Merge pull request #138 from intelowlproject/develop

4.1.3

Author: eshaan7

.github/CHANGELOG.md

@@ -1,5 +1,10 @@
 # Changelog
 
+## [4.1.2](https://github.com/intelowlproject/pyintelowl/releases/tag/4.1.3)
+
+- Library: `IntelOwl.ask_analysis_availability` now accepts an argument `minutes_ago`. Use to specify number of minutes to go back when searching for a previous analysis.
+- CLI: `-m/--check-minutes-ago` flag in `analyse`.
+
 ## [4.1.2](https://github.com/intelowlproject/pyintelowl/releases/tag/4.1.2)
 
 - Fix `runtime_configuration` bug in `IntelOwl.send_observable_analysis_request`

docs/conf.py

@@ -13,7 +13,7 @@
 import os
 import sys
 
-VERSION = "4.1.2"
+VERSION = "4.1.3"
 GITHUB_URL = "https://github.com/intelowlproject/pyintelowl"
 
 sys.path.append(os.path.abspath("../"))
@@ -22,7 +22,7 @@
 # -- Project information -----------------------------------------------------
 
 project = "PyIntelOwl"
-copyright = "2020, Matteo Lodi"
+copyright = "2021, Matteo Lodi"
 author = "Matteo Lodi"
 
 # The full version, including alpha/beta/rc tags

pyintelowl/cli/analyse.py

@@ -50,13 +50,22 @@
     3. 'force_new': force new analysis
     """,
     ),
+    click.option(
+        "-m",
+        "--check-minutes-ago",
+        type=int,
+        default=None,
+        help="Number of minutes ago to check for"
+        " a previous analysis. Default infinity.",
+    ),
     click.option(
         "-r",
         "--runtime-config",
         help="Path to JSON file which contains runtime_configuration.",
         type=click.Path(exists=True, resolve_path=True),
     ),
     click.option(
+        "-p",
         "--poll",
         "should_poll",
         is_flag=True,
@@ -84,6 +93,7 @@ def observable(
     tags_list: str,
     tlp: str,
     check,
+    check_minutes_ago: int,
     runtime_config,
     should_poll: bool,
 ):
@@ -105,6 +115,7 @@ def observable(
             runtime_config,
             tags_labels,
             should_poll,
+            check_minutes_ago,
         )
     except IntelOwlClientException as e:
         ctx.obj.logger.fatal(str(e))
@@ -122,6 +133,7 @@ def file(
     tags_list: str,
     tlp: str,
     check,
+    check_minutes_ago: int,
     runtime_config,
     should_poll: bool,
 ):
@@ -143,6 +155,7 @@ def file(
             runtime_config,
             tags_labels,
             should_poll,
+            check_minutes_ago,
         )
     except IntelOwlClientException as e:
         ctx.obj.logger.fatal(str(e))

pyintelowl/pyintelowl.py

@@ -99,6 +99,7 @@ def ask_analysis_availability(
         md5: str,
         analyzers: List[str] = None,
         check_reported_analysis_too: bool = False,
+        minutes_ago: int = None,
     ) -> Dict:
         """Search for already available analysis.\n
         Endpoint: ``/api/ask_analysis_availability``
@@ -110,6 +111,9 @@ def ask_analysis_availability(
             Defaults to `None` meaning automatically select all configured analyzers.
             check_reported_analysis_too (bool, optional):
             Check against all existing jobs. Defaults to ``False``.
+            minutes_ago (int, optional):
+            number of minutes to check back for analysis.
+            Default is None so the check does not have any time limits.
 
         Raises:
             IntelOwlClientException: on client/HTTP error
@@ -122,6 +126,8 @@ def ask_analysis_availability(
         data = {"md5": md5, "analyzers": analyzers}
         if not check_reported_analysis_too:
             data["running_only"] = True
+        if minutes_ago:
+            data["minutes_ago"] = int(minutes_ago)
         url = self.instance + "/api/ask_analysis_availability"
         response = self.__make_request("POST", url=url, data=data)
         answer = response.json()
@@ -503,6 +509,7 @@ def _new_analysis_cli(
         runtime_configuration: Dict = None,
         tags_labels: List[str] = None,
         should_poll: bool = False,
+        minutes_ago: int = None,
     ) -> None:
         """
         For internal use by the pyintelowl CLI.
@@ -526,8 +533,12 @@ def _new_analysis_cli(
         # 1st step: ask analysis availability
         if check != "force-new":
             md5 = self.get_md5(obj, type_=type_)
+
             resp = self.ask_analysis_availability(
-                md5, analyzers_list, True if check == "reported" else False
+                md5,
+                analyzers_list,
+                True if check == "reported" else False,
+                minutes_ago,
             )
             status, job_id = resp.get("status", None), resp.get("job_id", None)
             if status != "not_available":

pyintelowl/version.py

@@ -1 +1 @@
-__version__ = "4.1.2"
+__version__ = "4.1.3"