def run()

in elkserver/docker/redelk-base/redelkinstalldata/scripts/modules/enrich_tor/module.py [0:0]

• 23 lines of code
• 3 McCabe index (conditional complexity)

    def run(self):
        """run the module"""
        ret = get_initial_alarm_result()
        ret["info"] = info

        # First check the last sync time
        now = datetime.datetime.utcnow()
        last_sync = self.get_last_sync()
        ival = datetime.timedelta(seconds=self.cache)
        last_sync_max = now - ival

        should_sync = last_sync < last_sync_max

        if should_sync:
            self.logger.info(
                "Tor cache expired, fetching latest exit nodes list. Will skip enrichment (will be run next time)"
            )
            iplist = self.sync_tor_exitnodes()
        else:
            iplist = self.get_es_tor_exitnodes()

        if iplist:
            hits = self.enrich_tor(iplist)
            ret["hits"]["hits"] = hits
            ret["hits"]["total"] = len(hits)

        self.logger.info(
            "finished running module. result: %s hits", ret["hits"]["total"]
        )
        return ret