%20(1)-x8Y.png)
add_alert_entities_to_custom_list
This function gets a category name (From CustomLists in the Siemplify
settings) and returns a list of objects of type
CustomList (Refer to the
SiemplifyDataModel for more info) for any of the entities in the scope that
were added to the chosen category.
NOTE: The Environment is added implicitly from the alert’s environment!
result = siemplify.add_alert_entities_to_custom_list("WhiteListed HOSTs")Parameters:
| Param Name | Param Type | Possible Values | Comments | Mandatory Parameter |
|---|---|---|---|---|
| category_name | string | “CustomList” | the custom list category | Yes |
Return Type
ListExample:
Input: Explicitly, category_name. Implicitly, entities via scope.
Let’s assume this is the state of the CustomList table prior to the function call, and let’s assume the scope of the action has a single entity, “GOOGLE.COM”
Running add_alert_entities_to_custom_list will result in a list of “CustomList” objects and a configuration change in the settings. Running the following code we get:
Sample Code
from SiemplifyAction import SiemplifyAction
siemplify = SiemplifyAction()
result = siemplify.add_alert_entities_to_custom_list("WhiteListed HOSTs")
Result Behavior
Adds the "Whitelisted HOSTs" category.
Result Value
[<SiemplifyDataModel.CustomList object at 0x0000000003476E10>, <SiemplifyDataModel.CustomList object at 0x0000000003476B00>]