Added IP and subdomain support for DNS0_rrsets_data (#2042)

* Added IP support for DNS0_rrsets_data analyzer

* Added include_subdomain parameter

* Typo

* Restore original state

* Added alter migration to add a new supported type and new parameter

* fix deepsource

api_app/analyzers_manager/migrations/0056_alter_analyzer_config_dns0_rrsets_data.py

@@ -0,0 +1,62 @@
+from django.db import migrations
+
+from api_app.analyzers_manager.constants import ObservableTypes
+
+
+def migrate(apps, schema_editor):
+    AnalyzerConfig = apps.get_model("analyzers_manager", "AnalyzerConfig")
+    config = AnalyzerConfig.objects.get(name="DNS0_rrsets_data")
+    config.observable_supported = [
+        ObservableTypes.DOMAIN,
+        ObservableTypes.URL,
+        ObservableTypes.GENERIC,
+        ObservableTypes.IP,
+    ]
+    config.full_clean()
+    config.save()
+
+    PythonModule = apps.get_model("api_app", "PythonModule")
+    Parameter = apps.get_model("api_app", "Parameter")
+    pm = PythonModule.objects.get(
+        module="dns0.dns0_rrsets.DNS0Rrsets",
+        base_path="api_app.analyzers_manager.observable_analyzers",
+    )
+    p = Parameter(
+        name="include_subdomain",
+        type="bool",
+        description="Search for subdomains.",
+        is_secret=False,
+        required=False,
+        python_module=pm,
+    )
+    p.full_clean()
+    p.save()
+
+
+def reverse_migrate(apps, schema_editor):
+    AnalyzerConfig = apps.get_model("analyzers_manager", "AnalyzerConfig")
+    config = AnalyzerConfig.objects.get(name="DNS0_rrsets_data")
+    config.observable_supported = [
+        ObservableTypes.DOMAIN,
+        ObservableTypes.URL,
+        ObservableTypes.GENERIC,
+    ]
+    config.full_clean()
+    config.save()
+
+    PythonModule = apps.get_model("api_app", "PythonModule")
+    Parameter = apps.get_model("api_app", "Parameter")
+    pm = PythonModule.objects.get(
+        module="dns0.dns0_rrsets.DNS0Rrsets",
+        base_path="api_app.analyzers_manager.observable_analyzers",
+    )
+    Parameter(name="include_subdomain", python_module=pm).delete()
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("api_app", "0052_periodic_task_bi"),
+        ("analyzers_manager", "0055_analyzerreport_sent_to_bi"),
+    ]
+
+    operations = [migrations.RunPython(migrate, reverse_migrate)]

api_app/analyzers_manager/observable_analyzers/dns0/dns0_rrsets.py

@@ -34,6 +34,7 @@ class DNS0Rrsets(classes.ObservableAnalyzer, DNS0Mixin):
     name: str
     data: str
     type: list[str]
+    include_subdomain: bool
 
     def config(self, runtime_configuration: Dict):
         super().config(runtime_configuration)
@@ -75,7 +76,11 @@ def _create_params(self):
                 query_type = "name"
             elif self.direction == "right":
                 query_type = "data"
-        params[query_type] = self.observable_name
+
+        query = self.observable_name
+        if hasattr(self, "include_subdomain") and self.include_subdomain:
+            query = "." + query
+        params[query_type] = query
 
         # pass list of dns types parameter
         if hasattr(self, "type") and self.type:
@@ -161,6 +166,15 @@ def _monkeypatch(cls):
                 owner=None,
                 value=[],
             )
+            PluginConfig.objects.get_or_create(
+                analyzer_config=ac,
+                parameter=Parameter.objects.get(
+                    name="include_subdomain", python_module__pk=ac.python_module_id
+                ),
+                for_organization=False,
+                owner=None,
+                value=False,
+            )
 
         ac = AnalyzerConfig.objects.get(name="DNS0_rrsets_name")
         PluginConfig.objects.get_or_create(