Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[GreyNoise] 2.0.0 release #2981

Merged
merged 4 commits into from
Dec 12, 2024
Merged

[GreyNoise] 2.0.0 release #2981

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
9575142
[GreyNoise] Updates + New Actions + New Trigger (#2916)
bradchiappetta Nov 26, 2024
3143853
GreyNoise 2.0.0 fixes (#2982)
cmcnally-r7 Dec 3, 2024
7857800
Greynoise unit test fix (#2983)
cmcnally-r7 Dec 4, 2024
c52150a
Cloud eenable greynoise (#2986)
cmcnally-r7 Dec 6, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
36 changes: 26 additions & 10 deletions plugins/greynoise/.CHECKSUM
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,35 +1,51 @@
{
"spec": "21e4aba5536e29ebde5b6b0d33c7d1f1",
"manifest": "0fbfe5119cf508fcbf30641105ae188d",
"setup": "71be7f1ce465bc3700098c8ea7a8bb13",
"spec": "663d04017fe9a605df63fd8584a4beb4",
"manifest": "9d3f4a959fda3eb80588c86648597b40",
"setup": "7d0148b4efc7745f17003a77e9e73c55",
"schemas": [
{
"identifier": "community_lookup/schema.py",
"hash": "c11ee6039e822efc804b17753c6fbbe1"
"hash": "37abd579045b68430ce584170968a270"
},
{
"identifier": "context_lookup/schema.py",
"hash": "27aed1cfd2a85f49bc317dce7d19aae4"
"hash": "df5822cc975eef45019e516ddb00d1e7"
},
{
"identifier": "get_tag_details/schema.py",
"hash": "9823f81c29046f34aa441ed58db094fb"
"hash": "805cc2db6612fc9b0ee438bbb58b231c"
},
{
"identifier": "gnql_query/schema.py",
"hash": "65c08f73e888728d2f812254efd3c15d"
"hash": "4c9874ce15384fdfafab25591d39d900"
},
{
"identifier": "quick_lookup/schema.py",
"hash": "0e7fc3a38329b5137a280b87982619b8"
"hash": "a0b8045428133eca9d2ac6cc2ffe4a7a"
},
{
"identifier": "riot_lookup/schema.py",
"hash": "9e8d337328f1cc2c1900d25932e8ffa5"
"hash": "0ee1bf7d6db7ee88dfd7f105bfb50ea6"
},
{
"identifier": "similar_lookup/schema.py",
"hash": "f8c96c19c59fd30ef806bf36c47bad7b"
},
{
"identifier": "timeline_lookup/schema.py",
"hash": "71963f3bf33ac17d5a46c2b017f8e9a8"
},
{
"identifier": "vulnerability_lookup/schema.py",
"hash": "d2e8b45236448f806ce8aa4eadeec367"
},
{
"identifier": "connection/schema.py",
"hash": "f7e83e2e638bbb1f4a198c8ee93a7e05"
"hash": "f7a3e43e3b17d8e2059b6499b67e7e5a"
},
{
"identifier": "monitor_ips_in_greynoise/schema.py",
"hash": "bb05b2a9d9ef8add550c7149ddf7c2d2"
}
]
}
20 changes: 7 additions & 13 deletions plugins/greynoise/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,26 +1,20 @@
FROM rapid7/insightconnect-python-3-38-slim-plugin:4
# Refer to the following documentation for available SDK parent images: https://komand.github.io/python/sdk.html#version
FROM --platform=linux/amd64 rapid7/insightconnect-python-3-slim-plugin:6.2.2

LABEL organization=rapid7
LABEL organization=greynoise
LABEL sdk=python

# Add any custom package dependencies here
# NOTE: Add pip packages to requirements.txt

# End package dependencies

# Add source code
WORKDIR /python/src

ADD ./plugin.spec.yaml /plugin.spec.yaml
ADD . /python/src
ADD ./requirements.txt /python/src/requirements.txt

# Install pip dependencies
RUN if [ -f requirements.txt ]; then pip install -r requirements.txt; fi

# Install plugin
ADD . /python/src

RUN python setup.py build && python setup.py install

# User to run plugin code. The two supported users are: root, nobody
USER nobody

ENTRYPOINT ["/usr/local/bin/icon_greynoise"]
ENTRYPOINT ["/usr/local/bin/icon_greynoise"]
32 changes: 20 additions & 12 deletions plugins/greynoise/bin/icon_greynoise
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
#!/usr/bin/env python
# GENERATED BY KOMAND SDK - DO NOT EDIT
# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT
import os
import json
from sys import argv

Name = "GreyNoise"
Vendor = "greynoise"
Version = "1.0.0"
Version = "2.0.0"
Description = "GreyNoise helps analysts recognize events not worth their attention. Indicators in GreyNoise are likely associated with opportunistic internet scanning or common business services, not targeted threats. This context helps analysts focus on what matters most"


Expand All @@ -23,7 +23,7 @@ def main():
monkey.patch_all()

import insightconnect_plugin_runtime
from icon_greynoise import connection, actions, triggers
from icon_greynoise import connection, actions, triggers, tasks

class ICONGreynoise(insightconnect_plugin_runtime.Plugin):
def __init__(self):
Expand All @@ -34,18 +34,26 @@ def main():
description=Description,
connection=connection.Connection()
)
self.add_action(actions.CommunityLookup())

self.add_trigger(triggers.MonitorIpsInGreynoise())
self.add_action(actions.ContextLookup())


self.add_action(actions.RiotLookup())

self.add_action(actions.QuickLookup())

self.add_action(actions.GetTagDetails())

self.add_action(actions.GnqlQuery())

self.add_action(actions.QuickLookup())

self.add_action(actions.RiotLookup())


self.add_action(actions.CommunityLookup())

self.add_action(actions.VulnerabilityLookup())

self.add_action(actions.TimelineLookup())

self.add_action(actions.SimilarLookup())


"""Run plugin"""
cli = insightconnect_plugin_runtime.CLI(ICONGreynoise())
Expand Down
Loading
Loading