JohnLaTwC/gist:3f234e00bc57746224e6f56fb4c39480

## gistfile1.txt
import vt
import nest_asyncio
nest_asyncio.apply()

RULE_NAME = 'MSCOVID19_FEED'

def get_ruleset_id(api_key, rule_name):
    with vt.Client(api_key) as client:
        obj = client.get_json('/intelligence/hunting_rulesets',
                             params = {'filter':'enabled:true name:%s ' % rule_name, 'limit':1})
        if len(obj['data']) == 0:
            return -1
        return obj['data'][0]['id']


def create_update_rule(api_key, rule_name, vt_covid_rule):
    with vt.Client(api_key) as client:

        id = get_ruleset_id(api_key, rule_name)

        rs = vt.Object("hunting_ruleset")
        rs.name = rule_name
        rs.enabled = True
        rs.rules = vt_covid_rule
        res = None
        if id == -1:
            res = client.post_object("/intelligence/hunting_rulesets", obj=rs)
        else:
            res = client.patch_object("/intelligence/hunting_rulesets/%s" % id, obj=rs)
        if 'id' in res.to_dict():
            print("Success.")
        else:
            print("Failed.")


create_update_rule(VT_APIKEY, RULE_NAME, vt_covid_rule)
	import vt
	import nest_asyncio
	nest_asyncio.apply()

	RULE_NAME = 'MSCOVID19_FEED'

	def get_ruleset_id(api_key, rule_name):
	with vt.Client(api_key) as client:
	obj = client.get_json('/intelligence/hunting_rulesets',
	params = {'filter':'enabled:true name:%s ' % rule_name, 'limit':1})
	if len(obj['data']) == 0:
	return -1
	return obj['data'][0]['id']


	def create_update_rule(api_key, rule_name, vt_covid_rule):
	with vt.Client(api_key) as client:

	id = get_ruleset_id(api_key, rule_name)

	rs = vt.Object("hunting_ruleset")
	rs.name = rule_name
	rs.enabled = True
	rs.rules = vt_covid_rule
	res = None
	if id == -1:
	res = client.post_object("/intelligence/hunting_rulesets", obj=rs)
	else:
	res = client.patch_object("/intelligence/hunting_rulesets/%s" % id, obj=rs)
	if 'id' in res.to_dict():
	print("Success.")
	else:
	print("Failed.")


	create_update_rule(VT_APIKEY, RULE_NAME, vt_covid_rule)