Hello,
i have a requirement to upload an attachment as an artifact from an external system. I've read from other posts that it cannot be done from scripts, but i found something interesting in the co3.py, in the "post_attachment" function comments:

":param data: optional dict with additional MIME parts (not required for file attachments; used in artifacts)" 

so, i tried to post an attachment using the artifact endpoint:

json={"value": "testfile.test", "type": "Malware Sample", "description": "test artifact attachment"}

upload = client.post_attachment('/incidents/{0}/artifacts/files'.format(incident_id), "testfile.test", data=json)

The result is:

Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/opt/rh/python27/root/usr/lib/python2.7/site-packages/resilient/co3.py", line 455, in post_attachment
co3_context_token, timeout)
File "/opt/rh/python27/root/usr/lib/python2.7/site-packages/resilient/co3base.py", line 328, in post_attachment
multipart_data.update(data or {})
ValueError: dictionary update sequence element #0 has length 1; 2 is required

 
Btw, It should be the same data i need to put in the interactive Rest API:

Can someone send me an example of  what i need to put inside the artifact json data array?

Thanks,

Manuel.

------------------------------
Manuel Marchese
Vantea Smart
Milan
------------------------------

Hi Manuel,

Have you taken a look at the fn_utilities package from the AppExchange...the source is available for quick inspection in github:

https://github.com/ibmresilient/resilient-community-apps/tree/master/fn_utilities/fn_utilities/components

We have a number of functions that manipulate files.  I think you may be interested in Attachment to Base64
(utilities_attachment_to_base64.py) and another that converts a Base64 string to an artifact (utilities_base64_to_artifact.py).

Let me know if this helps.

AnnMarie Norcross






------------------------------
AnnMarie Norcross
------------------------------

Original Message:
Sent: Mon June 03, 2019 11:50 AM
From: Manuel Marchese
Subject: Creating artifacts attachments with an API call

Hello,
i have a requirement to upload an attachment as an artifact from an external system. I've read from other posts that it cannot be done from scripts, but i found something interesting in the co3.py, in the "post_attachment" function comments:

":param data: optional dict with additional MIME parts (not required for file attachments; used in artifacts)" 

so, i tried to post an attachment using the artifact endpoint:

json={"value": "testfile.test", "type": "Malware Sample", "description": "test artifact attachment"}

upload = client.post_attachment('/incidents/{0}/artifacts/files'.format(incident_id), "testfile.test", data=json)

The result is:

Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/opt/rh/python27/root/usr/lib/python2.7/site-packages/resilient/co3.py", line 455, in post_attachment
co3_context_token, timeout)
File "/opt/rh/python27/root/usr/lib/python2.7/site-packages/resilient/co3base.py", line 328, in post_attachment
multipart_data.update(data or {})
ValueError: dictionary update sequence element #0 has length 1; 2 is required

 
Btw, It should be the same data i need to put in the interactive Rest API:

Uploads an attachment as an artifact. The artifact JSON data must be included in the "artifact" form data field." 

Can someone send me an example of  what i need to put inside the artifact json data array?

Thanks,

Manuel.

------------------------------
Manuel Marchese
Vantea Smart
Milan
------------------------------