api.alarms.v1 package¶
Submodules¶
api.alarms.v1.alarm module¶
Autogenerated API
-
api.alarms.v1.alarm.
add_alarm
(description: str = None, info: str = None, references: list = None, links: list = None, labels: list = None, signatures: list = None, attackCategoryID: int = 0, json: bool = True, verify: bool = True, apiKey: str = '', authentication: dict = {}) → dict[source]¶ Add new alarm (INTERNAL)
Return type: dict
Parameters: - description (str) – Alarm description => [sw{}$-().[]“‘_/,*+#:@!?;]*
- info (str) – Alarm verbose information => format:html
- references (list) – Alarm vulnerability references (CVE-numbers, BID-numbers, etc) => [sw{}$-().[]“‘_/,*+#:@!?;]*
- links (list) – Links to external descriptions of this alarm => ((https?|ftp|gopher|telnet|file):((/)|())+[wd:#@%/;$()~_?+-=.&]*)
- labels (list) – Tag an alarm with labels => [sw{}$-().[]“‘_/,*+#:@!?;]*
- signatures (list) – List of signatures to map to this alarm => Sanitize by regex [a-zA-Z0-9_/:@~!+-.?]*
- attackCategoryID (int) – Alarm attack category ID (default 0)
Raises: - AuthenticationFailedException – on 401
- ValidationErrorException – on 412
- AccessDeniedException – on 403
Returns: {“offset”: 299, “limit”: 240, “responseCode”: 200, “count”: 528, “metaData”: {“additionalProperties”: {}}, “messages”: [{“message”: “Term where clearly religious history.”, “messageTemplate”: “Effort accept staff go budget student.”, “field”: “Happy between along animal.”, “parameter”: {}, “timestamp”: 748536622}], “currentPage”: 302, “size”: 72}
-
api.alarms.v1.alarm.
add_alarm_comment
(id: int, comment: str = None, json: bool = True, verify: bool = True, apiKey: str = '', authentication: dict = {}) → dict[source]¶ Add alarm comment (INTERNAL)
Return type: dict
Parameters: - id (int) – ID of Alarm
- comment (str) – Comment content. Html is allowed, will be sanitized. => format:html
Raises: - AuthenticationFailedException – on 401
- ValidationErrorException – on 412
- AccessDeniedException – on 403
- ObjectNotFoundException – on 404
Returns: {“offset”: 697, “limit”: 449, “responseCode”: 200, “count”: 729, “metaData”: {“additionalProperties”: {}}, “messages”: [{“message”: “Name share coach new.”, “messageTemplate”: “World good task director position.”, “field”: “Suggest prove foreign.”, “parameter”: {}, “timestamp”: 554480189}], “currentPage”: 299, “size”: 819}
-
api.alarms.v1.alarm.
delete_alarm
(id: int, json: bool = True, verify: bool = True, apiKey: str = '', authentication: dict = {}) → dict[source]¶ Delete existing alarm (INTERNAL)
Return type: dict
Parameters: id (int) – ID of Alarm
Raises: - AuthenticationFailedException – on 401
- ValidationErrorException – on 412
- AccessDeniedException – on 403
- ObjectNotFoundException – on 404
Returns: {“offset”: 958, “limit”: 444, “responseCode”: 200, “count”: 106, “metaData”: {“additionalProperties”: {}}, “messages”: [{“message”: “Eye realize where college contain professor forget.”, “messageTemplate”: “Try inside find skill science picture do.”, “field”: “Term security million head organization style produce firm.”, “parameter”: {}, “timestamp”: 1431124237}], “currentPage”: 620, “size”: 35}
-
api.alarms.v1.alarm.
delete_alarm_comment
(id: int, timestamp: int, json: bool = True, verify: bool = True, apiKey: str = '', authentication: dict = {}) → dict[source]¶ Delete alarm comment (INTERNAL)
Return type: dict
Parameters: - id (int) – ID of Alarm
- timestamp (int) – Timestamp of comment
Raises: - AuthenticationFailedException – on 401
- ValidationErrorException – on 412
- AccessDeniedException – on 403
- ObjectNotFoundException – on 404
Returns: {“offset”: 113, “limit”: 209, “responseCode”: 200, “count”: 71, “metaData”: {“additionalProperties”: {}}, “messages”: [{“message”: “Everybody conference hundred executive character.”, “messageTemplate”: “Media society resource today future.”, “field”: “Traditional against before soon though.”, “parameter”: {}, “timestamp”: 753780319}], “currentPage”: 557, “size”: 593}
-
api.alarms.v1.alarm.
get_alarm_by_id
(id: int, json: bool = True, verify: bool = True, apiKey: str = '', authentication: dict = {}) → dict[source]¶ Get alarm by Id (PUBLIC)
Return type: dict
Parameters: id (int) – ID of alarm
Raises: - AuthenticationFailedException – on 401
- ValidationErrorException – on 412
- AccessDeniedException – on 403
- ObjectNotFoundException – on 404
Returns: {“offset”: 759, “limit”: 958, “responseCode”: 200, “count”: 709, “metaData”: {“additionalProperties”: {}}, “messages”: [{“message”: “Hair himself authority hand.”, “messageTemplate”: “Event car a effort amount thousand security second.”, “field”: “Across six region fish yard fast pick.”, “parameter”: {}, “timestamp”: 935450225}], “currentPage”: 649, “size”: 767}
-
api.alarms.v1.alarm.
get_alarms
(keywords: list = None, keywordField: list = None, keywordMatch: str = 'all', offset: int = 0, limit: int = 25, json: bool = True, verify: bool = True, apiKey: str = '', authentication: dict = {}) → dict[source]¶ Get all alarms (PUBLIC)
Return type: dict
Parameters: Raises: - AuthenticationFailedException – on 401
- ValidationErrorException – on 412
- AccessDeniedException – on 403
Returns: {“offset”: 535, “limit”: 497, “responseCode”: 200, “count”: 53, “data”: [{“id”: 494, “mappings”: [{“lastUpdatedTimestamp”: 1480017764, “comments”: [{“timestamp”: 1250745557, “comment”: “Bar miss since contain lay.”}], “mappedTimestamp”: 441270359, “firstTriggeredTimestamp”: 275166127, “lastTriggeredTimestamp”: 274249159, “triggerAmount”: 136, “signature”: “Trial law social next administration involve.”, “flags”: [“SNORT”]}], “comments”: [{“timestamp”: 763430192, “comment”: “City line now best.”}], “references”: [“Along everyone nothing stay.”], “labels”: [“People magazine difficult identify go follow.”], “info”: “Yourself admit station sea turn like century center.”, “description”: “Financial play form visit him woman.”, “links”: [“Any beyond soon owner PM skin better catch.”], “createdByUser”: {“id”: 949, “customerID”: 733, “userName”: “christophercaldwell”, “name”: “David Johnson”}, “createdTimestamp”: 494391908, “lastUpdatedByUser”: {“id”: 745, “customerID”: 51, “userName”: “thompsongary”, “name”: “Kathleen Lara”}, “lastUpdatedTimestamp”: 332900523, “lastCheckedByUser”: {“id”: 770, “customerID”: 597, “userName”: “fletcherdiane”, “name”: “Wendy Washington”}, “lastCheckTimestamp”: 446025716, “nextCheckTimestamp”: 1227562837, “flags”: [“DISABLED”]}], “metaData”: {“additionalProperties”: {}}, “messages”: [{“message”: “Million wide here begin arrive environment drop.”, “messageTemplate”: “Way each miss example about.”, “field”: “National source among her.”, “parameter”: {}, “timestamp”: 496977744}], “currentPage”: 630, “size”: 829}
-
api.alarms.v1.alarm.
map_to_alarm
(id: int, signatures: list = None, json: bool = True, verify: bool = True, apiKey: str = '', authentication: dict = {}) → dict[source]¶ Map signatures to alarm (INTERNAL)
Return type: dict
Parameters: - id (int) – ID of Alarm
- signatures (list) – Signatures (exist/new) to be mapped to the alarm => Sanitize by regex [a-zA-Z0-9_/:@~!+-.?]*
Raises: - AuthenticationFailedException – on 401
- ValidationErrorException – on 412
- AccessDeniedException – on 403
Returns: {“offset”: 208, “limit”: 664, “responseCode”: 200, “count”: 490, “metaData”: {“additionalProperties”: {}}, “messages”: [{“message”: “Ever bring add much senior.”, “messageTemplate”: “Wait cost doctor deep watch analysis hair.”, “field”: “Unit task concern happy.”, “parameter”: {}, “timestamp”: 175609667}], “currentPage”: 791, “size”: 891}
-
api.alarms.v1.alarm.
search_alarms
(limit: int = None, offset: int = None, subCriteria: list = None, attackCategoryID: list = None, alarmID: list = None, alarmReferences: list = None, labels: list = None, startTimestamp: int = None, endTimestamp: int = None, timeFieldStrategy: list = None, keywords: list = None, keywordFieldStrategy: list = None, signature: list = None, sortBy: list = None, includeFlags: list = None, excludeFlags: list = None, timeMatchStrategy: str = 'any', keywordMatchStrategy: str = 'all', includeDeleted: bool = 'False', exclude: bool = 'False', required: bool = 'False', includeMappings: bool = 'False', includeComments: bool = 'False', json: bool = True, verify: bool = True, apiKey: str = '', authentication: dict = {}) → dict[source]¶ Get all alarms matching a given search criteria (PUBLIC)
Return type: dict
Parameters: - limit (int) – Set this value to set max number of results. By default, no restriction on result set size.
- offset (int) – Set this value to skip the first (offset) objects. By default, return result from first object.
- subCriteria (list) –
- attackCategoryID (list) – A set of IDs for attack categories (alarm category).
- alarmID (list) – A set of IDs for alarms.
- alarmReferences (list) – A set of references. It does an exact match.
- labels (list) – A set of labels. It does an exact match.
- startTimestamp (int) – Only include alarms based on the set TimeFieldStrategy and TimeMatchStrategy (start timestamp)
- endTimestamp (int) – Only include alarms based on the set TimeFieldStrategy and TimeMatchStrategy (end timestamp)
- timeFieldStrategy (list) – TimeFieldStrategy to define which timestamp field(s) to match. (default lastUpdatedTimestamp)
- keywords (list) – A set of keywords matched against alarms based on the set KeywordFieldStrategy and KeywordMatchStrategy.
- keywordFieldStrategy (list) – KeywordFieldStrategy to define which field(s) to match against keywords. (default all)
- signature (list) – A set of signatures. It does an exact match.
- sortBy (list) – List of properties to sort by (prefix with “-” to sort descending).
- includeFlags (list) – Only include objects which have includeFlags set.
- excludeFlags (list) – Exclude objects which have excludeFlags set.
- timeMatchStrategy (str) – TimeMatchStrategy to define how to match startTimestamp and endTimestamp with fields. (default any)
- keywordMatchStrategy (str) – KeywordMatchStrategy to define how to match keywords with fields. (default all)
- includeDeleted (bool) – Set to true to include deleted objects. By default, exclude deleted objects.
- exclude (bool) – Only relevant for subcriteria. If set to true, objects matching this subcriteria object will be excluded.
- required (bool) – Only relevant for subcriteria. If set to true, objects matching this subcriteria are required (AND-ed together with parent criteria).
- includeMappings (bool) – Set to include mappings in the search result. (default false)
- includeComments (bool) – Set to include comments in the search result. (default false)
Raises: - AuthenticationFailedException – on 401
- ValidationErrorException – on 412
- AccessDeniedException – on 403
Returns: {“offset”: 470, “limit”: 474, “responseCode”: 200, “count”: 973, “data”: [{“id”: 273, “mappings”: [{“lastUpdatedTimestamp”: 264658383, “comments”: [{“timestamp”: 516778437, “comment”: “Allow everybody modern rich dark quality.”}], “mappedTimestamp”: 243881412, “firstTriggeredTimestamp”: 269928407, “lastTriggeredTimestamp”: 139777612, “triggerAmount”: 517, “signature”: “Difference benefit fact fund.”, “flags”: [“DELETED”]}], “comments”: [{“timestamp”: 465276867, “comment”: “In significant speech.”}], “references”: [“Front employee south memory story how.”], “labels”: [“Your bank letter these require author idea.”], “info”: “Challenge agent discuss floor another.”, “description”: “Man girl paper thus way herself.”, “links”: [“Similar vote travel respond only management.”], “createdByUser”: {“id”: 708, “customerID”: 184, “userName”: “brandonmartinez”, “name”: “Kathryn Barnes”}, “createdTimestamp”: 1041631103, “lastUpdatedByUser”: {“id”: 896, “customerID”: 617, “userName”: “ujuarez”, “name”: “Dustin Mathis”}, “lastUpdatedTimestamp”: 109694593, “lastCheckedByUser”: {“id”: 439, “customerID”: 996, “userName”: “ewalton”, “name”: “Matthew Ford”}, “lastCheckTimestamp”: 696920975, “nextCheckTimestamp”: 1347869794, “flags”: [“DISABLED”]}], “metaData”: {“additionalProperties”: {}}, “messages”: [{“message”: “Discuss art treatment term order young.”, “messageTemplate”: “Only really likely strong morning.”, “field”: “Prevent yet child smile media would.”, “parameter”: {}, “timestamp”: 799519902}], “currentPage”: 948, “size”: 763}
-
api.alarms.v1.alarm.
unmap
(id: int, signature: list = None, json: bool = True, verify: bool = True, apiKey: str = '', authentication: dict = {}) → dict[source]¶ Unmap signatures from alarm (INTERNAL)
Return type: dict
Parameters: - id (int) – ID of Alarm
- signature (list) – Signatures to unmap
Raises: - AuthenticationFailedException – on 401
- ValidationErrorException – on 412
- AccessDeniedException – on 403
Returns: {“offset”: 695, “limit”: 177, “responseCode”: 200, “count”: 745, “metaData”: {“additionalProperties”: {}}, “messages”: [{“message”: “Water factor audience someone shoulder interesting article.”, “messageTemplate”: “Single unit body close reason.”, “field”: “History policy cut ground grow.”, “parameter”: {}, “timestamp”: 885686476}], “currentPage”: 679, “size”: 337}
-
api.alarms.v1.alarm.
update_alarm
(id: int, description: str = None, info: str = None, addReferences: list = None, deleteReferences: list = None, addLinks: list = None, deleteLinks: list = None, addLabels: list = None, deleteLabels: list = None, attackCategoryID: int = 0, disabled: bool = 'False', json: bool = True, verify: bool = True, apiKey: str = '', authentication: dict = {}) → dict[source]¶ Update existing alarm (INTERNAL)
Return type: dict
Parameters: - id (int) – ID of Alarm
- description (str) – Update description of alarm => [sw{}$-().[]“‘_/,*+#:@!?;]*
- info (str) – Update verbose information of alarm => format:html
- addReferences (list) – Add vulnerability references (CVE-numbers, BID-numbers, etc) => [sw{}$-().[]“‘_/,*+#:@!?;]*
- deleteReferences (list) – Remove vulnerability references
- addLinks (list) – Add external links => ((https?|ftp|gopher|telnet|file):((/)|())+[wd:#@%/;$()~_?+-=.&]*)
- deleteLinks (list) – Remove external links
- addLabels (list) – Add labels => [sw{}$-().[]“‘_/,*+#:@!?;]*
- deleteLabels (list) – Remove labels => [sw{}$-().[]“‘_/,*+#:@!?;]*
- attackCategoryID (int) – Update category of alarm (unchanged if set to 0) (default 0)
- disabled (bool) – Disable or enable alarm (unchanged if not set)
Raises: - AuthenticationFailedException – on 401
- ValidationErrorException – on 412
- AccessDeniedException – on 403
- ObjectNotFoundException – on 404
Returns: {“offset”: 578, “limit”: 909, “responseCode”: 200, “count”: 41, “metaData”: {“additionalProperties”: {}}, “messages”: [{“message”: “Budget human free pay put act.”, “messageTemplate”: “Unit people research production role feel.”, “field”: “Environmental cover bed would team machine.”, “parameter”: {}, “timestamp”: 280741964}], “currentPage”: 735, “size”: 489}
api.alarms.v1.category module¶
Autogenerated API
-
api.alarms.v1.category.
add_category
(name: str = None, info: str = None, json: bool = True, verify: bool = True, apiKey: str = '', authentication: dict = {}) → dict[source]¶ Add new category (INTERNAL)
Return type: dict
Parameters: - name (str) – Name of added category. => [sw{}$-().[]“‘_/,*+#:@!?;]*
- info (str) – Description of added category. => [sw{}$-().[]“‘_/,*+#:@!?;]*
Raises: - AuthenticationFailedException – on 401
- ValidationErrorException – on 412
- AccessDeniedException – on 403
Returns: {“offset”: 425, “limit”: 767, “responseCode”: 200, “count”: 460, “metaData”: {“additionalProperties”: {}}, “messages”: [{“message”: “Without design rich citizen water develop instead.”, “messageTemplate”: “Summer director kitchen push have purpose level.”, “field”: “Throw then job.”, “parameter”: {}, “timestamp”: 1148272253}], “currentPage”: 669, “size”: 44}
-
api.alarms.v1.category.
delete_category
(id: int, json: bool = True, verify: bool = True, apiKey: str = '', authentication: dict = {}) → dict[source]¶ Delete existing category (INTERNAL)
Return type: dict
Parameters: id (int) – ID of attack category
Raises: - AuthenticationFailedException – on 401
- ValidationErrorException – on 412
- AccessDeniedException – on 403
- ObjectNotFoundException – on 404
Returns: {“offset”: 559, “limit”: 171, “responseCode”: 200, “count”: 687, “metaData”: {“additionalProperties”: {}}, “messages”: [{“message”: “Agency difference best sometimes behavior here.”, “messageTemplate”: “Wind officer leave stop.”, “field”: “Out take pattern involve miss modern dog.”, “parameter”: {}, “timestamp”: 988227933}], “currentPage”: 557, “size”: 223}
-
api.alarms.v1.category.
get_categories
(keywords: list = None, keywordField: list = None, offset: int = 0, limit: int = 25, keywordMatch: str = 'all', json: bool = True, verify: bool = True, apiKey: str = '', authentication: dict = {}) → dict[source]¶ Get all categories (PUBLIC)
Return type: dict
Parameters: Raises: - AuthenticationFailedException – on 401
- ValidationErrorException – on 412
- AccessDeniedException – on 403
Returns: {“offset”: 456, “limit”: 444, “responseCode”: 200, “count”: 192, “data”: [{“id”: 16, “info”: “Me woman market wall phone bring.”, “name”: “Richard Smith”, “flags”: [“DISABLED”]}], “metaData”: {“additionalProperties”: {}}, “messages”: [{“message”: “Response enter what put measure.”, “messageTemplate”: “Parent condition data information night want city their.”, “field”: “Office identify specific card laugh summer.”, “parameter”: {}, “timestamp”: 904638266}], “currentPage”: 418, “size”: 972}
-
api.alarms.v1.category.
get_category_by_id
(id: int, json: bool = True, verify: bool = True, apiKey: str = '', authentication: dict = {}) → dict[source]¶ Get category by Id (PUBLIC)
Return type: dict
Parameters: id (int) – ID of category
Raises: - AuthenticationFailedException – on 401
- ValidationErrorException – on 412
- AccessDeniedException – on 403
- ObjectNotFoundException – on 404
Returns: {“offset”: 567, “limit”: 110, “responseCode”: 200, “count”: 665, “metaData”: {“additionalProperties”: {}}, “messages”: [{“message”: “Them form leave game ball blue red risk.”, “messageTemplate”: “Moment issue message hard later lose daughter.”, “field”: “Charge employee them sort task benefit nice.”, “parameter”: {}, “timestamp”: 1375235543}], “currentPage”: 997, “size”: 825}
-
api.alarms.v1.category.
search_categories
(limit: int = None, offset: int = None, subCriteria: list = None, attackCategoryID: list = None, keywords: list = None, keywordFieldStrategy: list = None, sortBy: list = None, includeFlags: list = None, excludeFlags: list = None, keywordMatchStrategy: str = 'all', includeDeleted: bool = 'False', exclude: bool = 'False', required: bool = 'False', json: bool = True, verify: bool = True, apiKey: str = '', authentication: dict = {}) → dict[source]¶ Get all categories matching a given search criteria (PUBLIC)
Return type: dict
Parameters: - limit (int) – Set this value to set max number of results. By default, no restriction on result set size.
- offset (int) – Set this value to skip the first (offset) objects. By default, return result from first object.
- subCriteria (list) –
- attackCategoryID (list) – A set of IDs for attack categories (alarm category).
- keywords (list) – A set of keywords matched against categories based on the set KeywordFieldStrategy and KeywordMatchStrategy.
- keywordFieldStrategy (list) – KeywordFieldStrategy to define which field(s) to match against keywords. (default all)
- sortBy (list) – List of properties to sort by (prefix with “-” to sort descending).
- includeFlags (list) – Only include objects which have includeFlags set.
- excludeFlags (list) – Exclude objects which have excludeFlags set.
- keywordMatchStrategy (str) – KeywordMatchStrategy to define how to match keywords with fields. (default all)
- includeDeleted (bool) – Set to true to include deleted objects. By default, exclude deleted objects.
- exclude (bool) – Only relevant for subcriteria. If set to true, objects matching this subcriteria object will be excluded.
- required (bool) – Only relevant for subcriteria. If set to true, objects matching this subcriteria are required (AND-ed together with parent criteria).
Raises: - AuthenticationFailedException – on 401
- ValidationErrorException – on 412
- AccessDeniedException – on 403
Returns: {“offset”: 33, “limit”: 72, “responseCode”: 200, “count”: 552, “data”: [{“id”: 0, “info”: “Their garden could picture rich.”, “name”: “Alan Collins”, “flags”: [“DELETED”]}], “metaData”: {“additionalProperties”: {}}, “messages”: [{“message”: “Thought three pressure get partner.”, “messageTemplate”: “Since check focus natural movie sea throughout surface.”, “field”: “Book American away image leader.”, “parameter”: {}, “timestamp”: 696382532}], “currentPage”: 513, “size”: 339}
-
api.alarms.v1.category.
update_category
(id: int, name: str = None, info: str = None, disabled: bool = 'False', json: bool = True, verify: bool = True, apiKey: str = '', authentication: dict = {}) → dict[source]¶ Update existing category (INTERNAL)
Return type: dict
Parameters: - id (int) – ID of attack category
- name (str) – Update name of category. => [sw{}$-().[]“‘_/,*+#:@!?;]*
- info (str) – Update description of category. => [sw{}$-().[]“‘_/,*+#:@!?;]*
- disabled (bool) – Disable or enable category (unchanged if not set)
Raises: - AuthenticationFailedException – on 401
- ValidationErrorException – on 412
- AccessDeniedException – on 403
- ObjectNotFoundException – on 404
Returns: {“offset”: 492, “limit”: 908, “responseCode”: 200, “count”: 144, “metaData”: {“additionalProperties”: {}}, “messages”: [{“message”: “Black speech oil various partner network.”, “messageTemplate”: “Good theory unit important least.”, “field”: “Everyone thank wall participant use.”, “parameter”: {}, “timestamp”: 218025499}], “currentPage”: 615, “size”: 877}
api.alarms.v1.signature module¶
Autogenerated API
-
api.alarms.v1.signature.
delete_signatures
(signature: list = None, json: bool = True, verify: bool = True, apiKey: str = '', authentication: dict = {}) → dict[source]¶ Delete signatures. They must not be mapped to an alarm. (INTERNAL)
Return type: dict
Parameters: signature (list) – Signatures to delete
Raises: - AuthenticationFailedException – on 401
- ValidationErrorException – on 412
- AccessDeniedException – on 403
Returns: {“offset”: 828, “limit”: 12, “responseCode”: 200, “count”: 421, “data”: [{“lastUpdatedByUser”: {“id”: 588, “customerID”: 578, “userName”: “murrayspencer”, “name”: “Nicole Lynch”}, “lastUpdatedTimestamp”: 224105481, “comments”: [{“timestamp”: 744027375, “comment”: “Find control far agreement expect remember.”}], “mappedTimestamp”: 481980376, “mappedByUser”: {“id”: 410, “customerID”: 510, “userName”: “glassbradley”, “name”: “Scott Mcbride”}, “firstTriggeredTimestamp”: 642006565, “lastTriggeredTimestamp”: 494735336, “triggerAmount”: 973, “signature”: “Stock stock everything peace month thing wife finally.”, “flags”: [“SNORT”]}], “metaData”: {“additionalProperties”: {}}, “messages”: [{“message”: “Process break executive us civil.”, “messageTemplate”: “Production business forward treat be.”, “field”: “Property natural difference business after.”, “parameter”: {}, “timestamp”: 861379580}], “currentPage”: 584, “size”: 754}
-
api.alarms.v1.signature.
get_signatures
(keywords: list = None, keywordField: list = None, keywordMatch: str = 'all', offset: int = 0, limit: int = 25, json: bool = True, verify: bool = True, apiKey: str = '', authentication: dict = {}) → dict[source]¶ Get all signatures including alarms if mapped (PUBLIC)
Return type: dict
Parameters: Raises: - AuthenticationFailedException – on 401
- ValidationErrorException – on 412
- AccessDeniedException – on 403
Returns: {“offset”: 477, “limit”: 232, “responseCode”: 200, “count”: 702, “data”: [{“lastUpdatedByUser”: {“id”: 524, “customerID”: 344, “userName”: “carla95”, “name”: “Megan Ball”}, “lastUpdatedTimestamp”: 1198308869, “comments”: [{“timestamp”: 1106784534, “comment”: “Magazine industry able over center road anything.”}], “mappedTimestamp”: 1169316911, “mappedByUser”: {“id”: 864, “customerID”: 9, “userName”: “aaron02”, “name”: “Carlos Buckley”}, “firstTriggeredTimestamp”: 115814846, “lastTriggeredTimestamp”: 1440676452, “triggerAmount”: 584, “signature”: “Campaign into law term rest.”, “flags”: [“SNORT”]}], “metaData”: {“additionalProperties”: {}}, “messages”: [{“message”: “Take member country fear.”, “messageTemplate”: “Force cut place.”, “field”: “Great consider by.”, “parameter”: {}, “timestamp”: 1167442747}], “currentPage”: 928, “size”: 759}
-
api.alarms.v1.signature.
search_signatures
(limit: int = None, offset: int = None, includeFlags: int = None, excludeFlags: int = None, subCriteria: list = None, attackCategoryID: list = None, alarmID: list = None, signature: list = None, minTriggerAmount: int = None, maxTriggerAmount: int = None, startTimestamp: int = None, endTimestamp: int = None, timeFieldStrategy: list = None, keywords: list = None, keywordFieldStrategy: list = None, sortBy: list = None, timeMatchStrategy: str = 'any', keywordMatchStrategy: str = 'all', includeDeleted: bool = 'False', exclude: bool = 'False', required: bool = 'False', json: bool = True, verify: bool = True, apiKey: str = '', authentication: dict = {}) → dict[source]¶ Get all signatures matching a given search criteria (PUBLIC)
Return type: dict
Parameters: - limit (int) – Set this value to set max number of results. By default, no restriction on result set size.
- offset (int) – Set this value to skip the first (offset) objects. By default, return result from first object.
- includeFlags (int) – Only include objects which have includeFlags set.
- excludeFlags (int) – Exclude objects which have excludeFlags set.
- subCriteria (list) –
- attackCategoryID (list) – A set of IDs for attack categories (alarm category).
- alarmID (list) – A set of IDs for alarms.
- signature (list) – A set of signatures. It does an exact match.
- minTriggerAmount (int) – Minimum trigger amount, default 0 means disabled
- maxTriggerAmount (int) – Maximum trigger amount, default 0 means disabled
- startTimestamp (int) – Only include mappings based on the set TimeFieldStrategy and TimeMatchStrategy (start timestamp)
- endTimestamp (int) – Only include mappings based on the set TimeFieldStrategy and TimeMatchStrategy (end timestamp)
- timeFieldStrategy (list) – TimeFieldStrategy to define which timestamp field(s) to match. (default lastTriggeredTimestamp)
- keywords (list) – A set of keywords matched against mappings based on the set KeywordFieldStrategy and KeywordMatchStrategy.
- keywordFieldStrategy (list) – KeywordFieldStrategy to define which field(s) to match against keywords. (default all)
- sortBy (list) – List of properties to sort by (prefix with “-” to sort descending).
- timeMatchStrategy (str) – TimeMatchStrategy to define how to match startTimestamp and endTimestamp with fields. (default any)
- keywordMatchStrategy (str) – KeywordMatchStrategy to define how to match keywords with fields. (default all)
- includeDeleted (bool) – Set to true to include deleted objects. By default, exclude deleted objects.
- exclude (bool) – Only relevant for subcriteria. If set to true, objects matching this subcriteria object will be excluded.
- required (bool) – Only relevant for subcriteria. If set to true, objects matching this subcriteria are required (AND-ed together with parent criteria).
Raises: - AuthenticationFailedException – on 401
- ValidationErrorException – on 412
- AccessDeniedException – on 403
Returns: {“offset”: 239, “limit”: 453, “responseCode”: 200, “count”: 489, “data”: [{“lastUpdatedByUser”: {“id”: 370, “customerID”: 129, “userName”: “melissamiller”, “name”: “Victoria Gallegos”}, “lastUpdatedTimestamp”: 1221347080, “comments”: [{“timestamp”: 800704064, “comment”: “Book challenge religious service exactly store.”}], “mappedTimestamp”: 1380738237, “mappedByUser”: {“id”: 832, “customerID”: 453, “userName”: “colleen04”, “name”: “Catherine Watts”}, “firstTriggeredTimestamp”: 336395551, “lastTriggeredTimestamp”: 212157329, “triggerAmount”: 748, “signature”: “Would us change.”, “flags”: [“DELETED”]}], “metaData”: {“additionalProperties”: {}}, “messages”: [{“message”: “On real simple fund ago black beyond.”, “messageTemplate”: “Upon town face serious house.”, “field”: “Able wind get another above.”, “parameter”: {}, “timestamp”: 830623849}], “currentPage”: 684, “size”: 736}