Spaces:
Sleeping
Sleeping
Create app.py
Browse files
app.py
ADDED
|
@@ -0,0 +1,115 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
+
from fastapi import FastAPI, Request
|
| 2 |
+
from huggingface_hub import InferenceClient
|
| 3 |
+
import json
|
| 4 |
+
|
| 5 |
+
app = FastAPI()
|
| 6 |
+
|
| 7 |
+
HF_API_KEY = os.getenv("HF_API_KEY") # π₯ No Hardcoded Keys!
|
| 8 |
+
|
| 9 |
+
# β
Set up Hugging Face Inference Client
|
| 10 |
+
client = InferenceClient(
|
| 11 |
+
provider="hf-inference",
|
| 12 |
+
api_key=HF_API_KEY # Use the key from environment
|
| 13 |
+
)
|
| 14 |
+
|
| 15 |
+
# β
Tag descriptions (helps model understand each tag's meaning)
|
| 16 |
+
TAGS_DESCRIPTION = """
|
| 17 |
+
IPWhitelisting: Adding IP addresses into Okta Security Networks fields if blocked.
|
| 18 |
+
AppLocker: Used when adding hashes to allow execution of applications (AppLocker or CrowdStrike).
|
| 19 |
+
ADSecurityGroup: Removing a user from an AD Security group to stop or allow access.
|
| 20 |
+
AttachmentRelease: Releasing an attachment if password protected.
|
| 21 |
+
EmailWhitelisting: Allowing emails through ProofPoint or Checkpoint for delivery.
|
| 22 |
+
AppAssignment: Adding a user to an Application.
|
| 23 |
+
chatops:mfa-bypass: Automates MFA AD group changes or Requests from the bypass MFA.
|
| 24 |
+
VM: Removing hosts from Nessus or decommissioning hosts from tracking in nessus and tenable or All requests for tenable and nessus.
|
| 25 |
+
PhishingReport: When a user submits a phishing report or Email investigation or Email Analysis.
|
| 26 |
+
GenericInformation: Generic tickets assigned to SecOps.
|
| 27 |
+
PasswordReset: When a ticket needs Okta or AD password reset.
|
| 28 |
+
KeeperAccounts: Issues with Keeper Password Manager accounts.
|
| 29 |
+
MemberIssues: Investigating possible security issues with Member accounts.
|
| 30 |
+
ADPassword: AD password issues, including resets.
|
| 31 |
+
OktaMFAResets: Okta MFA resets performed by Security or Requests for MFA reset.
|
| 32 |
+
Zscaler: Issues related to Zscaler security or Domain/URL allow requests or Domain/URL block requests.
|
| 33 |
+
chatops:cs-usb: Automates individual USB whitelisting.
|
| 34 |
+
USBDeviceControl: Requests for workstation USB whitelisting.
|
| 35 |
+
Imperva: Issues related to Imperva and CDN security.
|
| 36 |
+
"""
|
| 37 |
+
|
| 38 |
+
|
| 39 |
+
# β
Function to summarize & assign a single tag
|
| 40 |
+
def analyze_ticket(title, body):
|
| 41 |
+
messages = [
|
| 42 |
+
{"role": "system",
|
| 43 |
+
"content": "You are an AI that summarizes security tickets and assigns a single most relevant tag based on "
|
| 44 |
+
"the title and body."},
|
| 45 |
+
{"role": "user", "content": f"Title: {title}\nBody: {body}\n\n"
|
| 46 |
+
"### TASK 1: Summarization\nSummarize the ticket body in 1-2 sentences.\n\n"
|
| 47 |
+
"### TASK 2: Tagging\nChoose the **one best tag** from this list that matches the "
|
| 48 |
+
"ticket:\n "
|
| 49 |
+
f"{TAGS_DESCRIPTION}\n\n"
|
| 50 |
+
"Return output in JSON format with keys: 'summary' (ticket summary) and 'tag' ("
|
| 51 |
+
"best matching tag)."}
|
| 52 |
+
]
|
| 53 |
+
|
| 54 |
+
completion = client.chat.completions.create(
|
| 55 |
+
model="mistralai/Mistral-7B-Instruct-v0.3",
|
| 56 |
+
messages=messages,
|
| 57 |
+
max_tokens=200
|
| 58 |
+
)
|
| 59 |
+
|
| 60 |
+
# β
Parse JSON response
|
| 61 |
+
try:
|
| 62 |
+
response = json.loads(completion.choices[0].message.content.strip())
|
| 63 |
+
except json.JSONDecodeError:
|
| 64 |
+
response = {"summary": "Could not generate summary", "tag": "Unknown"}
|
| 65 |
+
|
| 66 |
+
return response
|
| 67 |
+
|
| 68 |
+
|
| 69 |
+
# β
API Endpoint to accept input from Tines
|
| 70 |
+
@app.post("/process-ticket/")
|
| 71 |
+
async def process_ticket(request: Request):
|
| 72 |
+
data = await request.json()
|
| 73 |
+
|
| 74 |
+
# β
Extract input fields
|
| 75 |
+
ticket_id = data.get("id", "No ID")
|
| 76 |
+
title = data.get("title", "No Title")
|
| 77 |
+
body = data.get("body", "No Body")
|
| 78 |
+
|
| 79 |
+
# β
Get AI-generated summary & tag
|
| 80 |
+
result = analyze_ticket(title, body)
|
| 81 |
+
|
| 82 |
+
# β
Return response including ID
|
| 83 |
+
return {
|
| 84 |
+
"id": ticket_id, # β
Keep original ID
|
| 85 |
+
"summary": result["summary"],
|
| 86 |
+
"tag": result["tag"]
|
| 87 |
+
}
|
| 88 |
+
|
| 89 |
+
# def process_input_file(filename):
|
| 90 |
+
# try:
|
| 91 |
+
# with open(filename, "r", encoding="utf-8") as file:
|
| 92 |
+
# data = json.load(file) # β
Load JSON file
|
| 93 |
+
#
|
| 94 |
+
# title = data.get("title", "No Title")
|
| 95 |
+
# body = data.get("body", "No Body")
|
| 96 |
+
#
|
| 97 |
+
# # β
Get AI-generated summary & tag
|
| 98 |
+
# result = analyze_ticket(title, body)
|
| 99 |
+
#
|
| 100 |
+
# return result # β
Returns {'summary': "...", 'tag': "..."}
|
| 101 |
+
#
|
| 102 |
+
# except FileNotFoundError:
|
| 103 |
+
# print(f"β Error: The file '{filename}' was not found.")
|
| 104 |
+
# return {"error": "File not found"}
|
| 105 |
+
#
|
| 106 |
+
# except json.JSONDecodeError:
|
| 107 |
+
# print(f"β Error: The file '{filename}' contains invalid JSON.")
|
| 108 |
+
# return {"error": "Invalid JSON format"}
|
| 109 |
+
#
|
| 110 |
+
#
|
| 111 |
+
# # β
Load input from `input.json`
|
| 112 |
+
# output = process_input_file("input.json")
|
| 113 |
+
#
|
| 114 |
+
# # β
Print the output
|
| 115 |
+
# print(json.dumps(output, indent=2))
|