4.7.3.7. Wizards

Constants for wizards.

class axonius_api_client.constants.wizards.Templates[source]

Bases: object

Query builder templates.

LEFT: str = '({query}'

For building a query with a left parentheses

RIGHT: str = '{query})'

For building a query with a right parentheses

NOT: str = 'not {query}'

For building a query with a NOT operator

OR: str = 'or {query}'

For building a query with an OR operator

AND: str = 'and {query}'

For building a query with an AND operator

COMPLEX: str = '("{field}" == match([{sub_queries}]))'

For building a query for complex fields

SUBS: str = ' and '

Joiner for sub fields in a complex field

class axonius_api_client.constants.wizards.Results[source]

Bases: object

Keys for results returned from wizards.

EXPRS: str = 'expressions'

key containing the expressions that the GUI query wizard can understand

QUERY: str = 'query'

key containing the AQL produced by the parser

class axonius_api_client.constants.wizards.Patterns[source]

Bases: object

Regular expression patterns for validation of values in entries.

FIELD_VALID: str = re.compile('(?ix)            # case insensitive and verbose\n([^a-z0-9:._\\-]) # contains characters that are not one of: a-z 0-9 : . _ -\n', re.IGNORECASE|re.VERBOSE)

regex for validating that a field name is valid

FIELD_FIRST_ALPHA: str = re.compile('(?ix)        # case insensitive and verbose\n(^[^a-zA-Z]) # starts with characters that are not one of: a-z\n', re.IGNORECASE|re.VERBOSE)

regex for validating that a field name begins with alpha characters

OP_ALPHA: str = re.compile('(?ix)        # case insensitive and verbose\n([^a-z0-9_\\-])  # contains characters that are not one of: a-z 0-9 _ -\n', re.IGNORECASE|re.VERBOSE)

regex for validating operators

FLAGS: str = re.compile('(?ix)                   # case insensitive and verbose\n(?P<flags>[^a-z0-9]*)?  # capture optional flags at beginning\n(?P<value>.*)           # capture the rest as the value\n', re.IGNORECASE|re.VERBOSE)

regex for validating flags

FIELD: typing.List[str] = [re.compile('(?ix)            # case insensitive and verbose\n([^a-z0-9:._\\-]) # contains characters that are not one of: a-z 0-9 : . _ -\n', re.IGNORECASE|re.VERBOSE), re.compile('(?ix)        # case insensitive and verbose\n(^[^a-zA-Z]) # starts with characters that are not one of: a-z\n', re.IGNORECASE|re.VERBOSE)]

regex validators to use for fields

OP: typing.List[str] = [re.compile('(?ix)        # case insensitive and verbose\n([^a-z0-9_\\-])  # contains characters that are not one of: a-z 0-9 _ -\n', re.IGNORECASE|re.VERBOSE)]

regex validators to use for operators

class axonius_api_client.constants.wizards.Flags[source]

Bases: object

Flag values that can be used in values for entries.

NOT: str = '!'

Flag to NOT an entry

AND: str = '&'

Flag to AND an entry

OR: str = '|'

Flag to OR an entry

LEFTB: str = '('

Flag to start a parenthesis

RIGHTB: str = ')'

Flag to end a perenthesis, can also be at end of a value

FLAGS: dict = {'!': 'Use not', '&': 'Use and instead of or (default)', '(': 'Open a parentheses', ')': 'Close a parentheses (can also be at end of entry)', '|': 'Use or instead of and (overrides &)'}

valid flags and their descriptions

LFMT: str = '[& | ! ( )]'

Doc string to show the flags that can be at the beginning of a value

RFMT: str = '[)]'

Doc string to show the flags that can be at the end of a value

FMT_TEXT: str = '\n# &  Use and instead of or (default)\n# |  Use or instead of and (overrides &)\n# !  Use not\n# (  Open a parentheses\n# )  Close a parentheses (can also be at end of entry)'
FMT_CSV: str = '& Use and instead of or (default), | Use or instead of and (overrides &), ! Use not, ( Open a parentheses, ) Close a parentheses (can also be at end of entry)'
class axonius_api_client.constants.wizards.Entry[source]

Bases: object

Entry keys and split values.

SRC: str = 'source'

key of the str of where an entry came from

WEIGHT: str = 'bracket_weight'

key of the bracket weight for levels of filters within parenthesis

FLAGS: str = 'flags'

key of the flags were supplied in the value for an entry

VALUE: str = 'value'

key of the value for the entry

TYPE: str = 'type'

type of entry

REQ: typing.List[str] = ['value', 'type']

Required keys for entries

SPLIT: str = ' '

String to split on for expressions

CSPLIT: str = ' // '

String to split on for complex expressions

class axonius_api_client.constants.wizards.EntrySq[source]

Bases: object

Entry keys for saved query types.

NAME: str = 'name'

key of name of SQ

DESC: str = 'description'

key of description of SQ

TAGS: str = 'tags'

key of tags of SQ

FIELDS: str = 'fields'

key of fields for SQ

DEFAULT: str = 'default'

if found in FIELDS column, insert asset API object default fields

FDEF: str = 'fields_default'
FMAN: str = 'fields_manual'
PRIVATE: str = 'private'
ASSET_SCOPE: str = 'asset_scope'
ALWAYS_CACHED: str = 'always_cached'
PAGE_SIZE: str = 'gui_page_size'
REQ: typing.List[str] = ['value', 'type']

Required keys for saved query types

OPT_ENTRY: dict = {'always_cached': False, 'asset_scope': False, 'gui_page_size': 20, 'private': False}
OPT: dict = {'always_cached': False, 'asset_scope': False, 'description': '', 'fields': 'default', 'gui_page_size': 20, 'private': False, 'tags': ''}

Optional keys and their defaults for saved query types

BOOLS: typing.List[str] = ['private', 'asset_scope', 'always_cached']
INTS: typing.List[str] = ['gui_page_size']
class axonius_api_client.constants.wizards.Types[source]

Bases: object

Types of entries.

SIMPLE: str = 'simple'

simple entry type, similar to ‘Aggregated Data’ GUI query wizard type

COMPLEX: str = 'complex'

complex entry type, similar to ‘Complex Field’ GUI query wizard type

SAVED_QUERY: str = 'saved_query'

saved query type, used in CSV wizard

FILE: str = 'file'

file type, used in CLI wizards

LINES: str = 'lines'

lines type, used in CLI wizards

DICT: typing.List[str] = ['simple', 'complex']

valid types for the base Wizard class.

TEXT: typing.List[str] = ['simple', 'complex']

valid types for the WizardText class.

SQ: typing.List[str] = ['simple', 'complex', 'saved_query']

valid types for the WizardCsv class.

CLI: typing.List[str] = ['simple', 'complex', 'file', 'lines']

valid types for the CLI.

class axonius_api_client.constants.wizards.Docs[source]

Bases: object

Documentation strings for wizards.

SUB_OPT: str = '[ //  ...]'
OPVAL: str = 'FIELD OPERATOR VALUE'
FMT_SIMPLE: str = '[& | ! ( )] FIELD OPERATOR VALUE [)]'
FMT_COMPLEX: str = '[& | ! ( )] COMPLEX-FIELD // SUB-FIELD OPERATOR VALUE[ //  ...] [)]'
DESC_SIMPLE: str = 'Filter entry for simple fields'
DESC_COMPLEX: str = 'Filter entry for complex fields and their sub-fields'
EX_SIMPLE1: str = '( hostname contains test'
EX_SIMPLE2: str = '! hostname contains internal )'
EX_SIMPLE3: str = '( os.type equals windows'
EX_SIMPLE4: str = '| os.type equals os x )'
EX_COMPLEX1: str = 'installed_software // name contains chrome // version earlier_than 82'
EX_TEXT: str = 'simple   ( hostname contains test\nsimple   ! hostname contains internal )\nsimple   ( os.type equals windows\nsimple   | os.type equals os x )\ncomplex  installed_software // name contains chrome // version earlier_than 82\n'
EX_DICT: str = '[\n  {\n    "type": "simple",\n    "value": "( hostname contains test"\n  },\n  {\n    "type": "simple",\n    "value": "! hostname contains internal )"\n  },\n  {\n    "type": "simple",\n    "value": "( os.type equals windows"\n  },\n  {\n    "type": "simple",\n    "value": "| os.type equals os x )"\n  },\n  {\n    "type": "complex",\n    "value": "installed_software // name contains chrome // version earlier_than 82"\n  }\n]\n'
EX_FIELDS: str = 'os.distribution,os.os_str,active_directory:ad_password_last_set'
GUI_PAGE_SIZES_STR = '20 or 50 or 100 (default 20 if empty)'
OPT_BOOL = 'Optional: True or False (default False if empty)'
EX_CSV: str = '\ntype,value,description,tags,fields,asset_scope,private,always_cached,gui_page_size\n"# If type column is empty or begins with # it is ignored",,,,\n"# type of simple or complex will belong to the saved_query they are under",,,,\n"# Column descriptions for type of saved_query","Name of Saved Query","Description of Saved Query","Tags to apply to Saved Query","Columns to display in Saved Query",Optional: True or False (default False if empty),Optional: True or False (default False if empty),Optional: True or False (default False if empty),"20 or 50 or 100 (default 20 if empty)",\n"# Column descriptions for type of simple","Format -- [] represents optional items: [& | ! ( )] FIELD OPERATOR VALUE [)]","Description: Filter entry for simple fields","Only uses columns type and value",\n"# Column descriptions for type of complex","Format -- [] represents optional items: [& | ! ( )] COMPLEX-FIELD // SUB-FIELD OPERATOR VALUE[ //  ...] [)]","Description: Filter entry for complex fields and their sub-fields","Only uses columns type and value",\n"# Value Flags for type of simple or complex","& Use and instead of or (default), | Use or instead of and (overrides &), ! Use not, ( Open a parentheses, ) Close a parentheses (can also be at end of entry)",,,\n"saved_query","example 1","Filters, default fields, custom fields","example,tag1,tag2","os.distribution,os.os_str,active_directory:ad_password_last_set,default,os.build"\n"simple","( hostname contains test",,,\n"simple","! hostname contains internal )",,,\n"simple","( os.type equals windows",,,\n"simple","| os.type equals os x )",,,\n"saved_query","example 2","No filters, no default fields, custom fields","example,tag3,tag4","os.distribution,os.os_str,active_directory:ad_password_last_set"\n"saved_query","example 3","No filters, default fields, no custom fields","example,tag5,tag6",\n'
TEXT: str = '\n# Example:\nsimple   ( hostname contains test\nsimple   ! hostname contains internal )\nsimple   ( os.type equals windows\nsimple   | os.type equals os x )\ncomplex  installed_software // name contains chrome // version earlier_than 82\n\n\n# Format -- [] represents optional items:\nsimple   [& | ! ( )] FIELD OPERATOR VALUE [)]\n# Description: Filter entry for simple fields\ncomplex  [& | ! ( )] COMPLEX-FIELD // SUB-FIELD OPERATOR VALUE[ //  ...] [)]\n# Description: Filter entry for complex fields and their sub-fields\n\n# Flags:\n# &  Use and instead of or (default)\n# |  Use or instead of and (overrides &)\n# !  Use not\n# (  Open a parentheses\n# )  Close a parentheses (can also be at end of entry)\n'
DICT: str = '\n# Example:\n[\n  {\n    "type": "simple",\n    "value": "( hostname contains test"\n  },\n  {\n    "type": "simple",\n    "value": "! hostname contains internal )"\n  },\n  {\n    "type": "simple",\n    "value": "( os.type equals windows"\n  },\n  {\n    "type": "simple",\n    "value": "| os.type equals os x )"\n  },\n  {\n    "type": "complex",\n    "value": "installed_software // name contains chrome // version earlier_than 82"\n  }\n]\n\n\n# Format -- [] represents optional items:\n# "type": "simple, "value": "[& | ! ( )] FIELD OPERATOR VALUE [)]"\n# Description: "Filter entry for simple fields"\n# "type": "complex", "value": "[& | ! ( )] COMPLEX-FIELD // SUB-FIELD OPERATOR VALUE[ //  ...] [)]"\n# Description: "Filter entry for complex fields and their sub-fields"\n\n# Flags:\n# &  Use and instead of or (default)\n# |  Use or instead of and (overrides &)\n# !  Use not\n# (  Open a parentheses\n# )  Close a parentheses (can also be at end of entry)\n'
CSV: str = '\ntype,value,description,tags,fields,asset_scope,private,always_cached,gui_page_size\n"# If type column is empty or begins with # it is ignored",,,,\n"# type of simple or complex will belong to the saved_query they are under",,,,\n"# Column descriptions for type of saved_query","Name of Saved Query","Description of Saved Query","Tags to apply to Saved Query","Columns to display in Saved Query",Optional: True or False (default False if empty),Optional: True or False (default False if empty),Optional: True or False (default False if empty),"20 or 50 or 100 (default 20 if empty)",\n"# Column descriptions for type of simple","Format -- [] represents optional items: [& | ! ( )] FIELD OPERATOR VALUE [)]","Description: Filter entry for simple fields","Only uses columns type and value",\n"# Column descriptions for type of complex","Format -- [] represents optional items: [& | ! ( )] COMPLEX-FIELD // SUB-FIELD OPERATOR VALUE[ //  ...] [)]","Description: Filter entry for complex fields and their sub-fields","Only uses columns type and value",\n"# Value Flags for type of simple or complex","& Use and instead of or (default), | Use or instead of and (overrides &), ! Use not, ( Open a parentheses, ) Close a parentheses (can also be at end of entry)",,,\n"saved_query","example 1","Filters, default fields, custom fields","example,tag1,tag2","os.distribution,os.os_str,active_directory:ad_password_last_set,default,os.build"\n"simple","( hostname contains test",,,\n"simple","! hostname contains internal )",,,\n"simple","( os.type equals windows",,,\n"simple","| os.type equals os x )",,,\n"saved_query","example 2","No filters, no default fields, custom fields","example,tag3,tag4","os.distribution,os.os_str,active_directory:ad_password_last_set"\n"saved_query","example 3","No filters, default fields, no custom fields","example,tag5,tag6",\n'
class axonius_api_client.constants.wizards.Sources[source]

Bases: object

Defaults for wizard source argument.

CSV_STR: str = 'csv text string'
CSV_PATH: str = 'csv file {path}'
TEXT_STR: str = 'text string'
TEXT_PATH: str = 'text file {path}'
LOD: str = 'list of dictionaries'
JSON_STR: str = 'json string'
JSON_PATH: str = 'json file {path}'
class axonius_api_client.constants.wizards.Fields[source]

Bases: object

Keys and arguments for field schemas.

NAME: str = 'name'
EXPR_TYPE: str = 'expr_field_type'
ANAME: str = 'adapter_name'
SUBS: str = 'sub_fields'
IS_ALL: str = 'is_all'
IS_DETAILS: str = 'is_details'
IS_COMPLEX: str = 'is_complex'
class axonius_api_client.constants.wizards.Expr[source]

Bases: object

Keys for GUI expressions.

BRACKET_LEFT: str = 'leftBracket'
BRACKET_RIGHT: str = 'rightBracket'
BRACKET_WEIGHT: str = 'bracketWeight'
CHILDREN: str = 'children'
CONDITION: str = 'condition'
CONTEXT: str = 'context'
EXPR: str = 'expression'
FIELD: str = 'field'
FIELD_TYPE: str = 'fieldType'
FILTER: str = 'filter'
FILTER_ADAPTERS: str = 'filteredAdapters'
IDX: str = 'i'
NOT: str = 'not'
OP_COMP: str = 'compOp'
OP_LOGIC: str = 'logicOp'
VALUE: str = 'value'
CONTEXT_OBJ: str = 'OBJ'
OP_AND: str = 'and'
OP_OR: str = 'or'
OP_IDX0: str = ''
classmethod get_query(exprs)[source]

Get the query for a list of GUI expressions.

Parameters:

exprs (typing.List[dict]) – list of expressions to build query from

Return type:

str

classmethod get_subs_query(sub_exprs)[source]

Get the complex query for a list of GUI child expressions.

Parameters:

sub_exprs (typing.List[dict]) – list of children of a complex expression to build query from

Return type:

str

classmethod build(entry, query, field, idx, op_comp, field_name_override=None, value=None, is_complex=False, children=None)[source]

Build an expression for the GUI to understand the query.

Parameters:

  • entry (dict) – entry to build expression from

  • query (str) – AQL string

  • field (dict) – schema of field

  • idx (int) – index of this expression

  • field_name_override (typing.Optional[str]) – value to use as name of field in expr instead of ‘name’ key from field dict

  • value (typing.Union[int, str, bool, None]) – raw expression value

  • op_comp (str) – comparison operator

  • is_complex (bool) – build an expression for a complex filter

  • children (typing.Optional[typing.List[dict]]) – children of a complex filter

Return type:

dict

classmethod build_child(query='', op_comp='', field='', value=None, idx=0)[source]

Build a child expression to be used in an expression.

Parameters:

  • query (str) – AQL of this child expression

  • op_comp (str) – comparison operator

  • field (str) – name of field for this child

  • value (typing.Union[int, str, bool, None]) – raw expression value

  • idx (int) – index of this expression

Return type:

dict