pycti 5.12.20__tar.gz → 5.12.21__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of pycti might be problematic. Click here for more details.
- {pycti-5.12.20 → pycti-5.12.21}/PKG-INFO +1 -1
- {pycti-5.12.20 → pycti-5.12.21}/pycti/__init__.py +1 -1
- {pycti-5.12.20 → pycti-5.12.21}/pycti/connector/opencti_connector_helper.py +34 -16
- {pycti-5.12.20 → pycti-5.12.21}/pycti/utils/opencti_logger.py +0 -3
- {pycti-5.12.20 → pycti-5.12.21}/pycti.egg-info/PKG-INFO +1 -1
- {pycti-5.12.20 → pycti-5.12.21}/LICENSE +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/README.md +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/api/__init__.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/api/opencti_api_client.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/api/opencti_api_connector.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/api/opencti_api_playbook.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/api/opencti_api_work.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/connector/__init__.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/connector/opencti_connector.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/connector/opencti_metric_handler.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/__init__.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_attack_pattern.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_campaign.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_case_incident.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_case_rfi.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_case_rft.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_channel.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_course_of_action.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_data_component.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_data_source.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_event.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_external_reference.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_feedback.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_grouping.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_identity.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_incident.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_indicator.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_infrastructure.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_intrusion_set.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_kill_chain_phase.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_label.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_language.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_location.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_malware.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_malware_analysis.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_marking_definition.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_narrative.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_note.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_observed_data.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_opinion.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_report.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_stix.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_stix_core_object.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_stix_core_relationship.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_stix_cyber_observable.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_stix_domain_object.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_stix_nested_ref_relationship.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_stix_object_or_stix_relationship.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_stix_sighting_relationship.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_task.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_threat_actor.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_threat_actor_group.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_threat_actor_individual.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_tool.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_vocabulary.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/entities/opencti_vulnerability.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/utils/__init__.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/utils/constants.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/utils/opencti_stix2.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/utils/opencti_stix2_splitter.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/utils/opencti_stix2_update.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti/utils/opencti_stix2_utils.py +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti.egg-info/SOURCES.txt +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti.egg-info/dependency_links.txt +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti.egg-info/requires.txt +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pycti.egg-info/top_level.txt +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/pyproject.toml +0 -0
- {pycti-5.12.20 → pycti-5.12.21}/setup.cfg +0 -0
|
@@ -11,7 +11,6 @@ import sys
|
|
|
11
11
|
import tempfile
|
|
12
12
|
import threading
|
|
13
13
|
import time
|
|
14
|
-
import traceback
|
|
15
14
|
import uuid
|
|
16
15
|
from queue import Queue
|
|
17
16
|
from typing import Callable, Dict, List, Optional, Union
|
|
@@ -30,7 +29,6 @@ FALSY: List[str] = ["no", "false", "False"]
|
|
|
30
29
|
|
|
31
30
|
|
|
32
31
|
def killProgramHook(etype, value, tb):
|
|
33
|
-
traceback.print_exception(etype, value, tb)
|
|
34
32
|
os.kill(os.getpid(), signal.SIGTERM)
|
|
35
33
|
|
|
36
34
|
|
|
@@ -290,8 +288,10 @@ class ListenQueue(threading.Thread):
|
|
|
290
288
|
)
|
|
291
289
|
|
|
292
290
|
def run(self) -> None:
|
|
291
|
+
self.helper.connector_logger.info("Starting ListenQueue thread")
|
|
293
292
|
while not self.exit_event.is_set():
|
|
294
293
|
try:
|
|
294
|
+
self.helper.connector_logger.info("ListenQueue connecting to rabbitMq.")
|
|
295
295
|
# Connect the broker
|
|
296
296
|
self.pika_credentials = pika.PlainCredentials(self.user, self.password)
|
|
297
297
|
self.pika_parameters = pika.ConnectionParameters(
|
|
@@ -308,28 +308,32 @@ class ListenQueue(threading.Thread):
|
|
|
308
308
|
self.pika_connection = pika.BlockingConnection(self.pika_parameters)
|
|
309
309
|
self.channel = self.pika_connection.channel()
|
|
310
310
|
try:
|
|
311
|
+
# confirm_delivery is only for cluster mode rabbitMQ
|
|
312
|
+
# when not in cluster mode this line raise an exception
|
|
311
313
|
self.channel.confirm_delivery()
|
|
312
314
|
except Exception as err: # pylint: disable=broad-except
|
|
313
|
-
self.helper.connector_logger.
|
|
315
|
+
self.helper.connector_logger.debug(str(err))
|
|
314
316
|
self.channel.basic_qos(prefetch_count=1)
|
|
315
317
|
assert self.channel is not None
|
|
316
318
|
self.channel.basic_consume(
|
|
317
319
|
queue=self.queue_name, on_message_callback=self._process_message
|
|
318
320
|
)
|
|
319
321
|
self.channel.start_consuming()
|
|
320
|
-
except (KeyboardInterrupt, SystemExit):
|
|
321
|
-
self.channel.stop_consuming()
|
|
322
|
-
self.pika_connection.close()
|
|
323
|
-
self.helper.connector_logger.info("Connector stop")
|
|
324
|
-
sys.exit(0)
|
|
325
322
|
except Exception as err: # pylint: disable=broad-except
|
|
326
|
-
|
|
323
|
+
try:
|
|
324
|
+
self.pika_connection.close()
|
|
325
|
+
except Exception as errInException:
|
|
326
|
+
self.helper.connector_logger.debug(
|
|
327
|
+
type(errInException).__name__, {"reason": str(errInException)}
|
|
328
|
+
)
|
|
327
329
|
self.helper.connector_logger.error(
|
|
328
330
|
type(err).__name__, {"reason": str(err)}
|
|
329
331
|
)
|
|
330
|
-
|
|
332
|
+
# Wait some time and then retry ListenQueue again.
|
|
333
|
+
time.sleep(10)
|
|
331
334
|
|
|
332
335
|
def stop(self):
|
|
336
|
+
self.helper.connector_logger.info("Preparing ListenQueue for clean shutdown")
|
|
333
337
|
self.exit_event.set()
|
|
334
338
|
self.pika_connection.close()
|
|
335
339
|
if self.thread:
|
|
@@ -353,6 +357,7 @@ class PingAlive(threading.Thread):
|
|
|
353
357
|
def ping(self) -> None:
|
|
354
358
|
while not self.exit_event.is_set():
|
|
355
359
|
try:
|
|
360
|
+
self.connector_logger.debug("PingAlive running.")
|
|
356
361
|
initial_state = self.get_state()
|
|
357
362
|
result = self.api.connector.ping(self.connector_id, initial_state)
|
|
358
363
|
remote_state = (
|
|
@@ -378,11 +383,11 @@ class PingAlive(threading.Thread):
|
|
|
378
383
|
self.exit_event.wait(40)
|
|
379
384
|
|
|
380
385
|
def run(self) -> None:
|
|
381
|
-
self.connector_logger.info("Starting
|
|
386
|
+
self.connector_logger.info("Starting PingAlive thread")
|
|
382
387
|
self.ping()
|
|
383
388
|
|
|
384
389
|
def stop(self) -> None:
|
|
385
|
-
self.connector_logger.info("Preparing for clean shutdown")
|
|
390
|
+
self.connector_logger.info("Preparing PingAlive for clean shutdown")
|
|
386
391
|
self.exit_event.set()
|
|
387
392
|
|
|
388
393
|
|
|
@@ -395,10 +400,11 @@ class StreamAlive(threading.Thread):
|
|
|
395
400
|
|
|
396
401
|
def run(self) -> None:
|
|
397
402
|
try:
|
|
398
|
-
self.helper.connector_logger.info("Starting
|
|
403
|
+
self.helper.connector_logger.info("Starting StreamAlive thread")
|
|
399
404
|
time_since_last_heartbeat = 0
|
|
400
405
|
while not self.exit_event.is_set():
|
|
401
406
|
time.sleep(5)
|
|
407
|
+
self.helper.connector_logger.debug("StreamAlive running")
|
|
402
408
|
try:
|
|
403
409
|
self.q.get(block=False)
|
|
404
410
|
time_since_last_heartbeat = 0
|
|
@@ -409,12 +415,18 @@ class StreamAlive(threading.Thread):
|
|
|
409
415
|
"Time since last heartbeat exceeded 45s, stopping the connector"
|
|
410
416
|
)
|
|
411
417
|
break
|
|
418
|
+
self.helper.connector_logger.info(
|
|
419
|
+
"Exit event in StreamAlive loop, stopping process."
|
|
420
|
+
)
|
|
412
421
|
sys.excepthook(*sys.exc_info())
|
|
413
|
-
except:
|
|
422
|
+
except Exception as ex:
|
|
423
|
+
self.helper.connector_logger.error(
|
|
424
|
+
"Error in StreamAlive loop, stopping process.", {"reason": str(ex)}
|
|
425
|
+
)
|
|
414
426
|
sys.excepthook(*sys.exc_info())
|
|
415
427
|
|
|
416
428
|
def stop(self) -> None:
|
|
417
|
-
self.helper.connector_logger.info("Preparing for clean shutdown")
|
|
429
|
+
self.helper.connector_logger.info("Preparing StreamAlive for clean shutdown")
|
|
418
430
|
self.exit_event.set()
|
|
419
431
|
|
|
420
432
|
|
|
@@ -449,6 +461,7 @@ class ListenStream(threading.Thread):
|
|
|
449
461
|
|
|
450
462
|
def run(self) -> None: # pylint: disable=too-many-branches
|
|
451
463
|
try:
|
|
464
|
+
self.helper.connector_logger.info("Starting ListenStream thread")
|
|
452
465
|
current_state = self.helper.get_state()
|
|
453
466
|
start_from = self.start_timestamp
|
|
454
467
|
recover_until = self.recover_iso_date
|
|
@@ -545,10 +558,14 @@ class ListenStream(threading.Thread):
|
|
|
545
558
|
self.exit = True
|
|
546
559
|
state["start_from"] = str(msg.id)
|
|
547
560
|
self.helper.set_state(state)
|
|
548
|
-
except:
|
|
561
|
+
except Exception as ex:
|
|
562
|
+
self.helper.connector_logger.error(
|
|
563
|
+
"Error in ListenStream loop, exit.", {"reason": str(ex)}
|
|
564
|
+
)
|
|
549
565
|
sys.excepthook(*sys.exc_info())
|
|
550
566
|
|
|
551
567
|
def stop(self):
|
|
568
|
+
self.helper.connector_logger.info("Preparing ListenStream for clean shutdown")
|
|
552
569
|
self.exit_event.set()
|
|
553
570
|
|
|
554
571
|
|
|
@@ -735,6 +752,7 @@ class OpenCTIConnectorHelper: # pylint: disable=too-many-public-methods
|
|
|
735
752
|
self.listen_queue = None
|
|
736
753
|
|
|
737
754
|
def stop(self) -> None:
|
|
755
|
+
self.connector_logger.info("Preparing connector for clean shutdown")
|
|
738
756
|
if self.listen_queue:
|
|
739
757
|
self.listen_queue.stop()
|
|
740
758
|
# if self.listen_stream:
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|