Source code for api.alarms.v1.signature

"""Autogenerated API"""

from argus_cli.plugin import register_command



[docs]@register_command(extending=("alarms","v1","signature")) def get_signatures( keywords: list = None, keywordField: list = None, keywordMatch: str = "all", offset: int = None, limit: int = 25, json: bool = True, verify: bool = True, apiKey: str = None, authentication: dict = {} ) -> dict: """Get all signatures including alarms if mapped (PUBLIC) :param list keywords: Search by keywords :param list keywordField: Set field strategy for keyword search :param str keywordMatch: Set match strategy for keyword search :param int offset: Skip a number of signatures :param int limit: Maximum number of returned signatures :raises AuthenticationFailedException: on 401 :raises ValidationErrorException: on 412 :raises AccessDeniedException: on 403 :returns: {'offset': 261, 'limit': 135, 'responseCode': 200, 'count': 62, 'data': [{'lastUpdatedByUser': {'id': 115, 'customerID': 468, 'userName': 'alucas', 'name': 'Matthew Pierce'}, 'lastUpdatedTimestamp': 995944791, 'comments': [{'timestamp': 922027884, 'comment': 'Interesting trip down plan agent treatment.'}], 'mappedTimestamp': 610023042, 'mappedByUser': {'id': 626, 'customerID': 208, 'userName': 'samanthahunt', 'name': 'Stephanie Ellis'}, 'firstTriggeredTimestamp': 755442308, 'lastTriggeredTimestamp': 1260346932, 'triggerAmount': 698, 'signature': 'Produce perform home have question.', 'flags': ['DEFAULT_BLOCK']}], 'metaData': {'additionalProperties': {}}, 'messages': [{'message': 'Idea since special conference child four toward necessary.', 'messageTemplate': 'Discover guess thousand better general.', 'field': 'Open speech just security popular through.', 'parameter': {}, 'timestamp': 656657579}], 'currentPage': 902, 'size': 653} """ from requests import get from argus_api.exceptions import http url = "https://portal.mnemonic.no/web/api/alarms/v1/signature".format() headers = { 'Content-Type': 'application/json', 'User-Agent': 'ArgusToolbelt/' } if apiKey: headers["Argus-API-Key"] = apiKey elif authentication and isinstance(authentication, dict): headers.update(authentication) elif callable(authentication): headers.update(authentication(url)) body = { "keywordMatch": keywordMatch, "offset": offset, "limit": limit, "keywords": keywords, "keywordField": keywordField } response = get(url, json=body if body else None, verify=verify, headers=headers ) if response.status_code == 401: raise http.AuthenticationFailedException(response) elif response.status_code == 403: raise http.AccessDeniedException(response) elif response.status_code == 412: raise http.ValidationErrorException(response) elif response.status_code == 404: raise http.ObjectNotFoundException(response) return response.json() if json else response
[docs]@register_command(extending=("alarms","v1","signature")) def search_signatures( limit: int = None, offset: int = None, includeFlags: int = None, excludeFlags: int = None, subCriteria: list = None, attackCategoryID: list = None, alarmID: list = None, signature: list = None, minTriggerAmount: int = None, maxTriggerAmount: int = None, startTimestamp: int = None, endTimestamp: int = None, timeFieldStrategy: list = None, keywords: list = None, keywordFieldStrategy: list = None, sortBy: list = None, timeMatchStrategy: str = "any", keywordMatchStrategy: str = "all", includeDeleted: bool = None, exclude: bool = None, required: bool = None, json: bool = True, verify: bool = True, apiKey: str = None, authentication: dict = {} ) -> dict: """Get all signatures matching a given search criteria (PUBLIC) :param int limit: Set this value to set max number of results. By default, no restriction on result set size. :param int offset: Set this value to skip the first (offset) objects. By default, return result from first object. :param int includeFlags: Only include objects which have includeFlags set. :param int excludeFlags: Exclude objects which have excludeFlags set. :param list subCriteria: :param list attackCategoryID: A set of IDs for attack categories (alarm category). :param list alarmID: A set of IDs for alarms. :param list signature: A set of signatures. It does an exact match. :param int minTriggerAmount: Minimum trigger amount, default 0 means disabled :param int maxTriggerAmount: Maximum trigger amount, default 0 means disabled :param int startTimestamp: Only include mappings based on the set TimeFieldStrategy and TimeMatchStrategy (start timestamp) :param int endTimestamp: Only include mappings based on the set TimeFieldStrategy and TimeMatchStrategy (end timestamp) :param list timeFieldStrategy: TimeFieldStrategy to define which timestamp field(s) to match. (default lastTriggeredTimestamp) :param list keywords: A set of keywords matched against mappings based on the set KeywordFieldStrategy and KeywordMatchStrategy. :param list keywordFieldStrategy: KeywordFieldStrategy to define which field(s) to match against keywords. (default all) :param list sortBy: List of properties to sort by (prefix with "-" to sort descending). :param str timeMatchStrategy: TimeMatchStrategy to define how to match startTimestamp and endTimestamp with fields. (default any) :param str keywordMatchStrategy: KeywordMatchStrategy to define how to match keywords with fields. (default all) :param bool includeDeleted: Set to true to include deleted objects. By default, exclude deleted objects. :param bool exclude: Only relevant for subcriteria. If set to true, objects matching this subcriteria object will be excluded. :param bool required: Only relevant for subcriteria. If set to true, objects matching this subcriteria are required (AND-ed together with parent criteria). :raises AuthenticationFailedException: on 401 :raises ValidationErrorException: on 412 :raises AccessDeniedException: on 403 :returns: {'offset': 265, 'limit': 65, 'responseCode': 200, 'count': 529, 'data': [{'lastUpdatedByUser': {'id': 11, 'customerID': 210, 'userName': 'zachary34', 'name': 'Hailey Miller'}, 'lastUpdatedTimestamp': 1201568889, 'comments': [{'timestamp': 1298418708, 'comment': 'Ready stand sign law social.'}], 'mappedTimestamp': 1440450227, 'mappedByUser': {'id': 254, 'customerID': 416, 'userName': 'whitesuzanne', 'name': 'Angela Torres'}, 'firstTriggeredTimestamp': 1302184276, 'lastTriggeredTimestamp': 78862770, 'triggerAmount': 222, 'signature': 'Staff concern degree number certainly lay.', 'flags': ['SNORT']}], 'metaData': {'additionalProperties': {}}, 'messages': [{'message': 'Seek society point money recently use agent send.', 'messageTemplate': 'Before name method chance ever reflect this do.', 'field': 'Someone site trade adult energy including though.', 'parameter': {}, 'timestamp': 1485320377}], 'currentPage': 483, 'size': 516} """ from requests import post from argus_api.exceptions import http url = "https://portal.mnemonic.no/web/api/alarms/v1/signature/search".format() headers = { 'Content-Type': 'application/json', 'User-Agent': 'ArgusToolbelt/' } if apiKey: headers["Argus-API-Key"] = apiKey elif authentication and isinstance(authentication, dict): headers.update(authentication) elif callable(authentication): headers.update(authentication(url)) body = { "timeMatchStrategy": timeMatchStrategy, "keywordMatchStrategy": keywordMatchStrategy, "limit": limit, "offset": offset, "includeDeleted": includeDeleted, "includeFlags": includeFlags, "excludeFlags": excludeFlags, "subCriteria": subCriteria, "exclude": exclude, "required": required, "attackCategoryID": attackCategoryID, "alarmID": alarmID, "signature": signature, "minTriggerAmount": minTriggerAmount, "maxTriggerAmount": maxTriggerAmount, "startTimestamp": startTimestamp, "endTimestamp": endTimestamp, "timeFieldStrategy": timeFieldStrategy, "keywords": keywords, "keywordFieldStrategy": keywordFieldStrategy, "sortBy": sortBy } response = post(url, json=body if body else None, verify=verify, headers=headers ) if response.status_code == 401: raise http.AuthenticationFailedException(response) elif response.status_code == 403: raise http.AccessDeniedException(response) elif response.status_code == 412: raise http.ValidationErrorException(response) elif response.status_code == 404: raise http.ObjectNotFoundException(response) return response.json() if json else response