Merge pull request #107 from intezer/modify/change-var-name

modify/change-var-name
intezer · Jul 24, 2023 · 8be48e7 · 8be48e7
2 parents 312de31 + 3a06700
commit 8be48e7
Show file tree

Hide file tree

Showing 4 changed files with 9 additions and 7 deletions.
diff --git a/README.md b/README.md
@@ -17,6 +17,8 @@ Currently, the following options are available in the SDK:
 - IOCs, Dynamic TTPs and Capabilities
 - Strings related samples
 - Search a family
+- Ingest an alert from any source
+- Ingest a raw email alert (.msg or .eml file)
 
 ## Installation
 

diff --git a/intezer_sdk/__init__.py b/intezer_sdk/__init__.py
@@ -1 +1 @@
-__version__ = '1.18.3'
+__version__ = '1.18.4'
diff --git a/intezer_sdk/alerts.py b/intezer_sdk/alerts.py
@@ -227,7 +227,7 @@ def send(cls,
 
     @classmethod
     def send_phishing_email(cls,
-                            raw_alert: BinaryIO,
+                            raw_email: BinaryIO,
                             api: IntezerApiClient = None,
                             environment: Optional[str] = None,
                             default_verdict: Optional[str] = None,
@@ -238,7 +238,7 @@ def send_phishing_email(cls,
         """
         Send an alert for further investigation using the Intezer Analyze API.
 
-        :param raw_alert: The raw alert data.
+        :param raw_email: The raw alert data.
         :param api: The API connection to Intezer.
         :param environment: The environment of the alert.
         :param default_verdict: The default verdict to send the alert with.
@@ -250,12 +250,12 @@ def send_phishing_email(cls,
                  resulting alert object will be initialized with the alert triage data.
         """
         _api = IntezerApi(api or get_global_api())
-        if not bool(raw_alert.getvalue()):
+        if not bool(raw_email.getvalue()):
             raise ValueError('alert cannot be empty')
 
         send_alert_params = dict(
-            alert=raw_alert,
-            file_name=cls._parse_alert_id_from_alert_stream(raw_alert),
+            alert=raw_email,
+            file_name=cls._parse_alert_id_from_alert_stream(raw_email),
             alert_source='phishing_emails',
             environment=environment,
             display_fields=','.join(['sender', 'received', 'subject', 'message_id', 'to']),

diff --git a/tests/unit/test_alerts.py b/tests/unit/test_alerts.py
@@ -111,7 +111,7 @@ def test_ingest_binary_alert_success(self):
                      status=HTTPStatus.OK,
                      json={'result': True, 'alert_id': alert_id})
             # Act
-            alert = Alert.send_phishing_email(raw_alert=raw_alert,
+            alert = Alert.send_phishing_email(raw_email=raw_alert,
                                               alert_sender='alert_sender')
 
             # Assert