From 0b25c0a004116be6f59a6455d84182c2a26bd753 Mon Sep 17 00:00:00 2001 From: ballaswetha <42162271+ballaswetha@users.noreply.github.com> Date: Mon, 1 Apr 2019 13:26:31 +0800 Subject: [PATCH] Update run_simulation_yaml.py The slack alerting code was not working as there was a confusion between the variable named json and module named json. I replaced the variable with json_data which fixed the issue. The code is still commented out. --- run_simulation_yaml.py | 26 ++++++++++++++++---------- 1 file changed, 16 insertions(+), 10 deletions(-) diff --git a/run_simulation_yaml.py b/run_simulation_yaml.py index a7ac2e4..c8202a4 100644 --- a/run_simulation_yaml.py +++ b/run_simulation_yaml.py @@ -128,11 +128,12 @@ def run_uuid(ioc_filename): logging.info(data) write_row(time_to_log, rule_name, action, mitre_phase, mitre_tech, windows) - ''' # if you want to post to slack uncomment this and set the slack hook above - json = {'text': "Automated Purple Team --> Simulation: {} | Action: {} | Host: {} | Execution Time: {} UTC".format(rule_name,action,windows,datetime.datetime.utcnow())} - post_to_slack(hook,json) ''' + json_data = {'text': "Automated Purple Team --> Simulation: {} | Action: {} | Host: {} | Execution Time: {} UTC".format(rule_name,action,windows,datetime.datetime.utcnow())} + post_to_slack(hook,json_data) + ''' + time.sleep(randint(2, 30)) except Exception as e: print(e) @@ -150,11 +151,12 @@ def run_uuid(ioc_filename): data = json.dumps({'time': time_to_log, 'rule_name': rule_name, 'action': action, 'mitre_attack_phase': mitre_phase, 'mitre_attack_technique': mitre_tech, 'host': osx}) logging.info(data) write_row(time_to_log, rule_name, action, mitre_phase, mitre_tech, osx) + ''' - # if you want to post to slack uncomment this and set the slack hook above - json = {'text': "Automated Purple Team --> Simulation: {} | Action: {} | Host: {} | Execution Time: {} UTC".format(rule_name,action,osx,datetime.datetime.utcnow())} - post_to_slack(hook,json) + json_data = {'text': "Automated Purple Team --> Simulation: {} | Action: {} | Host: {} | Execution Time: {} UTC".format(rule_name,action,osx,datetime.datetime.utcnow())} + post_to_slack(hook,json_data) ''' + time.sleep(randint(2, 30)) except Exception as e: print(e) @@ -172,11 +174,13 @@ def run_uuid(ioc_filename): data = json.dumps({'time': time_to_log, 'rule_name': rule_name, 'action': action, 'mitre_attack_phase': mitre_phase, 'mitre_attack_technique': mitre_tech, 'host': linux}) logging.info(data) write_row(time_to_log, rule_name, action, mitre_phase, mitre_tech, linux) + ''' # if you want to post to slack uncomment this and set the slack hook above - json = {'text': "Automated Purple Team --> Simulation: {} | Action: {} | Host: {} | Execution Time: {} UTC".format(rule_name,action,osx,datetime.datetime.utcnow())} - post_to_slack(hook,json) + json_data = {'text': "Automated Purple Team --> Simulation: {} | Action: {} | Host: {} | Execution Time: {} UTC".format(rule_name,action,osx,datetime.datetime.utcnow())} + post_to_slack(hook,json_data) ''' + time.sleep(randint(2, 30)) except Exception as e: print(e) @@ -194,11 +198,13 @@ def run_uuid(ioc_filename): data = json.dumps({'time': time_to_log, 'rule_name': rule_name, 'action': action, 'mitre_attack_phase': mitre_phase, 'mitre_attack_technique': mitre_tech, 'host': kali}) logging.info(data) write_row(time_to_log, rule_name, action, mitre_phase, mitre_tech, kali) + ''' #if you want to post to slack uncomment this and set the slack hook above - #json = {'text': "Automated Purple Team --> Simulation: {} | Action: {} | Host: {} | Execution Time: {} UTC".format(rule_name,action,osx,datetime.datetime.utcnow())} - #post_to_slack(hook,json) + json_data = {'text': "Automated Purple Team --> Simulation: {} | Action: {} | Host: {} | Execution Time: {} UTC".format(rule_name,action,osx,datetime.datetime.utcnow())} + post_to_slack(hook,json_data) ''' + time.sleep(randint(2, 30)) except Exception as e: print(e)