Hugging Face's logo

Spaces:
subhamb04
/
actionable
Sleeping

App Files Community
actionable / playbook.py
subhamb04's picture
subhamb04
Upload folder using huggingface_hub
ddd9009 verified
raw
history blame contribute delete
639 Bytes
 def run_playbook(alert):
action = alert.get("Action", "").lower()
ip = alert.get("Source IP", "Unknown")
if "block ip" in action:
return f"πŸ”’ Simulated: Blocking IP {ip} in firewall"
elif "quarantine" in action:
return f"πŸ›‘οΈ Simulated: Quarantining host {ip} via EDR"
elif "escalate" in action or "alert" in action:
return f"πŸ“’ Simulated: Escalating alert for {ip} to Tier-2 SOC"
elif "no action" in action or "benign" in action:
return f"βœ… Simulated: No action needed for {ip}"
else:
return f"βš™οΈ Simulated: Generic action executed for {ip}"