4.5.1. Enforcements¶
API for working with enforcements.
- class axonius_api_client.api.enforcements.enforcements.Enforcements(auth, **kwargs)[source]¶
Bases:
ModelMixins
API working with enforcements.
Whats the deal with BASIC vs FULL?
The REST API exposes an endpoint to page through the enforcement sets, but the details about the actions and triggers configured are limited.
In order to get the full details of the actions and triggers, one call must be made to fetch the FULL details of each enforcement set by UUID.
To make things more fun, the FULL model is lacking details that are only provided by the BASIC model: triggers_last_triggered, triggers_times_triggered, updated_by, last_triggered, last_updated. Also the “human friendly” description of trigger schedule is only available from BASIC.
We overcome this by getting the FULL object and attaching the BASIC object as FULL.BASIC.
- TBD:
get_tasks
- Parameters
auth (
axonius_api_client.auth.models.Model
) –
- property folders: FoldersEnforcements¶
Get the folders api for this object type.
- get_set(value, refetch=True, cache=None)[source]¶
Get an enforcement set by name or UUID.
- Parameters
value (MULTI_SET) – enforcement set model or str with name or uuid
refetch (
bool
) –cache (
typing.Optional
[typing.List
[axonius_api_client.api.json_api.enforcements.EnforcementFullModel
]]) –
- Raises
ApiError – if invalid type supplied for value
NotFoundError – if not found
- Returns
enforcement set model
- Return type
EnforcementFullModel
- get_sets_cached(**kwargs)[source]¶
Get all enforcements cached.
- Return type
typing.List
[typing.Union
[axonius_api_client.api.json_api.enforcements.EnforcementBasicModel
,axonius_api_client.api.json_api.enforcements.EnforcementFullModel
]]
- get_sets(generator=False, full=True)[source]¶
Get all enforcement sets.
- Parameters
- Return type
typing.Union
[typing.Generator
[typing.Union
[axonius_api_client.api.json_api.enforcements.EnforcementBasicModel
,axonius_api_client.api.json_api.enforcements.EnforcementFullModel
],None
,None
],typing.List
[typing.Union
[axonius_api_client.api.json_api.enforcements.EnforcementBasicModel
,axonius_api_client.api.json_api.enforcements.EnforcementFullModel
]]]
- get_sets_generator(full=True)[source]¶
Get all enforcement sets using a generator.
- Parameters
full (bool, optional) – get the full model of each enforcement set
- Yields
t.Generator[t.Union[EnforcementBasicModel, EnforcementFullModel], None, None] – Generator
- Return type
typing.Generator
[typing.Union
[axonius_api_client.api.json_api.enforcements.EnforcementBasicModel
,axonius_api_client.api.json_api.enforcements.EnforcementFullModel
],None
,None
]
- check_set_exists(value)[source]¶
Check if an enforcement set already exists.
- Parameters
value (MULTI_SET) – enforcement set model or str with name or uuid
- Raises
ApiError – if enforcement set already exists
- get_action_type(value)[source]¶
Get an action type.
- Parameters
value (MULTI_ACTION_TYPE) – action type model or str with name
- Returns
action type model
- Return type
ActionType
- Raises
ApiError – if value is incorrect type
NotFoundError – if not found
- get_action_types()[source]¶
Get all action types.
- Returns
action type models
- Return type
t.List[ActionType]
- copy(value, name, copy_triggers=True, folder=None, create=True, echo=True)[source]¶
Copy an enforcement set.
- Parameters
value (MULTI_SET) – enforcement set model or str with name or uuid
name (str) – name to assign to copy
copy_triggers (bool, optional) – copy triggers to new set
folder (t.Optional[t.Union[str, Folder]], optional) – folder to put object in
create (bool, optional) – if folder supplied does not exist, create it
echo (bool, optional) – echo output to console during create/etc
- Returns
updated enforcement set
- Return type
EnforcementFullModel
- update_folder(value, folder, create=True, echo=True)[source]¶
Update the name of an enforcement set.
- Parameters
value (MULTI_SET) – enforcement set model or str with name or uuid
name (str) – name to update
folder (t.Optional[t.Union[str, Folder]], optional) – folder to put object in
create (bool, optional) – if folder supplied does not exist, create it
echo (bool, optional) – echo output to console during create/etc
- Returns
updated enforcement set
- Return type
EnforcementFullModel
- update_name(value, name)[source]¶
Update the name of an enforcement set.
- Parameters
value (MULTI_SET) – enforcement set model or str with name or uuid
name (str) – name to update
- Returns
updated enforcement set
- Return type
EnforcementFullModel
- update_description(value, description, append=False)[source]¶
Update the description of an enforcement set.
- update_action_main(value, name, action_type, config=None)[source]¶
Update the main action of an enforcement set.
- update_action_add(value, category, name, action_type, config=None)[source]¶
Add an action to an enforcement set.
- Parameters
- Returns
updated enforcement set
- Return type
EnforcementFullModel
- update_query(value, query_name, query_type='devices')[source]¶
Update the query of an enforcement set.
- update_query_remove(value)[source]¶
Remove the query from an enforcement set.
- Parameters
value (MULTI_SET) – enforcement set model or str with name or uuid
- Returns
updated enforcement set
- Return type
EnforcementFullModel
- update_schedule_never(value)[source]¶
Set the schedule of an enforcement set to never run.
- Parameters
value (MULTI_SET) – enforcement set model or str with name or uuid
- Returns
updated enforcement set
- Return type
EnforcementFullModel
- update_schedule_discovery(value)[source]¶
Set the schedule of an enforcement set to run every discovery.
- Parameters
value (MULTI_SET) – enforcement set model or str with name or uuid
- Returns
updated enforcement set
- Return type
EnforcementFullModel
- update_schedule_hourly(value, recurrence)[source]¶
Set the schedule of an enforcement set to run hourly.
- Parameters
value (MULTI_SET) – enforcement set model or str with name or uuid
recurrence (int) – run schedule every N hours (N = 1-24)
- Returns
updated enforcement set
- Return type
EnforcementFullModel
- update_schedule_daily(value, recurrence, hour=13, minute=0)[source]¶
Set the schedule of an enforcement set to run daily.
- Parameters
- Returns
updated enforcement set
- Return type
EnforcementFullModel
- update_schedule_weekly(value, recurrence, hour=13, minute=0)[source]¶
Set the schedule of an enforcement set to run weekly.
- Parameters
- Returns
updated enforcement set
- Return type
EnforcementFullModel
- update_schedule_monthly(value, recurrence, hour=13, minute=0)[source]¶
Set the schedule of an enforcement set to run monthly.
- Parameters
- Returns
updated enforcement set
- Return type
EnforcementFullModel
- update_only_new_assets(value, update)[source]¶
Update enforcement set to only run against newly added assets from last automated run.
- Parameters
value (MULTI_SET) – enforcement set model or str with name or uuid
update (bool) – False=run against all assets each automated run, True=only run against newly added assets from last automated run
- Returns
updated enforcement set
- Return type
EnforcementFullModel
- update_on_count_increased(value, update)[source]¶
Update enforcement set to only run if asset count increased from last automated run.
- Parameters
value (MULTI_SET) – enforcement set model or str with name or uuid
update (bool) – False=run regardless if asset count increased, True=only perform automated run if asset count increased
- Returns
updated enforcement set
- Return type
EnforcementFullModel
- update_on_count_decreased(value, update)[source]¶
Update enforcement set to only run if asset count decreased from last automated run.
- Parameters
value (MULTI_SET) – enforcement set model or str with name or uuid
update (bool) – False=run regardless if asset count decreased, True=only perform automated run if asset count decreased
- Returns
updated enforcement set
- Return type
EnforcementFullModel
- update_on_count_above(value, update)[source]¶
Update enforcement set to only run automatically if asset count is above N.
- Parameters
value (MULTI_SET) – enforcement set model or str with name or uuid
update (Optional[int]) – None to always run automatically regardless of asset count, integer to only run automatically if asset count is above N
- Returns
updated enforcement set
- Return type
EnforcementFullModel
- update_on_count_below(value, update)[source]¶
Update enforcement set to only run automatically if asset count is below N.
- Parameters
value (MULTI_SET) – enforcement set model or str with name or uuid
update (Optional[int]) – None to always run automatically regardless of asset count, integer to only run automatically if asset count is below N
- Returns
updated enforcement set
- Return type
EnforcementFullModel
- update_from_model(value)[source]¶
Update an enforcement set from the values in a model.
- Parameters
value (EnforcementFullModel) – enforcement set model to update
- Returns
updated enforcement set
- Return type
EnforcementFullModel
- create(name, main_action_name, main_action_type, main_action_config=None, description='', query_name=None, query_type='devices', schedule_type='never', schedule_hour=13, schedule_minute=0, schedule_recurrence=None, only_new_assets=False, on_count_above=None, on_count_below=None, on_count_increased=False, on_count_decreased=False, folder=None, create=True, echo=True)[source]¶
Create an enforcement set.
- Parameters
name (str) – Name to assign to enforcement set
main_action_name (str) – name to assign to main action
main_action_type (str) – action type to use for main action
main_action_config (Optional[dict], optional) – action config for main action
query_name (Optional[str], optional) – Saved Query name to use for trigger
query_type (str, optional) – Saved Query type
schedule_type (Union[EnforcementSchedule, str], optional) – EnforcementSchedule type for automation
schedule_hour (int, optional) – Hour of day to use for schedule_type
schedule_minute (int, optional) – Minute of hour to use for schedule_type
schedule_recurrence (Optional[Union[int, t.List[str]]], optional) – recurrence value, type changes based on schedule_type
only_new_assets (bool, optional) – only run set against assets added since last run
on_count_above (Optional[int], optional) – only run if asset count above N
on_count_below (Optional[int], optional) – only run if asset count below N
on_count_increased (bool, optional) – only run if asset count increased since last run
on_count_decreased (bool, optional) – only run if asset count decreased since last run
description (
typing.Optional
[str
]) –folder (
typing.Union
[str
,axonius_api_client.api.json_api.folders.enforcements.FolderModel
,None
]) –create (
bool
) –echo (
bool
) –
- Returns
created enforcement set
- Return type
EnforcementFullModel
- delete(value)[source]¶
Delete an enforcement set.
- Parameters
value (MULTI_SET) – enforcement set model or str with name or uuid
- Returns
deleted enforcement set
- Return type
EnforcementFullModel
- get_set_action(name, action_type, config=None)[source]¶
Get the action dictionary needed to add an action to an enforcement set.
- get_trigger_view(query_name=None, query_type='devices')[source]¶
Get the saved query for use in adding a query to an enforcement.
- Parameters
query_name (Optional[MULTI_SQ], optional) – Name of Saved Query
query_type (Union[QueryTypes, str], optional) – Type of Saved Query
- Returns
None if query_name is not supplied, otherwise saved query model
- Return type
t.Optional[SavedQuery]
- _delete(uuid)[source]¶
Delete an enforcement set by UUID.
- Parameters
uuid (str) – UUID of set to delete
- Returns
deleted model
- Return type
json_api.generic.Deleted
- _create_from_model(request_obj)[source]¶
Pass.
- Parameters
request_obj (
axonius_api_client.api.json_api.enforcements.CreateEnforcementModel
) –- Return type
axonius_api_client.api.json_api.enforcements.EnforcementFullModel
- _create(name, main, folder_id='', description='', success=None, failure=None, post=None, triggers=None)[source]¶
Create an enforcement set.
- Parameters
name (str) – name of enforcement to create
main (dict) – main action
success (Optional[t.List[dict]], optional) – success actions
failure (Optional[t.List[dict]], optional) – failure actions
post (Optional[t.List[dict]], optional) – post actions
triggers (Optional[t.List[dict]], optional) – saved query trigger
folder_id (
str
) –description (
str
) –
- Returns
created set
- Return type
EnforcementFullModel
- _get_sets(limit=2000, offset=0, sort=None, filter=None, search='')[source]¶
Get enforcement sets in basic model.
- Parameters
- Returns
basic models
- Return type
t.List[EnforcementBasicModel]
- _get_set(uuid)[source]¶
Get an enforcement set in full model.
- Parameters
uuid (str) – UUID of set to get
- Returns
full model
- Return type
EnforcementFullModel
- _get_action_types()[source]¶
Get all action types.
- Returns
action type models
- Return type
t.List[ActionType]
- _run_set_against_trigger(uuid, ec_page_run=False, use_conditions=False)[source]¶
Run an enforcement set against its trigger.
- _run_sets_against_trigger(uuids, include=True, use_conditions=False)[source]¶
Run enforcement sets against their triggers.
- Parameters
- Return type
axonius_api_client.api.json_api.generic.ListDictValue
- run(values, use_conditions=False, error=True)[source]¶
Run enforcement sets against their triggers.
- Parameters
- Return type
typing.List
[axonius_api_client.api.json_api.enforcements.EnforcementFullModel
]
- __init__(auth, **kwargs)¶
Mixins for API Models.
- Parameters
auth (
axonius_api_client.auth.models.Model
) – object to use for auth and sending API requests**kwargs – passed to
_init()
- LOG: logging.Logger¶
Logger for this object.
- auth¶
axonius_api_client.auth.models.Mixins
authentication object.
- http¶
axonius_api_client.http.Http
client to use to send requests,