build: exclude requests lib

- use splunk built-in, maybe useful for certifi cacert.pem style: add path instead of __init__.py style: remove shebang (not meant to be executed by generic python)
2023-02-08 10:06:21 +00:00 · 2023-02-08 10:06:21 +00:00 · f624f1fee7
parent 3a288d036b
commit f624f1fee7
9 changed files with 30 additions and 40 deletions
--- a/bin/init.py
+++ b/bin/init.py
--- a/bin/getbotnetfilter.py
+++ b/bin/getbotnetfilter.py
@ -1,5 +1,3 @@
-#!/usr/bin/env python
-
 """
 Get lookup csv from botnet-filter
 Usage: "| getbotnetfilter | outputlookup override_if_empty=false botnet-filter-splunk.csv"
@ -8,9 +6,11 @@ Usage: "| getbotnetfilter | outputlookup override_if_empty=false botnet-filter-s
 import sys
 from os import path

+sys.path.insert(0, path.join(path.dirname(__file__)))
+from utils import Utility
+
 sys.path.insert(0, path.join(path.dirname(__file__), "..", "lib"))
 from splunklib.searchcommands import Configuration, GeneratingCommand, Option, dispatch
-from utils import Utility

 DOWNLOAD_URL = (
    "https://malware-filter.gitlab.io/malware-filter/botnet-filter-splunk.csv"
@ -32,5 +32,4 @@ class GetBotnetFilter(Utility, GeneratingCommand):
            yield self.gen_record(**row)


-if __name__ == "__main__":
-    dispatch(GetBotnetFilter, sys.argv, sys.stdin, sys.stdout, __name__)
+dispatch(GetBotnetFilter, sys.argv, sys.stdin, sys.stdout, __name__)
--- a/bin/getbotnetip.py
+++ b/bin/getbotnetip.py
@ -1,5 +1,3 @@
-#!/usr/bin/env python
-
 """
 Get botnet IPs from feodo tracker
 Usage: "| getbotnetip | outputlookup override_if_empty=false botnet_ip.csv"
@ -11,9 +9,11 @@ from datetime import datetime, timezone
 from os import path
 from re import search

+sys.path.insert(0, path.join(path.dirname(__file__)))
+from utils import Utility
+
 sys.path.insert(0, path.join(path.dirname(__file__), "..", "lib"))
 from splunklib.searchcommands import Configuration, GeneratingCommand, Option, dispatch
-from utils import Utility

 DOWNLOAD_URL = "https://feodotracker.abuse.ch/downloads/ipblocklist.csv"

@ -46,8 +46,6 @@ class GetBotnetIP(Utility, GeneratingCommand):
                row["custom_message"] = self.custom_message

            yield self.gen_record(**row)
-            break


-if __name__ == "__main__":
-    dispatch(GetBotnetIP, sys.argv, sys.stdin, sys.stdout, __name__)
+dispatch(GetBotnetIP, sys.argv, sys.stdin, sys.stdout, __name__)
--- a/bin/getopendbl.py
+++ b/bin/getopendbl.py
@ -1,5 +1,3 @@
-#!/usr/bin/env python
-
 """
 Get IP blocklists from OpenDBL
 Usage: "| getopendbl | outputlookup override_if_empty=false opendbl_ip.csv"
@ -11,11 +9,12 @@ from datetime import datetime, timezone
 from os import path
 from re import search

-sys.path.insert(0, path.join(path.dirname(__file__), "..", "lib"))
-
-from splunklib.searchcommands import Configuration, GeneratingCommand, Option, dispatch
+sys.path.insert(0, path.join(path.dirname(__file__)))
 from utils import Utility

+sys.path.insert(0, path.join(path.dirname(__file__), "..", "lib"))
+from splunklib.searchcommands import Configuration, GeneratingCommand, Option, dispatch
+
 OPENDBL_LIST = {
    "Emerging Threats: Known Compromised Hosts": "etknown.list",
    "TOR exit nodes": "tor-exit.list",
@ -75,5 +74,4 @@ class GetOpenDBL(Utility, GeneratingCommand):
                yield self.gen_record(**row)


-if __name__ == "__main__":
-    dispatch(GetOpenDBL, sys.argv, sys.stdin, sys.stdout, __name__)
+dispatch(GetOpenDBL, sys.argv, sys.stdin, sys.stdout, __name__)
--- a/bin/getphishingfilter.py
+++ b/bin/getphishingfilter.py
@ -1,5 +1,3 @@
-#!/usr/bin/env python
-
 """
 Get lookup csv from phishing-filter
 Usage: "| getphishingfilter | outputlookup override_if_empty=false phishing-filter-splunk.csv"
@ -8,9 +6,11 @@ Usage: "| getphishingfilter | outputlookup override_if_empty=false phishing-filt
 import sys
 from os import path

+sys.path.insert(0, path.join(path.dirname(__file__)))
+from utils import Utility
+
 sys.path.insert(0, path.join(path.dirname(__file__), "..", "lib"))
 from splunklib.searchcommands import Configuration, GeneratingCommand, Option, dispatch
-from utils import Utility

 DOWNLOAD_URL = (
    "https://malware-filter.gitlab.io/malware-filter/phishing-filter-splunk.csv"
@ -39,5 +39,4 @@ class GetPhishingFilter(Utility, GeneratingCommand):
            yield self.gen_record(**affixed_row)


-if __name__ == "__main__":
-    dispatch(GetPhishingFilter, sys.argv, sys.stdin, sys.stdout, __name__)
+dispatch(GetPhishingFilter, sys.argv, sys.stdin, sys.stdout, __name__)
--- a/bin/getpupfilter.py
+++ b/bin/getpupfilter.py
@ -1,5 +1,3 @@
-#!/usr/bin/env python
-
 """
 Get lookup csv from pup-filter
 Usage: "| getpupfilter | outputlookup override_if_empty=false pup-filter-splunk.csv"
@ -8,9 +6,11 @@ Usage: "| getpupfilter | outputlookup override_if_empty=false pup-filter-splunk.
 import sys
 from os import path

+sys.path.insert(0, path.join(path.dirname(__file__)))
+from utils import Utility
+
 sys.path.insert(0, path.join(path.dirname(__file__), "..", "lib"))
 from splunklib.searchcommands import Configuration, GeneratingCommand, Option, dispatch
-from utils import Utility

 DOWNLOAD_URL = "https://malware-filter.gitlab.io/malware-filter/pup-filter-splunk.csv"

@ -35,5 +35,4 @@ class GetPupFilter(Utility, GeneratingCommand):
            yield self.gen_record(**affixed_row)


-if __name__ == "__main__":
-    dispatch(GetPupFilter, sys.argv, sys.stdin, sys.stdout, __name__)
+dispatch(GetPupFilter, sys.argv, sys.stdin, sys.stdout, __name__)
--- a/bin/geturlhausfilter.py
+++ b/bin/geturlhausfilter.py
@ -1,5 +1,3 @@
-#!/usr/bin/env python
-
 """
 Get lookup csv from urlhaus-filter
 Usage: "| geturlhausfilter | outputlookup override_if_empty=false urlhaus-filter-splunk-online.csv"
@ -8,9 +6,11 @@ Usage: "| geturlhausfilter | outputlookup override_if_empty=false urlhaus-filter
 import sys
 from os import path

+sys.path.insert(0, path.join(path.dirname(__file__)))
+from utils import Utility
+
 sys.path.insert(0, path.join(path.dirname(__file__), "..", "lib"))
 from splunklib.searchcommands import Configuration, GeneratingCommand, Option, dispatch
-from utils import Utility

 DOWNLOAD_URL = (
    "https://malware-filter.gitlab.io/malware-filter/urlhaus-filter-splunk-online.csv"
@ -38,5 +38,4 @@ class GetUrlhausFilter(Utility, GeneratingCommand):
            yield self.gen_record(**affixed_row)


-if __name__ == "__main__":
-    dispatch(GetUrlhausFilter, sys.argv, sys.stdin, sys.stdout, __name__)
+dispatch(GetUrlhausFilter, sys.argv, sys.stdin, sys.stdout, __name__)
--- a/bin/getvnbadsitefilter.py
+++ b/bin/getvnbadsitefilter.py
@ -1,5 +1,3 @@
-#!/usr/bin/env python
-
 """
 Get lookup csv from vn-badsite-filter
 Usage: "| getvnbadsitefilter | outputlookup override_if_empty=false vn-badsite-filter-splunk.csv"
@ -8,9 +6,11 @@ Usage: "| getvnbadsitefilter | outputlookup override_if_empty=false vn-badsite-f
 import sys
 from os import path

+sys.path.insert(0, path.join(path.dirname(__file__)))
+from utils import Utility
+
 sys.path.insert(0, path.join(path.dirname(__file__), "..", "lib"))
 from splunklib.searchcommands import Configuration, GeneratingCommand, Option, dispatch
-from utils import Utility

 DOWNLOAD_URL = (
    "https://malware-filter.gitlab.io/malware-filter/vn-badsite-filter-splunk.csv"
@ -38,5 +38,4 @@ class GetVNBadsiteFilter(Utility, GeneratingCommand):
            yield self.gen_record(**affixed_row)


-if __name__ == "__main__":
-    dispatch(GetVNBadsiteFilter, sys.argv, sys.stdin, sys.stdout, __name__)
+dispatch(GetVNBadsiteFilter, sys.argv, sys.stdin, sys.stdout, __name__)
--- a/build.py
+++ b/build.py
@ -74,8 +74,7 @@ check_call(
        "pip",
        "install",
        "--quiet",
-        "-r",
-        "requirements.txt",
+        "splunk-sdk == 1.*",
        "-t",
        "lib",
        "--upgrade",