rapid7 · cmcnally-r7 · Dec 3, 2024 · Nov 27, 2024 · Nov 27, 2024
@@ -287,7 +287,7 @@ Example input:
 | :--- | :--- | :--- | :--- | :--- |
 |complete|boolean|False|Indicates if all pages of the query have been returned by the API|True|
 |count|integer|False|Total count of IPs returned Query|10|
-|data|[]data|False|GreyNoise Data Object, Contains IP Object for each IP returned by the query|[{"actor": "Acme, Inc", "bot": false, "classification": "malicious", "cve": ["CVE-1111-1111", "CVE-2222-2222"], "first_seen": "2024-01-01", "ip": "1.2.3.4", "last_seen": "2024-01-01", "metadata": {"asn": "AS12345", "category": "isp", "city": "Reno", "country": "Brazil", "country_code": "BZ", "destination_countries": ["Brazil", "Spain"], "destination_country_codes": ["BZ", "ES"], "organization": "Acme Inc.", "os": "Windows XP", "rdns": "scanner.example.io", "region": "Arizona", "sensor_count": 5, "sensor_hits": 5, "source_country": "Brazil", "source_country_code": "BE", "tor": false}, "raw_data": {"hassh": [{"fingerprint": "abcdefg1234567", "port": 22}], "ja3": [{"fingerprint": "abcdefg1234567", "port": 22}], "scan": [{"port": 22, "protocol": "TCP"}], "web": {"paths": ["/", "/robots.txt"], "useragents": ["user-agent"]}}, "seen": true, "spoofable": false, "tags": "Tag 1, Tag2", "vpn": false, "vpn_service": "My VPN"}]|
+|data|[]data|False|GreyNoise Data Object, Contains IP Object for each IP returned by the query|[{"actor": "Acme, Inc", "bot": False, "classification": "malicious", "cve": ["CVE-1111-1111", "CVE-2222-2222"], "first_seen": "2024-01-01", "ip": "1.2.3.4", "last_seen": "2024-01-01", "metadata": {"asn": "AS12345", "category": "isp", "city": "Reno", "country": "Brazil", "country_code": "BZ", "destination_countries": ["Brazil", "Spain"], "destination_country_codes": ["BZ", "ES"], "organization": "Acme Inc.", "os": "Windows XP", "rdns": "scanner.example.io", "region": "Arizona", "sensor_count": 5, "sensor_hits": 5, "source_country": "Brazil", "source_country_code": "BE", "tor": False}, "raw_data": {"hassh": [{"fingerprint": "abcdefg1234567", "port": 22}], "ja3": [{"fingerprint": "abcdefg1234567", "port": 22}], "scan": [{"port": 22, "protocol": "TCP"}], "web": {"paths": ["/", "/robots.txt"], "useragents": ["user-agent"]}}, "seen": True, "spoofable": False, "tags": "Tag 1, Tag2", "vpn": False, "vpn_service": "My VPN"}]|
 |message|string|False|GreyNoise Query Message, indicates if there were issues with the query|ok|
 |query|string|False|GreyNoise Query Sent to API|sample query|
 
@@ -551,7 +551,7 @@ Example input:
 
 |Name|Type|Required|Description|Example|
 | :--- | :--- | :--- | :--- | :--- |
-|activity|[]timeline_activity|False|IP Timeline Activity Events|[{"asn": "AS12345", "category": "isp", "city": "Seattle", "classification": "benign", "country": "Spain", "country_code": "ES", "destinations": [{"country": "Brazil", "country_code": "BE"}], "hassh_fingerprints": ["asdfa1412", "asasdf2125"], "http_web_paths": ["robots.txt"], "http_user_agents": ["Hello World"], "ja3_fingerprints": ["abasdfas", "abasdfasdf"], "organization": "Acme Inc", "protocols": [{"port": 22, "transport_protocol": "TCP", "app_protocol": "TCP"}], "rdns": "scanner.acme.io", "region": "Arizona", "spoofable": false, "tags": [{"tag_category": "activity", "tag_description": "This is a description of the tag.", "tag_intention": "malicious", "tag_name": "IoT Bot Tag"}], "timestampe": "2020-07-08T17:15:10Z", "tor": false, "vpn": false, "vpn_service": "VPN Name"}]|
+|activity|[]timeline_activity|False|IP Timeline Activity Events|[{"asn": "AS12345", "category": "isp", "city": "Seattle", "classification": "benign", "country": "Spain", "country_code": "ES", "destinations": [{"country": "Brazil", "country_code": "BE"}], "hassh_fingerprints": ["asdfa1412", "asasdf2125"], "http_web_paths": ["robots.txt"], "http_user_agents": ["Hello World"], "ja3_fingerprints": ["abasdfas", "abasdfasdf"], "organization": "Acme Inc", "protocols": [{"port": 22, "transport_protocol": "TCP", "app_protocol": "TCP"}], "rdns": "scanner.acme.io", "region": "Arizona", "spoofable": False, "tags": [{"tag_category": "activity", "tag_description": "This is a description of the tag.", "tag_intention": "malicious", "tag_name": "IoT Bot Tag"}], "timestampe": "2020-07-08T17:15:10Z", "tor": False, "vpn": False, "vpn_service": "VPN Name"}]|
 |ip|string|False|Value that was Queried|1.2.3.4|
 |metadata|timeline_metadata|False|IP Timeline Metadata|{'end_time': '2020-07-08T17:15:10Z', 'ip': '1.2.3.4', 'limit': 5, 'next_cursor': 'asdf142qas3241asdf234sfa', 'start_time': '2020-07-08T17:15:10Z'}|
 

@@ -37,5 +37,5 @@ def run(self, params={}):
             Output.CODE: resp_out.get("code"),
             Output.NOISE: resp_out.get("noise"),
             Output.RIOT: resp_out.get("riot"),
-            Output.CODE: resp_out.get("code"),
+            Output.CODE_MESSAGE: resp_out.get("code_message"),
         }
@@ -2,6 +2,8 @@
 from .schema import SimilarLookupInput, SimilarLookupOutput, Input, Output, Component
 
 # Custom imports below
+from insightconnect_plugin_runtime.exceptions import PluginException
+from greynoise.exceptions import RequestFailure
 
 
 class SimilarLookup(insightconnect_plugin_runtime.Action):

@@ -2,6 +2,8 @@
 from .schema import TimelineLookupInput, TimelineLookupOutput, Input, Output, Component
 
 # Custom imports below
+from insightconnect_plugin_runtime.exceptions import PluginException
+from greynoise.exceptions import RequestFailure
 
 
 class TimelineLookup(insightconnect_plugin_runtime.Action):

@@ -3,7 +3,7 @@
 
 from icon_greynoise.actions.community_lookup import CommunityLookup
 
-from .util import MockConnection, mocked_requests_get
+from unit_test.util import MockConnection, mocked_requests_get
 
 
 class TestCommunityLookup(TestCase):

@@ -3,7 +3,7 @@
 
 from icon_greynoise.actions.context_lookup import ContextLookup
 
-from .util import MockConnection, mocked_requests_get
+from unit_test.util import MockConnection, mocked_requests_get
 
 
 class TestContextLookup(TestCase):

@@ -3,7 +3,7 @@
 
 from icon_greynoise.actions.get_tag_details import GetTagDetails
 
-from .util import MockConnection, mocked_requests_get
+from unit_test.util import MockConnection, mocked_requests_get
 
 
 class TestGetTagDetails(TestCase):

@@ -3,7 +3,7 @@
 
 from icon_greynoise.actions.gnql_query import GnqlQuery
 
-from .util import MockConnection, mocked_requests_get
+from unit_test.util import MockConnection, mocked_requests_get
 
 
 class TestGnqlQuery(TestCase):

@@ -3,7 +3,7 @@
 
 from icon_greynoise.actions.quick_lookup import QuickLookup
 
-from .util import MockConnection, mocked_requests_get
+from unit_test.util import MockConnection, mocked_requests_get
 
 
 class TestQuickLookup(TestCase):

@@ -3,7 +3,7 @@
 
 from icon_greynoise.actions.riot_lookup import RiotLookup
 
-from .util import MockConnection, mocked_requests_get
+from unit_test.util import MockConnection, mocked_requests_get
 
 
 class TestRiotLookup(TestCase):

@@ -3,7 +3,7 @@
 
 from icon_greynoise.actions.similar_lookup import SimilarLookup
 
-from .util import MockConnection, mocked_requests_get
+from unit_test.util import MockConnection, mocked_requests_get
 
 
 class TestSimilarLookup(TestCase):

@@ -3,7 +3,7 @@
 
 from icon_greynoise.actions.timeline_lookup import TimelineLookup
 
-from .util import MockConnection, mocked_requests_get
+from unit_test.util import MockConnection, mocked_requests_get
 
 
 class TestTimelineLookup(TestCase):

@@ -3,7 +3,7 @@
 
 from icon_greynoise.actions.vulnerability_lookup import VulnerabilityLookup
 
-from .util import MockConnection, mocked_requests_get
+from unit_test.util import MockConnection, mocked_requests_get
 
 
 class TestVulnerabilityLookup(TestCase):