------------------------------------
1 | # coding: utf-8
2 | """
3 | few constants shared by all the module of the integration
4 | """
5 |
6 | # this default URL was taken from the following documentation website:
7 | # https://developer.pagerduty.com/docs/events-api-v2/overview/
8 | DEFAULT_EVENTSAPIV2_URL = "https://events.pagerduty.com/v2/enqueue"
9 |
--------------------------------------------------------------------------------
/PagerDuty/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/PagerDuty/tests/__init__.py
--------------------------------------------------------------------------------
/Palo Alto Networks/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Palo Alto Networks/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Palo Alto Networks/logo.png
--------------------------------------------------------------------------------
/PaloAltoCortexXDR/cortex_module/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/PaloAltoCortexXDR/cortex_module/__init__.py
--------------------------------------------------------------------------------
/PaloAltoCortexXDR/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/PaloAltoCortexXDR/logo.png
--------------------------------------------------------------------------------
/PaloAltoCortexXDR/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/PaloAltoCortexXDR/tests/__init__.py
--------------------------------------------------------------------------------
/PaloAltoCortexXDR/tests/actions/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/PaloAltoCortexXDR/tests/actions/__init__.py
--------------------------------------------------------------------------------
/PaloAltoXSIAM/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/PaloAltoXSIAM/logo.png
--------------------------------------------------------------------------------
/PaloAltoXSIAM/main.py:
--------------------------------------------------------------------------------
1 | from xsiam import XsiamModule
2 | from xsiam.stix_to_xsiam import STIXToXSIAMAction
3 |
4 | if __name__ == "__main__":
5 | module = XsiamModule()
6 | module.register(STIXToXSIAMAction, "stix_to_xsiam_action")
7 | module.run()
8 |
--------------------------------------------------------------------------------
/PaloAltoXSIAM/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/PaloAltoXSIAM/tests/__init__.py
--------------------------------------------------------------------------------
/PaloAltoXSIAM/xsiam/__init__.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 | from xsiam.models import XsiamModuleConfiguration
3 |
4 |
5 | class XsiamModule(Module):
6 | configuration: XsiamModuleConfiguration
7 |
--------------------------------------------------------------------------------
/PaloAltoXSIAM/xsiam/helpers.py:
--------------------------------------------------------------------------------
1 | import datetime
2 |
3 |
4 | def iso8601_to_timestamp(dt: str) -> str:
5 | return str(int(datetime.datetime.strptime(dt, "%Y-%m-%dT%H:%M:%SZ").timestamp()) * 1000)
6 |
--------------------------------------------------------------------------------
/PaloAltoXSIAM/xsiam/models.py:
--------------------------------------------------------------------------------
1 | from pydantic import BaseModel
2 |
3 |
4 | class XsiamModuleConfiguration(BaseModel):
5 | pass
6 |
--------------------------------------------------------------------------------
/PandaSecurity/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/PandaSecurity/logo.png
--------------------------------------------------------------------------------
/PandaSecurity/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/PandaSecurity/tests/__init__.py
--------------------------------------------------------------------------------
/Postfix/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Postfix/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Postfix/logo.png
--------------------------------------------------------------------------------
/Pradeo/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Pradeo/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Pradeo/logo.png
--------------------------------------------------------------------------------
/Proofpoint/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Proofpoint/logo.png
--------------------------------------------------------------------------------
/Proofpoint/proofpoint_modules/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Proofpoint/proofpoint_modules/__init__.py
--------------------------------------------------------------------------------
/Proofpoint/proofpoint_modules/pod/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Proofpoint/proofpoint_modules/pod/__init__.py
--------------------------------------------------------------------------------
/Proofpoint/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Proofpoint/tests/__init__.py
--------------------------------------------------------------------------------
/Proofpoint/tests/data/__init__.py:
--------------------------------------------------------------------------------
1 | ORIGINAL_MESSAGE = "".join(open("tests/data/original_message.json").readlines())
2 | ORIGINAL_MAILLOG = "".join(open("tests/data/original_maillog.json").readlines())
3 |
--------------------------------------------------------------------------------
/Proofpoint/tests/pod/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Proofpoint/tests/pod/__init__.py
--------------------------------------------------------------------------------
/PublicSuffix/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/PublicSuffix/logo.png
--------------------------------------------------------------------------------
/PublicSuffix/main.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from public_suffix.get_private_domains_action import GetPrivateDomainsAction
4 |
5 | if __name__ == "__main__":
6 | module = Module()
7 |
8 | module.register(GetPrivateDomainsAction, "get-private-domains")
9 |
10 | module.run()
11 |
--------------------------------------------------------------------------------
/PublicSuffix/public_suffix/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/PublicSuffix/public_suffix/__init__.py
--------------------------------------------------------------------------------
/RSA Security/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/RSA Security/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/RSA Security/logo.png
--------------------------------------------------------------------------------
/RSS/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/RSS/logo.png
--------------------------------------------------------------------------------
/RSS/main.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from rss.trigger_rss import RSSTrigger
4 |
5 | if __name__ == "__main__":
6 | module = Module()
7 |
8 | module.register(RSSTrigger, "rss_trigger")
9 |
10 | module.run()
11 |
--------------------------------------------------------------------------------
/RSS/rss/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/RSS/rss/__init__.py
--------------------------------------------------------------------------------
/RSS/rss/errors.py:
--------------------------------------------------------------------------------
1 | class Error(Exception):
2 | """Base class for exceptions in this module."""
3 |
4 | pass
5 |
6 |
7 | class MalFormedXMLError(Error):
8 | pass
9 |
--------------------------------------------------------------------------------
/RSS/rss/settings.py:
--------------------------------------------------------------------------------
1 | from functools import lru_cache
2 | from pathlib import Path
3 |
4 | from pydantic import BaseSettings
5 |
6 |
7 | class Settings(BaseSettings):
8 | cache_dir: Path = Path("/var/cache/symphony_rss_module")
9 |
10 | class Config:
11 | env_prefix = "symphony_rss_"
12 |
13 |
14 | @lru_cache
15 | def get_settings():
16 | return Settings()
17 |
--------------------------------------------------------------------------------
/RSS/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/RSS/tests/__init__.py
--------------------------------------------------------------------------------
/Retarus/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Retarus/logo.png
--------------------------------------------------------------------------------
/Retarus/main.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from retarus_modules.connector import RetarusConnector
4 |
5 | if __name__ == "__main__":
6 | module = Module()
7 | module.register(RetarusConnector, "retarus_connector")
8 | module.run()
9 |
--------------------------------------------------------------------------------
/Retarus/retarus_modules/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Retarus/retarus_modules/__init__.py
--------------------------------------------------------------------------------
/Retarus/retarus_modules/configuration.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.connector import DefaultConnectorConfiguration
2 |
3 |
4 | class RetarusConfig(DefaultConnectorConfiguration):
5 | ws_url: str
6 | ws_key: str
7 |
--------------------------------------------------------------------------------
/Retarus/retarus_modules/metrics.py:
--------------------------------------------------------------------------------
1 | from prometheus_client import Counter
2 |
3 | # Declare prometheus metrics
4 | prom_namespace = "symphony_module_retarus"
5 |
6 | OUTGOING_EVENTS = Counter(
7 | name="forwarded_events",
8 | documentation="Number of events forwarded to Sekoia.io",
9 | namespace=prom_namespace,
10 | labelnames=["intake_key"],
11 | )
12 |
--------------------------------------------------------------------------------
/Retarus/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Retarus/tests/__init__.py
--------------------------------------------------------------------------------
/RiskIQ/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/RiskIQ/logo.png
--------------------------------------------------------------------------------
/RiskIQ/tests/test_riskiq.py:
--------------------------------------------------------------------------------
1 | from riskiq_module import SslCertificateBySha1Action
2 |
3 |
4 | def test_riskiq():
5 | assert SslCertificateBySha1Action.verb == "get"
6 | assert SslCertificateBySha1Action.query_parameters == ["sha1"]
7 |
--------------------------------------------------------------------------------
/Rubycat/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Rubycat/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Rubycat/logo.png
--------------------------------------------------------------------------------
/Salesforce/.gitignore:
--------------------------------------------------------------------------------
1 | .coverage
2 | .idea
3 | htmlcov
4 | .mypy_cache
5 | .pytest_cache
6 | *local*
7 |
--------------------------------------------------------------------------------
/Salesforce/client/__init__.py:
--------------------------------------------------------------------------------
1 | """Salesforce api client module."""
2 |
--------------------------------------------------------------------------------
/Salesforce/client/schemas/__init__.py:
--------------------------------------------------------------------------------
1 | """All pydantic schemas to work with Salesforce api."""
2 |
--------------------------------------------------------------------------------
/Salesforce/logger/__init__.py:
--------------------------------------------------------------------------------
1 | """Configure LOGURU logger to use by all parts of application."""
2 |
--------------------------------------------------------------------------------
/Salesforce/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Salesforce/logo.png
--------------------------------------------------------------------------------
/Salesforce/main.py:
--------------------------------------------------------------------------------
1 | """Entry point for the Salesforce connector."""
2 |
3 | from salesforce import SalesforceModule
4 | from salesforce.connector import SalesforceConnector
5 |
6 | if __name__ == "__main__":
7 | module = SalesforceModule()
8 | module.register(SalesforceConnector, "salesforce")
9 | module.run()
10 |
--------------------------------------------------------------------------------
/Salesforce/salesforce/__init__.py:
--------------------------------------------------------------------------------
1 | """Module ad connector for Salesforce."""
2 |
3 | from sekoia_automation.module import Module
4 |
5 | from salesforce.models import SalesforceModuleConfig
6 |
7 |
8 | class SalesforceModule(Module):
9 | """SalesforceModule."""
10 |
11 | configuration: SalesforceModuleConfig
12 |
--------------------------------------------------------------------------------
/Salesforce/tests/__init__.py:
--------------------------------------------------------------------------------
1 | """All necessary tests."""
2 |
--------------------------------------------------------------------------------
/Salesforce/tests/client/__init__.py:
--------------------------------------------------------------------------------
1 | """Tests for schema package."""
2 |
--------------------------------------------------------------------------------
/Salesforce/tests/client/schemas/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Salesforce/tests/client/schemas/__init__.py
--------------------------------------------------------------------------------
/Salesforce/tests/logger/__init__.py:
--------------------------------------------------------------------------------
1 | """Tests related to logger package."""
2 |
--------------------------------------------------------------------------------
/Salesforce/tests/salesforce/__init__.py:
--------------------------------------------------------------------------------
1 | """Tests related to connectors."""
2 |
--------------------------------------------------------------------------------
/Salesforce/tests/utils/__init__.py:
--------------------------------------------------------------------------------
1 | """Tests related to utils package."""
2 |
--------------------------------------------------------------------------------
/Salesforce/utils/__init__.py:
--------------------------------------------------------------------------------
1 | """Module with file utils."""
2 |
--------------------------------------------------------------------------------
/Seckiot/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Seckiot/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Seckiot/logo.png
--------------------------------------------------------------------------------
/SecurityScorecard/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/SecurityScorecard/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/SecurityScorecard/logo.png
--------------------------------------------------------------------------------
/Sekoia.io/.dockerignore:
--------------------------------------------------------------------------------
1 | resources/composes/*
2 | resources/dockers/*
3 | resources/stacks/*
4 | resources/kubernetes/*
5 | **/*~
6 | **/__pycache__
7 | venv
8 |
--------------------------------------------------------------------------------
/Sekoia.io/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Sekoia.io/logo.png
--------------------------------------------------------------------------------
/Sekoia.io/sekoiaio/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Sekoia.io/sekoiaio/__init__.py
--------------------------------------------------------------------------------
/Sekoia.io/sekoiaio/triggers/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Sekoia.io/sekoiaio/triggers/__init__.py
--------------------------------------------------------------------------------
/Sekoia.io/sekoiaio/workspace/__init__.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.action import GenericAPIAction
2 |
3 | base_url = "api/v1/"
4 |
5 |
6 | GetCommunity = type(
7 | "GetCommunity",
8 | (GenericAPIAction,),
9 | {
10 | "verb": "get",
11 | "endpoint": base_url + "communities/{uuid}",
12 | "query_parameters": [],
13 | },
14 | )
15 |
--------------------------------------------------------------------------------
/Sekoia.io/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Sekoia.io/tests/__init__.py
--------------------------------------------------------------------------------
/Sekoia.io/tests/conftest.py:
--------------------------------------------------------------------------------
1 | from pathlib import Path
2 | from shutil import rmtree
3 | from tempfile import mkdtemp
4 |
5 | import pytest
6 |
7 |
8 | @pytest.fixture
9 | def symphony_storage():
10 | new_storage = Path(mkdtemp())
11 |
12 | yield new_storage
13 |
14 | rmtree(new_storage.as_posix())
15 |
--------------------------------------------------------------------------------
/Sekoia.io/tests/ic_oc_triggers/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Sekoia.io/tests/ic_oc_triggers/__init__.py
--------------------------------------------------------------------------------
/Sekoia.io/tests/operation_center_action/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Sekoia.io/tests/operation_center_action/__init__.py
--------------------------------------------------------------------------------
/Sekoia.io/tests/test_utils.py:
--------------------------------------------------------------------------------
1 | from sekoiaio.utils import user_agent
2 |
3 |
4 | def test_user_agent():
5 | user_agent_orig = user_agent()
6 |
7 | agent, version = user_agent_orig.split("/", 1)
8 | assert agent == "symphony-module-sekoia.io"
9 | assert version != "unknown"
10 |
--------------------------------------------------------------------------------
/SentinelOne/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/SentinelOne/logo.png
--------------------------------------------------------------------------------
/SentinelOne/sentinel-mgmt-sdk.tar.gz:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/SentinelOne/sentinel-mgmt-sdk.tar.gz
--------------------------------------------------------------------------------
/SentinelOne/sentinelone_module/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/SentinelOne/sentinelone_module/__init__.py
--------------------------------------------------------------------------------
/SentinelOne/sentinelone_module/agents/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/SentinelOne/sentinelone_module/agents/__init__.py
--------------------------------------------------------------------------------
/SentinelOne/sentinelone_module/deep_visibility/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/SentinelOne/sentinelone_module/deep_visibility/__init__.py
--------------------------------------------------------------------------------
/SentinelOne/sentinelone_module/iocs/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/SentinelOne/sentinelone_module/iocs/__init__.py
--------------------------------------------------------------------------------
/SentinelOne/sentinelone_module/logs/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/SentinelOne/sentinelone_module/logs/__init__.py
--------------------------------------------------------------------------------
/SentinelOne/sentinelone_module/logs/configuration.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.connector import DefaultConnectorConfiguration
2 |
3 |
4 | class SentinelOneLogsConnectorConfiguration(DefaultConnectorConfiguration):
5 | frequency: int = 60
6 | activities_batch_size: int = 1000
7 | threats_batch_size: int = 1000
8 |
--------------------------------------------------------------------------------
/SentinelOne/sentinelone_module/singularity/__init__.py:
--------------------------------------------------------------------------------
1 | """
2 | This package contains all necessary logic to work with SentinelOne Singularity Identity.
3 | """
4 |
--------------------------------------------------------------------------------
/SentinelOne/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/SentinelOne/tests/__init__.py
--------------------------------------------------------------------------------
/SentinelOne/tests/agents/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/SentinelOne/tests/agents/__init__.py
--------------------------------------------------------------------------------
/SentinelOne/tests/deep_visibility/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/SentinelOne/tests/deep_visibility/__init__.py
--------------------------------------------------------------------------------
/SentinelOne/tests/logs/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/SentinelOne/tests/logs/__init__.py
--------------------------------------------------------------------------------
/SentinelOne/tests/rso/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/SentinelOne/tests/rso/__init__.py
--------------------------------------------------------------------------------
/SentinelOne/tests/singularity/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/SentinelOne/tests/singularity/__init__.py
--------------------------------------------------------------------------------
/SentinelOne/tests/threats/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/SentinelOne/tests/threats/__init__.py
--------------------------------------------------------------------------------
/SentinelOne/tests/triggers/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/SentinelOne/tests/triggers/__init__.py
--------------------------------------------------------------------------------
/SentinelOneDeepVisibility/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/SentinelOneDeepVisibility/logo.png
--------------------------------------------------------------------------------
/SentinelOneDeepVisibility/main.py:
--------------------------------------------------------------------------------
1 | from deep_visibility import SentinelOneDeepVisibilityModule
2 | from deep_visibility.connector_s3_logs import DeepVisibilityConnector
3 |
4 | if __name__ == "__main__":
5 | module = SentinelOneDeepVisibilityModule()
6 | module.register(DeepVisibilityConnector, "sentinelone_deep_visibility_connector")
7 | module.run()
8 |
--------------------------------------------------------------------------------
/SentinelOneDeepVisibility/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/SentinelOneDeepVisibility/tests/__init__.py
--------------------------------------------------------------------------------
/SentinelOneDeepVisibility/tests/deep_visibility/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/SentinelOneDeepVisibility/tests/deep_visibility/__init__.py
--------------------------------------------------------------------------------
/ServiceNow/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/ServiceNow/logo.png
--------------------------------------------------------------------------------
/ServiceNow/main.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from service_now import GetTable
4 |
5 | if __name__ == "__main__":
6 | module = Module()
7 | module.register(GetTable, "servicenow_get_table")
8 | module.run()
9 |
--------------------------------------------------------------------------------
/ServiceNow/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/ServiceNow/tests/__init__.py
--------------------------------------------------------------------------------
/SesameIT/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/SesameIT/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/SesameIT/logo.png
--------------------------------------------------------------------------------
/Shodan/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Shodan/logo.png
--------------------------------------------------------------------------------
/Shodan/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Shodan/tests/__init__.py
--------------------------------------------------------------------------------
/SkyhighSecurity/README.md:
--------------------------------------------------------------------------------
1 | # Skyhigh Security
2 |
3 | ## Secure Web Gateway (SWG)
4 |
5 | - [Api reference](https://success.myshn.net/Skyhigh_Secure_Web_Gateway_(Cloud)/Reporting/Using_a_REST_API_for_Reporting/Reporting_Fields)
6 | - [Example script](https://github.com/schindlerd/mwgcs-logpuller-pub)
7 |
--------------------------------------------------------------------------------
/SkyhighSecurity/gateway_cloud_services/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/SkyhighSecurity/gateway_cloud_services/__init__.py
--------------------------------------------------------------------------------
/SkyhighSecurity/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/SkyhighSecurity/logo.png
--------------------------------------------------------------------------------
/SkyhighSecurity/main.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from gateway_cloud_services.trigger_skyhigh_security_swg import SkyhighSecuritySWGTrigger
4 |
5 | if __name__ == "__main__":
6 | module = Module()
7 | module.register(SkyhighSecuritySWGTrigger, "skyhigh_security_swg")
8 | module.run()
9 |
--------------------------------------------------------------------------------
/SkyhighSecurity/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/SkyhighSecurity/tests/__init__.py
--------------------------------------------------------------------------------
/SonicWall/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/SonicWall/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/SonicWall/logo.png
--------------------------------------------------------------------------------
/Sophos/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Sophos/logo.png
--------------------------------------------------------------------------------
/Sophos/sophos_module/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Sophos/sophos_module/__init__.py
--------------------------------------------------------------------------------
/Sophos/sophos_module/client/exceptions.py:
--------------------------------------------------------------------------------
1 | class SophosApiAuthenticationError(Exception):
2 | """Custom exception for authentication errors."""
3 |
4 | pass
5 |
--------------------------------------------------------------------------------
/Sophos/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Sophos/tests/__init__.py
--------------------------------------------------------------------------------
/Sophos/tests/client/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Sophos/tests/client/__init__.py
--------------------------------------------------------------------------------
/Squid/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Squid/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Squid/logo.png
--------------------------------------------------------------------------------
/Stormshield/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Stormshield/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Stormshield/logo.png
--------------------------------------------------------------------------------
/Stormshield/manifest.json:
--------------------------------------------------------------------------------
1 | {
2 | "configuration": {},
3 | "description": "Stormshield Network Security is a range of network security appliances.",
4 | "name": "Stormshield",
5 | "uuid": "59498b29-5cfb-46e6-aaf1-9c0c3afeb00c",
6 | "version": "1.0.0",
7 | "slug": "stormshield",
8 | "categories": [
9 | "Network"
10 | ]
11 | }
12 |
--------------------------------------------------------------------------------
/StormshieldSES/docs/assets/Step01.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/StormshieldSES/docs/assets/Step01.png
--------------------------------------------------------------------------------
/StormshieldSES/docs/assets/Step02.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/StormshieldSES/docs/assets/Step02.png
--------------------------------------------------------------------------------
/StormshieldSES/docs/assets/Step03.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/StormshieldSES/docs/assets/Step03.png
--------------------------------------------------------------------------------
/StormshieldSES/docs/assets/Step04.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/StormshieldSES/docs/assets/Step04.png
--------------------------------------------------------------------------------
/StormshieldSES/docs/assets/Step05.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/StormshieldSES/docs/assets/Step05.png
--------------------------------------------------------------------------------
/StormshieldSES/docs/assets/Step06.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/StormshieldSES/docs/assets/Step06.png
--------------------------------------------------------------------------------
/StormshieldSES/docs/assets/Step07.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/StormshieldSES/docs/assets/Step07.png
--------------------------------------------------------------------------------
/StormshieldSES/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/StormshieldSES/logo.png
--------------------------------------------------------------------------------
/StormshieldSES/stormshield_module/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/StormshieldSES/stormshield_module/__init__.py
--------------------------------------------------------------------------------
/StormshieldSES/stormshield_module/process_actions.py:
--------------------------------------------------------------------------------
1 | from stormshield_module.base import StormshieldAction
2 |
3 | base_url = "/agents/{id}/tasks"
4 |
5 |
6 | class TerminateProcessAction(StormshieldAction):
7 | verb = "post"
8 | endpoint = base_url + "/process-termination"
9 | query_parameters: list[str] = []
10 |
--------------------------------------------------------------------------------
/StormshieldSES/stormshield_module/wait_task.py:
--------------------------------------------------------------------------------
1 | import requests
2 | from requests import Response
3 | from typing import Any
4 |
5 | from stormshield_module.base import StormshieldAction
6 |
7 |
8 | class WaitForTaskCompletionAction(StormshieldAction):
9 | verb = "get"
10 | endpoint = "/agents/tasks/{task_id}"
11 | query_parameters: list[str] = []
12 |
--------------------------------------------------------------------------------
/StormshieldSES/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/StormshieldSES/tests/__init__.py
--------------------------------------------------------------------------------
/Suricata/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Suricata/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Suricata/logo.png
--------------------------------------------------------------------------------
/Systancia/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Systancia/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Systancia/logo.png
--------------------------------------------------------------------------------
/Tanium/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Tanium/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Tanium/logo.png
--------------------------------------------------------------------------------
/Tehtris/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Tehtris/logo.png
--------------------------------------------------------------------------------
/Tehtris/main.py:
--------------------------------------------------------------------------------
1 | from tehtris_modules import TehtrisModule
2 | from tehtris_modules.trigger_tehtris_events import TehtrisEventConnector
3 |
4 | if __name__ == "__main__":
5 | module = TehtrisModule()
6 | module.register(TehtrisEventConnector, "tehtris_events_trigger")
7 | module.run()
8 |
--------------------------------------------------------------------------------
/Tehtris/tehtris_modules/__init__.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from tehtris_modules.models import TehtrisModuleConfiguration
4 |
5 |
6 | class TehtrisModule(Module):
7 | configuration: TehtrisModuleConfiguration
8 |
--------------------------------------------------------------------------------
/Tehtris/tehtris_modules/constants.py:
--------------------------------------------------------------------------------
1 | API_BASE_URL_FORMAT = "https://{tenant_id}.api.tehtris.net/api"
2 | EVENTS_ENDPOINT = "xdr/v1/event"
3 |
--------------------------------------------------------------------------------
/Tehtris/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Tehtris/tests/__init__.py
--------------------------------------------------------------------------------
/Tenable/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Tenable/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Tenable/logo.png
--------------------------------------------------------------------------------
/TheHive/.dockerignore:
--------------------------------------------------------------------------------
1 | resources/composes/*
2 | resources/dockers/*
3 | resources/stacks/*
4 | resources/kubernetes/*
5 | **/*~
6 | **/__pycache__
7 | venv
8 |
--------------------------------------------------------------------------------
/TheHive/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/TheHive/logo.png
--------------------------------------------------------------------------------
/TheHive/main.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from thehive.create_alert import TheHiveCreateAlert
4 |
5 | if __name__ == "__main__":
6 | module = Module()
7 |
8 | module.register(TheHiveCreateAlert, "thehive_create_alert")
9 |
10 | module.run()
11 |
--------------------------------------------------------------------------------
/TheHive/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/TheHive/tests/__init__.py
--------------------------------------------------------------------------------
/TheHive/thehive/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/TheHive/thehive/__init__.py
--------------------------------------------------------------------------------
/TheHiveV5/.dockerignore:
--------------------------------------------------------------------------------
1 | resources/composes/*
2 | resources/dockers/*
3 | resources/stacks/*
4 | resources/kubernetes/*
5 | **/*~
6 | **/__pycache__
7 | venv
8 |
--------------------------------------------------------------------------------
/TheHiveV5/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/TheHiveV5/logo.png
--------------------------------------------------------------------------------
/TheHiveV5/main.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from thehive.create_alert import TheHiveCreateAlertV5
4 |
5 | if __name__ == "__main__":
6 | module = Module()
7 |
8 | module.register(TheHiveCreateAlertV5, "thehive_create_alert")
9 |
10 | module.run()
11 |
--------------------------------------------------------------------------------
/TheHiveV5/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/TheHiveV5/tests/__init__.py
--------------------------------------------------------------------------------
/TheHiveV5/thehive/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/TheHiveV5/thehive/__init__.py
--------------------------------------------------------------------------------
/ThinkstCanary/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/ThinkstCanary/logo.png
--------------------------------------------------------------------------------
/ThinkstCanary/main.py:
--------------------------------------------------------------------------------
1 | from thinkst_canary_modules import ThinkstCanaryModule
2 | from thinkst_canary_modules.connector_thinkst_canary_alerts import ThinkstCanaryAlertsConnector
3 |
4 | if __name__ == "__main__":
5 | module = ThinkstCanaryModule()
6 | module.register(ThinkstCanaryAlertsConnector, "thinkst_canary_alerts")
7 | module.run()
8 |
--------------------------------------------------------------------------------
/ThinkstCanary/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/ThinkstCanary/tests/__init__.py
--------------------------------------------------------------------------------
/ThinkstCanary/thinkst_canary_modules/__init__.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from thinkst_canary_modules.models import ThinkstCanaryModuleConfiguration
4 |
5 |
6 | class ThinkstCanaryModule(Module):
7 | configuration: ThinkstCanaryModuleConfiguration
8 |
--------------------------------------------------------------------------------
/ThinkstCanary/thinkst_canary_modules/models.py:
--------------------------------------------------------------------------------
1 | from pydantic import BaseModel, Field
2 |
3 |
4 | class ThinkstCanaryModuleConfiguration(BaseModel):
5 | base_url: str = Field(..., description="Base URL")
6 | auth_token: str = Field(secret=True, description="Auth token")
7 |
--------------------------------------------------------------------------------
/Tranco/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Tranco/logo.png
--------------------------------------------------------------------------------
/Tranco/main.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from tranco_module.triggers import FetchTrancoListTrigger
4 |
5 | if __name__ == "__main__":
6 | module = Module()
7 | module.register(FetchTrancoListTrigger, "fetch_tranco_list")
8 | module.run()
9 |
--------------------------------------------------------------------------------
/Tranco/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Tranco/tests/__init__.py
--------------------------------------------------------------------------------
/Tranco/tests/data/top-1m.csv.zip:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Tranco/tests/data/top-1m.csv.zip
--------------------------------------------------------------------------------
/Tranco/tranco_module/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Tranco/tranco_module/__init__.py
--------------------------------------------------------------------------------
/Trellix/.gitignore:
--------------------------------------------------------------------------------
1 | .coverage
2 | .idea
3 | htmlcov
4 | .mypy_cache
5 | .pytest_cache
6 | *local*
7 |
--------------------------------------------------------------------------------
/Trellix/client/__init__.py:
--------------------------------------------------------------------------------
1 | """Trellix api client module."""
2 |
--------------------------------------------------------------------------------
/Trellix/client/schemas/__init__.py:
--------------------------------------------------------------------------------
1 | """All pydantic schemas to work with Trellix api."""
2 |
--------------------------------------------------------------------------------
/Trellix/client/schemas/attributes/__init__.py:
--------------------------------------------------------------------------------
1 | """Contains all schemas for Trellix responses attributes."""
2 |
--------------------------------------------------------------------------------
/Trellix/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Trellix/logo.png
--------------------------------------------------------------------------------
/Trellix/tests/__init__.py:
--------------------------------------------------------------------------------
1 | """All necessary tests."""
2 |
--------------------------------------------------------------------------------
/Trellix/tests/client/__init__.py:
--------------------------------------------------------------------------------
1 | """Tests for schema package."""
2 |
--------------------------------------------------------------------------------
/Trellix/tests/client/schemas/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Trellix/tests/client/schemas/__init__.py
--------------------------------------------------------------------------------
/Trellix/tests/connectors/__init__.py:
--------------------------------------------------------------------------------
1 | """Tests related to connector."""
2 |
--------------------------------------------------------------------------------
/TrendMicro/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/TrendMicro/logo.png
--------------------------------------------------------------------------------
/TrendMicro/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/TrendMicro/tests/__init__.py
--------------------------------------------------------------------------------
/TrendMicro/trendmicro_modules/__init__.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from .models import TrendMicroModuleConfiguration
4 |
5 |
6 | class TrendMicroModule(Module):
7 | configuration: TrendMicroModuleConfiguration
8 |
--------------------------------------------------------------------------------
/TrendMicro/trendmicro_modules/client/auth.py:
--------------------------------------------------------------------------------
1 | from requests.auth import AuthBase
2 |
3 |
4 | class TrendMicroVisionAuth(AuthBase):
5 | def __init__(self, api_key: str):
6 | self.__api_key = api_key
7 |
8 | def __call__(self, request):
9 | request.headers["Authorization"] = f"Bearer {self.__api_key}"
10 | return request
11 |
--------------------------------------------------------------------------------
/TrendMicro/trendmicro_modules/helpers.py:
--------------------------------------------------------------------------------
1 | import datetime
2 |
3 |
4 | def iso8601_to_timestamp(dt: str) -> int:
5 | return int(datetime.datetime.strptime(dt, "%Y-%m-%dT%H:%M:%SZ").timestamp())
6 |
7 |
8 | def unixtime_to_iso8601(timestamp: int) -> str:
9 | return datetime.datetime.fromtimestamp(timestamp).strftime("%Y-%m-%dT%H:%M:%SZ")
10 |
--------------------------------------------------------------------------------
/TrendMicro/trendmicro_modules/models.py:
--------------------------------------------------------------------------------
1 | from pydantic import BaseModel
2 |
3 |
4 | class TrendMicroModuleConfiguration(BaseModel):
5 | pass
6 |
--------------------------------------------------------------------------------
/Triage/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Triage/tests/__init__.py
--------------------------------------------------------------------------------
/Triage/triage_modules/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Triage/triage_modules/__init__.py
--------------------------------------------------------------------------------
/Ubika/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Ubika/logo.png
--------------------------------------------------------------------------------
/Ubika/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Ubika/tests/__init__.py
--------------------------------------------------------------------------------
/Ubika/ubika_modules/__init__.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from .models import UbikaModuleConfiguration
4 |
5 |
6 | class UbikaModule(Module):
7 | configuration: UbikaModuleConfiguration
8 |
--------------------------------------------------------------------------------
/Ubika/ubika_modules/models.py:
--------------------------------------------------------------------------------
1 | from pydantic.v1 import BaseModel
2 |
3 |
4 | class UbikaModuleConfiguration(BaseModel):
5 | pass
6 |
--------------------------------------------------------------------------------
/Umbrella/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Umbrella/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Umbrella/logo.png
--------------------------------------------------------------------------------
/Unbound/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Unbound/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Unbound/logo.png
--------------------------------------------------------------------------------
/Utils/logo.svg:
--------------------------------------------------------------------------------
1 |
--------------------------------------------------------------------------------
/Utils/utils/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Utils/utils/__init__.py
--------------------------------------------------------------------------------
/VMWare/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/VMWare/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/VMWare/logo.png
--------------------------------------------------------------------------------
/VadeCloud/context.json:
--------------------------------------------------------------------------------
1 | {}
--------------------------------------------------------------------------------
/VadeCloud/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/VadeCloud/logo.png
--------------------------------------------------------------------------------
/VadeCloud/main.py:
--------------------------------------------------------------------------------
1 | from vadecloud_modules import VadeCloudModule
2 | from vadecloud_modules.trigger_vade_cloud_logs import VadeCloudLogsConnector
3 |
4 | if __name__ == "__main__":
5 | module = VadeCloudModule()
6 | module.register(VadeCloudLogsConnector, "vade_cloud_connector")
7 | module.run()
8 |
--------------------------------------------------------------------------------
/VadeCloud/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/VadeCloud/tests/__init__.py
--------------------------------------------------------------------------------
/VadeCloud/vadecloud_modules/__init__.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from .models import VadeCloudModuleConfiguration
4 |
5 |
6 | class VadeCloudModule(Module):
7 | configuration: VadeCloudModuleConfiguration
8 |
--------------------------------------------------------------------------------
/VadeCloud/vadecloud_modules/models.py:
--------------------------------------------------------------------------------
1 | from pydantic import BaseModel, Field
2 |
3 |
4 | class VadeCloudModuleConfiguration(BaseModel):
5 | hostname: str = Field("https://cloud.vadesecure.com", description="API hostname")
6 | login: str = Field(..., description="API login")
7 | password: str = Field(..., description="API password", secret=True)
8 |
--------------------------------------------------------------------------------
/VadeSecure/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/VadeSecure/logo.png
--------------------------------------------------------------------------------
/VadeSecure/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/VadeSecure/tests/__init__.py
--------------------------------------------------------------------------------
/VadeSecure/vadesecure_modules/__init__.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from vadesecure_modules.models import VadeSecureConfiguration
4 |
5 |
6 | class VadeSecureModule(Module):
7 | configuration: VadeSecureConfiguration
8 |
--------------------------------------------------------------------------------
/Varonis/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Varonis/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Varonis/logo.png
--------------------------------------------------------------------------------
/Vectra/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Vectra/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Vectra/logo.png
--------------------------------------------------------------------------------
/Veeam/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Veeam/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Veeam/logo.png
--------------------------------------------------------------------------------
/Virustotal/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Virustotal/logo.png
--------------------------------------------------------------------------------
/Virustotal/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Virustotal/tests/__init__.py
--------------------------------------------------------------------------------
/Virustotal/tests/eicar.txt:
--------------------------------------------------------------------------------
1 | X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
2 |
--------------------------------------------------------------------------------
/Virustotal/virustotal/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Virustotal/virustotal/__init__.py
--------------------------------------------------------------------------------
/Wallix/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Wallix/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Wallix/logo.png
--------------------------------------------------------------------------------
/WatchGuard/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/WatchGuard/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/WatchGuard/logo.png
--------------------------------------------------------------------------------
/Wazuh/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | All notable changes to this project will be documented in this file.
4 |
5 | The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
6 | and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7 |
8 | ## Unreleased
9 |
--------------------------------------------------------------------------------
/Wazuh/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Wazuh/logo.png
--------------------------------------------------------------------------------
/Whois/main.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from whois_module.whois_action import WhoisAction
4 |
5 | if __name__ == "__main__":
6 | module = Module()
7 |
8 | module.register(WhoisAction, "whois")
9 | module.run()
10 |
--------------------------------------------------------------------------------
/Whois/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Whois/tests/__init__.py
--------------------------------------------------------------------------------
/Whois/whois_module/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Whois/whois_module/__init__.py
--------------------------------------------------------------------------------
/WithSecure/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/WithSecure/logo.png
--------------------------------------------------------------------------------
/WithSecure/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/WithSecure/tests/__init__.py
--------------------------------------------------------------------------------
/WithSecure/tests/client/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/WithSecure/tests/client/__init__.py
--------------------------------------------------------------------------------
/WithSecure/withsecure/__init__.py:
--------------------------------------------------------------------------------
1 | from sekoia_automation.module import Module
2 |
3 | from withsecure.models import WithSecureModuleConfiguration
4 |
5 |
6 | class WithSecureModule(Module):
7 | configuration: WithSecureModuleConfiguration
8 |
--------------------------------------------------------------------------------
/WithSecure/withsecure/client/exceptions.py:
--------------------------------------------------------------------------------
1 | class AuthenticationError(Exception):
2 | pass
3 |
--------------------------------------------------------------------------------
/Wiz/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Wiz/logo.png
--------------------------------------------------------------------------------
/Wiz/tests/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Wiz/tests/__init__.py
--------------------------------------------------------------------------------
/Wiz/tests/client/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Wiz/tests/client/__init__.py
--------------------------------------------------------------------------------
/Wiz/wiz/client/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Wiz/wiz/client/__init__.py
--------------------------------------------------------------------------------
/Zscaler/.dockerignore:
--------------------------------------------------------------------------------
1 | resources/composes/*
2 | resources/dockers/*
3 | resources/stacks/*
4 | resources/kubernetes/*
5 | **/*~
6 | **/__pycache__
7 | venv
8 |
--------------------------------------------------------------------------------
/Zscaler/logo.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Zscaler/logo.png
--------------------------------------------------------------------------------
/Zscaler/zscaler/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/Zscaler/zscaler/__init__.py
--------------------------------------------------------------------------------
/_utils/compliance/__init__.py:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/SEKOIA-IO/automation-library/93a18d8cca58500c4678236bb829016082cb17ff/_utils/compliance/__init__.py
--------------------------------------------------------------------------------
/codecov.yml:
--------------------------------------------------------------------------------
1 | flag_management:
2 | default_rules: # the rules that will be followed for any flag added, generally
3 | carryforward: true
4 | statuses:
5 | - type: project
6 | target: auto
7 | threshold: 1%
8 | - type: patch
9 | target: 90%
--------------------------------------------------------------------------------
/docs/README.md:
--------------------------------------------------------------------------------
1 | # Documentation
2 |
3 | Sekoia.io automation library offers pieces that help customers to build automation playbooks.
4 |
5 | - [Organization](organization.md)
6 | - [Module](module.md)
7 | - [Action](action.md)
8 | - [Trigger](trigger.md)
9 | - [Connector](connector.md)
10 | - [Test](testing.md)
11 | - [Glossary](glossary.md)
12 |
--------------------------------------------------------------------------------
/docs/organization.md:
--------------------------------------------------------------------------------
1 | # Organization
2 |
3 | The repository is splitted in [modules](module.md). Each module groups a set of [triggers](trigger.md) and [actions](action.md)
4 |
--------------------------------------------------------------------------------
/docs/testing.md:
--------------------------------------------------------------------------------
1 | # Tests
2 |
3 | Define tests in the directory tests. To execute tests, use pytest:
4 |
5 | ```
6 | > poetry run pytest tests/
7 | ```
8 |
--------------------------------------------------------------------------------