crowdstrike-falconpy-dev 1.4.3__tar.gz → 1.4.3.dev1__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {crowdstrike-falconpy-dev-1.4.3/src/crowdstrike_falconpy_dev.egg-info → crowdstrike-falconpy-dev-1.4.3.dev1}/PKG-INFO +2 -12
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/dev_setup.py +0 -1
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1/src/crowdstrike_falconpy_dev.egg-info}/PKG-INFO +2 -12
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/crowdstrike_falconpy_dev.egg-info/SOURCES.txt +1 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_auth_object/_falcon_interface.py +88 -128
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_container_images.py +4 -4
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_cspm_registration.py +4 -18
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_d4c_registration.py +0 -14
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_filevantage.py +8 -8
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_kubernetes_protection.py +7 -8
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_message_center.py +2 -2
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_payload/_filevantage.py +1 -7
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_service_class/_service_class.py +1 -21
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_util/__init__.py +2 -2
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_util/_auth.py +0 -45
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_util/_functions.py +8 -15
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_version.py +1 -1
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/cspm_registration.py +0 -61
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/d4c_registration.py +1 -61
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/filevantage.py +44 -78
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/kubernetes_protection.py +0 -4
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/workflows.py +2 -11
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_authentications.py +33 -2
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_container_detections.py +3 -3
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_container_packages.py +1 -1
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_container_vulnerabilities.py +1 -1
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_cspm_registration.py +0 -1
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_d4c_registration.py +1 -2
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_drift_indicators.py +1 -1
- crowdstrike-falconpy-dev-1.4.3.dev1/tests/test_exposure_management.py +45 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_result_object.py +5 -2
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_uber.py +2 -3
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_unidentified_containers.py +1 -1
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_workflows.py +1 -3
- crowdstrike-falconpy-dev-1.4.3.dev1/tests/test_zero_trust_assessment.py +50 -0
- crowdstrike-falconpy-dev-1.4.3/tests/test_zero_trust_assessment.py +0 -82
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/AUTHORS.md +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/LICENSE +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/README.md +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/setup.cfg +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/setup.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/crowdstrike_falconpy_dev.egg-info/dependency_links.txt +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/crowdstrike_falconpy_dev.egg-info/requires.txt +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/crowdstrike_falconpy_dev.egg-info/top_level.txt +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_api_request/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_api_request/_request.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_api_request/_request_behavior.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_api_request/_request_connection.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_api_request/_request_meta.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_api_request/_request_payloads.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_api_request/_request_validator.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_auth_object/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_auth_object/_base_falcon_auth.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_auth_object/_bearer_token.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_auth_object/_interface_config.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_auth_object/_uber_interface.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_constant/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_alerts.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_cloud_connect_aws.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_cloud_snapshots.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_configuration_assessment.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_configuration_assessment_evaluation_logic.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_container_alerts.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_container_detections.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_container_packages.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_container_vulnerabilities.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_custom_ioa.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_custom_storage.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_detects.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_device_control_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_discover.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_drift_indicators.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_event_streams.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_falcon_complete_dashboard.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_falcon_container.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_falconx_sandbox.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_fdr.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_firewall_management.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_firewall_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_foundry_logscale.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_host_group.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_hosts.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_identity_protection.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_image_assessment_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_incidents.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_installation_tokens.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_intel.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_ioa_exclusions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_ioc.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_iocs.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_malquery.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_ml_exclusions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_mobile_enrollment.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_mssp.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_oauth2.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_ods.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_overwatch_dashboard.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_prevention_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_quarantine.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_quick_scan.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_real_time_response.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_real_time_response_admin.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_real_time_response_audit.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_recon.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_report_executions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_response_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_sample_uploads.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_scheduled_reports.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_sensor_download.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_sensor_update_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_sensor_visibility_exclusions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_spotlight_evaluation_logic.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_spotlight_vulnerabilities.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_tailored_intelligence.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_unidentified_containers.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_user_management.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_workflows.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/_zero_trust_assessment.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/deprecated/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/deprecated/_custom_ioa.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/deprecated/_d4c_registration.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/deprecated/_discover.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/deprecated/_fdr.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/deprecated/_firewall_management.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/deprecated/_hosts.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/deprecated/_identity_protection.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/deprecated/_installation_tokens.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/deprecated/_ioc.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/deprecated/_iocs.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/deprecated/_mapping.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/deprecated/_ods.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/deprecated/_real_time_response.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/deprecated/_real_time_response_admin.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/deprecated/_report_executions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/deprecated/_scheduled_reports.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_endpoint/deprecated/_zero_trust_assessment.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_enum/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_enum/_base_url.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_enum/_container_base_url.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_enum/_token_fail_reason.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_error/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_error/_exceptions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_error/_warnings.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_log/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_log/_facility.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_payload/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_payload/_alerts.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_payload/_cloud_connect_aws.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_payload/_cloud_snapshots.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_payload/_container.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_payload/_cspm_registration.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_payload/_d4c_registration.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_payload/_detects.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_payload/_device_control_policy.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_payload/_falconx.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_payload/_firewall.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_payload/_foundry.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_payload/_generic.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_payload/_host_group.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_payload/_incidents.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_payload/_ioa.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_payload/_ioc.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_payload/_malquery.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_payload/_message_center.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_payload/_mssp.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_payload/_ods.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_payload/_prevention_policy.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_payload/_real_time_response.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_payload/_recon.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_payload/_reports.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_payload/_response_policy.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_payload/_sample_uploads.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_payload/_sensor_update_policy.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_payload/_workflows.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_result/__base_resource.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_result/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_result/_base_dictionary.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_result/_errors.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_result/_expanded_result.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_result/_headers.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_result/_meta.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_result/_resources.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_result/_response_component.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_result/_result.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_service_class/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_service_class/_base_service_class.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_util/_service.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/_util/_uber.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/alerts.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/api_complete/__init__.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/api_complete/_advanced.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/api_complete/_legacy.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/cloud_connect_aws.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/cloud_snapshots.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/configuration_assessment.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/configuration_assessment_evaluation_logic.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/container_alerts.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/container_detections.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/container_images.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/container_packages.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/container_vulnerabilities.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/custom_ioa.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/custom_storage.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/debug.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/detects.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/device_control_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/discover.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/drift_indicators.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/event_streams.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/falcon_complete_dashboard.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/falcon_container.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/falconx_sandbox.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/fdr.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/firewall_management.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/firewall_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/foundry_logscale.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/host_group.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/hosts.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/identity_protection.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/image_assessment_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/incidents.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/installation_tokens.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/intel.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/ioa_exclusions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/ioc.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/iocs.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/malquery.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/message_center.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/ml_exclusions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/mobile_enrollment.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/mssp.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/oauth2.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/ods.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/overwatch_dashboard.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/prevention_policy.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/quarantine.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/quick_scan.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/real_time_response.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/real_time_response_admin.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/real_time_response_audit.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/recon.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/report_executions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/response_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/sample_uploads.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/scheduled_reports.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/sensor_download.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/sensor_update_policy.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/sensor_visibility_exclusions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/spotlight_evaluation_logic.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/spotlight_vulnerabilities.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/tailored_intelligence.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/unidentified_containers.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/user_management.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/src/falconpydev/zero_trust_assessment.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_alerts.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_api_request.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_authorization.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_cloud_connect_aws.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_cloud_snapshots.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_configuration_assessment.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_configuration_assessment_evaluation_logic.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_container_alerts.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_container_images.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_custom_ioa.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_custom_storage.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_detects.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_device_control_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_discover.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_event_streams.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_falcon_complete_dashboard.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_falcon_container.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_falconx_sandbox.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_fdr.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_filevantage.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_firewall_management.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_firewall_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_foundry_logscale.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_host_group.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_hosts.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_identity_protection.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_image_assessment_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_incidents.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_installation_tokens.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_intel.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_ioa_exclusions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_ioc.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_iocs.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_kubernetes_protection.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_malquery.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_message_center.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_ml_exclusions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_mobile_enrollment.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_mssp.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_ods.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_overwatch_dashboard.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_prevention_policy.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_quarantine.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_quick_scan.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_real_time_response.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_real_time_response_admin.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_real_time_response_audit.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_recon.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_report_executions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_response_policies.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_sample_uploads.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_scheduled_reports.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_sensor_download.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_sensor_update_policy.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_sensor_visibility_exclusions.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_service_class.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_spotlight_evaluation_logic.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_spotlight_vulnerabilities.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_tailored_intelligence.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_timeout.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_uber_api_complete.py +0 -0
- {crowdstrike-falconpy-dev-1.4.3 → crowdstrike-falconpy-dev-1.4.3.dev1}/tests/test_user_management.py +0 -0
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.1
|
|
2
2
|
Name: crowdstrike-falconpy-dev
|
|
3
|
-
Version: 1.4.3
|
|
3
|
+
Version: 1.4.3.dev1
|
|
4
4
|
Summary: The CrowdStrike Falcon SDK for Python 3
|
|
5
5
|
Home-page: https://github.com/CrowdStrike/falconpy
|
|
6
6
|
Author: CrowdStrike
|
|
@@ -27,7 +27,6 @@ Classifier: Programming Language :: Python :: 3.7
|
|
|
27
27
|
Classifier: Programming Language :: Python :: 3.8
|
|
28
28
|
Classifier: Programming Language :: Python :: 3.9
|
|
29
29
|
Classifier: Programming Language :: Python :: 3.10
|
|
30
|
-
Classifier: Programming Language :: Python :: 3.11
|
|
31
30
|
Classifier: Framework :: Flake8
|
|
32
31
|
Classifier: License :: OSI Approved :: The Unlicense (Unlicense)
|
|
33
32
|
Classifier: Topic :: Security
|
|
@@ -36,18 +35,9 @@ Classifier: Topic :: System :: Systems Administration
|
|
|
36
35
|
Classifier: Topic :: Utilities
|
|
37
36
|
Requires-Python: >=3.6
|
|
38
37
|
Description-Content-Type: text/markdown
|
|
38
|
+
Provides-Extra: dev
|
|
39
39
|
License-File: LICENSE
|
|
40
40
|
License-File: AUTHORS.md
|
|
41
|
-
Requires-Dist: requests
|
|
42
|
-
Requires-Dist: urllib3
|
|
43
|
-
Provides-Extra: dev
|
|
44
|
-
Requires-Dist: flake8; extra == "dev"
|
|
45
|
-
Requires-Dist: coverage; extra == "dev"
|
|
46
|
-
Requires-Dist: pydocstyle; extra == "dev"
|
|
47
|
-
Requires-Dist: pylint; extra == "dev"
|
|
48
|
-
Requires-Dist: pytest-cov; extra == "dev"
|
|
49
|
-
Requires-Dist: pytest; extra == "dev"
|
|
50
|
-
Requires-Dist: bandit; extra == "dev"
|
|
51
41
|
|
|
52
42
|
|
|
53
43
|
|
|
@@ -153,7 +153,6 @@ setup(
|
|
|
153
153
|
"Programming Language :: Python :: 3.8",
|
|
154
154
|
"Programming Language :: Python :: 3.9",
|
|
155
155
|
"Programming Language :: Python :: 3.10",
|
|
156
|
-
"Programming Language :: Python :: 3.11",
|
|
157
156
|
"Framework :: Flake8",
|
|
158
157
|
"License :: OSI Approved :: The Unlicense (Unlicense)",
|
|
159
158
|
"Topic :: Security",
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.1
|
|
2
2
|
Name: crowdstrike-falconpy-dev
|
|
3
|
-
Version: 1.4.3
|
|
3
|
+
Version: 1.4.3.dev1
|
|
4
4
|
Summary: The CrowdStrike Falcon SDK for Python 3
|
|
5
5
|
Home-page: https://github.com/CrowdStrike/falconpy
|
|
6
6
|
Author: CrowdStrike
|
|
@@ -27,7 +27,6 @@ Classifier: Programming Language :: Python :: 3.7
|
|
|
27
27
|
Classifier: Programming Language :: Python :: 3.8
|
|
28
28
|
Classifier: Programming Language :: Python :: 3.9
|
|
29
29
|
Classifier: Programming Language :: Python :: 3.10
|
|
30
|
-
Classifier: Programming Language :: Python :: 3.11
|
|
31
30
|
Classifier: Framework :: Flake8
|
|
32
31
|
Classifier: License :: OSI Approved :: The Unlicense (Unlicense)
|
|
33
32
|
Classifier: Topic :: Security
|
|
@@ -36,18 +35,9 @@ Classifier: Topic :: System :: Systems Administration
|
|
|
36
35
|
Classifier: Topic :: Utilities
|
|
37
36
|
Requires-Python: >=3.6
|
|
38
37
|
Description-Content-Type: text/markdown
|
|
38
|
+
Provides-Extra: dev
|
|
39
39
|
License-File: LICENSE
|
|
40
40
|
License-File: AUTHORS.md
|
|
41
|
-
Requires-Dist: requests
|
|
42
|
-
Requires-Dist: urllib3
|
|
43
|
-
Provides-Extra: dev
|
|
44
|
-
Requires-Dist: flake8; extra == "dev"
|
|
45
|
-
Requires-Dist: coverage; extra == "dev"
|
|
46
|
-
Requires-Dist: pydocstyle; extra == "dev"
|
|
47
|
-
Requires-Dist: pylint; extra == "dev"
|
|
48
|
-
Requires-Dist: pytest-cov; extra == "dev"
|
|
49
|
-
Requires-Dist: pytest; extra == "dev"
|
|
50
|
-
Requires-Dist: bandit; extra == "dev"
|
|
51
41
|
|
|
52
42
|
|
|
53
43
|
|
|
@@ -260,6 +260,7 @@ tests/test_device_control_policies.py
|
|
|
260
260
|
tests/test_discover.py
|
|
261
261
|
tests/test_drift_indicators.py
|
|
262
262
|
tests/test_event_streams.py
|
|
263
|
+
tests/test_exposure_management.py
|
|
263
264
|
tests/test_falcon_complete_dashboard.py
|
|
264
265
|
tests/test_falcon_container.py
|
|
265
266
|
tests/test_falconx_sandbox.py
|
|
@@ -42,6 +42,11 @@ import time
|
|
|
42
42
|
import os
|
|
43
43
|
import warnings
|
|
44
44
|
from contextvars import copy_context
|
|
45
|
+
from json import loads
|
|
46
|
+
try:
|
|
47
|
+
from simplejson import JSONDecodeError
|
|
48
|
+
except (ImportError, ModuleNotFoundError): # Support import as a module
|
|
49
|
+
from json.decoder import JSONDecodeError
|
|
45
50
|
from logging import Logger, getLogger
|
|
46
51
|
from typing import Dict, Optional, Union
|
|
47
52
|
from ._base_falcon_auth import BaseFalconAuth
|
|
@@ -52,23 +57,21 @@ from ._interface_config import InterfaceConfiguration
|
|
|
52
57
|
from .._enum import TokenFailReason
|
|
53
58
|
from .._util import (
|
|
54
59
|
autodiscover_region,
|
|
55
|
-
confirm_base_url,
|
|
56
60
|
perform_request,
|
|
57
61
|
log_class_startup,
|
|
58
62
|
login_payloads,
|
|
59
|
-
logout_payloads
|
|
60
|
-
review_provided_credentials
|
|
63
|
+
logout_payloads
|
|
61
64
|
)
|
|
62
|
-
from .._error import InvalidCredentials, NoAuthenticationMechanism
|
|
65
|
+
from .._error import InvalidCredentials, NoAuthenticationMechanism, InvalidCredentialFormat
|
|
63
66
|
|
|
64
67
|
|
|
65
|
-
# pylint: disable=R0902
|
|
68
|
+
# pylint: disable=R0902
|
|
66
69
|
class FalconInterface(BaseFalconAuth):
|
|
67
70
|
"""Standard Falcon API interface used by Service Classes."""
|
|
68
71
|
|
|
69
|
-
#
|
|
70
|
-
# |
|
|
71
|
-
# |
|
|
72
|
+
# ____ ____ _ _ ____ ___ ____ _ _ ____ ___ ____ ____
|
|
73
|
+
# | | | |\ | [__ | |__/ | | | | | | |__/
|
|
74
|
+
# |___ |__| | \| ___] | | \ |__| |___ | |__| | \
|
|
72
75
|
#
|
|
73
76
|
# The default constructor for all authentication objects. Ingests provided credentials
|
|
74
77
|
# and sets the necessary class attributes based upon the authentication detail received.
|
|
@@ -97,6 +100,12 @@ class FalconInterface(BaseFalconAuth):
|
|
|
97
100
|
if isinstance(pythonic, bool):
|
|
98
101
|
self._pythonic = pythonic
|
|
99
102
|
|
|
103
|
+
# The default credential dictionary, where the client_id and client_secret are stored.
|
|
104
|
+
self._creds = {}
|
|
105
|
+
|
|
106
|
+
# Set up an empty Bearer Token container
|
|
107
|
+
self._token: BearerToken = BearerToken()
|
|
108
|
+
|
|
100
109
|
# Setup our configuration object using the provided keywords.
|
|
101
110
|
self._config: InterfaceConfiguration = InterfaceConfiguration(base_url=base_url,
|
|
102
111
|
proxy=proxy,
|
|
@@ -107,80 +116,53 @@ class FalconInterface(BaseFalconAuth):
|
|
|
107
116
|
# ____ _ _ ___ _ _ ____ _ _ ___ _ ____ ____ ___ _ ____ _ _ |
|
|
108
117
|
# |__| | | | |__| |___ |\ | | | | |__| | | | | |\ | / \
|
|
109
118
|
# | | |__| | | | |___ | \| | | |___ | | | | |__| | \|
|
|
110
|
-
#
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
#
|
|
123
|
-
|
|
124
|
-
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
|
|
119
|
+
# Direct Authentication
|
|
120
|
+
if client_id and client_secret and not creds:
|
|
121
|
+
creds = {
|
|
122
|
+
"client_id": client_id,
|
|
123
|
+
"client_secret": client_secret
|
|
124
|
+
}
|
|
125
|
+
# You must pass member_cid the same way you pass client_id / secret.
|
|
126
|
+
# If you use a creds dictionary, pass the member_cid there instead.
|
|
127
|
+
if member_cid:
|
|
128
|
+
creds["member_cid"] = member_cid
|
|
129
|
+
elif not creds:
|
|
130
|
+
creds = {}
|
|
131
|
+
# Credential Authentication (also powers Direct Authentication).
|
|
132
|
+
if isinstance(creds, str):
|
|
133
|
+
try:
|
|
134
|
+
# Try and clean up any attempts to provide the dictionary as a string
|
|
135
|
+
self._creds: Dict[str, str] = loads(creds.replace("'", "\""))
|
|
136
|
+
except (TypeError, JSONDecodeError) as bad_cred_format:
|
|
137
|
+
raise InvalidCredentialFormat from bad_cred_format
|
|
138
|
+
elif isinstance(creds, dict):
|
|
139
|
+
self._creds: Dict[str, str] = creds
|
|
140
|
+
else:
|
|
141
|
+
raise InvalidCredentialFormat
|
|
142
|
+
|
|
143
|
+
# Legacy (Token) Authentication (fallback)
|
|
144
|
+
if access_token:
|
|
145
|
+
# Store this non-refreshable token, assuming it was just generated.
|
|
146
|
+
self._token: BearerToken = BearerToken(access_token, 1799, 201)
|
|
147
|
+
|
|
148
|
+
# Foundry authentication
|
|
149
|
+
ctx = copy_context()
|
|
150
|
+
for cvar in ctx.values():
|
|
151
|
+
try:
|
|
152
|
+
self._token: BearerToken = BearerToken(cvar.access_token, 1799, 201)
|
|
153
|
+
break
|
|
154
|
+
except AttributeError:
|
|
155
|
+
pass
|
|
156
|
+
|
|
157
|
+
# Set the token renewal window, ignored when using Legacy Authentication.
|
|
158
|
+
self.renew_window: int = max(min(renew_window, MAX_TOKEN_RENEW_WINDOW),
|
|
159
|
+
MIN_TOKEN_RENEW_WINDOW
|
|
160
|
+
)
|
|
129
161
|
|
|
130
|
-
#
|
|
131
|
-
#
|
|
132
|
-
# |__/ | | \ |___ |___ | | | | \| |__/ |___ | \ |___ |__/ |___ | \| | | | | |___
|
|
133
|
-
#
|
|
134
|
-
# Direct Authentication checks provided values and return a creds dictionary based upon the contents.
|
|
135
|
-
# Authorization is derived from the bearer token generated using the provided credentials.
|
|
136
|
-
self._creds, self._auth_style = review_provided_credentials(client_id, client_secret, creds, member_cid)
|
|
137
|
-
|
|
138
|
-
# ___ ____ _ _ ____ _ _
|
|
139
|
-
# | | | |_/ |___ |\ |
|
|
140
|
-
# | |__| | \_ |___ | \|
|
|
141
|
-
#
|
|
142
|
-
# Token (Legacy) Authentication
|
|
143
|
-
# Authorization is derived from the provided bearer token.
|
|
144
|
-
# A login event is unnecessary when using this authentication mechanism.
|
|
145
|
-
if not self.cred_format_valid:
|
|
146
|
-
if access_token:
|
|
147
|
-
# Store this non-refreshable token, assuming it was just generated.
|
|
148
|
-
self._token: BearerToken = BearerToken(access_token, 1799, 201)
|
|
149
|
-
self._auth_style = "TOKEN"
|
|
150
|
-
|
|
151
|
-
# ____ ____ _ _ ___ ____ _ _ ___
|
|
152
|
-
# | | | |\ | | |___ \/ |
|
|
153
|
-
# |___ |__| | \| | |___ _/\_ |
|
|
154
|
-
#
|
|
155
|
-
# Context Authentication searches the current running context for
|
|
156
|
-
# an object containing a bearer token as an attribute or property.
|
|
157
|
-
# Authorization is derived from the discovered bearer token.
|
|
158
|
-
# A login event is unnecessary when using this authentication mechanism.
|
|
159
|
-
if not self.cred_format_valid and not self.token_value:
|
|
160
|
-
for cvar in copy_context().values():
|
|
161
|
-
try:
|
|
162
|
-
# Any object is acceptable as long as it has an attribute or property named "access_token".
|
|
163
|
-
self._token: BearerToken = BearerToken(cvar.access_token, 1799, 201)
|
|
164
|
-
# Attempt to retrieve the cloud region from the same object.
|
|
165
|
-
# Fall back to our previously set default on failure.
|
|
166
|
-
try:
|
|
167
|
-
if cvar.cs_cloud:
|
|
168
|
-
self._config.base_url = confirm_base_url(cvar.cs_cloud)
|
|
169
|
-
except AttributeError:
|
|
170
|
-
pass
|
|
171
|
-
self._auth_style = "CONTEXT"
|
|
172
|
-
break
|
|
173
|
-
except AttributeError:
|
|
174
|
-
pass
|
|
175
|
-
|
|
176
|
-
# ____ _ _ _ _ _ ____ ____ _ _ _ _ ____ _ _ ___
|
|
177
|
-
# |___ |\ | | | | |__/ | | |\ | |\/| |___ |\ | |
|
|
178
|
-
# |___ | \| \/ | | \ |__| | \| | | |___ | \| |
|
|
179
|
-
#
|
|
180
|
-
# Environment Authentication searches the current environment for variables containing credentials.
|
|
181
|
-
# Authorization is derived from the bearer token generated using the discovered credentials.
|
|
182
|
-
# Developers may customize which variable names are searched by leveraging the environment keyword (dictionary).
|
|
162
|
+
# Environment Authentication
|
|
163
|
+
# User configuration environment keys
|
|
183
164
|
self._environment = environment if environment else {}
|
|
165
|
+
# When credentials are not provided, attempt to retrieve them from the environment.
|
|
184
166
|
if not self.cred_format_valid and not self.token_value:
|
|
185
167
|
# Both variables must be present within the running environment.
|
|
186
168
|
if os.getenv(f"{self.env_prefix}{self.env_key}") and os.getenv(f"{self.env_prefix}{self.env_secret}"):
|
|
@@ -196,17 +178,7 @@ class FalconInterface(BaseFalconAuth):
|
|
|
196
178
|
# Provide member_cid for MSSP environment authentication scenarios. Issue #1105.
|
|
197
179
|
if member_cid:
|
|
198
180
|
self._creds["member_cid"] = member_cid
|
|
199
|
-
self._auth_style = "ENVIRONMENT"
|
|
200
181
|
|
|
201
|
-
# Set the token renewal window, ignored when using Legacy or Context Authentication.
|
|
202
|
-
self.renew_window: int = max(min(renew_window, MAX_TOKEN_RENEW_WINDOW),
|
|
203
|
-
MIN_TOKEN_RENEW_WINDOW
|
|
204
|
-
)
|
|
205
|
-
|
|
206
|
-
# _ ____ ____ ____ _ _ _ ____
|
|
207
|
-
# | | | | __ | __ | |\ | | __
|
|
208
|
-
# |___ |__| |__] |__] | | \| |__]
|
|
209
|
-
#
|
|
210
182
|
# Log the creation of this object if debugging is enabled.
|
|
211
183
|
# Starting with v1.3.0 minimal Python native logging is available. In order to reduce
|
|
212
184
|
# potential impacts to developer configurations, this facility is extremely limited
|
|
@@ -228,25 +200,18 @@ class FalconInterface(BaseFalconAuth):
|
|
|
228
200
|
# Set up an empty log facility
|
|
229
201
|
self._log: LogFacility = LogFacility()
|
|
230
202
|
|
|
231
|
-
# _ _ ____ _ _ ___ ____ ___ ____
|
|
232
|
-
# | | |__| | | | \ |__| | |___
|
|
233
|
-
# \/ | | |___ | |__/ | | | |___
|
|
234
|
-
#
|
|
235
|
-
# Validation occurs after the logging object is created.
|
|
236
203
|
try:
|
|
237
|
-
# Check to see if we have a valid authentication mechanism configured.
|
|
238
204
|
if not self.cred_format_valid and not self.token_value:
|
|
239
205
|
raise NoAuthenticationMechanism
|
|
240
206
|
except NoAuthenticationMechanism as no_auth_mechanism:
|
|
241
|
-
# Warn appropriately if we do not.
|
|
242
207
|
if pythonic:
|
|
243
208
|
warnings.warn(no_auth_mechanism.message, NoAuthenticationMechanism, stacklevel=2)
|
|
244
209
|
if self.log:
|
|
245
210
|
self.log.warning(no_auth_mechanism.message)
|
|
246
211
|
|
|
247
|
-
#
|
|
248
|
-
#
|
|
249
|
-
#
|
|
212
|
+
# _ _ ____ ___ _ _ ____ ___ ____
|
|
213
|
+
# |\/| |___ | |__| | | | \ [__
|
|
214
|
+
# | | |___ | | | |__| |__/ ___]
|
|
250
215
|
#
|
|
251
216
|
# The generic login and logout handlers are provided here and leverage private methods
|
|
252
217
|
# to perform the operation. These private methods can be overridden to provide individual
|
|
@@ -346,9 +311,9 @@ class FalconInterface(BaseFalconAuth):
|
|
|
346
311
|
|
|
347
312
|
return returned
|
|
348
313
|
|
|
349
|
-
#
|
|
350
|
-
# |
|
|
351
|
-
# |
|
|
314
|
+
# ___ ____ ____ ___ ____ ____ ___ _ ____ ____
|
|
315
|
+
# |__] |__/ | | |__] |___ |__/ | | |___ [__
|
|
316
|
+
# | | \ |__| | |___ | \ | | |___ ___]
|
|
352
317
|
#
|
|
353
318
|
# These properties are present in all FalconInterface derivatives.
|
|
354
319
|
@property
|
|
@@ -374,47 +339,47 @@ class FalconInterface(BaseFalconAuth):
|
|
|
374
339
|
@property
|
|
375
340
|
def base_url(self) -> str:
|
|
376
341
|
"""Return the base URL for this interface from the configuration object."""
|
|
377
|
-
return self.
|
|
342
|
+
return self._config.base_url
|
|
378
343
|
|
|
379
344
|
@base_url.setter
|
|
380
345
|
def base_url(self, value):
|
|
381
|
-
self.
|
|
346
|
+
self._config.base_url = value
|
|
382
347
|
|
|
383
348
|
@property
|
|
384
349
|
def ssl_verify(self) -> bool:
|
|
385
350
|
"""Return the SSL verification setting from the configuration object."""
|
|
386
|
-
return self.
|
|
351
|
+
return self._config.ssl_verify
|
|
387
352
|
|
|
388
353
|
@ssl_verify.setter
|
|
389
354
|
def ssl_verify(self, value: bool):
|
|
390
|
-
self.
|
|
355
|
+
self._config.ssl_verify = value
|
|
391
356
|
|
|
392
357
|
@property
|
|
393
358
|
def proxy(self) -> Dict[str, str]:
|
|
394
359
|
"""Return the current proxy setting."""
|
|
395
|
-
return self.
|
|
360
|
+
return self._config.proxy
|
|
396
361
|
|
|
397
362
|
@proxy.setter
|
|
398
363
|
def proxy(self, value: Dict[str, str]):
|
|
399
|
-
self.
|
|
364
|
+
self._config.proxy = value
|
|
400
365
|
|
|
401
366
|
@property
|
|
402
367
|
def user_agent(self) -> str:
|
|
403
368
|
"""Return the current user agent setting."""
|
|
404
|
-
return self.
|
|
369
|
+
return self._config.user_agent
|
|
405
370
|
|
|
406
371
|
@user_agent.setter
|
|
407
372
|
def user_agent(self, value: str):
|
|
408
|
-
self.
|
|
373
|
+
self._config.user_agent = value
|
|
409
374
|
|
|
410
375
|
@property
|
|
411
376
|
def timeout(self) -> Union[int, tuple]:
|
|
412
377
|
"""Return the current timeout setting."""
|
|
413
|
-
return self.
|
|
378
|
+
return self._config.timeout
|
|
414
379
|
|
|
415
380
|
@timeout.setter
|
|
416
381
|
def timeout(self, value: Union[int, tuple]):
|
|
417
|
-
self.
|
|
382
|
+
self._config.timeout = value
|
|
418
383
|
|
|
419
384
|
@property
|
|
420
385
|
def debug_record_count(self) -> int:
|
|
@@ -499,16 +464,6 @@ class FalconInterface(BaseFalconAuth):
|
|
|
499
464
|
def token_value(self, value: str):
|
|
500
465
|
self.bearer_token.value = value
|
|
501
466
|
|
|
502
|
-
@property
|
|
503
|
-
def pythonic(self) -> bool:
|
|
504
|
-
"""Return a boolean if we are in a pythonic mode."""
|
|
505
|
-
return self._pythonic
|
|
506
|
-
|
|
507
|
-
@pythonic.setter
|
|
508
|
-
def pythonic(self, value: bool):
|
|
509
|
-
"""Enable or disable pythonic mode."""
|
|
510
|
-
self._pythonic = value
|
|
511
|
-
|
|
512
467
|
# All properties defined here are by design IMMUTABLE.
|
|
513
468
|
@property
|
|
514
469
|
def refreshable(self) -> bool:
|
|
@@ -559,6 +514,16 @@ class FalconInterface(BaseFalconAuth):
|
|
|
559
514
|
"""Return a boolean if we are in a debug mode."""
|
|
560
515
|
return bool(self.log)
|
|
561
516
|
|
|
517
|
+
@property
|
|
518
|
+
def pythonic(self) -> bool:
|
|
519
|
+
"""Return a boolean if we are in a pythonic mode."""
|
|
520
|
+
return self._pythonic
|
|
521
|
+
|
|
522
|
+
@pythonic.setter
|
|
523
|
+
def pythonic(self, value: bool):
|
|
524
|
+
"""Enable or disable pythonic mode."""
|
|
525
|
+
self._pythonic = value
|
|
526
|
+
|
|
562
527
|
@property
|
|
563
528
|
def env_prefix(self) -> str:
|
|
564
529
|
"""Return the environment prefix."""
|
|
@@ -573,8 +538,3 @@ class FalconInterface(BaseFalconAuth):
|
|
|
573
538
|
def env_secret(self) -> str:
|
|
574
539
|
"""Return the environment API key secret."""
|
|
575
540
|
return self._environment.get("secret_name", "CLIENT_SECRET")
|
|
576
|
-
|
|
577
|
-
@property
|
|
578
|
-
def auth_style(self) -> str:
|
|
579
|
-
"""Return the authentication mechanism used to instantiate this object."""
|
|
580
|
-
return self._auth_style
|
|
@@ -249,10 +249,10 @@ _container_images_endpoints = [
|
|
|
249
249
|
},
|
|
250
250
|
{
|
|
251
251
|
"type": "string",
|
|
252
|
-
"description": "The fields to sort the records on. Supported columns: [base_os cid
|
|
253
|
-
"firstScanned first_seen highest_cps_current_rating highest_detection_severity
|
|
254
|
-
"image_digest image_id last_seen layers_with_vulnerabilities packages registry
|
|
255
|
-
"vulnerabilities]",
|
|
252
|
+
"description": "The fields to sort the records on. Supported columns: [base_os cid containers "
|
|
253
|
+
"detections firstScanned first_seen highest_cps_current_rating highest_detection_severity "
|
|
254
|
+
"highest_vulnerability_severity image_digest image_id last_seen layers_with_vulnerabilities packages registry "
|
|
255
|
+
"repository tag vulnerabilities]",
|
|
256
256
|
"name": "sort",
|
|
257
257
|
"in": "query"
|
|
258
258
|
}
|
|
@@ -767,20 +767,6 @@ _cspm_registration_endpoints = [
|
|
|
767
767
|
}
|
|
768
768
|
]
|
|
769
769
|
],
|
|
770
|
-
[
|
|
771
|
-
"UpdateCSPMGCPServiceAccountsExt",
|
|
772
|
-
"PATCH",
|
|
773
|
-
"/cloud-connect-cspm-gcp/entities/service-accounts/v1",
|
|
774
|
-
"Patches the service account key for external clients.",
|
|
775
|
-
"cspm_registration",
|
|
776
|
-
[
|
|
777
|
-
{
|
|
778
|
-
"name": "body",
|
|
779
|
-
"in": "body",
|
|
780
|
-
"required": True
|
|
781
|
-
}
|
|
782
|
-
]
|
|
783
|
-
],
|
|
784
770
|
[
|
|
785
771
|
"ValidateCSPMGCPServiceAccountExt",
|
|
786
772
|
"POST",
|
|
@@ -1175,10 +1161,10 @@ _cspm_registration_endpoints = [
|
|
|
1175
1161
|
[
|
|
1176
1162
|
{
|
|
1177
1163
|
"type": "string",
|
|
1178
|
-
"description": "use_current_scan_ids - *use this to get records for latest scans
|
|
1179
|
-
"
|
|
1180
|
-
"
|
|
1181
|
-
"
|
|
1164
|
+
"description": "Available filters: use_current_scan_ids - *use this to get records for latest scans*\n "
|
|
1165
|
+
"account_name\naccount_id\nagent_id\nattack_types\nazure_subscription_id\ncloud_provider\ncloud_service_keyword "
|
|
1166
|
+
"\ncustom_policy_id\nis_managed\npolicy_id\npolicy_type\nresource_id\nregion\nstatus\nscan_time\nseverity\nseve "
|
|
1167
|
+
"rity_string\n",
|
|
1182
1168
|
"name": "filter",
|
|
1183
1169
|
"in": "query"
|
|
1184
1170
|
},
|
|
@@ -541,20 +541,6 @@ _d4c_registration_endpoints = [
|
|
|
541
541
|
}
|
|
542
542
|
]
|
|
543
543
|
],
|
|
544
|
-
[
|
|
545
|
-
"UpdateD4CGCPServiceAccountsExt",
|
|
546
|
-
"PATCH",
|
|
547
|
-
"/cloud-connect-gcp/entities/service-accounts/v1",
|
|
548
|
-
"Patches the service account key for external clients.",
|
|
549
|
-
"d4c_registration",
|
|
550
|
-
[
|
|
551
|
-
{
|
|
552
|
-
"name": "body",
|
|
553
|
-
"in": "body",
|
|
554
|
-
"required": True
|
|
555
|
-
}
|
|
556
|
-
]
|
|
557
|
-
],
|
|
558
544
|
[
|
|
559
545
|
"GetD4CGCPUserScriptsAttachment",
|
|
560
546
|
"GET",
|
|
@@ -445,10 +445,10 @@ _filevantage_endpoints = [
|
|
|
445
445
|
" be monitored. Listed files must match the file include pattern and not match the file exclude pattern\n\n * "
|
|
446
446
|
"`content_registry_values` represents the registry values whose content will be monitored. Listed registry "
|
|
447
447
|
"values must match the registry include pattern and not match the registry exclude pattern\n\n * "
|
|
448
|
-
"`enable_content_capture`\n\
|
|
449
|
-
"`
|
|
450
|
-
"`
|
|
451
|
-
"
|
|
448
|
+
"`enable_content_capture`\n\nFile system directory monitoring:\n\n * `watch_delete_directory_changes`\n\n * "
|
|
449
|
+
"`watch_create_directory_changes`\n\n * `watch_rename_directory_changes`\n\n * "
|
|
450
|
+
"`watch_attributes_directory_changes` (`macOS` is not supported at this time)\n\n * "
|
|
451
|
+
"`watch_permissions_directory_changes` (`macOS` is not supported at this time)\n\nFile system file "
|
|
452
452
|
"monitoring:\n\n * `watch_rename_file_changes`\n\n * `watch_write_file_changes`\n\n * "
|
|
453
453
|
"`watch_create_file_changes`\n\n * `watch_delete_file_changes`\n\n * `watch_attributes_file_changes` (`macOS` "
|
|
454
454
|
"is not supported at this time)\n\n * `watch_permissions_file_changes` (`macOS` is not supported at this "
|
|
@@ -488,10 +488,10 @@ _filevantage_endpoints = [
|
|
|
488
488
|
"files that will be monitored. Listed files must match the file include pattern and not match the file exclude "
|
|
489
489
|
"pattern\n\n * `content_registry_values` represents the registry values whose content will be monitored. Listed "
|
|
490
490
|
" registry values must match the registry include pattern and not match the registry exclude pattern\n\n * "
|
|
491
|
-
"`enable_content_capture`\n\
|
|
492
|
-
"`
|
|
493
|
-
"`
|
|
494
|
-
"
|
|
491
|
+
"`enable_content_capture`\n\nFile system directory monitoring:\n\n * `watch_delete_directory_changes`\n\n * "
|
|
492
|
+
"`watch_create_directory_changes`\n\n * `watch_rename_directory_changes`\n\n * "
|
|
493
|
+
"`watch_attributes_directory_changes` (`macOS` is not supported at this time)\n\n * "
|
|
494
|
+
"`watch_permissions_directory_changes` (`macOS` is not supported at this time)\n\nFile system file "
|
|
495
495
|
"monitoring:\n\n * `watch_rename_file_changes`\n\n * `watch_write_file_changes`\n\n * "
|
|
496
496
|
"`watch_create_file_changes`\n\n * `watch_delete_file_changes`\n\n * `watch_attributes_file_changes` (`macOS` "
|
|
497
497
|
"is not supported at this time)\n\n * `watch_permissions_file_changes` (`macOS` is not supported at this "
|
|
@@ -57,8 +57,8 @@ _kubernetes_protection_endpoints = [
|
|
|
57
57
|
"type": "string",
|
|
58
58
|
"description": "Retrieve count of Kubernetes clusters that match a query in Falcon Query Language "
|
|
59
59
|
"(FQL). Supported filters: access,agent_status,cid,cloud_account_id,cloud_name,cloud_region,cluster_id,cluster"
|
|
60
|
-
"_name,cluster_status,container_count,
|
|
61
|
-
"
|
|
60
|
+
"_name,cluster_status,container_count,kubernetes_version,last_seen, management_status, node_count, pod_count, "
|
|
61
|
+
"tags",
|
|
62
62
|
"name": "filter",
|
|
63
63
|
"in": "query"
|
|
64
64
|
}
|
|
@@ -75,8 +75,8 @@ _kubernetes_protection_endpoints = [
|
|
|
75
75
|
"type": "string",
|
|
76
76
|
"description": "Retrieve count of Kubernetes clusters that match a query in Falcon Query Language "
|
|
77
77
|
"(FQL). Supported filters: access,agent_status,cid,cloud_account_id,cloud_name,cloud_region,cluster_id,cluster"
|
|
78
|
-
"_name,cluster_status,container_count,
|
|
79
|
-
"
|
|
78
|
+
"_name,cluster_status,container_count,kubernetes_version,last_seen, management_status, node_count, pod_count, "
|
|
79
|
+
"tags",
|
|
80
80
|
"name": "filter",
|
|
81
81
|
"in": "query"
|
|
82
82
|
}
|
|
@@ -93,8 +93,8 @@ _kubernetes_protection_endpoints = [
|
|
|
93
93
|
"type": "string",
|
|
94
94
|
"description": "Retrieve count of Kubernetes clusters that match a query in Falcon Query Language "
|
|
95
95
|
"(FQL). Supported filters: access,agent_status,cid,cloud_account_id,cloud_name,cloud_region,cluster_id,cluster"
|
|
96
|
-
"_name,cluster_status,container_count,
|
|
97
|
-
"
|
|
96
|
+
"_name,cluster_status,container_count,kubernetes_version,last_seen, management_status, node_count, pod_count, "
|
|
97
|
+
"tags",
|
|
98
98
|
"name": "filter",
|
|
99
99
|
"in": "query"
|
|
100
100
|
}
|
|
@@ -670,8 +670,7 @@ _kubernetes_protection_endpoints = [
|
|
|
670
670
|
"type": "string",
|
|
671
671
|
"description": "Search Kubernetes clusters using a query in Falcon Query Language (FQL). Supported "
|
|
672
672
|
"filters: access,agent_status,cid,cloud_account_id,cloud_name,cloud_region,cluster_id,cluster_name,cluster_sta"
|
|
673
|
-
"tus,container_count,
|
|
674
|
-
"tags",
|
|
673
|
+
"tus,container_count,kubernetes_version,last_seen, management_status, node_count, pod_count, tags",
|
|
675
674
|
"name": "filter",
|
|
676
675
|
"in": "query"
|
|
677
676
|
},
|
|
@@ -196,8 +196,8 @@ _message_center_endpoints = [
|
|
|
196
196
|
},
|
|
197
197
|
{
|
|
198
198
|
"enum": [
|
|
199
|
-
"activity.
|
|
200
|
-
"activity.
|
|
199
|
+
"activity.type.asc",
|
|
200
|
+
"activity.type.desc"
|
|
201
201
|
],
|
|
202
202
|
"type": "string",
|
|
203
203
|
"description": "The property to sort on, followed by a dot (.), followed by the sort direction, either "
|
|
@@ -118,10 +118,6 @@ def filevantage_rule_payload(passed_keywords: dict) -> dict:
|
|
|
118
118
|
"include": "string",
|
|
119
119
|
"include_processes": "string",
|
|
120
120
|
"include_users": "string",
|
|
121
|
-
"content_files": "string",
|
|
122
|
-
"content_registry_values": "string",
|
|
123
|
-
"enable_content_capture": boolean,
|
|
124
|
-
"enable_hash_capture": boolean,
|
|
125
121
|
"modified_timestamp": "string",
|
|
126
122
|
"path": "string",
|
|
127
123
|
"precedence": integer,
|
|
@@ -150,7 +146,6 @@ def filevantage_rule_payload(passed_keywords: dict) -> dict:
|
|
|
150
146
|
keys = ["created_timestamp", "depth", "description", "exclude", "exclude_processes",
|
|
151
147
|
"exclude_users", "id", "include", "include_processes", "include_users",
|
|
152
148
|
"modified_timestamp", "path", "rule_group_id", "severity", "type",
|
|
153
|
-
"content_files", "content_registry_values"
|
|
154
149
|
]
|
|
155
150
|
bool_int_keys = ["watch_attributes_directory_changes", "watch_attributes_file_changes",
|
|
156
151
|
"watch_create_directory_changes", "watch_create_file_changes",
|
|
@@ -159,8 +154,7 @@ def filevantage_rule_payload(passed_keywords: dict) -> dict:
|
|
|
159
154
|
"watch_delete_value_changes", "watch_permissions_directory_changes",
|
|
160
155
|
"watch_permissions_file_changes", "watch_rename_directory_changes",
|
|
161
156
|
"watch_rename_file_changes", "watch_rename_key_changes",
|
|
162
|
-
"watch_set_value_changes", "watch_write_file_changes", "precedence"
|
|
163
|
-
"enable_content_capture", "enable_hash_capture"
|
|
157
|
+
"watch_set_value_changes", "watch_write_file_changes", "precedence"
|
|
164
158
|
]
|
|
165
159
|
for key in keys:
|
|
166
160
|
if passed_keywords.get(key, None):
|