This function gets a category name (From CustomLists in the Siemplify settings) and returns True (Boolean) if any of the entities in the scope is in that category (an entity is considered in the category if its identifier is listed with this category in the Siemplify settings on the CustomLists table).
NOTE: The Environment is added implicitly from the alert’s environment! 

result = siemplify.any_entity_in_custom_list("BlackListed IPs")

Parameters:

Param Name Param Type Possible Values Comments Mandatory Parameter
category_name string “BlackListed IPs” the custom list category Yes

Return Type 

Boolean

Example:

Input: Explicitly, category_name. Implicitly, entities via scope.

In the example above, if the IP “1.2.3.4” is part of the action’s scope, the following code will return True (Boolean):

Sample Code 1 
from SiemplifyAction import SiemplifyAction 
siemplify = SiemplifyAction() 
result = siemplify.any_entity_in_custom_list("BlackListed IPs")
Sample Code 2 
from SiemplifyAction import SiemplifyAction 
siemplify = SiemplifyAction() 
result = siemplify.any_entity_in_custom_list("Executive IPs")
Result Behavior 
Sample Code 1 _result_ is True. However, Sample Code 2 result is False.
Result Value 
True/False