pycti 5.12.14__py3-none-any.whl → 5.12.15__py3-none-any.whl

pycti/entities/opencti_task.py

@@ -5,8 +5,6 @@ import uuid
 from dateutil.parser import parse
 from stix2.canonicalization.Canonicalize import canonicalize
 
-from pycti.entities import LOGGER
-
 
 class Task:
     def __init__(self, opencti):
@@ -271,7 +269,9 @@ class Task:
         if get_all:
             first = 500
 
-        LOGGER.info("Listing Tasks with filters " + json.dumps(filters) + ".")
+        self.opencti.app_logger.info(
+            "Listing Tasks with filters", {"filters": json.dumps(filters)}
+        )
         query = (
             """
         query tasks($filters: FilterGroup, $search: String, $first: Int, $after: ID, $orderBy: TasksOrdering, $orderMode: OrderingMode) {
@@ -311,7 +311,7 @@ class Task:
             final_data = final_data + data
             while result["data"]["tasks"]["pageInfo"]["hasNextPage"]:
                 after = result["date"]["tasks"]["pageInfo"]["endCursor"]
-                self.opencti.log("info", "Listing Tasks after " + after)
+                self.opencti.app_logger.info("Listing Tasks", {"after": after})
                 result = self.opencti.query(
                     query,
                     {
@@ -344,7 +344,7 @@ class Task:
         filters = kwargs.get("filters", None)
         custom_attributes = kwargs.get("customAttributes", None)
         if id is not None:
-            self.opencti.log("info", "Reading Task { " + id + "}.")
+            self.opencti.app_logger.info("Reading Task", {"id": id})
             query = (
                 """
                                     query task($id: String!) {
@@ -415,13 +415,12 @@ class Task:
             "stixObjectOrStixRelationshipId", None
         )
         if id is not None and stix_object_or_stix_relationship_id is not None:
-            self.opencti.log(
-                "info",
-                "Checking StixObjectOrStixRelationship {"
-                + stix_object_or_stix_relationship_id
-                + "} in Task {"
-                + id
-                + "}",
+            self.opencti.app_logger.info(
+                "Checking StixObjectOrStixRelationship in Task",
+                {
+                    "stix_object_or_stix_relationship_id": stix_object_or_stix_relationship_id,
+                    "id": id,
+                },
             )
             query = """
                 query taskContainsStixObjectOrStixRelationship($id: String!, $stixObjectOrStixRelationshipId: String!) {
@@ -437,9 +436,8 @@ class Task:
             )
             return result["data"]["taskContainsStixObjectOrStixRelationship"]
         else:
-            self.opencti.log(
-                "error",
-                "[opencti_Task] Missing parameters: id or stixObjectOrStixRelationshipId",
+            self.opencti.app_logger.error(
+                "[opencti_Task] Missing parameters: id or stixObjectOrStixRelationshipId"
             )
 
     """
@@ -464,7 +462,7 @@ class Task:
         update = kwargs.get("update", False)
 
         if name is not None:
-            self.opencti.log("info", "Creating Task {" + name + "}.")
+            self.opencti.app_logger.info("Creating Task", {"name": name})
             query = """
                 mutation TaskAdd($input: TaskAddInput!) {
                     taskAdd(input: $input) {
@@ -496,13 +494,10 @@ class Task:
             )
             return self.opencti.process_multiple_fields(result["data"]["taskAdd"])
         else:
-            self.opencti.log(
-                "error",
-                "[opencti_task] Missing parameters: name",
-            )
+            self.opencti.app_logger.error("[opencti_task] Missing parameters: name")
 
     def update_field(self, **kwargs):
-        self.opencti.log("info", "Updating Task {%s}.", json.dumps(kwargs))
+        self.opencti.app_logger.info("Updating Task", {"data": json.dumps(kwargs)})
         id = kwargs.get("id", None)
         input = kwargs.get("input", None)
         if id is not None and input is not None:
@@ -520,8 +515,8 @@ class Task:
                 result["data"]["taskFieldPatch"]
             )
         else:
-            self.opencti.log(
-                "error", "[opencti_Task] Missing parameters: id and key and value"
+            self.opencti.app_logger.error(
+                "[opencti_Task] Missing parameters: id and key and value"
             )
             return None
 
@@ -539,13 +534,12 @@ class Task:
             "stixObjectOrStixRelationshipId", None
         )
         if id is not None and stix_object_or_stix_relationship_id is not None:
-            self.opencti.log(
-                "info",
-                "Adding StixObjectOrStixRelationship {"
-                + stix_object_or_stix_relationship_id
-                + "} to Task {"
-                + id
-                + "}",
+            self.opencti.app_logger.info(
+                "Adding StixObjectOrStixRelationship in Task",
+                {
+                    "stix_object_or_stix_relationship_id": stix_object_or_stix_relationship_id,
+                    "id": id,
+                },
             )
             query = """
                mutation taskEditRelationAdd($id: ID!, $input: StixMetaRelationshipAddInput) {
@@ -566,8 +560,7 @@ class Task:
             )
             return True
         else:
-            self.opencti.log(
-                "error",
+            self.opencti.app_logger.error(
                 "[opencti_task] Missing parameters: id and stixObjectOrStixRelationshipId",
             )
             return False
@@ -586,13 +579,12 @@ class Task:
             "stixObjectOrStixRelationshipId", None
         )
         if id is not None and stix_object_or_stix_relationship_id is not None:
-            self.opencti.log(
-                "info",
-                "Removing StixObjectOrStixRelationship {"
-                + stix_object_or_stix_relationship_id
-                + "} to Task {"
-                + id
-                + "}",
+            self.opencti.app_logger.info(
+                "Removing StixObjectOrStixRelationship in Task",
+                {
+                    "stix_object_or_stix_relationship_id": stix_object_or_stix_relationship_id,
+                    "id": id,
+                },
             )
             query = """
                mutation taskEditRelationDelete($id: ID!, $toId: StixRef!, $relationship_type: String!) {
@@ -611,8 +603,7 @@ class Task:
             )
             return True
         else:
-            self.opencti.log(
-                "error",
+            self.opencti.app_logger.error(
                 "[opencti_task] Missing parameters: id and stixObjectOrStixRelationshipId",
             )
             return False
@@ -681,12 +672,14 @@ class Task:
                 update=update,
             )
         else:
-            self.opencti.log("error", "[opencti_task] Missing parameters: stixObject")
+            self.opencti.app_logger.error(
+                "[opencti_task] Missing parameters: stixObject"
+            )
 
     def delete(self, **kwargs):
         id = kwargs.get("id", None)
         if id is not None:
-            LOGGER.info("Deleting Task {%s}.", id)
+            self.opencti.app_logger.info("Deleting Task", {"id": id})
             query = """
                  mutation TaskDelete($id: ID!) {
                      taskDelete(id: $id)
@@ -694,5 +687,5 @@ class Task:
              """
             self.opencti.query(query, {"id": id})
         else:
-            LOGGER.error("[opencti_task] Missing parameters: id")
+            self.opencti.app_logger.error("[opencti_task] Missing parameters: id")
             return None

pycti/entities/opencti_threat_actor.py

@@ -6,7 +6,6 @@ from typing import Union
 
 from stix2.canonicalization.Canonicalize import canonicalize
 
-from pycti.entities import LOGGER
 from pycti.entities.opencti_threat_actor_group import ThreatActorGroup
 from pycti.entities.opencti_threat_actor_individual import ThreatActorIndividual
 
@@ -185,7 +184,9 @@ class ThreatActor:
         if get_all:
             first = 500
 
-        LOGGER.info("Listing Threat-Actors with filters %s.", json.dumps(filters))
+        self.opencti.app_logger.info(
+            "Listing Threat-Actors with filters", {"filters": json.dumps(filters)}
+        )
         query = (
             """
                 query ThreatActors($filters: FilterGroup, $search: String, $first: Int, $after: ID, $orderBy: ThreatActorsOrdering, $orderMode: OrderingMode) {
@@ -241,7 +242,7 @@ class ThreatActor:
         filters = kwargs.get("filters", None)
         custom_attributes = kwargs.get("customAttributes", None)
         if id is not None:
-            LOGGER.info("Reading Threat-Actor {%s}.", id)
+            self.opencti.app_logger.info("Reading Threat-Actor", {"id": id})
             query = (
                 """
                     query ThreatActor($id: String!) {
@@ -266,7 +267,9 @@ class ThreatActor:
             else:
                 return None
         else:
-            LOGGER.error("[opencti_threat_actor] Missing parameters: id or filters")
+            self.opencti.app_logger.error(
+                "[opencti_threat_actor] Missing parameters: id or filters"
+            )
             return None
 
     @DeprecationWarning

pycti/entities/opencti_threat_actor_group.py

@@ -6,8 +6,6 @@ from typing import Union
 
 from stix2.canonicalization.Canonicalize import canonicalize
 
-from pycti.entities import LOGGER
-
 
 class ThreatActorGroup:
     """Main ThreatActorGroup class for OpenCTI
@@ -182,7 +180,9 @@ class ThreatActorGroup:
         if get_all:
             first = 500
 
-        LOGGER.info("Listing Threat-Actors-Group with filters %s.", json.dumps(filters))
+        self.opencti.app_logger.info(
+            "Listing Threat-Actors-Group with filters", {"filters": json.dumps(filters)}
+        )
         query = (
             """
             query ThreatActorsGroup($filters: FilterGroup, $search: String, $first: Int, $after: ID, $orderBy: ThreatActorsOrdering, $orderMode: OrderingMode) {
@@ -238,7 +238,7 @@ class ThreatActorGroup:
         filters = kwargs.get("filters", None)
         custom_attributes = kwargs.get("customAttributes", None)
         if id is not None:
-            LOGGER.info("Reading Threat-Actor-Group {%s}.", id)
+            self.opencti.app_logger.info("Reading Threat-Actor-Group", {"id": id})
             query = (
                 """
                 query ThreatActorGroup($id: String!) {
@@ -265,7 +265,7 @@ class ThreatActorGroup:
             else:
                 return None
         else:
-            LOGGER.error(
+            self.opencti.app_logger.error(
                 "[opencti_threat_actor_group] Missing parameters: id or filters"
             )
             return None
@@ -334,7 +334,7 @@ class ThreatActorGroup:
         update = kwargs.get("update", False)
 
         if name is not None:
-            LOGGER.info("Creating Threat-Actor-Group {%s}.", name)
+            self.opencti.app_logger.info("Creating Threat-Actor-Group", {"name": name})
             query = """
                 mutation ThreatActorGroupAdd($input: ThreatActorGroupAddInput!) {
                     threatActorGroupAdd(input: $input) {
@@ -381,7 +381,7 @@ class ThreatActorGroup:
                 result["data"]["threatActorGroupAdd"]
             )
         else:
-            LOGGER.error(
+            self.opencti.app_logger.error(
                 "[opencti_threat_actor_group] Missing parameters: name and description"
             )
 
@@ -469,4 +469,6 @@ class ThreatActorGroup:
                 update=update,
             )
         else:
-            LOGGER.error("[opencti_threat_actor_group] Missing parameters: stixObject")
+            self.opencti.app_logger.error(
+                "[opencti_threat_actor_group] Missing parameters: stixObject"
+            )

pycti/entities/opencti_threat_actor_individual.py

@@ -6,8 +6,6 @@ from typing import Union
 
 from stix2.canonicalization.Canonicalize import canonicalize
 
-from pycti.entities import LOGGER
-
 
 class ThreatActorIndividual:
     """Main ThreatActorIndividual class for OpenCTI
@@ -182,8 +180,9 @@ class ThreatActorIndividual:
         if get_all:
             first = 500
 
-        LOGGER.info(
-            "Listing Threat-Actors-Individual with filters %s.", json.dumps(filters)
+        self.opencti.app_logger.info(
+            "Listing Threat-Actors-Individual with filters",
+            {"filters": json.dumps(filters)},
         )
         query = (
             """
@@ -240,7 +239,7 @@ class ThreatActorIndividual:
         filters = kwargs.get("filters", None)
         custom_attributes = kwargs.get("customAttributes", None)
         if id is not None:
-            LOGGER.info("Reading Threat-Actor-Individual {%s}.", id)
+            self.opencti.app_logger.info("Reading Threat-Actor-Individual", {"id": id})
             query = (
                 """
                     query ThreatActorIndividual($id: String!) {
@@ -267,7 +266,7 @@ class ThreatActorIndividual:
             else:
                 return None
         else:
-            LOGGER.error(
+            self.opencti.app_logger.error(
                 "[opencti_threat_actor_individual] Missing parameters: id or filters"
             )
             return None
@@ -336,7 +335,9 @@ class ThreatActorIndividual:
         update = kwargs.get("update", False)
 
         if name is not None:
-            LOGGER.info("Creating Threat-Actor-Individual {%s}.", name)
+            self.opencti.app_logger.info(
+                "Creating Threat-Actor-Individual", {"name": name}
+            )
             query = """
                 mutation ThreatActorIndividualAdd($input: ThreatActorIndividualAddInput!) {
                     threatActorIndividualAdd(input: $input) {
@@ -383,7 +384,7 @@ class ThreatActorIndividual:
                 result["data"]["threatActorIndividualAdd"]
             )
         else:
-            LOGGER.error(
+            self.opencti.app_logger.error(
                 "[opencti_threat_actor_individual] Missing parameters: name and description"
             )
 
@@ -471,6 +472,6 @@ class ThreatActorIndividual:
                 update=update,
             )
         else:
-            LOGGER.error(
+            self.opencti.app_logger.error(
                 "[opencti_threat_actor_individual] Missing parameters: stixObject"
             )

pycti/entities/opencti_tool.py

@@ -5,8 +5,6 @@ import uuid
 
 from stix2.canonicalization.Canonicalize import canonicalize
 
-from pycti.entities import LOGGER
-
 
 class Tool:
     def __init__(self, opencti):
@@ -175,7 +173,9 @@ class Tool:
         if get_all:
             first = 100
 
-        LOGGER.info("Listing Tools with filters %s.", json.dumps(filters))
+        self.opencti.app_logger.info(
+            "Listing Tools with filters", {"filters": json.dumps(filters)}
+        )
         query = (
             """
             query Tools($filters: FilterGroup, $search: String, $first: Int, $after: ID, $orderBy: ToolsOrdering, $orderMode: OrderingMode) {
@@ -215,7 +215,7 @@ class Tool:
             final_data = final_data + data
             while result["data"]["tools"]["pageInfo"]["hasNextPage"]:
                 after = result["data"]["tools"]["pageInfo"]["endCursor"]
-                LOGGER.info("Listing Tools after " + after)
+                self.opencti.app_logger.info("Listing Tools", {"after": after})
                 result = self.opencti.query(
                     query,
                     {
@@ -248,7 +248,7 @@ class Tool:
         filters = kwargs.get("filters", None)
         custom_attributes = kwargs.get("customAttributes", None)
         if id is not None:
-            LOGGER.info("Reading Tool {%s}.", id)
+            self.opencti.app_logger.info("Reading Tool", {"id": id})
             query = (
                 """
                 query Tool($id: String!) {
@@ -273,7 +273,9 @@ class Tool:
             else:
                 return None
         else:
-            LOGGER.error("[opencti_tool] Missing parameters: id or filters")
+            self.opencti.app_logger.error(
+                "[opencti_tool] Missing parameters: id or filters"
+            )
             return None
 
     """
@@ -305,7 +307,7 @@ class Tool:
         update = kwargs.get("update", False)
 
         if name is not None:
-            LOGGER.info("Creating Tool {%s}.", name)
+            self.opencti.app_logger.info("Creating Tool", {"name": name})
             query = """
                 mutation ToolAdd($input: ToolAddInput!) {
                     toolAdd(input: $input) {
@@ -344,7 +346,9 @@ class Tool:
             )
             return self.opencti.process_multiple_fields(result["data"]["toolAdd"])
         else:
-            LOGGER.error("[opencti_tool] Missing parameters: name and description")
+            self.opencti.app_logger.error(
+                "[opencti_tool] Missing parameters: name and description"
+            )
 
     """
         Import an Tool object from a STIX2 object
@@ -414,4 +418,6 @@ class Tool:
                 update=update,
             )
         else:
-            LOGGER.error("[opencti_tool] Missing parameters: stixObject")
+            self.opencti.app_logger.error(
+                "[opencti_tool] Missing parameters: stixObject"
+            )

pycti/entities/opencti_vocabulary.py

@@ -17,8 +17,8 @@ class Vocabulary:
 
     def list(self, **kwargs):
         filters = kwargs.get("filters", None)
-        self.opencti.log(
-            "info", "Listing Vocabularies with filters " + json.dumps(filters) + "."
+        self.opencti.app_logger.info(
+            "Listing Vocabularies with filters", {"filters": json.dumps(filters)}
         )
         query = (
             """
@@ -47,7 +47,7 @@ class Vocabulary:
         id = kwargs.get("id", None)
         filters = kwargs.get("filters", None)
         if id is not None:
-            self.opencti.log("info", "Reading vocabulary {" + id + "}.")
+            self.opencti.app_logger.info("Reading vocabulary", {"id": id})
             query = (
                 """
                         query Vocabulary($id: String!) {
@@ -68,8 +68,8 @@ class Vocabulary:
             else:
                 return None
         else:
-            self.opencti.log(
-                "error", "[opencti_vocabulary] Missing parameters: id or filters"
+            self.opencti.app_logger.error(
+                "[opencti_vocabulary] Missing parameters: id or filters"
             )
             return None
 
@@ -98,8 +98,8 @@ class Vocabulary:
         update = kwargs.get("update", False)
 
         if name is not None and category is not None:
-            self.opencti.log(
-                "info", "Creating or Getting aliased Vocabulary {" + name + "}."
+            self.opencti.app_logger.info(
+                "Creating or Getting aliased Vocabulary", {"name": name}
             )
             query = (
                 """
@@ -130,8 +130,7 @@ class Vocabulary:
             )
             return result["data"]["vocabularyAdd"]
         else:
-            self.opencti.log(
-                "error",
+            self.opencti.app_logger.error(
                 "[opencti_vocabulary] Missing parameters: name or category",
             )
 
@@ -155,7 +154,7 @@ class Vocabulary:
         id = kwargs.get("id", None)
         input = kwargs.get("input", None)
         if id is not None and input is not None:
-            self.opencti.log("info", "Updating Vocabulary {" + id + "}.")
+            self.opencti.app_logger.info("Updating Vocabulary", {"id": id})
             query = """
                         mutation VocabularyEdit($id: ID!, $input: [EditInput!]!) {
                             vocabularyFieldPatch(id: $id, input: $input) { 
@@ -176,8 +175,7 @@ class Vocabulary:
                 result["data"]["vocabularyFieldPatch"]
             )
         else:
-            self.opencti.log(
-                "error",
-                "[opencti_vocabulary] Missing parameters: id and key and value",
+            self.opencti.app_logger.error(
+                "[opencti_vocabulary] Missing parameters: id and key and value"
             )
             return None

pycti/entities/opencti_vulnerability.py

@@ -5,8 +5,6 @@ import uuid
 
 from stix2.canonicalization.Canonicalize import canonicalize
 
-from pycti.entities import LOGGER
-
 
 class Vulnerability:
     def __init__(self, opencti):
@@ -165,7 +163,9 @@ class Vulnerability:
         if get_all:
             first = 100
 
-        LOGGER.info("Listing Vulnerabilities with filters %s.", json.dumps(filters))
+        self.opencti.app_logger.info(
+            "Listing Vulnerabilities with filters", {"filters": json.dumps(filters)}
+        )
         query = (
             """
             query Vulnerabilities($filters: FilterGroup, $search: String, $first: Int, $after: ID, $orderBy: VulnerabilitiesOrdering, $orderMode: OrderingMode) {
@@ -206,7 +206,9 @@ class Vulnerability:
             final_data = final_data + data
             while result["data"]["vulnerabilities"]["pageInfo"]["hasNextPage"]:
                 after = result["data"]["vulnerabilities"]["pageInfo"]["endCursor"]
-                LOGGER.info("Listing Vulnerabilities after " + after)
+                self.opencti.app_logger.info(
+                    "Listing Vulnerabilities", {"after": after}
+                )
                 result = self.opencti.query(
                     query,
                     {
@@ -239,7 +241,7 @@ class Vulnerability:
         filters = kwargs.get("filters", None)
         custom_attributes = kwargs.get("customAttributes", None)
         if id is not None:
-            LOGGER.info("Reading Vulnerability {%s}.", id)
+            self.opencti.app_logger.info("Reading Vulnerability", {"id": id})
             query = (
                 """
                 query Vulnerability($id: String!) {
@@ -264,7 +266,9 @@ class Vulnerability:
             else:
                 return None
         else:
-            LOGGER.error("[opencti_tool] Missing parameters: id or filters")
+            self.opencti.app_logger.error(
+                "[opencti_tool] Missing parameters: id or filters"
+            )
             return None
 
     """
@@ -303,7 +307,7 @@ class Vulnerability:
         update = kwargs.get("update", False)
 
         if name is not None:
-            LOGGER.info("Creating Vulnerability {%s}.", name)
+            self.opencti.app_logger.info("Creating Vulnerability", {"name": name})
             query = """
                 mutation VulnerabilityAdd($input: VulnerabilityAddInput!) {
                     vulnerabilityAdd(input: $input) {
@@ -347,7 +351,7 @@ class Vulnerability:
                 result["data"]["vulnerabilityAdd"]
             )
         else:
-            LOGGER.error(
+            self.opencti.app_logger.error(
                 "[opencti_vulnerability] Missing parameters: name and description"
             )
 
@@ -471,4 +475,6 @@ class Vulnerability:
                 update=update,
             )
         else:
-            LOGGER.error("[opencti_vulnerability] Missing parameters: stixObject")
+            self.opencti.app_logger.error(
+                "[opencti_vulnerability] Missing parameters: stixObject"
+            )

pycti/utils/opencti_logger.py

@@ -0,0 +1,64 @@
+import datetime
+import logging
+
+from pythonjsonlogger import jsonlogger
+
+
+class CustomJsonFormatter(jsonlogger.JsonFormatter):
+    def add_fields(self, log_record, record, message_dict):
+        super(CustomJsonFormatter, self).add_fields(log_record, record, message_dict)
+        if not log_record.get("timestamp"):
+            # This doesn't use record.created, so it is slightly off
+            now = datetime.datetime.utcnow().strftime("%Y-%m-%dT%H:%M:%S.%fZ")
+            log_record["timestamp"] = now
+        if log_record.get("level"):
+            log_record["level"] = log_record["level"].upper()
+        else:
+            log_record["level"] = record.levelname
+
+
+def logger(level, json_logging=True):
+    # Exceptions
+    logging.getLogger("urllib3").setLevel(logging.WARNING)
+    logging.getLogger("pika").setLevel(logging.ERROR)
+    # Exceptions
+    if json_logging:
+        log_handler = logging.StreamHandler()
+        log_handler.setLevel(level)
+        formatter = CustomJsonFormatter("%(timestamp)s %(level)s %(name)s %(message)s")
+        log_handler.setFormatter(formatter)
+        logging.basicConfig(handlers=[log_handler], level=level, force=True)
+    else:
+        logging.basicConfig(level=level)
+
+    class AppLogger:
+        def __init__(self, name):
+            self.local_logger = logging.getLogger(name)
+
+        @staticmethod
+        def prepare_meta(meta=None):
+            return None if meta is None else {"attributes": meta}
+
+        @staticmethod
+        def setup_logger_level(lib, log_level):
+            logging.getLogger(lib).setLevel(log_level)
+
+        def debug(self, message, meta=None):
+            self.local_logger.debug(message, extra=AppLogger.prepare_meta(meta))
+
+        def info(self, message, meta=None):
+            self.local_logger.info(message, extra=AppLogger.prepare_meta(meta))
+
+        def warning(self, message, meta=None):
+            self.local_logger.warning(message, extra=AppLogger.prepare_meta(meta))
+
+        def error(self, message, meta=None):
+            # noinspection PyTypeChecker
+            self.local_logger.error(
+                message, exc_info=1, extra=AppLogger.prepare_meta(meta)
+            )
+
+    return AppLogger
+
+
+test_logger = logger("INFO")("test")