howler-api 4.0.0.dev724__tar.gz → 4.0.0.dev740__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (211) hide show
  1. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/PKG-INFO +1 -1
  2. howler_api-4.0.0.dev740/howler/actions/add_to_case.py +136 -0
  3. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/random_data.py +1 -1
  4. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/pyproject.toml +1 -1
  5. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/README.md +0 -0
  6. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/__init__.py +0 -0
  7. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/actions/__init__.py +0 -0
  8. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/actions/add_label.py +0 -0
  9. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/actions/change_field.py +0 -0
  10. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/actions/demote.py +0 -0
  11. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/actions/example_plugin.py +0 -0
  12. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/actions/prioritization.py +0 -0
  13. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/actions/promote.py +0 -0
  14. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/actions/remove_label.py +0 -0
  15. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/actions/transition.py +0 -0
  16. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/api/__init__.py +0 -0
  17. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/api/base.py +0 -0
  18. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/api/socket.py +0 -0
  19. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/api/v1/__init__.py +0 -0
  20. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/api/v1/action.py +0 -0
  21. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/api/v1/analytic.py +0 -0
  22. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/api/v1/auth.py +0 -0
  23. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/api/v1/clue.py +0 -0
  24. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/api/v1/configs.py +0 -0
  25. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/api/v1/dossier.py +0 -0
  26. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/api/v1/help.py +0 -0
  27. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/api/v1/hit.py +0 -0
  28. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/api/v1/notebook.py +0 -0
  29. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/api/v1/overview.py +0 -0
  30. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/api/v1/search.py +0 -0
  31. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/api/v1/template.py +0 -0
  32. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/api/v1/tool.py +0 -0
  33. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/api/v1/user.py +0 -0
  34. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/api/v1/utils/__init__.py +0 -0
  35. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/api/v1/utils/etag.py +0 -0
  36. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/api/v1/view.py +0 -0
  37. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/api/v2/__init__.py +0 -0
  38. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/api/v2/case.py +0 -0
  39. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/api/v2/ingest.py +0 -0
  40. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/api/v2/search.py +0 -0
  41. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/app.py +0 -0
  42. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/common/README.md +0 -0
  43. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/common/__init__.py +0 -0
  44. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/common/classification.py +0 -0
  45. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/common/classification.yml +0 -0
  46. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/common/exceptions.py +0 -0
  47. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/common/loader.py +0 -0
  48. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/common/logging/__init__.py +0 -0
  49. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/common/logging/audit.py +0 -0
  50. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/common/logging/format.py +0 -0
  51. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/common/net.py +0 -0
  52. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/common/net_static.py +0 -0
  53. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/common/random_user.py +0 -0
  54. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/common/swagger.py +0 -0
  55. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/config.py +0 -0
  56. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/cronjobs/__init__.py +0 -0
  57. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/cronjobs/retention.py +0 -0
  58. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/cronjobs/view_cleanup.py +0 -0
  59. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/datastore/README.md +0 -0
  60. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/datastore/__init__.py +0 -0
  61. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/datastore/bulk.py +0 -0
  62. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/datastore/collection.py +0 -0
  63. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/datastore/constants.py +0 -0
  64. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/datastore/exceptions.py +0 -0
  65. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/datastore/howler_store.py +0 -0
  66. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/datastore/migrations/fix_process.py +0 -0
  67. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/datastore/operations.py +0 -0
  68. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/datastore/schemas.py +0 -0
  69. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/datastore/store.py +0 -0
  70. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/datastore/support/__init__.py +0 -0
  71. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/datastore/support/build.py +0 -0
  72. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/datastore/support/schemas.py +0 -0
  73. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/datastore/types.py +0 -0
  74. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/error.py +0 -0
  75. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/external/README.md +0 -0
  76. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/external/__init__.py +0 -0
  77. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/external/generate_mitre.py +0 -0
  78. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/external/generate_sigma_rules.py +0 -0
  79. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/external/generate_tlds.py +0 -0
  80. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/external/reindex_data.py +0 -0
  81. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/external/wipe_databases.py +0 -0
  82. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/gunicorn_config.py +0 -0
  83. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/healthz.py +0 -0
  84. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/helper/__init__.py +0 -0
  85. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/helper/azure.py +0 -0
  86. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/helper/discover.py +0 -0
  87. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/helper/hit.py +0 -0
  88. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/helper/oauth.py +0 -0
  89. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/helper/search.py +0 -0
  90. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/helper/workflow.py +0 -0
  91. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/helper/ws.py +0 -0
  92. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/README.md +0 -0
  93. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/__init__.py +0 -0
  94. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/base.py +0 -0
  95. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/charter.txt +0 -0
  96. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/constants.py +0 -0
  97. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/helper.py +0 -0
  98. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/howler_enum.py +0 -0
  99. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/mixins.py +0 -0
  100. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/__init__.py +0 -0
  101. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/action.py +0 -0
  102. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/analytic.py +0 -0
  103. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/assemblyline.py +0 -0
  104. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/aws.py +0 -0
  105. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/azure.py +0 -0
  106. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/case.py +0 -0
  107. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/cbs.py +0 -0
  108. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/clue.py +0 -0
  109. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/config.py +0 -0
  110. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/dossier.py +0 -0
  111. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/__init__.py +0 -0
  112. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/agent.py +0 -0
  113. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/autonomous_system.py +0 -0
  114. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/client.py +0 -0
  115. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/cloud.py +0 -0
  116. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/code_signature.py +0 -0
  117. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/container.py +0 -0
  118. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/dns.py +0 -0
  119. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/egress.py +0 -0
  120. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/elf.py +0 -0
  121. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/email.py +0 -0
  122. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/error.py +0 -0
  123. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/event.py +0 -0
  124. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/faas.py +0 -0
  125. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/file.py +0 -0
  126. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/geo.py +0 -0
  127. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/group.py +0 -0
  128. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/hash.py +0 -0
  129. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/host.py +0 -0
  130. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/http.py +0 -0
  131. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/ingress.py +0 -0
  132. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/interface.py +0 -0
  133. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/network.py +0 -0
  134. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/observer.py +0 -0
  135. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/organization.py +0 -0
  136. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/os.py +0 -0
  137. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/pe.py +0 -0
  138. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/process.py +0 -0
  139. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/registry.py +0 -0
  140. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/related.py +0 -0
  141. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/rule.py +0 -0
  142. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/server.py +0 -0
  143. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/threat.py +0 -0
  144. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/tls.py +0 -0
  145. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/url.py +0 -0
  146. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/user.py +0 -0
  147. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/user_agent.py +0 -0
  148. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/ecs/vulnerability.py +0 -0
  149. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/gcp.py +0 -0
  150. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/hit.py +0 -0
  151. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/howler_data.py +0 -0
  152. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/lead.py +0 -0
  153. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/localized_label.py +0 -0
  154. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/observable.py +0 -0
  155. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/overview.py +0 -0
  156. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/pivot.py +0 -0
  157. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/record.py +0 -0
  158. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/template.py +0 -0
  159. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/user.py +0 -0
  160. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/models/view.py +0 -0
  161. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/randomizer.py +0 -0
  162. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/patched.py +0 -0
  163. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/plugins/__init__.py +0 -0
  164. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/plugins/config.py +0 -0
  165. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/remote/__init__.py +0 -0
  166. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/remote/datatypes/README.md +0 -0
  167. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/remote/datatypes/__init__.py +0 -0
  168. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/remote/datatypes/counters.py +0 -0
  169. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/remote/datatypes/events.py +0 -0
  170. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/remote/datatypes/hash.py +0 -0
  171. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/remote/datatypes/lock.py +0 -0
  172. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/remote/datatypes/queues/__init__.py +0 -0
  173. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/remote/datatypes/queues/comms.py +0 -0
  174. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/remote/datatypes/queues/multi.py +0 -0
  175. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/remote/datatypes/queues/named.py +0 -0
  176. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/remote/datatypes/queues/priority.py +0 -0
  177. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/remote/datatypes/set.py +0 -0
  178. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/remote/datatypes/user_quota_tracker.py +0 -0
  179. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/security/__init__.py +0 -0
  180. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/security/socket.py +0 -0
  181. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/security/utils.py +0 -0
  182. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/services/__init__.py +0 -0
  183. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/services/action_service.py +0 -0
  184. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/services/analytic_service.py +0 -0
  185. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/services/auth_service.py +0 -0
  186. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/services/case_service.py +0 -0
  187. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/services/config_service.py +0 -0
  188. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/services/docs_service.py +0 -0
  189. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/services/dossier_service.py +0 -0
  190. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/services/event_service.py +0 -0
  191. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/services/hit_service.py +0 -0
  192. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/services/jwt_service.py +0 -0
  193. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/services/lucene_service.py +0 -0
  194. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/services/notebook_service.py +0 -0
  195. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/services/observable_service.py +0 -0
  196. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/services/overview_service.py +0 -0
  197. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/services/search_service.py +0 -0
  198. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/services/template_service.py +0 -0
  199. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/services/user_service.py +0 -0
  200. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/utils/__init__.py +0 -0
  201. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/utils/annotations.py +0 -0
  202. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/utils/chunk.py +0 -0
  203. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/utils/compat.py +0 -0
  204. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/utils/dict_utils.py +0 -0
  205. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/utils/isotime.py +0 -0
  206. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/utils/list_utils.py +0 -0
  207. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/utils/lucene.py +0 -0
  208. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/utils/path.py +0 -0
  209. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/utils/socket_utils.py +0 -0
  210. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/utils/str_utils.py +0 -0
  211. {howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/utils/uid.py +0 -0
{howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: howler-api
3
- Version: 4.0.0.dev724
3
+ Version: 4.0.0.dev740
4
4
  Summary: Howler - API server
5
5
  License: MIT
6
6
  Keywords: howler,alerting,gc,canada,cse-cst,cse,cst,cyber,cccs
howler_api-4.0.0.dev740/howler/actions/add_to_case.py ADDED
@@ -0,0 +1,136 @@
1
+ from typing import Optional
2
+
3
+ import chevron
4
+
5
+ from howler.common.exceptions import InvalidDataException, NotFoundException
6
+ from howler.common.loader import datastore
7
+ from howler.odm.models.action import VALID_TRIGGERS
8
+ from howler.services import case_service
9
+
10
+ OPERATION_ID = "add_to_case"
11
+
12
+
13
+ def execute(
14
+ query: str,
15
+ case_id: Optional[str] = None,
16
+ path: str = "related",
17
+ title_template: str = "{{howler.analytic}} ({{howler.id}})",
18
+ **kwargs,
19
+ ):
20
+ """Add matching alerts to a given case.
21
+
22
+ Args:
23
+ query (str): The query on which to apply this automation.
24
+ case_id (str): The ID of the case to add the alerts to.
25
+ path (str): The path within the case at which to place the alerts. Defaults to "related".
26
+ title_template (str): A Mustache-compatible template string used to generate each item's
27
+ path suffix (title). The hit's fields are available as template variables.
28
+ Defaults to "{{howler.analytic}} ({{howler.id}})".
29
+ """
30
+ if not case_id:
31
+ return [
32
+ {
33
+ "query": query,
34
+ "outcome": "error",
35
+ "title": "Missing Case ID",
36
+ "message": "A case_id must be provided.",
37
+ }
38
+ ]
39
+
40
+ ds = datastore()
41
+
42
+ if ds.case.get(case_id) is None:
43
+ return [
44
+ {
45
+ "query": query,
46
+ "outcome": "error",
47
+ "title": "Case Not Found",
48
+ "message": f"No case with ID '{case_id}' exists.",
49
+ }
50
+ ]
51
+
52
+ hits = ds.hit.search(query, rows=1000)["items"]
53
+
54
+ if not hits:
55
+ return [
56
+ {
57
+ "query": query,
58
+ "outcome": "skipped",
59
+ "title": "No Matching Hits",
60
+ "message": "No hits matched the query, so the action was skipped.",
61
+ }
62
+ ]
63
+
64
+ report = []
65
+ skipped = []
66
+ added = []
67
+
68
+ normalized_path = path.rstrip("/")
69
+
70
+ for hit in hits:
71
+ hit_data = hit.as_primitives()
72
+ title = chevron.render(title_template, hit_data)
73
+ item_path = f"{normalized_path}/{title}" if normalized_path else title
74
+
75
+ try:
76
+ case_service.append_case_item(
77
+ case_id,
78
+ item_type="hit",
79
+ item_value=hit.howler.id,
80
+ item_path=item_path,
81
+ )
82
+ added.append(hit.howler.id)
83
+ except InvalidDataException as e:
84
+ skipped.append(f"{hit.howler.id}: {e}")
85
+ except NotFoundException as e:
86
+ skipped.append(f"{hit.howler.id}: {e}")
87
+ except Exception as e:
88
+ skipped.append(f"{hit.howler.id}: {e}")
89
+
90
+ if added:
91
+ report.append(
92
+ {
93
+ "query": f"howler.id:({' OR '.join(added)})",
94
+ "outcome": "success",
95
+ "title": "Added to Case",
96
+ "message": f"{len(added)} alert(s) successfully added to case '{case_id}'.",
97
+ }
98
+ )
99
+
100
+ if skipped:
101
+ report.append(
102
+ {
103
+ "query": query,
104
+ "outcome": "skipped",
105
+ "title": "Skipped Alerts",
106
+ "message": f"{len(skipped)} alert(s) could not be added: {'; '.join(skipped)}",
107
+ }
108
+ )
109
+
110
+ return report
111
+
112
+
113
+ def specification():
114
+ """Specify various properties of the action, such as title, descriptions, permissions and input steps."""
115
+ return {
116
+ "id": OPERATION_ID,
117
+ "title": "Add to Case",
118
+ "priority": 9,
119
+ "i18nKey": f"operations.{OPERATION_ID}",
120
+ "description": {
121
+ "short": "Add matching alerts to a case",
122
+ "long": execute.__doc__,
123
+ },
124
+ "roles": ["automation_basic"],
125
+ "steps": [
126
+ {
127
+ "args": {
128
+ "case_id": [],
129
+ "path": [],
130
+ "title_template": [],
131
+ },
132
+ "options": {},
133
+ }
134
+ ],
135
+ "triggers": VALID_TRIGGERS,
136
+ }
{howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/howler/odm/random_data.py RENAMED
@@ -1063,7 +1063,7 @@ def create_actions(ds: HowlerDatastore, num_actions: int = 30):
1063
1063
 
1064
1064
  for step in available_operations[operation_id].specification()["steps"]:
1065
1065
  for key in step["args"].keys():
1066
- potential_values = step["options"].get(key, None)
1066
+ potential_values = step.get("options", {}).get(key, None)
1067
1067
  if potential_values:
1068
1068
  if isinstance(potential_values, dict):
1069
1069
  try:
{howler_api-4.0.0.dev724 → howler_api-4.0.0.dev740}/pyproject.toml RENAMED
@@ -152,7 +152,7 @@ suppress-none-returning = true
152
152
  [tool.poetry]
153
153
  package-mode = true
154
154
  name = "howler-api"
155
- version = "4.0.0.dev724"
155
+ version = "4.0.0.dev740"
156
156
  description = "Howler - API server"
157
157
  authors = [
158
158
  "Canadian Centre for Cyber Security <howler@cyber.gc.ca>",