Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[RST CLOUD] Connector Updates. New RST WHOIS API Connector #3443

Open
wants to merge 7 commits into
base: master
Choose a base branch
from
Open

[RST CLOUD] Connector Updates. New RST WHOIS API Connector #3443

wants to merge 7 commits into from
+1,162 −604

Conversation

k1r10n
Copy link
Contributor

@k1r10n k1r10n commented Feb 18, 2025

Updates to RST Threat Feed, Report Hub, IoC Lookup, Noise Control, added a new RST WHOIS API connector

Proposed changes

  • Added a new RST WHOIS API connector.
  • Added the ability to download hourly feeds for the RST Threat Feed Connector (also, 4h and 12h options available).
  • Added the ability to download feeds separately per indicator type: ip, domain, url, hash (RST Threat Feed Connector).
  • Added a filter to prevent the creation of unwanted labels for a report (RST Report Hub Connector).
  • Added a switch to control the detection flag for data from the RST Report Hub Connector.
  • Removed filtering at a connector level for Noise Control as it is now a part of the OpenCTI itself
  • Fixes and stability enhancements to the RST IoC Lookup and RST Noise Control Connectors.

Related issues

Checklist

  • I consider the submitted work as finished
  • I tested the code for its functionality using different use cases
  • I added/update the relevant documentation (either on github or on notion)
  • Where necessary I refactored code to improve the overall quality

Further comments

@romain-filigran romain-filigran added this to the PRs backlog milestone Feb 18, 2025
@k1r10n
Copy link
Contributor Author

k1r10n commented Feb 25, 2025

the formatting seems ok to me. please indicate what should we fix.

locally
isort --profile black --check . -v

gives
SUCCESS: /github/opencti-connectors/external-import/rst-threat-feed/src/main.py Everything Looks Good!

@helene-nguyen
Copy link
Member

@k1r10n Thank you for adding this !

Black and isort have made an update recently, could you please ensure that you have the last version of these dependencies ?

@helene-nguyen helene-nguyen self-assigned this Feb 28, 2025
@helene-nguyen helene-nguyen added the community use to identify PR from community label Feb 28, 2025
@k1r10n
Copy link
Contributor Author

k1r10n commented Feb 28, 2025

@helene-nguyen thanks. Can you please suggest which versions should I use?
mine are: black-25.1.0 and isort-6.0.1

tried these versions as well https://github.com/OpenCTI-Platform/connectors/blob/master/ci-requirements.txt
isort == 6.0.0
black == 25.1.0
pytest == 8.3.3

@helene-nguyen
Copy link
Member

It should be good with these versions, did you rebase master as well ?

@k1r10n
Copy link
Contributor Author

k1r10n commented Feb 28, 2025

Maybe, to save time, just tell me which import lines to swap to meet the checks. I think that would be easier than setting up venv environments to find the right version. Thanks!

@k1r10n
Copy link
Contributor Author

k1r10n commented Mar 4, 2025

hi @helene-nguyen, isort reverts the order to the one I have now (both isort == 6.0.0 and isort == 6.0.1).
I tried to revert to the formatting of changed import to mimic as it was in the main branch before this PR but also this also did not help

isort -v --profile black src/main.py

             _                 _
            (_) ___  ___  _ __| |_
            | |/ _/ / _ \/ '__  _/
            | |\__ \/\_\/| |  | |_
            |_|\___/\___/\_/   \_/

  isort your imports, so you don't have to.

                VERSION 6.0.0

else-type place_module for os returned STDLIB
else-type place_module for sys returned STDLIB
else-type place_module for time returned STDLIB
else-type place_module for traceback returned STDLIB
from-type place_module for datetime returned STDLIB
from-type place_module for typing returned STDLIB
else-type place_module for stix2 returned THIRDPARTY
else-type place_module for yaml returned THIRDPARTY
from-type place_module for pycti returned THIRDPARTY
from-type place_module for rstcloud returned FIRSTPARTY

             _                 _
            (_) ___  ___  _ __| |_
            | |/ _/ / _ \/ '__  _/
            | |\__ \/\_\/| |  | |_
            |_|\___/\___/\_/   \_/

  isort your imports, so you don't have to.

                VERSION 6.0.1

else-type place_module for os returned STDLIB
else-type place_module for sys returned STDLIB
else-type place_module for time returned STDLIB
else-type place_module for traceback returned STDLIB
from-type place_module for datetime returned STDLIB
from-type place_module for typing returned STDLIB
else-type place_module for stix2 returned THIRDPARTY
else-type place_module for yaml returned THIRDPARTY
from-type place_module for pycti returned THIRDPARTY
from-type place_module for rstcloud returned FIRSTPARTY

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@helene-nguyen helene-nguyen helene-nguyen left review comments

At least 1 approving review is required to merge this pull request.

Assignees

@helene-nguyen helene-nguyen

Labels
community use to identify PR from community
Projects
None yet
Milestone
PRs backlog
Development

Successfully merging this pull request may close these issues.
3 participants
@k1r10n @helene-nguyen @romain-filigran