Skip to content

Enhance OTXv2 usability with improved .getall() docstring and API key… #78

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Enhance OTXv2 usability with improved .getall() docstring and API key… #78

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
38 changes: 35 additions & 3 deletions OTXv2.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -98,10 +98,14 @@ def __init__(
user_agent=None, verify=True, cert=None
):
self.key = api_key
# Validates API Key length and hexadecimal format
if not isinstance(api_key, str) or len(api_key) != 64 or not all(c in '0123456789abcdefABCDEF' for c in api_key):
raise ValueError(f"Invalid API key: '{api_key}'. Must be a 64-character hexadecimal string.")

self.server = server
self.verify = verify
self.cert = cert

self.proxies = {}
if proxy:
self.proxies['http'] = proxy
Expand Down Expand Up @@ -386,12 +390,40 @@ def walkapi(self, url, iter=False, max_page=None, max_items=None, method='GET',

def getall(self, modified_since=None, author_name=None, limit=50, max_page=None, max_items=None, iter=False):
"""
Get all pulses user is subscribed to.
Get all pulses the user is subscribed to.
:param modified_since: datetime object representing earliest date you want returned in results
:param author_name: Name of pulse author to limit results to
:param limit: The page size to retrieve in a single request
:return: the consolidated set of pulses for the user
:return:
:list or iterator: If iter=False, a list of pulse dicts; if iter=True, an iterator over pulses.
:list:
- id (str): Pulse identifier (24-char hex)
- name (str): Pulse name
- description (str, optional): Pulse description
- author_name (str): Author’s username
- public (str): Defaults to 'True'
- revision (int): Revision number
- adversary (str, optional): Adversary name
- industries (list): List of industries
- tlp (str): Traffic Light Protocol (lowercase: 'white', 'green', etc.)
- tags (list): List of tags
- created (str): ISO timestamp
- modified (str): ISO timestamp
- references (list): External references
- targeted_countries (list): Country codes/names
- indicators (list): List of indicator dicts with:
- id (str): Numeric string (can exceed 32-bit int)
- indicator (str): IOC value
- type (str): Indicator type (e.g., 'IPv4')
- title (str, optional)
- description (str, optional)
- created (str): ISO timestamp
- is_active (int): 0 or 1
- content (str, optional)
- expiration (str, optional)
- role (str, optional)
"""

args = {'limit': limit}
if modified_since is not None:
if isinstance(modified_since, (datetime.datetime, datetime.date)):
Expand Down