first sync

shuffle/functions/extensions/cortex-responders/Shuffle/requirements.txt

@@ -0,0 +1,2 @@
+cortexutils
+requests

shuffle/functions/extensions/cortex-responders/Shuffle/shuffle.json

@@ -0,0 +1,43 @@
+{
+  "name": "Shuffle",
+  "version": "1.0",
+  "author": "@frikkylikeme",
+  "url": "https://github.com/frikky/shuffle",
+  "license": "AGPL-V3",
+  "description": "Execute a workflow in Shuffle",
+  "dataTypeList": ["thehive:case", "thehive:alert", "thehive:case_artifact"],
+  "command": "Shuffle/shuffle.py",
+  "baseConfig": "Shuffle",
+  "configurationItems": [
+    {
+      "name": "url",
+      "description": "The URL to your shuffle instance",
+      "type": "string",
+      "multi": false,
+      "required": true,
+      "defaultValue": "https://shuffler.io"
+    },
+		{
+      "name": "api_key",
+      "description": "The API key to your Shuffle user",
+      "type": "string",
+      "multi": false,
+      "required": true
+    },
+    {
+      "name": "verifyssl",
+      "description": "Verify SSL certificate",
+      "type": "boolean",
+      "multi": false,
+      "required": true,
+      "defaultValue": true
+    },
+    {
+      "name": "workflow_id",
+      "description": "The ID of the workflow to execute",
+      "type": "string",
+      "multi": false,
+      "required": true
+    }
+  ]
+}

shuffle/functions/extensions/cortex-responders/Shuffle/shuffle.py

@@ -0,0 +1,27 @@
+#!/usr/bin/env python3
+#encoding: utf-8
+
+from cortexutils.responder import Responder
+import requests
+
+class Shuffle(Responder):
+   def __init__(self):
+      Responder.__init__(self)
+      self.api_key = self.get_param("config.api_key", "")
+      self.url = self.get_param("config.url", "")
+      self.workflow_id = self.get_param("config.workflow_id", "")
+      self.verify = self.get_param('config.verifyssl', True, None)
+
+   def run(self):
+      Responder.run(self)
+      parsed_url = "%s/api/v1/workflows/%s/execute" % (self.url, self.workflow_id)
+      headers = {
+         "Authorization": "Bearer %s"  % self.api_key,
+         "User-Agent": "Cortex-Analyzer"
+      }
+      requests.post(parsed_url, headers=headers,verify=self.verify)
+
+      self.report({'message': 'message sent'})
+
+if __name__ == '__main__':
+    Shuffle().run()