"""Autogenerated API"""
import requests
from argus_cli.plugin import register_command
[docs]@register_command(extending=('alarms','v1','signature'))
def get_signatures(keywords: list = None, keywordField: list = None, keywordMatch: str = 'all', offset: int = 0, limit: int = 25,json: bool = True, verify: bool = True, apiKey: str = "", authentication: dict = {}) -> dict:
"""Get all signatures including alarms if mapped (PUBLIC)
:param list keywords: Search by keywords
:param list keywordField: Set field strategy for keyword search
:param str keywordMatch: Set match strategy for keyword search
:param int offset: Skip a number of signatures
:param int limit: Maximum number of returned signatures
:raises AuthenticationFailedException: on 401
:raises ValidationErrorException: on 412
:raises AccessDeniedException: on 403
:returns: {"offset": 477, "limit": 232, "responseCode": 200, "count": 702, "data": [{"lastUpdatedByUser": {"id": 524, "customerID": 344, "userName": "carla95", "name": "Megan Ball"}, "lastUpdatedTimestamp": 1198308869, "comments": [{"timestamp": 1106784534, "comment": "Magazine industry able over center road anything."}], "mappedTimestamp": 1169316911, "mappedByUser": {"id": 864, "customerID": 9, "userName": "aaron02", "name": "Carlos Buckley"}, "firstTriggeredTimestamp": 115814846, "lastTriggeredTimestamp": 1440676452, "triggerAmount": 584, "signature": "Campaign into law term rest.", "flags": ["SNORT"]}], "metaData": {"additionalProperties": {}}, "messages": [{"message": "Take member country fear.", "messageTemplate": "Force cut place.", "field": "Great consider by.", "parameter": {}, "timestamp": 1167442747}], "currentPage": 928, "size": 759}
"""
from requests import get
from argus_api.exceptions import http
url = "https://osl-argus-trunk-web1.mnemonic.no/web/api/alarms/v1/signature".format()
headers = {
'Content-Type': 'application/json',
'User-Agent': 'ArgusToolbelt/1.0'
}
if apiKey:
headers["Argus-API-Key"] = apiKey
elif authentication and isinstance(authentication, dict):
headers.update(authentication)
elif callable(authentication):
headers.update(authentication(url))
body = {}
if keywordMatch:
body.update({"keywordMatch": keywordMatch})
if offset:
body.update({"offset": offset})
if limit:
body.update({"limit": limit})
if keywords:
body.update({"keywords": keywords})
if keywordField:
body.update({"keywordField": keywordField})
response = get(url, json=body if body else None, verify=verify, headers=headers)
errors = []
if response.status_code == 401:
raise http.AuthenticationFailedException(response)
elif response.status_code == 403:
raise http.AccessDeniedException(response)
elif response.status_code == 412:
raise http.ValidationErrorException(response)
elif response.status_code == 404:
raise http.ObjectNotFoundException(response)
return response.json() if json else response
[docs]@register_command(extending=('alarms','v1','signature'))
def delete_signatures(signature: list = None,json: bool = True, verify: bool = True, apiKey: str = "", authentication: dict = {}) -> dict:
"""Delete signatures. They must not be mapped to an alarm. (INTERNAL)
:param list signature: Signatures to delete
:raises AuthenticationFailedException: on 401
:raises ValidationErrorException: on 412
:raises AccessDeniedException: on 403
:returns: {"offset": 828, "limit": 12, "responseCode": 200, "count": 421, "data": [{"lastUpdatedByUser": {"id": 588, "customerID": 578, "userName": "murrayspencer", "name": "Nicole Lynch"}, "lastUpdatedTimestamp": 224105481, "comments": [{"timestamp": 744027375, "comment": "Find control far agreement expect remember."}], "mappedTimestamp": 481980376, "mappedByUser": {"id": 410, "customerID": 510, "userName": "glassbradley", "name": "Scott Mcbride"}, "firstTriggeredTimestamp": 642006565, "lastTriggeredTimestamp": 494735336, "triggerAmount": 973, "signature": "Stock stock everything peace month thing wife finally.", "flags": ["SNORT"]}], "metaData": {"additionalProperties": {}}, "messages": [{"message": "Process break executive us civil.", "messageTemplate": "Production business forward treat be.", "field": "Property natural difference business after.", "parameter": {}, "timestamp": 861379580}], "currentPage": 584, "size": 754}
"""
from requests import delete
from argus_api.exceptions import http
url = "https://osl-argus-trunk-web1.mnemonic.no/web/api/alarms/v1/signature".format()
headers = {
'Content-Type': 'application/json',
'User-Agent': 'ArgusToolbelt/1.0'
}
if apiKey:
headers["Argus-API-Key"] = apiKey
elif authentication and isinstance(authentication, dict):
headers.update(authentication)
elif callable(authentication):
headers.update(authentication(url))
body = {}
if signature:
body.update({"signature": signature})
response = delete(url, json=body if body else None, verify=verify, headers=headers)
errors = []
if response.status_code == 401:
raise http.AuthenticationFailedException(response)
elif response.status_code == 403:
raise http.AccessDeniedException(response)
elif response.status_code == 412:
raise http.ValidationErrorException(response)
elif response.status_code == 404:
raise http.ObjectNotFoundException(response)
return response.json() if json else response
[docs]@register_command(extending=('alarms','v1','signature'))
def search_signatures(limit: int = None, offset: int = None, includeFlags: int = None, excludeFlags: int = None, subCriteria: list = None, attackCategoryID: list = None, alarmID: list = None, signature: list = None, minTriggerAmount: int = None, maxTriggerAmount: int = None, startTimestamp: int = None, endTimestamp: int = None, timeFieldStrategy: list = None, keywords: list = None, keywordFieldStrategy: list = None, sortBy: list = None, timeMatchStrategy: str = 'any', keywordMatchStrategy: str = 'all', includeDeleted: bool = 'False', exclude: bool = 'False', required: bool = 'False',json: bool = True, verify: bool = True, apiKey: str = "", authentication: dict = {}) -> dict:
"""Get all signatures matching a given search criteria (PUBLIC)
:param int limit: Set this value to set max number of results. By default, no restriction on result set size.
:param int offset: Set this value to skip the first (offset) objects. By default, return result from first object.
:param int includeFlags: Only include objects which have includeFlags set.
:param int excludeFlags: Exclude objects which have excludeFlags set.
:param list subCriteria:
:param list attackCategoryID: A set of IDs for attack categories (alarm category).
:param list alarmID: A set of IDs for alarms.
:param list signature: A set of signatures. It does an exact match.
:param int minTriggerAmount: Minimum trigger amount, default 0 means disabled
:param int maxTriggerAmount: Maximum trigger amount, default 0 means disabled
:param int startTimestamp: Only include mappings based on the set TimeFieldStrategy and TimeMatchStrategy (start timestamp)
:param int endTimestamp: Only include mappings based on the set TimeFieldStrategy and TimeMatchStrategy (end timestamp)
:param list timeFieldStrategy: TimeFieldStrategy to define which timestamp field(s) to match. (default lastTriggeredTimestamp)
:param list keywords: A set of keywords matched against mappings based on the set KeywordFieldStrategy and KeywordMatchStrategy.
:param list keywordFieldStrategy: KeywordFieldStrategy to define which field(s) to match against keywords. (default all)
:param list sortBy: List of properties to sort by (prefix with "-" to sort descending).
:param str timeMatchStrategy: TimeMatchStrategy to define how to match startTimestamp and endTimestamp with fields. (default any)
:param str keywordMatchStrategy: KeywordMatchStrategy to define how to match keywords with fields. (default all)
:param bool includeDeleted: Set to true to include deleted objects. By default, exclude deleted objects.
:param bool exclude: Only relevant for subcriteria. If set to true, objects matching this subcriteria object will be excluded.
:param bool required: Only relevant for subcriteria. If set to true, objects matching this subcriteria are required (AND-ed together with parent criteria).
:raises AuthenticationFailedException: on 401
:raises ValidationErrorException: on 412
:raises AccessDeniedException: on 403
:returns: {"offset": 239, "limit": 453, "responseCode": 200, "count": 489, "data": [{"lastUpdatedByUser": {"id": 370, "customerID": 129, "userName": "melissamiller", "name": "Victoria Gallegos"}, "lastUpdatedTimestamp": 1221347080, "comments": [{"timestamp": 800704064, "comment": "Book challenge religious service exactly store."}], "mappedTimestamp": 1380738237, "mappedByUser": {"id": 832, "customerID": 453, "userName": "colleen04", "name": "Catherine Watts"}, "firstTriggeredTimestamp": 336395551, "lastTriggeredTimestamp": 212157329, "triggerAmount": 748, "signature": "Would us change.", "flags": ["DELETED"]}], "metaData": {"additionalProperties": {}}, "messages": [{"message": "On real simple fund ago black beyond.", "messageTemplate": "Upon town face serious house.", "field": "Able wind get another above.", "parameter": {}, "timestamp": 830623849}], "currentPage": 684, "size": 736}
"""
from requests import post
from argus_api.exceptions import http
url = "https://osl-argus-trunk-web1.mnemonic.no/web/api/alarms/v1/signature/search".format()
headers = {
'Content-Type': 'application/json',
'User-Agent': 'ArgusToolbelt/1.0'
}
if apiKey:
headers["Argus-API-Key"] = apiKey
elif authentication and isinstance(authentication, dict):
headers.update(authentication)
elif callable(authentication):
headers.update(authentication(url))
body = {}
if timeMatchStrategy:
body.update({"timeMatchStrategy": timeMatchStrategy})
if keywordMatchStrategy:
body.update({"keywordMatchStrategy": keywordMatchStrategy})
if limit:
body.update({"limit": limit})
if offset:
body.update({"offset": offset})
if includeDeleted:
body.update({"includeDeleted": includeDeleted})
if includeFlags:
body.update({"includeFlags": includeFlags})
if excludeFlags:
body.update({"excludeFlags": excludeFlags})
if subCriteria:
body.update({"subCriteria": subCriteria})
if exclude:
body.update({"exclude": exclude})
if required:
body.update({"required": required})
if attackCategoryID:
body.update({"attackCategoryID": attackCategoryID})
if alarmID:
body.update({"alarmID": alarmID})
if signature:
body.update({"signature": signature})
if minTriggerAmount:
body.update({"minTriggerAmount": minTriggerAmount})
if maxTriggerAmount:
body.update({"maxTriggerAmount": maxTriggerAmount})
if startTimestamp:
body.update({"startTimestamp": startTimestamp})
if endTimestamp:
body.update({"endTimestamp": endTimestamp})
if timeFieldStrategy:
body.update({"timeFieldStrategy": timeFieldStrategy})
if keywords:
body.update({"keywords": keywords})
if keywordFieldStrategy:
body.update({"keywordFieldStrategy": keywordFieldStrategy})
if sortBy:
body.update({"sortBy": sortBy})
response = post(url, json=body if body else None, verify=verify, headers=headers)
errors = []
if response.status_code == 401:
raise http.AuthenticationFailedException(response)
elif response.status_code == 403:
raise http.AccessDeniedException(response)
elif response.status_code == 412:
raise http.ValidationErrorException(response)
elif response.status_code == 404:
raise http.ObjectNotFoundException(response)
return response.json() if json else response