diff --git a/external-import/sekoia/src/connector/sekoia.py b/external-import/sekoia/src/connector/sekoia.py index bdfc2aabd82..ff933e2795b 100644 --- a/external-import/sekoia/src/connector/sekoia.py +++ b/external-import/sekoia/src/connector/sekoia.py @@ -31,6 +31,7 @@ def __init__(self, config: ConfigLoader, helper: OpenCTIConnectorHelper): self.helper = helper self._cache = {} + self._max_identity_cache_size = 5000 self.duration_period = self.config.connector.duration_period # Extra config Sekoia @@ -427,6 +428,11 @@ def _clean_and_add_to_cache(self, item): ): if item["id"].startswith("marking-definition--"): item.pop("object_marking_refs", None) + + # Apply cache size limit with FIFO eviction + if len(self._cache) >= self._max_identity_cache_size: + # Remove oldest entry + self._cache.pop(next(iter(self._cache))) self._cache[item["id"]] = item def _send_request(self, url, params=None, binary=False): @@ -532,20 +538,29 @@ def _add_sources_to_items(self, items: List[Dict]): for item in items: labels = [] + label_names = [] + source_refs_to_fetch: List[str] = item.get("x_inthreat_sources_refs", []) + for source_ref in item.get("x_inthreat_sources_refs", []): + if source_ref in self._cache: + source = self._cache[source_ref] + labels.append(f'source:{source["name"]}'.lower()) + source_refs_to_fetch.remove(source_ref) + for source in self._retrieve_by_ids( - item.get("x_inthreat_sources_refs", []), self.get_object_url + source_refs_to_fetch, self.get_object_url ): - label_name = f'source:{source["name"]}'.lower() + labels.append(f'source:{source["name"]}'.lower()) + + for label_name in labels: if label_name not in self.all_labels: self._create_custom_label(label_name, "#f8c167") + label_names.append(label_name) - labels.append(label_name) - - if labels: + if label_names: if item.get("x_opencti_labels", []): - item["x_opencti_labels"].extend(labels) + item["x_opencti_labels"].extend(label_names) else: - item["x_opencti_labels"] = labels + item["x_opencti_labels"] = label_names object_list.append(item) return object_list