templates_sample.py

"""
This example demonstrates template operations with the Flowintel API wrapper.
"""
from pathlib import Path

from pyflowintel import PyFlowintel
from pyflowintel.commons.utils import pretty_json, read_json


def main():
    with PyFlowintel.from_config() as flowintel_client:
        print("Loading suspicious login template...")
        template_file = Path(__file__).parent / "templates" / "suspicious_login_template.json"
        template_data = read_json(str(template_file))
        
        case_temp_creation = flowintel_client.templates.create_case_template(template_data)
        template_id = case_temp_creation.get("template_id")
        print(f"Case template created:")
        pretty_json(case_temp_creation)
     
        if template_id:
            print(f"\nCreating case from template {template_id}...")
            new_case = flowintel_client.templates.create_case_from_template(
                template_id=template_id,
                case_title="Suspicious Login - user: john.doe - IP: 185.220.101.46"
            )
            case_id = new_case.get('case_id')
            print(f"Case created: {new_case}")

            print(f"\nGetting case template {template_id}...")
            template_details = flowintel_client.templates.find_case_temp_by_id(template_id)
            pretty_json(template_details)

            print(f"Title of template {template_id}: {flowintel_client.templates.get_case_template_title(template_id)}")
            print(f"Title of template 300000: {flowintel_client.templates.get_case_template_title(300000)}")

            # Cleanup: delete created resources
            if case_id:
                print(f"\nDeleting case {case_id}...")
                response = flowintel_client.cases.delete(case_id)
                pretty_json(response)

            print(f"\nDeleting case template {template_id}...")
            del_resp = flowintel_client.templates.delete_case(template_id, delete_tasks=True)
            pretty_json(del_resp)


if __name__ == "__main__":
    main()