taegis-sdk-python 1.5.4__tar.gz → 1.6.0__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/PKG-INFO +2 -1
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/pyproject.toml +1 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/__init__.py +6 -7
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/_version.py +1 -1
- taegis_sdk_python-1.6.0/taegis_sdk_python/commons/alerts/__init__.py +1 -0
- taegis_sdk_python-1.6.0/taegis_sdk_python/commons/alerts/federated_search.py +163 -0
- taegis_sdk_python-1.6.0/taegis_sdk_python/commons/alerts/search.py +70 -0
- taegis_sdk_python-1.6.0/taegis_sdk_python/commons/cases/__init__.py +1 -0
- taegis_sdk_python-1.6.0/taegis_sdk_python/commons/cases/federated_search.py +179 -0
- taegis_sdk_python-1.6.0/taegis_sdk_python/commons/cases/search.py +98 -0
- taegis_sdk_python-1.6.0/taegis_sdk_python/commons/events/__init__.py +1 -0
- taegis_sdk_python-1.6.0/taegis_sdk_python/commons/events/search.py +55 -0
- taegis_sdk_python-1.6.0/taegis_sdk_python/commons/investigations/__init__.py +1 -0
- taegis_sdk_python-1.6.0/taegis_sdk_python/commons/investigations/federated_search.py +179 -0
- taegis_sdk_python-1.6.0/taegis_sdk_python/commons/investigations/search.py +98 -0
- taegis_sdk_python-1.6.0/taegis_sdk_python/commons/sharelinks/__init__.py +1 -0
- taegis_sdk_python-1.6.0/taegis_sdk_python/commons/sharelinks/create.py +67 -0
- taegis_sdk_python-1.6.0/taegis_sdk_python/commons/sharelinks/unfurl.py +46 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/config.py +2 -1
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/access_points/types.py +0 -1
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/agent/__init__.py +1 -3
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/agent/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/alerts/__init__.py +1 -3
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/alerts/types.py +66 -25
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/alerts_history/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/assets/__init__.py +1 -3
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/assets/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/assets2/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/audits/__init__.py +1 -3
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/audits/types.py +7 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/authz/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/byoti/__init__.py +1 -3
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/byoti/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/clients/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/collector/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/comments/types.py +0 -1
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/contracted_endpoint/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/cql_metadata/types.py +0 -1
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/datasources/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/detector_registry/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/endpoint_command_manager/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/endpoint_management_service/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/entity_context/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/event_search/types.py +0 -1
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/events/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/exports/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/fast_ioc/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/file_info/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/ingest_stats/types.py +0 -1
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/investigations/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/investigations2/types.py +55 -47
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/isensor/__init__.py +1 -3
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/isensor/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/mitre_attack_info/types.py +0 -1
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/multi_tenant_context/types.py +0 -1
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/multi_tenant_ioc/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/nl_search/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/notebooks/types.py +0 -1
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/notifications/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/preferences/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/process_trees/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/queries/__init__.py +1 -3
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/queries/types.py +3 -6
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/roadrunner/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/rules/__init__.py +1 -3
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/rules/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/sharelinks/types.py +0 -1
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/subjects/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/tenant_profiles/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/tenants/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/tenants4/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/threat/__init__.py +1 -3
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/threat/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/threat_score/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/trigger_action/types.py +0 -1
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/trip/__init__.py +1 -3
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/trip/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/users/__init__.py +1 -3
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/users/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/vdr/__init__.py +1 -3
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/vdr/types.py +1 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/xdr_central_connector/types.py +1 -4
- taegis_sdk_python-1.6.0/taegis_sdk_python/templates/__init__.py +39 -0
- taegis_sdk_python-1.6.0/taegis_sdk_python/templates/_jinja2.py +127 -0
- taegis_sdk_python-1.6.0/taegis_sdk_python/transport/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/transport/aiohttp_websockets.py +4 -4
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/utils.py +52 -1
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/.gitignore +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/LICENSE +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/README.md +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/_consts.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/authentication.py +0 -0
- {taegis_sdk_python-1.5.4/taegis_sdk_python/transport → taegis_sdk_python-1.6.0/taegis_sdk_python/commons}/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/errors.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/service_core.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/__init__.py +1 -1
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/access_points/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/access_points/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/access_points/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/access_points/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/agent/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/agent/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/agent/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/alerts/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/alerts/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/alerts/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/alerts_history/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/alerts_history/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/alerts_history/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/alerts_history/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/assets/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/assets/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/assets/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/assets2/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/assets2/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/assets2/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/assets2/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/audits/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/audits/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/audits/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/authz/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/authz/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/authz/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/authz/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/byoti/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/byoti/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/byoti/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/clients/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/clients/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/clients/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/clients/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/collector/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/collector/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/collector/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/collector/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/comments/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/comments/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/comments/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/comments/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/contracted_endpoint/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/contracted_endpoint/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/contracted_endpoint/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/contracted_endpoint/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/cql_metadata/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/cql_metadata/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/cql_metadata/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/cql_metadata/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/datasources/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/datasources/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/datasources/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/datasources/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/detector_registry/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/detector_registry/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/detector_registry/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/detector_registry/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/endpoint_command_manager/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/endpoint_command_manager/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/endpoint_command_manager/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/endpoint_command_manager/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/endpoint_management_service/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/endpoint_management_service/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/endpoint_management_service/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/endpoint_management_service/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/entity_context/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/entity_context/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/entity_context/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/entity_context/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/event_search/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/event_search/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/event_search/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/event_search/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/events/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/events/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/events/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/events/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/exports/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/exports/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/exports/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/exports/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/fast_ioc/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/fast_ioc/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/fast_ioc/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/fast_ioc/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/file_info/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/file_info/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/file_info/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/file_info/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/ingest_stats/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/ingest_stats/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/ingest_stats/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/ingest_stats/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/investigations/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/investigations/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/investigations/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/investigations/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/investigations2/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/investigations2/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/investigations2/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/investigations2/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/isensor/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/isensor/queries.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/isensor/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/mitre_attack_info/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/mitre_attack_info/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/mitre_attack_info/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/mitre_attack_info/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/multi_tenant_context/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/multi_tenant_context/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/multi_tenant_context/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/multi_tenant_context/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/multi_tenant_ioc/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/multi_tenant_ioc/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/multi_tenant_ioc/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/multi_tenant_ioc/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/nl_search/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/nl_search/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/nl_search/queries.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/nl_search/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/notebooks/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/notebooks/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/notebooks/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/notebooks/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/notifications/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/notifications/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/notifications/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/notifications/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/preferences/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/preferences/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/preferences/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/preferences/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/process_trees/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/process_trees/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/process_trees/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/process_trees/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/queries/mutations.py +1 -1
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/queries/queries.py +1 -1
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/queries/subscriptions.py +1 -1
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/roadrunner/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/roadrunner/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/roadrunner/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/roadrunner/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/rules/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/rules/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/rules/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/sharelinks/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/sharelinks/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/sharelinks/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/sharelinks/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/subjects/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/subjects/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/subjects/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/subjects/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/tenant_profiles/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/tenant_profiles/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/tenant_profiles/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/tenant_profiles/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/tenants/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/tenants/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/tenants/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/tenants/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/tenants4/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/tenants4/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/tenants4/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/tenants4/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/threat/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/threat/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/threat/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/threat_score/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/threat_score/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/threat_score/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/threat_score/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/trigger_action/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/trigger_action/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/trigger_action/queries.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/trigger_action/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/trip/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/trip/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/trip/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/users/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/users/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/users/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/vdr/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/vdr/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/vdr/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/xdr_central_connector/__init__.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/xdr_central_connector/mutations.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/xdr_central_connector/queries.py +2 -2
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/services/xdr_central_connector/subscriptions.py +0 -0
- {taegis_sdk_python-1.5.4 → taegis_sdk_python-1.6.0}/taegis_sdk_python/tokens.py +0 -0
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.4
|
|
2
2
|
Name: taegis-sdk-python
|
|
3
|
-
Version: 1.
|
|
3
|
+
Version: 1.6.0
|
|
4
4
|
Summary: Taegis Python SDK
|
|
5
5
|
Project-URL: Homepage, https://github.com/secureworks/taegis-sdk-python
|
|
6
6
|
Project-URL: Bug Reports, https://github.com/secureworks/taegis-sdk-python/issues
|
|
@@ -198,6 +198,7 @@ Requires-Dist: dataclasses-json
|
|
|
198
198
|
Requires-Dist: filelock>=3.12.4
|
|
199
199
|
Requires-Dist: gql<4,>=3.5.0
|
|
200
200
|
Requires-Dist: graphql-core
|
|
201
|
+
Requires-Dist: jinja2
|
|
201
202
|
Requires-Dist: oauthlib
|
|
202
203
|
Requires-Dist: pyjwt>=2.8.0
|
|
203
204
|
Requires-Dist: python-dateutil
|
|
@@ -3,23 +3,22 @@ Commonly-used functions and data types from this package.
|
|
|
3
3
|
"""
|
|
4
4
|
|
|
5
5
|
from taegis_sdk_python.errors import (
|
|
6
|
-
ServiceCoreException,
|
|
7
|
-
InvalidAuthenticationMethod,
|
|
8
6
|
AccessTokenException,
|
|
9
|
-
MissingAccessTokenError,
|
|
10
|
-
InvalidAccessTokenError,
|
|
11
7
|
GraphQLNoRowsInResultSetError,
|
|
12
8
|
InvalidAccessTokenClaims,
|
|
9
|
+
InvalidAccessTokenError,
|
|
10
|
+
InvalidAuthenticationMethod,
|
|
13
11
|
InvalidGraphQLEndpoint,
|
|
12
|
+
MissingAccessTokenError,
|
|
13
|
+
ServiceCoreException,
|
|
14
14
|
)
|
|
15
|
-
|
|
16
15
|
from taegis_sdk_python.services import GraphQLService
|
|
17
16
|
from taegis_sdk_python.utils import (
|
|
18
17
|
build_output_string,
|
|
18
|
+
build_output_string_from_introspection,
|
|
19
|
+
parse_union_result,
|
|
19
20
|
prepare_input,
|
|
20
21
|
prepare_variables,
|
|
21
|
-
parse_union_result,
|
|
22
|
-
build_output_string_from_introspection,
|
|
23
22
|
)
|
|
24
23
|
|
|
25
24
|
# pylint: disable=duplicate-code
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
"""Taegis Common Alerts Service Implementations."""
|
|
@@ -0,0 +1,163 @@
|
|
|
1
|
+
"""Taegis Commons Federated Alerts Search implementation."""
|
|
2
|
+
|
|
3
|
+
import logging
|
|
4
|
+
from dataclasses import dataclass, field
|
|
5
|
+
from typing import Any, Callable, Dict, List, Optional
|
|
6
|
+
|
|
7
|
+
from dataclasses_json import config, dataclass_json
|
|
8
|
+
|
|
9
|
+
from taegis_sdk_python import (
|
|
10
|
+
GraphQLNoRowsInResultSetError,
|
|
11
|
+
GraphQLService,
|
|
12
|
+
build_output_string,
|
|
13
|
+
prepare_input,
|
|
14
|
+
)
|
|
15
|
+
from taegis_sdk_python.services.alerts.types import (
|
|
16
|
+
Alert2,
|
|
17
|
+
AlertsList,
|
|
18
|
+
AlertsResponse,
|
|
19
|
+
AuxiliaryEvent,
|
|
20
|
+
PollRequestInput,
|
|
21
|
+
SearchRequestInput,
|
|
22
|
+
)
|
|
23
|
+
|
|
24
|
+
log = logging.getLogger(__name__)
|
|
25
|
+
|
|
26
|
+
|
|
27
|
+
@dataclass_json
|
|
28
|
+
@dataclass(order=True, eq=True, frozen=True)
|
|
29
|
+
class TaegisCommonsAuxiliaryEvent(AuxiliaryEvent):
|
|
30
|
+
"""My TaegisCommons Auxiliary Event - Extends Auxiliary Event with event_data
|
|
31
|
+
to take advantage of GQL federated services.
|
|
32
|
+
"""
|
|
33
|
+
|
|
34
|
+
event_data: Optional[Dict[str, Any]] = field(
|
|
35
|
+
default=None, metadata=config(field_name="event_data")
|
|
36
|
+
)
|
|
37
|
+
|
|
38
|
+
|
|
39
|
+
@dataclass_json
|
|
40
|
+
@dataclass(order=True, eq=True, frozen=True)
|
|
41
|
+
class TaegisCommonsAlert2(Alert2):
|
|
42
|
+
"""My TaegisCommons Alert2."""
|
|
43
|
+
|
|
44
|
+
event_ids: Optional[List[TaegisCommonsAuxiliaryEvent]] = field(
|
|
45
|
+
default=None, metadata=config(field_name="event_ids")
|
|
46
|
+
)
|
|
47
|
+
|
|
48
|
+
|
|
49
|
+
@dataclass_json
|
|
50
|
+
@dataclass(order=True, eq=True, frozen=True)
|
|
51
|
+
class TaegisCommonsAlertsList(AlertsList):
|
|
52
|
+
"""My TaegisCommons AlertsList."""
|
|
53
|
+
|
|
54
|
+
list: Optional[List[TaegisCommonsAlert2]] = field(
|
|
55
|
+
default=None, metadata=config(field_name="list")
|
|
56
|
+
)
|
|
57
|
+
|
|
58
|
+
|
|
59
|
+
@dataclass_json
|
|
60
|
+
@dataclass(order=True, eq=True, frozen=True)
|
|
61
|
+
class TaegisCommonsAlertsResponse(AlertsResponse):
|
|
62
|
+
"""My TaegisCommons AlertsResponse."""
|
|
63
|
+
|
|
64
|
+
alerts: Optional[TaegisCommonsAlertsList] = field(
|
|
65
|
+
default=None, metadata=config(field_name="alerts")
|
|
66
|
+
)
|
|
67
|
+
|
|
68
|
+
|
|
69
|
+
def alerts_service_search_with_events(
|
|
70
|
+
service: GraphQLService, in_: SearchRequestInput
|
|
71
|
+
) -> TaegisCommonsAlertsResponse:
|
|
72
|
+
"""Query Taegis Alerts with corresponding Events attached."""
|
|
73
|
+
endpoint = "alertsServiceSearch"
|
|
74
|
+
result = service.alerts.execute_query(
|
|
75
|
+
endpoint=endpoint,
|
|
76
|
+
variables={
|
|
77
|
+
"in": prepare_input(in_),
|
|
78
|
+
},
|
|
79
|
+
output=build_output_string(TaegisCommonsAlertsResponse),
|
|
80
|
+
)
|
|
81
|
+
if result is not None:
|
|
82
|
+
return TaegisCommonsAlertsResponse.from_dict( # pylint: disable=no-member
|
|
83
|
+
result.get(endpoint)
|
|
84
|
+
)
|
|
85
|
+
raise GraphQLNoRowsInResultSetError("for query alertsServiceSearch")
|
|
86
|
+
|
|
87
|
+
|
|
88
|
+
def alerts_service_poll_with_events(
|
|
89
|
+
service: GraphQLService, in_: PollRequestInput
|
|
90
|
+
) -> TaegisCommonsAlertsResponse:
|
|
91
|
+
"""Federated alerts_service_poll with event_data."""
|
|
92
|
+
endpoint = "alertsServicePoll"
|
|
93
|
+
result = service.alerts.execute_query(
|
|
94
|
+
endpoint=endpoint,
|
|
95
|
+
variables={
|
|
96
|
+
"in": prepare_input(in_),
|
|
97
|
+
},
|
|
98
|
+
output=build_output_string(TaegisCommonsAlertsResponse),
|
|
99
|
+
)
|
|
100
|
+
if result is not None:
|
|
101
|
+
return TaegisCommonsAlertsResponse.from_dict( # pylint: disable=no-member
|
|
102
|
+
result.get(endpoint)
|
|
103
|
+
)
|
|
104
|
+
raise GraphQLNoRowsInResultSetError("for query alertsServicePoll")
|
|
105
|
+
|
|
106
|
+
|
|
107
|
+
def alerts_federated_search(
|
|
108
|
+
service: GraphQLService,
|
|
109
|
+
query: str,
|
|
110
|
+
*,
|
|
111
|
+
limit: int = 10000,
|
|
112
|
+
caller_name: str = "Taegis SDK Commons",
|
|
113
|
+
federated_call: Callable,
|
|
114
|
+
federated_poll_call: Callable,
|
|
115
|
+
) -> List[TaegisCommonsAlertsResponse]:
|
|
116
|
+
"""
|
|
117
|
+
Search Taegis Alerts service.
|
|
118
|
+
"""
|
|
119
|
+
if "aggregate" in query:
|
|
120
|
+
limit = 1
|
|
121
|
+
|
|
122
|
+
result = federated_call(
|
|
123
|
+
service,
|
|
124
|
+
SearchRequestInput(
|
|
125
|
+
cql_query=query,
|
|
126
|
+
offset=0,
|
|
127
|
+
limit=limit,
|
|
128
|
+
metadata={"callerName": caller_name},
|
|
129
|
+
),
|
|
130
|
+
)
|
|
131
|
+
|
|
132
|
+
poll_responses = [result]
|
|
133
|
+
search_id = result.search_id
|
|
134
|
+
total_parts = result.alerts.total_parts
|
|
135
|
+
|
|
136
|
+
if search_id:
|
|
137
|
+
for part in range(2, total_parts + 1):
|
|
138
|
+
response = None
|
|
139
|
+
try:
|
|
140
|
+
log.debug(f"Submitting page {part}...")
|
|
141
|
+
response = federated_poll_call(
|
|
142
|
+
service,
|
|
143
|
+
PollRequestInput(
|
|
144
|
+
search_id=search_id,
|
|
145
|
+
part_id=part,
|
|
146
|
+
),
|
|
147
|
+
)
|
|
148
|
+
except Exception as exc: # pylint: disable=broad-exception-caught
|
|
149
|
+
log.error(
|
|
150
|
+
f"Cannot retrieve results for search_id:{search_id}:{part}::{exc}"
|
|
151
|
+
)
|
|
152
|
+
if "not found" in str(exc):
|
|
153
|
+
break
|
|
154
|
+
|
|
155
|
+
if isinstance(response, AlertsResponse) and response.alerts is not None:
|
|
156
|
+
poll_responses.append(response)
|
|
157
|
+
# CX-92571 work around
|
|
158
|
+
if sum(len(response.alerts.list) for response in poll_responses) >= int(
|
|
159
|
+
limit
|
|
160
|
+
):
|
|
161
|
+
break
|
|
162
|
+
|
|
163
|
+
return poll_responses
|
|
@@ -0,0 +1,70 @@
|
|
|
1
|
+
"""Taegis Commons Alerts Search implementations."""
|
|
2
|
+
|
|
3
|
+
import logging
|
|
4
|
+
from typing import List
|
|
5
|
+
|
|
6
|
+
from taegis_sdk_python import GraphQLService
|
|
7
|
+
from taegis_sdk_python.services.alerts.types import (
|
|
8
|
+
AlertsResponse,
|
|
9
|
+
PollRequestInput,
|
|
10
|
+
SearchRequestInput,
|
|
11
|
+
)
|
|
12
|
+
|
|
13
|
+
log = logging.getLogger(__name__)
|
|
14
|
+
|
|
15
|
+
|
|
16
|
+
def alerts_search(
|
|
17
|
+
service: GraphQLService,
|
|
18
|
+
query: str,
|
|
19
|
+
*,
|
|
20
|
+
limit: int = 10000,
|
|
21
|
+
caller_name: str = "Taegis SDK Commons",
|
|
22
|
+
) -> List[AlertsResponse]:
|
|
23
|
+
"""
|
|
24
|
+
Search Taegis Alerts service.
|
|
25
|
+
"""
|
|
26
|
+
if "aggregate" in query:
|
|
27
|
+
limit = 1
|
|
28
|
+
|
|
29
|
+
result = service.alerts.query.alerts_service_search(
|
|
30
|
+
service,
|
|
31
|
+
SearchRequestInput(
|
|
32
|
+
cql_query=query,
|
|
33
|
+
offset=0,
|
|
34
|
+
limit=limit,
|
|
35
|
+
metadata={"callerName": caller_name},
|
|
36
|
+
),
|
|
37
|
+
)
|
|
38
|
+
|
|
39
|
+
poll_responses = [result]
|
|
40
|
+
search_id = result.search_id
|
|
41
|
+
total_parts = result.alerts.total_parts
|
|
42
|
+
|
|
43
|
+
if search_id:
|
|
44
|
+
for part in range(2, total_parts + 1):
|
|
45
|
+
response = None
|
|
46
|
+
try:
|
|
47
|
+
log.debug(f"Submitting page {part}...")
|
|
48
|
+
response = service.alerts.query.alerts_service_poll(
|
|
49
|
+
service,
|
|
50
|
+
PollRequestInput(
|
|
51
|
+
search_id=search_id,
|
|
52
|
+
part_id=part,
|
|
53
|
+
),
|
|
54
|
+
)
|
|
55
|
+
except Exception as exc: # pylint: disable=broad-exception-caught
|
|
56
|
+
log.error(
|
|
57
|
+
f"Cannot retrieve results for search_id:{search_id}:{part}::{exc}"
|
|
58
|
+
)
|
|
59
|
+
if "not found" in str(exc):
|
|
60
|
+
break
|
|
61
|
+
|
|
62
|
+
if isinstance(response, AlertsResponse) and response.alerts is not None:
|
|
63
|
+
poll_responses.append(response)
|
|
64
|
+
# CX-92571 work around
|
|
65
|
+
if sum(len(response.alerts.list) for response in poll_responses) >= int(
|
|
66
|
+
limit
|
|
67
|
+
):
|
|
68
|
+
break
|
|
69
|
+
|
|
70
|
+
return poll_responses
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
"""Taegis Common Cases Service Implementations."""
|
|
@@ -0,0 +1,179 @@
|
|
|
1
|
+
"""Taegis Commons Cases implementations."""
|
|
2
|
+
|
|
3
|
+
import logging
|
|
4
|
+
import re
|
|
5
|
+
from dataclasses import dataclass, field
|
|
6
|
+
from typing import Callable, List, Optional
|
|
7
|
+
|
|
8
|
+
from dataclasses_json import config, dataclass_json
|
|
9
|
+
from taegis_magic.core.utils import remove_output_node
|
|
10
|
+
|
|
11
|
+
from taegis_sdk_python import (
|
|
12
|
+
GraphQLNoRowsInResultSetError,
|
|
13
|
+
GraphQLService,
|
|
14
|
+
build_output_string,
|
|
15
|
+
prepare_input,
|
|
16
|
+
)
|
|
17
|
+
from taegis_sdk_python.services.investigations2.types import (
|
|
18
|
+
CreateInvestigationInput,
|
|
19
|
+
InvestigationsV2,
|
|
20
|
+
InvestigationsV2Arguments,
|
|
21
|
+
InvestigationV2,
|
|
22
|
+
)
|
|
23
|
+
from taegis_sdk_python.services.subjects.types import Subject as FederatedSubject
|
|
24
|
+
|
|
25
|
+
log = logging.getLogger(__name__)
|
|
26
|
+
|
|
27
|
+
|
|
28
|
+
@dataclass_json
|
|
29
|
+
@dataclass(order=True, eq=True, frozen=True)
|
|
30
|
+
class TaegisCommonsInvestigationV2(InvestigationV2):
|
|
31
|
+
"""TaegisCommonsInvestigationV2"""
|
|
32
|
+
|
|
33
|
+
contributor_subjects: Optional[List[FederatedSubject]] = field(
|
|
34
|
+
default=None, metadata=config(field_name="contributorSubjects")
|
|
35
|
+
)
|
|
36
|
+
assignee_subject: Optional[FederatedSubject] = field(
|
|
37
|
+
default=None, metadata=config(field_name="assigneeSubject")
|
|
38
|
+
)
|
|
39
|
+
created_by_subject: Optional[FederatedSubject] = field(
|
|
40
|
+
default=None, metadata=config(field_name="createdBySubject")
|
|
41
|
+
)
|
|
42
|
+
updated_by_subject: Optional[FederatedSubject] = field(
|
|
43
|
+
default=None, metadata=config(field_name="updatedBySubject")
|
|
44
|
+
)
|
|
45
|
+
|
|
46
|
+
|
|
47
|
+
@dataclass_json
|
|
48
|
+
@dataclass(order=True, eq=True, frozen=True)
|
|
49
|
+
class TaegisCommonsInvestigationsV2(InvestigationsV2):
|
|
50
|
+
"""TaegisCommonsInvestigationsV2"""
|
|
51
|
+
|
|
52
|
+
investigations: List[TaegisCommonsInvestigationV2] = field(
|
|
53
|
+
default_factory=list, metadata=config(field_name="investigations")
|
|
54
|
+
)
|
|
55
|
+
|
|
56
|
+
|
|
57
|
+
def investigations_create_with_subjects(
|
|
58
|
+
service: GraphQLService, input_: CreateInvestigationInput
|
|
59
|
+
) -> TaegisCommonsInvestigationV2:
|
|
60
|
+
"""createInvestigationV2 creates new investigation with the provided arguments."""
|
|
61
|
+
endpoint = "createInvestigationV2"
|
|
62
|
+
|
|
63
|
+
result = service.investigations2.execute_mutation(
|
|
64
|
+
endpoint=endpoint,
|
|
65
|
+
variables={
|
|
66
|
+
"input": prepare_input(input_),
|
|
67
|
+
},
|
|
68
|
+
output=build_output_string(TaegisCommonsInvestigationV2),
|
|
69
|
+
)
|
|
70
|
+
if result.get(endpoint) is not None:
|
|
71
|
+
return TaegisCommonsInvestigationV2.from_dict( # pylint: disable=no-member
|
|
72
|
+
result.get(endpoint)
|
|
73
|
+
)
|
|
74
|
+
raise GraphQLNoRowsInResultSetError("for mutation createInvestigationV2")
|
|
75
|
+
|
|
76
|
+
|
|
77
|
+
def investigations_search_with_subjects(
|
|
78
|
+
service, arguments: InvestigationsV2Arguments
|
|
79
|
+
) -> TaegisCommonsInvestigationsV2:
|
|
80
|
+
"""investigationsV2 returns a list of investigations matching the provided arguments."""
|
|
81
|
+
endpoint = "investigationsV2"
|
|
82
|
+
|
|
83
|
+
result = service.investigations2.execute_query(
|
|
84
|
+
endpoint=endpoint,
|
|
85
|
+
variables={
|
|
86
|
+
"arguments": prepare_input(arguments),
|
|
87
|
+
},
|
|
88
|
+
output=build_output_string(TaegisCommonsInvestigationsV2),
|
|
89
|
+
)
|
|
90
|
+
if result.get(endpoint) is not None:
|
|
91
|
+
return TaegisCommonsInvestigationsV2.from_dict( # pylint: disable=no-member
|
|
92
|
+
result.get(endpoint)
|
|
93
|
+
)
|
|
94
|
+
raise GraphQLNoRowsInResultSetError("for query investigationsV2")
|
|
95
|
+
|
|
96
|
+
|
|
97
|
+
def cases_federated_search(
|
|
98
|
+
service: GraphQLService,
|
|
99
|
+
query: str,
|
|
100
|
+
*,
|
|
101
|
+
limit: int = 10000,
|
|
102
|
+
federated_call: Callable,
|
|
103
|
+
) -> List[InvestigationsV2]:
|
|
104
|
+
"""Taegis Cases search with Subject federation."""
|
|
105
|
+
|
|
106
|
+
page = 1
|
|
107
|
+
per_page = 100
|
|
108
|
+
|
|
109
|
+
results = []
|
|
110
|
+
|
|
111
|
+
# fix for CX-99036
|
|
112
|
+
pattern = r"\|\s*(head|tail)\s*([0-9]+)"
|
|
113
|
+
match = re.search(pattern, query)
|
|
114
|
+
|
|
115
|
+
if not limit:
|
|
116
|
+
if match and match.group(1) == "tail": # pragma: no cover
|
|
117
|
+
log.warning(
|
|
118
|
+
"tail is not currently supported, it will be used as the limit..."
|
|
119
|
+
)
|
|
120
|
+
|
|
121
|
+
if match:
|
|
122
|
+
limit = int(match.group(2))
|
|
123
|
+
elif match: # pragma: no cover
|
|
124
|
+
log.warning(
|
|
125
|
+
f"limit and {match.group(1)} both provided, only limit will be honored..."
|
|
126
|
+
)
|
|
127
|
+
|
|
128
|
+
query = re.sub(pattern, "", query)
|
|
129
|
+
|
|
130
|
+
if limit and limit < per_page:
|
|
131
|
+
per_page = limit
|
|
132
|
+
# endfix
|
|
133
|
+
|
|
134
|
+
# fix for CX-103490
|
|
135
|
+
output = build_output_string(TaegisCommonsInvestigationsV2)
|
|
136
|
+
|
|
137
|
+
output = remove_output_node(output, "metric")
|
|
138
|
+
output = remove_output_node(output, "metrics")
|
|
139
|
+
# endfix
|
|
140
|
+
|
|
141
|
+
with service(output=output):
|
|
142
|
+
investigations_results = federated_call(
|
|
143
|
+
service=service,
|
|
144
|
+
arguments=InvestigationsV2Arguments(
|
|
145
|
+
page=page,
|
|
146
|
+
per_page=per_page,
|
|
147
|
+
cql=query,
|
|
148
|
+
),
|
|
149
|
+
)
|
|
150
|
+
|
|
151
|
+
results.append(investigations_results)
|
|
152
|
+
|
|
153
|
+
# fix for CX-99036
|
|
154
|
+
if not limit or investigations_results.total_count < limit:
|
|
155
|
+
limit = investigations_results.total_count
|
|
156
|
+
# endfix
|
|
157
|
+
|
|
158
|
+
while (
|
|
159
|
+
sum_results := sum(len(result.investigations) for result in results)
|
|
160
|
+
) < limit:
|
|
161
|
+
page += 1
|
|
162
|
+
|
|
163
|
+
# fix for CX-99036
|
|
164
|
+
if (per_page * page) > limit:
|
|
165
|
+
per_page = limit - sum_results
|
|
166
|
+
# endfix
|
|
167
|
+
|
|
168
|
+
with service(output=output):
|
|
169
|
+
investigations_results = federated_call(
|
|
170
|
+
service=service,
|
|
171
|
+
arguments=InvestigationsV2Arguments(
|
|
172
|
+
page=page,
|
|
173
|
+
per_page=per_page,
|
|
174
|
+
cql=query,
|
|
175
|
+
),
|
|
176
|
+
)
|
|
177
|
+
results.append(investigations_results)
|
|
178
|
+
|
|
179
|
+
return results
|
|
@@ -0,0 +1,98 @@
|
|
|
1
|
+
"""Taegis Commons Cases implementations."""
|
|
2
|
+
|
|
3
|
+
import logging
|
|
4
|
+
import re
|
|
5
|
+
from typing import List
|
|
6
|
+
|
|
7
|
+
from taegis_sdk_python import GraphQLService, build_output_string
|
|
8
|
+
from taegis_sdk_python.services.investigations2.types import (
|
|
9
|
+
InvestigationsV2,
|
|
10
|
+
InvestigationsV2Arguments,
|
|
11
|
+
)
|
|
12
|
+
from taegis_sdk_python.utils import remove_output_node
|
|
13
|
+
|
|
14
|
+
log = logging.getLogger(__name__)
|
|
15
|
+
|
|
16
|
+
|
|
17
|
+
def cases_search(
|
|
18
|
+
service: GraphQLService,
|
|
19
|
+
query: str,
|
|
20
|
+
*,
|
|
21
|
+
limit: int = 10000,
|
|
22
|
+
) -> List[InvestigationsV2]:
|
|
23
|
+
"""Taegis Cases search."""
|
|
24
|
+
|
|
25
|
+
page = 1
|
|
26
|
+
per_page = 100
|
|
27
|
+
|
|
28
|
+
results = []
|
|
29
|
+
|
|
30
|
+
# fix for CX-99036
|
|
31
|
+
pattern = r"\|\s*(head|tail)\s*([0-9]+)"
|
|
32
|
+
match = re.search(pattern, query)
|
|
33
|
+
|
|
34
|
+
if not limit:
|
|
35
|
+
if match and match.group(1) == "tail": # pragma: no cover
|
|
36
|
+
log.warning(
|
|
37
|
+
"tail is not currently supported, it will be used as the limit..."
|
|
38
|
+
)
|
|
39
|
+
|
|
40
|
+
if match:
|
|
41
|
+
limit = int(match.group(2))
|
|
42
|
+
elif match: # pragma: no cover
|
|
43
|
+
log.warning(
|
|
44
|
+
f"limit and {match.group(1)} both provided, only limit will be honored..."
|
|
45
|
+
)
|
|
46
|
+
|
|
47
|
+
query = re.sub(pattern, "", query)
|
|
48
|
+
|
|
49
|
+
if limit and limit < per_page:
|
|
50
|
+
per_page = limit
|
|
51
|
+
# endfix
|
|
52
|
+
|
|
53
|
+
# fix for CX-103490
|
|
54
|
+
output = build_output_string(InvestigationsV2)
|
|
55
|
+
|
|
56
|
+
output = remove_output_node(output, "metric")
|
|
57
|
+
output = remove_output_node(output, "metrics")
|
|
58
|
+
# endfix
|
|
59
|
+
|
|
60
|
+
with service(output=output):
|
|
61
|
+
investigations_results = service.investigations2.query.investigations_v2(
|
|
62
|
+
service=service,
|
|
63
|
+
arguments=InvestigationsV2Arguments(
|
|
64
|
+
page=page,
|
|
65
|
+
per_page=per_page,
|
|
66
|
+
cql=query,
|
|
67
|
+
),
|
|
68
|
+
)
|
|
69
|
+
|
|
70
|
+
results.append(investigations_results)
|
|
71
|
+
|
|
72
|
+
# fix for CX-99036
|
|
73
|
+
if not limit or investigations_results.total_count < limit:
|
|
74
|
+
limit = investigations_results.total_count
|
|
75
|
+
# endfix
|
|
76
|
+
|
|
77
|
+
while (
|
|
78
|
+
sum_results := sum(len(result.investigations) for result in results)
|
|
79
|
+
) < limit:
|
|
80
|
+
page += 1
|
|
81
|
+
|
|
82
|
+
# fix for CX-99036
|
|
83
|
+
if (per_page * page) > limit:
|
|
84
|
+
per_page = limit - sum_results
|
|
85
|
+
# endfix
|
|
86
|
+
|
|
87
|
+
with service(output=output):
|
|
88
|
+
investigations_results = service.investigations2.query.investigations_v2(
|
|
89
|
+
service=service,
|
|
90
|
+
arguments=InvestigationsV2Arguments(
|
|
91
|
+
page=page,
|
|
92
|
+
per_page=per_page,
|
|
93
|
+
cql=query,
|
|
94
|
+
),
|
|
95
|
+
)
|
|
96
|
+
results.append(investigations_results)
|
|
97
|
+
|
|
98
|
+
return results
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
"""Taegis Common Events Service Implementations."""
|
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
"""Taegis Commons Events search implementations."""
|
|
2
|
+
|
|
3
|
+
import logging
|
|
4
|
+
from typing import List, Optional
|
|
5
|
+
|
|
6
|
+
from taegis_sdk_python import GraphQLService
|
|
7
|
+
from taegis_sdk_python.services.events.types import EventQueryOptions, EventQueryResults
|
|
8
|
+
|
|
9
|
+
log = logging.getLogger(__name__)
|
|
10
|
+
|
|
11
|
+
|
|
12
|
+
def get_next_page(events_results: List[EventQueryResults]) -> Optional[str]:
|
|
13
|
+
"""Retrieve events next page indicator."""
|
|
14
|
+
try:
|
|
15
|
+
# the next page could be found in any of the result pages,
|
|
16
|
+
# but we cannot garuntee which result it will be found in
|
|
17
|
+
return next(
|
|
18
|
+
iter({result.next for result in events_results if result.next is not None})
|
|
19
|
+
)
|
|
20
|
+
except StopIteration:
|
|
21
|
+
return None
|
|
22
|
+
|
|
23
|
+
|
|
24
|
+
def events_search(
|
|
25
|
+
service: GraphQLService,
|
|
26
|
+
query: str,
|
|
27
|
+
*,
|
|
28
|
+
options: Optional[EventQueryOptions] = None,
|
|
29
|
+
caller_name: str = "Taegis SDK Commons",
|
|
30
|
+
) -> List[EventQueryResults]:
|
|
31
|
+
"""Taegis Events search."""
|
|
32
|
+
if not options:
|
|
33
|
+
options = EventQueryOptions(
|
|
34
|
+
timestamp_ascending=True,
|
|
35
|
+
page_size=1000,
|
|
36
|
+
max_rows=100000,
|
|
37
|
+
aggregation_off=False,
|
|
38
|
+
)
|
|
39
|
+
|
|
40
|
+
results = []
|
|
41
|
+
|
|
42
|
+
result = service.events.subscription.event_query(
|
|
43
|
+
query=query,
|
|
44
|
+
options=options,
|
|
45
|
+
metadata={"callerName": caller_name},
|
|
46
|
+
)
|
|
47
|
+
results.append(result)
|
|
48
|
+
next_page = get_next_page(result)
|
|
49
|
+
|
|
50
|
+
while next_page:
|
|
51
|
+
result = service.events.subscription.event_page(next_page)
|
|
52
|
+
results.append(result)
|
|
53
|
+
next_page = get_next_page(result)
|
|
54
|
+
|
|
55
|
+
return results
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
"""Taegis Common Investigations Service Implementations."""
|