PLGN-394-Adding in new actions for get_user and get_asset information…

… from an rrn
rapid7 · Oct 2, 2023 · aeb0190 · aeb0190
1 parent fb774c8
commit aeb0190
Show file tree

Hide file tree

Showing 106 changed files with 3,080 additions and 4,418 deletions.
diff --git a/plugins/rapid7_insightidr/.CHECKSUM b/plugins/rapid7_insightidr/.CHECKSUM
@@ -1,127 +1,135 @@
 {
-	"spec": "00a59546714dd0dfdadebe34fc33c497",
-	"manifest": "302d243b81c96dca5eed5ccc45e203fe",
-	"setup": "b18e8bcc185031f0d8ee3db333617fca",
+	"spec": "4635353446afc9782fa7c168d63a1ddd",
+	"manifest": "d1530ac9cdf92d104c474b3e2dce3263",
+	"setup": "1496c0e48fdd7c01317ccf0922c51dfc",
 	"schemas": [
 		{
 			"identifier": "add_indicators_to_a_threat/schema.py",
-			"hash": "1a5a174485fd02bcfe5f087e9b969639"
+			"hash": "ae591f6016d3c55c7d02f6ccbff1ace5"
 		},
 		{
 			"identifier": "advanced_query_on_log/schema.py",
-			"hash": "4cdc135ed739ecf0b199d869633b4b77"
+			"hash": "f1d32e056457d19771171df670c3d57e"
 		},
 		{
 			"identifier": "advanced_query_on_log_set/schema.py",
-			"hash": "0c38ed36a16dd59c62e6248d8cdb7047"
+			"hash": "158fc26ccfcd79e2b2f5a265b92934e9"
 		},
 		{
 			"identifier": "assign_user_to_investigation/schema.py",
-			"hash": "a9fc0ac4cd44bd370e86af7f596b78d1"
+			"hash": "897fdbf236831c2c6f89bb17d52bcbdd"
 		},
 		{
 			"identifier": "close_investigations_in_bulk/schema.py",
-			"hash": "e28a786869a719ea9ca96e123903afc0"
+			"hash": "fdfa2be6b288946da16195be133dee65"
 		},
 		{
 			"identifier": "create_comment/schema.py",
-			"hash": "9cbdfb584a334772150f9004be9a43a7"
+			"hash": "e389b165e4c6333780dc8840b469e9bd"
 		},
 		{
 			"identifier": "create_investigation/schema.py",
-			"hash": "977a2845d11ea53ba0ff72c8abab49c7"
+			"hash": "be4b78148ee3b220883103c2a230443e"
 		},
 		{
 			"identifier": "create_threat/schema.py",
-			"hash": "99b153b82f67160e3b61b4ee550910f5"
+			"hash": "58e3b6ac539fa2e475e9ef363e436c04"
 		},
 		{
 			"identifier": "delete_attachment/schema.py",
-			"hash": "678c10ef18b02f8a11f06c434107f4d3"
+			"hash": "c5f5cb7950e7eec86b624e52834ea797"
 		},
 		{
 			"identifier": "delete_comment/schema.py",
-			"hash": "7cfe4047114ef4337650b701936b8765"
+			"hash": "2587c40fc9f8ffd98fb393f58c95e4e9"
 		},
 		{
 			"identifier": "download_attachment/schema.py",
-			"hash": "d080fb76788bdeb4daf3c577f5b9aa31"
+			"hash": "25f2e3f0e0857dc56be6d2b9cc3fe4aa"
 		},
 		{
 			"identifier": "get_a_log/schema.py",
-			"hash": "0f97bd52d8c758f66302b22f6f093714"
+			"hash": "733610d5611983b46515de108bba6a3b"
 		},
 		{
 			"identifier": "get_a_saved_query/schema.py",
-			"hash": "ae659b6dd570a61a9ba2bf99b731952d"
+			"hash": "2f8d35ca00cb8202d1280e3b7e4e16f7"
 		},
 		{
 			"identifier": "get_all_logs/schema.py",
-			"hash": "dd6eec6ee9263c7c5bf3942593d96f20"
+			"hash": "2bdb039bd7bed9a17ebe689e8c9265d7"
 		},
 		{
 			"identifier": "get_all_saved_queries/schema.py",
-			"hash": "69e619f2f61842cbc3ae75edab42ea40"
+			"hash": "1dee21dfeb404527be42e82cc7f61d3c"
+		},
+		{
+			"identifier": "get_asset_information/schema.py",
+			"hash": "85365495f1c8163d9ea7bd57d6868912"
 		},
 		{
 			"identifier": "get_attachment_information/schema.py",
-			"hash": "24118b3714f6746cadf273f74e8f84f4"
+			"hash": "7b4c4a65a306948df8fc6ee5d1f1ef3c"
 		},
 		{
 			"identifier": "get_investigation/schema.py",
-			"hash": "149d9658fdc93d51dff4694e1882a3a4"
+			"hash": "fb62f78ab95a48c6dab8c38d54097ff2"
+		},
+		{
+			"identifier": "get_user_information/schema.py",
+			"hash": "425c12ebf63cfbf4e33cc5062f6f79d6"
 		},
 		{
 			"identifier": "list_alerts_for_investigation/schema.py",
-			"hash": "3022f6ec9fe64a7af3df4d1d6cc6c88b"
+			"hash": "72bdab1cd1e041b8dc5ec6616a5555a1"
 		},
 		{
 			"identifier": "list_attachments/schema.py",
-			"hash": "d4404add7f2008a9d40839413bc880d7"
+			"hash": "8d586be6eeb57039edbc6ae4f01551af"
 		},
 		{
 			"identifier": "list_comments/schema.py",
-			"hash": "55813007d97cf69c079a7aef0dbd7b9c"
+			"hash": "da9b3870c3b1af536b9b4b98a68927ff"
 		},
 		{
 			"identifier": "list_investigations/schema.py",
-			"hash": "8cc1504ee7ab39cdec2a025c87c63b65"
+			"hash": "802287ec27346663e80b2b517558ea7e"
 		},
 		{
 			"identifier": "query/schema.py",
-			"hash": "a44d5cdd21acc90d0139bbc20c069711"
+			"hash": "a03fd4ae484aa4367a5e42237d7ec67d"
 		},
 		{
 			"identifier": "replace_indicators/schema.py",
-			"hash": "7dd218ac90308291d86a912567a4f61e"
+			"hash": "1bd05409ed4a316ef2e979339cde3fe9"
 		},
 		{
 			"identifier": "search_investigations/schema.py",
-			"hash": "f59c4a599a8f5e6a563b643c39dd4b02"
+			"hash": "ddc78a2fec8c00fdb0027eb106977bac"
 		},
 		{
 			"identifier": "set_disposition_of_investigation/schema.py",
-			"hash": "bc77b3c868db9ac71222c90d30e69687"
+			"hash": "c552a2a6b9b88ca956d0ec803820cde9"
 		},
 		{
 			"identifier": "set_priority_of_investigation/schema.py",
-			"hash": "e3f81370defcb8f4a8a9bfaa3ab3d758"
+			"hash": "3c2c3a618cb7706088bf8b3514840456"
 		},
 		{
 			"identifier": "set_status_of_investigation_action/schema.py",
-			"hash": "0a050c11b3cd4e57cbd6147414a27dda"
+			"hash": "9df649243e960ecd339d2e1989b613b9"
 		},
 		{
 			"identifier": "update_investigation/schema.py",
-			"hash": "519b1375887a53891489c2e2c294d961"
+			"hash": "899b1d2e69fb65d67c25af353e4b4249"
 		},
 		{
 			"identifier": "upload_attachment/schema.py",
-			"hash": "bebd0944f3a7528aae6a3298e5e42b33"
+			"hash": "41dd5ad6342c76ded1b99f09f937e0c4"
 		},
 		{
 			"identifier": "connection/schema.py",
-			"hash": "1c1fe91f956e8be3a7bec1575f4f1e27"
+			"hash": "0fb144575844d93646beaf77b3f8eca1"
 		}
 	]
 }
diff --git a/plugins/rapid7_insightidr/Dockerfile b/plugins/rapid7_insightidr/Dockerfile
@@ -1,24 +1,18 @@
-FROM rapid7/insightconnect-python-3-38-slim-plugin:4
-# Refer to the following documentation for available SDK parent images: https://docs.rapid7.com/insightconnect/sdk-guide/#sdk-guide
+FROM rapid7/insightconnect-python-3-38-plugin:4
 
 LABEL organization=rapid7
 LABEL sdk=python
 
-# Add any custom package dependencies here
-# NOTE: Add pip packages to requirements.txt
-
-# End package dependencies
-
-# Add source code
 WORKDIR /python/src
+
 ADD ./plugin.spec.yaml /plugin.spec.yaml
-ADD . /python/src
+ADD ./requirements.txt /python/src/requirements.txt
 
-# Install pip dependencies
 RUN if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
 
-# Install plugin
-RUN python setup.py build && python setup.py install
+ADD . /python/src
+
+RUN	python setup.py build && python setup.py install
 
 # User to run plugin code. The two supported users are: root, nobody
 USER nobody

diff --git a/plugins/rapid7_insightidr/bin/komand_rapid7_insightidr b/plugins/rapid7_insightidr/bin/komand_rapid7_insightidr
@@ -1,12 +1,12 @@
 #!/usr/bin/env python
-# GENERATED BY KOMAND SDK - DO NOT EDIT
+# GENERATED BY INSIGHT-PLUGIN - DO NOT EDIT
 import os
 import json
 from sys import argv
 
 Name = "Rapid7 InsightIDR"
 Vendor = "rapid7"
-Version = "5.0.1"
+Version = "5.1.0"
 Description = "This plugin allows you to add indicators to a threat and see the status of investigations"
 
 
@@ -23,7 +23,7 @@ def main():
             monkey.patch_all()
 
     import insightconnect_plugin_runtime
-    from komand_rapid7_insightidr import connection, actions, triggers
+    from komand_rapid7_insightidr import connection, actions, triggers, tasks
 
     class ICONRapid7Insightidr(insightconnect_plugin_runtime.Plugin):
         def __init__(self):
@@ -34,64 +34,68 @@ def main():
                 description=Description,
                 connection=connection.Connection()
             )
+            self.add_action(actions.ReplaceIndicators())
+
+            self.add_action(actions.ListInvestigations())
+
+            self.add_action(actions.CreateInvestigation())
+
+            self.add_action(actions.SearchInvestigations())
+
+            self.add_action(actions.UpdateInvestigation())
+
+            self.add_action(actions.GetInvestigation())
+
+            self.add_action(actions.SetPriorityOfInvestigation())
+
+            self.add_action(actions.SetDispositionOfInvestigation())
+
+            self.add_action(actions.SetStatusOfInvestigationAction())
+
+            self.add_action(actions.ListAlertsForInvestigation())
+
             self.add_action(actions.AddIndicatorsToAThreat())
-
+
+            self.add_action(actions.AssignUserToInvestigation())
+
+            self.add_action(actions.Query())
+
+            self.add_action(actions.GetALog())
+
+            self.add_action(actions.GetAllLogs())
+
             self.add_action(actions.AdvancedQueryOnLog())
-
+        
             self.add_action(actions.AdvancedQueryOnLogSet())
-
-            self.add_action(actions.AssignUserToInvestigation())
-
+
             self.add_action(actions.CloseInvestigationsInBulk())
-
-            self.add_action(actions.CreateComment())
-
-            self.add_action(actions.CreateInvestigation())
-
+
             self.add_action(actions.CreateThreat())
-
-            self.add_action(actions.DeleteAttachment())
-
-            self.add_action(actions.DeleteComment())
-
-            self.add_action(actions.DownloadAttachment())
-
-            self.add_action(actions.GetALog())
-
-            self.add_action(actions.GetASavedQuery())
-
-            self.add_action(actions.GetAllLogs())
-
+
             self.add_action(actions.GetAllSavedQueries())
-
-            self.add_action(actions.GetAttachmentInformation())
-
-            self.add_action(actions.GetInvestigation())
-
-            self.add_action(actions.ListAlertsForInvestigation())
-
-            self.add_action(actions.ListAttachments())
-
+
+            self.add_action(actions.GetASavedQuery())
+
             self.add_action(actions.ListComments())
-
-            self.add_action(actions.ListInvestigations())
-
-            self.add_action(actions.Query())
-
-            self.add_action(actions.ReplaceIndicators())
-
-            self.add_action(actions.SearchInvestigations())
-
-            self.add_action(actions.SetDispositionOfInvestigation())
-
-            self.add_action(actions.SetPriorityOfInvestigation())
-
-            self.add_action(actions.SetStatusOfInvestigationAction())
-
-            self.add_action(actions.UpdateInvestigation())
-
+
+            self.add_action(actions.CreateComment())
+
+            self.add_action(actions.DeleteComment())
+
+            self.add_action(actions.ListAttachments())
+
             self.add_action(actions.UploadAttachment())
-
+
+            self.add_action(actions.GetAttachmentInformation())
+
+            self.add_action(actions.DeleteAttachment())
+
+            self.add_action(actions.DownloadAttachment())
+
+            self.add_action(actions.GetUserInformation())
+
+            self.add_action(actions.GetAssetInformation())
+
 
     """Run plugin"""
     cli = insightconnect_plugin_runtime.CLI(ICONRapid7Insightidr())