Source code for api.reputation.v1.observation

"""Autogenerated API"""
import requests
from argus_cli.plugin import register_command


[docs]@register_command(extending=('reputation','v1','observation')) def add_observations(sourceID: int = None, sourceAlias: str = None, observations: list = None, addAddresses: bool = 'True', addDomains: bool = 'True',json: bool = True, verify: bool = True, apiKey: str = "", authentication: dict = {}) -> dict: """Add reputation observations (INTERNAL) :param int sourceID: :param str sourceAlias: :param list observations: Observations :param bool addAddresses: Whether add addresses (default true) :param bool addDomains: Whether add domains (default true) :raises AuthenticationFailedException: on 401 :raises ValidationErrorException: on 412 :raises AccessDeniedException: on 403 :returns: {"newCount": 253, "continueCount": 247, "awakenCount": 667, "rejectedObservations": [{"roleAlias": "House young pattern shoulder company whole.", "firstSeen": 915, "lastSeen": 692, "observationCount": 140, "comment": "Authority budget else leave try wait.", "rejectReasons": ["Role paper assume at let."]}], "whitelistedObservations": [{"roleAlias": "Kid small last offer.", "firstSeen": 116, "lastSeen": 752, "observationCount": 235, "comment": "Analysis life house drive.", "rejectReasons": ["Again design argue color third the perhaps notice."]}]} """ from requests import post from argus_api.exceptions import http url = "https://osl-argus-trunk-web1.mnemonic.no/web/api/reputation/v1/observation".format() headers = { 'Content-Type': 'application/json', 'User-Agent': 'ArgusToolbelt/1.0' } if apiKey: headers["Argus-API-Key"] = apiKey elif authentication and isinstance(authentication, dict): headers.update(authentication) elif callable(authentication): headers.update(authentication(url)) body = {} if addAddresses: body.update({"addAddresses": addAddresses}) if addDomains: body.update({"addDomains": addDomains}) if sourceID: body.update({"sourceID": sourceID}) if sourceAlias: body.update({"sourceAlias": sourceAlias}) if observations: body.update({"observations": observations}) response = post(url, json=body if body else None, verify=verify, headers=headers) errors = [] if response.status_code == 401: raise http.AuthenticationFailedException(response) elif response.status_code == 403: raise http.AccessDeniedException(response) elif response.status_code == 412: raise http.ValidationErrorException(response) elif response.status_code == 404: raise http.ObjectNotFoundException(response) return response.json() if json else response
[docs]@register_command(extending=('reputation','v1','observation')) def delete_observations(sourceAlias: str = None, address: list = None, fqdn: list = None, sourceID: int = 0,json: bool = True, verify: bool = True, apiKey: str = "", authentication: dict = {}) -> dict: """Delete reputation observations (INTERNAL) :param str sourceAlias: Source alias :param list address: IP Addresses :param list fqdn: Domain names :param int sourceID: Source ID :raises AuthenticationFailedException: on 401 :raises ValidationErrorException: on 412 :raises AccessDeniedException: on 403 :returns: {"offset": 585, "limit": 206, "responseCode": 200, "count": 643, "data": [{"id": 239, "lastModified": 862, "sourceId": 336, "roleId": 331, "firstSeen": 530, "lastSeen": 880, "numObservations": 304, "state": 582, "comment": "Fast seem movie process foot oil about attorney."}], "metaData": {"additionalProperties": {}}, "messages": [{"message": "Trip foreign civil late increase figure mother.", "messageTemplate": "Record figure your state growth technology.", "field": "Because blood land for field.", "parameter": {}, "timestamp": 981263261}], "currentPage": 434, "size": 939} """ from requests import delete from argus_api.exceptions import http url = "https://osl-argus-trunk-web1.mnemonic.no/web/api/reputation/v1/observation".format() headers = { 'Content-Type': 'application/json', 'User-Agent': 'ArgusToolbelt/1.0' } if apiKey: headers["Argus-API-Key"] = apiKey elif authentication and isinstance(authentication, dict): headers.update(authentication) elif callable(authentication): headers.update(authentication(url)) body = {} if sourceID: body.update({"sourceID": sourceID}) if sourceAlias: body.update({"sourceAlias": sourceAlias}) if address: body.update({"address": address}) if fqdn: body.update({"fqdn": fqdn}) response = delete(url, json=body if body else None, verify=verify, headers=headers) errors = [] if response.status_code == 401: raise http.AuthenticationFailedException(response) elif response.status_code == 403: raise http.AccessDeniedException(response) elif response.status_code == 412: raise http.ValidationErrorException(response) elif response.status_code == 404: raise http.ObjectNotFoundException(response) return response.json() if json else response
[docs]@register_command(extending=('reputation','v1','observation')) def list_domain_observations(sourceID: int = None, minimumState: int = None, minimumConfidence: int = None, limit: int = 25, offset: int = 0,json: bool = True, verify: bool = True, apiKey: str = "", authentication: dict = {}) -> dict: """List domain observations (INTERNAL) :param int sourceID: Limit result to observations from specified source :param int minimumState: Limit result to observations with this state or higher :param int minimumConfidence: Limit result to observations bound to sources with at least this confidence :param int limit: Limit result :param int offset: Offset result :raises AuthenticationFailedException: on 401 :raises ValidationErrorException: on 412 :raises AccessDeniedException: on 403 :returns: {"offset": 76, "limit": 278, "responseCode": 200, "count": 718, "data": [{"id": 79, "lastModified": 845, "sourceId": 670, "roleId": 651, "firstSeen": 898, "lastSeen": 90, "numObservations": 452, "state": 121, "comment": "Mean floor almost station central tend."}], "metaData": {"additionalProperties": {}}, "messages": [{"message": "Include line man remain.", "messageTemplate": "Yourself enough large young decade fill short.", "field": "Increase paper money me.", "parameter": {}, "timestamp": 1278498021}], "currentPage": 558, "size": 574} """ from requests import get from argus_api.exceptions import http url = "https://osl-argus-trunk-web1.mnemonic.no/web/api/reputation/v1/observation/domain".format() headers = { 'Content-Type': 'application/json', 'User-Agent': 'ArgusToolbelt/1.0' } if apiKey: headers["Argus-API-Key"] = apiKey elif authentication and isinstance(authentication, dict): headers.update(authentication) elif callable(authentication): headers.update(authentication(url)) body = {} if limit: body.update({"limit": limit}) if offset: body.update({"offset": offset}) if sourceID: body.update({"sourceID": sourceID}) if minimumState: body.update({"minimumState": minimumState}) if minimumConfidence: body.update({"minimumConfidence": minimumConfidence}) response = get(url, json=body if body else None, verify=verify, headers=headers) errors = [] if response.status_code == 401: raise http.AuthenticationFailedException(response) elif response.status_code == 403: raise http.AccessDeniedException(response) elif response.status_code == 412: raise http.ValidationErrorException(response) elif response.status_code == 404: raise http.ObjectNotFoundException(response) return response.json() if json else response
[docs]@register_command(extending=('reputation','v1','observation')) def find_domain_observations(limit: int = None, offset: int = None, includeFlags: int = None, excludeFlags: int = None, subCriteria: list = None, minimumState: int = None, minimumConfidence: int = None, sourceID: list = None, startTimestamp: int = None, endTimestamp: int = None, fromDomainName: str = None, afterDomainName: str = None, domainNames: list = None, sortBy: list = None, includeDeleted: bool = 'False', exclude: bool = 'False', required: bool = 'False',json: bool = True, verify: bool = True, apiKey: str = "", authentication: dict = {}) -> dict: """List domain observations (INTERNAL) :param int limit: Set this value to set max number of results. By default, no restriction on result set size. :param int offset: Set this value to skip the first (offset) objects. By default, return result from first object. :param int includeFlags: Only include objects which have includeFlags set. :param int excludeFlags: Exclude objects which have excludeFlags set. :param list subCriteria: :param int minimumState: :param int minimumConfidence: :param list sourceID: :param int startTimestamp: :param int endTimestamp: :param str fromDomainName: :param str afterDomainName: :param list domainNames: List of Full Qualified Domain Names :param list sortBy: List of properties to sort by (prefix with "-" to sort descending). :param bool includeDeleted: Set to true to include deleted objects. By default, exclude deleted objects. :param bool exclude: Only relevant for subcriteria. If set to true, objects matching this subcriteria object will be excluded. :param bool required: Only relevant for subcriteria. If set to true, objects matching this subcriteria are required (AND-ed together with parent criteria). :raises AuthenticationFailedException: on 401 :raises ValidationErrorException: on 412 :raises AccessDeniedException: on 403 :returns: {"offset": 895, "limit": 512, "responseCode": 200, "count": 852, "data": [{"id": 772, "lastModified": 685, "sourceId": 832, "roleId": 206, "firstSeen": 512, "lastSeen": 302, "numObservations": 297, "state": 590, "comment": "Sure beat bar near size policy kind happen."}], "metaData": {"additionalProperties": {}}, "messages": [{"message": "Central station drop instead wife need for.", "messageTemplate": "Before face operation win at require little whatever.", "field": "Hold simple official find.", "parameter": {}, "timestamp": 131223832}], "currentPage": 548, "size": 641} """ from requests import post from argus_api.exceptions import http url = "https://osl-argus-trunk-web1.mnemonic.no/web/api/reputation/v1/observation/domain/search".format() headers = { 'Content-Type': 'application/json', 'User-Agent': 'ArgusToolbelt/1.0' } if apiKey: headers["Argus-API-Key"] = apiKey elif authentication and isinstance(authentication, dict): headers.update(authentication) elif callable(authentication): headers.update(authentication(url)) body = {} if limit: body.update({"limit": limit}) if offset: body.update({"offset": offset}) if includeDeleted: body.update({"includeDeleted": includeDeleted}) if includeFlags: body.update({"includeFlags": includeFlags}) if excludeFlags: body.update({"excludeFlags": excludeFlags}) if subCriteria: body.update({"subCriteria": subCriteria}) if exclude: body.update({"exclude": exclude}) if required: body.update({"required": required}) if minimumState: body.update({"minimumState": minimumState}) if minimumConfidence: body.update({"minimumConfidence": minimumConfidence}) if sourceID: body.update({"sourceID": sourceID}) if startTimestamp: body.update({"startTimestamp": startTimestamp}) if endTimestamp: body.update({"endTimestamp": endTimestamp}) if fromDomainName: body.update({"fromDomainName": fromDomainName}) if afterDomainName: body.update({"afterDomainName": afterDomainName}) if domainNames: body.update({"domainNames": domainNames}) if sortBy: body.update({"sortBy": sortBy}) response = post(url, json=body if body else None, verify=verify, headers=headers) errors = [] if response.status_code == 401: raise http.AuthenticationFailedException(response) elif response.status_code == 403: raise http.AccessDeniedException(response) elif response.status_code == 412: raise http.ValidationErrorException(response) elif response.status_code == 404: raise http.ObjectNotFoundException(response) return response.json() if json else response
[docs]@register_command(extending=('reputation','v1','observation')) def fetch_observations_for_domain(fqdn: str,json: bool = True, verify: bool = True, apiKey: str = "", authentication: dict = {}) -> dict: """Look up reputation observations for the given domain (INTERNAL) :param str fqdn: Domain to fetch observations for :raises AuthenticationFailedException: on 401 :raises ValidationErrorException: on 412 :raises AccessDeniedException: on 403 :returns: {"offset": 879, "limit": 367, "responseCode": 200, "count": 897, "data": [{"id": 303, "lastModified": 485, "sourceId": 755, "roleId": 615, "firstSeen": 884, "lastSeen": 287, "numObservations": 392, "state": 721, "comment": "Black worker physical nothing art buy."}], "metaData": {"additionalProperties": {}}, "messages": [{"message": "Gun require likely remain tonight.", "messageTemplate": "Visit reveal throughout lot need career.", "field": "Quickly play student field on senior beyond.", "parameter": {}, "timestamp": 1336478303}], "currentPage": 596, "size": 900} """ from requests import get from argus_api.exceptions import http url = "https://osl-argus-trunk-web1.mnemonic.no/web/api/reputation/v1/observation/domain/{fqdn}".format(fqdn=fqdn) headers = { 'Content-Type': 'application/json', 'User-Agent': 'ArgusToolbelt/1.0' } if apiKey: headers["Argus-API-Key"] = apiKey elif authentication and isinstance(authentication, dict): headers.update(authentication) elif callable(authentication): headers.update(authentication(url)) body = {} response = get(url, json=body if body else None, verify=verify, headers=headers) errors = [] if response.status_code == 401: raise http.AuthenticationFailedException(response) elif response.status_code == 403: raise http.AccessDeniedException(response) elif response.status_code == 412: raise http.ValidationErrorException(response) elif response.status_code == 404: raise http.ObjectNotFoundException(response) return response.json() if json else response
[docs]@register_command(extending=('reputation','v1','observation')) def list_address_observations(sourceID: int = None, minimumState: int = None, minimumConfidence: int = None, limit: int = 25, offset: int = 0,json: bool = True, verify: bool = True, apiKey: str = "", authentication: dict = {}) -> dict: """List IP observations (INTERNAL) :param int sourceID: Limit result to observations from specified source :param int minimumState: Limit result to observations with this state or higher :param int minimumConfidence: Limit result to observations bound to sources with at least this confidence :param int limit: Limit result :param int offset: Offset result :raises AuthenticationFailedException: on 401 :raises ValidationErrorException: on 412 :raises AccessDeniedException: on 403 :returns: {"offset": 241, "limit": 320, "responseCode": 200, "count": 62, "data": [{"id": 147, "lastModified": 402, "sourceId": 417, "roleId": 125, "firstSeen": 459, "lastSeen": 593, "numObservations": 586, "state": 584, "comment": "Hospital everything member total buy."}], "metaData": {"additionalProperties": {}}, "messages": [{"message": "The center soldier southern car.", "messageTemplate": "Campaign measure modern hospital building second.", "field": "Democrat data body.", "parameter": {}, "timestamp": 438939696}], "currentPage": 886, "size": 873} """ from requests import get from argus_api.exceptions import http url = "https://osl-argus-trunk-web1.mnemonic.no/web/api/reputation/v1/observation/ip".format() headers = { 'Content-Type': 'application/json', 'User-Agent': 'ArgusToolbelt/1.0' } if apiKey: headers["Argus-API-Key"] = apiKey elif authentication and isinstance(authentication, dict): headers.update(authentication) elif callable(authentication): headers.update(authentication(url)) body = {} if limit: body.update({"limit": limit}) if offset: body.update({"offset": offset}) if sourceID: body.update({"sourceID": sourceID}) if minimumState: body.update({"minimumState": minimumState}) if minimumConfidence: body.update({"minimumConfidence": minimumConfidence}) response = get(url, json=body if body else None, verify=verify, headers=headers) errors = [] if response.status_code == 401: raise http.AuthenticationFailedException(response) elif response.status_code == 403: raise http.AccessDeniedException(response) elif response.status_code == 412: raise http.ValidationErrorException(response) elif response.status_code == 404: raise http.ObjectNotFoundException(response) return response.json() if json else response
[docs]@register_command(extending=('reputation','v1','observation')) def find_address_observations(limit: int = None, offset: int = None, includeFlags: int = None, excludeFlags: int = None, subCriteria: list = None, minimumState: int = None, minimumConfidence: int = None, sourceID: list = None, startTimestamp: int = None, endTimestamp: int = None, fromAddress: str = None, afterAddress: str = None, addresses: list = None, sortBy: list = None, includeDeleted: bool = 'False', exclude: bool = 'False', required: bool = 'False',json: bool = True, verify: bool = True, apiKey: str = "", authentication: dict = {}) -> dict: """List IP observations (INTERNAL) :param int limit: Set this value to set max number of results. By default, no restriction on result set size. :param int offset: Set this value to skip the first (offset) objects. By default, return result from first object. :param int includeFlags: Only include objects which have includeFlags set. :param int excludeFlags: Exclude objects which have excludeFlags set. :param list subCriteria: :param int minimumState: :param int minimumConfidence: :param list sourceID: :param int startTimestamp: :param int endTimestamp: :param str fromAddress: :param str afterAddress: :param list addresses: List of IP addresses :param list sortBy: List of properties to sort by (prefix with "-" to sort descending). :param bool includeDeleted: Set to true to include deleted objects. By default, exclude deleted objects. :param bool exclude: Only relevant for subcriteria. If set to true, objects matching this subcriteria object will be excluded. :param bool required: Only relevant for subcriteria. If set to true, objects matching this subcriteria are required (AND-ed together with parent criteria). :raises AuthenticationFailedException: on 401 :raises ValidationErrorException: on 412 :raises AccessDeniedException: on 403 :returns: {"offset": 135, "limit": 335, "responseCode": 200, "count": 41, "data": [{"id": 600, "lastModified": 36, "sourceId": 34, "roleId": 878, "firstSeen": 587, "lastSeen": 797, "numObservations": 23, "state": 615, "comment": "Run way lead commercial central try large."}], "metaData": {"additionalProperties": {}}, "messages": [{"message": "Apply would sort occur marriage.", "messageTemplate": "Mean add dog.", "field": "News try build physical study decision.", "parameter": {}, "timestamp": 416355942}], "currentPage": 313, "size": 368} """ from requests import post from argus_api.exceptions import http url = "https://osl-argus-trunk-web1.mnemonic.no/web/api/reputation/v1/observation/ip/search".format() headers = { 'Content-Type': 'application/json', 'User-Agent': 'ArgusToolbelt/1.0' } if apiKey: headers["Argus-API-Key"] = apiKey elif authentication and isinstance(authentication, dict): headers.update(authentication) elif callable(authentication): headers.update(authentication(url)) body = {} if limit: body.update({"limit": limit}) if offset: body.update({"offset": offset}) if includeDeleted: body.update({"includeDeleted": includeDeleted}) if includeFlags: body.update({"includeFlags": includeFlags}) if excludeFlags: body.update({"excludeFlags": excludeFlags}) if subCriteria: body.update({"subCriteria": subCriteria}) if exclude: body.update({"exclude": exclude}) if required: body.update({"required": required}) if minimumState: body.update({"minimumState": minimumState}) if minimumConfidence: body.update({"minimumConfidence": minimumConfidence}) if sourceID: body.update({"sourceID": sourceID}) if startTimestamp: body.update({"startTimestamp": startTimestamp}) if endTimestamp: body.update({"endTimestamp": endTimestamp}) if fromAddress: body.update({"fromAddress": fromAddress}) if afterAddress: body.update({"afterAddress": afterAddress}) if addresses: body.update({"addresses": addresses}) if sortBy: body.update({"sortBy": sortBy}) response = post(url, json=body if body else None, verify=verify, headers=headers) errors = [] if response.status_code == 401: raise http.AuthenticationFailedException(response) elif response.status_code == 403: raise http.AccessDeniedException(response) elif response.status_code == 412: raise http.ValidationErrorException(response) elif response.status_code == 404: raise http.ObjectNotFoundException(response) return response.json() if json else response
[docs]@register_command(extending=('reputation','v1','observation')) def fetch_observations_for_i_p(ip: str,json: bool = True, verify: bool = True, apiKey: str = "", authentication: dict = {}) -> dict: """Look up reputation observations for the given IP (INTERNAL) :param str ip: IP address to fetch observations for :raises AuthenticationFailedException: on 401 :raises ValidationErrorException: on 412 :raises AccessDeniedException: on 403 :returns: {"offset": 399, "limit": 227, "responseCode": 200, "count": 166, "data": [{"id": 767, "lastModified": 36, "sourceId": 455, "roleId": 489, "firstSeen": 429, "lastSeen": 407, "numObservations": 105, "state": 981, "comment": "Remain information forward."}], "metaData": {"additionalProperties": {}}, "messages": [{"message": "Democrat man author fast must pick choice realize.", "messageTemplate": "Cause end turn sense government table important.", "field": "Cost everything send usually middle social drug involve.", "parameter": {}, "timestamp": 550317777}], "currentPage": 655, "size": 484} """ from requests import get from argus_api.exceptions import http url = "https://osl-argus-trunk-web1.mnemonic.no/web/api/reputation/v1/observation/ip/{ip}".format(ip=ip) headers = { 'Content-Type': 'application/json', 'User-Agent': 'ArgusToolbelt/1.0' } if apiKey: headers["Argus-API-Key"] = apiKey elif authentication and isinstance(authentication, dict): headers.update(authentication) elif callable(authentication): headers.update(authentication(url)) body = {} response = get(url, json=body if body else None, verify=verify, headers=headers) errors = [] if response.status_code == 401: raise http.AuthenticationFailedException(response) elif response.status_code == 403: raise http.AccessDeniedException(response) elif response.status_code == 412: raise http.ValidationErrorException(response) elif response.status_code == 404: raise http.ObjectNotFoundException(response) return response.json() if json else response