Skip to content
This repository was archived by the owner on Feb 1, 2025. It is now read-only.

Commit 753dab5

Browse files
atif-phantomatif-phantom
committed
PAPP-4746 Added __init__.py updated the main function to new code and
other minor things.
1 parent 26c9671 commit 753dab5

File tree

4 files changed

+137
-110
lines changed

4 files changed

+137
-110
lines changed

__init__.py

+5
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
# File: __init__.py
2+
# Copyright (c) 2018 Splunk Inc.
3+
#
4+
# SPLUNK CONFIDENTIAL - Use or disclosure of this material in whole or in part
5+
# without a valid written license from Splunk Inc. is PROHIBITED.

cymon.json

+76-73
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@
1414
"min_phantom_version": "2.0.264",
1515
"publisher": "Phantom",
1616
"package_name": "phantom_cymon",
17-
"license": "Copyright (c) Phantom Cyber Corporation, 2016-2018",
17+
"license": "Copyright (c) 2016-2018 Splunk Inc.",
1818
"configuration": {
1919
"api_key": {
2020
"description": "api key",
@@ -39,23 +39,38 @@
3939
},
4040
"output": [
4141
{
42-
"data_path": "action_result.data.*.events.count",
42+
"data_path": "action_result.status",
43+
"data_type": "string"
44+
},
45+
{
46+
"data_path": "action_result.parameter.ip",
47+
"data_type": "string",
48+
"contains": [
49+
"ip"
50+
]
51+
},
52+
{
53+
"data_path": "action_result.data.*.domains.count",
4354
"data_type": "numeric"
4455
},
4556
{
46-
"data_path": "action_result.data.*.events.results.*.tag",
57+
"data_path": "action_result.data.*.domains.results.*.created",
4758
"data_type": "string"
4859
},
4960
{
50-
"data_path": "action_result.data.*.events.results.*.title",
61+
"data_path": "action_result.data.*.domains.results.*.name",
5162
"data_type": "string"
5263
},
5364
{
54-
"data_path": "action_result.data.*.events.results.*.created",
65+
"data_path": "action_result.data.*.domains.results.*.updated",
5566
"data_type": "string"
5667
},
5768
{
58-
"data_path": "action_result.data.*.events.results.*.updated",
69+
"data_path": "action_result.data.*.events.count",
70+
"data_type": "numeric"
71+
},
72+
{
73+
"data_path": "action_result.data.*.events.results.*.created",
5974
"data_type": "string"
6075
},
6176
{
@@ -67,19 +82,15 @@
6782
"data_type": "string"
6883
},
6984
{
70-
"data_path": "action_result.data.*.domains.count",
71-
"data_type": "numeric"
72-
},
73-
{
74-
"data_path": "action_result.data.*.domains.results.*.name",
85+
"data_path": "action_result.data.*.events.results.*.tag",
7586
"data_type": "string"
7687
},
7788
{
78-
"data_path": "action_result.data.*.domains.results.*.created",
89+
"data_path": "action_result.data.*.events.results.*.title",
7990
"data_type": "string"
8091
},
8192
{
82-
"data_path": "action_result.data.*.domains.results.*.updated",
93+
"data_path": "action_result.data.*.events.results.*.updated",
8394
"data_type": "string"
8495
},
8596
{
@@ -90,32 +101,21 @@
90101
"data_path": "action_result.data.*.urls.results.*.created",
91102
"data_type": "string"
92103
},
93-
{
94-
"data_path": "action_result.data.*.urls.results.*.updated",
95-
"data_type": "string"
96-
},
97104
{
98105
"data_path": "action_result.data.*.urls.results.*.location",
99106
"data_type": "string"
100107
},
101108
{
102-
"data_path": "action_result.status",
103-
"data_type": "string"
104-
},
105-
{
106-
"data_path": "action_result.message",
109+
"data_path": "action_result.data.*.urls.results.*.updated",
107110
"data_type": "string"
108111
},
109112
{
110113
"data_path": "action_result.summary.total_count",
111114
"data_type": "numeric"
112115
},
113116
{
114-
"data_path": "action_result.parameter.ip",
115-
"data_type": "string",
116-
"contains": [
117-
"ip"
118-
]
117+
"data_path": "action_result.message",
118+
"data_type": "string"
119119
}
120120
],
121121
"versions": "EQ(*)",
@@ -127,7 +127,8 @@
127127
"ip"
128128
],
129129
"required": true,
130-
"primary": true
130+
"primary": true,
131+
"order": 0
131132
}
132133
}
133134
},
@@ -145,14 +146,11 @@
145146
},
146147
"output": [
147148
{
148-
"data_path": "action_result.data.*.ips",
149-
"data_type": "string",
150-
"contains": [
151-
"ip"
152-
]
149+
"data_path": "action_result.status",
150+
"data_type": "string"
153151
},
154152
{
155-
"data_path": "action_result.data.*.name",
153+
"data_path": "action_result.parameter.domain",
156154
"data_type": "string",
157155
"contains": [
158156
"domain"
@@ -163,31 +161,34 @@
163161
"data_type": "string"
164162
},
165163
{
166-
"data_path": "action_result.data.*.sources",
167-
"data_type": "string"
164+
"data_path": "action_result.data.*.ips",
165+
"data_type": "string",
166+
"contains": [
167+
"ip"
168+
]
168169
},
169170
{
170-
"data_path": "action_result.data.*.updated",
171-
"data_type": "string"
171+
"data_path": "action_result.data.*.name",
172+
"data_type": "string",
173+
"contains": [
174+
"domain"
175+
]
172176
},
173177
{
174-
"data_path": "action_result.status",
178+
"data_path": "action_result.data.*.sources",
175179
"data_type": "string"
176180
},
177181
{
178-
"data_path": "action_result.message",
182+
"data_path": "action_result.data.*.updated",
179183
"data_type": "string"
180184
},
181185
{
182186
"data_path": "action_result.summary.domain_count",
183187
"data_type": "numeric"
184188
},
185189
{
186-
"data_path": "action_result.parameter.domain",
187-
"data_type": "string",
188-
"contains": [
189-
"domain"
190-
]
190+
"data_path": "action_result.message",
191+
"data_type": "string"
191192
}
192193
],
193194
"versions": "EQ(*)",
@@ -199,7 +200,8 @@
199200
"domain"
200201
],
201202
"required": true,
202-
"primary": true
203+
"primary": true,
204+
"order": 0
203205
}
204206
}
205207
},
@@ -229,31 +231,30 @@
229231
},
230232
"output": [
231233
{
232-
"data_path": "action_result.data.*.count",
233-
"data_type": "numeric"
234+
"data_path": "action_result.status",
235+
"data_type": "string"
234236
},
235237
{
236-
"data_path": "action_result.data.*.results.*.tag",
238+
"data_path": "action_result.parameter.hash",
237239
"data_type": "string",
238-
"column_order": 1,
239-
"column_name": "Tag"
240+
"contains": [
241+
"hash",
242+
"md5",
243+
"sha1",
244+
"sha256",
245+
"sha512"
246+
]
240247
},
241248
{
242-
"data_path": "action_result.data.*.results.*.title",
243-
"data_type": "string",
244-
"column_order": 2,
245-
"column_name": "Details"
249+
"data_path": "action_result.data.*.count",
250+
"data_type": "numeric"
246251
},
247252
{
248253
"data_path": "action_result.data.*.results.*.created",
249254
"data_type": "string",
250255
"column_order": 0,
251256
"column_name": "Date Created"
252257
},
253-
{
254-
"data_path": "action_result.data.*.results.*.updated",
255-
"data_type": "string"
256-
},
257258
{
258259
"data_path": "action_result.data.*.results.*.description",
259260
"data_type": "string"
@@ -265,27 +266,28 @@
265266
"column_name": "Details Weblink"
266267
},
267268
{
268-
"data_path": "action_result.status",
269-
"data_type": "string"
269+
"data_path": "action_result.data.*.results.*.tag",
270+
"data_type": "string",
271+
"column_order": 1,
272+
"column_name": "Tag"
270273
},
271274
{
272-
"data_path": "action_result.message",
275+
"data_path": "action_result.data.*.results.*.title",
276+
"data_type": "string",
277+
"column_order": 2,
278+
"column_name": "Details"
279+
},
280+
{
281+
"data_path": "action_result.data.*.results.*.updated",
273282
"data_type": "string"
274283
},
275284
{
276285
"data_path": "action_result.summary.total_count",
277286
"data_type": "numeric"
278287
},
279288
{
280-
"data_path": "action_result.parameter.hash",
281-
"data_type": "string",
282-
"contains": [
283-
"hash",
284-
"md5",
285-
"sha1",
286-
"sha256",
287-
"sha512"
288-
]
289+
"data_path": "action_result.message",
290+
"data_type": "string"
289291
}
290292
],
291293
"versions": "EQ(*)",
@@ -301,9 +303,10 @@
301303
"sha512"
302304
],
303305
"required": true,
304-
"primary": true
306+
"primary": true,
307+
"order": 0
305308
}
306309
}
307310
}
308311
]
309-
}
312+
}

0 commit comments

Comments
 (0)