data_models module
This module contains data classes for representing the following:
- Data models
- Alerts
- Variable containers
- General parameters
- Connector parameters
class TIPCommon.data_models.AlertCard
class
TIPCommon.data_models.AlertCard(id_: int, creation_time_unix_time_ms: int, modification_time_unix_time_ms: int, identifier: str, status: int, name: str, priority: int, workflow_status: int, sla_expiration_unix_time: int | None, sla_critical_expiration_unix_time: int | None, start_time: int, end_time: int, alert_group_identifier: str, events_count: int, title: str, rule_generator: str, device_product: str, playbook_attached: str | None, playbook_run_count: int, is_manual_alert: bool, sla: SLA, fields_groups: list[FieldsGroup], source_url: str | None, source_rule_url: str | None, siem_alert_id: str | None)
Bases: object
classmethod from_json(alert_card_json: Dict[str, Any])→ AlertCard
class TIPCommon.data_models.BaseAlert
class TIPCommon.data_models.BaseAlert(raw_data, alert_id)
Bases: object
Represents a base alert. It has the following properties:
raw_data- The raw data for the alert.alert_id- The ID of the alert.
The to_json method converts the alert to JSON format as returned from
json.loads().
Example
>>> from data_models import BaseAlert
>>> alert = BaseAlert({'foo': 'bar'}, 100)
>>> alert.raw_data
{'foo': 'bar'}
>>> alert.alert_id
100
>>> alert.to_json()
{'foo': 'bar'}
to_json()
class TIPCommon.data_models.BaseDataModel
class TIPCommon.data_models.BaseDataModel(raw_data)
Bases: object
Represents a base data model. It has the following properties:
raw_data- The raw data for the alert.
The to_json method converts the raw data to JSON format as returned from
json.loads().
Example
>>> from data_models import BaseDataModel
>>> data = BaseDataModel({'foo': 'bar'})
>>> data.raw_data
{'foo': 'bar'}
>>> data.to_json()
{'foo': 'bar'}
to_json()
class TIPCommon.data_models.CaseDataStatus
class TIPCommon.data_models.CaseDataStatus(value, names=None, *, module=None, qualname=None, type=None, start=1, boundary=None)
Bases: Enum
ALL= 3
CLOSED= 2
CREATION_PENDING= 5
MERGED= 4
NEW= 0
OPENED= 1
class TIPCommon.data_models.CaseDetails
class
class TIPCommon.data_models.CaseDetails(id_: int, creation_time_unix_time_ms: int, modification_time_unix_time_ms: int, name: str, priority: int, is_important: bool, is_incident: bool, start_time_unix_time_ms: int, end_time_unix_time_ms: int, assigned_user: str, description: str | None, is_test_case: bool, type_: int, stage: str, environment: str, status: CaseDataStatus, incident_id: int | None, tags: list[str], alerts: list[AlertCard], is_overflow_case: bool, is_manual_case: bool, sla_expiration_unix_time: int | None, sla_critical_expiration_unix_time: int | None, stage_sla_expiration_unix_time_ms: int | None, stage_sla__critical_expiration_unix_time_in_ms: int | None, can_open_incident: bool, sla:SLA, stage_sla: SLA)
Bases: object
classmethod from_json
classmethod from_json(case_details_json: Dict[str, Any])→ CaseDetails
class TIPCommon.data_models.ConnectorParamTypes
class TIPCommon.data_models.ConnectorParamTypes(value, names=None, *, module=None, qualname=None, type=None, start=1, boundary=None)
Bases: Enum
Represents the types of connector parameters. Possible values are:
BOOLEANINTEGERSTRINGPASSWORDIPHOSTURLDOMAINEMAILSCRIPT: Script parameter (legacy).NULL
BOOLEAN= 0
DOMAIN= 7
EMAIL= 8
HOST= 5
INTEGER= 1
IP= 4
NULL= -1
PASSWORD= 3
SCRIPT= 12
STRING= 2
URL= 6
class TIPCommon.data_models.ConnectorParameter
class TIPCommon.data_models.ConnectorParameter(raw_param)
Bases: Parameter
Represents a connector parameter. It has the following properties:
name– The name of the parameter.value– The value of the parameter.type– The type of the parameter (according toConnectorParamTypes).mode– The mode of the parameter.is_mandatory– Whether the parameter is mandatory.
Example
>>> from data_models import ConnectorParameter, ConnectorParamTypes
>>> p = ConnectorParameter({
'param_name': 'api_root',
'type': ConnectorParamTypes.STRING,
'param_value': 'http://foo.bar',
'is_mandatory': True,
'mode': 0
})
>>> print(p)
ConnectorParameter(name='api_root', value='http://foo.bar', type=2, mode=0, is_mandatory=True)
property is_mandatory
property mode
property name
property type
property value
class TIPCommon.data_models.Container
Bases: object
Represents a container for variables.
Example
>>> from data_models import Container
>>> container = Container()
>>> container.one = 1
>>> container.one
1
class TIPCommon.data_models.FieldGroupItem
class TIPCommon.data_models.FieldGroupItem(original_name: str, name: str, value: str)
Bases: object
classmethod from_json(field_group_json: Dict[str, Any])→ FieldGroupItem
class TIPCommon.data_models.FieldsGroup
class TIPCommon.data_models.FieldsGroup(order: int, group_name: str, is_integration: bool, is_highlight: bool, items: list[[FieldGroupItem]])
Bases: object
classmethod from_json(field_group_json: Dict[str, Any])→ FieldsGroup
class TIPCommon.data_models.JobParamType
class TIPCommon.data_models.JobParamType(value, names=None, *, module=None, qualname=None, type=None, start=1, boundary=None)
Bases: Enum
BOOLEAN= 0
DOMAIN= 7
EMAIL= 8
HOST= 5
INTEGER= 1
IP= 4
NULL= -1
PASSWORD= 3
STRING= 2
URL= 6
class TIPCommon.data_models.Parameter
class TIPCommon.data_models.Parameter(raw_param)
Bases: object
A Parent class representing a parameter. It has the following properties:
raw_data– The raw data for the parameter.
Example
>>> from data_models import Parameter
>>> p = Parameter({'foo': 'bar'})
>>> print(p)
Parameter(raw_data={'foo': 'bar'})
property raw_data
class TIPCommon.data_models.SLA
class TIPCommon.data_models.SLA(sla_expiration_time: int | None, critical_expiration_time: int | None, expiration_status: int, remaining_time_since_last_pause: int | None)
Bases: object