#!/usr/bin/env python

"""
Get lookup csv from botnet-filter
Usage: "| getbotnetfilter | outputlookup override_if_empty=false botnet-filter-splunk.csv"
"""

import sys
from os import path

sys.path.insert(0, path.join(path.dirname(__file__), "..", "lib"))
from splunklib.searchcommands import Configuration, GeneratingCommand, Option, dispatch
from utils import Utility

DOWNLOAD_URL = (
    "https://malware-filter.gitlab.io/malware-filter/botnet-filter-splunk.csv"
)


@Configuration()
class GetBotnetFilter(Utility, GeneratingCommand):
    """Defines a search command that generates event records"""

    custom_message = Option(name="message")

    def generate(self):
        dl_csv = self.download(DOWNLOAD_URL)
        for row in self.csv_reader(dl_csv):
            if isinstance(self.custom_message, str) and len(self.custom_message) >= 1:
                row["custom_message"] = self.custom_message

            yield self.gen_record(**row)


if __name__ == "__main__":
    dispatch(GetBotnetFilter, sys.argv, sys.stdin, sys.stdout, __name__)