Source code for api.sampledb.v1.sample

"""Autogenerated API"""
import requests
from argus_cli.plugin import register_command


[docs]@register_command(extending=('sampledb','v1','sample')) def submit(customer: str = None, tlp: str = None, data: str = None, clientName: str = None, fileName: str = None, enableSandboxAnalysis: bool = 'True', enableAntivirusScan: bool = 'True', allowSandboxInternetAccess: bool = 'False',json: bool = True, verify: bool = True, apiKey: str = "", authentication: dict = {}) -> dict: """Submit a sample for analysis (DEV) :param str customer: Customer ID or short name of the customer to register this sample to. :param str tlp: TLP level of the sample. :param str data: The sample data. :param str clientName: Name of client application. => [\s\w\{\}\$\-\(\)\.\[\]"\'_/\\,\*\+\#:@!?;]* :param str fileName: Name of submitted file. => Sanitize by regex [a-zA-Z0-9ÅåØøÆæ_\-\. ]* :param bool enableSandboxAnalysis: Enable sandbox analysis of sample. (default true) :param bool enableAntivirusScan: Enable antivirus scan of sample. (default true) :param bool allowSandboxInternetAccess: Allow internet access to sandbox. (default false) :raises AuthenticationFailedException: on 401 :raises ValidationFailedException: on 412 :raises AccessDeniedException: on 403 :returns: {"offset": 479, "limit": 66, "responseCode": 200, "count": 1000, "metaData": {"additionalProperties": {}}, "messages": [{"message": "Pass Mr instead seem generation century.", "messageTemplate": "Daughter never idea begin.", "field": "Four more case plant.", "parameter": {}, "timestamp": 1054603413}], "currentPage": 750, "size": 384} """ from requests import post from argus_api.exceptions import http url = "https://osl-argus-trunk-web1.mnemonic.no/web/api/sampledb/v1/sample".format() headers = { 'Content-Type': 'application/json', 'User-Agent': 'ArgusToolbelt/1.0' } if apiKey: headers["Argus-API-Key"] = apiKey elif authentication and isinstance(authentication, dict): headers.update(authentication) elif callable(authentication): headers.update(authentication(url)) body = {} if enableSandboxAnalysis: body.update({"enableSandboxAnalysis": enableSandboxAnalysis}) if enableAntivirusScan: body.update({"enableAntivirusScan": enableAntivirusScan}) if customer: body.update({"customer": customer}) if tlp: body.update({"tlp": tlp}) if data: body.update({"data": data}) if allowSandboxInternetAccess: body.update({"allowSandboxInternetAccess": allowSandboxInternetAccess}) if clientName: body.update({"clientName": clientName}) if fileName: body.update({"fileName": fileName}) response = post(url, json=body if body else None, verify=verify, headers=headers) errors = [] if response.status_code == 401: raise http.AuthenticationFailedException(response) elif response.status_code == 403: raise http.AccessDeniedException(response) elif response.status_code == 412: raise http.ValidationErrorException(response) elif response.status_code == 404: raise http.ObjectNotFoundException(response) return response.json() if json else response
[docs]@register_command(extending=('sampledb','v1','sample')) def get_evil_samples(customerID: list = None, startTimestamp: int = None, endTimestamp: int = None, tlp: list = None, limit: int = 25, offset: int = 0,json: bool = True, verify: bool = True, apiKey: str = "", authentication: dict = {}) -> dict: """Searches for evil samples. (DEV) :param list customerID: Set of customer IDs to limit samples result. :param int startTimestamp: Start of time search period for submission creation date. (default 24 hours before timestamp of request.) :param int endTimestamp: End of time search period for submission creation date. (default Timestamp of request.) :param list tlp: Set of TLPs to search for. :param int limit: Set this value to set max number of results. (default 25) :param int offset: Set this value to skip the first (offset) objects. By default, return result from first object. (default 0) :raises AuthenticationFailedException: on 401 :raises ValidationErrorException: on 412 :raises AccessDeniedException: on 403 :returns: {"offset": 127, "limit": 973, "responseCode": 200, "count": 553, "data": [{"mimeType": "Crime sport like clear.", "entropy": 12, "createdTimestamp": 87803096, "ssDeep": "Wait nothing hit drug option lose.", "size": 443, "sha256": "To career follow who lot school.", "tlp": "AMBER", "flags": ["EVIL"]}], "metaData": {"additionalProperties": {}}, "messages": [{"message": "Writer coach reach describe main.", "messageTemplate": "Sell our argue.", "field": "Leg best east physical before.", "parameter": {}, "timestamp": 14540640}], "currentPage": 451, "size": 973} """ from requests import post from argus_api.exceptions import http url = "https://osl-argus-trunk-web1.mnemonic.no/web/api/sampledb/v1/sample/search/evil".format() headers = { 'Content-Type': 'application/json', 'User-Agent': 'ArgusToolbelt/1.0' } if apiKey: headers["Argus-API-Key"] = apiKey elif authentication and isinstance(authentication, dict): headers.update(authentication) elif callable(authentication): headers.update(authentication(url)) body = {} if limit: body.update({"limit": limit}) if customerID: body.update({"customerID": customerID}) if offset: body.update({"offset": offset}) if startTimestamp: body.update({"startTimestamp": startTimestamp}) if endTimestamp: body.update({"endTimestamp": endTimestamp}) if tlp: body.update({"tlp": tlp}) response = post(url, json=body if body else None, verify=verify, headers=headers) errors = [] if response.status_code == 401: raise http.AuthenticationFailedException(response) elif response.status_code == 403: raise http.AccessDeniedException(response) elif response.status_code == 412: raise http.ValidationErrorException(response) elif response.status_code == 404: raise http.ObjectNotFoundException(response) return response.json() if json else response
[docs]@register_command(extending=('sampledb','v1','sample')) def get_sample(sha256: str,json: bool = True, verify: bool = True, apiKey: str = "", authentication: dict = {}) -> dict: """Fetch sample info identified by SHA256. (DEV) :param str sha256: SHA256 to identify sample info :raises AuthenticationFailedException: on 401 :raises ValidationErrorException: on 412 :raises AccessDeniedException: on 403 :raises ObjectNotFoundException: on 404 :returns: {"offset": 842, "limit": 410, "responseCode": 200, "count": 742, "metaData": {"additionalProperties": {}}, "messages": [{"message": "Read Republican forward wait likely simple.", "messageTemplate": "Issue nor natural market.", "field": "Worker name avoid skill decision.", "parameter": {}, "timestamp": 250804429}], "currentPage": 199, "size": 504} """ from requests import get from argus_api.exceptions import http url = "https://osl-argus-trunk-web1.mnemonic.no/web/api/sampledb/v1/sample/{sha256}".format(sha256=sha256) headers = { 'Content-Type': 'application/json', 'User-Agent': 'ArgusToolbelt/1.0' } if apiKey: headers["Argus-API-Key"] = apiKey elif authentication and isinstance(authentication, dict): headers.update(authentication) elif callable(authentication): headers.update(authentication(url)) body = {} response = get(url, json=body if body else None, verify=verify, headers=headers) errors = [] if response.status_code == 401: raise http.AuthenticationFailedException(response) elif response.status_code == 403: raise http.AccessDeniedException(response) elif response.status_code == 412: raise http.ValidationErrorException(response) elif response.status_code == 404: raise http.ObjectNotFoundException(response) return response.json() if json else response
[docs]@register_command(extending=('sampledb','v1','sample')) def get_sample_aggregated(sha256: str,json: bool = True, verify: bool = True, apiKey: str = "", authentication: dict = {}) -> dict: """Fetch sample aggregated info identified by SHA256. (DEV) :param str sha256: SHA256 to identify sample aggregated info :raises AuthenticationFailedException: on 401 :raises ValidationErrorException: on 412 :raises AccessDeniedException: on 403 :raises ObjectNotFoundException: on 404 :returns: {"offset": 793, "limit": 196, "responseCode": 200, "count": 881, "metaData": {"additionalProperties": {}}, "messages": [{"message": "Back probably require role.", "messageTemplate": "While Mrs notice individual.", "field": "Help also instead stock.", "parameter": {}, "timestamp": 1305989871}], "currentPage": 795, "size": 840} """ from requests import get from argus_api.exceptions import http url = "https://osl-argus-trunk-web1.mnemonic.no/web/api/sampledb/v1/sample/{sha256}/aggregated".format(sha256=sha256) headers = { 'Content-Type': 'application/json', 'User-Agent': 'ArgusToolbelt/1.0' } if apiKey: headers["Argus-API-Key"] = apiKey elif authentication and isinstance(authentication, dict): headers.update(authentication) elif callable(authentication): headers.update(authentication(url)) body = {} response = get(url, json=body if body else None, verify=verify, headers=headers) errors = [] if response.status_code == 401: raise http.AuthenticationFailedException(response) elif response.status_code == 403: raise http.AccessDeniedException(response) elif response.status_code == 412: raise http.ValidationErrorException(response) elif response.status_code == 404: raise http.ObjectNotFoundException(response) return response.json() if json else response
[docs]@register_command(extending=('sampledb','v1','sample')) def get_sample_children(sha256: str, customerID: list = None, offset: int = 0, limit: int = 25,json: bool = True, verify: bool = True, apiKey: str = "", authentication: dict = {}) -> dict: """Get sample children submissions with search defined by query params (DEV) :param str sha256: SHA256 to identify parent sample :param list customerID: Search by customer IDs :param int offset: Skip a number of results :param int limit: Maximum number of returned results :raises AuthenticationFailedException: on 401 :raises ValidationErrorException: on 412 :raises AccessDeniedException: on 403 :raises ObjectNotFoundException: on 404 :returns: {"offset": 693, "limit": 127, "responseCode": 200, "count": 772, "data": [{"id": 14, "sha256": "Sell compare go hold choice yeah.", "createdTimestamp": 291705619, "owner": "Purpose that several sell director stop.", "properties": {"additionalProperties": "Eight water room local employee senior population."}, "tlp": "AMBER"}], "metaData": {"additionalProperties": {}}, "messages": [{"message": "Spring star how federal something them walk.", "messageTemplate": "Major responsibility night reality wall.", "field": "Feel pass away court.", "parameter": {}, "timestamp": 170951112}], "currentPage": 188, "size": 441} """ from requests import get from argus_api.exceptions import http url = "https://osl-argus-trunk-web1.mnemonic.no/web/api/sampledb/v1/sample/{sha256}/children".format(sha256=sha256) headers = { 'Content-Type': 'application/json', 'User-Agent': 'ArgusToolbelt/1.0' } if apiKey: headers["Argus-API-Key"] = apiKey elif authentication and isinstance(authentication, dict): headers.update(authentication) elif callable(authentication): headers.update(authentication(url)) body = {} if offset: body.update({"offset": offset}) if limit: body.update({"limit": limit}) if customerID: body.update({"customerID": customerID}) response = get(url, json=body if body else None, verify=verify, headers=headers) errors = [] if response.status_code == 401: raise http.AuthenticationFailedException(response) elif response.status_code == 403: raise http.AccessDeniedException(response) elif response.status_code == 412: raise http.ValidationErrorException(response) elif response.status_code == 404: raise http.ObjectNotFoundException(response) return response.json() if json else response
[docs]@register_command(extending=('sampledb','v1','sample')) def get_sample_download(sha256: str,json: bool = True, verify: bool = True, apiKey: str = "", authentication: dict = {}) -> dict: """Fetch and download sample by SHA256 (DEV) Download sample zip file by specified SHA256 :param str sha256: SHA256 to identify sample :raises AuthenticationFailedException: on 401 :raises ValidationErrorException: on 412 :raises AccessDeniedException: on 403 :raises ObjectNotFoundException: on 404 :returns: {} """ from requests import get from argus_api.exceptions import http url = "https://osl-argus-trunk-web1.mnemonic.no/web/api/sampledb/v1/sample/{sha256}/download".format(sha256=sha256) headers = { 'Content-Type': 'application/json', 'User-Agent': 'ArgusToolbelt/1.0' } if apiKey: headers["Argus-API-Key"] = apiKey elif authentication and isinstance(authentication, dict): headers.update(authentication) elif callable(authentication): headers.update(authentication(url)) body = {} response = get(url, json=body if body else None, verify=verify, headers=headers) errors = [] if response.status_code == 401: raise http.AuthenticationFailedException(response) elif response.status_code == 403: raise http.AccessDeniedException(response) elif response.status_code == 412: raise http.ValidationErrorException(response) elif response.status_code == 404: raise http.ObjectNotFoundException(response) return response.json() if json else response
[docs]@register_command(extending=('sampledb','v1','sample')) def get_sandbox_runs(sha256: str, offset: int = 0, limit: int = 25,json: bool = True, verify: bool = True, apiKey: str = "", authentication: dict = {}) -> dict: """Fetch sandbox runs of sample which sample is identified by SHA256. (DEV) :param str sha256: SHA256 to identify sample which sandbox runs belongs to :param int offset: Skip a number of results :param int limit: Maximum number of returned results :raises AuthenticationFailedException: on 401 :raises ValidationErrorException: on 412 :raises AccessDeniedException: on 403 :raises ObjectNotFoundException: on 404 :returns: {"offset": 880, "limit": 413, "responseCode": 200, "count": 789, "data": [{"id": 892, "sha256": "General happen individual of save edge.", "runUUID": "Political standard claim rate she.", "startTimestamp": 1126577717, "endTimestamp": 1343483022, "ip": "Prove recent myself reduce develop serious.", "version": "Figure class produce occur today watch quickly maybe.", "duration": 197, "result": {}}], "metaData": {"additionalProperties": {}}, "messages": [{"message": "Tax right may meeting themselves education.", "messageTemplate": "Both decide time dinner as more.", "field": "Lay lose none thus.", "parameter": {}, "timestamp": 325810203}], "currentPage": 473, "size": 543} """ from requests import get from argus_api.exceptions import http url = "https://osl-argus-trunk-web1.mnemonic.no/web/api/sampledb/v1/sample/{sha256}/sandbox".format(sha256=sha256) headers = { 'Content-Type': 'application/json', 'User-Agent': 'ArgusToolbelt/1.0' } if apiKey: headers["Argus-API-Key"] = apiKey elif authentication and isinstance(authentication, dict): headers.update(authentication) elif callable(authentication): headers.update(authentication(url)) body = {} if offset: body.update({"offset": offset}) if limit: body.update({"limit": limit}) response = get(url, json=body if body else None, verify=verify, headers=headers) errors = [] if response.status_code == 401: raise http.AuthenticationFailedException(response) elif response.status_code == 403: raise http.AccessDeniedException(response) elif response.status_code == 412: raise http.ValidationErrorException(response) elif response.status_code == 404: raise http.ObjectNotFoundException(response) return response.json() if json else response
[docs]@register_command(extending=('sampledb','v1','sample')) def get_sandbox_pcap(sha256: str,json: bool = True, verify: bool = True, apiKey: str = "", authentication: dict = {}) -> dict: """Fetch and download sandbox pcap by sample SHA256 (DEV) Download sandbox pcap by specified sample SHA256 :param str sha256: SHA256 to identify sample which sandbox pcap belongs to :raises AuthenticationFailedException: on 401 :raises ValidationErrorException: on 412 :raises AccessDeniedException: on 403 :raises ObjectNotFoundException: on 404 :returns: {} """ from requests import get from argus_api.exceptions import http url = "https://osl-argus-trunk-web1.mnemonic.no/web/api/sampledb/v1/sample/{sha256}/sandbox/pcap".format(sha256=sha256) headers = { 'Content-Type': 'application/json', 'User-Agent': 'ArgusToolbelt/1.0' } if apiKey: headers["Argus-API-Key"] = apiKey elif authentication and isinstance(authentication, dict): headers.update(authentication) elif callable(authentication): headers.update(authentication(url)) body = {} response = get(url, json=body if body else None, verify=verify, headers=headers) errors = [] if response.status_code == 401: raise http.AuthenticationFailedException(response) elif response.status_code == 403: raise http.AccessDeniedException(response) elif response.status_code == 412: raise http.ValidationErrorException(response) elif response.status_code == 404: raise http.ObjectNotFoundException(response) return response.json() if json else response
[docs]@register_command(extending=('sampledb','v1','sample')) def get_sandbox_procgraph(sha256: str, runUUID: str,json: bool = True, verify: bool = True, apiKey: str = "", authentication: dict = {}) -> dict: """Fetch sandbox procgraph by sample SHA256 and id (DEV) Fetch sandbox procgraph by specified sample SHA256 and id :param str sha256: SHA256 to identify sample which sandbox procgraph belongs to :param str runUUID: Sandbox procgraph ID :raises AuthenticationFailedException: on 401 :raises ValidationErrorException: on 412 :raises AccessDeniedException: on 403 :raises ObjectNotFoundException: on 404 :returns: {} """ from requests import get from argus_api.exceptions import http url = "https://osl-argus-trunk-web1.mnemonic.no/web/api/sampledb/v1/sample/{sha256}/sandbox/{runUUID}/procgraph".format(sha256=sha256, runUUID=runUUID) headers = { 'Content-Type': 'application/json', 'User-Agent': 'ArgusToolbelt/1.0' } if apiKey: headers["Argus-API-Key"] = apiKey elif authentication and isinstance(authentication, dict): headers.update(authentication) elif callable(authentication): headers.update(authentication(url)) body = {} response = get(url, json=body if body else None, verify=verify, headers=headers) errors = [] if response.status_code == 401: raise http.AuthenticationFailedException(response) elif response.status_code == 403: raise http.AccessDeniedException(response) elif response.status_code == 412: raise http.ValidationErrorException(response) elif response.status_code == 404: raise http.ObjectNotFoundException(response) return response.json() if json else response
[docs]@register_command(extending=('sampledb','v1','sample')) def list_submissions_by_sample_id(sha256: str, customerID: list = None, offset: int = 0, limit: int = 25,json: bool = True, verify: bool = True, apiKey: str = "", authentication: dict = {}) -> dict: """Search for submissions with defined by query params (DEV) :param str sha256: SHA256 to identify sample submissions :param list customerID: Search by customer IDs :param int offset: Skip a number of results :param int limit: Maximum number of returned results :raises AuthenticationFailedException: on 401 :raises ValidationErrorException: on 412 :raises AccessDeniedException: on 403 :raises ObjectNotFoundException: on 404 :returns: {"offset": 429, "limit": 636, "responseCode": 200, "count": 178, "data": [{"id": 515, "sha256": "Interest worry west lawyer newspaper.", "createdTimestamp": 1324075806, "owner": "Early past really instead loss.", "properties": {"additionalProperties": "Whom appear debate throw."}, "tlp": "AMBER"}], "metaData": {"additionalProperties": {}}, "messages": [{"message": "Challenge meet remember field us affect turn certain.", "messageTemplate": "Others experience second pass need political investment.", "field": "Sell family college necessary alone similar public.", "parameter": {}, "timestamp": 1100543393}], "currentPage": 812, "size": 757} """ from requests import get from argus_api.exceptions import http url = "https://osl-argus-trunk-web1.mnemonic.no/web/api/sampledb/v1/sample/{sha256}/submission".format(sha256=sha256) headers = { 'Content-Type': 'application/json', 'User-Agent': 'ArgusToolbelt/1.0' } if apiKey: headers["Argus-API-Key"] = apiKey elif authentication and isinstance(authentication, dict): headers.update(authentication) elif callable(authentication): headers.update(authentication(url)) body = {} if offset: body.update({"offset": offset}) if limit: body.update({"limit": limit}) if customerID: body.update({"customerID": customerID}) response = get(url, json=body if body else None, verify=verify, headers=headers) errors = [] if response.status_code == 401: raise http.AuthenticationFailedException(response) elif response.status_code == 403: raise http.AccessDeniedException(response) elif response.status_code == 412: raise http.ValidationErrorException(response) elif response.status_code == 404: raise http.ObjectNotFoundException(response) return response.json() if json else response
[docs]@register_command(extending=('sampledb','v1','sample')) def get_sample_tags(sha256: str, offset: int = 0, limit: int = 25,json: bool = True, verify: bool = True, apiKey: str = "", authentication: dict = {}) -> dict: """Fetch tags of sample which sample is identified by SHA256. (DEV) :param str sha256: SHA256 to identify sample which tags belongs to :param int offset: Skip a number of results :param int limit: Maximum number of returned results :raises AuthenticationFailedException: on 401 :raises ValidationErrorException: on 412 :raises AccessDeniedException: on 403 :raises ObjectNotFoundException: on 404 :returns: {"offset": 331, "limit": 682, "responseCode": 200, "count": 925, "data": [{"id": 37, "producer": "Technology technology material capital ago serve heart girl.", "producerMeta": "Shake interest control like.", "value": "City reveal hair interest law itself movement.", "createdTimestamp": 1271986187}], "metaData": {"additionalProperties": {}}, "messages": [{"message": "Wall two camera.", "messageTemplate": "Think find father culture.", "field": "Writer each thank that position program.", "parameter": {}, "timestamp": 491713461}], "currentPage": 152, "size": 974} """ from requests import get from argus_api.exceptions import http url = "https://osl-argus-trunk-web1.mnemonic.no/web/api/sampledb/v1/sample/{sha256}/tags".format(sha256=sha256) headers = { 'Content-Type': 'application/json', 'User-Agent': 'ArgusToolbelt/1.0' } if apiKey: headers["Argus-API-Key"] = apiKey elif authentication and isinstance(authentication, dict): headers.update(authentication) elif callable(authentication): headers.update(authentication(url)) body = {} if offset: body.update({"offset": offset}) if limit: body.update({"limit": limit}) response = get(url, json=body if body else None, verify=verify, headers=headers) errors = [] if response.status_code == 401: raise http.AuthenticationFailedException(response) elif response.status_code == 403: raise http.AccessDeniedException(response) elif response.status_code == 412: raise http.ValidationErrorException(response) elif response.status_code == 404: raise http.ObjectNotFoundException(response) return response.json() if json else response