Does anyone have a python example (rest API) of Attaching files to an Incident?

5. RE: Does anyone have a python example (rest API) of Attaching files to an Incident?

Like

PAUL FORMOSA

Posted Mon February 25, 2019 02:19 PM

Yongjian, I do have another related question. First some background, as part of the migration I have mapped the fields from the original incident management tool to the new fields in Resilient and I'm using the incident template function to load the incident information into Resilient (i.e. incident = client.post('/incidents', incident_template)).
Question: Is there a way to attach the file on the initial creation of the incident incident e.g. a way to add the file that you want to attach as part of the the 'incident template' definition?

------------------------------
PAUL FORMOSA
------------------------------

Original Message

Original Message:
Sent: 02-25-2019 01:48 PM
From: PAUL FORMOSA
Subject: Does anyone have a python example (rest API) of Attaching files to an Incident?

Thanks Yongjian!

------------------------------
PAUL FORMOSA

Original Message:
Sent: 02-25-2019 12:03 PM
From: Yongjian Feng
Subject: Does anyone have a python example (rest API) of Attaching files to an Incident?

Whoops, I had a typo there. The command line should be

python attach_to_inc.py -s <ip address of your resilient server> -u <user email address> -p <user password> -i <incident id> -f <filename> -o <organization> -v <False to skip https certificate validation>

------------------------------
Yongjian Feng

Original Message:
Sent: 02-25-2019 11:59 AM
From: Yongjian Feng
Subject: Does anyone have a python example (rest API) of Attaching files to an Incident?

Hello Paul,

Thanks for contacting us.

Here is a sample python script that attach a file to an existing incident, assuming you install the Resilient SDK (v29 or later) already.

To use it, download the attach_to_inc.txt, and rename it to attach_to_inc.py. Then run it from an terminal

python attach-to_inc.py -s <ip address of your resilient server> -u <user email address> -p <user password> -i <incident id> -f <filename> -o <organization> -v <False to skip https certificate validation>

Please note this is only a sample script. It did not run through any QA.

Thanks,

Yongjian Feng

------------------------------
Yongjian Feng

Original Message:
Sent: 02-25-2019 10:41 AM
From: PAUL FORMOSA
Subject: Does anyone have a python example (rest API) of Attaching files to an Incident?

We are migrating incidents from another incident management tool to Resilient. Does anyone have an example of python using the rest API to attach a file to an incident? We have the attachments by incident number in a windows directory structure. This is a one off event for us, so we're not looking for something perfect, just functional.

------------------------------
Thanks,

Paul Formosa
------------------------------

6. RE: Does anyone have a python example (rest API) of Attaching files to an Incident?

Like

Yongjian Feng

Posted Mon February 25, 2019 02:38 PM

You want a single API call that can create the incident and attach a file at the same time?

Not sure whether it is possible. But this can be done in two consecutive API calls normally. The return of the first call (to create an incident) is a json dictionary of the created incident. And the "id" field of this dict is the incident index. You can just use that value to attach a file.

------------------------------
Yongjian Feng
------------------------------

Original Message

Original Message:
Sent: 02-25-2019 02:18 PM
From: PAUL FORMOSA
Subject: Does anyone have a python example (rest API) of Attaching files to an Incident?

Yongjian, I do have another related question. First some background, as part of the migration I have mapped the fields from the original incident management tool to the new fields in Resilient and I'm using the incident template function to load the incident information into Resilient (i.e. incident = client.post('/incidents', incident_template)).
Question: Is there a way to attach the file on the initial creation of the incident incident e.g. a way to add the file that you want to attach as part of the the 'incident template' definition?

------------------------------
PAUL FORMOSA

Original Message:
Sent: 02-25-2019 01:48 PM
From: PAUL FORMOSA
Subject: Does anyone have a python example (rest API) of Attaching files to an Incident?

Thanks Yongjian!

------------------------------
PAUL FORMOSA

Original Message:
Sent: 02-25-2019 12:03 PM
From: Yongjian Feng
Subject: Does anyone have a python example (rest API) of Attaching files to an Incident?

Whoops, I had a typo there. The command line should be

python attach_to_inc.py -s <ip address of your resilient server> -u <user email address> -p <user password> -i <incident id> -f <filename> -o <organization> -v <False to skip https certificate validation>

------------------------------
Yongjian Feng

Original Message:
Sent: 02-25-2019 11:59 AM
From: Yongjian Feng
Subject: Does anyone have a python example (rest API) of Attaching files to an Incident?

Hello Paul,

Thanks for contacting us.

Here is a sample python script that attach a file to an existing incident, assuming you install the Resilient SDK (v29 or later) already.

To use it, download the attach_to_inc.txt, and rename it to attach_to_inc.py. Then run it from an terminal

python attach-to_inc.py -s <ip address of your resilient server> -u <user email address> -p <user password> -i <incident id> -f <filename> -o <organization> -v <False to skip https certificate validation>

Please note this is only a sample script. It did not run through any QA.

Thanks,

Yongjian Feng

------------------------------
Yongjian Feng

Original Message:
Sent: 02-25-2019 10:41 AM
From: PAUL FORMOSA
Subject: Does anyone have a python example (rest API) of Attaching files to an Incident?

We are migrating incidents from another incident management tool to Resilient. Does anyone have an example of python using the rest API to attach a file to an incident? We have the attachments by incident number in a windows directory structure. This is a one off event for us, so we're not looking for something perfect, just functional.

------------------------------
Thanks,

Paul Formosa
------------------------------

7. RE: Does anyone have a python example (rest API) of Attaching files to an Incident?

Like

PAUL FORMOSA

Posted Mon February 25, 2019 03:08 PM

Thanks. I'll give that a try.

------------------------------
PAUL FORMOSA
------------------------------

Original Message

Original Message:
Sent: 02-25-2019 02:37 PM
From: Yongjian Feng
Subject: Does anyone have a python example (rest API) of Attaching files to an Incident?

You want a single API call that can create the incident and attach a file at the same time?

Not sure whether it is possible. But this can be done in two consecutive API calls normally. The return of the first call (to create an incident) is a json dictionary of the created incident. And the "id" field of this dict is the incident index. You can just use that value to attach a file.

------------------------------
Yongjian Feng

Original Message:
Sent: 02-25-2019 02:18 PM
From: PAUL FORMOSA
Subject: Does anyone have a python example (rest API) of Attaching files to an Incident?

Yongjian, I do have another related question. First some background, as part of the migration I have mapped the fields from the original incident management tool to the new fields in Resilient and I'm using the incident template function to load the incident information into Resilient (i.e. incident = client.post('/incidents', incident_template)).
Question: Is there a way to attach the file on the initial creation of the incident incident e.g. a way to add the file that you want to attach as part of the the 'incident template' definition?

------------------------------
PAUL FORMOSA

Original Message:
Sent: 02-25-2019 01:48 PM
From: PAUL FORMOSA
Subject: Does anyone have a python example (rest API) of Attaching files to an Incident?

Thanks Yongjian!

------------------------------
PAUL FORMOSA

Original Message:
Sent: 02-25-2019 12:03 PM
From: Yongjian Feng
Subject: Does anyone have a python example (rest API) of Attaching files to an Incident?

Whoops, I had a typo there. The command line should be

python attach_to_inc.py -s <ip address of your resilient server> -u <user email address> -p <user password> -i <incident id> -f <filename> -o <organization> -v <False to skip https certificate validation>

------------------------------
Yongjian Feng

Original Message:
Sent: 02-25-2019 11:59 AM
From: Yongjian Feng
Subject: Does anyone have a python example (rest API) of Attaching files to an Incident?

Hello Paul,

Thanks for contacting us.

Here is a sample python script that attach a file to an existing incident, assuming you install the Resilient SDK (v29 or later) already.

To use it, download the attach_to_inc.txt, and rename it to attach_to_inc.py. Then run it from an terminal

python attach-to_inc.py -s <ip address of your resilient server> -u <user email address> -p <user password> -i <incident id> -f <filename> -o <organization> -v <False to skip https certificate validation>

Please note this is only a sample script. It did not run through any QA.

Thanks,

Yongjian Feng

------------------------------
Yongjian Feng

Original Message:
Sent: 02-25-2019 10:41 AM
From: PAUL FORMOSA
Subject: Does anyone have a python example (rest API) of Attaching files to an Incident?

We are migrating incidents from another incident management tool to Resilient. Does anyone have an example of python using the rest API to attach a file to an incident? We have the attachments by incident number in a windows directory structure. This is a one off event for us, so we're not looking for something perfect, just functional.

------------------------------
Thanks,

Paul Formosa
------------------------------

IBM QRadar SOAR

IBM QRadar SOAR