in elkserver/docker/redelk-base/redelkinstalldata/scripts/modules/enrich_domainscategorization/module.py [0:0]
def check_domains(self, domains):
"""Check the domains categorization"""
# bluecoat = Bluecoat()
ibmxforce = IBMXForce()
mcafee = MCafee()
vt = VT() # pylint: disable=invalid-name
checked_domains = {}
for domain in domains:
checked_domains[domain] = {
"categorization": {
"engines": {},
"categories": [],
"categories_str": "",
}
}
# Loop through all enabled engines and check the domain
for engine in self.enabled_engines:
try:
self.logger.debug("Checking %s with %s", domain, engine)
if engine == "vt":
result = copy.deepcopy(vt.check_domain(domain))
elif engine == "ibmxforce":
result = copy.deepcopy(ibmxforce.check_domain(domain))
elif engine == "mcafee":
result = copy.deepcopy(mcafee.check_domain(domain))
# elif engine == "bluecoat":
# result = copy.deepcopy(bluecoat.check_domain(domain))
else:
self.logger.error("Unknown engine: %s", engine)
except Exception as err: # pylint: disable=broad-except
self.logger.error(
"Error checking domain %s with %s: %s", domain, engine, err
)
result = {
"categories": [],
"extra_data": {},
}
checked_domains[domain]["categorization"]["engines"][engine] = {
"categories": result["categories"],
"extra_data": result["extra_data"],
}
checked_domains[domain]["categorization"]["categories"].extend(
result["categories"]
)
checked_domains[domain]["categorization"][
"categories_str"
] += f"{engine}={','.join(result['categories'])}"
return checked_domains