adjusts to default domain reputation visualizer + analyzers urls and …

…abstractmethods (intelowlproject#2250)

* little adjusts

* adjust

* refactored base_url in url to enable healthchecks

* adjust

* added update abstract method

* added logging of intel_owl package

api_app/analyzers_manager/observable_analyzers/auth0.py

@@ -9,13 +9,17 @@
 
 class Auth0(classes.ObservableAnalyzer):
     name: str = "Auth0"
-    base_url: str = "https://signals.api.auth0.com/v2.0/ip"
+    url: str = "https://signals.api.auth0.com/v2.0/ip"
 
     _api_key_name: str
 
+    @classmethod
+    def update(cls) -> bool:
+        pass
+
     def run(self):
         headers = {"X-Auth-Token": self._api_key_name}
-        url = f"{self.base_url}/{self.observable_name}"
+        url = f"{self.url}/{self.observable_name}"
         response = requests.get(url, headers=headers)
         response.raise_for_status()
 

api_app/analyzers_manager/observable_analyzers/binaryedge.py

@@ -10,10 +10,14 @@
 
 
 class BinaryEdge(classes.ObservableAnalyzer):
-    base_url: str = "https://api.binaryedge.io/v2/query/"
+    url: str = "https://api.binaryedge.io/v2/query/"
 
     _api_key_name: str
 
+    @classmethod
+    def update(cls) -> bool:
+        pass
+
     def config(self, runtime_configuration: Dict):
         super().config(runtime_configuration)
         self.headers = {"X-Key": self._api_key_name}
@@ -23,12 +27,12 @@ def run(self):
         if self.observable_classification == self.ObservableTypes.IP:
             try:
                 response_recent_ip_info = requests.get(
-                    self.base_url + "ip/" + self.observable_name, headers=self.headers
+                    self.url + "ip/" + self.observable_name, headers=self.headers
                 )
                 response_recent_ip_info.raise_for_status()
 
                 response_query_ip = requests.get(
-                    self.base_url + "search?query=ip:" + self.observable_name,
+                    self.url + "search?query=ip:" + self.observable_name,
                     headers=self.headers,
                 )
                 response_query_ip.raise_for_status()
@@ -43,7 +47,7 @@ def run(self):
         elif self.observable_classification == self.ObservableTypes.DOMAIN:
             try:
                 response_domain_report = requests.get(
-                    self.base_url + "domains/subdomain/" + self.observable_name,
+                    self.url + "domains/subdomain/" + self.observable_name,
                     headers=self.headers,
                 )
                 results = response_domain_report.json()

api_app/analyzers_manager/observable_analyzers/censys.py

@@ -18,7 +18,7 @@ class Censys(classes.ObservableAnalyzer):
     def update(self):
         pass
 
-    base_url = "https://search.censys.io/api/v2"
+    url = "https://search.censys.io/api/v2"
 
     censys_analysis: str
     _api_id_name: str
@@ -33,7 +33,7 @@ def run(self):
                 "Supported is IP"
             )
         response = requests.get(
-            self.base_url + uri,
+            self.url + uri,
             auth=(self._api_id_name, self._api_secret_name),
             headers={
                 "Accept": "application/json",

api_app/analyzers_manager/observable_analyzers/checkphish.py

@@ -11,8 +11,8 @@
 
 
 class CheckPhish(classes.ObservableAnalyzer):
-    base_url: str = "https://developers.checkphish.ai/api/neo/scan"
-    status_url: str = base_url + "/status"
+    url: str = "https://developers.checkphish.ai/api/neo/scan"
+    status_url: str = url + "/status"
 
     polling_tries: int
     polling_time: float
@@ -25,7 +25,7 @@ def run(self):
             "urlInfo": {"url": self.observable_name},
         }
 
-        response = requests.post(CheckPhish.base_url, json=json_data)
+        response = requests.post(CheckPhish.url, json=json_data)
         response.raise_for_status()
 
         job_id = response.json().get("jobID")

api_app/analyzers_manager/observable_analyzers/crowdsec.py

@@ -10,13 +10,14 @@
 
 class Crowdsec(ObservableAnalyzer):
     _api_key_name: str
+    url: str = "https://cti.api.crowdsec.net"
 
     def run(self):
         headers = {
             "x-api-key": self._api_key_name,
             "User-Agent": f"crowdsec-intelowl/{settings.VERSION}",
         }
-        url = f"https://cti.api.crowdsec.net/v2/smoke/{self.observable_name}"
+        url = f"{self.url}/v2/smoke/{self.observable_name}"
         response = requests.get(url, headers=headers)
         if response.status_code == 404:
             result = {"not_found": True}

api_app/analyzers_manager/observable_analyzers/crxcavator.py

@@ -10,11 +10,15 @@
 
 class CRXcavator(classes.ObservableAnalyzer):
     name: str = "CRXcavator"
-    base_url: str = "https://api.crxcavator.io/v1/report/"
+    url: str = "https://api.crxcavator.io/v1/report/"
+
+    @classmethod
+    def update(cls) -> bool:
+        pass
 
     def run(self):
         try:
-            response = requests.get(self.base_url + self.observable_name)
+            response = requests.get(self.url + self.observable_name)
             response.raise_for_status()
         except requests.RequestException as e:
             raise AnalyzerRunException(e)

api_app/analyzers_manager/observable_analyzers/docguard_get.py

@@ -13,10 +13,14 @@
 
 
 class DocGuard_Hash(classes.ObservableAnalyzer):
-    base_url: str = "https://api.docguard.net:8443/api/FileAnalyzing/GetByHash/"
+    url: str = "https://api.docguard.net:8443/api/FileAnalyzing/GetByHash/"
 
     _api_key_name: str
 
+    @classmethod
+    def update(cls) -> bool:
+        pass
+
     @property
     def hash_type(self):
         hash_lengths = {32: "md5", 64: "sha256"}
@@ -43,7 +47,7 @@ def run(self):
         uri = f"{self.observable_name}"
         if self.observable_classification == self.ObservableTypes.HASH:
             try:
-                response = requests.get(self.base_url + uri, headers=headers)
+                response = requests.get(self.url + uri, headers=headers)
                 response.raise_for_status()
             except requests.RequestException as e:
                 raise AnalyzerRunException(e)

api_app/analyzers_manager/observable_analyzers/emailrep.py

@@ -9,7 +9,7 @@
 
 
 class EmailRep(classes.ObservableAnalyzer):
-    base_url: str = "https://emailrep.io/{}"
+    url: str = "https://emailrep.io/{}"
 
     _api_key_name: str
 
@@ -32,7 +32,7 @@ def run(self):
                 f" Supported: generic"
             )
 
-        url = self.base_url.format(self.observable_name)
+        url = self.url.format(self.observable_name)
 
         response = requests.get(url, headers=headers)
         response.raise_for_status()

api_app/analyzers_manager/observable_analyzers/filescan_search.py

@@ -13,16 +13,20 @@
 class FileScanSearch(ObservableAnalyzer):
     """FileScan_Search analyzer"""
 
-    base_url: str = "https://www.filescan.io/api/reports/search"
+    url: str = "https://www.filescan.io/api/reports/search"
     _api_key: str
 
+    @classmethod
+    def update(cls) -> bool:
+        pass
+
     def run(self):
         """Runs the FileScan_Search analyzer"""
         observable_name_base64 = base64.b64encode(
             self.observable_name.encode()
         ).decode()
         endpoint = "?query={input}"
-        url = f"{self.base_url}/{endpoint.format(input=observable_name_base64)}"
+        url = f"{self.url}/{endpoint.format(input=observable_name_base64)}"
         try:
             response = requests.get(url, headers={"X-Api-Key": self._api_key})
             response.raise_for_status()

api_app/analyzers_manager/observable_analyzers/ha_get.py

@@ -9,9 +9,9 @@
 
 
 class HybridAnalysisGet(ObservableAnalyzer):
-    base_url: str = "https://www.hybrid-analysis.com"
-    api_url: str = f"{base_url}/api/v2/"
-    sample_url: str = f"{base_url}/sample"
+    url: str = "https://www.hybrid-analysis.com"
+    api_url: str = f"{url}/api/v2/"
+    sample_url: str = f"{url}/sample"
 
     _api_key_name: str
 

api_app/analyzers_manager/observable_analyzers/haveibeenpwned.py

@@ -8,7 +8,7 @@
 
 
 class HaveIBeenPwned(classes.ObservableAnalyzer):
-    base_url: str = "https://haveibeenpwned.com/api/v3/breachedaccount/"
+    url: str = "https://haveibeenpwned.com/api/v3/breachedaccount/"
 
     truncate_response: bool
     include_unverified: bool
@@ -26,7 +26,7 @@ def run(self):
         headers = {"hibp-api-key": self._api_key_name}
 
         response = requests.get(
-            self.base_url + self.observable_name, params=params, headers=headers
+            self.url + self.observable_name, params=params, headers=headers
         )
         response.raise_for_status()
 

api_app/analyzers_manager/observable_analyzers/honeydb.py

@@ -14,12 +14,16 @@
 
 
 class HoneyDB(classes.ObservableAnalyzer):
-    base_url = "https://honeydb.io/api"
+    url = "https://honeydb.io/api"
     # set secrets
     _api_key_name: str
     _api_id_name: str
     honeydb_analysis: str
 
+    @classmethod
+    def update(cls) -> bool:
+        pass
+
     def config(self, runtime_configuration: Dict):
         super().config(runtime_configuration)
         self.headers = {
@@ -53,15 +57,15 @@ def run(self):
 
     def _request_analysis(self, endpoint):
         if endpoint == "scan_twitter":
-            url = f"{self.base_url}/twitter-threat-feed/{self.observable_name}"
+            url = f"{self.url}/twitter-threat-feed/{self.observable_name}"
         elif endpoint == "ip_query":
-            url = f"{self.base_url}/netinfo/lookup/{self.observable_name}"
+            url = f"{self.url}/netinfo/lookup/{self.observable_name}"
         elif endpoint == "ip_history":
-            url = f"{self.base_url}/ip-history/{self.observable_name}"
+            url = f"{self.url}/ip-history/{self.observable_name}"
         elif endpoint == "internet_scanner":
-            url = f"{self.base_url}/internet-scanner/info/{self.observable_name}"
+            url = f"{self.url}/internet-scanner/info/{self.observable_name}"
         elif endpoint == "ip_info":
-            url = f"{self.base_url}/ipinfo/{self.observable_name}"
+            url = f"{self.url}/ipinfo/{self.observable_name}"
         else:
             logger.error(f"endpoint {endpoint} not supported")
             return

api_app/analyzers_manager/observable_analyzers/hunter_io.py

@@ -8,14 +8,16 @@
 
 
 class Hunter_Io(classes.ObservableAnalyzer):
-    base_url: str = "https://api.hunter.io/v2/domain-search?"
+    url: str = "https://api.hunter.io/v2/domain-search?"
 
     _api_key_name: str
 
+    @classmethod
+    def update(cls) -> bool:
+        pass
+
     def run(self):
-        url = (
-            f"{self.base_url}domain={self.observable_name}&api_key={self._api_key_name}"
-        )
+        url = f"{self.url}domain={self.observable_name}&api_key={self._api_key_name}"
         response = requests.get(url)
         response.raise_for_status()
 

api_app/analyzers_manager/observable_analyzers/inquest.py

@@ -18,7 +18,7 @@
 
 
 class InQuest(ObservableAnalyzer):
-    base_url: str = "https://labs.inquest.net"
+    url: str = "https://labs.inquest.net"
 
     _api_key_name: str
     inquest_analysis: str
@@ -104,7 +104,7 @@ def run(self):
                 "Supported are: 'dfi_search', 'iocdb_search', 'repdb_search'."
             )
 
-        response = requests.get(self.base_url + uri, headers=headers, timeout=30)
+        response = requests.get(self.url + uri, headers=headers, timeout=30)
         response.raise_for_status()
         result = response.json()
         if (

api_app/analyzers_manager/observable_analyzers/ip2location.py

@@ -9,12 +9,12 @@
 
 
 class Ip2location(classes.ObservableAnalyzer):
-    base_url: str = "https://api.ip2location.io/"
+    url: str = "https://api.ip2location.io/"
     _api_key_name: str
     api_version: str
 
     def get_response(self, payload):
-        return requests.get(self.base_url, params=payload)
+        return requests.get(self.url, params=payload)
 
     def run(self):
         try:

api_app/analyzers_manager/observable_analyzers/ipinfo.py

@@ -9,14 +9,18 @@
 
 
 class IPInfo(classes.ObservableAnalyzer):
-    base_url: str = "https://ipinfo.io/"
+    url: str = "https://ipinfo.io/"
 
     _api_key_name: str
 
+    @classmethod
+    def update(cls) -> bool:
+        pass
+
     def run(self):
         try:
             response = requests.get(
-                self.base_url + self.observable_name,
+                self.url + self.observable_name,
                 params={"token": self._api_key_name},
             )
             response.raise_for_status()

api_app/analyzers_manager/observable_analyzers/koodous.py

@@ -8,7 +8,7 @@
 
 
 class Koodous(classes.ObservableAnalyzer):
-    base_url: str = "https://developer.koodous.com/apks/"
+    url: str = "https://developer.koodous.com/apks/"
     query_analysis = "/analysis"
 
     _api_key_name: str
@@ -19,7 +19,7 @@ def get_response(self, url):
         )
 
     def run(self):
-        common_url = self.base_url + self.observable_name
+        common_url = self.url + self.observable_name
 
         apk_info = self.get_response(common_url)
         apk_info.raise_for_status()

api_app/analyzers_manager/observable_analyzers/mnemonic_pdns.py

@@ -10,16 +10,16 @@
 
 
 class MnemonicPassiveDNS(classes.ObservableAnalyzer):
-    base_url: str = "https://api.mnemonic.no/pdns/v3/"
+    url: str = "https://api.mnemonic.no/pdns/v3/"
 
     cof_format: bool
     limit: int
 
     def run(self):
         if self.cof_format:
-            self.base_url += "cof/"
+            self.url += "cof/"
         response = requests.get(
-            self.base_url + self.observable_name, data={"limit": self.limit}
+            self.url + self.observable_name, data={"limit": self.limit}
         )
         response.raise_for_status()