· 8 years ago · Jan 25, 2018, 03:36 PM
1#!/usr/bin/env python
2
3import os
4from datetime import datetime, date, timedelta
5import subprocess
6import pyjq
7import pandas as pd
8
9# Initializes the variables for the directories
10HomeDir = "Users/kiya/Downloads/"
11ScriptDir = HomeDir + "pan-python-0.12.0 2"
12ResultDir = HomeDir + "techscroll/"
13
14# Create the dates
15ToDay = datetime.now().strftime('%Y%m%d')
16# checkDATE = (date.today() - timedelta(1)).strfttime('%Y%m%d')
17ResultFile = "Test"
18CheckDATE = "2015-10-01"
19NOWDATE = "2015-10-02"
20
21secretkey = 'fa7ac362-413c-465b-9192-cb1e8fbf6111'
22
23
24progToRun = 'python ' + ScriptDir + '/bin/panafapi.py -K ' + secretkey + ' --samples -j -r "{\\"query\\":{\\"operator\\":\\"all\\",\\"children\\":[{\\"field\\":\\"alias.ip_address\\",\\"operator\\":\\"contains\\",\\"value\\":\\"' + ResultFile + '\\"},{\\"operator\\":\\"any\\",\\"children\\":[{\\"field\\":\\"sample.update_date\\",\\"operator\\":\\"is in the range\\",\\"value\\":[\\"' + CheckDATE + 'T00:00:00\\",\\"' + NOWDATE + 'T23:59:59\\"]},{\\"field\\":\\"sample.create_date\\",\\"operator\\":\\"is in the range\\",\\"value\\":[\\"' + CheckDATE + 'T00:00:00\\",\\"' + NOWDATE + 'T23:59:59\\"]},{\\"operator\\":\\"any\\",\\"children\\":[{\\"field\\":\\"sample.malware\\",\\"operator\\":\\"is\\",\\"value\\":1},{\\"field\\":\\"sample.malware\\",\\"operator\\":\\"is\\",\\"value\\":4}]}]}]},\\"scope\\":\\"global\\",\\"size\\":1,\\"from\\":0,\\"sort\\":{\\"create_date\\":{\\"order\\":\\"desc\\"}}}" > ' + ResultDir + 'srciplist-' + ToDay + '.json'
25
26
27# Run the panafpi
28subprocess.check_output(progToRun, shell=True)
29
30# Using pyjq to filter
31filteredResultData = pyjq.all('.hits[]._source | .create_date + "," + .sha256')
32
33# Save the JSON file to comma-separated file
34pd.to_csv(ResultDir + "/srciplist-" + ToDay + ".csv", sep=",")