4.7.1.2. Asset API models

API model mixin for device and user assets.

class axonius_api_client.api.assets.asset_mixin.AssetMixin(auth, log_level='debug', **kwargs)

Bases: ModelMixins

API model mixin for device and user assets.

Examples

• Get count of assets: count()

• Get count of assets from a saved query: count_by_saved_query()

• Get assets: get()

• Get assets from a saved query: get_by_saved_query()

• Get the full data set for a single asset: get_by_id()

• Work with saved queries: axonius_api_client.api.assets.saved_query.SavedQuery

• Work with fields: axonius_api_client.api.assets.fields.Fields

• Work with tags: axonius_api_client.api.assets.labels.Labels

See also

This object is not usable directly, it only stores the logic that is common for working with the various asset types:

• Device assets axonius_api_client.api.assets.devices.Devices

• User assets axonius_api_client.api.assets.users.Users

Parameters:

• auth (axonius_api_client.auth.model.AuthModel) –

• log_level (typing.Union[int, str]) –

ASSET_TYPE: str = ''

classmethod asset_types()

Pass.

Return type:

typing.List[str]

classmethod asset_modules()

Pass.

Return type:

typing.List[typing.Type[axonius_api_client.api.assets.asset_mixin.AssetMixin]]

run_enforcement(eset, ids, verify_and_run=True, verified=False, verify_count=True, prompt=False, do_echo=False, refetch=False, src_query=None, src_fields=None, check_stdin=True, grabber=None)

Run an enforcement set against a manually selected list of assets.

Examples

>>> import axonius_api_client as axonapi
>>> connect_args: dict = axonapi.get_env_connect()
>>> client: axonapi.Connect = axonapi.Connect(**connect_args)
>>> apiobj: axonapi.api.assets.AssetMixin = client.devices
>>>       # or client.users or client.vulnerabilities
>>> WIZ: str = "simple os.type equals Windows"  # "query of assets to target"
>>> ESET: str = "test"  # "name or uuid of enforcement set"

Get a list of assets from a query and manually extract the IDs. We know assets are valid because we just got them, so we pass verified=True. >>> ITEMS: list[dict] = apiobj.get(wiz_entries=WIZ) >>> IDS: list[str] = list(map(lambda x: x[‘internal_axon_id’], ITEMS)) >>> RUNNER: Runner = apiobj.run_enforcement(eset=ESET, ids=IDS, verified=True) >>> print(RUNNER) Runner(

state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=None, verified=True, verify_count=True, prompt=False, grabber=None,

)

Parameters:

• eset (ENFORCEMENT) – name, uuid, or Enforcement Set object to run

• ids (t.Union[str, t.List[str]]) – Asset IDs to run Enforcement Set against, csv-like string or list of csv-like strings

• verify_and_run (bool, optional) – if false, return the Runner object to use manually. if true, run :method:`Runner.verify_and_run` before returning the Runner object

• verified (bool) – $ids already verified, just run $eset against $ids

• verify_count (bool) – Verify that the count of $query equals the count of $ids

• prompt (bool) – Prompt user for verification when applicable.

• do_echo (bool) – Echo output to console as well as log

• refetch (bool) – refetch $eset even if it is already a model

• src_query (str) – query to use to get $ids

• src_fields (list) – fields to use to get $ids

• check_stdin (bool) – error if stdin is a TTY when prompting

• grabber (typing.Optional[axonius_api_client.parsers.grabber.Grabber]) – (grabber): Grabber used to get IDs

Returns:

Runner object used to verify and run $eset

Return type:

Runner

run_enforcement_from_items(eset, items, keys=None, do_echo_grab=True, do_raise_grab=False, **kwargs)

Get Asset IDs from a list of dicts or strs and run $eset against them.

Examples

>>> import axonius_api_client as axonapi
>>> connect_args: dict = axonapi.get_env_connect()
>>> client: axonapi.Connect = axonapi.Connect(**connect_args)
>>> apiobj: axonapi.api.assets.AssetMixin = client.devices
>>>       # or client.users or client.vulnerabilities
>>> WIZ: str = "simple os.type equals Windows"  # "query of assets to target"
>>> ESET: str = "test"  # "name or uuid of enforcement set"

Get a list of assets from a query and use the grabber get the IDs. We know assets are valid because we just got them, so we pass verified=True. >>> ITEMS: list[dict] = apiobj.get(wiz_entries=WIZ) >>> RUNNER: Runner = apiobj.run_enforcement_from_items(eset=ESET, items=ITEMS, … verified=True) >>> print(RUNNER) Runner(

state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=None, verified=True, verify_count=True, prompt=False, grabber=Grabber( count_supplied=31, count_found=31, do_echo=True, do_raise=False, source=None,

)

Parameters:

• eset (ENFORCEMENT) – name, uuid, or Enforcement Set object to run

• items (t.Union[str, t.List[str], dict, t.List[dict], types.GeneratorType]) – list of strs or dicts to grab Asset IDs from

• keys (t.Union[str, t.List[str]]) – additional keys for grabber to look for Asset IDs in

• do_echo_grab (bool, optional) – Echo output of Asset ID grabber to console as well as log

• do_raise_grab (bool, optional) – Throw an error if grabber fails to find an Asset ID in any items

• **kwargs – passed to :method:`run_enforcement`

Returns:

Runner object used to verify and run $eset

Return type:

Runner

run_enforcement_from_json(eset, items, keys=None, do_echo_grab=True, do_raise_grab=False, **kwargs)

Get Asset IDs from a JSON string with a list of dicts and run $eset against them.

Examples

>>> import axonius_api_client as axonapi
>>> connect_args: dict = axonapi.get_env_connect()
>>> client: axonapi.Connect = axonapi.Connect(**connect_args)
>>> apiobj: axonapi.api.assets.AssetMixin = client.devices
>>>       # or client.users or client.vulnerabilities
>>> WIZ: str = "simple os.type equals Windows"  # "query of assets to target"
>>> ESET: str = "test"  # "name or uuid of enforcement set"

Get a list of assets from a query and export the assets to a JSON str then run an enforcement against all asset IDs from the JSON str. We know assets are valid because we just got them, so we pass verified=True. >>> import io >>> FH = io.StringIO() >>> _ = apiobj.get(wiz_entries=WIZ, export=”json”, export_fd=FH, export_fd_close=False) >>> FH.seek(0) >>> ITEMS: str = FH.getvalue() >>> RUNNER: Runner = apiobj.run_enforcement_from_json(eset=ESET, items=ITEMS, … verified=True) >>> print(RUNNER) Runner(

state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=None, verified=True, verify_count=True, prompt=False, grabber=Grabber( count_supplied=31, count_found=31, do_echo=True, do_raise=False, source=’from_json items type=str, length=15519 post_load type=list, length=31’,

), )

Get a list of assets from a query and export the assets to a JSON file then run an enforcement against all asset IDs from the JSON file. We know assets are valid because we just got them, so we pass verified=True. >>> import pathlib >>> PATH: pathlib.Path = pathlib.Path(“data.json”) >>> _ = apiobj.get(wiz_entries=WIZ, export=”json”, export_file=PATH) >>> RUNNER: Runner = apiobj.run_enforcement_from_json(eset=ESET, items=PATH, … verified=True) >>> print(RUNNER) Runner(

state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=None, verified=True, verify_count=True, prompt=False, grabber=Grabber( count_supplied=31, count_found=31, do_echo=True, do_raise=False, source=’from_json items type=PosixPath, length=None post_load type=list, length=31’,

), )

Parameters:

• eset (ENFORCEMENT) – name, uuid, or Enforcement Set object to run

• items (t.Union[str, bytes, t.IO, pathlib.Path]) – json str, handle for file containing json str, or pathlib.Path of path containing json str

• keys (t.Union[str, t.List[str]]) – additional keys for grabber to look for Asset IDs in

• do_echo_grab (bool, optional) – Echo output of Asset ID grabber to console as well as log

• do_raise_grab (bool, optional) – Throw an error if grabber fails to find an Asset ID in any items

• **kwargs – passed to :method:`run_enforcement`

Returns:

Runner object used to verify and run $eset

Return type:

Runner

run_enforcement_from_jsonl(eset, items, keys=None, do_echo_grab=True, do_raise_grab=False, **kwargs)

Get Asset IDs from a JSONL string with one dict per line and run $eset against them.

Examples

>>> import axonius_api_client as axonapi
>>> connect_args: dict = axonapi.get_env_connect()
>>> client: axonapi.Connect = axonapi.Connect(**connect_args)
>>> apiobj: axonapi.api.assets.AssetMixin = client.devices
>>>       # or client.users or client.vulnerabilities
>>> WIZ: str = "simple os.type equals Windows"  # "query of assets to target"
>>> ESET: str = "test"  # "name or uuid of enforcement set"

Get a list of assets from a query and export the assets to a JSONL str then run an enforcement against all asset IDs from the JSONL str. We know assets are valid because we just got them, so we pass verified=True. >>> import io >>> FH = io.StringIO() >>> _ = apiobj.get(wiz_entries=WIZ, export=”json”, json_flat=True, … export_fd=FH, export_fd_close=False) >>> FH.seek(0) >>> RUNNER: Runner = apiobj.run_enforcement_from_jsonl(eset=ESET, items=FH, … verified=True) >>> print(RUNNER) Runner(

state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=None, verified=True, verify_count=True, prompt=False, grabber=Grabber( count_supplied=31, count_found=31, do_echo=True, do_raise=False, source=’from_jsonl items type=StringIO, length=None post_load type=list, length=31’,

), )

Get a list of assets from a query and export the assets to a JSONL file then run an enforcement against all asset IDs from the JSONL file. We know assets are valid because we just got them, so we pass verified=True. >>> import pathlib >>> PATH = pathlib.Path(“data.jsonl”) >>> _ = apiobj.get( … wiz_entries=WIZ, export=”json”, json_flat=True, export_file=PATH, … export_overwrite=True) >>> RUNNER: Runner = apiobj.run_enforcement_from_jsonl(eset=ESET, items=PATH, … verified=True) >>> print(RUNNER) Runner(

state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=None, verified=True, verify_count=True, prompt=False, grabber=Grabber( count_supplied=31, count_found=31, do_echo=True, do_raise=False, source=’from_jsonl items type=PosixPath, length=None post_load type=list, length=31’,

), )

Parameters:

• eset (ENFORCEMENT) – name, uuid, or Enforcement Set object to run

• items (t.Union[str, bytes, t.IO, pathlib.Path]) – jsonl str, handle for file containing jsonl str, or pathlib.Path of path containing jsonl str

• keys (t.Union[str, t.List[str]]) – additional keys for grabber to look for Asset IDs in

• do_echo_grab (bool, optional) – Echo output of Asset ID grabber to console as well as log

• do_raise_grab (bool, optional) – Throw an error if grabber fails to find an Asset ID in any items

• **kwargs – passed to :method:`run_enforcement`

Returns:

Runner object used to verify and run $eset

Return type:

Runner

run_enforcement_from_csv(eset, items, keys=None, do_echo_grab=True, do_raise_grab=False, load_args=None, **kwargs)

Get Asset IDs from a CSV string and run $eset against them.

Examples

>>> import axonius_api_client as axonapi
>>> connect_args: dict = axonapi.get_env_connect()
>>> client: axonapi.Connect = axonapi.Connect(**connect_args)
>>> apiobj: axonapi.api.assets.AssetMixin = client.devices
>>>       # or client.users or client.vulnerabilities
>>> WIZ: str = "simple os.type equals Windows"  # "query of assets to target"
>>> ESET: str = "test"  # "name or uuid of enforcement set"

Get a list of assets from a query and export the assets to a JSONL str then run an enforcement against all asset IDs from the JSONL str. We can also use a CSV file exported from the GUI. We know assets are valid because we just got them, so we pass verified=True.

>>> import io
>>> FH: io.StringIO = io.StringIO()
>>> _ = apiobj.get(wiz_entries=WIZ, export="csv", export_fd=FH, export_fd_close=False)
>>> FH.seek(0)
>>> ITEMS: str = axonapi.tools.bom_strip(FH.getvalue())
>>> RUNNER: Runner = apiobj.run_enforcement_from_csv(eset=ESET, items=ITEMS,
... verified=True)
>>> print(RUNNER)
Runner(
  state='Ran Enforcement Set against 31 supplied Asset IDs',
  eset='test',
  executed=True,
  count_ids=31,
  count_result=None,
  verified=True,
  verify_count=True,
  prompt=False,
  grabber=Grabber(
  count_supplied=33,
  count_found=31,
  do_echo=True,
  do_raise=False,
  source='from_csv items type=str, length=6556 post_load type=list, length=33',
),
)

Get a list of assets from a query and export the assets to a CSV file then run an enforcement against all asset IDs from the CSV file. We can also use a CSV file exported from the GUI. We know assets are valid because we just got them, so we pass verified=True. >>> import pathlib >>> PATH: pathlib.Path = pathlib.Path(“data.csv”) >>> _ = apiobj.get(wiz_entries=WIZ, export=”csv”, export_file=PATH) >>> RUNNER: Runner = apiobj.run_enforcement_from_csv(eset=ESET, items=PATH, … verified=True) >>> print(RUNNER) Runner(

state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=None, verified=True, verify_count=True, prompt=False, grabber=Grabber( count_supplied=33, count_found=31, do_echo=True, do_raise=False, source=’from_csv items type=PosixPath, length=None post_load type=list, length=33’,

), )

Parameters:

• eset (ENFORCEMENT) – name, uuid, or Enforcement Set object to run

• items (t.Union[str, bytes, t.IO, pathlib.Path]) – csv str, handle for file containing csv str, or pathlib.Path of path containing csv str

• keys (t.Union[str, t.List[str]]) – additional keys for grabber to look for Asset IDs in

• do_echo_grab (bool, optional) – Echo output of Asset ID grabber to console as well as log

• do_raise_grab (bool, optional) – Throw an error if grabber fails to find an Asset ID in any items

• load_args (typing.Optional[dict]) – passed to pandas.read_csv()

• **kwargs – passed to :method:`run_enforcement`

Returns:

Runner object used to verify and run $eset

Return type:

Runner

run_enforcement_from_text(eset, items, keys=None, do_echo_grab=True, do_raise_grab=False, **kwargs)

Get Asset IDs from a text string and run $eset against them.

Examples

>>> import axonius_api_client as axonapi
>>> connect_args: dict = axonapi.get_env_connect()
>>> client: axonapi.Connect = axonapi.Connect(**connect_args)
>>> apiobj: axonapi.api.assets.AssetMixin = client.devices
>>>       # or client.users or client.vulnerabilities
>>> WIZ: str = "simple os.type equals Windows"  # "query of assets to target"
>>> ESET: str = "test"  # "name or uuid of enforcement set"

Get a list of assets from a query and export the assets to a text file then run an enforcement against all asset IDs from the text file. All lines will have any non-alphanumeric characters removed from them and if a 32 character alphanumeric string is found it is considered an Asset ID. We know assets are valid because we just got them, so we pass verified=True. >>> import pathlib >>> PATH: pathlib.Path = pathlib.Path(“data.txt”) >>> ITEMS: list[dict] = apiobj.get(wiz_entries=WIZ) >>> IDS: list[str] = list(map(lambda x: x[‘internal_axon_id’], ITEMS)) >>> PATH.write_text(’n’.join(IDS)) >>> RUNNER: Runner = apiobj.run_enforcement_from_text( … eset=ESET, items=PATH, verified=True) >>> print(RUNNER) Runner(

state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=None, verified=True, verify_count=True, prompt=False, grabber=Grabber( count_supplied=31, count_found=31, do_echo=True, do_raise=False, source=’from_text items type=PosixPath, length=None’,

), )

Parameters:

• eset (ENFORCEMENT) – name, uuid, or Enforcement Set object to run

• items (t.Union[str, bytes, t.IO, pathlib.Path]) – text str, handle for file containing text str, or pathlib.Path of path containing text str

• keys (t.Union[str, t.List[str]]) – n/a

• do_echo_grab (bool, optional) – Echo output of Asset ID grabber to console as well as log

• do_raise_grab (bool, optional) – Throw an error if grabber fails to find an Asset ID in any items

• **kwargs – passed to :method:`run_enforcement`

Returns:

Runner object used to verify and run $eset

Return type:

Runner

run_enforcement_from_json_path(eset, path, keys=None, do_echo_grab=True, do_raise_grab=False, **kwargs)

Get Asset IDs from a JSON file with a list of dicts and run $eset against them.

Examples

>>> import axonius_api_client as axonapi
>>> connect_args: dict = axonapi.get_env_connect()
>>> client: axonapi.Connect = axonapi.Connect(**connect_args)
>>> apiobj: axonapi.api.assets.AssetMixin = client.devices
>>>       # or client.users or client.vulnerabilities
>>> ESET: str = "test"  # "name or uuid of enforcement set"

Run an enforcement against all asset IDs from a JSON file. We are unsure if Asset IDs are still valid for this instance of Axonius, so we do not pass verified=True. >>> PATH: str = “data.json” >>> RUNNER: Runner = apiobj.run_enforcement_from_json_path(eset=ESET, path=PATH) >>> print(RUNNER) Runner(

state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=31, verified=True, verify_count=True, prompt=False, grabber=Grabber( count_supplied=31, count_found=31, do_echo=True, do_raise=False, source=’from_json_path /Users/jimbo/gh/Axonius/axonapi/data.json /

from_json items type=PosixPath, length=None post_load type=list, length=31’, ), )

Parameters:

• eset (ENFORCEMENT) – name, uuid, or Enforcement Set object to run

• path (PathLike) – str or pathlib.Path of path containing json str

• keys (t.Union[str, t.List[str]]) – additional keys for grabber to look for Asset IDs in

• do_echo_grab (bool, optional) – Echo output of Asset ID grabber to console as well as log

• do_raise_grab (bool, optional) – Throw an error if grabber fails to find an Asset ID in any items

• **kwargs – passed to :method:`run_enforcement`

Returns:

Runner object used to verify and run $eset

Return type:

Runner

run_enforcement_from_jsonl_path(eset, path, keys=None, do_echo_grab=True, do_raise_grab=False, **kwargs)

Get Asset IDs from a JSONL file with one dict per line and run $eset against them.

Examples

>>> import axonius_api_client as axonapi
>>> connect_args: dict = axonapi.get_env_connect()
>>> client: axonapi.Connect = axonapi.Connect(**connect_args)
>>> apiobj: axonapi.api.assets.AssetMixin = client.devices
>>>       # or client.users or client.vulnerabilities
>>> ESET: str = "test"  # "name or uuid of enforcement set"

Run an enforcement against all asset IDs from a JSONL file. We are unsure if Asset IDs are still valid for this instance, so we do not pass verified=True. >>> PATH: str = “data.jsonl” >>> RUNNER: Runner = apiobj.run_enforcement_from_jsonl_path(eset=ESET, path=PATH) >>> print(RUNNER) Runner(

state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=31, verified=True, verify_count=True, prompt=False, grabber=Grabber( count_supplied=31, count_found=31, do_echo=True, do_raise=False, source=’from_jsonl_path /Users/jimbo/gh/Axonius/axonapi/data.jsonl /

from_jsonl items type=PosixPath, length=None post_load type=list, length=31’, ), )

Parameters:

• eset (ENFORCEMENT) – name, uuid, or Enforcement Set object to run

• path (PathLike) – str or pathlib.Path of path containing jsonl str

• keys (t.Union[str, t.List[str]]) – additional keys for grabber to look for Asset IDs in

• do_echo_grab (bool, optional) – Echo output of Asset ID grabber to console as well as log

• do_raise_grab (bool, optional) – Throw an error if grabber fails to find an Asset ID in any items

• **kwargs – passed to :method:`run_enforcement`

Returns:

Runner object used to verify and run $eset

Return type:

Runner

run_enforcement_from_csv_path(eset, path, keys=None, do_echo_grab=True, do_raise_grab=False, **kwargs)

Get Asset IDs from a CSV file and run $eset against them.

Examples

>>> import axonius_api_client as axonapi
>>> connect_args: dict = axonapi.get_env_connect()
>>> client: axonapi.Connect = axonapi.Connect(**connect_args)
>>> apiobj: axonapi.api.assets.AssetMixin = client.devices
>>>       # or client.users or client.vulnerabilities
>>> ESET: str = "test"  # "name or uuid of enforcement set"

Run an enforcement against all asset IDs from a JSONL file. We are unsure if Asset IDs are still valid for this instance, so we do not pass verified=True. >>> PATH: str = “data.csv” >>> RUNNER: Runner = apiobj.run_enforcement_from_csv_path(eset=ESET, path=PATH) >>> print(RUNNER) Runner(

state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=31, verified=True, verify_count=True, prompt=False, grabber=Grabber( count_supplied=33, count_found=31, do_echo=True, do_raise=False, source=’from_csv_path /Users/jimbo/gh/Axonius/axonapi/data.csv /

from_csv items type=PosixPath, length=None post_load type=list, length=33’, ), )

Parameters:

• eset (ENFORCEMENT) – name, uuid, or Enforcement Set object to run

• path (PathLike) – str or pathlib.Path of path containing csv str

• keys (t.Union[str, t.List[str]]) – additional keys for grabber to look for Asset IDs in

• do_echo_grab (bool, optional) – Echo output of Asset ID grabber to console as well as log

• do_raise_grab (bool, optional) – Throw an error if grabber fails to find an Asset ID in any items

• **kwargs – passed to :method:`run_enforcement`

Returns:

Runner object used to verify and run $eset

Return type:

Runner

run_enforcement_from_text_path(eset, path, keys=None, do_echo_grab=True, do_raise_grab=False, **kwargs)

Get Asset IDs from a text file and run $eset against them.

Examples

>>> import axonius_api_client as axonapi
>>> connect_args: dict = axonapi.get_env_connect()
>>> client: axonapi.Connect = axonapi.Connect(**connect_args)
>>> apiobj: axonapi.api.assets.AssetMixin = client.devices
>>>       # or client.users or client.vulnerabilities
>>> ESET: str = "test"  # "name or uuid of enforcement set"

Run an enforcement against all asset IDs from a text file. All lines will have any non-alphanumeric characters removed from them and if a 32 character alphanumeric string is found it is considered an Asset ID. We are unsure if Asset IDs are still valid for this instance, so we do not pass verified=True. >>> PATH: str = “data.txt” >>> RUNNER: Runner = apiobj.run_enforcement_from_text_path(eset=ESET, path=PATH) >>> print(RUNNER) Runner(

state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=None, verified=True, verify_count=True, prompt=False, grabber=Grabber( count_supplied=31, count_found=31, do_echo=True, do_raise=False, source=’from_text_path /Users/jimbo/gh/Axonius/axonapi/data.txt /

from_text items type=PosixPath, length=None post_load type=generator, length=None’, ), )

Parameters:

• eset (ENFORCEMENT) – name, uuid, or Enforcement Set object to run

• path (PathLike) – str or pathlib.Path of path containing text str

• keys (t.Union[str, t.List[str]]) – n/a

• do_echo_grab (bool, optional) – Echo output of Asset ID grabber to console as well as log

• do_raise_grab (bool, optional) – Throw an error if grabber fails to find an Asset ID in any items

• **kwargs – passed to :method:`run_enforcement`

Returns:

Runner object used to verify and run $eset

Return type:

Runner

property enforcements

Work with enforcements.

count(query=None, history_date=None, history_days_ago=None, history_exact=False, wiz_entries=None, wiz_parsed=None, history_date_parsed=None, use_cache_entry=False, frontend_sent_time=None, query_id=None, saved_query_id=None, request_obj=None, http_args=None, sleep=0.5, **kwargs)

Get the count of assets from a query.

Examples

>>> import axonius_api_client as axonapi
>>> connect_args: dict = axonapi.get_env_connect()
>>> client: axonapi.Connect = axonapi.Connect(**connect_args)
>>> apiobj: axonapi.api.assets.AssetMixin = client.devices
>>>       # or client.users or client.vulnerabilities
Get count of all assets
>>> path: int = apiobj.count()
Get count of all assets for a given date
>>> path: int = apiobj.count(history_date="2020-09-29")
Get count of assets matching a query built by the GUI query wizard
>>> use_query: str = '(specific_data.data.name == "test")'
>>> path: int = apiobj.count(query=use_query)
Get count of assets matching a query built by the API client query wizard
>>> entries: str = 'simple name equals test'
>>> path: int = apiobj.count(wiz_entries=entries)
Same as above but using a list of dicts instead of a string for wiz_entries
>>> entries: t.List[dict] = [{'type': 'simple', 'path': 'name equals test'}]
>>> path: int = apiobj.count(wiz_entries=entries)

Parameters:

• query (typing.Optional[str]) – only return the count of assets that match the query

• history_date (typing.Union[str, datetime.timedelta, datetime.datetime, None]) – return asset count for a given historical date

• history_days_ago (typing.Optional[int]) – return asset count for a given historical date that is N days ago

• history_exact (bool) – if True, return the exact asset count for a given historical date if False, return the asset count for the closest historical date

• wiz_entries (typing.Union[typing.List[dict], typing.List[str], dict, str, None]) – build a query from the entries and return the count of assets that match the query

• wiz_parsed (typing.Optional[typing.List[dict]]) – previously parsed wiz_entries

• history_date_parsed (typing.Optional[str]) – previously parsed history_date

• use_cache_entry (bool) – if True, use the last query that was run to get the count

• frontend_sent_time (typing.Optional[datetime.datetime]) – time that the query was sent from the frontend

• query_id (typing.Union[str, uuid.UUID, None]) – ID to identify this query

• saved_query_id (typing.Optional[str]) – ID of saved query that count is being issued for

• request_obj (typing.Optional[axonius_api_client.api.json_api.assets.count_request.CountRequest]) – request object to use instead of building one

• http_args (typing.Optional[dict]) – args to pass to http request

• sleep (typing.Union[int, float, None]) – time to sleep between requests

• **kwargs – sent to build_count_request()

Return type:

int

count_by_saved_query(name, **kwargs)

Get the count of assets for a query defined in a saved query.

Examples

>>> import axonius_api_client as axonapi
>>> connect_args: dict = axonapi.get_env_connect()
>>> client: axonapi.Connect = axonapi.Connect(**connect_args)
>>> apiobj: axonapi.api.assets.AssetMixin = client.devices
>>>       # or client.users or client.vulnerabilities
Get count of assets returned from a saved query
>>> count: int = apiobj.count_by_saved_query(name="test")
Get count of assets returned from a saved query for a given date
>>> count: int = apiobj.count_by_saved_query(name="test", history_date="2020-09-29")

Parameters:

• name (str) – saved query to get count of assets from

• kwargs – supplied to count()

Return type:

int

get(generator=False, **kwargs)

Get assets from a query.

Examples

>>> import axonius_api_client as axonapi
>>> connect_args: dict = axonapi.get_env_connect()
>>> client: axonapi.Connect = axonapi.Connect(**connect_args)
>>> apiobj: axonapi.api.assets.AssetMixin = client.devices
>>>       # or client.users or client.vulnerabilities
Get all assets with the default fields defined in the API client
>>> assets: list[dict] = apiobj.get()
Get all assets using a generator
>>> assets: list[dict] = list(apiobj.get(generator=True))
Get all assets and include more fields
>>> fields: list[str] = ["os.type", "aws:aws_device_type"]
>>> assets: list[dict] = apiobj.get(fields=fields)
Get all assets and include fields that fuzzy match names and no default fields
>>> fields_fuzzy: list[str] = ["last", "os"]
>>> assets: list[dict] = apiobj.get(fields_fuzzy=fields_fuzzy, fields_default=False)
Get all assets and include fields that regex match names a
>>> fields_regex: list[str] = ["^os\."]
>>> assets: list[dict] = apiobj.get(fields_regex=fields_regex)
Get all assets and include all root fields for an adapter
>>> assets: list[dict] = apiobj.get(fields_root="aws")
Get all assets for a given date in history and sort the rows on a field
>>> assets: list[dict] = apiobj.get(history_date="2020-09-29", sort_field="name")
Get all assets with details of which adapter connection provided the aggregated data
>>> assets: list[dict] = apiobj.get(include_details=True)
Get assets matching a query built by the GUI query wizard
>>> query: str ='(specific_data.data.name == "test")'
>>> assets: list[dict] = apiobj.get(query=query)
Get assets matching a query built by the API client query wizard
>>> wiz_entries: list[dict] = [{'type': 'simple', 'path': 'name equals test'}]
>>> assets: list[dict] = apiobj.get(wiz_entries=wiz_entries)

See also

This method is used by all other get* methods under the hood and their kwargs are passed through to this method and passed to get_generator() which are then passed to whatever callback is used based on the export argument.

If export is not supplied, see axonius_api_client.api.asset_callbacks.base.Base.args_map().

If export equals json, see axonius_api_client.api.asset_callbacks.base_json.Json.args_map().

If export equals csv, see axonius_api_client.api.asset_callbacks.base_csv.Csv.args_map().

If export equals json_to_csv, see axonius_api_client.api.asset_callbacks.base_json_to_csv.JsonToCsv.args_map().

If export equals table, see axonius_api_client.api.asset_callbacks.base_table.Table.args_map().

If export equals xlsx, see axonius_api_client.api.asset_callbacks.base_xlsx.Xlsx.args_map().

axonius_api_client.constants.asset_helpers.ASSET_HELPERS for a list of helpers that translate between GUI titles, API request attributes, and saved query paths.

Parameters:

• generator (bool) – return an iterator for assets that will yield rows as they are fetched

• **kwargs – passed to get_generator()

Return type:

typing.Union[typing.Generator[dict, None, None], typing.List[dict]]

get_generator(query=None, fields=None, fields_manual=None, fields_regex=None, fields_regex_root_only=True, fields_fuzzy=None, fields_default=True, fields_root=None, fields_error=True, max_rows=None, max_pages=None, row_start=0, page_size=2000, page_start=0, page_sleep=0, export='base', sort_field=None, sort_descending=False, history_date=None, history_days_ago=None, history_exact=False, wiz_entries=None, wiz_parsed=None, file_date=None, sort_field_parsed=None, search=None, history_date_parsed=None, field_filters=None, excluded_adapters=None, asset_excluded_adapters=None, asset_filters=None, expressions=None, fields_parsed=None, include_details=False, include_notes=False, use_cursor=True, cursor_id=None, saved_query_id=None, query_id=None, is_refresh=False, null_for_non_exist=False, source_component=None, frontend_sent_time=None, filter_out_non_existing_fields=True, complex_fields_preview_limit=None, max_field_items=None, initial_count=None, request_obj=None, export_templates=None, http_args=None, return_plain_data=None, **kwargs)

Get assets from a query.

See also

If export is not supplied, see axonius_api_client.api.asset_callbacks.base.Base.args_map().

If export equals json, see axonius_api_client.api.asset_callbacks.base_json.Json.args_map().

If export equals csv, see axonius_api_client.api.asset_callbacks.base_csv.Csv.args_map().

If export equals json_to_csv, see axonius_api_client.api.asset_callbacks.base_json_to_csv.JsonToCsv.args_map().

If export equals table, see axonius_api_client.api.asset_callbacks.base_table.Table.args_map().

If export equals xlsx, see axonius_api_client.api.asset_callbacks.base_xlsx.Xlsx.args_map().

axonius_api_client.constants.asset_helpers.ASSET_HELPERS for a list of helpers that translate between GUI titles, API request attributes, and saved query paths.

Parameters:

• query (typing.Optional[str]) – if supplied, only get the assets that match the query

• fields (typing.Union[str, typing.List[str], None]) – fields to return for each asset (will be validated)

• fields_manual (typing.Union[str, typing.List[str], None]) – fields to return for each asset (will NOT be validated)

• fields_regex (typing.Union[str, typing.List[str], None]) – regex of fields to return for each asset

• fields_regex_root_only (bool) – only match fields_regex values against root fields

• fields_fuzzy (typing.Union[str, typing.List[str], None]) – string to fuzzy match of fields to return for each asset

• fields_default (bool) – include the default fields in fields_default

• fields_root (typing.Optional[str]) – include all fields of an adapter that are not complex sub-fields

• fields_error (bool) – throw validation errors on supplied fields

• fields_parsed (typing.Union[dict, typing.List[str], None]) – previously parsed fields

• max_rows (typing.Optional[int]) – only return N rows

• max_pages (typing.Optional[int]) – only return N pages

• row_start (int) – start at row N

• page_size (int) – fetch N rows per page

• page_start (int) – start at page N

• page_sleep (int) – sleep for N seconds between each page fetch

• export (str) – export assets using a callback method

• include_notes (bool) – include any defined notes for each adapter

• include_details (bool) – include details fields showing the adapter source of agg values

• saved_query_id (typing.Optional[str]) – ID of saved query this fetch is associated with

• expressions (typing.Optional[typing.List[dict]]) – expressions used by query wizard to create query

• sort_field (typing.Optional[str]) – sort the returned assets on a given field

• sort_descending (bool) – reverse the sort of the returned assets

• history_date (typing.Union[str, datetime.timedelta, datetime.datetime, None]) – return assets for a given historical date

• history_days_ago (typing.Optional[int]) – return assets for a history date N days ago

• history_exact (bool) – Use the closest match for history_date and history_days_ago

• wiz_entries (typing.Union[typing.List[dict], typing.List[str], dict, str, None]) – wizard expressions to create query from

• file_date (typing.Optional[str]) – string to use in filename templates for {DATE}

• wiz_parsed (typing.Optional[dict]) – parsed output from a query wizard

• sort_field_parsed (typing.Optional[str]) – previously parsed sort field

• history_date_parsed (typing.Optional[str]) – previously parsed history date

• initial_count (typing.Optional[int]) – previously fetched initial count

• search (typing.Optional[str]) – search string to use for this query

• use_cursor (bool) – use cursor based pagination

• field_filters (typing.Optional[typing.List[dict]]) – field filters to apply to this query

• excluded_adapters (typing.Optional[typing.List[dict]]) – adapters to exclude from this query

• asset_excluded_adapters (typing.Optional[typing.List[dict]]) – adapters to exclude from this query

• asset_filters (typing.Optional[typing.List[dict]]) – asset filters to apply to this query

• cursor_id (typing.Optional[str]) – cursor ID to use for this query

• query_id (typing.Union[str, uuid.UUID, None]) – query ID to use for this query

• is_refresh (bool) – is this a refresh query

• null_for_non_exist (bool) – return null for non existent fields

• source_component (typing.Optional[str]) – source component to use for this query

• export_templates (typing.Optional[dict]) – filename template replacement mappings

• filter_out_non_existing_fields (bool) – filter out fields that do not exist

• complex_fields_preview_limit (typing.Optional[int]) – limit the number of complex fields to preview

• max_field_items (typing.Optional[int]) – max number of items to return for a field

• frontend_sent_time (typing.Optional[datetime.datetime]) – frontend sent time to use for this query

• http_args (typing.Optional[dict]) – http args to pass to axonius_api_client.http.Http.__call__() for each page fetched

• request_obj (typing.Optional[axonius_api_client.api.json_api.assets.asset_request.AssetRequest]) – request object to use for this query

• **kwargs – passed thru to the asset callback defined in export

• return_plain_data (typing.Optional[bool]) –

Return type:

typing.Generator[dict, None, None]

get_by_saved_query(name, include_fields=True, include_excluded_adapters=True, include_asset_excluded_adapters=True, include_field_filters=True, include_asset_filters=True, **kwargs)

Get assets that would be returned by a saved query.

Examples

First, create a client using axonius_api_client.connect.Connect and assume apiobj is client.devices or client.users >>> import axonius_api_client as axonapi >>> connect_args: dict = axonapi.get_env_connect() >>> client: axonapi.Connect = axonapi.Connect(**connect_args) >>> apiobj: axonapi.api.assets.AssetMixin = client.devices >>> # or client.users or client.vulnerabilities

Get assets from a saved query with complex fields flattened >>> assets: t.List[dict] = apiobj.get_by_saved_query(name=”test”, field_flatten=True)

See also

axonius_api_client.constants.asset_helpers.ASSET_HELPERS for a list of helpers that translate between GUI titles, API request attributes, and saved query paths.

Parameters:

• name (str) – name of saved query to get assets from

• include_fields (bool) – include fields from saved query

• include_excluded_adapters (bool) – include column filters for excluded adapters from saved query

• include_asset_excluded_adapters (bool) – include column filters for asset excluded adapters from saved query

• include_field_filters (bool) – include column filters for field filters from saved query

• include_asset_filters (bool) – include column filters for asset filters from saved query

• **kwargs – passed to get()

Return type:

typing.Union[typing.Generator[dict, None, None], typing.List[dict]]

get_wiz_entries(wiz_entries=None)

Build a query and expressions.

Examples

>>> import axonius_api_client as axonapi
>>> connect_args: dict = axonapi.get_env_connect()
>>> client: axonapi.Connect = axonapi.Connect(**connect_args)
>>> apiobj: axonapi.api.assets.AssetMixin = client.devices
>>>       # or client.users or client.vulnerabilities

None is returned if no wiz_entries are passed >>> items = None >>> parsed = apiobj.get_wiz_entries(wiz_entries=items) >>> print(parsed) None

A string or list of strings will be parsed into a query and expressions: >>> items = “simple hostname contains test” >>> parsed = apiobj.get_wiz_entries(wiz_entries=items) >>> client.jdump(parsed)

{

“expressions”: [

{

“bracketWeight”: 0, “children”: [

{

“condition”: “”, “expression”: {

“compOp”: “”, “field”: “”, “filteredAdapters”: null, “value”: null

}, “i”: 0

}

], “compOp”: “contains”, “field”: “specific_data.data.hostname”, “fieldType”: “axonius”, “filter”: “(“specific_data.data.hostname” == regex(“test”, “i”))”, “filteredAdapters”: null, “leftBracket”: false, “logicOp”: “”, “not”: false, “rightBracket”: false, “value”: “test”

}

], “query”: “(“specific_data.data.hostname” == regex(“test”, “i”))”

}

A dict or list of dicts will be parsed into a query and expressions >>> items = {“type”: “simple”, “value”: “hostname contains test”} >>> parsed = client.devices.get_wiz_entries(items) >>> # same output as above

Parameters:

wiz_entries (typing.Union[typing.List[dict], typing.List[str], dict, str, None]) – list of dicts or list of strings or single dict or single string

Return type:

typing.Optional[dict]

get_sort_field(field=None, descending=False, validate=True)

Build the parsed sort field based off of field and descending.

Parameters:

• field (typing.Optional[str]) – field to sort by

• descending (bool) – if True, sort descending

• validate (bool) – if True, validate field name

Return type:

typing.Optional[str]

Returns:

field (prefixed with - if descending), None if field is None

get_history_date(date=None, days_ago=None, exact=False)

Get a history date.

Parameters:

• date (typing.Union[str, datetime.timedelta, datetime.datetime, None]) – date to get

• days_ago (typing.Optional[int]) – days ago to get

• exact (bool) – if True, do not round to the nearest day

Return type:

typing.Optional[str]

Returns:

date in YYYY-MM-DD format or None

get_by_id(id)

Get the full data set of all adapters for a single asset.

Examples

>>> import axonius_api_client as axonapi
>>> connect_args: dict = axonapi.get_env_connect()
>>> client: axonapi.Connect = axonapi.Connect(**connect_args)
>>> apiobj: axonapi.api.assets.AssetMixin = client.devices
>>>       # or client.users or client.vulnerabilities
>>> assets: list[dict] = apiobj.get(max_rows=1)
>>> asset_id: str = assets[0]["internal_axon_id"]
>>> asset: dict = apiobj.get_by_id(id=as)

Parameters:

id (str) – internal_axon_id of asset to get all data set for

Raises:

NotFoundError – if id is not found

Return type:

dict

property fields_default: List[dict]

Fields to use by default for getting assets.

destroy(destroy, history)

Delete ALL assets.

Notes

Enable the Enable API destroy endpoints setting under Settings > Global Settings > API Settings > Enable advanced API settings for this method to function.

Parameters:

• destroy (bool) – Must be true in order to actually perform the delete

• history (bool) – Also delete all historical information

Return type:

dict

get_by_values(values, field, not_flag=False, pre='', post='', field_manual=False, **kwargs)

Build a query to get assets where field in values.

Notes

It is better to use wizard, wizard_text, or wizard_csv to build queries!

Parameters:

• values (typing.List[str]) – list of values that must match field

• field (str) – name of field to query against

• not_flag (bool) – prefix query with ‘not’

• pre (str) – query to add to the beginning of the query

• post (str) – query to add to the end of the query

• field_manual (bool) – consider supplied field as a fully qualified field name

• **kwargs – passed to get()

Return type:

typing.Union[typing.Generator[dict, None, None], typing.List[dict]]

get_by_value_regex(value, field, cast_insensitive=True, not_flag=False, pre='', post='', field_manual=False, **kwargs)

Build a query to get assets where field regex matches a value.

Notes

It is better to use wizard, wizard_text, or wizard_csv to build queries!

Parameters:

• value (str) – regex that must match field

• field (str) – name of field to query against

• cast_insensitive (bool) – ignore case when performing the regex match

• not_flag (bool) – prefix query with ‘not’

• pre (str) – query to add to the beginning of the query

• post (str) – query to add to the end of the query

• field_manual (bool) – consider supplied field as a fully qualified field name

• **kwargs – passed to get()

Return type:

typing.Union[typing.Generator[dict, None, None], typing.List[dict]]

get_by_value(value, field, not_flag=False, pre='', post='', field_manual=False, **kwargs)

Build a query to get assets where field equals a value.

Notes

It is better to use wizard, wizard_text, or wizard_csv to build queries!

Parameters:

• value (str) – value that must equal field

• field (str) – name of field to query against

• not_flag (bool) – prefix query with ‘not’

• pre (str) – query to add to the beginning of the query

• post (str) – query to add to the end of the query

• field_manual (bool) – consider supplied field as a fully qualified field name

• **kwargs – passed to get()

Return type:

typing.Union[typing.Generator[dict, None, None], typing.List[dict]]

history_dates_obj()

Pass.

Return type:

axonius_api_client.api.json_api.assets.history_dates_human.AssetTypeHistoryDates

history_dates()

Get all known historical dates.

Return type:

dict

_build_query(inner, not_flag=False, pre='', post='')

Query builder with basic functionality.

Notes

It is better to use wizard, wizard_text, or wizard_csv to build queries!

Parameters:

• inner (str) – inner query portion to wrap in parens and prefix with not

• not_flag (bool) – prefix query with ‘not’

• pre (str) – query to add to the beginning of the query

• post (str) – query to add to the end of the query

Return type:

str

static build_get_request(request_obj=None, offset=0, limit=2000, remove_unknown_arguments=True, warn_unknown_arguments=True, **kwargs)

Build a request object for a get assets request.

Parameters:

• request_obj (typing.Optional[axonius_api_client.api.json_api.assets.asset_request.AssetRequest]) – request object to use

• offset (typing.Optional[int]) – offset to start at

• limit (typing.Optional[int]) – number of assets to return

• remove_unknown_arguments (bool) – remove unknown arguments from kwargs

• warn_unknown_arguments (bool) – warn about unknown arguments

• **kwargs – passed to load_request()

Return type:

axonius_api_client.api.json_api.assets.asset_request.AssetRequest

static build_count_request(request_obj=None, remove_unknown_arguments=True, warn_unknown_arguments=True, **kwargs)

Build a request object for a get asset count request.

Parameters:

• request_obj (typing.Optional[axonius_api_client.api.json_api.assets.count_request.CountRequest]) – request object to use

• remove_unknown_arguments (bool) – remove unknown arguments from kwargs

• warn_unknown_arguments (bool) – warn about unknown arguments

• **kwargs – passed to load_request()

Return type:

axonius_api_client.api.json_api.assets.count_request.CountRequest

property data_scopes

Work with data scopes.

_init(**kwargs)

Post init method for subclasses to use for extra setup.

_get(request_obj=None, offset=0, limit=2000, http_args=None, **kwargs)

Private API method to get a page of assets using a request object.

Parameters:

• request_obj (typing.Optional[axonius_api_client.api.json_api.assets.asset_request.AssetRequest]) – request object to use

• offset (typing.Optional[int]) – offset to start at

• limit (typing.Optional[int]) – number of assets to return

• http_args (typing.Optional[dict]) – arguments to pass to requests.Session.request()

• **kwargs – passed to build_get_request()

Return type:

axonius_api_client.api.json_api.assets.asset_response.AssetsPage

_count(request_obj=None, http_args=None, **kwargs)

Direct API method to get the count of assets using a request object.

Parameters:

• request_obj (typing.Optional[axonius_api_client.api.json_api.assets.count_request.CountRequest]) – request object to use

• http_args (typing.Optional[dict]) – Arguments to pass to the HTTP request

• kwargs – Arguments to pass to build_count_request()

Return type:

axonius_api_client.api.json_api.assets.count_response.Count

_get_by_id(id)

Private API method to get the full metadata of all adapters for a single asset.

Parameters:

id (str) – asset to get all metadata for

Return type:

axonius_api_client.api.json_api.assets.asset_id_response.AssetById

_destroy(destroy, history)

Private API method to destroy ALL assets.

Parameters:

• destroy (bool) – Must be true in order to actually perform the delete

• history (bool) – Also delete all historical information

Return type:

dict

_history_dates()

Private API method to get all known historical dates.

Return type:

axonius_api_client.api.json_api.assets.history_dates_response.HistoryDates

_run_enforcement(name, ids, include=True, fields=None, query='')

Run an enforcement set manually against a list of assets internal_axon_ids.

Parameters:

• name (str) – Name of enforcement set to execute

• ids (t.List[str]) – internal_axon_id’s of assets to run enforcement set against

• include (bool, optional) – select IDs in DB or IDs NOT in DB

• fields (t.Optional[t.List[str]], optional) – list of fields used to select assets

• query (str, optional) – filter used to select assets

Returns:

Empty response

Return type:

TYPE

FIELD_TAGS: str = 'labels'

Field name for getting tabs (labels).

FIELD_AXON_ID: str = 'internal_axon_id'

Field name for asset unique ID.

FIELD_ADAPTERS: str = 'adapters'

Field name for list of adapters on an asset.

FIELD_ADAPTER_LEN: str = 'adapter_list_length'

Field name for count of adapters on an asset.

FIELD_LAST_SEEN: str = 'specific_data.data.last_seen'

Field name for last time an adapter saw the asset.

FIELD_MAIN: str = 'internal_axon_id'

Field name of the main identifier.

FIELD_SIMPLE: str = 'internal_axon_id'

Field name of a simple field.

LOG: logging.Logger = None

Logger for this object.

__init__(auth, log_level='debug', **kwargs)

Mixins for API Models.

Parameters:

• auth (axonius_api_client.auth.model.AuthModel) – object to use for auth and sending API requests

• log_level (typing.Union[int, str]) – logging level to use for this objects logger

• **kwargs – passed to _init()

__repr__()

Show info for this model object.

Return type:

str

__str__()

Show info for this model object.

Return type:

str

_init_auth(**kwargs)

Post init method for subclasses to use for overriding auth setup.

auth: AuthModel = None

Authentication model with bound Http object to use for requests.

http: Http = None

Http object to use for requests.

FIELD_COMPLEX: str = None

Field name of a complex field.

FIELD_COMPLEX_SUB: str = None

Field name of a complex sub field.

FIELDS_API: typing.List[str] = ['internal_axon_id', 'adapters', 'labels', 'adapter_list_length']

Field names that are always returned by the REST API no matter what fields are selected

wizard: str = None

Query wizard for python objects.

Type:

axonius_api_client.api.wizards.wizard.Wizard

wizard_text: str = None

Query wizard for text files.

Type:

axonius_api_client.api.wizards.wizard_text.WizardText

wizard_csv = None

Query wizard for CSV files.

Type:

axonius_api_client.api.wizards.wizard_csv.WizardCsv