catocli 2.1.3__py3-none-any.whl → 2.1.6__py3-none-any.whl

catocli/parsers/query_devices/README.md

@@ -10,7 +10,7 @@
 
 `catocli query devices "$(cat < query.devices.json)"`
 
-`catocli query devices '{"deviceAttributeCatalogInput":{"pagingInput":{"from":1,"limit":1},"sortOrderInput":{"direction":"ASC","priority":1},"stringFilterInput":{"eq":"string","in":["string1","string2"],"neq":"string","nin":["string1","string2"]}},"deviceV2Input":{"deviceSortInput":{"category":{"direction":"ASC","priority":1},"confidence":{"direction":"ASC","priority":1},"firstSeen":{"direction":"ASC","priority":1},"hw":{"manufacturer":{"direction":"ASC","priority":1},"model":{"direction":"ASC","priority":1},"type":{"direction":"ASC","priority":1}},"id":{"direction":"ASC","priority":1},"ip":{"direction":"ASC","priority":1},"lastSeen":{"direction":"ASC","priority":1},"name":{"direction":"ASC","priority":1},"network":{"networkName":{"direction":"ASC","priority":1},"subnet":{"direction":"ASC","priority":1}},"nic":{"macAddress":{"direction":"ASC","priority":1},"vendor":{"direction":"ASC","priority":1}},"os":{"product":{"direction":"ASC","priority":1},"vendor":{"direction":"ASC","priority":1},"version":{"direction":"ASC","priority":1}},"riskScore":{"direction":"ASC","priority":1},"site":{"id":{"direction":"ASC","priority":1},"name":{"direction":"ASC","priority":1}},"user":{"id":{"direction":"ASC","priority":1},"name":{"direction":"ASC","priority":1}}},"deviceV2FilterInput":{"category":{"eq":"string","in":["string1","string2"],"neq":"string","nin":["string1","string2"]},"confidence":{"eq":"LOW","in":"LOW","neq":"LOW","nin":"LOW"},"firstSeen":{"between":["example1","example2"],"eq":"example_value","gt":"example_value","gte":"example_value","in":["example1","example2"],"lt":"example_value","lte":"example_value","neq":"example_value","nin":["example1","example2"]},"hw":{"manufacturer":{"eq":"string","in":["string1","string2"],"neq":"string","nin":["string1","string2"]},"model":{"eq":"string","in":["string1","string2"],"neq":"string","nin":["string1","string2"]},"type":{"eq":"string","in":["string1","string2"],"neq":"string","nin":["string1","string2"]}},"id":{"eq":"id","in":["id1","id2"],"neq":"id","nin":["id1","id2"]},"ip":{"eq":"string","in":["string1","string2"],"neq":"string","nin":["string1","string2"]},"lastSeen":{"between":["example1","example2"],"eq":"example_value","gt":"example_value","gte":"example_value","in":["example1","example2"],"lt":"example_value","lte":"example_value","neq":"example_value","nin":["example1","example2"]},"name":{"eq":"string","in":["string1","string2"],"neq":"string","nin":["string1","string2"]},"network":{"networkName":{"eq":"string","in":["string1","string2"],"neq":"string","nin":["string1","string2"]},"subnet":{"eq":"string","in":["string1","string2"],"neq":"string","nin":["string1","string2"]}},"nic":{"macAddress":{"eq":"example_value","in":["example1","example2"],"neq":"example_value","nin":["example1","example2"]},"vendor":{"eq":"string","in":["string1","string2"],"neq":"string","nin":["string1","string2"]}},"os":{"product":{"eq":"string","in":["string1","string2"],"neq":"string","nin":["string1","string2"]},"vendor":{"eq":"string","in":["string1","string2"],"neq":"string","nin":["string1","string2"]},"version":{"eq":"string","in":["string1","string2"],"neq":"string","nin":["string1","string2"]}},"riskScore":{"between":[1,2],"eq":1,"gt":1,"gte":1,"in":[1,2],"lt":1,"lte":1,"neq":1,"nin":[1,2]},"site":{"eq":{"by":"ID","input":"string"},"in":{"by":"ID","input":"string"},"neq":{"by":"ID","input":"string"},"nin":{"by":"ID","input":"string"}},"user":{"eq":{"by":"ID","input":"string"},"in":{"by":"ID","input":"string"},"neq":{"by":"ID","input":"string"},"nin":{"by":"ID","input":"string"}}},"pagingInput":{"from":1,"limit":1}},"jobId":"id","sortOrderInput":{"direction":"ASC","priority":1}}'`
+`catocli query devices '{"deviceAttributeCatalogInput":{"pagingInput":{"from":1,"limit":1},"sortOrderInput":{"direction":"ASC","priority":1},"stringFilterInput":{"eq":"string","in":["string1","string2"],"neq":"string","nin":["string1","string2"]}},"deviceV2Input":{"deviceSortInput":{"category":{"direction":"ASC","priority":1},"confidence":{"direction":"ASC","priority":1},"firstSeen":{"direction":"ASC","priority":1},"hw":{"manufacturer":{"direction":"ASC","priority":1},"model":{"direction":"ASC","priority":1},"type":{"direction":"ASC","priority":1}},"id":{"direction":"ASC","priority":1},"ip":{"direction":"ASC","priority":1},"lastSeen":{"direction":"ASC","priority":1},"name":{"direction":"ASC","priority":1},"network":{"networkName":{"direction":"ASC","priority":1},"subnet":{"direction":"ASC","priority":1}},"nic":{"macAddress":{"direction":"ASC","priority":1},"vendor":{"direction":"ASC","priority":1}},"os":{"product":{"direction":"ASC","priority":1},"vendor":{"direction":"ASC","priority":1},"version":{"direction":"ASC","priority":1}},"riskScore":{"direction":"ASC","priority":1},"site":{"id":{"direction":"ASC","priority":1},"name":{"direction":"ASC","priority":1}},"user":{"id":{"direction":"ASC","priority":1},"name":{"direction":"ASC","priority":1}}},"deviceV2FilterInput":{"category":{"eq":"string","in":["string1","string2"],"neq":"string","nin":["string1","string2"]},"confidence":{"eq":"LOW","in":"LOW","neq":"LOW","nin":"LOW"},"firstSeen":{"between":["example1","example2"],"eq":"example_value","gt":"example_value","gte":"example_value","in":["example1","example2"],"lt":"example_value","lte":"example_value","neq":"example_value","nin":["example1","example2"]},"hw":{"manufacturer":{"eq":"string","in":["string1","string2"],"neq":"string","nin":["string1","string2"]},"model":{"eq":"string","in":["string1","string2"],"neq":"string","nin":["string1","string2"]},"type":{"eq":"string","in":["string1","string2"],"neq":"string","nin":["string1","string2"]}},"id":{"eq":"id","in":["id1","id2"],"neq":"id","nin":["id1","id2"]},"ipAddress":{"between":["example1","example2"],"eq":"example_value","in":["example1","example2"],"neq":"example_value","nin":["example1","example2"],"nwithin":"example_value","within":"example_value"},"isManaged":{"eq":true,"neq":true},"lastSeen":{"between":["example1","example2"],"eq":"example_value","gt":"example_value","gte":"example_value","in":["example1","example2"],"lt":"example_value","lte":"example_value","neq":"example_value","nin":["example1","example2"]},"name":{"eq":"string","in":["string1","string2"],"neq":"string","nin":["string1","string2"]},"network":{"networkName":{"eq":"string","in":["string1","string2"],"neq":"string","nin":["string1","string2"]},"subnet":{"eq":"string","in":["string1","string2"],"neq":"string","nin":["string1","string2"]}},"nic":{"macAddress":{"eq":"example_value","in":["example1","example2"],"neq":"example_value","nin":["example1","example2"]},"vendor":{"eq":"string","in":["string1","string2"],"neq":"string","nin":["string1","string2"]}},"os":{"product":{"eq":"string","in":["string1","string2"],"neq":"string","nin":["string1","string2"]},"vendor":{"eq":"string","in":["string1","string2"],"neq":"string","nin":["string1","string2"]},"version":{"eq":"string","in":["string1","string2"],"neq":"string","nin":["string1","string2"]}},"riskScore":{"between":[1,2],"eq":1,"gt":1,"gte":1,"in":[1,2],"lt":1,"lte":1,"neq":1,"nin":[1,2]},"site":{"eq":{"by":"ID","input":"string"},"in":{"by":"ID","input":"string"},"neq":{"by":"ID","input":"string"},"nin":{"by":"ID","input":"string"}},"user":{"eq":{"by":"ID","input":"string"},"in":{"by":"ID","input":"string"},"neq":{"by":"ID","input":"string"},"nin":{"by":"ID","input":"string"}}},"pagingInput":{"from":1,"limit":1}},"jobId":"id","sortOrderInput":{"direction":"ASC","priority":1}}'`
 
 
 #### Operation Arguments for query.devices ####

catocli/parsers/query_devices/__init__.py

@@ -11,6 +11,8 @@ def query_devices_parse(query_subparsers):
     query_devices_parser.add_argument('-t', const=True, default=False, nargs='?', help='Print GraphQL query without sending API call')
     query_devices_parser.add_argument('-v', const=True, default=False, nargs='?', help='Verbose output')
     query_devices_parser.add_argument('-p', const=True, default=False, nargs='?', help='Pretty print')
+    query_devices_parser.add_argument('-n', '--stream-events', dest='stream_events', help='Send events over network to host:port TCP')
+    query_devices_parser.add_argument('-z', '--sentinel', dest='sentinel', help='Send events to Sentinel customerid:sharedkey')
     query_devices_parser.add_argument('-H', '--header', action='append', dest='headers', help='Add custom headers in "Key: Value" format. Can be used multiple times.')
     query_devices_parser.add_argument('--headers-file', dest='headers_file', help='Load headers from a file. Each line should contain a header in "Key: Value" format.')
     query_devices_parser.set_defaults(func=createRequest,operation_name='query.devices')

catocli/parsers/query_enterpriseDirectory/__init__.py

@@ -11,6 +11,8 @@ def query_enterpriseDirectory_parse(query_subparsers):
     query_enterpriseDirectory_parser.add_argument('-t', const=True, default=False, nargs='?', help='Print GraphQL query without sending API call')
     query_enterpriseDirectory_parser.add_argument('-v', const=True, default=False, nargs='?', help='Verbose output')
     query_enterpriseDirectory_parser.add_argument('-p', const=True, default=False, nargs='?', help='Pretty print')
+    query_enterpriseDirectory_parser.add_argument('-n', '--stream-events', dest='stream_events', help='Send events over network to host:port TCP')
+    query_enterpriseDirectory_parser.add_argument('-z', '--sentinel', dest='sentinel', help='Send events to Sentinel customerid:sharedkey')
     query_enterpriseDirectory_parser.add_argument('-H', '--header', action='append', dest='headers', help='Add custom headers in "Key: Value" format. Can be used multiple times.')
     query_enterpriseDirectory_parser.add_argument('--headers-file', dest='headers_file', help='Load headers from a file. Each line should contain a header in "Key: Value" format.')
     query_enterpriseDirectory_parser.set_defaults(func=createRequest,operation_name='query.enterpriseDirectory')

catocli/parsers/query_entityLookup/__init__.py

@@ -11,6 +11,8 @@ def query_entityLookup_parse(query_subparsers):
     query_entityLookup_parser.add_argument('-t', const=True, default=False, nargs='?', help='Print GraphQL query without sending API call')
     query_entityLookup_parser.add_argument('-v', const=True, default=False, nargs='?', help='Verbose output')
     query_entityLookup_parser.add_argument('-p', const=True, default=False, nargs='?', help='Pretty print')
+    query_entityLookup_parser.add_argument('-n', '--stream-events', dest='stream_events', help='Send events over network to host:port TCP')
+    query_entityLookup_parser.add_argument('-z', '--sentinel', dest='sentinel', help='Send events to Sentinel customerid:sharedkey')
     query_entityLookup_parser.add_argument('-H', '--header', action='append', dest='headers', help='Add custom headers in "Key: Value" format. Can be used multiple times.')
     query_entityLookup_parser.add_argument('--headers-file', dest='headers_file', help='Load headers from a file. Each line should contain a header in "Key: Value" format.')
     query_entityLookup_parser.set_defaults(func=createRequest,operation_name='query.entityLookup')

catocli/parsers/query_events/__init__.py

@@ -11,6 +11,8 @@ def query_events_parse(query_subparsers):
     query_events_parser.add_argument('-t', const=True, default=False, nargs='?', help='Print GraphQL query without sending API call')
     query_events_parser.add_argument('-v', const=True, default=False, nargs='?', help='Verbose output')
     query_events_parser.add_argument('-p', const=True, default=False, nargs='?', help='Pretty print')
+    query_events_parser.add_argument('-n', '--stream-events', dest='stream_events', help='Send events over network to host:port TCP')
+    query_events_parser.add_argument('-z', '--sentinel', dest='sentinel', help='Send events to Sentinel customerid:sharedkey')
     query_events_parser.add_argument('-H', '--header', action='append', dest='headers', help='Add custom headers in "Key: Value" format. Can be used multiple times.')
     query_events_parser.add_argument('--headers-file', dest='headers_file', help='Load headers from a file. Each line should contain a header in "Key: Value" format.')
     query_events_parser.set_defaults(func=createRequest,operation_name='query.events')

catocli/parsers/query_eventsFeed/README.md

@@ -17,5 +17,5 @@
 
 `accountIDs` [ID[]] - (required) List of Unique Account Identifiers.    
 `eventFeedFieldFilterInput` [EventFeedFieldFilterInput[]] - (required) N/A    
-`fieldNames` [EventFieldName[]] - (required) N/A Default Value: ['access_method', 'account_id', 'action', 'actions_taken', 'ad_name', 'alert_id', 'always_on_configuration', 'analyst_verdict', 'api_name', 'api_type', 'app_activity', 'app_activity_category', 'app_activity_type', 'app_stack', 'application_id', 'application_name', 'application_risk', 'auth_method', 'authentication_type', 'bgp_cato_asn', 'bgp_cato_ip', 'bgp_error_code', 'bgp_peer_asn', 'bgp_peer_ip', 'bgp_route_cidr', 'bgp_suberror_code', 'bypass_duration_sec', 'bypass_method', 'bypass_reason', 'categories', 'cato_app', 'classification', 'client_cert_expires', 'client_cert_name', 'client_class', 'client_version', 'collaborator_name', 'collaborators', 'confidence_level', 'configured_host_name', 'congestion_algorithm', 'connect_on_boot', 'connection_origin', 'connector_name', 'connector_status', 'connector_type', 'container_name', 'correlation_id', 'criticality', 'custom_category_id', 'custom_category_name', 'dest_country', 'dest_country_code', 'dest_group_id', 'dest_group_name', 'dest_ip', 'dest_is_site_or_vpn', 'dest_pid', 'dest_port', 'dest_process_cmdline', 'dest_process_parent_path', 'dest_process_parent_pid', 'dest_process_path', 'dest_site_id', 'dest_site_name', 'detection_name', 'detection_stage', 'device_categories', 'device_certificate', 'device_id', 'device_manufacturer', 'device_model', 'device_name', 'device_os_type', 'device_posture_profile', 'device_type', 'directory_host_name', 'directory_ip', 'directory_sync_result', 'directory_sync_type', 'disinfect_result', 'dlp_fail_mode', 'dlp_profiles', 'dlp_scan_types', 'dns_protection_category', 'dns_query', 'domain_name', 'egress_pop_name', 'egress_site_name', 'email_subject', 'endpoint_id', 'engine_type', 'epp_engine_type', 'epp_profile', 'event_count', 'event_id', 'event_message', 'event_sub_type', 'event_type', 'failure_reason', 'file_hash', 'file_name', 'file_operation', 'file_size', 'file_type', 'final_object_status', 'flows_cardinality', 'full_path_url', 'guest_user', 'host_ip', 'host_mac', 'http_request_method', 'incident_aggregation', 'incident_id', 'indication', 'indicator', 'initial_object_status', 'internalId', 'ip_protocol', 'is_admin', 'is_admin_activity', 'is_compliant', 'is_managed', 'is_sanctioned_app', 'is_sinkhole', 'ISP_name', 'key_name', 'labels', 'link_health_is_congested', 'link_health_jitter', 'link_health_latency', 'link_health_pkt_loss', 'link_type', 'logged_in_user', 'login_type', 'matched_data_types', 'mitre_attack_subtechniques', 'mitre_attack_tactics', 'mitre_attack_techniques', 'network_access', 'network_rule', 'notification_api_error', 'notification_description', 'object_id', 'object_name', 'object_type', 'office_mode', 'os_type', 'os_version', 'out_of_band_access', 'owner', 'pac_file', 'parent_connector_name', 'pop_name', 'precedence', 'processes_count', 'producer', 'projects', 'prompt_action', 'provider_name', 'public_ip', 'qos_priority', 'qos_reported_time', 'quarantine_folder_path', 'quarantine_uuid', 'raw_data', 'recommended_actions', 'reference_url', 'referer_url', 'region_name', 'registration_code', 'resource_id', 'risk_level', 'rule_id', 'rule_name', 'severity', 'sharing_scope', 'sign_in_event_types', 'signature_id', 'socket_interface', 'socket_interface_id', 'socket_new_version', 'socket_old_version', 'socket_reset', 'socket_role', 'socket_serial', 'socket_version', 'split_tunnel_configuration', 'src_country', 'src_country_code', 'src_ip', 'src_is_site_or_vpn', 'src_isp_ip', 'src_pid', 'src_port', 'src_process_cmdline', 'src_process_parent_path', 'src_process_parent_pid', 'src_process_path', 'src_site_id', 'src_site_name', 'static_host', 'status', 'story_id', 'subnet_name', 'subscription_name', 'targets_cardinality', 'tcp_acceleration', 'tenant_id', 'tenant_name', 'tenant_restriction_rule_name', 'threat_confidence', 'threat_name', 'threat_reference', 'threat_score', 'threat_type', 'threat_verdict', 'time', 'time_str', 'title', 'tls_certificate_error', 'tls_error_description', 'tls_error_type', 'tls_inspection', 'tls_rule_name', 'tls_version', 'traffic_direction', 'translated_client_ip', 'translated_server_ip', 'trigger', 'trust_type', 'trusted_networks', 'tunnel_ip_protocol', 'tunnel_protocol', 'upgrade_end_time', 'upgrade_initiated_by', 'upgrade_start_time', 'url', 'user_agent', 'user_awareness_method', 'user_id', 'user_name', 'user_reference_id', 'user_risk_level', 'vendor', 'vendor_collaborator_id', 'vendor_device_id', 'vendor_device_name', 'vendor_event_id', 'vendor_user_id', 'visible_device_id', 'vpn_lan_access', 'vpn_user_email', 'windows_domain_name', 'xff']   
+`fieldNames` [EventFieldName[]] - (required) N/A Default Value: ['access_method', 'account_id', 'action', 'actions_taken', 'ad_name', 'alert_id', 'always_on_configuration', 'analyst_verdict', 'api_name', 'api_type', 'app_activity', 'app_activity_category', 'app_activity_type', 'app_stack', 'application_id', 'application_name', 'application_risk', 'auth_method', 'authentication_type', 'bgp_cato_asn', 'bgp_cato_ip', 'bgp_error_code', 'bgp_peer_asn', 'bgp_peer_ip', 'bgp_route_cidr', 'bgp_suberror_code', 'bypass_duration_sec', 'bypass_method', 'bypass_reason', 'categories', 'cato_app', 'classification', 'client_cert_expires', 'client_cert_name', 'client_class', 'client_version', 'collaborator_name', 'collaborators', 'confidence_level', 'configured_host_name', 'congestion_algorithm', 'connect_on_boot', 'connection_origin', 'connector_name', 'connector_status', 'connector_type', 'container_name', 'correlation_id', 'criticality', 'custom_category_id', 'custom_category_name', 'dest_country', 'dest_country_code', 'dest_group_id', 'dest_group_name', 'dest_ip', 'dest_is_site_or_vpn', 'dest_pid', 'dest_port', 'dest_process_cmdline', 'dest_process_parent_path', 'dest_process_parent_pid', 'dest_process_path', 'dest_site_id', 'dest_site_name', 'detection_name', 'detection_stage', 'device_categories', 'device_certificate', 'device_id', 'device_manufacturer', 'device_model', 'device_name', 'device_os_type', 'device_posture_profile', 'device_type', 'directory_host_name', 'directory_ip', 'directory_sync_result', 'directory_sync_type', 'disinfect_result', 'dlp_fail_mode', 'dlp_profiles', 'dlp_scan_types', 'dns_protection_category', 'dns_query', 'domain_name', 'egress_pop_name', 'egress_site_name', 'email_subject', 'endpoint_id', 'engine_type', 'epp_engine_type', 'epp_profile', 'event_count', 'event_id', 'event_message', 'event_sub_type', 'event_type', 'failure_reason', 'file_hash', 'file_name', 'file_operation', 'file_size', 'file_type', 'final_object_status', 'flows_cardinality', 'full_path_url', 'guest_user', 'host_ip', 'host_mac', 'http_request_method', 'incident_aggregation', 'incident_id', 'indication', 'indicator', 'initial_object_status', 'internalId', 'ip_protocol', 'is_admin', 'is_admin_activity', 'is_compliant', 'is_managed', 'is_sanctioned_app', 'is_sinkhole', 'ISP_name', 'key_name', 'labels', 'link_health_is_congested', 'link_health_jitter', 'link_health_latency', 'link_health_pkt_loss', 'link_type', 'logged_in_user', 'login_type', 'matched_data_types', 'mitre_attack_subtechniques', 'mitre_attack_tactics', 'mitre_attack_techniques', 'network_access', 'network_rule', 'notification_api_error', 'notification_description', 'object_id', 'object_name', 'object_type', 'office_mode', 'os_type', 'os_version', 'out_of_band_access', 'owner', 'pac_file', 'parent_connector_name', 'pop_name', 'precedence', 'processes_count', 'producer', 'projects', 'prompt_action', 'provider_name', 'public_ip', 'qos_priority', 'qos_reported_time', 'quarantine_folder_path', 'quarantine_uuid', 'raw_data', 'recommended_actions', 'reference_url', 'referer_url', 'region_name', 'registration_code', 'resource_id', 'risk_level', 'rule_id', 'rule_name', 'service_name', 'severity', 'sharing_scope', 'sign_in_event_types', 'signature_id', 'socket_interface', 'socket_interface_id', 'socket_new_version', 'socket_old_version', 'socket_reset', 'socket_role', 'socket_serial', 'socket_version', 'split_tunnel_configuration', 'src_country', 'src_country_code', 'src_ip', 'src_is_site_or_vpn', 'src_isp_ip', 'src_pid', 'src_port', 'src_process_cmdline', 'src_process_parent_path', 'src_process_parent_pid', 'src_process_path', 'src_site_id', 'src_site_name', 'static_host', 'status', 'story_id', 'subnet_name', 'subscription_name', 'targets_cardinality', 'tcp_acceleration', 'tenant_id', 'tenant_name', 'tenant_restriction_rule_name', 'threat_confidence', 'threat_name', 'threat_reference', 'threat_score', 'threat_type', 'threat_verdict', 'time', 'time_str', 'title', 'tls_certificate_error', 'tls_error_description', 'tls_error_type', 'tls_inspection', 'tls_rule_name', 'tls_version', 'traffic_direction', 'translated_client_ip', 'translated_server_ip', 'trigger', 'trust_type', 'trusted_networks', 'tunnel_ip_protocol', 'tunnel_protocol', 'upgrade_end_time', 'upgrade_initiated_by', 'upgrade_start_time', 'url', 'user_agent', 'user_awareness_method', 'user_id', 'user_name', 'user_reference_id', 'user_risk_level', 'vendor', 'vendor_collaborator_id', 'vendor_device_id', 'vendor_device_name', 'vendor_event_id', 'vendor_policy_description', 'vendor_policy_id', 'vendor_policy_name', 'vendor_user_id', 'visible_device_id', 'vpn_lan_access', 'vpn_user_email', 'windows_domain_name', 'xff']   
 `marker` [String] - (required) Marker to use to get results from    

catocli/parsers/query_eventsFeed/__init__.py

@@ -11,6 +11,8 @@ def query_eventsFeed_parse(query_subparsers):
     query_eventsFeed_parser.add_argument('-t', const=True, default=False, nargs='?', help='Print GraphQL query without sending API call')
     query_eventsFeed_parser.add_argument('-v', const=True, default=False, nargs='?', help='Verbose output')
     query_eventsFeed_parser.add_argument('-p', const=True, default=False, nargs='?', help='Pretty print')
+    query_eventsFeed_parser.add_argument('-n', '--stream-events', dest='stream_events', help='Send events over network to host:port TCP')
+    query_eventsFeed_parser.add_argument('-z', '--sentinel', dest='sentinel', help='Send events to Sentinel customerid:sharedkey')
     query_eventsFeed_parser.add_argument('-H', '--header', action='append', dest='headers', help='Add custom headers in "Key: Value" format. Can be used multiple times.')
     query_eventsFeed_parser.add_argument('--headers-file', dest='headers_file', help='Load headers from a file. Each line should contain a header in "Key: Value" format.')
     query_eventsFeed_parser.set_defaults(func=createRequest,operation_name='query.eventsFeed')

catocli/parsers/query_eventsTimeSeries/__init__.py

@@ -11,6 +11,8 @@ def query_eventsTimeSeries_parse(query_subparsers):
     query_eventsTimeSeries_parser.add_argument('-t', const=True, default=False, nargs='?', help='Print GraphQL query without sending API call')
     query_eventsTimeSeries_parser.add_argument('-v', const=True, default=False, nargs='?', help='Verbose output')
     query_eventsTimeSeries_parser.add_argument('-p', const=True, default=False, nargs='?', help='Pretty print')
+    query_eventsTimeSeries_parser.add_argument('-n', '--stream-events', dest='stream_events', help='Send events over network to host:port TCP')
+    query_eventsTimeSeries_parser.add_argument('-z', '--sentinel', dest='sentinel', help='Send events to Sentinel customerid:sharedkey')
     query_eventsTimeSeries_parser.add_argument('-H', '--header', action='append', dest='headers', help='Add custom headers in "Key: Value" format. Can be used multiple times.')
     query_eventsTimeSeries_parser.add_argument('--headers-file', dest='headers_file', help='Load headers from a file. Each line should contain a header in "Key: Value" format.')
     query_eventsTimeSeries_parser.set_defaults(func=createRequest,operation_name='query.eventsTimeSeries')

catocli/parsers/query_groups/__init__.py

@@ -23,6 +23,8 @@ def query_groups_parse(query_subparsers):
     query_groups_group_members_parser.add_argument('-t', const=True, default=False, nargs='?', help='Print GraphQL query without sending API call')
     query_groups_group_members_parser.add_argument('-v', const=True, default=False, nargs='?', help='Verbose output')
     query_groups_group_members_parser.add_argument('-p', const=True, default=False, nargs='?', help='Pretty print')
+    query_groups_group_members_parser.add_argument('-n', '--stream-events', dest='stream_events', help='Send events over network to host:port TCP')
+    query_groups_group_members_parser.add_argument('-z', '--sentinel', dest='sentinel', help='Send events to Sentinel customerid:sharedkey')
     query_groups_group_members_parser.add_argument('-H', '--header', action='append', dest='headers', help='Add custom headers in "Key: Value" format. Can be used multiple times.')
     query_groups_group_members_parser.add_argument('--headers-file', dest='headers_file', help='Load headers from a file. Each line should contain a header in "Key: Value" format.')
     query_groups_group_members_parser.set_defaults(func=createRequest,operation_name='query.groups.group.members')
@@ -36,6 +38,8 @@ def query_groups_parse(query_subparsers):
     query_groups_whereUsed_parser.add_argument('-t', const=True, default=False, nargs='?', help='Print GraphQL query without sending API call')
     query_groups_whereUsed_parser.add_argument('-v', const=True, default=False, nargs='?', help='Verbose output')
     query_groups_whereUsed_parser.add_argument('-p', const=True, default=False, nargs='?', help='Pretty print')
+    query_groups_whereUsed_parser.add_argument('-n', '--stream-events', dest='stream_events', help='Send events over network to host:port TCP')
+    query_groups_whereUsed_parser.add_argument('-z', '--sentinel', dest='sentinel', help='Send events to Sentinel customerid:sharedkey')
     query_groups_whereUsed_parser.add_argument('-H', '--header', action='append', dest='headers', help='Add custom headers in "Key: Value" format. Can be used multiple times.')
     query_groups_whereUsed_parser.add_argument('--headers-file', dest='headers_file', help='Load headers from a file. Each line should contain a header in "Key: Value" format.')
     query_groups_whereUsed_parser.set_defaults(func=createRequest,operation_name='query.groups.whereUsed')
@@ -49,6 +53,8 @@ def query_groups_parse(query_subparsers):
     query_groups_groupList_parser.add_argument('-t', const=True, default=False, nargs='?', help='Print GraphQL query without sending API call')
     query_groups_groupList_parser.add_argument('-v', const=True, default=False, nargs='?', help='Verbose output')
     query_groups_groupList_parser.add_argument('-p', const=True, default=False, nargs='?', help='Pretty print')
+    query_groups_groupList_parser.add_argument('-n', '--stream-events', dest='stream_events', help='Send events over network to host:port TCP')
+    query_groups_groupList_parser.add_argument('-z', '--sentinel', dest='sentinel', help='Send events to Sentinel customerid:sharedkey')
     query_groups_groupList_parser.add_argument('-H', '--header', action='append', dest='headers', help='Add custom headers in "Key: Value" format. Can be used multiple times.')
     query_groups_groupList_parser.add_argument('--headers-file', dest='headers_file', help='Load headers from a file. Each line should contain a header in "Key: Value" format.')
     query_groups_groupList_parser.set_defaults(func=createRequest,operation_name='query.groups.groupList')

catocli/parsers/query_hardware/README.md

@@ -10,7 +10,7 @@
 
 `catocli query hardware "$(cat < query.hardware.json)"`
 
-`catocli query hardware '{"hardwareSearchInput":{"hardwareFilterInput":{"account":{"accountInclusion":"ALL_ACCOUNTS","in":["id1","id2"]},"countryName":{"eq":"string","in":["string1","string2"],"neq":"string","nin":["string1","string2"]},"freeText":{"search":"string"},"id":{"eq":"id","in":["id1","id2"],"neq":"id","nin":["id1","id2"]},"licenseStartDate":{"between":["example1","example2"],"eq":"example_value","gt":"example_value","gte":"example_value","in":["example1","example2"],"lt":"example_value","lte":"example_value","neq":"example_value","nin":["example1","example2"]},"product":{"eq":"string","in":["string1","string2"],"neq":"string","nin":["string1","string2"]},"serialNumber":{"eq":"string","in":["string1","string2"],"neq":"string","nin":["string1","string2"]},"shippingStatus":{"eq":"PENDING_INFO","in":"PENDING_INFO","neq":"PENDING_INFO","nin":"PENDING_INFO"},"validAddress":{"eq":true,"neq":true}},"hardwareSortInput":{"accountName":{"direction":"ASC","priority":1},"country":{"direction":"ASC","priority":1},"incoterms":{"direction":"ASC","priority":1},"licenseId":{"direction":"ASC","priority":1},"licenseStartDate":{"direction":"ASC","priority":1},"productType":{"direction":"ASC","priority":1},"quoteId":{"direction":"ASC","priority":1},"shippingDate":{"direction":"ASC","priority":1},"shippingStatus":{"direction":"ASC","priority":1},"siteName":{"direction":"ASC","priority":1}},"pagingInput":{"from":1,"limit":1}}}'`
+`catocli query hardware '{"hardwareSearchInput":{"hardwareFilterInput":{"account":{"accountInclusion":"ALL_ACCOUNTS","in":["id1","id2"]},"countryCode":{"eq":"string","in":["string1","string2"],"neq":"string","nin":["string1","string2"]},"countryName":{"eq":"string","in":["string1","string2"],"neq":"string","nin":["string1","string2"]},"freeText":{"search":"string"},"id":{"eq":"id","in":["id1","id2"],"neq":"id","nin":["id1","id2"]},"licenseStartDate":{"between":["example1","example2"],"eq":"example_value","gt":"example_value","gte":"example_value","in":["example1","example2"],"lt":"example_value","lte":"example_value","neq":"example_value","nin":["example1","example2"]},"product":{"eq":"string","in":["string1","string2"],"neq":"string","nin":["string1","string2"]},"serialNumber":{"eq":"string","in":["string1","string2"],"neq":"string","nin":["string1","string2"]},"shippingStatus":{"eq":"PENDING_INFO","in":"PENDING_INFO","neq":"PENDING_INFO","nin":"PENDING_INFO"},"validAddress":{"eq":true,"neq":true}},"hardwareSortInput":{"accountName":{"direction":"ASC","priority":1},"country":{"direction":"ASC","priority":1},"incoterms":{"direction":"ASC","priority":1},"licenseId":{"direction":"ASC","priority":1},"licenseStartDate":{"direction":"ASC","priority":1},"productType":{"direction":"ASC","priority":1},"quoteId":{"direction":"ASC","priority":1},"shippingDate":{"direction":"ASC","priority":1},"shippingStatus":{"direction":"ASC","priority":1},"siteName":{"direction":"ASC","priority":1}},"pagingInput":{"from":1,"limit":1}}}'`
 
 
 #### Operation Arguments for query.hardware ####

catocli/parsers/query_hardware/__init__.py

@@ -11,6 +11,8 @@ def query_hardware_parse(query_subparsers):
     query_hardware_parser.add_argument('-t', const=True, default=False, nargs='?', help='Print GraphQL query without sending API call')
     query_hardware_parser.add_argument('-v', const=True, default=False, nargs='?', help='Verbose output')
     query_hardware_parser.add_argument('-p', const=True, default=False, nargs='?', help='Pretty print')
+    query_hardware_parser.add_argument('-n', '--stream-events', dest='stream_events', help='Send events over network to host:port TCP')
+    query_hardware_parser.add_argument('-z', '--sentinel', dest='sentinel', help='Send events to Sentinel customerid:sharedkey')
     query_hardware_parser.add_argument('-H', '--header', action='append', dest='headers', help='Add custom headers in "Key: Value" format. Can be used multiple times.')
     query_hardware_parser.add_argument('--headers-file', dest='headers_file', help='Load headers from a file. Each line should contain a header in "Key: Value" format.')
     query_hardware_parser.set_defaults(func=createRequest,operation_name='query.hardware')

catocli/parsers/query_hardwareManagement/__init__.py

@@ -11,6 +11,8 @@ def query_hardwareManagement_parse(query_subparsers):
     query_hardwareManagement_parser.add_argument('-t', const=True, default=False, nargs='?', help='Print GraphQL query without sending API call')
     query_hardwareManagement_parser.add_argument('-v', const=True, default=False, nargs='?', help='Verbose output')
     query_hardwareManagement_parser.add_argument('-p', const=True, default=False, nargs='?', help='Pretty print')
+    query_hardwareManagement_parser.add_argument('-n', '--stream-events', dest='stream_events', help='Send events over network to host:port TCP')
+    query_hardwareManagement_parser.add_argument('-z', '--sentinel', dest='sentinel', help='Send events to Sentinel customerid:sharedkey')
     query_hardwareManagement_parser.add_argument('-H', '--header', action='append', dest='headers', help='Add custom headers in "Key: Value" format. Can be used multiple times.')
     query_hardwareManagement_parser.add_argument('--headers-file', dest='headers_file', help='Load headers from a file. Each line should contain a header in "Key: Value" format.')
     query_hardwareManagement_parser.set_defaults(func=createRequest,operation_name='query.hardwareManagement')

catocli/parsers/query_licensing/__init__.py

@@ -11,6 +11,8 @@ def query_licensing_parse(query_subparsers):
     query_licensing_parser.add_argument('-t', const=True, default=False, nargs='?', help='Print GraphQL query without sending API call')
     query_licensing_parser.add_argument('-v', const=True, default=False, nargs='?', help='Verbose output')
     query_licensing_parser.add_argument('-p', const=True, default=False, nargs='?', help='Pretty print')
+    query_licensing_parser.add_argument('-n', '--stream-events', dest='stream_events', help='Send events over network to host:port TCP')
+    query_licensing_parser.add_argument('-z', '--sentinel', dest='sentinel', help='Send events to Sentinel customerid:sharedkey')
     query_licensing_parser.add_argument('-H', '--header', action='append', dest='headers', help='Add custom headers in "Key: Value" format. Can be used multiple times.')
     query_licensing_parser.add_argument('--headers-file', dest='headers_file', help='Load headers from a file. Each line should contain a header in "Key: Value" format.')
     query_licensing_parser.set_defaults(func=createRequest,operation_name='query.licensing')

catocli/parsers/query_policy/__init__.py

@@ -8,24 +8,26 @@ def query_policy_parse(query_subparsers):
 
     query_policy_subparsers = query_policy_parser.add_subparsers()
 
-    query_policy_appTenantRestriction_parser = query_policy_subparsers.add_parser('appTenantRestriction', 
-            help='appTenantRestriction() policy operation', 
-            usage=get_help("query_policy_appTenantRestriction"))
-
-    query_policy_appTenantRestriction_subparsers = query_policy_appTenantRestriction_parser.add_subparsers()
-
-    query_policy_appTenantRestriction_policy_parser = query_policy_appTenantRestriction_subparsers.add_parser('policy', 
-            help='policy() appTenantRestriction operation', 
-            usage=get_help("query_policy_appTenantRestriction_policy"))
-
-    query_policy_appTenantRestriction_policy_parser.add_argument('json', nargs='?', default='{}', help='Variables in JSON format (defaults to empty object if not provided).')
-    query_policy_appTenantRestriction_policy_parser.add_argument('-accountID', help='The cato account ID to use for this operation. Overrides the account_id value in the profile setting.  This is use for reseller and MSP accounts to run queries against cato sub accounts from the parent account.')
-    query_policy_appTenantRestriction_policy_parser.add_argument('-t', const=True, default=False, nargs='?', help='Print GraphQL query without sending API call')
-    query_policy_appTenantRestriction_policy_parser.add_argument('-v', const=True, default=False, nargs='?', help='Verbose output')
-    query_policy_appTenantRestriction_policy_parser.add_argument('-p', const=True, default=False, nargs='?', help='Pretty print')
-    query_policy_appTenantRestriction_policy_parser.add_argument('-H', '--header', action='append', dest='headers', help='Add custom headers in "Key: Value" format. Can be used multiple times.')
-    query_policy_appTenantRestriction_policy_parser.add_argument('--headers-file', dest='headers_file', help='Load headers from a file. Each line should contain a header in "Key: Value" format.')
-    query_policy_appTenantRestriction_policy_parser.set_defaults(func=createRequest,operation_name='query.policy.appTenantRestriction.policy')
+    query_policy_antiMalwareFileHash_parser = query_policy_subparsers.add_parser('antiMalwareFileHash', 
+            help='antiMalwareFileHash() policy operation', 
+            usage=get_help("query_policy_antiMalwareFileHash"))
+
+    query_policy_antiMalwareFileHash_subparsers = query_policy_antiMalwareFileHash_parser.add_subparsers()
+
+    query_policy_antiMalwareFileHash_policy_parser = query_policy_antiMalwareFileHash_subparsers.add_parser('policy', 
+            help='policy() antiMalwareFileHash operation', 
+            usage=get_help("query_policy_antiMalwareFileHash_policy"))
+
+    query_policy_antiMalwareFileHash_policy_parser.add_argument('json', nargs='?', default='{}', help='Variables in JSON format (defaults to empty object if not provided).')
+    query_policy_antiMalwareFileHash_policy_parser.add_argument('-accountID', help='The cato account ID to use for this operation. Overrides the account_id value in the profile setting.  This is use for reseller and MSP accounts to run queries against cato sub accounts from the parent account.')
+    query_policy_antiMalwareFileHash_policy_parser.add_argument('-t', const=True, default=False, nargs='?', help='Print GraphQL query without sending API call')
+    query_policy_antiMalwareFileHash_policy_parser.add_argument('-v', const=True, default=False, nargs='?', help='Verbose output')
+    query_policy_antiMalwareFileHash_policy_parser.add_argument('-p', const=True, default=False, nargs='?', help='Pretty print')
+    query_policy_antiMalwareFileHash_policy_parser.add_argument('-n', '--stream-events', dest='stream_events', help='Send events over network to host:port TCP')
+    query_policy_antiMalwareFileHash_policy_parser.add_argument('-z', '--sentinel', dest='sentinel', help='Send events to Sentinel customerid:sharedkey')
+    query_policy_antiMalwareFileHash_policy_parser.add_argument('-H', '--header', action='append', dest='headers', help='Add custom headers in "Key: Value" format. Can be used multiple times.')
+    query_policy_antiMalwareFileHash_policy_parser.add_argument('--headers-file', dest='headers_file', help='Load headers from a file. Each line should contain a header in "Key: Value" format.')
+    query_policy_antiMalwareFileHash_policy_parser.set_defaults(func=createRequest,operation_name='query.policy.antiMalwareFileHash.policy')
 
     query_policy_dynamicIpAllocation_parser = query_policy_subparsers.add_parser('dynamicIpAllocation', 
             help='dynamicIpAllocation() policy operation', 
@@ -42,6 +44,8 @@ def query_policy_parse(query_subparsers):
     query_policy_dynamicIpAllocation_policy_parser.add_argument('-t', const=True, default=False, nargs='?', help='Print GraphQL query without sending API call')
     query_policy_dynamicIpAllocation_policy_parser.add_argument('-v', const=True, default=False, nargs='?', help='Verbose output')
     query_policy_dynamicIpAllocation_policy_parser.add_argument('-p', const=True, default=False, nargs='?', help='Pretty print')
+    query_policy_dynamicIpAllocation_policy_parser.add_argument('-n', '--stream-events', dest='stream_events', help='Send events over network to host:port TCP')
+    query_policy_dynamicIpAllocation_policy_parser.add_argument('-z', '--sentinel', dest='sentinel', help='Send events to Sentinel customerid:sharedkey')
     query_policy_dynamicIpAllocation_policy_parser.add_argument('-H', '--header', action='append', dest='headers', help='Add custom headers in "Key: Value" format. Can be used multiple times.')
     query_policy_dynamicIpAllocation_policy_parser.add_argument('--headers-file', dest='headers_file', help='Load headers from a file. Each line should contain a header in "Key: Value" format.')
     query_policy_dynamicIpAllocation_policy_parser.set_defaults(func=createRequest,operation_name='query.policy.dynamicIpAllocation.policy')
@@ -61,6 +65,8 @@ def query_policy_parse(query_subparsers):
     query_policy_socketLan_policy_parser.add_argument('-t', const=True, default=False, nargs='?', help='Print GraphQL query without sending API call')
     query_policy_socketLan_policy_parser.add_argument('-v', const=True, default=False, nargs='?', help='Verbose output')
     query_policy_socketLan_policy_parser.add_argument('-p', const=True, default=False, nargs='?', help='Pretty print')
+    query_policy_socketLan_policy_parser.add_argument('-n', '--stream-events', dest='stream_events', help='Send events over network to host:port TCP')
+    query_policy_socketLan_policy_parser.add_argument('-z', '--sentinel', dest='sentinel', help='Send events to Sentinel customerid:sharedkey')
     query_policy_socketLan_policy_parser.add_argument('-H', '--header', action='append', dest='headers', help='Add custom headers in "Key: Value" format. Can be used multiple times.')
     query_policy_socketLan_policy_parser.add_argument('--headers-file', dest='headers_file', help='Load headers from a file. Each line should contain a header in "Key: Value" format.')
     query_policy_socketLan_policy_parser.set_defaults(func=createRequest,operation_name='query.policy.socketLan.policy')
@@ -80,6 +86,8 @@ def query_policy_parse(query_subparsers):
     query_policy_terminalServer_policy_parser.add_argument('-t', const=True, default=False, nargs='?', help='Print GraphQL query without sending API call')
     query_policy_terminalServer_policy_parser.add_argument('-v', const=True, default=False, nargs='?', help='Verbose output')
     query_policy_terminalServer_policy_parser.add_argument('-p', const=True, default=False, nargs='?', help='Pretty print')
+    query_policy_terminalServer_policy_parser.add_argument('-n', '--stream-events', dest='stream_events', help='Send events over network to host:port TCP')
+    query_policy_terminalServer_policy_parser.add_argument('-z', '--sentinel', dest='sentinel', help='Send events to Sentinel customerid:sharedkey')
     query_policy_terminalServer_policy_parser.add_argument('-H', '--header', action='append', dest='headers', help='Add custom headers in "Key: Value" format. Can be used multiple times.')
     query_policy_terminalServer_policy_parser.add_argument('--headers-file', dest='headers_file', help='Load headers from a file. Each line should contain a header in "Key: Value" format.')
     query_policy_terminalServer_policy_parser.set_defaults(func=createRequest,operation_name='query.policy.terminalServer.policy')
@@ -99,28 +107,53 @@ def query_policy_parse(query_subparsers):
     query_policy_wanNetwork_policy_parser.add_argument('-t', const=True, default=False, nargs='?', help='Print GraphQL query without sending API call')
     query_policy_wanNetwork_policy_parser.add_argument('-v', const=True, default=False, nargs='?', help='Verbose output')
     query_policy_wanNetwork_policy_parser.add_argument('-p', const=True, default=False, nargs='?', help='Pretty print')
+    query_policy_wanNetwork_policy_parser.add_argument('-n', '--stream-events', dest='stream_events', help='Send events over network to host:port TCP')
+    query_policy_wanNetwork_policy_parser.add_argument('-z', '--sentinel', dest='sentinel', help='Send events to Sentinel customerid:sharedkey')
     query_policy_wanNetwork_policy_parser.add_argument('-H', '--header', action='append', dest='headers', help='Add custom headers in "Key: Value" format. Can be used multiple times.')
     query_policy_wanNetwork_policy_parser.add_argument('--headers-file', dest='headers_file', help='Load headers from a file. Each line should contain a header in "Key: Value" format.')
     query_policy_wanNetwork_policy_parser.set_defaults(func=createRequest,operation_name='query.policy.wanNetwork.policy')
 
-    query_policy_wanFirewall_parser = query_policy_subparsers.add_parser('wanFirewall', 
-            help='wanFirewall() policy operation', 
-            usage=get_help("query_policy_wanFirewall"))
+    query_policy_appTenantRestriction_parser = query_policy_subparsers.add_parser('appTenantRestriction', 
+            help='appTenantRestriction() policy operation', 
+            usage=get_help("query_policy_appTenantRestriction"))
 
-    query_policy_wanFirewall_subparsers = query_policy_wanFirewall_parser.add_subparsers()
+    query_policy_appTenantRestriction_subparsers = query_policy_appTenantRestriction_parser.add_subparsers()
 
-    query_policy_wanFirewall_policy_parser = query_policy_wanFirewall_subparsers.add_parser('policy', 
-            help='policy() wanFirewall operation', 
-            usage=get_help("query_policy_wanFirewall_policy"))
+    query_policy_appTenantRestriction_policy_parser = query_policy_appTenantRestriction_subparsers.add_parser('policy', 
+            help='policy() appTenantRestriction operation', 
+            usage=get_help("query_policy_appTenantRestriction_policy"))
 
-    query_policy_wanFirewall_policy_parser.add_argument('json', nargs='?', default='{}', help='Variables in JSON format (defaults to empty object if not provided).')
-    query_policy_wanFirewall_policy_parser.add_argument('-accountID', help='The cato account ID to use for this operation. Overrides the account_id value in the profile setting.  This is use for reseller and MSP accounts to run queries against cato sub accounts from the parent account.')
-    query_policy_wanFirewall_policy_parser.add_argument('-t', const=True, default=False, nargs='?', help='Print GraphQL query without sending API call')
-    query_policy_wanFirewall_policy_parser.add_argument('-v', const=True, default=False, nargs='?', help='Verbose output')
-    query_policy_wanFirewall_policy_parser.add_argument('-p', const=True, default=False, nargs='?', help='Pretty print')
-    query_policy_wanFirewall_policy_parser.add_argument('-H', '--header', action='append', dest='headers', help='Add custom headers in "Key: Value" format. Can be used multiple times.')
-    query_policy_wanFirewall_policy_parser.add_argument('--headers-file', dest='headers_file', help='Load headers from a file. Each line should contain a header in "Key: Value" format.')
-    query_policy_wanFirewall_policy_parser.set_defaults(func=createRequest,operation_name='query.policy.wanFirewall.policy')
+    query_policy_appTenantRestriction_policy_parser.add_argument('json', nargs='?', default='{}', help='Variables in JSON format (defaults to empty object if not provided).')
+    query_policy_appTenantRestriction_policy_parser.add_argument('-accountID', help='The cato account ID to use for this operation. Overrides the account_id value in the profile setting.  This is use for reseller and MSP accounts to run queries against cato sub accounts from the parent account.')
+    query_policy_appTenantRestriction_policy_parser.add_argument('-t', const=True, default=False, nargs='?', help='Print GraphQL query without sending API call')
+    query_policy_appTenantRestriction_policy_parser.add_argument('-v', const=True, default=False, nargs='?', help='Verbose output')
+    query_policy_appTenantRestriction_policy_parser.add_argument('-p', const=True, default=False, nargs='?', help='Pretty print')
+    query_policy_appTenantRestriction_policy_parser.add_argument('-n', '--stream-events', dest='stream_events', help='Send events over network to host:port TCP')
+    query_policy_appTenantRestriction_policy_parser.add_argument('-z', '--sentinel', dest='sentinel', help='Send events to Sentinel customerid:sharedkey')
+    query_policy_appTenantRestriction_policy_parser.add_argument('-H', '--header', action='append', dest='headers', help='Add custom headers in "Key: Value" format. Can be used multiple times.')
+    query_policy_appTenantRestriction_policy_parser.add_argument('--headers-file', dest='headers_file', help='Load headers from a file. Each line should contain a header in "Key: Value" format.')
+    query_policy_appTenantRestriction_policy_parser.set_defaults(func=createRequest,operation_name='query.policy.appTenantRestriction.policy')
+
+    query_policy_internetFirewall_parser = query_policy_subparsers.add_parser('internetFirewall', 
+            help='internetFirewall() policy operation', 
+            usage=get_help("query_policy_internetFirewall"))
+
+    query_policy_internetFirewall_subparsers = query_policy_internetFirewall_parser.add_subparsers()
+
+    query_policy_internetFirewall_policy_parser = query_policy_internetFirewall_subparsers.add_parser('policy', 
+            help='policy() internetFirewall operation', 
+            usage=get_help("query_policy_internetFirewall_policy"))
+
+    query_policy_internetFirewall_policy_parser.add_argument('json', nargs='?', default='{}', help='Variables in JSON format (defaults to empty object if not provided).')
+    query_policy_internetFirewall_policy_parser.add_argument('-accountID', help='The cato account ID to use for this operation. Overrides the account_id value in the profile setting.  This is use for reseller and MSP accounts to run queries against cato sub accounts from the parent account.')
+    query_policy_internetFirewall_policy_parser.add_argument('-t', const=True, default=False, nargs='?', help='Print GraphQL query without sending API call')
+    query_policy_internetFirewall_policy_parser.add_argument('-v', const=True, default=False, nargs='?', help='Verbose output')
+    query_policy_internetFirewall_policy_parser.add_argument('-p', const=True, default=False, nargs='?', help='Pretty print')
+    query_policy_internetFirewall_policy_parser.add_argument('-n', '--stream-events', dest='stream_events', help='Send events over network to host:port TCP')
+    query_policy_internetFirewall_policy_parser.add_argument('-z', '--sentinel', dest='sentinel', help='Send events to Sentinel customerid:sharedkey')
+    query_policy_internetFirewall_policy_parser.add_argument('-H', '--header', action='append', dest='headers', help='Add custom headers in "Key: Value" format. Can be used multiple times.')
+    query_policy_internetFirewall_policy_parser.add_argument('--headers-file', dest='headers_file', help='Load headers from a file. Each line should contain a header in "Key: Value" format.')
+    query_policy_internetFirewall_policy_parser.set_defaults(func=createRequest,operation_name='query.policy.internetFirewall.policy')
 
     query_policy_remotePortFwd_parser = query_policy_subparsers.add_parser('remotePortFwd', 
             help='remotePortFwd() policy operation', 
@@ -137,25 +170,29 @@ def query_policy_parse(query_subparsers):
     query_policy_remotePortFwd_policy_parser.add_argument('-t', const=True, default=False, nargs='?', help='Print GraphQL query without sending API call')
     query_policy_remotePortFwd_policy_parser.add_argument('-v', const=True, default=False, nargs='?', help='Verbose output')
     query_policy_remotePortFwd_policy_parser.add_argument('-p', const=True, default=False, nargs='?', help='Pretty print')
+    query_policy_remotePortFwd_policy_parser.add_argument('-n', '--stream-events', dest='stream_events', help='Send events over network to host:port TCP')
+    query_policy_remotePortFwd_policy_parser.add_argument('-z', '--sentinel', dest='sentinel', help='Send events to Sentinel customerid:sharedkey')
     query_policy_remotePortFwd_policy_parser.add_argument('-H', '--header', action='append', dest='headers', help='Add custom headers in "Key: Value" format. Can be used multiple times.')
     query_policy_remotePortFwd_policy_parser.add_argument('--headers-file', dest='headers_file', help='Load headers from a file. Each line should contain a header in "Key: Value" format.')
     query_policy_remotePortFwd_policy_parser.set_defaults(func=createRequest,operation_name='query.policy.remotePortFwd.policy')
 
-    query_policy_internetFirewall_parser = query_policy_subparsers.add_parser('internetFirewall', 
-            help='internetFirewall() policy operation', 
-            usage=get_help("query_policy_internetFirewall"))
+    query_policy_wanFirewall_parser = query_policy_subparsers.add_parser('wanFirewall', 
+            help='wanFirewall() policy operation', 
+            usage=get_help("query_policy_wanFirewall"))
 
-    query_policy_internetFirewall_subparsers = query_policy_internetFirewall_parser.add_subparsers()
+    query_policy_wanFirewall_subparsers = query_policy_wanFirewall_parser.add_subparsers()
 
-    query_policy_internetFirewall_policy_parser = query_policy_internetFirewall_subparsers.add_parser('policy', 
-            help='policy() internetFirewall operation', 
-            usage=get_help("query_policy_internetFirewall_policy"))
+    query_policy_wanFirewall_policy_parser = query_policy_wanFirewall_subparsers.add_parser('policy', 
+            help='policy() wanFirewall operation', 
+            usage=get_help("query_policy_wanFirewall_policy"))
 
-    query_policy_internetFirewall_policy_parser.add_argument('json', nargs='?', default='{}', help='Variables in JSON format (defaults to empty object if not provided).')
-    query_policy_internetFirewall_policy_parser.add_argument('-accountID', help='The cato account ID to use for this operation. Overrides the account_id value in the profile setting.  This is use for reseller and MSP accounts to run queries against cato sub accounts from the parent account.')
-    query_policy_internetFirewall_policy_parser.add_argument('-t', const=True, default=False, nargs='?', help='Print GraphQL query without sending API call')
-    query_policy_internetFirewall_policy_parser.add_argument('-v', const=True, default=False, nargs='?', help='Verbose output')
-    query_policy_internetFirewall_policy_parser.add_argument('-p', const=True, default=False, nargs='?', help='Pretty print')
-    query_policy_internetFirewall_policy_parser.add_argument('-H', '--header', action='append', dest='headers', help='Add custom headers in "Key: Value" format. Can be used multiple times.')
-    query_policy_internetFirewall_policy_parser.add_argument('--headers-file', dest='headers_file', help='Load headers from a file. Each line should contain a header in "Key: Value" format.')
-    query_policy_internetFirewall_policy_parser.set_defaults(func=createRequest,operation_name='query.policy.internetFirewall.policy')
+    query_policy_wanFirewall_policy_parser.add_argument('json', nargs='?', default='{}', help='Variables in JSON format (defaults to empty object if not provided).')
+    query_policy_wanFirewall_policy_parser.add_argument('-accountID', help='The cato account ID to use for this operation. Overrides the account_id value in the profile setting.  This is use for reseller and MSP accounts to run queries against cato sub accounts from the parent account.')
+    query_policy_wanFirewall_policy_parser.add_argument('-t', const=True, default=False, nargs='?', help='Print GraphQL query without sending API call')
+    query_policy_wanFirewall_policy_parser.add_argument('-v', const=True, default=False, nargs='?', help='Verbose output')
+    query_policy_wanFirewall_policy_parser.add_argument('-p', const=True, default=False, nargs='?', help='Pretty print')
+    query_policy_wanFirewall_policy_parser.add_argument('-n', '--stream-events', dest='stream_events', help='Send events over network to host:port TCP')
+    query_policy_wanFirewall_policy_parser.add_argument('-z', '--sentinel', dest='sentinel', help='Send events to Sentinel customerid:sharedkey')
+    query_policy_wanFirewall_policy_parser.add_argument('-H', '--header', action='append', dest='headers', help='Add custom headers in "Key: Value" format. Can be used multiple times.')
+    query_policy_wanFirewall_policy_parser.add_argument('--headers-file', dest='headers_file', help='Load headers from a file. Each line should contain a header in "Key: Value" format.')
+    query_policy_wanFirewall_policy_parser.set_defaults(func=createRequest,operation_name='query.policy.wanFirewall.policy')

catocli/parsers/query_policy_antiMalwareFileHash_policy/README.md

@@ -0,0 +1,19 @@
+
+## CATO-CLI - query.policy.antiMalwareFileHash.policy:
+[Click here](https://api.catonetworks.com/documentation/#query-query.policy.antiMalwareFileHash.policy) for documentation on this operation.
+
+### Usage for query.policy.antiMalwareFileHash.policy:
+
+`catocli query policy antiMalwareFileHash policy -h`
+
+`catocli query policy antiMalwareFileHash policy <json>`
+
+`catocli query policy antiMalwareFileHash policy "$(cat < query.policy.antiMalwareFileHash.policy.json)"`
+
+`catocli query policy antiMalwareFileHash policy '{"antiMalwareFileHashPolicyInput":{"policyRevisionInput":{"id":"id","type":"PRIVATE"}}}'`
+
+
+#### Operation Arguments for query.policy.antiMalwareFileHash.policy ####
+
+`accountId` [ID] - (required) N/A    
+`antiMalwareFileHashPolicyInput` [AntiMalwareFileHashPolicyInput] - (required) N/A    

catocli/parsers/query_popLocations/__init__.py

@@ -11,6 +11,8 @@ def query_popLocations_parse(query_subparsers):
     query_popLocations_parser.add_argument('-t', const=True, default=False, nargs='?', help='Print GraphQL query without sending API call')
     query_popLocations_parser.add_argument('-v', const=True, default=False, nargs='?', help='Verbose output')
     query_popLocations_parser.add_argument('-p', const=True, default=False, nargs='?', help='Pretty print')
+    query_popLocations_parser.add_argument('-n', '--stream-events', dest='stream_events', help='Send events over network to host:port TCP')
+    query_popLocations_parser.add_argument('-z', '--sentinel', dest='sentinel', help='Send events to Sentinel customerid:sharedkey')
     query_popLocations_parser.add_argument('-H', '--header', action='append', dest='headers', help='Add custom headers in "Key: Value" format. Can be used multiple times.')
     query_popLocations_parser.add_argument('--headers-file', dest='headers_file', help='Load headers from a file. Each line should contain a header in "Key: Value" format.')
     query_popLocations_parser.set_defaults(func=createRequest,operation_name='query.popLocations')

catocli/parsers/query_sandbox/__init__.py

@@ -11,6 +11,8 @@ def query_sandbox_parse(query_subparsers):
     query_sandbox_parser.add_argument('-t', const=True, default=False, nargs='?', help='Print GraphQL query without sending API call')
     query_sandbox_parser.add_argument('-v', const=True, default=False, nargs='?', help='Verbose output')
     query_sandbox_parser.add_argument('-p', const=True, default=False, nargs='?', help='Pretty print')
+    query_sandbox_parser.add_argument('-n', '--stream-events', dest='stream_events', help='Send events over network to host:port TCP')
+    query_sandbox_parser.add_argument('-z', '--sentinel', dest='sentinel', help='Send events to Sentinel customerid:sharedkey')
     query_sandbox_parser.add_argument('-H', '--header', action='append', dest='headers', help='Add custom headers in "Key: Value" format. Can be used multiple times.')
     query_sandbox_parser.add_argument('--headers-file', dest='headers_file', help='Load headers from a file. Each line should contain a header in "Key: Value" format.')
     query_sandbox_parser.set_defaults(func=createRequest,operation_name='query.sandbox')

catocli/parsers/query_servicePrincipalAdmin/__init__.py

@@ -11,6 +11,8 @@ def query_servicePrincipalAdmin_parse(query_subparsers):
     query_servicePrincipalAdmin_parser.add_argument('-t', const=True, default=False, nargs='?', help='Print GraphQL query without sending API call')
     query_servicePrincipalAdmin_parser.add_argument('-v', const=True, default=False, nargs='?', help='Verbose output')
     query_servicePrincipalAdmin_parser.add_argument('-p', const=True, default=False, nargs='?', help='Pretty print')
+    query_servicePrincipalAdmin_parser.add_argument('-n', '--stream-events', dest='stream_events', help='Send events over network to host:port TCP')
+    query_servicePrincipalAdmin_parser.add_argument('-z', '--sentinel', dest='sentinel', help='Send events to Sentinel customerid:sharedkey')
     query_servicePrincipalAdmin_parser.add_argument('-H', '--header', action='append', dest='headers', help='Add custom headers in "Key: Value" format. Can be used multiple times.')
     query_servicePrincipalAdmin_parser.add_argument('--headers-file', dest='headers_file', help='Load headers from a file. Each line should contain a header in "Key: Value" format.')
     query_servicePrincipalAdmin_parser.set_defaults(func=createRequest,operation_name='query.servicePrincipalAdmin')