Clear old notifications. Working on update to v3 API

crowdfms.py

@@ -8,7 +8,7 @@
 import thread
 import time
 
-from lib.core import funct_parse_rule_actions, func_pull_feed, func_to_epoch, func_download_sample, func_set_api_key, funct_run_rule_action
+from lib.core import funct_parse_rule_actions, func_pull_feed, func_to_epoch, func_download_sample, func_set_api_key, funct_run_rule_action, func_delete_notif
 from lib.objects import sample
 from lib.db import db_shutdown
 
@@ -39,12 +39,19 @@ def loop_pull_feed():
 	global LOOP_TIME
 
 	rule_actions = funct_parse_rule_actions()
+	vtIDS = []
 
 	json_notif_feed = func_pull_feed(API_KEY)
 	if (json_notif_feed == 0):
 		print "Problem pulling feed.  Sleeping..."
 		return
 
+	# Notification Purge
+	for vt_notif in json_notif_feed["notifications"]:
+		vtIDS.append( int(vt_notif["id"]) )
+	func_delete_notif(API_KEY, vtIDS)
+
+
 	for vt_notif in json_notif_feed["notifications"]:
 
 		if (func_to_epoch(vt_notif["date"]) > tmp_newest):

lib/core.py

@@ -14,6 +14,21 @@
 
 from lib.db import *
 
+# Purge old notifications
+def func_delete_notif(str_api_key, notificationList):
+	req_user_agent = {'User-agent': 'VirusTotal FMS'}
+	try:
+		vt_request_results = requests.post("https://www.virustotal.com/intelligence/hunting/delete-notifications/programmatic/?key=%s" % (str_api_key),
+		headers=req_user_agent,
+			data=json.dumps(notificationList),
+			timeout=30,
+			verify=False)
+	except Exception, e:
+		print " [x] Exception in purge request: %s" % e
+		return "ERROR"
+
+	return None
+
 # Read ~/.virustotal and read the first line.  This file only needs the API string in it.
 def func_set_api_key():
 	try: