binalyze-air-sdk 1.0.2__py3-none-any.whl → 1.0.3__py3-none-any.whl

binalyze_air/apis/interact.py

@@ -1,36 +1,153 @@
-"""
-Interact API for the Binalyze AIR SDK.
-"""
-
-from ..http_client import HTTPClient
-from ..models.interact import (
-    ShellInteraction, AssignShellTaskRequest, ShellTaskResponse,  # Legacy models
-    AssignInteractiveShellTaskRequest, InteractiveShellTaskResponse  # New models
-)
-from ..queries.interact import GetShellInteractionQuery
-from ..commands.interact import AssignShellTaskCommand, AssignInteractiveShellTaskCommand
-
-
-class InteractAPI:
-    """Interact API with CQRS pattern - separated queries and commands."""
-    
-    def __init__(self, http_client: HTTPClient):
-        self.http_client = http_client
-    
-    # QUERIES (Read operations)
-    def get_shell_interaction(self, interaction_id: str) -> ShellInteraction:
-        """Get a specific shell interaction by ID."""
-        query = GetShellInteractionQuery(self.http_client, interaction_id)
-        return query.execute()
-    
-    # COMMANDS (Write operations)
-    def assign_interactive_shell_task(self, request: AssignInteractiveShellTaskRequest) -> InteractiveShellTaskResponse:
-        """Assign an interactive shell task to an asset."""
-        command = AssignInteractiveShellTaskCommand(self.http_client, request)
-        return command.execute()
-    
-    # Legacy methods for backward compatibility (deprecated)
-    def assign_shell_task(self, request: AssignShellTaskRequest) -> ShellTaskResponse:
-        """Assign a shell interaction task to endpoints (legacy)."""
-        command = AssignShellTaskCommand(self.http_client, request)
-        return command.execute() 
+"""
+Interact API for the Binalyze AIR SDK.
+"""
+
+from typing import List, Optional, Dict, Any, Union
+
+from ..http_client import HTTPClient
+from ..models.interact import (
+    ShellInteraction, AssignInteractiveShellTaskRequest, InteractiveShellTaskResponse,
+    LibraryFile, LibraryFileFilter, ExecuteCommandRequest, ExecuteCommandResponse,
+    InteractCommand, CommandMessage
+)
+from ..queries.interact import (
+    GetShellInteractionQuery, ListLibraryFilesQuery, DownloadLibraryFileQuery,
+    CheckFileExistsQuery, GetCommandMessageQuery, ListInteractCommandsQuery
+)
+from ..commands.interact import (
+    AssignInteractiveShellTaskCommand, UploadFileToLibraryCommand, DeleteFileFromLibraryCommand,
+    ExecuteCommandCommand, ExecuteAsyncCommandCommand, InterruptCommandCommand, CloseSessionCommand
+)
+
+
+class InteractAPI:
+    """Interact API with CQRS pattern - separated queries and commands."""
+    
+    def __init__(self, http_client: HTTPClient):
+        self.http_client = http_client
+    
+    # ========================================
+    # LIBRARY FILE OPERATIONS (5 endpoints)
+    # ========================================
+    
+    # QUERIES (Read operations)
+    def list_library_files(self, filter_params: Optional[LibraryFileFilter] = None) -> List[LibraryFile]:
+        """List files in the interact library."""
+        query = ListLibraryFilesQuery(self.http_client, filter_params)
+        return query.execute()
+    
+    def download_library_file(self, file_id: str) -> bytes:
+        """Download a file from the interact library."""
+        query = DownloadLibraryFileQuery(self.http_client, file_id)
+        return query.execute()
+    
+    def check_file_exists(self, filename: str, sha256: Optional[str] = None, organization_ids: Optional[List[int]] = None) -> bool:
+        """Check if a file exists in the interact library."""
+        query = CheckFileExistsQuery(self.http_client, filename, sha256, organization_ids)
+        return query.execute()
+    
+    # COMMANDS (Write operations)
+    def upload_file_to_library(self, file_content: bytes, filename: str, organization_ids: Optional[List[int]] = None) -> Optional[LibraryFile]:
+        """Upload a file to the interact library."""
+        command = UploadFileToLibraryCommand(self.http_client, file_content, filename, organization_ids)
+        return command.execute()
+    
+    def delete_file_from_library(self, file_id: str) -> Dict[str, Any]:
+        """Delete a file from the interact library."""
+        command = DeleteFileFromLibraryCommand(self.http_client, file_id)
+        return command.execute()
+    
+    # ========================================
+    # SHELL SESSION OPERATIONS (6 endpoints)
+    # ========================================
+    
+    # QUERIES (Read operations)
+    def get_command_message(self, session_id: str, message_id: str) -> CommandMessage:
+        """Get a command message from a shell session."""
+        query = GetCommandMessageQuery(self.http_client, session_id, message_id)
+        return query.execute()
+    
+    def list_interact_commands(self) -> List[InteractCommand]:
+        """List available interact commands."""
+        query = ListInteractCommandsQuery(self.http_client)
+        return query.execute()
+    
+    # COMMANDS (Write operations)
+    def assign_interactive_shell_task(self, request: Union[AssignInteractiveShellTaskRequest, Dict[str, Any]]) -> InteractiveShellTaskResponse:
+        """Assign an interactive shell task to an asset."""
+        command = AssignInteractiveShellTaskCommand(self.http_client, request)
+        return command.execute()
+    
+    def execute_command(self, session_id: str, request: Union[ExecuteCommandRequest, Dict[str, Any]]) -> ExecuteCommandResponse:
+        """Execute a command in a shell session."""
+        command = ExecuteCommandCommand(self.http_client, session_id, request)
+        return command.execute()
+    
+    def execute_async_command(self, session_id: str, request: Union[ExecuteCommandRequest, Dict[str, Any]]) -> ExecuteCommandResponse:
+        """Execute an async command in a shell session."""
+        command = ExecuteAsyncCommandCommand(self.http_client, session_id, request)
+        return command.execute()
+    
+    def interrupt_command(self, session_id: str, message_id: str) -> Dict[str, Any]:
+        """Interrupt a running command in a shell session."""
+        command = InterruptCommandCommand(self.http_client, session_id, message_id)
+        return command.execute()
+    
+    def close_session(self, session_id: str) -> Dict[str, Any]:
+        """Close a shell session."""
+        command = CloseSessionCommand(self.http_client, session_id)
+        return command.execute()
+    
+    # ========================================
+    # LEGACY METHODS (for backward compatibility)
+    # ========================================
+    
+    def get_shell_interaction(self, interaction_id: str) -> ShellInteraction:
+        """Get a specific shell interaction by ID (legacy)."""
+        query = GetShellInteractionQuery(self.http_client, interaction_id)
+        return query.execute()
+    
+    # ========================================
+    # CONVENIENCE ALIASES
+    # ========================================
+    
+    # Library aliases
+    def list_files(self, filter_params: Optional[LibraryFileFilter] = None) -> List[LibraryFile]:
+        """List files - alias for list_library_files."""
+        return self.list_library_files(filter_params)
+    
+    def download_file(self, file_id: str) -> bytes:
+        """Download file - alias for download_library_file."""
+        return self.download_library_file(file_id)
+    
+    def upload_file(self, file_content: bytes, filename: str, organization_ids: Optional[List[int]] = None) -> Optional[LibraryFile]:
+        """Upload file - alias for upload_file_to_library."""
+        return self.upload_file_to_library(file_content, filename, organization_ids)
+    
+    def delete_file(self, file_id: str) -> Dict[str, Any]:
+        """Delete file - alias for delete_file_from_library."""
+        return self.delete_file_from_library(file_id)
+    
+    # Shell aliases
+    def execute(self, session_id: str, command: str, accept: str = "json") -> ExecuteCommandResponse:
+        """Execute command - convenience method."""
+        request = ExecuteCommandRequest(command=command, accept=accept)
+        return self.execute_command(session_id, request)
+    
+    def execute_async(self, session_id: str, command: str, accept: str = "json") -> ExecuteCommandResponse:
+        """Execute async command - convenience method."""
+        request = ExecuteCommandRequest(command=command, accept=accept)
+        return self.execute_async_command(session_id, request)
+    
+    def get_commands(self) -> List[InteractCommand]:
+        """Get commands - alias for list_interact_commands."""
+        return self.list_interact_commands()
+    
+    def assign_shell_task(self, asset_id: str, case_id: str, task_config: Dict[str, Any]) -> InteractiveShellTaskResponse:
+        """Assign shell task - convenience method."""
+        request_data = {
+            "assetId": asset_id,
+            "caseId": case_id,
+            "taskConfig": task_config
+        }
+        return self.assign_interactive_shell_task(request_data) 

binalyze_air/apis/investigation_hub.py

@@ -0,0 +1,234 @@
+"""
+Investigation Hub API for the Binalyze AIR SDK.
+"""
+
+from typing import Optional, List, Dict, Any
+
+from ..http_client import HTTPClient
+from ..models.investigation_hub import (
+    Investigation, InvestigationAsset, FlagSummary, EvidenceSection,
+    EvidenceStructure, SQLQueryResult, FindingsSummary, FindingsStructure,
+    FindingsResult, FindingsRequest, MitreMatch, InvestigationComment, 
+    InvestigationActivity, AdvancedFilter, UpdateInvestigationRequest, 
+    FlagEvidenceRequest, AddNoteRequest, CreateCommentRequest, 
+    MarkActivityAsReadRequest, CreateAdvancedFilterRequest,
+    UpdateAdvancedFilterRequest, ExportRequest
+)
+from ..queries.investigation_hub import (
+    GetInvestigationQuery, GetInvestigationAssetsQuery, GetInvestigationFlagSummaryQuery,
+    GetEvidenceSectionsQuery, GetEvidenceStructureQuery, ExecuteSQLQuery,
+    GetFindingsSummaryQuery, GetFindingsStructureQuery, GetFindingsQuery,
+    GetMitreMatchesQuery, GetInvestigationCommentsQuery,
+    GetInvestigationActivitiesQuery, GetAdvancedFiltersQuery, GetAdvancedFilterQuery,
+    GetEvidenceRecordsQuery
+)
+from ..commands.investigation_hub import (
+    UpdateInvestigationCommand, DeleteInvestigationCommand, FlagEvidenceCommand,
+    UnflagEvidenceCommand, AddNoteToEvidenceCommand, CreateCommentCommand,
+    UpdateCommentCommand, DeleteCommentCommand, MarkActivitiesAsReadCommand,
+    CreateAdvancedFilterCommand, UpdateAdvancedFilterCommand, DeleteAdvancedFilterCommand,
+    ExportEvidenceCommand, GenerateReportCommand, RefreshInvestigationCommand,
+    ArchiveInvestigationCommand, RestoreInvestigationCommand
+)
+
+
+class InvestigationHubAPI:
+    """Investigation Hub API with CQRS pattern - separated queries and commands."""
+    
+    def __init__(self, http_client: HTTPClient):
+        self.http_client = http_client
+    
+    # QUERIES (Read operations)
+    def get_investigation(self, investigation_id: str) -> Investigation:
+        """Get a specific investigation by ID."""
+        query = GetInvestigationQuery(self.http_client, investigation_id)
+        return query.execute()
+    
+    def get_assets(self, investigation_id: str) -> List[InvestigationAsset]:
+        """Get assets for a specific investigation."""
+        query = GetInvestigationAssetsQuery(self.http_client, investigation_id)
+        return query.execute()
+    
+    def get_flag_summary(self, investigation_id: str) -> List[FlagSummary]:
+        """Get flag summary for a specific investigation."""
+        query = GetInvestigationFlagSummaryQuery(self.http_client, investigation_id)
+        return query.execute()
+    
+    def get_evidence_sections(self, investigation_id: str, task_assignment_ids: List[str]) -> List[EvidenceSection]:
+        """Get evidence sections for a specific investigation with task assignment IDs."""
+        query = GetEvidenceSectionsQuery(self.http_client, investigation_id, task_assignment_ids)
+        return query.execute()
+    
+    def get_evidence_structure(self, investigation_id: str, section: str) -> List[EvidenceStructure]:
+        """Get evidence structure for a specific section."""
+        query = GetEvidenceStructureQuery(self.http_client, investigation_id, section)
+        return query.execute()
+    
+    def execute_sql_query(self, investigation_id: str, query: str, 
+                         page_size: int = 10, page_number: int = 1) -> SQLQueryResult:
+        """Execute SQL query against investigation database."""
+        sql_query = ExecuteSQLQuery(self.http_client, investigation_id, query, page_size, page_number)
+        return sql_query.execute()
+    
+    def get_findings_summary(self, investigation_id: str) -> FindingsSummary:
+        """Get findings summary for a specific investigation."""
+        query = GetFindingsSummaryQuery(self.http_client, investigation_id)
+        return query.execute()
+    
+    def get_findings_structure(self, investigation_id: str) -> FindingsStructure:
+        """Get findings structure for a specific investigation."""
+        query = GetFindingsStructureQuery(self.http_client, investigation_id)
+        return query.execute()
+    
+    def get_findings(self, investigation_id: str, request: Optional[FindingsRequest] = None) -> FindingsResult:
+        """Get findings for a specific investigation."""
+        if request is None:
+            request = FindingsRequest()
+        query = GetFindingsQuery(self.http_client, investigation_id, request)
+        return query.execute()
+    
+    def get_mitre_matches(self, investigation_id: str) -> List[MitreMatch]:
+        """Get MITRE ATT&CK matches for a specific investigation."""
+        query = GetMitreMatchesQuery(self.http_client, investigation_id)
+        return query.execute()
+    
+    def get_comments(self, investigation_id: str, evidence_id: Optional[str] = None) -> List[InvestigationComment]:
+        """Get comments for a specific investigation."""
+        query = GetInvestigationCommentsQuery(self.http_client, investigation_id, evidence_id)
+        return query.execute()
+    
+    def get_activities(self, investigation_id: str, page_size: int = 20, 
+                      page_number: int = 1) -> List[InvestigationActivity]:
+        """Get activities for a specific investigation."""
+        query = GetInvestigationActivitiesQuery(self.http_client, investigation_id, page_size, page_number)
+        return query.execute()
+    
+    def get_advanced_filters(self, investigation_id: Optional[str] = None) -> List[AdvancedFilter]:
+        """Get advanced filters (organization-wide, not investigation-specific)."""
+        query = GetAdvancedFiltersQuery(self.http_client, investigation_id)
+        return query.execute()
+    
+    def get_advanced_filter(self, investigation_id: str, filter_id: str) -> AdvancedFilter:
+        """Get a specific advanced filter by ID."""
+        query = GetAdvancedFilterQuery(self.http_client, investigation_id, int(filter_id))
+        return query.execute()
+    
+    def get_evidence_records(self, investigation_id: str, section: str,
+                            filters: Optional[Dict[str, Any]] = None, 
+                            page_size: int = 50, page_number: int = 1) -> Dict[str, Any]:
+        """Get evidence records with filtering."""
+        query = GetEvidenceRecordsQuery(
+            self.http_client, investigation_id, section, filters, page_size, page_number
+        )
+        return query.execute()
+    
+    # COMMANDS (Write operations)
+    def update_investigation(self, investigation_id: str, request: UpdateInvestigationRequest) -> Investigation:
+        """Update an investigation."""
+        command = UpdateInvestigationCommand(self.http_client, investigation_id, request)
+        return command.execute()
+    
+    def delete_investigation(self, investigation_id: str) -> Dict[str, Any]:
+        """Delete an investigation."""
+        command = DeleteInvestigationCommand(self.http_client, investigation_id)
+        return command.execute()
+    
+    def flag_evidence(self, investigation_id: str, request: FlagEvidenceRequest) -> Dict[str, Any]:
+        """Flag evidence records."""
+        command = FlagEvidenceCommand(self.http_client, investigation_id, request)
+        return command.execute()
+    
+    def unflag_evidence(self, investigation_id: str, records: List[Dict[str, Any]], 
+                       section: str) -> Dict[str, Any]:
+        """Unflag evidence records."""
+        command = UnflagEvidenceCommand(self.http_client, investigation_id, records, section)
+        return command.execute()
+    
+    def add_note_to_evidence(self, investigation_id: str, request: AddNoteRequest) -> Dict[str, Any]:
+        """Add a note to evidence records."""
+        command = AddNoteToEvidenceCommand(self.http_client, investigation_id, request)
+        return command.execute()
+    
+    def create_comment(self, investigation_id: str, request: CreateCommentRequest) -> InvestigationComment:
+        """Create a comment in an investigation."""
+        command = CreateCommentCommand(self.http_client, investigation_id, request)
+        return command.execute()
+    
+    def update_comment(self, investigation_id: str, comment_id: str, content: str) -> InvestigationComment:
+        """Update a comment in an investigation."""
+        command = UpdateCommentCommand(self.http_client, investigation_id, comment_id, content)
+        return command.execute()
+    
+    def delete_comment(self, investigation_id: str, comment_id: str) -> Dict[str, Any]:
+        """Delete a comment from an investigation."""
+        command = DeleteCommentCommand(self.http_client, investigation_id, comment_id)
+        return command.execute()
+    
+    def mark_activities_as_read(self, investigation_id: str, 
+                               request: MarkActivityAsReadRequest) -> Dict[str, Any]:
+        """Mark activities as read."""
+        command = MarkActivitiesAsReadCommand(self.http_client, investigation_id, request)
+        return command.execute()
+    
+    def create_advanced_filter(self, investigation_id: str, 
+                              request: CreateAdvancedFilterRequest) -> AdvancedFilter:
+        """Create an advanced filter."""
+        command = CreateAdvancedFilterCommand(self.http_client, investigation_id, request)
+        return command.execute()
+    
+    def update_advanced_filter(self, investigation_id: str, filter_id: str, 
+                              request: UpdateAdvancedFilterRequest) -> AdvancedFilter:
+        """Update an advanced filter."""
+        command = UpdateAdvancedFilterCommand(self.http_client, investigation_id, int(filter_id), request)
+        return command.execute()
+    
+    def delete_advanced_filter(self, investigation_id: str, filter_id: str) -> Dict[str, Any]:
+        """Delete an advanced filter."""
+        command = DeleteAdvancedFilterCommand(self.http_client, investigation_id, int(filter_id))
+        return command.execute()
+    
+    def export_evidence(self, investigation_id: str, request: ExportRequest) -> Dict[str, Any]:
+        """Export evidence data."""
+        command = ExportEvidenceCommand(self.http_client, investigation_id, request)
+        return command.execute()
+    
+    def generate_report(self, investigation_id: str, report_type: str = "comprehensive", 
+                       include_evidence: bool = True) -> Dict[str, Any]:
+        """Generate an investigation report."""
+        command = GenerateReportCommand(self.http_client, investigation_id, report_type, include_evidence)
+        return command.execute()
+    
+    def refresh_investigation(self, investigation_id: str) -> Investigation:
+        """Refresh/rebuild an investigation."""
+        command = RefreshInvestigationCommand(self.http_client, investigation_id)
+        return command.execute()
+    
+    def archive_investigation(self, investigation_id: str) -> Dict[str, Any]:
+        """Archive an investigation."""
+        command = ArchiveInvestigationCommand(self.http_client, investigation_id)
+        return command.execute()
+    
+    def restore_investigation(self, investigation_id: str) -> Investigation:
+        """Restore an archived investigation."""
+        command = RestoreInvestigationCommand(self.http_client, investigation_id)
+        return command.execute()
+    
+    # Convenience methods
+    def sql_query(self, investigation_id: str, query: str, page_size: int = 10, 
+                 page_number: int = 1) -> SQLQueryResult:
+        """Alias for execute_sql_query for convenience."""
+        return self.execute_sql_query(investigation_id, query, page_size, page_number)
+    
+    def get_investigation_data(self, investigation_id: str, task_assignment_ids: Optional[List[str]] = None) -> Dict[str, Any]:
+        """Get comprehensive investigation data including assets, flags, and sections."""
+        result = {
+            "investigation": self.get_investigation(investigation_id),
+            "assets": self.get_assets(investigation_id),
+            "flag_summary": self.get_flag_summary(investigation_id)
+        }
+        
+        # Only include evidence sections if task assignment IDs are provided
+        if task_assignment_ids:
+            result["evidence_sections"] = self.get_evidence_sections(investigation_id, task_assignment_ids)
+        
+        return result 

binalyze_air/apis/license.py

@@ -0,0 +1,104 @@
+"""License API client for Binalyze AIR SDK."""
+
+from ..http_client import HTTPClient
+from ..models.license import License
+from ..queries.license import GetLicenseQuery, SetLicenseQuery
+from ..commands.license import GetLicenseCommand, SetLicenseCommand
+
+
+class LicenseAPI:
+    """License API with CQRS pattern - separated queries and commands.
+    
+    This class provides methods for managing license information
+    including retrieving current license details and updating license keys.
+    """
+    
+    def __init__(self, http_client: HTTPClient):
+        """Initialize License API client.
+        
+        Args:
+            http_client: HTTP client for making API requests
+        """
+        self.http_client = http_client
+
+    # QUERIES (Read operations)
+    def get_license(self) -> License:
+        """Get current license information.
+        
+        Returns:
+            License object with current license information
+            
+        Raises:
+            APIError: If the request fails
+        """
+        command = GetLicenseCommand(self)
+        return command.execute()
+
+    def get_license_status(self) -> dict:
+        """Get comprehensive license status information.
+        
+        Returns:
+            Dictionary with license status, usage, and warnings
+        """
+        command = GetLicenseCommand(self)
+        return command.get_license_status()
+
+    # COMMANDS (Write operations)
+    def set_license(self, license_key: str) -> bool:
+        """Set/update license key.
+        
+        Args:
+            license_key: The new license key to set
+            
+        Returns:
+            True if license was set successfully
+            
+        Raises:
+            APIError: If the request fails
+            ValueError: If license key is invalid
+        """
+        command = SetLicenseCommand(self, license_key)
+        return command.execute()
+
+    def set_and_verify_license(self, license_key: str) -> dict:
+        """Set license key and verify the operation.
+        
+        Args:
+            license_key: The new license key to set
+        
+        Returns:
+            Dictionary with operation result and new license status
+        """
+        command = SetLicenseCommand(self, license_key)
+        return command.set_and_verify()
+
+    # Low-level query methods (for internal use by commands)
+    def _get_license_query(self, query: GetLicenseQuery) -> dict:
+        """Execute get license query (internal use).
+        
+        Args:
+            query: GetLicenseQuery instance
+            
+        Returns:
+            Dictionary containing license information
+        """
+        params = query.build_params()
+        return self.http_client.get('/license', params=params)
+
+    def _set_license_query(self, query: SetLicenseQuery) -> dict:
+        """Execute set license query (internal use).
+        
+        Args:
+            query: SetLicenseQuery instance
+            
+        Returns:
+            Dictionary containing operation result
+        """
+        body = query.build_body()
+        params = query.build_params()
+        
+        return self.http_client.post(
+            '/license',
+            data=body,
+            params=params
+        ) 

binalyze_air/apis/logger.py

@@ -0,0 +1,83 @@
+"""Logger API client for Binalyze AIR SDK."""
+
+from typing import Optional, Dict, Any, Tuple
+from ..http_client import HTTPClient
+from ..models.logger import LogDownloadResponse
+from ..queries.logger import DownloadLogsQuery
+from ..commands.logger import DownloadLogsCommand
+
+
+class LoggerAPI:
+    """Logger API with CQRS pattern - separated queries and commands.
+    
+    This class provides methods for downloading application logs
+    and managing log-related operations.
+    """
+    
+    def __init__(self, http_client: HTTPClient):
+        """Initialize Logger API client.
+        
+        Args:
+            http_client: HTTP client for making API requests
+        """
+        self.http_client = http_client
+
+    # QUERIES (Read operations)
+    def download_logs(self, latest_only: bool = False) -> LogDownloadResponse:
+        """Download application logs as ZIP file.
+        
+        Args:
+            latest_only: Whether to download only the latest log file
+        
+        Returns:
+            LogDownloadResponse with downloaded log data
+            
+        Raises:
+            APIError: If the request fails
+        """
+        command = DownloadLogsCommand(self, latest_only)
+        return command.execute()
+
+    def download_and_save_logs(self, save_path: Optional[str] = None, 
+                              latest_only: bool = False) -> Dict[str, Any]:
+        """Download logs and save to file.
+        
+        Args:
+            save_path: Optional path where to save the logs
+            latest_only: Whether to download only the latest log file
+        
+        Returns:
+            Dictionary with download result and file information
+        """
+        command = DownloadLogsCommand(self, latest_only)
+        return command.download_and_save(save_path)
+
+    def get_log_info(self, latest_only: bool = False) -> Dict[str, Any]:
+        """Get information about available logs without downloading.
+        
+        Args:
+            latest_only: Whether to check only the latest log file
+        
+        Returns:
+            Dictionary with log information
+        """
+        command = DownloadLogsCommand(self, latest_only)
+        return command.get_log_info()
+
+    # Low-level query methods (for internal use by commands)
+    def _download_logs_query(self, query: DownloadLogsQuery) -> Tuple[bytes, Dict[str, str]]:
+        """Execute download logs query (internal use).
+        
+        Args:
+            query: DownloadLogsQuery instance
+            
+        Returns:
+            Tuple of (binary_data, headers)
+        """
+        params = query.build_params()
+        
+        # Make the API call and get binary response
+        response = self.http_client.get_binary('/logs', params=params)
+        
+        # Extract binary content and headers
+        return response.content, dict(response.headers)