Skip to main content

New content is constantly being added to MSV as new malware, attack methods, etc. are discovered by Google.  As such, customers would like to be able to quickly get information on the new content without having to go to the library and filter down to the new actions.  This code will pull all of the actions added to MSV since a specific date.  The code looks at a JSON file to get the start date information.  This could easily be replaced with a variable passed into the method.  


Enjoy!


def getNewActions():
#Read the config file - config file must be prebuilt
#Read the list of content imports
#Update the config file with the latest runtime
#Search the content imports list to see if there is new content
#Make a list of new content if it is available
#Return the list or an empty list if no new content is available

     newStuff = False
     newActions = {}
     f = open('data.json')
     configuration = json.load(f)
     f.close()
     global director_ip, session
     content_endpoint = session.get("https://" + str(director_ip) + "/settings/content_import_list.json")
     if content_endpoint.status_code != 200:
          print(f'Unable to check content import with status code {content_endpoint.status_code}')
          sys.exit(-1)
     content_imports = json.loads(content_endpoint.text)
     lastRun_timestamp = datetime.strptime(configuration['lastRun'], "%m/%d/%Y, %H:%M:%S" )
     configuration['lastRun'] = datetime.now().strftime("%m/%d/%Y, %H:%M:%S")
     configuration_string = json.dumps(configuration)
     with open("data.json", "w") as outfile:
         outfile.write(configuration_string)
     list_actions_url = str("https://" + str(director_ip) + "/manage_sims/v2/actions/library_actions_list?          page_number=1&page_size=200")
     add_on_url = ""


     for contentFile in content_imports:
          if datetime.strptime(contentFile['import_timestamp'],"%Y-%m-%d %H:%M:%S %Z") > lastRun_timestamp:
          # Build a list of the new content packs and set flag that there's new stuff
               newStuff = True
               add_on_url = add_on_url + "&content_set_ids[]=" + str(contentFile['id']) + "%7Cnew"

     if newStuff:
          print("New Content Found")
     response = session.get(list_actions_url + add_on_url)
     if response.status_code != 200:
          print('Unable to get new action information from the director.')
          sys.exit(-1)
     listOfActions = json.loads(response.text)
     totalActions = listOfActions['actions']
     for myActions in totalActions:
          #build the final list of actions
          response = session.get("https://" + str(director_ip) + "/manage_sims/actions/" + myActions["vid"]+ ".json")
          if response.status_code != 200:
               print('Unable to get individual action information from the director.')
               sys.exit(-1)
          singleActionArray = json.loads(response.text)
          newActions[myActions["id"]]= singleActionArray
return newActions


The return is the full JSON of all of the new actions in MSV since the given date.


 

Be the first to reply!

Reply


Terms & ConditionsCookie settings
Privacy Policy Terms of Service Gen AI Policy Community Guidelines Cookie Settings

© 2025 Google. All rights reserved.