regscale-cli 6.24.0.1__py3-none-any.whl → 6.25.0.1__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of regscale-cli might be problematic. Click here for more details.
- regscale/_version.py +1 -1
- regscale/core/app/api.py +1 -1
- regscale/core/app/application.py +5 -3
- regscale/core/app/internal/evidence.py +308 -202
- regscale/dev/code_gen.py +84 -3
- regscale/integrations/commercial/__init__.py +2 -0
- regscale/integrations/commercial/jira.py +4 -4
- regscale/integrations/commercial/microsoft_defender/defender.py +326 -5
- regscale/integrations/commercial/microsoft_defender/defender_api.py +348 -14
- regscale/integrations/commercial/microsoft_defender/defender_constants.py +157 -0
- regscale/integrations/commercial/synqly/assets.py +99 -16
- regscale/integrations/commercial/synqly/query_builder.py +533 -0
- regscale/integrations/commercial/synqly/vulnerabilities.py +134 -14
- regscale/integrations/commercial/wizv2/compliance_report.py +22 -0
- regscale/integrations/compliance_integration.py +17 -0
- regscale/integrations/scanner_integration.py +16 -0
- regscale/models/integration_models/synqly_models/capabilities.json +1 -1
- regscale/models/integration_models/synqly_models/connectors/vulnerabilities.py +12 -2
- regscale/models/integration_models/synqly_models/filter_parser.py +332 -0
- regscale/models/integration_models/synqly_models/synqly_model.py +47 -3
- regscale/models/regscale_models/compliance_settings.py +28 -0
- regscale/models/regscale_models/component.py +1 -0
- regscale/models/regscale_models/control_implementation.py +130 -1
- regscale/regscale.py +1 -1
- regscale/validation/record.py +23 -1
- {regscale_cli-6.24.0.1.dist-info → regscale_cli-6.25.0.1.dist-info}/METADATA +1 -1
- {regscale_cli-6.24.0.1.dist-info → regscale_cli-6.25.0.1.dist-info}/RECORD +31 -29
- {regscale_cli-6.24.0.1.dist-info → regscale_cli-6.25.0.1.dist-info}/LICENSE +0 -0
- {regscale_cli-6.24.0.1.dist-info → regscale_cli-6.25.0.1.dist-info}/WHEEL +0 -0
- {regscale_cli-6.24.0.1.dist-info → regscale_cli-6.25.0.1.dist-info}/entry_points.txt +0 -0
- {regscale_cli-6.24.0.1.dist-info → regscale_cli-6.25.0.1.dist-info}/top_level.txt +0 -0
|
@@ -13,90 +13,173 @@ def assets() -> None:
|
|
|
13
13
|
pass
|
|
14
14
|
|
|
15
15
|
|
|
16
|
+
@assets.command(name="build-query")
|
|
17
|
+
@click.option(
|
|
18
|
+
"--provider",
|
|
19
|
+
required=False,
|
|
20
|
+
help="Provider ID (e.g., assets_armis_centrix). If not specified, starts interactive mode.",
|
|
21
|
+
)
|
|
22
|
+
@click.option("--validate", help="Validate a filter string against provider capabilities")
|
|
23
|
+
@click.option("--list-fields", is_flag=True, default=False, help="List all available fields for the provider")
|
|
24
|
+
def build_query(provider, validate, list_fields):
|
|
25
|
+
"""
|
|
26
|
+
Build and validate filter queries for Assets connectors.
|
|
27
|
+
|
|
28
|
+
Examples:
|
|
29
|
+
# Build a filter query
|
|
30
|
+
regscale assets build-query
|
|
31
|
+
|
|
32
|
+
# List all fields for a specific provider
|
|
33
|
+
regscale assets build-query --provider assets_armis_centrix --list-fields
|
|
34
|
+
|
|
35
|
+
# Validate a filter string
|
|
36
|
+
regscale assets build-query --provider assets_armis_centrix --validate "device.ip[eq]192.168.1.1"
|
|
37
|
+
"""
|
|
38
|
+
from regscale.integrations.commercial.synqly.query_builder import handle_build_query
|
|
39
|
+
|
|
40
|
+
handle_build_query("assets", provider, validate, list_fields)
|
|
41
|
+
|
|
42
|
+
|
|
16
43
|
@assets.command(name="sync_armis_centrix")
|
|
17
44
|
@regscale_ssp_id()
|
|
18
|
-
|
|
45
|
+
@click.option(
|
|
46
|
+
"--filter",
|
|
47
|
+
help='STRING: Apply filters to the query. Can be a single filter "field[operator]value" or semicolon-separated filters "field1[op]value1;field2[op]value2"',
|
|
48
|
+
required=False,
|
|
49
|
+
type=str,
|
|
50
|
+
default=None,
|
|
51
|
+
)
|
|
52
|
+
def sync_armis_centrix(regscale_ssp_id: int, filter: str) -> None:
|
|
19
53
|
"""Sync Assets from Armis Centrix to RegScale."""
|
|
20
54
|
from regscale.models.integration_models.synqly_models.connectors import Assets
|
|
21
55
|
|
|
22
56
|
assets_armis_centrix = Assets("armis_centrix")
|
|
23
|
-
assets_armis_centrix.run_sync(regscale_ssp_id=regscale_ssp_id)
|
|
57
|
+
assets_armis_centrix.run_sync(regscale_ssp_id=regscale_ssp_id, filter=filter.split(";") if filter else [])
|
|
24
58
|
|
|
25
59
|
|
|
26
60
|
@assets.command(name="sync_axonius")
|
|
27
61
|
@regscale_ssp_id()
|
|
28
|
-
|
|
62
|
+
@click.option(
|
|
63
|
+
"--filter",
|
|
64
|
+
help='STRING: Apply filters to the query. Can be a single filter "field[operator]value" or semicolon-separated filters "field1[op]value1;field2[op]value2"',
|
|
65
|
+
required=False,
|
|
66
|
+
type=str,
|
|
67
|
+
default=None,
|
|
68
|
+
)
|
|
69
|
+
def sync_axonius(regscale_ssp_id: int, filter: str) -> None:
|
|
29
70
|
"""Sync Assets from Axonius to RegScale."""
|
|
30
71
|
from regscale.models.integration_models.synqly_models.connectors import Assets
|
|
31
72
|
|
|
32
73
|
assets_axonius = Assets("axonius")
|
|
33
|
-
assets_axonius.run_sync(regscale_ssp_id=regscale_ssp_id)
|
|
74
|
+
assets_axonius.run_sync(regscale_ssp_id=regscale_ssp_id, filter=filter.split(";") if filter else [])
|
|
34
75
|
|
|
35
76
|
|
|
36
77
|
@assets.command(name="sync_crowdstrike")
|
|
37
78
|
@regscale_ssp_id()
|
|
79
|
+
@click.option(
|
|
80
|
+
"--filter",
|
|
81
|
+
help='STRING: Apply filters to the query. Can be a single filter "field[operator]value" or semicolon-separated filters "field1[op]value1;field2[op]value2"',
|
|
82
|
+
required=False,
|
|
83
|
+
type=str,
|
|
84
|
+
default=None,
|
|
85
|
+
)
|
|
38
86
|
@click.option(
|
|
39
87
|
"--url",
|
|
40
88
|
type=click.STRING,
|
|
41
89
|
help="Base URL for the CrowdStrike Falcon Spotlight API.",
|
|
42
90
|
required=False,
|
|
43
91
|
)
|
|
44
|
-
def sync_crowdstrike(regscale_ssp_id: int, url: str) -> None:
|
|
92
|
+
def sync_crowdstrike(regscale_ssp_id: int, filter: str, url: str) -> None:
|
|
45
93
|
"""Sync Assets from Crowdstrike to RegScale."""
|
|
46
94
|
from regscale.models.integration_models.synqly_models.connectors import Assets
|
|
47
95
|
|
|
48
96
|
assets_crowdstrike = Assets("crowdstrike")
|
|
49
|
-
assets_crowdstrike.run_sync(regscale_ssp_id=regscale_ssp_id, url=url)
|
|
97
|
+
assets_crowdstrike.run_sync(regscale_ssp_id=regscale_ssp_id, filter=filter.split(";") if filter else [], url=url)
|
|
50
98
|
|
|
51
99
|
|
|
52
100
|
@assets.command(name="sync_nozomi_vantage")
|
|
53
101
|
@regscale_ssp_id()
|
|
54
|
-
|
|
102
|
+
@click.option(
|
|
103
|
+
"--filter",
|
|
104
|
+
help='STRING: Apply filters to the query. Can be a single filter "field[operator]value" or semicolon-separated filters "field1[op]value1;field2[op]value2"',
|
|
105
|
+
required=False,
|
|
106
|
+
type=str,
|
|
107
|
+
default=None,
|
|
108
|
+
)
|
|
109
|
+
def sync_nozomi_vantage(regscale_ssp_id: int, filter: str) -> None:
|
|
55
110
|
"""Sync Assets from Nozomi Vantage to RegScale."""
|
|
56
111
|
from regscale.models.integration_models.synqly_models.connectors import Assets
|
|
57
112
|
|
|
58
113
|
assets_nozomi_vantage = Assets("nozomi_vantage")
|
|
59
|
-
assets_nozomi_vantage.run_sync(regscale_ssp_id=regscale_ssp_id)
|
|
114
|
+
assets_nozomi_vantage.run_sync(regscale_ssp_id=regscale_ssp_id, filter=filter.split(";") if filter else [])
|
|
60
115
|
|
|
61
116
|
|
|
62
117
|
@assets.command(name="sync_qualys_cloud")
|
|
63
118
|
@regscale_ssp_id()
|
|
64
|
-
|
|
119
|
+
@click.option(
|
|
120
|
+
"--filter",
|
|
121
|
+
help='STRING: Apply filters to the query. Can be a single filter "field[operator]value" or semicolon-separated filters "field1[op]value1;field2[op]value2"',
|
|
122
|
+
required=False,
|
|
123
|
+
type=str,
|
|
124
|
+
default=None,
|
|
125
|
+
)
|
|
126
|
+
def sync_qualys_cloud(regscale_ssp_id: int, filter: str) -> None:
|
|
65
127
|
"""Sync Assets from Qualys Cloud to RegScale."""
|
|
66
128
|
from regscale.models.integration_models.synqly_models.connectors import Assets
|
|
67
129
|
|
|
68
130
|
assets_qualys_cloud = Assets("qualys_cloud")
|
|
69
|
-
assets_qualys_cloud.run_sync(regscale_ssp_id=regscale_ssp_id)
|
|
131
|
+
assets_qualys_cloud.run_sync(regscale_ssp_id=regscale_ssp_id, filter=filter.split(";") if filter else [])
|
|
70
132
|
|
|
71
133
|
|
|
72
134
|
@assets.command(name="sync_servicenow")
|
|
73
135
|
@regscale_ssp_id()
|
|
74
|
-
|
|
136
|
+
@click.option(
|
|
137
|
+
"--filter",
|
|
138
|
+
help='STRING: Apply filters to the query. Can be a single filter "field[operator]value" or semicolon-separated filters "field1[op]value1;field2[op]value2"',
|
|
139
|
+
required=False,
|
|
140
|
+
type=str,
|
|
141
|
+
default=None,
|
|
142
|
+
)
|
|
143
|
+
def sync_servicenow(regscale_ssp_id: int, filter: str) -> None:
|
|
75
144
|
"""Sync Assets from Servicenow to RegScale."""
|
|
76
145
|
from regscale.models.integration_models.synqly_models.connectors import Assets
|
|
77
146
|
|
|
78
147
|
assets_servicenow = Assets("servicenow")
|
|
79
|
-
assets_servicenow.run_sync(regscale_ssp_id=regscale_ssp_id)
|
|
148
|
+
assets_servicenow.run_sync(regscale_ssp_id=regscale_ssp_id, filter=filter.split(";") if filter else [])
|
|
80
149
|
|
|
81
150
|
|
|
82
151
|
@assets.command(name="sync_sevco")
|
|
83
152
|
@regscale_ssp_id()
|
|
84
|
-
|
|
153
|
+
@click.option(
|
|
154
|
+
"--filter",
|
|
155
|
+
help='STRING: Apply filters to the query. Can be a single filter "field[operator]value" or semicolon-separated filters "field1[op]value1;field2[op]value2"',
|
|
156
|
+
required=False,
|
|
157
|
+
type=str,
|
|
158
|
+
default=None,
|
|
159
|
+
)
|
|
160
|
+
def sync_sevco(regscale_ssp_id: int, filter: str) -> None:
|
|
85
161
|
"""Sync Assets from Sevco to RegScale."""
|
|
86
162
|
from regscale.models.integration_models.synqly_models.connectors import Assets
|
|
87
163
|
|
|
88
164
|
assets_sevco = Assets("sevco")
|
|
89
|
-
assets_sevco.run_sync(regscale_ssp_id=regscale_ssp_id)
|
|
165
|
+
assets_sevco.run_sync(regscale_ssp_id=regscale_ssp_id, filter=filter.split(";") if filter else [])
|
|
90
166
|
|
|
91
167
|
|
|
92
168
|
@assets.command(name="sync_tanium_cloud")
|
|
93
169
|
@regscale_ssp_id()
|
|
94
|
-
|
|
170
|
+
@click.option(
|
|
171
|
+
"--filter",
|
|
172
|
+
help='STRING: Apply filters to the query. Can be a single filter "field[operator]value" or semicolon-separated filters "field1[op]value1;field2[op]value2"',
|
|
173
|
+
required=False,
|
|
174
|
+
type=str,
|
|
175
|
+
default=None,
|
|
176
|
+
)
|
|
177
|
+
def sync_tanium_cloud(regscale_ssp_id: int, filter: str) -> None:
|
|
95
178
|
"""Sync Assets from Tanium Cloud to RegScale."""
|
|
96
179
|
from regscale.models.integration_models.synqly_models.connectors import Assets
|
|
97
180
|
|
|
98
181
|
assets_tanium_cloud = Assets("tanium_cloud")
|
|
99
|
-
assets_tanium_cloud.run_sync(regscale_ssp_id=regscale_ssp_id)
|
|
182
|
+
assets_tanium_cloud.run_sync(regscale_ssp_id=regscale_ssp_id, filter=filter.split(";") if filter else [])
|
|
100
183
|
|
|
101
184
|
|
|
102
185
|
# pylint: enable=line-too-long
|