From 2cc6e82da5d10d4ed9306e005b79217662361e31 Mon Sep 17 00:00:00 2001 From: Danny Elliott Date: Wed, 27 Sep 2023 13:57:02 -0300 Subject: [PATCH] allow host address input in MS Graph configuration --- .../azure_sentinel/configuration/config.json | 5 +++++ .../azure_sentinel/stix_transmission/api_client.py | 4 ++-- .../azure_sentinel/stix_transmission/connector.py | 3 +-- 3 files changed, 8 insertions(+), 4 deletions(-) diff --git a/stix_shifter_modules/azure_sentinel/configuration/config.json b/stix_shifter_modules/azure_sentinel/configuration/config.json index 517150201..667bf753b 100644 --- a/stix_shifter_modules/azure_sentinel/configuration/config.json +++ b/stix_shifter_modules/azure_sentinel/configuration/config.json @@ -4,6 +4,11 @@ "displayName": "Microsoft Graph Security", "group": "microsoft" }, + "host": { + "type": "text", + "regex": "^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9_:/\\-]*[a-zA-Z0-9])\\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9_:/\\-]*[A-Za-z0-9])$", + "default": "graph.microsoft.com" + }, "port": { "type": "number", "default": 443, diff --git a/stix_shifter_modules/azure_sentinel/stix_transmission/api_client.py b/stix_shifter_modules/azure_sentinel/stix_transmission/api_client.py index c701038b2..39bcc44d8 100644 --- a/stix_shifter_modules/azure_sentinel/stix_transmission/api_client.py +++ b/stix_shifter_modules/azure_sentinel/stix_transmission/api_client.py @@ -6,11 +6,11 @@ class APIClient: """API Client to handle all calls.""" credential = None - def __init__(self, base_uri, connection, configuration): + def __init__(self, connection, configuration): """Initialization. :param connection: dict, connection dict :param configuration: dict,config dict""" - self.host = base_uri + self.host = connection['host'] self.connection = connection self.configuration = configuration self.timeout = connection['options'].get('timeout') diff --git a/stix_shifter_modules/azure_sentinel/stix_transmission/connector.py b/stix_shifter_modules/azure_sentinel/stix_transmission/connector.py index 7587bee37..bba83ebb3 100644 --- a/stix_shifter_modules/azure_sentinel/stix_transmission/connector.py +++ b/stix_shifter_modules/azure_sentinel/stix_transmission/connector.py @@ -9,7 +9,6 @@ class Connector(BaseJsonSyncConnector): api_client = None max_limit = 1000 - base_uri = 'graph.microsoft.com' # Microsoft Graph API has single endpoint DEFAULT_API_VERSION = 'v1.0' LEGACY_ALERT = 'security/alerts' ALERT_V2 = 'security/alerts_v2' @@ -22,7 +21,7 @@ def __init__(self, connection, configuration): self.connector = __name__.split('.')[1] self.connection = connection self.configuration = configuration - self.api_client = APIClient(self.base_uri, self.connection, self.configuration) + self.api_client = APIClient(self.connection, self.configuration) self.legacy_alert = connection['options'].get('alert') self.alert_v2 = connection['options'].get('alertV2')