crowdstrike-falconpy-dev 1.4.0__tar.gz → 1.4.2__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/AUTHORS.md +6 -2
- {crowdstrike-falconpy-dev-1.4.0/src/crowdstrike_falconpy_dev.egg-info → crowdstrike-falconpy-dev-1.4.2}/PKG-INFO +3 -2
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/README.md +2 -1
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2/src/crowdstrike_falconpy_dev.egg-info}/PKG-INFO +3 -2
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/crowdstrike_falconpy_dev.egg-info/SOURCES.txt +3 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/__init__.py +3 -1
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_auth_object/_falcon_interface.py +27 -7
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_auth_object/_uber_interface.py +4 -2
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/__init__.py +2 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_alerts.py +32 -3
- crowdstrike-falconpy-dev-1.4.2/src/falconpydev/_endpoint/_cloud_snapshots.py +164 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_container_alerts.py +17 -1
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_container_detections.py +36 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_container_images.py +3 -2
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_cspm_registration.py +331 -11
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_custom_ioa.py +6 -6
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_d4c_registration.py +99 -3
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_discover.py +48 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_falcon_complete_dashboard.py +14 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_falconx_sandbox.py +8 -7
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_filevantage.py +1 -1
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_foundry_logscale.py +94 -1
- crowdstrike-falconpy-dev-1.4.2/src/falconpydev/_endpoint/_image_assessment_policies.py +194 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_intel.py +79 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_iocs.py +42 -44
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_kubernetes_protection.py +77 -71
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_message_center.py +2 -2
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_real_time_response.py +30 -28
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_real_time_response_admin.py +21 -20
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_sensor_download.py +112 -0
- crowdstrike-falconpy-dev-1.4.2/src/falconpydev/_endpoint/_workflows.py +515 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/_custom_ioa.py +6 -6
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/_discover.py +48 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/_real_time_response.py +17 -15
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/_real_time_response_admin.py +10 -9
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/__init__.py +29 -6
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_cloud_snapshots.py +17 -60
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_container.py +101 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_cspm_registration.py +47 -1
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_d4c_registration.py +10 -2
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_firewall.py +1 -1
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_workflows.py +66 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_util/_functions.py +5 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_version.py +1 -1
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/alerts.py +28 -8
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/cloud_snapshots.py +132 -69
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/container_alerts.py +29 -1
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/container_detections.py +46 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/container_images.py +1 -1
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/cspm_registration.py +510 -5
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/d4c_registration.py +148 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/discover.py +71 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/falcon_complete_dashboard.py +87 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/filevantage.py +1 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/foundry_logscale.py +67 -1
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/hosts.py +2 -1
- crowdstrike-falconpy-dev-1.4.2/src/falconpydev/image_assessment_policies.py +440 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/intel.py +94 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/kubernetes_protection.py +4 -4
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/oauth2.py +4 -2
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/sample_uploads.py +5 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/sensor_download.py +144 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/workflows.py +337 -2
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_authentications.py +43 -16
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_cloud_connect_aws.py +16 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_cloud_snapshots.py +4 -4
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_container_alerts.py +1 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_container_detections.py +1 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_cspm_registration.py +15 -1
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_d4c_registration.py +5 -1
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_discover.py +1 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_falcon_complete_dashboard.py +1 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_foundry_logscale.py +2 -0
- crowdstrike-falconpy-dev-1.4.2/tests/test_image_assessment_policies.py +49 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_intel.py +5 -1
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_real_time_response.py +4 -2
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_result_object.py +5 -1
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_sample_uploads.py +2 -2
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_sensor_download.py +43 -9
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_service_class.py +13 -10
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_uber.py +16 -16
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_uber_api_complete.py +16 -16
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_workflows.py +13 -3
- crowdstrike-falconpy-dev-1.4.0/src/falconpydev/_endpoint/_cloud_snapshots.py +0 -76
- crowdstrike-falconpy-dev-1.4.0/src/falconpydev/_endpoint/_workflows.py +0 -180
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/LICENSE +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/dev_setup.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/setup.cfg +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/setup.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/crowdstrike_falconpy_dev.egg-info/dependency_links.txt +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/crowdstrike_falconpy_dev.egg-info/requires.txt +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/crowdstrike_falconpy_dev.egg-info/top_level.txt +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_api_request/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_api_request/_request.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_api_request/_request_behavior.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_api_request/_request_connection.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_api_request/_request_meta.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_api_request/_request_payloads.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_api_request/_request_validator.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_auth_object/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_auth_object/_base_falcon_auth.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_auth_object/_bearer_token.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_auth_object/_interface_config.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_constant/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_cloud_connect_aws.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_configuration_assessment.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_configuration_assessment_evaluation_logic.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_container_packages.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_container_vulnerabilities.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_custom_storage.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_detects.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_device_control_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_drift_indicators.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_event_streams.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_falcon_container.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_fdr.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_firewall_management.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_firewall_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_host_group.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_hosts.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_identity_protection.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_incidents.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_installation_tokens.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_ioa_exclusions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_ioc.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_malquery.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_ml_exclusions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_mobile_enrollment.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_mssp.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_oauth2.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_ods.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_overwatch_dashboard.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_prevention_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_quarantine.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_quick_scan.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_real_time_response_audit.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_recon.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_report_executions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_response_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_sample_uploads.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_scheduled_reports.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_sensor_update_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_sensor_visibility_exclusions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_spotlight_evaluation_logic.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_spotlight_vulnerabilities.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_tailored_intelligence.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_unidentified_containers.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_user_management.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/_zero_trust_assessment.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/_d4c_registration.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/_fdr.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/_firewall_management.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/_hosts.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/_identity_protection.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/_installation_tokens.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/_ioc.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/_iocs.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/_mapping.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/_ods.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/_report_executions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/_scheduled_reports.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_endpoint/deprecated/_zero_trust_assessment.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_enum/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_enum/_base_url.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_enum/_container_base_url.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_enum/_token_fail_reason.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_error/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_error/_exceptions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_error/_warnings.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_log/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_log/_facility.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_alerts.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_cloud_connect_aws.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_detects.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_device_control_policy.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_falconx.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_filevantage.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_foundry.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_generic.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_host_group.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_incidents.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_ioa.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_ioc.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_malquery.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_message_center.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_mssp.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_ods.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_prevention_policy.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_real_time_response.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_recon.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_reports.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_response_policy.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_sample_uploads.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_payload/_sensor_update_policy.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_result/__base_resource.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_result/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_result/_base_dictionary.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_result/_errors.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_result/_expanded_result.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_result/_headers.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_result/_meta.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_result/_resources.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_result/_response_component.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_result/_result.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_service_class/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_service_class/_base_service_class.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_service_class/_service_class.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_util/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_util/_auth.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_util/_service.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/_util/_uber.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/api_complete/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/api_complete/_advanced.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/api_complete/_legacy.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/cloud_connect_aws.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/configuration_assessment.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/configuration_assessment_evaluation_logic.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/container_packages.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/container_vulnerabilities.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/custom_ioa.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/custom_storage.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/debug.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/detects.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/device_control_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/drift_indicators.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/event_streams.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/falcon_container.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/falconx_sandbox.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/fdr.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/firewall_management.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/firewall_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/host_group.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/identity_protection.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/incidents.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/installation_tokens.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/ioa_exclusions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/ioc.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/iocs.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/malquery.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/message_center.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/ml_exclusions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/mobile_enrollment.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/mssp.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/ods.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/overwatch_dashboard.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/prevention_policy.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/quarantine.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/quick_scan.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/real_time_response.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/real_time_response_admin.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/real_time_response_audit.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/recon.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/report_executions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/response_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/scheduled_reports.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/sensor_update_policy.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/sensor_visibility_exclusions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/spotlight_evaluation_logic.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/spotlight_vulnerabilities.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/tailored_intelligence.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/unidentified_containers.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/user_management.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/zero_trust_assessment.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_alerts.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_api_request.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_authorization.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_configuration_assessment.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_configuration_assessment_evaluation_logic.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_container_images.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_container_packages.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_container_vulnerabilities.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_custom_ioa.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_custom_storage.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_detects.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_device_control_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_drift_indicators.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_event_streams.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_falcon_container.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_falconx_sandbox.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_fdr.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_filevantage.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_firewall_management.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_firewall_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_host_group.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_hosts.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_identity_protection.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_incidents.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_installation_tokens.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_ioa_exclusions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_ioc.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_iocs.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_kubernetes_protection.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_malquery.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_message_center.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_ml_exclusions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_mobile_enrollment.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_mssp.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_ods.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_overwatch_dashboard.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_prevention_policy.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_quarantine.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_quick_scan.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_real_time_response_admin.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_real_time_response_audit.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_recon.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_report_executions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_response_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_scheduled_reports.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_sensor_update_policy.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_sensor_visibility_exclusions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_spotlight_evaluation_logic.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_spotlight_vulnerabilities.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_tailored_intelligence.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_timeout.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_unidentified_containers.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_user_management.py +0 -0
- {crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/tests/test_zero_trust_assessment.py +0 -0
|
@@ -28,7 +28,6 @@ These coders deserve accolades and laurels as well as cool titles and cartoons.
|
|
|
28
28
|
|
|
29
29
|
| Name | Role |
|
|
30
30
|
| :--- | :--- |
|
|
31
|
-
| Šimon L., `@isimluk` | [Sanity Checker](https://xkcd.com/1926/) |
|
|
32
31
|
| Josh Lang, `@jlangdev` | [Lint Purveyor](https://xkcd.com/1833/) |
|
|
33
32
|
| Christopher Hammond, `@ChristopherHammond13` | [Technical Debt Collector](https://xkcd.com/2138/) |
|
|
34
33
|
| Gabe Alford, `@redhatrises` | [Git Whisperer](https://xkcd.com/1597/) |
|
|
@@ -37,6 +36,9 @@ These coders deserve accolades and laurels as well as cool titles and cartoons.
|
|
|
37
36
|
| Shane Shellenbarger, `@soggysec` | [Calamity Validator](https://xkcd.com/1700/) |
|
|
38
37
|
| Steve Klassen, `@mrxinu` | [Dilemma Responder](https://xkcd.com/85/) |
|
|
39
38
|
|
|
39
|
+
#### Honorable mentions
|
|
40
|
+
+ Šimon L., `@isimluk` ([Sanity Checker](https://xkcd.com/1926/))
|
|
41
|
+
|
|
40
42
|
## Contributors
|
|
41
43
|
The following members of the community have made requests, suggestions, code contributions or provided feedback and reported bugs.
|
|
42
44
|
This has been a critical element in the development of the FalconPy project.
|
|
@@ -90,6 +92,8 @@ This has been a critical element in the development of the FalconPy project.
|
|
|
90
92
|
+ Phil Massyn, `@massyn`
|
|
91
93
|
+ Russell Snyder, `@rusnyder`
|
|
92
94
|
+ `@PeroSoy`
|
|
95
|
+
+ Shubham, `@i-shubham01`
|
|
96
|
+
+ Don "Swanson" I., `@Don-Swanson-Adobe`
|
|
93
97
|
|
|
94
98
|
|
|
95
99
|
## Sponsors
|
|
@@ -98,11 +102,11 @@ Without the support of these executives, the FalconPy project would not have hap
|
|
|
98
102
|
| Name | Role |
|
|
99
103
|
| :-- | :-- |
|
|
100
104
|
| Chris Kachigian, `@ckachigian` | Herder of Cats |
|
|
101
|
-
| Rekha Das | Gatekeeper |
|
|
102
105
|
| Robbie Coleman, `@erraggy` | Keymaster |
|
|
103
106
|
| Mike Cryer | Colonel-in-Chief |
|
|
104
107
|
|
|
105
108
|
#### Honorable mentions
|
|
109
|
+
+ Rekha Das
|
|
106
110
|
+ Jaime Franklin, `@franklinjff`
|
|
107
111
|
+ Shawn Wells, `@shawndwells`
|
|
108
112
|
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.1
|
|
2
2
|
Name: crowdstrike-falconpy-dev
|
|
3
|
-
Version: 1.4.
|
|
3
|
+
Version: 1.4.2
|
|
4
4
|
Summary: The CrowdStrike Falcon SDK for Python 3
|
|
5
5
|
Home-page: https://github.com/CrowdStrike/falconpy
|
|
6
6
|
Author: CrowdStrike
|
|
@@ -56,7 +56,7 @@ License-File: AUTHORS.md
|
|
|
56
56
|
[](https://github.com/CrowdStrike/falconpy/releases)
|
|
57
57
|
[](https://github.com/CrowdStrike/falconpy/graphs/code-frequency)
|
|
58
58
|
[](https://github.com/CrowdStrike/falconpy/commits/main)
|
|
59
|
-
|
|
59
|
+
|
|
60
60
|
|
|
61
61
|
The FalconPy SDK contains a collection of Python classes that abstract CrowdStrike Falcon OAuth2 API interaction, removing duplicative code and allowing developers to focus on just the logic of their solution requirements.
|
|
62
62
|
|
|
@@ -130,6 +130,7 @@ For each CrowdStrike Falcon API service collection, a matching Service Class is
|
|
|
130
130
|
|
|
131
131
|
- Closely follows Python and OpenAPI best practice for code style and syntax. PEP-8 compliant.
|
|
132
132
|
- Completely abstracts token management, automatically refreshing your token when it expires.
|
|
133
|
+
- Interact with newly released API operations not yet available in the library via the `override` method.
|
|
133
134
|
- Provides simple programmatic patterns for interacting with CrowdStrike Falcon APIs.
|
|
134
135
|
- Supports [cloud region autodiscovery](https://www.falconpy.io/Usage/Environment-Configuration.html#cloud-region-autodiscovery) for the CrowdStrike `US-1`, `US-2` and `EU-1` regions.
|
|
135
136
|
- Supports dynamic [configuration](https://www.falconpy.io/Usage/Environment-Configuration.html) based upon the needs of your environment.
|
|
@@ -9,7 +9,7 @@
|
|
|
9
9
|
[](https://github.com/CrowdStrike/falconpy/releases)
|
|
10
10
|
[](https://github.com/CrowdStrike/falconpy/graphs/code-frequency)
|
|
11
11
|
[](https://github.com/CrowdStrike/falconpy/commits/main)
|
|
12
|
-
|
|
12
|
+
|
|
13
13
|
|
|
14
14
|
The FalconPy SDK contains a collection of Python classes that abstract CrowdStrike Falcon OAuth2 API interaction, removing duplicative code and allowing developers to focus on just the logic of their solution requirements.
|
|
15
15
|
|
|
@@ -83,6 +83,7 @@ For each CrowdStrike Falcon API service collection, a matching Service Class is
|
|
|
83
83
|
|
|
84
84
|
- Closely follows Python and OpenAPI best practice for code style and syntax. PEP-8 compliant.
|
|
85
85
|
- Completely abstracts token management, automatically refreshing your token when it expires.
|
|
86
|
+
- Interact with newly released API operations not yet available in the library via the `override` method.
|
|
86
87
|
- Provides simple programmatic patterns for interacting with CrowdStrike Falcon APIs.
|
|
87
88
|
- Supports [cloud region autodiscovery](https://www.falconpy.io/Usage/Environment-Configuration.html#cloud-region-autodiscovery) for the CrowdStrike `US-1`, `US-2` and `EU-1` regions.
|
|
88
89
|
- Supports dynamic [configuration](https://www.falconpy.io/Usage/Environment-Configuration.html) based upon the needs of your environment.
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.1
|
|
2
2
|
Name: crowdstrike-falconpy-dev
|
|
3
|
-
Version: 1.4.
|
|
3
|
+
Version: 1.4.2
|
|
4
4
|
Summary: The CrowdStrike Falcon SDK for Python 3
|
|
5
5
|
Home-page: https://github.com/CrowdStrike/falconpy
|
|
6
6
|
Author: CrowdStrike
|
|
@@ -56,7 +56,7 @@ License-File: AUTHORS.md
|
|
|
56
56
|
[](https://github.com/CrowdStrike/falconpy/releases)
|
|
57
57
|
[](https://github.com/CrowdStrike/falconpy/graphs/code-frequency)
|
|
58
58
|
[](https://github.com/CrowdStrike/falconpy/commits/main)
|
|
59
|
-
|
|
59
|
+
|
|
60
60
|
|
|
61
61
|
The FalconPy SDK contains a collection of Python classes that abstract CrowdStrike Falcon OAuth2 API interaction, removing duplicative code and allowing developers to focus on just the logic of their solution requirements.
|
|
62
62
|
|
|
@@ -130,6 +130,7 @@ For each CrowdStrike Falcon API service collection, a matching Service Class is
|
|
|
130
130
|
|
|
131
131
|
- Closely follows Python and OpenAPI best practice for code style and syntax. PEP-8 compliant.
|
|
132
132
|
- Completely abstracts token management, automatically refreshing your token when it expires.
|
|
133
|
+
- Interact with newly released API operations not yet available in the library via the `override` method.
|
|
133
134
|
- Provides simple programmatic patterns for interacting with CrowdStrike Falcon APIs.
|
|
134
135
|
- Supports [cloud region autodiscovery](https://www.falconpy.io/Usage/Environment-Configuration.html#cloud-region-autodiscovery) for the CrowdStrike `US-1`, `US-2` and `EU-1` regions.
|
|
135
136
|
- Supports dynamic [configuration](https://www.falconpy.io/Usage/Environment-Configuration.html) based upon the needs of your environment.
|
|
@@ -41,6 +41,7 @@ src/falconpydev/foundry_logscale.py
|
|
|
41
41
|
src/falconpydev/host_group.py
|
|
42
42
|
src/falconpydev/hosts.py
|
|
43
43
|
src/falconpydev/identity_protection.py
|
|
44
|
+
src/falconpydev/image_assessment_policies.py
|
|
44
45
|
src/falconpydev/incidents.py
|
|
45
46
|
src/falconpydev/installation_tokens.py
|
|
46
47
|
src/falconpydev/intel.py
|
|
@@ -122,6 +123,7 @@ src/falconpydev/_endpoint/_foundry_logscale.py
|
|
|
122
123
|
src/falconpydev/_endpoint/_host_group.py
|
|
123
124
|
src/falconpydev/_endpoint/_hosts.py
|
|
124
125
|
src/falconpydev/_endpoint/_identity_protection.py
|
|
126
|
+
src/falconpydev/_endpoint/_image_assessment_policies.py
|
|
125
127
|
src/falconpydev/_endpoint/_incidents.py
|
|
126
128
|
src/falconpydev/_endpoint/_installation_tokens.py
|
|
127
129
|
src/falconpydev/_endpoint/_intel.py
|
|
@@ -269,6 +271,7 @@ tests/test_foundry_logscale.py
|
|
|
269
271
|
tests/test_host_group.py
|
|
270
272
|
tests/test_hosts.py
|
|
271
273
|
tests/test_identity_protection.py
|
|
274
|
+
tests/test_image_assessment_policies.py
|
|
272
275
|
tests/test_incidents.py
|
|
273
276
|
tests/test_installation_tokens.py
|
|
274
277
|
tests/test_intel.py
|
{crowdstrike-falconpy-dev-1.4.0 → crowdstrike-falconpy-dev-1.4.2}/src/falconpydev/__init__.py
RENAMED
|
@@ -118,6 +118,7 @@ from .foundry_logscale import FoundryLogScale
|
|
|
118
118
|
from .host_group import HostGroup
|
|
119
119
|
from .hosts import Hosts
|
|
120
120
|
from .identity_protection import IdentityProtection
|
|
121
|
+
from .image_assessment_policies import ImageAssessmentPolicies
|
|
121
122
|
from .incidents import Incidents
|
|
122
123
|
from .installation_tokens import InstallationTokens
|
|
123
124
|
from .intel import Intel
|
|
@@ -193,7 +194,8 @@ __all__ = [
|
|
|
193
194
|
"RealTimeResponseAudit", "Workflows", "DeprecatedClass", "DeprecatedOperation",
|
|
194
195
|
"SDKDeprecationWarning", "ConfigurationAssessmentEvaluationLogic", "ConfigurationAssessment",
|
|
195
196
|
"ContainerAlerts", "ContainerDetections", "ContainerImages", "ContainerPackages",
|
|
196
|
-
"ContainerVulnerabilities", "DriftIndicators", "UnidentifiedContainers"
|
|
197
|
+
"ContainerVulnerabilities", "DriftIndicators", "UnidentifiedContainers",
|
|
198
|
+
"ImageAssessmentPolicies"
|
|
197
199
|
]
|
|
198
200
|
"""
|
|
199
201
|
This is free and unencumbered software released into the public domain.
|
|
@@ -90,7 +90,8 @@ class FalconInterface(BaseFalconAuth):
|
|
|
90
90
|
debug: Optional[bool] = False,
|
|
91
91
|
debug_record_count: Optional[int] = None,
|
|
92
92
|
sanitize_log: Optional[bool] = None,
|
|
93
|
-
pythonic: Optional[bool] = False
|
|
93
|
+
pythonic: Optional[bool] = False,
|
|
94
|
+
environment: Optional[Dict[str, str]] = None
|
|
94
95
|
) -> "FalconInterface":
|
|
95
96
|
"""Construct an instance of the FalconInterface class."""
|
|
96
97
|
# Set the pythonic behavior mode.
|
|
@@ -149,20 +150,24 @@ class FalconInterface(BaseFalconAuth):
|
|
|
149
150
|
)
|
|
150
151
|
|
|
151
152
|
# Environment Authentication
|
|
153
|
+
# User configuration environment keys
|
|
154
|
+
self._environment = environment if environment else {}
|
|
152
155
|
# When credentials are not provided, attempt to retrieve them from the environment.
|
|
153
156
|
if not self.cred_format_valid and not self.token_value:
|
|
154
157
|
# Both variables must be present within the running environment.
|
|
155
|
-
if os.getenv("
|
|
156
|
-
api_id = os.getenv("
|
|
157
|
-
|
|
158
|
-
|
|
159
|
-
|
|
160
|
-
api_sec = self.creds["client_secret"]
|
|
158
|
+
if os.getenv(f"{self.env_prefix}{self.env_key}") and os.getenv(f"{self.env_prefix}{self.env_secret}"):
|
|
159
|
+
api_id = os.getenv(f"{self.env_prefix}{self.env_key}") \
|
|
160
|
+
if "client_id" not in self.creds else self.creds["client_id"]
|
|
161
|
+
api_sec = os.getenv(f"{self.env_prefix}{self.env_secret}") \
|
|
162
|
+
if "client_secret" not in self.creds else self.creds["client_secret"]
|
|
161
163
|
# Environment Authentication will not override values that preexist in the creds dictionary.
|
|
162
164
|
self._creds = {
|
|
163
165
|
"client_id": api_id,
|
|
164
166
|
"client_secret": api_sec
|
|
165
167
|
}
|
|
168
|
+
# Provide member_cid for MSSP environment authentication scenarios. Issue #1105.
|
|
169
|
+
if member_cid:
|
|
170
|
+
self._creds["member_cid"] = member_cid
|
|
166
171
|
|
|
167
172
|
# Log the creation of this object if debugging is enabled.
|
|
168
173
|
# Starting with v1.3.0 minimal Python native logging is available. In order to reduce
|
|
@@ -508,3 +513,18 @@ class FalconInterface(BaseFalconAuth):
|
|
|
508
513
|
def pythonic(self, value: bool):
|
|
509
514
|
"""Enable or disable pythonic mode."""
|
|
510
515
|
self._pythonic = value
|
|
516
|
+
|
|
517
|
+
@property
|
|
518
|
+
def env_prefix(self) -> str:
|
|
519
|
+
"""Return the environment prefix."""
|
|
520
|
+
return self._environment.get("prefix", "FALCON_")
|
|
521
|
+
|
|
522
|
+
@property
|
|
523
|
+
def env_key(self) -> str:
|
|
524
|
+
"""Return the environment API key name."""
|
|
525
|
+
return self._environment.get("id_name", "CLIENT_ID")
|
|
526
|
+
|
|
527
|
+
@property
|
|
528
|
+
def env_secret(self) -> str:
|
|
529
|
+
"""Return the environment API key secret."""
|
|
530
|
+
return self._environment.get("secret_name", "CLIENT_SECRET")
|
|
@@ -77,7 +77,8 @@ class UberInterface(FalconInterface):
|
|
|
77
77
|
debug: Optional[bool] = False,
|
|
78
78
|
debug_record_count: Optional[int] = MAX_DEBUG_RECORDS,
|
|
79
79
|
sanitize_log: Optional[bool] = None,
|
|
80
|
-
pythonic: Optional[bool] = None
|
|
80
|
+
pythonic: Optional[bool] = None,
|
|
81
|
+
environment: Optional[Dict[str, str]] = None
|
|
81
82
|
):
|
|
82
83
|
"""Construct an instance of the UberInterface class.
|
|
83
84
|
|
|
@@ -126,7 +127,8 @@ class UberInterface(FalconInterface):
|
|
|
126
127
|
debug=debug,
|
|
127
128
|
debug_record_count=debug_record_count,
|
|
128
129
|
sanitize_log=sanitize_log,
|
|
129
|
-
pythonic=pythonic
|
|
130
|
+
pythonic=pythonic,
|
|
131
|
+
environment=environment
|
|
130
132
|
)
|
|
131
133
|
|
|
132
134
|
# Complete list of available API operations.
|
|
@@ -68,6 +68,7 @@ from ._foundry_logscale import _foundry_logscale_endpoints
|
|
|
68
68
|
from ._host_group import _host_group_endpoints
|
|
69
69
|
from ._hosts import _hosts_endpoints
|
|
70
70
|
from ._identity_protection import _identity_protection_endpoints
|
|
71
|
+
from ._image_assessment_policies import _image_assessment_policies_endpoints
|
|
71
72
|
from ._incidents import _incidents_endpoints
|
|
72
73
|
from ._installation_tokens import _installation_tokens_endpoints
|
|
73
74
|
from ._intel import _intel_endpoints
|
|
@@ -135,6 +136,7 @@ api_endpoints.extend(_foundry_logscale_endpoints)
|
|
|
135
136
|
api_endpoints.extend(_host_group_endpoints)
|
|
136
137
|
api_endpoints.extend(_hosts_endpoints)
|
|
137
138
|
api_endpoints.extend(_identity_protection_endpoints)
|
|
139
|
+
api_endpoints.extend(_image_assessment_policies_endpoints)
|
|
138
140
|
api_endpoints.extend(_incidents_endpoints)
|
|
139
141
|
api_endpoints.extend(_installation_tokens_endpoints)
|
|
140
142
|
api_endpoints.extend(_intel_endpoints)
|
|
@@ -59,6 +59,13 @@ _alerts_endpoints = [
|
|
|
59
59
|
"retrieves aggregate values for Alerts across all CIDs",
|
|
60
60
|
"alerts",
|
|
61
61
|
[
|
|
62
|
+
{
|
|
63
|
+
"type": "boolean",
|
|
64
|
+
"default": True,
|
|
65
|
+
"description": "allows previously hidden alerts to be retrieved",
|
|
66
|
+
"name": "include_hidden",
|
|
67
|
+
"in": "query"
|
|
68
|
+
},
|
|
62
69
|
{
|
|
63
70
|
"description": "request body takes a list of aggregate-alert query requests",
|
|
64
71
|
"name": "body",
|
|
@@ -114,6 +121,13 @@ _alerts_endpoints = [
|
|
|
114
121
|
"retrieves all Alerts given their composite ids",
|
|
115
122
|
"alerts",
|
|
116
123
|
[
|
|
124
|
+
{
|
|
125
|
+
"type": "boolean",
|
|
126
|
+
"default": True,
|
|
127
|
+
"description": "allows previously hidden alerts to be retrieved",
|
|
128
|
+
"name": "include_hidden",
|
|
129
|
+
"in": "query"
|
|
130
|
+
},
|
|
117
131
|
{
|
|
118
132
|
"name": "body",
|
|
119
133
|
"in": "body",
|
|
@@ -125,7 +139,7 @@ _alerts_endpoints = [
|
|
|
125
139
|
"PatchEntitiesAlertsV2",
|
|
126
140
|
"PATCH",
|
|
127
141
|
"/alerts/entities/alerts/v2",
|
|
128
|
-
"Perform actions on
|
|
142
|
+
"Perform actions on Alerts identified by composite ID(s) in request.\nEach action has a name and a "
|
|
129
143
|
"description which describes what the action does.\nIf a request adds and removes tag in a single request, the "
|
|
130
144
|
"order of processing would be to remove tags before adding new ones in.\n\n",
|
|
131
145
|
"alerts",
|
|
@@ -142,13 +156,21 @@ _alerts_endpoints = [
|
|
|
142
156
|
"PatchEntitiesAlertsV3",
|
|
143
157
|
"PATCH",
|
|
144
158
|
"/alerts/entities/alerts/v3",
|
|
145
|
-
"Perform actions on
|
|
159
|
+
"Perform actions on Alerts identified by composite ID(s) in request.\nEach action has a name and a "
|
|
146
160
|
"description which describes what the action does.\nIf a request adds and removes tag in a single request, the "
|
|
147
161
|
"order of processing would be to remove tags before adding new ones in.\n\n",
|
|
148
162
|
"alerts",
|
|
149
163
|
[
|
|
150
164
|
{
|
|
151
|
-
"
|
|
165
|
+
"type": "boolean",
|
|
166
|
+
"default": True,
|
|
167
|
+
"description": "allows previously hidden alerts to be retrieved",
|
|
168
|
+
"name": "include_hidden",
|
|
169
|
+
"in": "query"
|
|
170
|
+
},
|
|
171
|
+
{
|
|
172
|
+
"description": "request body takes a list of action parameter request that is applied against all "
|
|
173
|
+
"\"composite_ids\" provided",
|
|
152
174
|
"name": "body",
|
|
153
175
|
"in": "body",
|
|
154
176
|
"required": True
|
|
@@ -219,6 +241,13 @@ _alerts_endpoints = [
|
|
|
219
241
|
"retrieves all Alerts ids that match a given query",
|
|
220
242
|
"alerts",
|
|
221
243
|
[
|
|
244
|
+
{
|
|
245
|
+
"type": "boolean",
|
|
246
|
+
"default": True,
|
|
247
|
+
"description": "allows previously hidden alerts to be retrieved",
|
|
248
|
+
"name": "include_hidden",
|
|
249
|
+
"in": "query"
|
|
250
|
+
},
|
|
222
251
|
{
|
|
223
252
|
"type": "integer",
|
|
224
253
|
"description": "The first detection to return, where `0` is the latest detection. Use with the "
|
|
@@ -0,0 +1,164 @@
|
|
|
1
|
+
"""Internal API endpoint constant library.
|
|
2
|
+
|
|
3
|
+
_______ __ _______ __ __ __
|
|
4
|
+
| _ .----.-----.--.--.--.--| | _ | |_.----|__| |--.-----.
|
|
5
|
+
|. 1___| _| _ | | | | _ | 1___| _| _| | <| -__|
|
|
6
|
+
|. |___|__| |_____|________|_____|____ |____|__| |__|__|__|_____|
|
|
7
|
+
|: 1 | |: 1 |
|
|
8
|
+
|::.. . | CROWDSTRIKE FALCON |::.. . | FalconPy
|
|
9
|
+
`-------' `-------'
|
|
10
|
+
|
|
11
|
+
OAuth2 API - Customer SDK
|
|
12
|
+
|
|
13
|
+
This is free and unencumbered software released into the public domain.
|
|
14
|
+
|
|
15
|
+
Anyone is free to copy, modify, publish, use, compile, sell, or
|
|
16
|
+
distribute this software, either in source code form or as a compiled
|
|
17
|
+
binary, for any purpose, commercial or non-commercial, and by any
|
|
18
|
+
means.
|
|
19
|
+
|
|
20
|
+
In jurisdictions that recognize copyright laws, the author or authors
|
|
21
|
+
of this software dedicate any and all copyright interest in the
|
|
22
|
+
software to the public domain. We make this dedication for the benefit
|
|
23
|
+
of the public at large and to the detriment of our heirs and
|
|
24
|
+
successors. We intend this dedication to be an overt act of
|
|
25
|
+
relinquishment in perpetuity of all present and future rights to this
|
|
26
|
+
software under copyright law.
|
|
27
|
+
|
|
28
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
|
29
|
+
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
|
30
|
+
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
|
|
31
|
+
IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
|
|
32
|
+
OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
|
|
33
|
+
ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
|
|
34
|
+
OTHER DEALINGS IN THE SOFTWARE.
|
|
35
|
+
|
|
36
|
+
For more information, please refer to <https://unlicense.org>
|
|
37
|
+
"""
|
|
38
|
+
|
|
39
|
+
_cloud_snapshots_endpoints = [
|
|
40
|
+
[
|
|
41
|
+
"ReadDeploymentsCombined",
|
|
42
|
+
"GET",
|
|
43
|
+
"/snapshots/combined/deployments/v1",
|
|
44
|
+
"Retrieve snapshot jobs identified by the provided IDs",
|
|
45
|
+
"cloud_snapshots",
|
|
46
|
+
[
|
|
47
|
+
{
|
|
48
|
+
"type": "string",
|
|
49
|
+
"description": "Search snapshot jobs using a query in Falcon Query Language (FQL). Supported filters: "
|
|
50
|
+
"account_id,asset_identifier,cloud_provider,region,status",
|
|
51
|
+
"name": "filter",
|
|
52
|
+
"in": "query"
|
|
53
|
+
},
|
|
54
|
+
{
|
|
55
|
+
"type": "integer",
|
|
56
|
+
"description": "The upper-bound on the number of records to retrieve.",
|
|
57
|
+
"name": "limit",
|
|
58
|
+
"in": "query"
|
|
59
|
+
},
|
|
60
|
+
{
|
|
61
|
+
"type": "integer",
|
|
62
|
+
"description": "The offset from where to begin.",
|
|
63
|
+
"name": "offset",
|
|
64
|
+
"in": "query"
|
|
65
|
+
},
|
|
66
|
+
{
|
|
67
|
+
"type": "string",
|
|
68
|
+
"description": "The fields to sort the records on. Supported columns: [account_id asset_identifier "
|
|
69
|
+
"cloud_provider instance_type last_updated_timestamp region status]",
|
|
70
|
+
"name": "sort",
|
|
71
|
+
"in": "query"
|
|
72
|
+
}
|
|
73
|
+
]
|
|
74
|
+
],
|
|
75
|
+
[
|
|
76
|
+
"RegisterCspmSnapshotAccount",
|
|
77
|
+
"POST",
|
|
78
|
+
"/snapshots/entities/accounts/v1",
|
|
79
|
+
"Register customer cloud account for snapshot scanning",
|
|
80
|
+
"cloud_snapshots",
|
|
81
|
+
[
|
|
82
|
+
{
|
|
83
|
+
"name": "body",
|
|
84
|
+
"in": "body",
|
|
85
|
+
"required": True
|
|
86
|
+
}
|
|
87
|
+
]
|
|
88
|
+
],
|
|
89
|
+
[
|
|
90
|
+
"ReadDeploymentsEntities",
|
|
91
|
+
"GET",
|
|
92
|
+
"/snapshots/entities/deployments/v1",
|
|
93
|
+
"Retrieve snapshot jobs identified by the provided IDs",
|
|
94
|
+
"cloud_snapshots",
|
|
95
|
+
[
|
|
96
|
+
{
|
|
97
|
+
"type": "array",
|
|
98
|
+
"items": {
|
|
99
|
+
"type": "string"
|
|
100
|
+
},
|
|
101
|
+
"collectionFormat": "csv",
|
|
102
|
+
"description": "Search snapshot jobs by ids - The maximum amount is 100 IDs",
|
|
103
|
+
"name": "ids",
|
|
104
|
+
"in": "query"
|
|
105
|
+
}
|
|
106
|
+
]
|
|
107
|
+
],
|
|
108
|
+
[
|
|
109
|
+
"CreateDeploymentEntity",
|
|
110
|
+
"POST",
|
|
111
|
+
"/snapshots/entities/deployments/v1",
|
|
112
|
+
"Launch a snapshot scan for a given cloud asset",
|
|
113
|
+
"cloud_snapshots",
|
|
114
|
+
[
|
|
115
|
+
{
|
|
116
|
+
"name": "body",
|
|
117
|
+
"in": "body",
|
|
118
|
+
"required": True
|
|
119
|
+
}
|
|
120
|
+
]
|
|
121
|
+
],
|
|
122
|
+
[
|
|
123
|
+
"GetCredentialsMixin0",
|
|
124
|
+
"GET",
|
|
125
|
+
"/snapshots/entities/image-registry-credentials/v1",
|
|
126
|
+
"Gets the registry credentials",
|
|
127
|
+
"cloud_snapshots",
|
|
128
|
+
[]
|
|
129
|
+
],
|
|
130
|
+
[
|
|
131
|
+
"CreateInventory",
|
|
132
|
+
"POST",
|
|
133
|
+
"/snapshots/entities/inventories/v1",
|
|
134
|
+
"Create inventory from data received from snapshot",
|
|
135
|
+
"cloud_snapshots",
|
|
136
|
+
[
|
|
137
|
+
{
|
|
138
|
+
"name": "body",
|
|
139
|
+
"in": "body",
|
|
140
|
+
"required": True
|
|
141
|
+
}
|
|
142
|
+
]
|
|
143
|
+
],
|
|
144
|
+
[
|
|
145
|
+
"GetScanReport",
|
|
146
|
+
"GET",
|
|
147
|
+
"/snapshots/entities/scanreports/v1",
|
|
148
|
+
"retrieve the scan report for an instance",
|
|
149
|
+
"cloud_snapshots",
|
|
150
|
+
[
|
|
151
|
+
{
|
|
152
|
+
"type": "array",
|
|
153
|
+
"items": {
|
|
154
|
+
"type": "string"
|
|
155
|
+
},
|
|
156
|
+
"collectionFormat": "csv",
|
|
157
|
+
"description": "the instance identifiers to fetch the report for",
|
|
158
|
+
"name": "ids",
|
|
159
|
+
"in": "query",
|
|
160
|
+
"required": True
|
|
161
|
+
}
|
|
162
|
+
]
|
|
163
|
+
]
|
|
164
|
+
]
|
|
@@ -37,6 +37,22 @@ For more information, please refer to <https://unlicense.org>
|
|
|
37
37
|
"""
|
|
38
38
|
|
|
39
39
|
_container_alerts_endpoints = [
|
|
40
|
+
[
|
|
41
|
+
"ReadContainerAlertsCountBySeverity",
|
|
42
|
+
"GET",
|
|
43
|
+
"/container-security/aggregates/container-alerts/count-by-severity/v1",
|
|
44
|
+
"Get Container Alerts counts by severity",
|
|
45
|
+
"container_alerts",
|
|
46
|
+
[
|
|
47
|
+
{
|
|
48
|
+
"type": "string",
|
|
49
|
+
"description": "Search Container Alerts using a query in Falcon Query Language (FQL). Supported "
|
|
50
|
+
"filters: cid,container_id,last_seen",
|
|
51
|
+
"name": "filter",
|
|
52
|
+
"in": "query"
|
|
53
|
+
}
|
|
54
|
+
]
|
|
55
|
+
],
|
|
40
56
|
[
|
|
41
57
|
"ReadContainerAlertsCount",
|
|
42
58
|
"GET",
|
|
@@ -47,7 +63,7 @@ _container_alerts_endpoints = [
|
|
|
47
63
|
{
|
|
48
64
|
"type": "string",
|
|
49
65
|
"description": "Search Container Alerts using a query in Falcon Query Language (FQL). Supported "
|
|
50
|
-
"filters: cid,last_seen",
|
|
66
|
+
"filters: cid,container_id,last_seen",
|
|
51
67
|
"name": "filter",
|
|
52
68
|
"in": "query"
|
|
53
69
|
}
|
|
@@ -120,6 +120,42 @@ _container_detections_endpoints = [
|
|
|
120
120
|
}
|
|
121
121
|
]
|
|
122
122
|
],
|
|
123
|
+
[
|
|
124
|
+
"GetRuntimeDetectionsCombinedV2",
|
|
125
|
+
"GET",
|
|
126
|
+
"/container-security/combined/runtime-detections/v2",
|
|
127
|
+
"Retrieve container runtime detections by the provided search criteria",
|
|
128
|
+
"container_detections",
|
|
129
|
+
[
|
|
130
|
+
{
|
|
131
|
+
"type": "string",
|
|
132
|
+
"description": "Filter Container Runtime Detections using a query in Falcon Query Language (FQL). "
|
|
133
|
+
"Supported filters: action_taken,aid,cid,cloud,cluster_name,command_line,computer_name,container_id,detect_tim"
|
|
134
|
+
"estamp,detection_description,detection_id,file_name,file_path,host_id,host_type,image_id,name,namespace,pod_na"
|
|
135
|
+
"me,severity,tactic",
|
|
136
|
+
"name": "filter",
|
|
137
|
+
"in": "query"
|
|
138
|
+
},
|
|
139
|
+
{
|
|
140
|
+
"type": "integer",
|
|
141
|
+
"description": "The upper-bound on the number of records to retrieve.",
|
|
142
|
+
"name": "limit",
|
|
143
|
+
"in": "query"
|
|
144
|
+
},
|
|
145
|
+
{
|
|
146
|
+
"type": "integer",
|
|
147
|
+
"description": "The offset from where to begin.",
|
|
148
|
+
"name": "offset",
|
|
149
|
+
"in": "query"
|
|
150
|
+
},
|
|
151
|
+
{
|
|
152
|
+
"type": "string",
|
|
153
|
+
"description": "The field to sort the records on.",
|
|
154
|
+
"name": "sort",
|
|
155
|
+
"in": "query"
|
|
156
|
+
}
|
|
157
|
+
]
|
|
158
|
+
],
|
|
123
159
|
[
|
|
124
160
|
"ReadDetections",
|
|
125
161
|
"GET",
|
|
@@ -250,8 +250,9 @@ _container_images_endpoints = [
|
|
|
250
250
|
{
|
|
251
251
|
"type": "string",
|
|
252
252
|
"description": "The fields to sort the records on. Supported columns: [base_os cid containers "
|
|
253
|
-
"detections firstScanned first_seen highest_detection_severity
|
|
254
|
-
"image_id last_seen layers_with_vulnerabilities packages registry
|
|
253
|
+
"detections firstScanned first_seen highest_cps_current_rating highest_detection_severity "
|
|
254
|
+
"highest_vulnerability_severity image_digest image_id last_seen layers_with_vulnerabilities packages registry "
|
|
255
|
+
"repository tag vulnerabilities]",
|
|
255
256
|
"name": "sort",
|
|
256
257
|
"in": "query"
|
|
257
258
|
}
|