analyzer.run_by_id fails at least 30% of the time

[mnmnc]

There is a huge difference in quality performance between using cortex4py and cortex API.

When I use cortex API to run analizer job with post requests I get valid response every time.
When I use cortex4py to do the same - the script fails at very high rate.

Consider two functions:

1. Using cortex4py:

def run_vt(domain):
    result = None
    job = capi.analyzers.run_by_name('VirusTotal_GetReport_3_0', {
        'data': str(domain),
        'dataType': 'domain',
        'tlp': 1,
        'message': 'alerts verificiation'
    }, force=1)
    try:
        result = job.json()
        return result
    
    except Exception as ex:
        print(get_time_now(), status('EXPT'), 'Exception running VT analizer:', ex)
        return result
    
    return result

2. Using Cortex API directly:

def run_vt_request(domain):
    headers = {}
    headers.update(cortex_auth)
    headers.update(content_type)

    url = cortex_url + '/api/analyzer/ [id] /run'

    j = {
        'data': domain,
        'dataType': 'domain',
        'tlp': 1
    }
    resp = None
    
    try:    
        resp = requests.post(url, headers=headers, json=j, verify=False)
        return resp.json()
    except Exception as ex:
        print(get_time_now(), status('EXPT'), 'Exception running VT analizer:', ex)
        return resp
    return resp

First one fails a lot (HTTP Error 500, Invalid input exception).
Second did not failed once.

I suspect force parameter placement or interpretation in the cortex4py implementation might be at fault. I am not completely sure.

[nadouani]

Hello @mnmnc

I would like to know what are the errors you get when you talk about failures.
Why do you str(domain) in the first example and not in the second one?

Thanks for the feedback