Skip to content

Commit

Permalink
PAPP-35194 base get tracking details action added
Browse files Browse the repository at this point in the history
  • Loading branch information
@grokas-splunk
grokas-splunk committed Dec 13, 2024
1 parent 7783914 commit a1b6fbb
Show file tree
Hide file tree
Showing 3 changed files with 256 additions and 8 deletions.
203 changes: 197 additions & 6 deletions ciscosma.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,6 @@
"action": "get message details",
"identifier": "get_message_details",
"description": "Retrieve details of a quarantined message",
"verbose": "Retrieve specific detailed message information from quarantine",
"type": "investigate",
"read_only": true,
"parameters": {
Expand All @@ -85,7 +84,8 @@
},
{
"data_path": "action_result.data.*.mid",
"data_type": "numeric"
"data_type": "numeric",
"contains": ["cisco sma message id"]
},
{
"data_path": "action_result.data.*.attributes.subject",
Expand All @@ -97,19 +97,23 @@
},
{
"data_path": "action_result.data.*.attributes.fromAddress",
"data_type": "string"
"data_type": "string",
"contains": ["email"]
},
{
"data_path": "action_result.data.*.attributes.toAddress",
"data_type": "string"
"data_type": "string",
"contains": ["email"]
},
{
"data_path": "action_result.data.*.attributes.envelopeRecipient",
"data_type": "string"
"data_type": "string",
"contains": ["email"]
},
{
"data_path": "action_result.data.*.attributes.attachments",
"data_type": "string"
"data_type": "string",
"contains": ["file_name"]
},
{
"data_path": "action_result.data.*.attributes.messageBody",
Expand All @@ -125,6 +129,193 @@
}
],
"versions": "EQ(*)"
},
{
"action": "get tracking details",
"identifier": "get_message_tracking_details",
"description": "Retrieve detailed tracking information for a message",
"type": "investigate",
"read_only": true,
"parameters": {
"mid": {
"description": "Message ID (mid) to retrieve details for",
"data_type": "string",
"required": true,
"order": 0
},
"icid": {
"description": "Incoming Connection ID",
"data_type": "string",
"required": false,
"order": 1
},
"serial_number": {
"description": "Appliance serial number",
"data_type": "string",
"required": false,
"order": 2
},
"start_date": {
"description": "Start date in ISO format (YYYY-MM-DDThh:mm:ss.000Z)",
"data_type": "string",
"required": false,
"order": 3
},
"end_date": {
"description": "End date in ISO format (YYYY-MM-DDThh:mm:ss.000Z)",
"data_type": "string",
"required": false,
"order": 4
}
},
"output": [
{
"data_path": "action_result.status",
"data_type": "string"
},
{
"data_path": "action_result.parameter.mid",
"data_type": "string" },
{
"data_path": "action_result.parameter.icid",
"data_type": "string"
},
{
"data_path": "action_result.parameter.serial_number",
"data_type": "string"
},
{
"data_path": "action_result.parameter.start_date",
"data_type": "string"
},
{
"data_path": "action_result.parameter.end_date",
"data_type": "string"
},
{
"data_path": "action_result.data.*.mid",
"data_type": "numeric",
"contains": ["cisco sma message id"]
},
{
"data_path": "action_result.data.*.subject",
"data_type": "string",
"contains": ["email"]
},
{
"data_path": "action_result.data.*.messageStatus",
"data_type": "string"
},
{
"data_path": "action_result.data.*.direction",
"data_type": "string"
},
{
"data_path": "action_result.data.*.sender",
"data_type": "string",
"contains": ["email"]
},
{
"data_path": "action_result.data.*.recipient",
"data_type": "string",
"contains": ["email"]
},
{
"data_path": "action_result.data.*.attachments",
"data_type": "string",
"contains": ["file_name"]
},
{
"data_path": "action_result.data.*.smtpAuthId",
"data_type": "string"
},
{
"data_path": "action_result.data.*.midHeader",
"data_type": "string"
},
{
"data_path": "action_result.data.*.timestamp",
"data_type": "string"
},
{
"data_path": "action_result.data.*.hostName",
"data_type": "string"
},
{
"data_path": "action_result.data.*.sendingHostSummary.reverseDnsHostname",
"data_type": "string"
},
{
"data_path": "action_result.data.*.sendingHostSummary.ipAddress",
"data_type": "string",
"contains": ["ip"]
},
{
"data_path": "action_result.data.*.sendingHostSummary.sbrsScore",
"data_type": "string"
},
{
"data_path": "action_result.data.*.summary.*.timestamp",
"data_type": "string"
},
{
"data_path": "action_result.data.*.summary.*.description",
"data_type": "string"
},
{
"data_path": "action_result.data.*.summary.*.lastEvent",
"data_type": "boolean"
},
{
"data_path": "action_result.data.*.messageSize",
"data_type": "string"
},
{
"data_path": "action_result.data.*.isCompleteData",
"data_type": "boolean"
},
{
"data_path": "action_result.data.*.showDLP",
"data_type": "boolean"
},
{
"data_path": "action_result.data.*.showAMP",
"data_type": "boolean"
},
{
"data_path": "action_result.data.*.showURL",
"data_type": "boolean"
},
{
"data_path": "action_result.data.*.showSummaryTimeBox",
"data_type": "boolean"
},
{
"data_path": "action_result.data.*.mailPolicy",
"data_type": "string"
},
{
"data_path": "action_result.data.*.senderGroup",
"data_type": "string"
},
{
"data_path": "action_result.summary.subject",
"data_type": "string"
},
{
"data_path": "action_result.summary.status",
"data_type": "string"
},
{
"data_path": "action_result.summary.direction",
"data_type": "string"
},
{
"data_path": "action_result.message",
"data_type": "string"
}
],
"versions": "EQ(*)"
}
]
}
60 changes: 58 additions & 2 deletions ciscosma_connector.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@
from phantom.action_result import ActionResult
from phantom.base_connector import BaseConnector

from ciscosma_consts import CISCOSMA_GET_MESSAGE_DETAILS_ENDPOINT, CISCOSMA_GET_TOKEN_ENDPOINT
from ciscosma_consts import CISCOSMA_GET_MESSAGE_DETAILS_ENDPOINT, CISCOSMA_GET_TOKEN_ENDPOINT, CISCOSMA_GET_MESSAGE_TRACKING_DETAILS_ENDPOINT


class CiscoSmaConnector(BaseConnector):
Expand Down Expand Up @@ -175,6 +175,58 @@ def _handle_get_message_details(self, param):

return action_result.set_status(phantom.APP_SUCCESS, "Successfully retrieved message details")

def _handle_get_message_tracking_details(self, param):
action_result = self.add_action_result(ActionResult(dict(param)))

mid = param.get('mid')
if not mid:
return action_result.set_status(phantom.APP_ERROR, "Parameter 'mid' is required")

icid = param.get('icid')
serial_number = param.get('serial_number')
start_date = param.get('start_date')
end_date = param.get('end_date')

params = {'mid': mid}
if icid:
params['icid'] = icid
if serial_number:
params['serialNumber'] = serial_number
if start_date:
params['startDate'] = start_date
if end_date:
params['endDate'] = end_date

ret_val, response = self._make_authenticated_request(
action_result,
CISCOSMA_GET_MESSAGE_TRACKING_DETAILS_ENDPOINT,
params=params
)

if phantom.is_fail(ret_val):
return action_result.get_status()

try:
message_data = response.get('data', {}).get('messages', {})
action_result.add_data(message_data)
except Exception as e:
return action_result.set_status(
phantom.APP_ERROR,
f"Error parsing response: {str(e)}"
)

summary = {
'subject': message_data.get('subject'),
'status': message_data.get('messageStatus'),
'direction': message_data.get('direction')
}
action_result.update_summary(summary)

return action_result.set_status(
phantom.APP_SUCCESS,
"Successfully retrieved message tracking details"
)

def initialize(self):
config = self.get_config()
self._base_url = config["host"].rstrip("/")
Expand All @@ -186,7 +238,11 @@ def initialize(self):
def handle_action(self, param):
self.debug_print("action_id ", self.get_action_identifier())

action_mapping = {"test_connectivity": self._handle_test_connectivity, "get_message_details": self._handle_get_message_details}
action_mapping = {
"test_connectivity": self._handle_test_connectivity,
"get_message_details": self._handle_get_message_details,
"get_message_tracking_details": self._handle_get_message_tracking_details
}

action = self.get_action_identifier()
action_execution_status = phantom.APP_SUCCESS
Expand Down
1 change: 1 addition & 0 deletions ciscosma_consts.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@

CISCOSMA_GET_TOKEN_ENDPOINT = "/sma/api/v2.0/login"
CISCOSMA_GET_MESSAGE_DETAILS_ENDPOINT = "/sma/api/v2.0/quarantine/messages/details"
CISCOSMA_GET_MESSAGE_TRACKING_DETAILS_ENDPOINT = "/sma/api/v2.0/message-tracking/details"


# Future endpoints
Expand Down

0 comments on commit a1b6fbb

Please sign in to comment.