Skip to content

Commit

Permalink
[GreyNoise] 2.0.0 release (#2981)
Browse files Browse the repository at this point in the history
* [GreyNoise] Updates + New Actions + New Trigger (#2916)

* update spec

* updates

* validation fixes

* updates

* updates

* formatting

* clean up

* add vuln action

* add timeline lookup

* add similar_lookup

* help sum

* add trigger

* trigger fixes

* trigger fixes

* linting

* updates

* updates

* unit tests and fixes

* fix trigger output

* fix trigger

* review feedback

* update all action outputs

* fix typos

* update examples

* example updates

* GreyNoise 2.0.0 fixes (#2982)

* Fix SCA, PluginValidator, update unit test imports

* Remove forgotten breakpoint

* Greynoise unit test fix (#2983)

* Fix unit tests

* Update SDK

* Fix final unit test

* Last unit tests fix hopefully

* Cloud eenable greynoise (#2986)

---------

Co-authored-by: Brad Chiappetta <[email protected]>
  • Loading branch information
cmcnally-r7 and bradchiappetta authored Dec 12, 2024
1 parent 097eb8c commit aef4235
Show file tree
Hide file tree
Showing 66 changed files with 4,182 additions and 696 deletions.
36 changes: 26 additions & 10 deletions plugins/greynoise/.CHECKSUM
Original file line number Diff line number Diff line change
@@ -1,35 +1,51 @@
{
"spec": "21e4aba5536e29ebde5b6b0d33c7d1f1",
"manifest": "0fbfe5119cf508fcbf30641105ae188d",
"setup": "71be7f1ce465bc3700098c8ea7a8bb13",
"spec": "663d04017fe9a605df63fd8584a4beb4",
"manifest": "9d3f4a959fda3eb80588c86648597b40",
"setup": "7d0148b4efc7745f17003a77e9e73c55",
"schemas": [
{
"identifier": "community_lookup/schema.py",
"hash": "c11ee6039e822efc804b17753c6fbbe1"
"hash": "37abd579045b68430ce584170968a270"
},
{
"identifier": "context_lookup/schema.py",
"hash": "27aed1cfd2a85f49bc317dce7d19aae4"
"hash": "df5822cc975eef45019e516ddb00d1e7"
},
{
"identifier": "get_tag_details/schema.py",
"hash": "9823f81c29046f34aa441ed58db094fb"
"hash": "805cc2db6612fc9b0ee438bbb58b231c"
},
{
"identifier": "gnql_query/schema.py",
"hash": "65c08f73e888728d2f812254efd3c15d"
"hash": "4c9874ce15384fdfafab25591d39d900"
},
{
"identifier": "quick_lookup/schema.py",
"hash": "0e7fc3a38329b5137a280b87982619b8"
"hash": "a0b8045428133eca9d2ac6cc2ffe4a7a"
},
{
"identifier": "riot_lookup/schema.py",
"hash": "9e8d337328f1cc2c1900d25932e8ffa5"
"hash": "0ee1bf7d6db7ee88dfd7f105bfb50ea6"
},
{
"identifier": "similar_lookup/schema.py",
"hash": "f8c96c19c59fd30ef806bf36c47bad7b"
},
{
"identifier": "timeline_lookup/schema.py",
"hash": "71963f3bf33ac17d5a46c2b017f8e9a8"
},
{
"identifier": "vulnerability_lookup/schema.py",
"hash": "d2e8b45236448f806ce8aa4eadeec367"
},
{
"identifier": "connection/schema.py",
"hash": "f7e83e2e638bbb1f4a198c8ee93a7e05"
"hash": "f7a3e43e3b17d8e2059b6499b67e7e5a"
},
{
"identifier": "monitor_ips_in_greynoise/schema.py",
"hash": "bb05b2a9d9ef8add550c7149ddf7c2d2"
}
]
}
20 changes: 7 additions & 13 deletions plugins/greynoise/Dockerfile
Original file line number Diff line number Diff line change
@@ -1,26 +1,20 @@
FROM rapid7/insightconnect-python-3-38-slim-plugin:4
# Refer to the following documentation for available SDK parent images: https://komand.github.io/python/sdk.html#version
FROM --platform=linux/amd64 rapid7/insightconnect-python-3-slim-plugin:6.2.2

LABEL organization=rapid7
LABEL organization=greynoise
LABEL sdk=python

# Add any custom package dependencies here
# NOTE: Add pip packages to requirements.txt

# End package dependencies

# Add source code
WORKDIR /python/src

ADD ./plugin.spec.yaml /plugin.spec.yaml
ADD . /python/src
ADD ./requirements.txt /python/src/requirements.txt

# Install pip dependencies
RUN if [ -f requirements.txt ]; then pip install -r requirements.txt; fi

# Install plugin
ADD . /python/src

RUN python setup.py build && python setup.py install

# User to run plugin code. The two supported users are: root, nobody
USER nobody

ENTRYPOINT ["/usr/local/bin/icon_greynoise"]
ENTRYPOINT ["/usr/local/bin/icon_greynoise"]
32 changes: 20 additions & 12 deletions plugins/greynoise/bin/icon_greynoise
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
#!/usr/bin/env python
# GENERATED BY KOMAND SDK - DO NOT EDIT
# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT
import os
import json
from sys import argv

Name = "GreyNoise"
Vendor = "greynoise"
Version = "1.0.0"
Version = "2.0.0"
Description = "GreyNoise helps analysts recognize events not worth their attention. Indicators in GreyNoise are likely associated with opportunistic internet scanning or common business services, not targeted threats. This context helps analysts focus on what matters most"


Expand All @@ -23,7 +23,7 @@ def main():
monkey.patch_all()

import insightconnect_plugin_runtime
from icon_greynoise import connection, actions, triggers
from icon_greynoise import connection, actions, triggers, tasks

class ICONGreynoise(insightconnect_plugin_runtime.Plugin):
def __init__(self):
Expand All @@ -34,18 +34,26 @@ def main():
description=Description,
connection=connection.Connection()
)
self.add_action(actions.CommunityLookup())

self.add_trigger(triggers.MonitorIpsInGreynoise())
self.add_action(actions.ContextLookup())


self.add_action(actions.RiotLookup())

self.add_action(actions.QuickLookup())

self.add_action(actions.GetTagDetails())

self.add_action(actions.GnqlQuery())

self.add_action(actions.QuickLookup())

self.add_action(actions.RiotLookup())


self.add_action(actions.CommunityLookup())

self.add_action(actions.VulnerabilityLookup())

self.add_action(actions.TimelineLookup())

self.add_action(actions.SimilarLookup())


"""Run plugin"""
cli = insightconnect_plugin_runtime.CLI(ICONGreynoise())
Expand Down
Loading

0 comments on commit aef4235

Please sign in to comment.