diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-06-05 16:18:37 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-06-05 16:18:37 +0000 |
| commit | 5d7eda1e172f8e396536a8fbd6f85b4b991290e8 (patch) | |
| tree | b18be36b43a1abdab0d40ecc8e4c8de2dbcd65c0 /ansible_collections/ibm/qradar/plugins | |
| parent | Adding debian version 9.5.1+dfsg-1. (diff) | |
| download | ansible-5d7eda1e172f8e396536a8fbd6f85b4b991290e8.tar.xz ansible-5d7eda1e172f8e396536a8fbd6f85b4b991290e8.zip | |
Merging upstream version 10.0.0+dfsg.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'ansible_collections/ibm/qradar/plugins')
20 files changed, 366 insertions, 367 deletions
diff --git a/ansible_collections/ibm/qradar/plugins/action/qradar_analytics_rules.py b/ansible_collections/ibm/qradar/plugins/action/qradar_analytics_rules.py index 906cbc9e5..559869c6f 100644 --- a/ansible_collections/ibm/qradar/plugins/action/qradar_analytics_rules.py +++ b/ansible_collections/ibm/qradar/plugins/action/qradar_analytics_rules.py @@ -23,27 +23,25 @@ The module file for qradar_analytics_rules from __future__ import absolute_import, division, print_function + __metaclass__ = type import json -from ansible.plugins.action import ActionBase -from ansible.module_utils.connection import Connection + from ansible.module_utils._text import to_text +from ansible.module_utils.connection import Connection from ansible.module_utils.six.moves.urllib.parse import quote - -from ansible_collections.ansible.netcommon.plugins.module_utils.network.common import ( - utils, +from ansible.plugins.action import ActionBase +from ansible_collections.ansible.netcommon.plugins.module_utils.network.common import utils +from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, ) + from ansible_collections.ibm.qradar.plugins.module_utils.qradar import ( QRadarRequest, remove_unsupported_keys_from_payload_dict, ) -from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( - AnsibleArgSpecValidator, -) -from ansible_collections.ibm.qradar.plugins.modules.qradar_analytics_rules import ( - DOCUMENTATION, -) +from ansible_collections.ibm.qradar.plugins.modules.qradar_analytics_rules import DOCUMENTATION class ActionModule(ActionBase): @@ -86,13 +84,13 @@ class ActionModule(ActionBase): """ if search_for_resource.get("id"): api_obj_url = self.api_object + "/{0}".format( - search_for_resource["id"] + search_for_resource["id"], ) elif search_for_resource.get("name"): api_obj_url = self.api_object + "?filter={0}".format( quote( - 'name="{0}"'.format(to_text(search_for_resource["name"])) - ) + 'name="{0}"'.format(to_text(search_for_resource["name"])), + ), ) elif search_for_resource.get("range"): api_obj_url = self.api_object @@ -104,10 +102,7 @@ class ActionModule(ActionBase): if ( rule_source_exists and len(rule_source_exists) == 1 - and ( - search_for_resource.get("name") - and not search_for_resource.get("id") - ) + and (search_for_resource.get("name") and not search_for_resource.get("id")) ): rule_source_exists = rule_source_exists[0] return rule_source_exists @@ -124,13 +119,14 @@ class ActionModule(ActionBase): after = {} changed = False rule_exists = self.search_for_resource( - qradar_request, module_config_params + qradar_request, + module_config_params, ) if rule_exists: changed = True before = rule_exists code, qradar_return_data = qradar_request.delete( - self.api_object + "/{0}".format(rule_exists["id"]) + self.api_object + "/{0}".format(rule_exists["id"]), ) config.update({"before": before, "after": after}) else: @@ -149,7 +145,8 @@ class ActionModule(ActionBase): changed = False rule_exists = self.search_for_resource( - qradar_request, module_config_params + qradar_request, + module_config_params, ) if rule_exists: if isinstance(rule_exists, list): @@ -168,7 +165,7 @@ class ActionModule(ActionBase): ) if qradar_return_data[0] >= 200: config.update( - {"before": before, "after": qradar_return_data[1]} + {"before": before, "after": qradar_return_data[1]}, ) else: config.update({"before": before}) @@ -179,10 +176,9 @@ class ActionModule(ActionBase): self._result = super(ActionModule, self).run(tmp, task_vars) headers = None if self._task.args.get("config"): - self._task.args[ - "config" - ] = remove_unsupported_keys_from_payload_dict( - self._task.args["config"], self.supported_params + self._task.args["config"] = remove_unsupported_keys_from_payload_dict( + self._task.args["config"], + self.supported_params, ) self._check_argspec() if self._result.get("failed"): @@ -191,20 +187,23 @@ class ActionModule(ActionBase): headers = { "Content-Type": "application/json", "Range": "items={0}".format( - self._task.args["config"]["range"] + self._task.args["config"]["range"], ), } conn = Connection(self._connection.socket_path) if headers: conn_request = QRadarRequest( - connection=conn, headers=headers, task_vars=task_vars + connection=conn, + headers=headers, + task_vars=task_vars, ) else: conn_request = QRadarRequest(connection=conn, task_vars=task_vars) if self._task.args["state"] == "gathered": if self._task.args.get("config"): self._result["gathered"] = self.search_for_resource( - conn_request, self._task.args["config"] + conn_request, + self._task.args["config"], ) elif self._task.args["state"] == "merged": if self._task.args.get("config"): @@ -212,7 +211,8 @@ class ActionModule(ActionBase): self._result[self.module_return], self._result["changed"], ) = self.configure_module_api( - conn_request, self._task.args["config"] + conn_request, + self._task.args["config"], ) elif self._task.args["state"] == "deleted": if self._task.args.get("config"): @@ -220,7 +220,8 @@ class ActionModule(ActionBase): self._result[self.module_return], self._result["changed"], ) = self.delete_module_api_config( - conn_request, self._task.args["config"] + conn_request, + self._task.args["config"], ) return self._result diff --git a/ansible_collections/ibm/qradar/plugins/action/qradar_log_sources_management.py b/ansible_collections/ibm/qradar/plugins/action/qradar_log_sources_management.py index 5d5efcd5e..c09c32227 100644 --- a/ansible_collections/ibm/qradar/plugins/action/qradar_log_sources_management.py +++ b/ansible_collections/ibm/qradar/plugins/action/qradar_log_sources_management.py @@ -23,27 +23,28 @@ The module file for qradar_log_sources_management from __future__ import absolute_import, division, print_function + __metaclass__ = type -from copy import copy import json -from ansible.plugins.action import ActionBase + +from copy import copy + from ansible.errors import AnsibleActionFail from ansible.module_utils.connection import Connection from ansible.module_utils.six.moves.urllib.parse import quote - -from ansible_collections.ansible.netcommon.plugins.module_utils.network.common import ( - utils, +from ansible.plugins.action import ActionBase +from ansible_collections.ansible.netcommon.plugins.module_utils.network.common import utils +from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( + AnsibleArgSpecValidator, ) + from ansible_collections.ibm.qradar.plugins.module_utils.qradar import ( QRadarRequest, find_dict_in_list, list_to_dict, remove_unsupported_keys_from_payload_dict, ) -from ansible_collections.ansible.utils.plugins.module_utils.common.argspec_validate import ( - AnsibleArgSpecValidator, -) from ansible_collections.ibm.qradar.plugins.modules.qradar_log_sources_management import ( DOCUMENTATION, ) @@ -55,11 +56,13 @@ class ActionModule(ActionBase): def __init__(self, *args, **kwargs): super(ActionModule, self).__init__(*args, **kwargs) self._result = None - self.api_object = ( - "/api/config/event_sources/log_source_management/log_sources" + self.api_object = "/api/config/event_sources/log_source_management/log_sources" + self.api_object_types = ( + "/api/config/event_sources/log_source_management/log_source_types?filter=" + ) + self.api_object_search = ( + "/api/config/event_sources/log_source_management/log_sources?filter=" ) - self.api_object_types = "/api/config/event_sources/log_source_management/log_source_types?filter=" - self.api_object_search = "/api/config/event_sources/log_source_management/log_sources?filter=" self.api_return = "log_sources_management" self.module_return = "qradar_log_sources_management" self.supported_params = [ @@ -98,9 +101,8 @@ class ActionModule(ActionBase): def set_log_source_values(self, qradar_request, config_params): # find log source types details if config_params.get("type_name"): - api_object = self.api_object_types + "{0}".format( - quote('name="{0}"'.format(config_params["type_name"])) + quote('name="{0}"'.format(config_params["type_name"])), ) code, log_source_type_found = qradar_request.get(api_object) if config_params.get("type_id"): @@ -112,7 +114,7 @@ class ActionModule(ActionBase): config_params.pop("type_name") else: raise AnsibleActionFail( - "Incompatible type provided, please consult QRadar Documentation for Log Source Types!" + "Incompatible type provided, please consult QRadar Documentation for Log Source Types!", ) if log_source_type_found: @@ -124,7 +126,7 @@ class ActionModule(ActionBase): ) if not found_dict_in_list: config_params.fail_json( - msg="Incompatible protocol_type_id provided, please consult QRadar Documentation for Log Source Types" + msg="Incompatible protocol_type_id provided, please consult QRadar Documentation for Log Source Types", ) elif log_source_type_found[0].get("protocol_types"): # Set it to the default as provided by the QRadar Instance @@ -142,27 +144,29 @@ class ActionModule(ActionBase): "id": config_params["protocol_type_id"], "name": "identifier", "value": config_params["identifier"], - } + }, ] config_params.pop("identifier") return config_params def search_for_resource_name( - self, qradar_request, search_resource_by_names=None + self, + qradar_request, + search_resource_by_names=None, ): search_result = [] if isinstance(search_resource_by_names, list): for each in search_resource_by_names: each = utils.remove_empties(each) query_api_object = self.api_object_search + "{0}".format( - quote('name="{0}"'.format(each["name"])) + quote('name="{0}"'.format(each["name"])), ) code, log_source_exists = qradar_request.get(query_api_object) if log_source_exists and (code >= 200 and code < 300): search_result.append(log_source_exists[0]) elif isinstance(search_resource_by_names, str): query_api_object = self.api_object_search + "{0}".format( - quote('name="{0}"'.format(search_resource_by_names)) + quote('name="{0}"'.format(search_resource_by_names)), ) code, log_source_exists = qradar_request.get(query_api_object) if log_source_exists and (code >= 200 and code < 300): @@ -182,12 +186,13 @@ class ActionModule(ActionBase): for each in module_config_params: each = utils.remove_empties(each) log_source_exists = self.search_for_resource_name( - qradar_request, each["name"] + qradar_request, + each["name"], ) if log_source_exists: before.append(log_source_exists) query_object = self.api_object + "/{0}".format( - log_source_exists["id"] + log_source_exists["id"], ) code, qradar_return_data = qradar_request.delete(query_object) if code >= 200 and code < 300: @@ -207,7 +212,8 @@ class ActionModule(ActionBase): each = utils.remove_empties(each) each = self.set_log_source_values(conn_request, each) search_result = self.search_for_resource_name( - conn_request, each["name"] + conn_request, + each["name"], ) if search_result: if search_result["name"] == each["name"]: @@ -219,15 +225,15 @@ class ActionModule(ActionBase): if diff: if self._task.args["state"] == "merged": each = utils.remove_empties( - utils.dict_merge(search_result, each) + utils.dict_merge(search_result, each), ) temp_request_param.append(each) elif self._task.args["state"] == "replaced": query_object = self.api_object + "/{0}".format( - search_result["id"] + search_result["id"], ) code, qradar_return_data = conn_request.delete( - query_object + query_object, ) temp_request_param.append(each) else: @@ -254,7 +260,7 @@ class ActionModule(ActionBase): "Failed with http_response: {0} and message: {1}".format( response["http_response"]["message"], response["message"], - ) + ), ) config.update({"before": before, "after": after}) else: @@ -266,10 +272,9 @@ class ActionModule(ActionBase): self._supports_check_mode = True self._result = super(ActionModule, self).run(tmp, task_vars) if self._task.args.get("config"): - self._task.args[ - "config" - ] = remove_unsupported_keys_from_payload_dict( - self._task.args["config"], self.supported_params + self._task.args["config"] = remove_unsupported_keys_from_payload_dict( + self._task.args["config"], + self.supported_params, ) self._check_argspec() if self._result.get("failed"): @@ -279,20 +284,19 @@ class ActionModule(ActionBase): if self._task.args["state"] == "gathered": if self._task.args.get("config"): self._result["gathered"] = self.search_for_resource_name( - conn_request, self._task.args["config"] + conn_request, + self._task.args["config"], ) else: self._result["gathered"] = conn_request.get(self.api_object) - elif ( - self._task.args["state"] == "merged" - or self._task.args["state"] == "replaced" - ): + elif self._task.args["state"] == "merged" or self._task.args["state"] == "replaced": if self._task.args.get("config"): ( self._result[self.module_return], self._result["changed"], ) = self.configure_module_api( - conn_request, self._task.args["config"] + conn_request, + self._task.args["config"], ) elif self._task.args["state"] == "deleted": if self._task.args.get("config"): @@ -300,7 +304,8 @@ class ActionModule(ActionBase): self._result[self.module_return], self._result["changed"], ) = self.delete_module_api_config( - conn_request, self._task.args["config"] + conn_request, + self._task.args["config"], ) return self._result diff --git a/ansible_collections/ibm/qradar/plugins/httpapi/qradar.py b/ansible_collections/ibm/qradar/plugins/httpapi/qradar.py index 004c7815e..1b394ceee 100644 --- a/ansible_collections/ibm/qradar/plugins/httpapi/qradar.py +++ b/ansible_collections/ibm/qradar/plugins/httpapi/qradar.py @@ -3,6 +3,7 @@ from __future__ import absolute_import, division, print_function + __metaclass__ = type DOCUMENTATION = """ @@ -19,14 +20,11 @@ version_added: "1.0.0" import json from ansible.module_utils.basic import to_text -from ansible.module_utils.six.moves.urllib.error import HTTPError -from ansible_collections.ansible.netcommon.plugins.plugin_utils.httpapi_base import ( - HttpApiBase, -) from ansible.module_utils.connection import ConnectionError -from ansible_collections.ibm.qradar.plugins.module_utils.qradar import ( - BASE_HEADERS, -) +from ansible.module_utils.six.moves.urllib.error import HTTPError +from ansible_collections.ansible.netcommon.plugins.plugin_utils.httpapi_base import HttpApiBase + +from ansible_collections.ibm.qradar.plugins.module_utils.qradar import BASE_HEADERS class HttpApi(HttpApiBase): @@ -36,7 +34,10 @@ class HttpApi(HttpApiBase): try: self._display_request(request_method) response, response_data = self.connection.send( - path, payload, method=request_method, headers=headers + path, + payload, + method=request_method, + headers=headers, ) value = self._get_response_value(response_data) diff --git a/ansible_collections/ibm/qradar/plugins/module_utils/qradar.py b/ansible_collections/ibm/qradar/plugins/module_utils/qradar.py index e1569863f..0b57ba7c7 100644 --- a/ansible_collections/ibm/qradar/plugins/module_utils/qradar.py +++ b/ansible_collections/ibm/qradar/plugins/module_utils/qradar.py @@ -6,15 +6,17 @@ from __future__ import absolute_import, division, print_function + __metaclass__ = type -from ansible.module_utils.urls import CertificateError -from ansible.module_utils.six.moves.urllib.parse import quote_plus -from ansible.module_utils.connection import ConnectionError -from ansible.module_utils.connection import Connection +import json + +from copy import copy +from ssl import CertificateError + from ansible.module_utils._text import to_text +from ansible.module_utils.connection import Connection, ConnectionError from ansible.module_utils.six import iteritems -from copy import copy -import json +from ansible.module_utils.six.moves.urllib.parse import quote_plus BASE_HEADERS = {"Content-Type": "application/json", "Version": "9.1"} @@ -43,17 +45,17 @@ def set_offense_values(module, qradar_request): found_closing_reason = qradar_request.get_by_path( "api/siem/offense_closing_reasons?filter={0}".format( quote_plus( - 'text="{0}"'.format(module.params["closing_reason"]) - ) - ) + 'text="{0}"'.format(module.params["closing_reason"]), + ), + ), ) if found_closing_reason: module.params["closing_reason_id"] = found_closing_reason[0]["id"] else: module.fail_json( "Unable to find closing_reason text: {0}".format( - module.params["closing_reason"] - ) + module.params["closing_reason"], + ), ) if module.params["status"]: @@ -97,7 +99,7 @@ def list_to_dict(input_dict): if each.get("id") or each.get("id") == 0: each.pop("id") each_key_values = "_".join( - [str(x) for x in each.values()] + [str(x) for x in each.values()], ) temp_dict.update({each_key_values: each}) input_dict[k] = temp_dict @@ -141,20 +143,23 @@ class QRadarRequest(object): response = {} try: code, response = self.connection.send_request( - method, uri, payload=payload, headers=self.headers + method, + uri, + payload=payload, + headers=self.headers, ) except ConnectionError as e: self.module.fail_json( - msg="connection error occurred: {0}".format(e) + msg="connection error occurred: {0}".format(e), ) except CertificateError as e: self.module.fail_json( - msg="certificate error occurred: {0}".format(e) + msg="certificate error occurred: {0}".format(e), ) except ValueError as e: try: self.module.fail_json( - msg="certificate not found: {0}".format(e) + msg="certificate not found: {0}".format(e), ) except AttributeError: pass @@ -167,7 +172,7 @@ class QRadarRequest(object): ): return {} if to_text("The rule does not exist.") in to_text( - response["description"] + response["description"], ): return code, {} @@ -180,15 +185,17 @@ class QRadarRequest(object): else: self.module.fail_json( msg="qradar httpapi returned error {0} with message {1}".format( - code, response - ) + code, + response, + ), ) elif not (code >= 200 and code < 300): try: self.module.fail_json( msg="qradar httpapi returned error {0} with message {1}".format( - code, response - ) + code, + response, + ), ) except AttributeError: pass @@ -229,7 +236,7 @@ class QRadarRequest(object): except TypeError as e: self.module.fail_json( - msg="invalid data type provided: {0}".format(e) + msg="invalid data type provided: {0}".format(e), ) def post_by_path(self, rest_path, data=None): diff --git a/ansible_collections/ibm/qradar/plugins/modules/deploy.py b/ansible_collections/ibm/qradar/plugins/modules/deploy.py index dc41acd99..40bb41244 100644 --- a/ansible_collections/ibm/qradar/plugins/modules/deploy.py +++ b/ansible_collections/ibm/qradar/plugins/modules/deploy.py @@ -6,6 +6,7 @@ from __future__ import absolute_import, division, print_function + __metaclass__ = type DOCUMENTATION = """ @@ -37,22 +38,19 @@ EXAMPLES = """ type: INCREMENTAL """ -from ansible.module_utils.basic import AnsibleModule from ansible.module_utils._text import to_text +from ansible.module_utils.basic import AnsibleModule -from ansible_collections.ibm.qradar.plugins.module_utils.qradar import ( - QRadarRequest, -) +from ansible_collections.ibm.qradar.plugins.module_utils.qradar import QRadarRequest def main(): - argspec = dict( type=dict( choices=["INCREMENTAL", "FULL"], required=False, default="INCREMENTAL", - ) + ), ) module = AnsibleModule(argument_spec=argspec, supports_check_mode=False) @@ -63,12 +61,11 @@ def main(): ) qradar_return_data = qradar_request.post_by_path( - "api/staged_config/deploy_status" + "api/staged_config/deploy_status", ) if "message" in qradar_return_data and ( - to_text("No changes to deploy") - in to_text(qradar_return_data["message"]) + to_text("No changes to deploy") in to_text(qradar_return_data["message"]) ): module.exit_json( msg="No changes to deploy", @@ -78,7 +75,7 @@ def main(): else: module.exit_json( msg="Successfully initiated {0} deployment.".format( - module.params["type"] + module.params["type"], ), qradar_return_data=qradar_return_data, changed=True, diff --git a/ansible_collections/ibm/qradar/plugins/modules/log_source_management.py b/ansible_collections/ibm/qradar/plugins/modules/log_source_management.py index fa793a596..18f2a7ecd 100644 --- a/ansible_collections/ibm/qradar/plugins/modules/log_source_management.py +++ b/ansible_collections/ibm/qradar/plugins/modules/log_source_management.py @@ -6,6 +6,7 @@ from __future__ import absolute_import, division, print_function + __metaclass__ = type DOCUMENTATION = """ @@ -73,31 +74,31 @@ EXAMPLES = """ identifier: "192.168.1.101" """ -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils._text import to_text +import json +from ansible.module_utils._text import to_text +from ansible.module_utils.basic import AnsibleModule from ansible.module_utils.six.moves.urllib.parse import quote + from ansible_collections.ibm.qradar.plugins.module_utils.qradar import ( QRadarRequest, find_dict_in_list, ) -import json - def set_log_source_values(module, qradar_request): if module.params["type_name"]: code, query_response = qradar_request.get( "/api/config/event_sources/log_source_management/log_source_types?filter={0}".format( - quote('name="{0}"'.format(module.params["type_name"])) - ) + quote('name="{0}"'.format(module.params["type_name"])), + ), ) log_source_type_found = query_response[0] if module.params["type_id"]: code, query_response = qradar_request.get( "/api/config/event_sources/log_source_management/log_source_types?filter={0}".format( - quote('name="{0}"'.format(module.params["type_name"])) - ) + quote('name="{0}"'.format(module.params["type_name"])), + ), ) code, log_source_type_found = query_response[0] if log_source_type_found: @@ -105,7 +106,7 @@ def set_log_source_values(module, qradar_request): module.params["type_id"] = log_source_type_found["id"] else: module.fail_json( - msg="Incompatible type provided, please consult QRadar Documentation for Log Source Types" + msg="Incompatible type provided, please consult QRadar Documentation for Log Source Types", ) if module.params["protocol_type_id"]: @@ -116,25 +117,24 @@ def set_log_source_values(module, qradar_request): ) if not found_dict_in_list: module.fail_json( - msg="Incompatible protocol_type_id provided, please consult QRadar Documentation for Log Source Types" + msg="Incompatible protocol_type_id provided, please consult QRadar Documentation for Log Source Types", ) else: # Set it to the default as provided by the QRadar Instance - module.params["protocol_type_id"] = log_source_type_found[ - "protocol_types" - ][0]["protocol_id"] + module.params["protocol_type_id"] = log_source_type_found["protocol_types"][0][ + "protocol_id" + ] module.params["protocol_parameters"] = [ { "id": module.params["protocol_type_id"], "name": "identifier", "value": module.params["identifier"], - } + }, ] def main(): - argspec = dict( name=dict(required=True, type="str"), state=dict(choices=["present", "absent"], required=True), @@ -159,12 +159,11 @@ def main(): code, log_source_exists = qradar_request.get( "/api/config/event_sources/log_source_management/log_sources?filter={0}".format( - quote('name="{0}"'.format(module.params["name"])) - ) + quote('name="{0}"'.format(module.params["name"])), + ), ) if log_source_exists: - if module.params["state"] == "present": ( existing_log_source_protocol_identifier, @@ -178,8 +177,7 @@ def main(): set_log_source_values(module, qradar_request) comparison_map = [ - existing_log_source_protocol_identifier["value"] - == module.params["identifier"], + existing_log_source_protocol_identifier["value"] == module.params["identifier"], log_source_exists[0]["name"] == module.params["name"], log_source_exists[0]["type_id"] == module.params["type_id"], to_text(log_source_exists[0]["description"]) @@ -189,17 +187,15 @@ def main(): if all(comparison_map): module.exit_json(changed=False, msg="Nothing to do.") else: - log_source_exists[0]["protocol_parameters"][ - _elspi_index - ] = module.params["protocol_parameters"][0] + log_source_exists[0]["protocol_parameters"][_elspi_index] = module.params[ + "protocol_parameters" + ][0] log_source_exists[0]["name"] = module.params["name"] log_source_exists[0]["type_id"] = module.params["type_id"] - log_source_exists[0]["description"] = module.params[ - "description" - ] + log_source_exists[0]["description"] = module.params["description"] if module.check_mode: qradar_return_data = { - "EMPTY": "IN CHECK MODE, NO TRANSACTION TOOK PLACE" + "EMPTY": "IN CHECK MODE, NO TRANSACTION TOOK PLACE", } else: code, qradar_return_data = qradar_request.create_update( @@ -209,7 +205,7 @@ def main(): module.exit_json( msg="Successfully updated log source: {0}".format( - module.params["name"] + module.params["name"], ), qradar_return_data=qradar_return_data, changed=True, @@ -218,18 +214,18 @@ def main(): if module.params["state"] == "absent": if module.check_mode: qradar_return_data = { - "EMPTY": "IN CHECK MODE, NO TRANSACTION TOOK PLACE" + "EMPTY": "IN CHECK MODE, NO TRANSACTION TOOK PLACE", } else: code, qradar_return_data = qradar_request.delete( "/api/config/event_sources/log_source_management/log_sources/{0}".format( - log_source_exists[0]["id"] - ) + log_source_exists[0]["id"], + ), ) module.exit_json( msg="Successfully deleted log source: {0}".format( - module.params["name"] + module.params["name"], ), qradar_return_data=qradar_return_data, changed=True, @@ -239,7 +235,7 @@ def main(): set_log_source_values(module, qradar_request) if module.check_mode: qradar_return_data = { - "EMPTY": "IN CHECK MODE, NO TRANSACTION TOOK PLACE" + "EMPTY": "IN CHECK MODE, NO TRANSACTION TOOK PLACE", } else: code, qradar_return_data = qradar_request.create_update( @@ -249,7 +245,7 @@ def main(): module.exit_json( msg="Successfully created log source: {0}".format( - module.params["name"] + module.params["name"], ), qradar_return_data=qradar_return_data, changed=True, diff --git a/ansible_collections/ibm/qradar/plugins/modules/offense_action.py b/ansible_collections/ibm/qradar/plugins/modules/offense_action.py index 784f1e7b1..4944f4627 100644 --- a/ansible_collections/ibm/qradar/plugins/modules/offense_action.py +++ b/ansible_collections/ibm/qradar/plugins/modules/offense_action.py @@ -6,6 +6,7 @@ from __future__ import absolute_import, division, print_function + __metaclass__ = type DOCUMENTATION = """ @@ -72,8 +73,8 @@ author: Ansible Security Automation Team (@maxamillion) <https://github.com/ansi EXAMPLES = """ """ -from ansible.module_utils.basic import AnsibleModule from ansible.module_utils._text import to_text +from ansible.module_utils.basic import AnsibleModule from ansible_collections.ibm.qradar.plugins.module_utils.qradar import ( QRadarRequest, @@ -82,7 +83,6 @@ from ansible_collections.ibm.qradar.plugins.module_utils.qradar import ( def main(): - argspec = dict( # name=dict(required=False, type='str'), # id=dict(required=False, type='str'), @@ -118,7 +118,7 @@ def main(): # found_offense = qradar_request.get('/api/siem/offenses?filter={0}'.format(module.params['name'])) code, found_offense = qradar_request.get( - "/api/siem/offenses/{0}".format(module.params["id"]) + "/api/siem/offenses/{0}".format(module.params["id"]), ) if found_offense: @@ -127,43 +127,40 @@ def main(): post_strs = [] if module.params["status"] and ( - to_text(found_offense["status"]) - != to_text(module.params["status"]) + to_text(found_offense["status"]) != to_text(module.params["status"]) ): post_strs.append( - "status={0}".format(to_text(module.params["status"])) + "status={0}".format(to_text(module.params["status"])), ) if module.params["assigned_to"] and ( - to_text(found_offense["assigned_to"]) - != to_text(module.params["assigned_to"]) + to_text(found_offense["assigned_to"]) != to_text(module.params["assigned_to"]) ): post_strs.append( - "assigned_to={0}".format(module.params["assigned_to"]) + "assigned_to={0}".format(module.params["assigned_to"]), ) if module.params["closing_reason_id"] and ( - found_offense["closing_reason_id"] - != module.params["closing_reason_id"] + found_offense["closing_reason_id"] != module.params["closing_reason_id"] ): post_strs.append( "closing_reason_id={0}".format( - module.params["closing_reason_id"] - ) + module.params["closing_reason_id"], + ), ) if module.params["follow_up"] and ( found_offense["follow_up"] != module.params["follow_up"] ): post_strs.append( - "follow_up={0}".format(module.params["follow_up"]) + "follow_up={0}".format(module.params["follow_up"]), ) if module.params["protected"] and ( found_offense["protected"] != module.params["protected"] ): post_strs.append( - "protected={0}".format(module.params["protected"]) + "protected={0}".format(module.params["protected"]), ) if post_strs: @@ -175,25 +172,27 @@ def main(): qradar_return_data = qradar_request.post_by_path( "api/siem/offenses/{0}?{1}".format( - module.params["id"], "&".join(post_strs) - ) + module.params["id"], + "&".join(post_strs), + ), ) # FIXME - handle the scenario in which we can search by name and this isn't a required param anymore module.exit_json( msg="Successfully updated Offense ID: {0}".format( - module.params["id"] + module.params["id"], ), qradar_return_data=qradar_return_data, changed=True, ) else: module.exit_json( - msg="No changes necessary. Nothing to do.", changed=False + msg="No changes necessary. Nothing to do.", + changed=False, ) else: # FIXME - handle the scenario in which we can search by name and this isn't a required param anymore module.fail_json( - msg="Unable to find Offense ID: {0}".format(module.params["id"]) + msg="Unable to find Offense ID: {0}".format(module.params["id"]), ) diff --git a/ansible_collections/ibm/qradar/plugins/modules/offense_info.py b/ansible_collections/ibm/qradar/plugins/modules/offense_info.py index 1ead8a1ae..1b5ae67c7 100644 --- a/ansible_collections/ibm/qradar/plugins/modules/offense_info.py +++ b/ansible_collections/ibm/qradar/plugins/modules/offense_info.py @@ -6,6 +6,7 @@ from __future__ import absolute_import, division, print_function + __metaclass__ = type DOCUMENTATION = """ @@ -113,10 +114,10 @@ EXAMPLES = """ var: offense_list """ -from ansible.module_utils.basic import AnsibleModule from ansible.module_utils._text import to_text - +from ansible.module_utils.basic import AnsibleModule from ansible.module_utils.six.moves.urllib.parse import quote + from ansible_collections.ibm.qradar.plugins.module_utils.qradar import ( QRadarRequest, find_dict_in_list, @@ -125,7 +126,6 @@ from ansible_collections.ibm.qradar.plugins.module_utils.qradar import ( def main(): - argspec = dict( id=dict(required=False, type="int"), name=dict(required=False, type="str"), @@ -158,7 +158,7 @@ def main(): if module.params["id"]: code, offenses = qradar_request.get( - "/api/siem/offenses/{0}".format(module.params["id"]) + "/api/siem/offenses/{0}".format(module.params["id"]), ) else: @@ -166,43 +166,45 @@ def main(): if module.params["status"]: query_strs.append( - quote("status={0}".format(to_text(module.params["status"]))) + quote("status={0}".format(to_text(module.params["status"]))), ) if module.params["assigned_to"]: query_strs.append( - quote("assigned_to={0}".format(module.params["assigned_to"])) + quote("assigned_to={0}".format(module.params["assigned_to"])), ) if module.params["closing_reason_id"]: query_strs.append( quote( "closing_reason_id={0}".format( - module.params["closing_reason_id"] - ) - ) + module.params["closing_reason_id"], + ), + ), ) if module.params["follow_up"] is not None: query_strs.append( - quote("follow_up={0}".format(module.params["follow_up"])) + quote("follow_up={0}".format(module.params["follow_up"])), ) if module.params["protected"] is not None: query_strs.append( - quote("protected={0}".format(module.params["protected"])) + quote("protected={0}".format(module.params["protected"])), ) if query_strs: code, offenses = qradar_request.get( - "/api/siem/offenses?filter={0}".format("&".join(query_strs)) + "/api/siem/offenses?filter={0}".format("&".join(query_strs)), ) else: code, offenses = qradar_request.get("/api/siem/offenses") if module.params["name"]: named_offense = find_dict_in_list( - offenses, "description", module.params["name"] + offenses, + "description", + module.params["name"], ) if named_offense: offenses = named_offense diff --git a/ansible_collections/ibm/qradar/plugins/modules/offense_note.py b/ansible_collections/ibm/qradar/plugins/modules/offense_note.py index 53b6ec95c..2cda42c69 100644 --- a/ansible_collections/ibm/qradar/plugins/modules/offense_note.py +++ b/ansible_collections/ibm/qradar/plugins/modules/offense_note.py @@ -6,6 +6,7 @@ from __future__ import absolute_import, division, print_function + __metaclass__ = type DOCUMENTATION = """ @@ -53,27 +54,25 @@ EXAMPLES = """ """ from ansible.module_utils.basic import AnsibleModule - from ansible.module_utils.six.moves.urllib.parse import quote -from ansible_collections.ibm.qradar.plugins.module_utils.qradar import ( - QRadarRequest, -) + +from ansible_collections.ibm.qradar.plugins.module_utils.qradar import QRadarRequest def set_offense_values(module, qradar_request): if module.params["closing_reason"]: code, found_closing_reason = qradar_request.get( "/api/siem/offense_closing_reasons?filter={0}".format( - quote('text="{0}"'.format(module.params["closing_reason"])) - ) + quote('text="{0}"'.format(module.params["closing_reason"])), + ), ) if found_closing_reason: module.params["closing_reason_id"] = found_closing_reason[0]["id"] else: module.fail_json( "Unable to find closing_reason text: {0}".format( - module.params["closing_reason"] - ) + module.params["closing_reason"], + ), ) if module.params["status"]: @@ -81,7 +80,6 @@ def set_offense_values(module, qradar_request): def main(): - argspec = dict( # state=dict(required=False, choices=["present", "absent"], type='str', default="present"), id=dict(required=True, type="int"), @@ -104,7 +102,7 @@ def main(): "/api/siem/offenses/{0}/notes?filter={1}".format( module.params["id"], quote('note_text="{0}"'.format(module.params["note_text"])), - ) + ), ) # if module.params['state'] == 'present': @@ -115,7 +113,8 @@ def main(): note = found_notes[0] if note["note_text"] == module.params["note_text"]: module.exit_json( - msg="No changes necessary. Nothing to do.", changed=False + msg="No changes necessary. Nothing to do.", + changed=False, ) else: if module.check_mode: @@ -133,7 +132,7 @@ def main(): ) module.exit_json( msg="Successfully created Offense Note ID: {0}".format( - qradar_return_data["id"] + qradar_return_data["id"], ), qradar_return_data=qradar_return_data, changed=False, @@ -155,7 +154,7 @@ def main(): ) module.exit_json( msg="Successfully created Offense Note ID: {0}".format( - qradar_return_data["id"] + qradar_return_data["id"], ), qradar_return_data=qradar_return_data, changed=True, diff --git a/ansible_collections/ibm/qradar/plugins/modules/qradar_analytics_rules.py b/ansible_collections/ibm/qradar/plugins/modules/qradar_analytics_rules.py index 8f65069f5..812b15e51 100644 --- a/ansible_collections/ibm/qradar/plugins/modules/qradar_analytics_rules.py +++ b/ansible_collections/ibm/qradar/plugins/modules/qradar_analytics_rules.py @@ -4,6 +4,7 @@ from __future__ import absolute_import, division, print_function + __metaclass__ = type DOCUMENTATION = """ @@ -123,7 +124,7 @@ EXAMPLES = """ # Using GATHERED state # -------------------- -- name: Get information about the Rule named "Ansible Example DDOS Rule" +- name: Get information about the Rule named "Ansible Example DDOS Rule" ibm.qradar.qradar_analytics_rules: config: name: "Ansible Example DDOS Rule" @@ -148,7 +149,7 @@ EXAMPLES = """ # owner: admin # type: EVENT -- name: Get information about the Rule with ID 100443 +- name: Get information about the Rule with ID 100443 ibm.qradar.qradar_analytics_rules: config: id: 100443 @@ -262,7 +263,6 @@ EXAMPLES = """ # origin: USER # owner: admin # type: EVENT - """ RETURN = """ diff --git a/ansible_collections/ibm/qradar/plugins/modules/qradar_deploy.py b/ansible_collections/ibm/qradar/plugins/modules/qradar_deploy.py index dc41acd99..40bb41244 100644 --- a/ansible_collections/ibm/qradar/plugins/modules/qradar_deploy.py +++ b/ansible_collections/ibm/qradar/plugins/modules/qradar_deploy.py @@ -6,6 +6,7 @@ from __future__ import absolute_import, division, print_function + __metaclass__ = type DOCUMENTATION = """ @@ -37,22 +38,19 @@ EXAMPLES = """ type: INCREMENTAL """ -from ansible.module_utils.basic import AnsibleModule from ansible.module_utils._text import to_text +from ansible.module_utils.basic import AnsibleModule -from ansible_collections.ibm.qradar.plugins.module_utils.qradar import ( - QRadarRequest, -) +from ansible_collections.ibm.qradar.plugins.module_utils.qradar import QRadarRequest def main(): - argspec = dict( type=dict( choices=["INCREMENTAL", "FULL"], required=False, default="INCREMENTAL", - ) + ), ) module = AnsibleModule(argument_spec=argspec, supports_check_mode=False) @@ -63,12 +61,11 @@ def main(): ) qradar_return_data = qradar_request.post_by_path( - "api/staged_config/deploy_status" + "api/staged_config/deploy_status", ) if "message" in qradar_return_data and ( - to_text("No changes to deploy") - in to_text(qradar_return_data["message"]) + to_text("No changes to deploy") in to_text(qradar_return_data["message"]) ): module.exit_json( msg="No changes to deploy", @@ -78,7 +75,7 @@ def main(): else: module.exit_json( msg="Successfully initiated {0} deployment.".format( - module.params["type"] + module.params["type"], ), qradar_return_data=qradar_return_data, changed=True, diff --git a/ansible_collections/ibm/qradar/plugins/modules/qradar_log_source_management.py b/ansible_collections/ibm/qradar/plugins/modules/qradar_log_source_management.py index fa793a596..18f2a7ecd 100644 --- a/ansible_collections/ibm/qradar/plugins/modules/qradar_log_source_management.py +++ b/ansible_collections/ibm/qradar/plugins/modules/qradar_log_source_management.py @@ -6,6 +6,7 @@ from __future__ import absolute_import, division, print_function + __metaclass__ = type DOCUMENTATION = """ @@ -73,31 +74,31 @@ EXAMPLES = """ identifier: "192.168.1.101" """ -from ansible.module_utils.basic import AnsibleModule -from ansible.module_utils._text import to_text +import json +from ansible.module_utils._text import to_text +from ansible.module_utils.basic import AnsibleModule from ansible.module_utils.six.moves.urllib.parse import quote + from ansible_collections.ibm.qradar.plugins.module_utils.qradar import ( QRadarRequest, find_dict_in_list, ) -import json - def set_log_source_values(module, qradar_request): if module.params["type_name"]: code, query_response = qradar_request.get( "/api/config/event_sources/log_source_management/log_source_types?filter={0}".format( - quote('name="{0}"'.format(module.params["type_name"])) - ) + quote('name="{0}"'.format(module.params["type_name"])), + ), ) log_source_type_found = query_response[0] if module.params["type_id"]: code, query_response = qradar_request.get( "/api/config/event_sources/log_source_management/log_source_types?filter={0}".format( - quote('name="{0}"'.format(module.params["type_name"])) - ) + quote('name="{0}"'.format(module.params["type_name"])), + ), ) code, log_source_type_found = query_response[0] if log_source_type_found: @@ -105,7 +106,7 @@ def set_log_source_values(module, qradar_request): module.params["type_id"] = log_source_type_found["id"] else: module.fail_json( - msg="Incompatible type provided, please consult QRadar Documentation for Log Source Types" + msg="Incompatible type provided, please consult QRadar Documentation for Log Source Types", ) if module.params["protocol_type_id"]: @@ -116,25 +117,24 @@ def set_log_source_values(module, qradar_request): ) if not found_dict_in_list: module.fail_json( - msg="Incompatible protocol_type_id provided, please consult QRadar Documentation for Log Source Types" + msg="Incompatible protocol_type_id provided, please consult QRadar Documentation for Log Source Types", ) else: # Set it to the default as provided by the QRadar Instance - module.params["protocol_type_id"] = log_source_type_found[ - "protocol_types" - ][0]["protocol_id"] + module.params["protocol_type_id"] = log_source_type_found["protocol_types"][0][ + "protocol_id" + ] module.params["protocol_parameters"] = [ { "id": module.params["protocol_type_id"], "name": "identifier", "value": module.params["identifier"], - } + }, ] def main(): - argspec = dict( name=dict(required=True, type="str"), state=dict(choices=["present", "absent"], required=True), @@ -159,12 +159,11 @@ def main(): code, log_source_exists = qradar_request.get( "/api/config/event_sources/log_source_management/log_sources?filter={0}".format( - quote('name="{0}"'.format(module.params["name"])) - ) + quote('name="{0}"'.format(module.params["name"])), + ), ) if log_source_exists: - if module.params["state"] == "present": ( existing_log_source_protocol_identifier, @@ -178,8 +177,7 @@ def main(): set_log_source_values(module, qradar_request) comparison_map = [ - existing_log_source_protocol_identifier["value"] - == module.params["identifier"], + existing_log_source_protocol_identifier["value"] == module.params["identifier"], log_source_exists[0]["name"] == module.params["name"], log_source_exists[0]["type_id"] == module.params["type_id"], to_text(log_source_exists[0]["description"]) @@ -189,17 +187,15 @@ def main(): if all(comparison_map): module.exit_json(changed=False, msg="Nothing to do.") else: - log_source_exists[0]["protocol_parameters"][ - _elspi_index - ] = module.params["protocol_parameters"][0] + log_source_exists[0]["protocol_parameters"][_elspi_index] = module.params[ + "protocol_parameters" + ][0] log_source_exists[0]["name"] = module.params["name"] log_source_exists[0]["type_id"] = module.params["type_id"] - log_source_exists[0]["description"] = module.params[ - "description" - ] + log_source_exists[0]["description"] = module.params["description"] if module.check_mode: qradar_return_data = { - "EMPTY": "IN CHECK MODE, NO TRANSACTION TOOK PLACE" + "EMPTY": "IN CHECK MODE, NO TRANSACTION TOOK PLACE", } else: code, qradar_return_data = qradar_request.create_update( @@ -209,7 +205,7 @@ def main(): module.exit_json( msg="Successfully updated log source: {0}".format( - module.params["name"] + module.params["name"], ), qradar_return_data=qradar_return_data, changed=True, @@ -218,18 +214,18 @@ def main(): if module.params["state"] == "absent": if module.check_mode: qradar_return_data = { - "EMPTY": "IN CHECK MODE, NO TRANSACTION TOOK PLACE" + "EMPTY": "IN CHECK MODE, NO TRANSACTION TOOK PLACE", } else: code, qradar_return_data = qradar_request.delete( "/api/config/event_sources/log_source_management/log_sources/{0}".format( - log_source_exists[0]["id"] - ) + log_source_exists[0]["id"], + ), ) module.exit_json( msg="Successfully deleted log source: {0}".format( - module.params["name"] + module.params["name"], ), qradar_return_data=qradar_return_data, changed=True, @@ -239,7 +235,7 @@ def main(): set_log_source_values(module, qradar_request) if module.check_mode: qradar_return_data = { - "EMPTY": "IN CHECK MODE, NO TRANSACTION TOOK PLACE" + "EMPTY": "IN CHECK MODE, NO TRANSACTION TOOK PLACE", } else: code, qradar_return_data = qradar_request.create_update( @@ -249,7 +245,7 @@ def main(): module.exit_json( msg="Successfully created log source: {0}".format( - module.params["name"] + module.params["name"], ), qradar_return_data=qradar_return_data, changed=True, diff --git a/ansible_collections/ibm/qradar/plugins/modules/qradar_log_sources_management.py b/ansible_collections/ibm/qradar/plugins/modules/qradar_log_sources_management.py index e5ba46a0b..646795cd7 100644 --- a/ansible_collections/ibm/qradar/plugins/modules/qradar_log_sources_management.py +++ b/ansible_collections/ibm/qradar/plugins/modules/qradar_log_sources_management.py @@ -4,6 +4,7 @@ from __future__ import absolute_import, division, print_function + __metaclass__ = type DOCUMENTATION = """ @@ -253,7 +254,7 @@ EXAMPLES = """ - name: "Apache HTTP Server logs" type_name: "Apache HTTP Server" description: "REPLACED Apache HTTP Server remote logs from rsyslog" - identifier: "192.0.2.1" + identifier: "192.0.2.1" # RUN output: # ----------- diff --git a/ansible_collections/ibm/qradar/plugins/modules/qradar_offense_action.py b/ansible_collections/ibm/qradar/plugins/modules/qradar_offense_action.py index 784f1e7b1..4944f4627 100644 --- a/ansible_collections/ibm/qradar/plugins/modules/qradar_offense_action.py +++ b/ansible_collections/ibm/qradar/plugins/modules/qradar_offense_action.py @@ -6,6 +6,7 @@ from __future__ import absolute_import, division, print_function + __metaclass__ = type DOCUMENTATION = """ @@ -72,8 +73,8 @@ author: Ansible Security Automation Team (@maxamillion) <https://github.com/ansi EXAMPLES = """ """ -from ansible.module_utils.basic import AnsibleModule from ansible.module_utils._text import to_text +from ansible.module_utils.basic import AnsibleModule from ansible_collections.ibm.qradar.plugins.module_utils.qradar import ( QRadarRequest, @@ -82,7 +83,6 @@ from ansible_collections.ibm.qradar.plugins.module_utils.qradar import ( def main(): - argspec = dict( # name=dict(required=False, type='str'), # id=dict(required=False, type='str'), @@ -118,7 +118,7 @@ def main(): # found_offense = qradar_request.get('/api/siem/offenses?filter={0}'.format(module.params['name'])) code, found_offense = qradar_request.get( - "/api/siem/offenses/{0}".format(module.params["id"]) + "/api/siem/offenses/{0}".format(module.params["id"]), ) if found_offense: @@ -127,43 +127,40 @@ def main(): post_strs = [] if module.params["status"] and ( - to_text(found_offense["status"]) - != to_text(module.params["status"]) + to_text(found_offense["status"]) != to_text(module.params["status"]) ): post_strs.append( - "status={0}".format(to_text(module.params["status"])) + "status={0}".format(to_text(module.params["status"])), ) if module.params["assigned_to"] and ( - to_text(found_offense["assigned_to"]) - != to_text(module.params["assigned_to"]) + to_text(found_offense["assigned_to"]) != to_text(module.params["assigned_to"]) ): post_strs.append( - "assigned_to={0}".format(module.params["assigned_to"]) + "assigned_to={0}".format(module.params["assigned_to"]), ) if module.params["closing_reason_id"] and ( - found_offense["closing_reason_id"] - != module.params["closing_reason_id"] + found_offense["closing_reason_id"] != module.params["closing_reason_id"] ): post_strs.append( "closing_reason_id={0}".format( - module.params["closing_reason_id"] - ) + module.params["closing_reason_id"], + ), ) if module.params["follow_up"] and ( found_offense["follow_up"] != module.params["follow_up"] ): post_strs.append( - "follow_up={0}".format(module.params["follow_up"]) + "follow_up={0}".format(module.params["follow_up"]), ) if module.params["protected"] and ( found_offense["protected"] != module.params["protected"] ): post_strs.append( - "protected={0}".format(module.params["protected"]) + "protected={0}".format(module.params["protected"]), ) if post_strs: @@ -175,25 +172,27 @@ def main(): qradar_return_data = qradar_request.post_by_path( "api/siem/offenses/{0}?{1}".format( - module.params["id"], "&".join(post_strs) - ) + module.params["id"], + "&".join(post_strs), + ), ) # FIXME - handle the scenario in which we can search by name and this isn't a required param anymore module.exit_json( msg="Successfully updated Offense ID: {0}".format( - module.params["id"] + module.params["id"], ), qradar_return_data=qradar_return_data, changed=True, ) else: module.exit_json( - msg="No changes necessary. Nothing to do.", changed=False + msg="No changes necessary. Nothing to do.", + changed=False, ) else: # FIXME - handle the scenario in which we can search by name and this isn't a required param anymore module.fail_json( - msg="Unable to find Offense ID: {0}".format(module.params["id"]) + msg="Unable to find Offense ID: {0}".format(module.params["id"]), ) diff --git a/ansible_collections/ibm/qradar/plugins/modules/qradar_offense_info.py b/ansible_collections/ibm/qradar/plugins/modules/qradar_offense_info.py index 1ead8a1ae..1b5ae67c7 100644 --- a/ansible_collections/ibm/qradar/plugins/modules/qradar_offense_info.py +++ b/ansible_collections/ibm/qradar/plugins/modules/qradar_offense_info.py @@ -6,6 +6,7 @@ from __future__ import absolute_import, division, print_function + __metaclass__ = type DOCUMENTATION = """ @@ -113,10 +114,10 @@ EXAMPLES = """ var: offense_list """ -from ansible.module_utils.basic import AnsibleModule from ansible.module_utils._text import to_text - +from ansible.module_utils.basic import AnsibleModule from ansible.module_utils.six.moves.urllib.parse import quote + from ansible_collections.ibm.qradar.plugins.module_utils.qradar import ( QRadarRequest, find_dict_in_list, @@ -125,7 +126,6 @@ from ansible_collections.ibm.qradar.plugins.module_utils.qradar import ( def main(): - argspec = dict( id=dict(required=False, type="int"), name=dict(required=False, type="str"), @@ -158,7 +158,7 @@ def main(): if module.params["id"]: code, offenses = qradar_request.get( - "/api/siem/offenses/{0}".format(module.params["id"]) + "/api/siem/offenses/{0}".format(module.params["id"]), ) else: @@ -166,43 +166,45 @@ def main(): if module.params["status"]: query_strs.append( - quote("status={0}".format(to_text(module.params["status"]))) + quote("status={0}".format(to_text(module.params["status"]))), ) if module.params["assigned_to"]: query_strs.append( - quote("assigned_to={0}".format(module.params["assigned_to"])) + quote("assigned_to={0}".format(module.params["assigned_to"])), ) if module.params["closing_reason_id"]: query_strs.append( quote( "closing_reason_id={0}".format( - module.params["closing_reason_id"] - ) - ) + module.params["closing_reason_id"], + ), + ), ) if module.params["follow_up"] is not None: query_strs.append( - quote("follow_up={0}".format(module.params["follow_up"])) + quote("follow_up={0}".format(module.params["follow_up"])), ) if module.params["protected"] is not None: query_strs.append( - quote("protected={0}".format(module.params["protected"])) + quote("protected={0}".format(module.params["protected"])), ) if query_strs: code, offenses = qradar_request.get( - "/api/siem/offenses?filter={0}".format("&".join(query_strs)) + "/api/siem/offenses?filter={0}".format("&".join(query_strs)), ) else: code, offenses = qradar_request.get("/api/siem/offenses") if module.params["name"]: named_offense = find_dict_in_list( - offenses, "description", module.params["name"] + offenses, + "description", + module.params["name"], ) if named_offense: offenses = named_offense diff --git a/ansible_collections/ibm/qradar/plugins/modules/qradar_offense_note.py b/ansible_collections/ibm/qradar/plugins/modules/qradar_offense_note.py index 53b6ec95c..2cda42c69 100644 --- a/ansible_collections/ibm/qradar/plugins/modules/qradar_offense_note.py +++ b/ansible_collections/ibm/qradar/plugins/modules/qradar_offense_note.py @@ -6,6 +6,7 @@ from __future__ import absolute_import, division, print_function + __metaclass__ = type DOCUMENTATION = """ @@ -53,27 +54,25 @@ EXAMPLES = """ """ from ansible.module_utils.basic import AnsibleModule - from ansible.module_utils.six.moves.urllib.parse import quote -from ansible_collections.ibm.qradar.plugins.module_utils.qradar import ( - QRadarRequest, -) + +from ansible_collections.ibm.qradar.plugins.module_utils.qradar import QRadarRequest def set_offense_values(module, qradar_request): if module.params["closing_reason"]: code, found_closing_reason = qradar_request.get( "/api/siem/offense_closing_reasons?filter={0}".format( - quote('text="{0}"'.format(module.params["closing_reason"])) - ) + quote('text="{0}"'.format(module.params["closing_reason"])), + ), ) if found_closing_reason: module.params["closing_reason_id"] = found_closing_reason[0]["id"] else: module.fail_json( "Unable to find closing_reason text: {0}".format( - module.params["closing_reason"] - ) + module.params["closing_reason"], + ), ) if module.params["status"]: @@ -81,7 +80,6 @@ def set_offense_values(module, qradar_request): def main(): - argspec = dict( # state=dict(required=False, choices=["present", "absent"], type='str', default="present"), id=dict(required=True, type="int"), @@ -104,7 +102,7 @@ def main(): "/api/siem/offenses/{0}/notes?filter={1}".format( module.params["id"], quote('note_text="{0}"'.format(module.params["note_text"])), - ) + ), ) # if module.params['state'] == 'present': @@ -115,7 +113,8 @@ def main(): note = found_notes[0] if note["note_text"] == module.params["note_text"]: module.exit_json( - msg="No changes necessary. Nothing to do.", changed=False + msg="No changes necessary. Nothing to do.", + changed=False, ) else: if module.check_mode: @@ -133,7 +132,7 @@ def main(): ) module.exit_json( msg="Successfully created Offense Note ID: {0}".format( - qradar_return_data["id"] + qradar_return_data["id"], ), qradar_return_data=qradar_return_data, changed=False, @@ -155,7 +154,7 @@ def main(): ) module.exit_json( msg="Successfully created Offense Note ID: {0}".format( - qradar_return_data["id"] + qradar_return_data["id"], ), qradar_return_data=qradar_return_data, changed=True, diff --git a/ansible_collections/ibm/qradar/plugins/modules/qradar_rule.py b/ansible_collections/ibm/qradar/plugins/modules/qradar_rule.py index f99bab134..f3f975ae0 100644 --- a/ansible_collections/ibm/qradar/plugins/modules/qradar_rule.py +++ b/ansible_collections/ibm/qradar/plugins/modules/qradar_rule.py @@ -6,6 +6,7 @@ from __future__ import absolute_import, division, print_function + __metaclass__ = type DOCUMENTATION = """ @@ -57,17 +58,15 @@ EXAMPLES = """ state: enabled """ -from ansible.module_utils.basic import AnsibleModule +import json +from ansible.module_utils.basic import AnsibleModule from ansible.module_utils.six.moves.urllib.parse import quote -from ansible_collections.ibm.qradar.plugins.module_utils.qradar import ( - QRadarRequest, -) -import json +from ansible_collections.ibm.qradar.plugins.module_utils.qradar import QRadarRequest -def main(): +def main(): argspec = dict( id=dict(required=False, type="int"), name=dict(required=False, type="str"), @@ -98,14 +97,14 @@ def main(): if module.params["id"]: code, module.params["rule"] = qradar_request.get( - "/api/analytics/rules/{0}".format(module.params["id"]) + "/api/analytics/rules/{0}".format(module.params["id"]), ) elif module.params["name"]: code, rules = qradar_request.get( "/api/analytics/rules?filter={0}".format( - quote('"{0}"'.format(module.params["name"])) - ) + quote('"{0}"'.format(module.params["name"])), + ), ) if rules: module.params["rule"] = rules[0] @@ -118,7 +117,7 @@ def main(): if module.params["id"]: module.exit_json( msg="No change needed for rule ID: {0}".format( - module.params["id"] + module.params["id"], ), qradar_return_data={}, changed=False, @@ -126,7 +125,7 @@ def main(): if module.params["name"]: module.exit_json( msg="Successfully enabled rule named: {0}".format( - module.params["name"] + module.params["name"], ), qradar_return_data={}, changed=False, @@ -137,14 +136,14 @@ def main(): qradar_return_data = qradar_request.post_by_path( "api/analytics/rules/{0}".format( - module.params["rule"]["id"] + module.params["rule"]["id"], ), data=json.dumps(module.params["rule"]), ) if module.params["id"]: module.exit_json( msg="Successfully enabled rule ID: {0}".format( - module.params["id"] + module.params["id"], ), qradar_return_data=qradar_return_data, changed=True, @@ -152,7 +151,7 @@ def main(): if module.params["name"]: module.exit_json( msg="Successfully enabled rule named: {0}".format( - module.params["name"] + module.params["name"], ), qradar_return_data=qradar_return_data, changed=True, @@ -161,14 +160,14 @@ def main(): if module.params["id"]: module.fail_json( msg="Unable to find rule ID: {0}".format( - module.params["id"] - ) + module.params["id"], + ), ) if module.params["name"]: module.fail_json( msg='Unable to find rule named: "{0}"'.format( - module.params["name"] - ) + module.params["name"], + ), ) elif module.params["state"] == "disabled": @@ -178,7 +177,7 @@ def main(): if module.params["id"]: module.exit_json( msg="No change needed for rule ID: {0}".format( - module.params["id"] + module.params["id"], ), qradar_return_data={}, changed=False, @@ -186,7 +185,7 @@ def main(): if module.params["name"]: module.exit_json( msg="Successfully enabled rule named: {0}".format( - module.params["name"] + module.params["name"], ), qradar_return_data={}, changed=False, @@ -197,14 +196,14 @@ def main(): qradar_return_data = qradar_request.post_by_path( "api/analytics/rules/{0}".format( - module.params["rule"]["id"] + module.params["rule"]["id"], ), data=json.dumps(module.params["rule"]), ) if module.params["id"]: module.exit_json( msg="Successfully disabled rule ID: {0}".format( - module.params["id"] + module.params["id"], ), qradar_return_data=qradar_return_data, changed=True, @@ -212,7 +211,7 @@ def main(): if module.params["name"]: module.exit_json( msg="Successfully disabled rule named: {0}".format( - module.params["name"] + module.params["name"], ), qradar_return_data=qradar_return_data, changed=True, @@ -221,25 +220,25 @@ def main(): if module.params["id"]: module.fail_json( msg="Unable to find rule ID: {0}".format( - module.params["id"] - ) + module.params["id"], + ), ) if module.params["name"]: module.fail_json( msg='Unable to find rule named: "{0}"'.format( - module.params["name"] - ) + module.params["name"], + ), ) elif module.params["state"] == "absent": if module.params["rule"]: code, qradar_return_data = qradar_request.delete( - "/api/analytics/rules/{0}".format(module.params["rule"]["id"]) + "/api/analytics/rules/{0}".format(module.params["rule"]["id"]), ) if module.params["id"]: module.exit_json( msg="Successfully deleted rule ID: {0}".format( - module.params["id"] + module.params["id"], ), qradar_return_data=qradar_return_data, changed=True, @@ -247,7 +246,7 @@ def main(): if module.params["name"]: module.exit_json( msg="Successfully deleted rule named: {0}".format( - module.params["name"] + module.params["name"], ), qradar_return_data=qradar_return_data, changed=True, diff --git a/ansible_collections/ibm/qradar/plugins/modules/qradar_rule_info.py b/ansible_collections/ibm/qradar/plugins/modules/qradar_rule_info.py index d5c92453a..833e7584f 100644 --- a/ansible_collections/ibm/qradar/plugins/modules/qradar_rule_info.py +++ b/ansible_collections/ibm/qradar/plugins/modules/qradar_rule_info.py @@ -6,6 +6,7 @@ from __future__ import absolute_import, division, print_function + __metaclass__ = type DOCUMENTATION = """ @@ -70,17 +71,14 @@ EXAMPLES = """ var: custom_ddos_rule_info """ -from ansible.module_utils.basic import AnsibleModule from ansible.module_utils._text import to_text - +from ansible.module_utils.basic import AnsibleModule from ansible.module_utils.six.moves.urllib.parse import quote -from ansible_collections.ibm.qradar.plugins.module_utils.qradar import ( - QRadarRequest, -) +from ansible_collections.ibm.qradar.plugins.module_utils.qradar import QRadarRequest -def main(): +def main(): argspec = dict( id=dict(required=False, type="int"), name=dict(required=False, type="str"), @@ -91,7 +89,9 @@ def main(): type="str", ), origin=dict( - required=False, choices=["SYSTEM", "OVERRIDE", "USER"], type="str" + required=False, + choices=["SYSTEM", "OVERRIDE", "USER"], + type="str", ), ) @@ -105,7 +105,7 @@ def main(): if module.params["id"]: code, rules = qradar_request.get( - "/api/analytics/rules/{0}".format(module.params["id"]) + "/api/analytics/rules/{0}".format(module.params["id"]), ) else: @@ -113,12 +113,12 @@ def main(): if module.params["name"]: query_strs.append( - quote('name="{0}"'.format(to_text(module.params["name"]))) + quote('name="{0}"'.format(to_text(module.params["name"]))), ) if module.params["owner"]: query_strs.append( - quote("owner={0}".format(module.params["owner"])) + quote("owner={0}".format(module.params["owner"])), ) if module.params["type"]: @@ -126,12 +126,12 @@ def main(): if module.params["origin"]: query_strs.append( - quote("origin={0}".format(module.params["origin"])) + quote("origin={0}".format(module.params["origin"])), ) if query_strs: code, rules = qradar_request.get( - "/api/analytics/rules?filter={0}".format("&".join(query_strs)) + "/api/analytics/rules?filter={0}".format("&".join(query_strs)), ) else: code, rules = qradar_request.get("/api/analytics/rules") diff --git a/ansible_collections/ibm/qradar/plugins/modules/rule.py b/ansible_collections/ibm/qradar/plugins/modules/rule.py index f99bab134..f3f975ae0 100644 --- a/ansible_collections/ibm/qradar/plugins/modules/rule.py +++ b/ansible_collections/ibm/qradar/plugins/modules/rule.py @@ -6,6 +6,7 @@ from __future__ import absolute_import, division, print_function + __metaclass__ = type DOCUMENTATION = """ @@ -57,17 +58,15 @@ EXAMPLES = """ state: enabled """ -from ansible.module_utils.basic import AnsibleModule +import json +from ansible.module_utils.basic import AnsibleModule from ansible.module_utils.six.moves.urllib.parse import quote -from ansible_collections.ibm.qradar.plugins.module_utils.qradar import ( - QRadarRequest, -) -import json +from ansible_collections.ibm.qradar.plugins.module_utils.qradar import QRadarRequest -def main(): +def main(): argspec = dict( id=dict(required=False, type="int"), name=dict(required=False, type="str"), @@ -98,14 +97,14 @@ def main(): if module.params["id"]: code, module.params["rule"] = qradar_request.get( - "/api/analytics/rules/{0}".format(module.params["id"]) + "/api/analytics/rules/{0}".format(module.params["id"]), ) elif module.params["name"]: code, rules = qradar_request.get( "/api/analytics/rules?filter={0}".format( - quote('"{0}"'.format(module.params["name"])) - ) + quote('"{0}"'.format(module.params["name"])), + ), ) if rules: module.params["rule"] = rules[0] @@ -118,7 +117,7 @@ def main(): if module.params["id"]: module.exit_json( msg="No change needed for rule ID: {0}".format( - module.params["id"] + module.params["id"], ), qradar_return_data={}, changed=False, @@ -126,7 +125,7 @@ def main(): if module.params["name"]: module.exit_json( msg="Successfully enabled rule named: {0}".format( - module.params["name"] + module.params["name"], ), qradar_return_data={}, changed=False, @@ -137,14 +136,14 @@ def main(): qradar_return_data = qradar_request.post_by_path( "api/analytics/rules/{0}".format( - module.params["rule"]["id"] + module.params["rule"]["id"], ), data=json.dumps(module.params["rule"]), ) if module.params["id"]: module.exit_json( msg="Successfully enabled rule ID: {0}".format( - module.params["id"] + module.params["id"], ), qradar_return_data=qradar_return_data, changed=True, @@ -152,7 +151,7 @@ def main(): if module.params["name"]: module.exit_json( msg="Successfully enabled rule named: {0}".format( - module.params["name"] + module.params["name"], ), qradar_return_data=qradar_return_data, changed=True, @@ -161,14 +160,14 @@ def main(): if module.params["id"]: module.fail_json( msg="Unable to find rule ID: {0}".format( - module.params["id"] - ) + module.params["id"], + ), ) if module.params["name"]: module.fail_json( msg='Unable to find rule named: "{0}"'.format( - module.params["name"] - ) + module.params["name"], + ), ) elif module.params["state"] == "disabled": @@ -178,7 +177,7 @@ def main(): if module.params["id"]: module.exit_json( msg="No change needed for rule ID: {0}".format( - module.params["id"] + module.params["id"], ), qradar_return_data={}, changed=False, @@ -186,7 +185,7 @@ def main(): if module.params["name"]: module.exit_json( msg="Successfully enabled rule named: {0}".format( - module.params["name"] + module.params["name"], ), qradar_return_data={}, changed=False, @@ -197,14 +196,14 @@ def main(): qradar_return_data = qradar_request.post_by_path( "api/analytics/rules/{0}".format( - module.params["rule"]["id"] + module.params["rule"]["id"], ), data=json.dumps(module.params["rule"]), ) if module.params["id"]: module.exit_json( msg="Successfully disabled rule ID: {0}".format( - module.params["id"] + module.params["id"], ), qradar_return_data=qradar_return_data, changed=True, @@ -212,7 +211,7 @@ def main(): if module.params["name"]: module.exit_json( msg="Successfully disabled rule named: {0}".format( - module.params["name"] + module.params["name"], ), qradar_return_data=qradar_return_data, changed=True, @@ -221,25 +220,25 @@ def main(): if module.params["id"]: module.fail_json( msg="Unable to find rule ID: {0}".format( - module.params["id"] - ) + module.params["id"], + ), ) if module.params["name"]: module.fail_json( msg='Unable to find rule named: "{0}"'.format( - module.params["name"] - ) + module.params["name"], + ), ) elif module.params["state"] == "absent": if module.params["rule"]: code, qradar_return_data = qradar_request.delete( - "/api/analytics/rules/{0}".format(module.params["rule"]["id"]) + "/api/analytics/rules/{0}".format(module.params["rule"]["id"]), ) if module.params["id"]: module.exit_json( msg="Successfully deleted rule ID: {0}".format( - module.params["id"] + module.params["id"], ), qradar_return_data=qradar_return_data, changed=True, @@ -247,7 +246,7 @@ def main(): if module.params["name"]: module.exit_json( msg="Successfully deleted rule named: {0}".format( - module.params["name"] + module.params["name"], ), qradar_return_data=qradar_return_data, changed=True, diff --git a/ansible_collections/ibm/qradar/plugins/modules/rule_info.py b/ansible_collections/ibm/qradar/plugins/modules/rule_info.py index d5c92453a..833e7584f 100644 --- a/ansible_collections/ibm/qradar/plugins/modules/rule_info.py +++ b/ansible_collections/ibm/qradar/plugins/modules/rule_info.py @@ -6,6 +6,7 @@ from __future__ import absolute_import, division, print_function + __metaclass__ = type DOCUMENTATION = """ @@ -70,17 +71,14 @@ EXAMPLES = """ var: custom_ddos_rule_info """ -from ansible.module_utils.basic import AnsibleModule from ansible.module_utils._text import to_text - +from ansible.module_utils.basic import AnsibleModule from ansible.module_utils.six.moves.urllib.parse import quote -from ansible_collections.ibm.qradar.plugins.module_utils.qradar import ( - QRadarRequest, -) +from ansible_collections.ibm.qradar.plugins.module_utils.qradar import QRadarRequest -def main(): +def main(): argspec = dict( id=dict(required=False, type="int"), name=dict(required=False, type="str"), @@ -91,7 +89,9 @@ def main(): type="str", ), origin=dict( - required=False, choices=["SYSTEM", "OVERRIDE", "USER"], type="str" + required=False, + choices=["SYSTEM", "OVERRIDE", "USER"], + type="str", ), ) @@ -105,7 +105,7 @@ def main(): if module.params["id"]: code, rules = qradar_request.get( - "/api/analytics/rules/{0}".format(module.params["id"]) + "/api/analytics/rules/{0}".format(module.params["id"]), ) else: @@ -113,12 +113,12 @@ def main(): if module.params["name"]: query_strs.append( - quote('name="{0}"'.format(to_text(module.params["name"]))) + quote('name="{0}"'.format(to_text(module.params["name"]))), ) if module.params["owner"]: query_strs.append( - quote("owner={0}".format(module.params["owner"])) + quote("owner={0}".format(module.params["owner"])), ) if module.params["type"]: @@ -126,12 +126,12 @@ def main(): if module.params["origin"]: query_strs.append( - quote("origin={0}".format(module.params["origin"])) + quote("origin={0}".format(module.params["origin"])), ) if query_strs: code, rules = qradar_request.get( - "/api/analytics/rules?filter={0}".format("&".join(query_strs)) + "/api/analytics/rules?filter={0}".format("&".join(query_strs)), ) else: code, rules = qradar_request.get("/api/analytics/rules") |