"""Autogenerated API"""
import requests
from argus_cli.plugin import register_command
[docs]@register_command(extending=('sampledb','v1','sample'))
def submit(customer: str = None, tlp: str = None, data: str = None, clientName: str = None, fileName: str = None, enableSandboxAnalysis: bool = 'True', enableAntivirusScan: bool = 'True', allowSandboxInternetAccess: bool = 'False',json: bool = True, verify: bool = True, apiKey: str = "", authentication: dict = {}) -> dict:
"""Submit a sample for analysis (DEV)
:param str customer: Customer ID or short name of the customer to register this sample to.
:param str tlp: TLP level of the sample.
:param str data: The sample data.
:param str clientName: Name of client application. => [\s\w\{\}\$\-\(\)\.\[\]"\'_/\\,\*\+\#:@!?;]*
:param str fileName: Name of submitted file. => Sanitize by regex [a-zA-Z0-9ÅåØøÆæ_\-\. ]*
:param bool enableSandboxAnalysis: Enable sandbox analysis of sample. (default true)
:param bool enableAntivirusScan: Enable antivirus scan of sample. (default true)
:param bool allowSandboxInternetAccess: Allow internet access to sandbox. (default false)
:raises AuthenticationFailedException: on 401
:raises ValidationFailedException: on 412
:raises AccessDeniedException: on 403
:returns: {"offset": 479, "limit": 66, "responseCode": 200, "count": 1000, "metaData": {"additionalProperties": {}}, "messages": [{"message": "Pass Mr instead seem generation century.", "messageTemplate": "Daughter never idea begin.", "field": "Four more case plant.", "parameter": {}, "timestamp": 1054603413}], "currentPage": 750, "size": 384}
"""
from requests import post
from argus_api.exceptions import http
url = "https://osl-argus-trunk-web1.mnemonic.no/web/api/sampledb/v1/sample".format()
headers = {
'Content-Type': 'application/json',
'User-Agent': 'ArgusToolbelt/1.0'
}
if apiKey:
headers["Argus-API-Key"] = apiKey
elif authentication and isinstance(authentication, dict):
headers.update(authentication)
elif callable(authentication):
headers.update(authentication(url))
body = {}
if enableSandboxAnalysis:
body.update({"enableSandboxAnalysis": enableSandboxAnalysis})
if enableAntivirusScan:
body.update({"enableAntivirusScan": enableAntivirusScan})
if customer:
body.update({"customer": customer})
if tlp:
body.update({"tlp": tlp})
if data:
body.update({"data": data})
if allowSandboxInternetAccess:
body.update({"allowSandboxInternetAccess": allowSandboxInternetAccess})
if clientName:
body.update({"clientName": clientName})
if fileName:
body.update({"fileName": fileName})
response = post(url, json=body if body else None, verify=verify, headers=headers)
errors = []
if response.status_code == 401:
raise http.AuthenticationFailedException(response)
elif response.status_code == 403:
raise http.AccessDeniedException(response)
elif response.status_code == 412:
raise http.ValidationErrorException(response)
elif response.status_code == 404:
raise http.ObjectNotFoundException(response)
return response.json() if json else response
[docs]@register_command(extending=('sampledb','v1','sample'))
def get_evil_samples(customerID: list = None, startTimestamp: int = None, endTimestamp: int = None, tlp: list = None, limit: int = 25, offset: int = 0,json: bool = True, verify: bool = True, apiKey: str = "", authentication: dict = {}) -> dict:
"""Searches for evil samples. (DEV)
:param list customerID: Set of customer IDs to limit samples result.
:param int startTimestamp: Start of time search period for submission creation date. (default 24 hours before timestamp of request.)
:param int endTimestamp: End of time search period for submission creation date. (default Timestamp of request.)
:param list tlp: Set of TLPs to search for.
:param int limit: Set this value to set max number of results. (default 25)
:param int offset: Set this value to skip the first (offset) objects. By default, return result from first object. (default 0)
:raises AuthenticationFailedException: on 401
:raises ValidationErrorException: on 412
:raises AccessDeniedException: on 403
:returns: {"offset": 127, "limit": 973, "responseCode": 200, "count": 553, "data": [{"mimeType": "Crime sport like clear.", "entropy": 12, "createdTimestamp": 87803096, "ssDeep": "Wait nothing hit drug option lose.", "size": 443, "sha256": "To career follow who lot school.", "tlp": "AMBER", "flags": ["EVIL"]}], "metaData": {"additionalProperties": {}}, "messages": [{"message": "Writer coach reach describe main.", "messageTemplate": "Sell our argue.", "field": "Leg best east physical before.", "parameter": {}, "timestamp": 14540640}], "currentPage": 451, "size": 973}
"""
from requests import post
from argus_api.exceptions import http
url = "https://osl-argus-trunk-web1.mnemonic.no/web/api/sampledb/v1/sample/search/evil".format()
headers = {
'Content-Type': 'application/json',
'User-Agent': 'ArgusToolbelt/1.0'
}
if apiKey:
headers["Argus-API-Key"] = apiKey
elif authentication and isinstance(authentication, dict):
headers.update(authentication)
elif callable(authentication):
headers.update(authentication(url))
body = {}
if limit:
body.update({"limit": limit})
if customerID:
body.update({"customerID": customerID})
if offset:
body.update({"offset": offset})
if startTimestamp:
body.update({"startTimestamp": startTimestamp})
if endTimestamp:
body.update({"endTimestamp": endTimestamp})
if tlp:
body.update({"tlp": tlp})
response = post(url, json=body if body else None, verify=verify, headers=headers)
errors = []
if response.status_code == 401:
raise http.AuthenticationFailedException(response)
elif response.status_code == 403:
raise http.AccessDeniedException(response)
elif response.status_code == 412:
raise http.ValidationErrorException(response)
elif response.status_code == 404:
raise http.ObjectNotFoundException(response)
return response.json() if json else response
[docs]@register_command(extending=('sampledb','v1','sample'))
def get_sample(sha256: str,json: bool = True, verify: bool = True, apiKey: str = "", authentication: dict = {}) -> dict:
"""Fetch sample info identified by SHA256. (DEV)
:param str sha256: SHA256 to identify sample info
:raises AuthenticationFailedException: on 401
:raises ValidationErrorException: on 412
:raises AccessDeniedException: on 403
:raises ObjectNotFoundException: on 404
:returns: {"offset": 842, "limit": 410, "responseCode": 200, "count": 742, "metaData": {"additionalProperties": {}}, "messages": [{"message": "Read Republican forward wait likely simple.", "messageTemplate": "Issue nor natural market.", "field": "Worker name avoid skill decision.", "parameter": {}, "timestamp": 250804429}], "currentPage": 199, "size": 504}
"""
from requests import get
from argus_api.exceptions import http
url = "https://osl-argus-trunk-web1.mnemonic.no/web/api/sampledb/v1/sample/{sha256}".format(sha256=sha256)
headers = {
'Content-Type': 'application/json',
'User-Agent': 'ArgusToolbelt/1.0'
}
if apiKey:
headers["Argus-API-Key"] = apiKey
elif authentication and isinstance(authentication, dict):
headers.update(authentication)
elif callable(authentication):
headers.update(authentication(url))
body = {}
response = get(url, json=body if body else None, verify=verify, headers=headers)
errors = []
if response.status_code == 401:
raise http.AuthenticationFailedException(response)
elif response.status_code == 403:
raise http.AccessDeniedException(response)
elif response.status_code == 412:
raise http.ValidationErrorException(response)
elif response.status_code == 404:
raise http.ObjectNotFoundException(response)
return response.json() if json else response
[docs]@register_command(extending=('sampledb','v1','sample'))
def get_sample_aggregated(sha256: str,json: bool = True, verify: bool = True, apiKey: str = "", authentication: dict = {}) -> dict:
"""Fetch sample aggregated info identified by SHA256. (DEV)
:param str sha256: SHA256 to identify sample aggregated info
:raises AuthenticationFailedException: on 401
:raises ValidationErrorException: on 412
:raises AccessDeniedException: on 403
:raises ObjectNotFoundException: on 404
:returns: {"offset": 793, "limit": 196, "responseCode": 200, "count": 881, "metaData": {"additionalProperties": {}}, "messages": [{"message": "Back probably require role.", "messageTemplate": "While Mrs notice individual.", "field": "Help also instead stock.", "parameter": {}, "timestamp": 1305989871}], "currentPage": 795, "size": 840}
"""
from requests import get
from argus_api.exceptions import http
url = "https://osl-argus-trunk-web1.mnemonic.no/web/api/sampledb/v1/sample/{sha256}/aggregated".format(sha256=sha256)
headers = {
'Content-Type': 'application/json',
'User-Agent': 'ArgusToolbelt/1.0'
}
if apiKey:
headers["Argus-API-Key"] = apiKey
elif authentication and isinstance(authentication, dict):
headers.update(authentication)
elif callable(authentication):
headers.update(authentication(url))
body = {}
response = get(url, json=body if body else None, verify=verify, headers=headers)
errors = []
if response.status_code == 401:
raise http.AuthenticationFailedException(response)
elif response.status_code == 403:
raise http.AccessDeniedException(response)
elif response.status_code == 412:
raise http.ValidationErrorException(response)
elif response.status_code == 404:
raise http.ObjectNotFoundException(response)
return response.json() if json else response
[docs]@register_command(extending=('sampledb','v1','sample'))
def get_sample_children(sha256: str, customerID: list = None, offset: int = 0, limit: int = 25,json: bool = True, verify: bool = True, apiKey: str = "", authentication: dict = {}) -> dict:
"""Get sample children submissions with search defined by query params (DEV)
:param str sha256: SHA256 to identify parent sample
:param list customerID: Search by customer IDs
:param int offset: Skip a number of results
:param int limit: Maximum number of returned results
:raises AuthenticationFailedException: on 401
:raises ValidationErrorException: on 412
:raises AccessDeniedException: on 403
:raises ObjectNotFoundException: on 404
:returns: {"offset": 693, "limit": 127, "responseCode": 200, "count": 772, "data": [{"id": 14, "sha256": "Sell compare go hold choice yeah.", "createdTimestamp": 291705619, "owner": "Purpose that several sell director stop.", "properties": {"additionalProperties": "Eight water room local employee senior population."}, "tlp": "AMBER"}], "metaData": {"additionalProperties": {}}, "messages": [{"message": "Spring star how federal something them walk.", "messageTemplate": "Major responsibility night reality wall.", "field": "Feel pass away court.", "parameter": {}, "timestamp": 170951112}], "currentPage": 188, "size": 441}
"""
from requests import get
from argus_api.exceptions import http
url = "https://osl-argus-trunk-web1.mnemonic.no/web/api/sampledb/v1/sample/{sha256}/children".format(sha256=sha256)
headers = {
'Content-Type': 'application/json',
'User-Agent': 'ArgusToolbelt/1.0'
}
if apiKey:
headers["Argus-API-Key"] = apiKey
elif authentication and isinstance(authentication, dict):
headers.update(authentication)
elif callable(authentication):
headers.update(authentication(url))
body = {}
if offset:
body.update({"offset": offset})
if limit:
body.update({"limit": limit})
if customerID:
body.update({"customerID": customerID})
response = get(url, json=body if body else None, verify=verify, headers=headers)
errors = []
if response.status_code == 401:
raise http.AuthenticationFailedException(response)
elif response.status_code == 403:
raise http.AccessDeniedException(response)
elif response.status_code == 412:
raise http.ValidationErrorException(response)
elif response.status_code == 404:
raise http.ObjectNotFoundException(response)
return response.json() if json else response
[docs]@register_command(extending=('sampledb','v1','sample'))
def get_sample_download(sha256: str,json: bool = True, verify: bool = True, apiKey: str = "", authentication: dict = {}) -> dict:
"""Fetch and download sample by SHA256 (DEV)
Download sample zip file by specified SHA256
:param str sha256: SHA256 to identify sample
:raises AuthenticationFailedException: on 401
:raises ValidationErrorException: on 412
:raises AccessDeniedException: on 403
:raises ObjectNotFoundException: on 404
:returns: {}
"""
from requests import get
from argus_api.exceptions import http
url = "https://osl-argus-trunk-web1.mnemonic.no/web/api/sampledb/v1/sample/{sha256}/download".format(sha256=sha256)
headers = {
'Content-Type': 'application/json',
'User-Agent': 'ArgusToolbelt/1.0'
}
if apiKey:
headers["Argus-API-Key"] = apiKey
elif authentication and isinstance(authentication, dict):
headers.update(authentication)
elif callable(authentication):
headers.update(authentication(url))
body = {}
response = get(url, json=body if body else None, verify=verify, headers=headers)
errors = []
if response.status_code == 401:
raise http.AuthenticationFailedException(response)
elif response.status_code == 403:
raise http.AccessDeniedException(response)
elif response.status_code == 412:
raise http.ValidationErrorException(response)
elif response.status_code == 404:
raise http.ObjectNotFoundException(response)
return response.json() if json else response
[docs]@register_command(extending=('sampledb','v1','sample'))
def get_sandbox_runs(sha256: str, offset: int = 0, limit: int = 25,json: bool = True, verify: bool = True, apiKey: str = "", authentication: dict = {}) -> dict:
"""Fetch sandbox runs of sample which sample is identified by SHA256. (DEV)
:param str sha256: SHA256 to identify sample which sandbox runs belongs to
:param int offset: Skip a number of results
:param int limit: Maximum number of returned results
:raises AuthenticationFailedException: on 401
:raises ValidationErrorException: on 412
:raises AccessDeniedException: on 403
:raises ObjectNotFoundException: on 404
:returns: {"offset": 880, "limit": 413, "responseCode": 200, "count": 789, "data": [{"id": 892, "sha256": "General happen individual of save edge.", "runUUID": "Political standard claim rate she.", "startTimestamp": 1126577717, "endTimestamp": 1343483022, "ip": "Prove recent myself reduce develop serious.", "version": "Figure class produce occur today watch quickly maybe.", "duration": 197, "result": {}}], "metaData": {"additionalProperties": {}}, "messages": [{"message": "Tax right may meeting themselves education.", "messageTemplate": "Both decide time dinner as more.", "field": "Lay lose none thus.", "parameter": {}, "timestamp": 325810203}], "currentPage": 473, "size": 543}
"""
from requests import get
from argus_api.exceptions import http
url = "https://osl-argus-trunk-web1.mnemonic.no/web/api/sampledb/v1/sample/{sha256}/sandbox".format(sha256=sha256)
headers = {
'Content-Type': 'application/json',
'User-Agent': 'ArgusToolbelt/1.0'
}
if apiKey:
headers["Argus-API-Key"] = apiKey
elif authentication and isinstance(authentication, dict):
headers.update(authentication)
elif callable(authentication):
headers.update(authentication(url))
body = {}
if offset:
body.update({"offset": offset})
if limit:
body.update({"limit": limit})
response = get(url, json=body if body else None, verify=verify, headers=headers)
errors = []
if response.status_code == 401:
raise http.AuthenticationFailedException(response)
elif response.status_code == 403:
raise http.AccessDeniedException(response)
elif response.status_code == 412:
raise http.ValidationErrorException(response)
elif response.status_code == 404:
raise http.ObjectNotFoundException(response)
return response.json() if json else response
[docs]@register_command(extending=('sampledb','v1','sample'))
def get_sandbox_pcap(sha256: str,json: bool = True, verify: bool = True, apiKey: str = "", authentication: dict = {}) -> dict:
"""Fetch and download sandbox pcap by sample SHA256 (DEV)
Download sandbox pcap by specified sample SHA256
:param str sha256: SHA256 to identify sample which sandbox pcap belongs to
:raises AuthenticationFailedException: on 401
:raises ValidationErrorException: on 412
:raises AccessDeniedException: on 403
:raises ObjectNotFoundException: on 404
:returns: {}
"""
from requests import get
from argus_api.exceptions import http
url = "https://osl-argus-trunk-web1.mnemonic.no/web/api/sampledb/v1/sample/{sha256}/sandbox/pcap".format(sha256=sha256)
headers = {
'Content-Type': 'application/json',
'User-Agent': 'ArgusToolbelt/1.0'
}
if apiKey:
headers["Argus-API-Key"] = apiKey
elif authentication and isinstance(authentication, dict):
headers.update(authentication)
elif callable(authentication):
headers.update(authentication(url))
body = {}
response = get(url, json=body if body else None, verify=verify, headers=headers)
errors = []
if response.status_code == 401:
raise http.AuthenticationFailedException(response)
elif response.status_code == 403:
raise http.AccessDeniedException(response)
elif response.status_code == 412:
raise http.ValidationErrorException(response)
elif response.status_code == 404:
raise http.ObjectNotFoundException(response)
return response.json() if json else response
[docs]@register_command(extending=('sampledb','v1','sample'))
def get_sandbox_procgraph(sha256: str, runUUID: str,json: bool = True, verify: bool = True, apiKey: str = "", authentication: dict = {}) -> dict:
"""Fetch sandbox procgraph by sample SHA256 and id (DEV)
Fetch sandbox procgraph by specified sample SHA256 and id
:param str sha256: SHA256 to identify sample which sandbox procgraph belongs to
:param str runUUID: Sandbox procgraph ID
:raises AuthenticationFailedException: on 401
:raises ValidationErrorException: on 412
:raises AccessDeniedException: on 403
:raises ObjectNotFoundException: on 404
:returns: {}
"""
from requests import get
from argus_api.exceptions import http
url = "https://osl-argus-trunk-web1.mnemonic.no/web/api/sampledb/v1/sample/{sha256}/sandbox/{runUUID}/procgraph".format(sha256=sha256, runUUID=runUUID)
headers = {
'Content-Type': 'application/json',
'User-Agent': 'ArgusToolbelt/1.0'
}
if apiKey:
headers["Argus-API-Key"] = apiKey
elif authentication and isinstance(authentication, dict):
headers.update(authentication)
elif callable(authentication):
headers.update(authentication(url))
body = {}
response = get(url, json=body if body else None, verify=verify, headers=headers)
errors = []
if response.status_code == 401:
raise http.AuthenticationFailedException(response)
elif response.status_code == 403:
raise http.AccessDeniedException(response)
elif response.status_code == 412:
raise http.ValidationErrorException(response)
elif response.status_code == 404:
raise http.ObjectNotFoundException(response)
return response.json() if json else response
[docs]@register_command(extending=('sampledb','v1','sample'))
def list_submissions_by_sample_id(sha256: str, customerID: list = None, offset: int = 0, limit: int = 25,json: bool = True, verify: bool = True, apiKey: str = "", authentication: dict = {}) -> dict:
"""Search for submissions with defined by query params (DEV)
:param str sha256: SHA256 to identify sample submissions
:param list customerID: Search by customer IDs
:param int offset: Skip a number of results
:param int limit: Maximum number of returned results
:raises AuthenticationFailedException: on 401
:raises ValidationErrorException: on 412
:raises AccessDeniedException: on 403
:raises ObjectNotFoundException: on 404
:returns: {"offset": 429, "limit": 636, "responseCode": 200, "count": 178, "data": [{"id": 515, "sha256": "Interest worry west lawyer newspaper.", "createdTimestamp": 1324075806, "owner": "Early past really instead loss.", "properties": {"additionalProperties": "Whom appear debate throw."}, "tlp": "AMBER"}], "metaData": {"additionalProperties": {}}, "messages": [{"message": "Challenge meet remember field us affect turn certain.", "messageTemplate": "Others experience second pass need political investment.", "field": "Sell family college necessary alone similar public.", "parameter": {}, "timestamp": 1100543393}], "currentPage": 812, "size": 757}
"""
from requests import get
from argus_api.exceptions import http
url = "https://osl-argus-trunk-web1.mnemonic.no/web/api/sampledb/v1/sample/{sha256}/submission".format(sha256=sha256)
headers = {
'Content-Type': 'application/json',
'User-Agent': 'ArgusToolbelt/1.0'
}
if apiKey:
headers["Argus-API-Key"] = apiKey
elif authentication and isinstance(authentication, dict):
headers.update(authentication)
elif callable(authentication):
headers.update(authentication(url))
body = {}
if offset:
body.update({"offset": offset})
if limit:
body.update({"limit": limit})
if customerID:
body.update({"customerID": customerID})
response = get(url, json=body if body else None, verify=verify, headers=headers)
errors = []
if response.status_code == 401:
raise http.AuthenticationFailedException(response)
elif response.status_code == 403:
raise http.AccessDeniedException(response)
elif response.status_code == 412:
raise http.ValidationErrorException(response)
elif response.status_code == 404:
raise http.ObjectNotFoundException(response)
return response.json() if json else response