4.5.1. Enforcements¶
API for working with enforcements.
- class axonius_api_client.api.enforcements.enforcements.Enforcements(auth, log_level='debug', **kwargs)[source]¶
Bases:
ModelMixins
API working with enforcements.
What’s the deal with BASIC vs FULL?
The REST API exposes an endpoint to page through the enforcement sets, but the details about the actions and triggers configured are limited.
In order to get the full details of the actions and triggers, one call must be made to fetch the FULL details of each enforcement set by UUID.
To make things more fun, the FULL model is lacking details that are only provided by the BASIC model: triggers_last_triggered, triggers_times_triggered, updated_by, last_triggered, last_updated.
Finally, the “human friendly” description of trigger schedule is only available from BASIC.
We overcome this by getting the FULL object and attaching the BASIC object as FULL.BASIC.
- Parameters:
auth (
axonius_api_client.auth.model.AuthModel
) –log_level (
typing.Union
[int
,str
]) –
- property folders: FoldersEnforcements¶
Get the folders api for this object type.
- get_set(value, refetch=True, cache=None)[source]¶
Get an enforcement set by name or UUID.
- Parameters:
value (
typing.Union
[str
,dict
,axonius_api_client.api.json_api.enforcements.EnforcementBasicModel
,axonius_api_client.api.json_api.enforcements.EnforcementFullModel
,axonius_api_client.api.json_api.enforcements.UpdateEnforcementResponseModel
]) – enforcement set model or str with name or uuidrefetch (
bool
) – refetch the enforcement set from the APIcache (
typing.Optional
[typing.List
[axonius_api_client.api.json_api.enforcements.EnforcementFullModel
]]) – cache of enforcement sets
- Raises:
ApiError – if invalid type supplied for value
NotFoundError – if not found
- Returns:
enforcement set model
- Return type:
EnforcementFullModel
- get_sets_cached(**kwargs)[source]¶
Get all enforcements cached.
- Return type:
typing.List
[typing.Union
[axonius_api_client.api.json_api.enforcements.EnforcementBasicModel
,axonius_api_client.api.json_api.enforcements.EnforcementFullModel
]]
- get_sets(generator=False, full=True)[source]¶
Get all enforcement sets.
- Parameters:
- Return type:
typing.Union
[typing.Generator
[typing.Union
[axonius_api_client.api.json_api.enforcements.EnforcementBasicModel
,axonius_api_client.api.json_api.enforcements.EnforcementFullModel
],None
,None
],typing.List
[typing.Union
[axonius_api_client.api.json_api.enforcements.EnforcementBasicModel
,axonius_api_client.api.json_api.enforcements.EnforcementFullModel
]]]
- get_sets_generator(full=True)[source]¶
Get all enforcement sets using a generator.
- Parameters:
full (
bool
) – get the full model of each enforcement set- Yields:
t.Generator[t.Union[EnforcementBasicModel, EnforcementFullModel], None, None] – Generator
- Return type:
typing.Generator
[typing.Union
[axonius_api_client.api.json_api.enforcements.EnforcementBasicModel
,axonius_api_client.api.json_api.enforcements.EnforcementFullModel
],None
,None
]
- check_set_exists(value)[source]¶
Check if an enforcement set already exists.
- Parameters:
value (
typing.Union
[str
,dict
,axonius_api_client.api.json_api.enforcements.EnforcementBasicModel
,axonius_api_client.api.json_api.enforcements.EnforcementFullModel
,axonius_api_client.api.json_api.enforcements.UpdateEnforcementResponseModel
]) – enforcement set model or str with name or uuid- Raises:
ApiError – if enforcement set already exists
- get_action_type(value)[source]¶
Get an action type.
- Parameters:
value (
typing.Union
[str
,dict
,axonius_api_client.api.json_api.enforcements.ActionType
]) – action type model or str with name- Returns:
action type model
- Return type:
ActionType
- Raises:
ApiError – if value is incorrect type
NotFoundError – if not found
- get_action_types()[source]¶
Get all action types.
- Returns:
action type models
- Return type:
t.List[ActionType]
- copy(value, name, copy_triggers=True, folder=None, create=True, echo=True)[source]¶
Copy an enforcement set.
- Parameters:
value (
typing.Union
[str
,dict
,axonius_api_client.api.json_api.enforcements.EnforcementBasicModel
,axonius_api_client.api.json_api.enforcements.EnforcementFullModel
,axonius_api_client.api.json_api.enforcements.UpdateEnforcementResponseModel
]) – enforcement set model or str with name or uuidname (
str
) – name to assign to copycopy_triggers (
bool
) – copy triggers to new setfolder (
typing.Union
[str
,axonius_api_client.api.json_api.folders.enforcements.Folder
,None
]) – folder to put object increate (
bool
) – if folder supplied does not exist, create itecho (
bool
) – echo output to console during create/etc
- Returns:
updated enforcement set
- Return type:
EnforcementFullModel
- update_folder(value, folder, create=True, echo=True)[source]¶
Update the name of an enforcement set.
- Parameters:
value (
typing.Union
[str
,dict
,axonius_api_client.api.json_api.enforcements.EnforcementBasicModel
,axonius_api_client.api.json_api.enforcements.EnforcementFullModel
,axonius_api_client.api.json_api.enforcements.UpdateEnforcementResponseModel
]) – enforcement set model or str with name or uuidfolder (
typing.Union
[str
,axonius_api_client.api.json_api.folders.enforcements.FolderModel
]) – folder to put object increate (
bool
) – if folder supplied does not exist, create itecho (
bool
) – echo output to console during create/etc
- Returns:
updated enforcement set
- Return type:
EnforcementFullModel
- update_name(value, name)[source]¶
Update the name of an enforcement set.
- Parameters:
value (
typing.Union
[str
,dict
,axonius_api_client.api.json_api.enforcements.EnforcementBasicModel
,axonius_api_client.api.json_api.enforcements.EnforcementFullModel
,axonius_api_client.api.json_api.enforcements.UpdateEnforcementResponseModel
]) – enforcement set model or str with name or uuidname (
str
) – name to update
- Returns:
updated enforcement set
- Return type:
EnforcementFullModel
- update_description(value, description, append=False)[source]¶
Update the description of an enforcement set.
- Parameters:
value (
typing.Union
[str
,dict
,axonius_api_client.api.json_api.enforcements.EnforcementBasicModel
,axonius_api_client.api.json_api.enforcements.EnforcementFullModel
,axonius_api_client.api.json_api.enforcements.UpdateEnforcementResponseModel
]) – enforcement set model or str with name or uuiddescription (
str
) – description to updateappend (
bool
) – append to existing description
- Returns:
updated enforcement set
- Return type:
EnforcementFullModel
- update_action_main(value, name, action_type, config=None)[source]¶
Update the main action of an enforcement set.
- Parameters:
value (
typing.Union
[str
,dict
,axonius_api_client.api.json_api.enforcements.EnforcementBasicModel
,axonius_api_client.api.json_api.enforcements.EnforcementFullModel
,axonius_api_client.api.json_api.enforcements.UpdateEnforcementResponseModel
]) – enforcement set model or str with name or uuidname (
str
) – name to assign to actionaction_type (
str
) – action typeconfig (
typing.Optional
[dict
]) – action configuration
- Returns:
updated enforcement set
- Return type:
EnforcementFullModel
- update_action_add(value, category, name, action_type, config=None)[source]¶
Add an action to an enforcement set.
- Parameters:
value (
typing.Union
[str
,dict
,axonius_api_client.api.json_api.enforcements.EnforcementBasicModel
,axonius_api_client.api.json_api.enforcements.EnforcementFullModel
,axonius_api_client.api.json_api.enforcements.UpdateEnforcementResponseModel
]) – enforcement set model or str with name or uuidcategory (
typing.Union
[axonius_api_client.api.json_api.enforcements.ActionCategory
,str
]) – action category to add action toname (
str
) – name of action to addaction_type (
str
) – action typeconfig (
typing.Optional
[dict
]) – action configuration
- Returns:
updated enforcement set
- Return type:
EnforcementFullModel
- update_action_remove(value, category, name)[source]¶
Remove an action from an enforcement set.
- Parameters:
value (
typing.Union
[str
,dict
,axonius_api_client.api.json_api.enforcements.EnforcementBasicModel
,axonius_api_client.api.json_api.enforcements.EnforcementFullModel
,axonius_api_client.api.json_api.enforcements.UpdateEnforcementResponseModel
]) – enforcement set model or str with name or uuidcategory (
typing.Union
[axonius_api_client.api.json_api.enforcements.ActionCategory
,str
]) – action category to remove action fromname (
str
) – name of action to remove
- Returns:
updated enforcement set
- Return type:
EnforcementFullModel
- update_query(value, query_name, query_type='devices')[source]¶
Update the query of an enforcement set.
- Parameters:
value (
typing.Union
[str
,dict
,axonius_api_client.api.json_api.enforcements.EnforcementBasicModel
,axonius_api_client.api.json_api.enforcements.EnforcementFullModel
,axonius_api_client.api.json_api.enforcements.UpdateEnforcementResponseModel
]) – enforcement set model or str with name or uuidquery_name (
str
) – name of saved queryquery_type (
typing.Union
[axonius_api_client.api.json_api.saved_queries.QueryTypes
,str
]) – type of saved query
- Returns:
updated enforcement set
- Return type:
EnforcementFullModel
- update_query_remove(value)[source]¶
Remove the query from an enforcement set.
- Parameters:
value (
typing.Union
[str
,dict
,axonius_api_client.api.json_api.enforcements.EnforcementBasicModel
,axonius_api_client.api.json_api.enforcements.EnforcementFullModel
,axonius_api_client.api.json_api.enforcements.UpdateEnforcementResponseModel
]) – enforcement set model or str with name or uuid- Returns:
updated enforcement set
- Return type:
EnforcementFullModel
- update_schedule_never(value)[source]¶
Set the schedule of an enforcement set to never run.
- Parameters:
value (
typing.Union
[str
,dict
,axonius_api_client.api.json_api.enforcements.EnforcementBasicModel
,axonius_api_client.api.json_api.enforcements.EnforcementFullModel
,axonius_api_client.api.json_api.enforcements.UpdateEnforcementResponseModel
]) – enforcement set model or str with name or uuid- Returns:
updated enforcement set
- Return type:
EnforcementFullModel
- update_schedule_discovery(value)[source]¶
Set the schedule of an enforcement set to run every discovery.
- Parameters:
value (
typing.Union
[str
,dict
,axonius_api_client.api.json_api.enforcements.EnforcementBasicModel
,axonius_api_client.api.json_api.enforcements.EnforcementFullModel
,axonius_api_client.api.json_api.enforcements.UpdateEnforcementResponseModel
]) – enforcement set model or str with name or uuid- Returns:
updated enforcement set
- Return type:
EnforcementFullModel
- update_schedule_hourly(value, recurrence)[source]¶
Set the schedule of an enforcement set to run hourly.
- Parameters:
value (
typing.Union
[str
,dict
,axonius_api_client.api.json_api.enforcements.EnforcementBasicModel
,axonius_api_client.api.json_api.enforcements.EnforcementFullModel
,axonius_api_client.api.json_api.enforcements.UpdateEnforcementResponseModel
]) – enforcement set model or str with name or uuidrecurrence (
int
) – run schedule every N hours (N = 1-24)
- Returns:
updated enforcement set
- Return type:
EnforcementFullModel
- update_schedule_daily(value, recurrence, hour=13, minute=0)[source]¶
Set the schedule of an enforcement set to run daily.
- Parameters:
value (
typing.Union
[str
,dict
,axonius_api_client.api.json_api.enforcements.EnforcementBasicModel
,axonius_api_client.api.json_api.enforcements.EnforcementFullModel
,axonius_api_client.api.json_api.enforcements.UpdateEnforcementResponseModel
]) – enforcement set model or str with name or uuidrecurrence (
int
) – run enforcement every N days (N = 1-~)hour (
int
) – hour of day to run scheduleminute (
int
) – minute of hour to run schedule
- Returns:
updated enforcement set
- Return type:
EnforcementFullModel
- update_schedule_weekly(value, recurrence, hour=13, minute=0)[source]¶
Set the schedule of an enforcement set to run weekly.
- Parameters:
value (
typing.Union
[str
,dict
,axonius_api_client.api.json_api.enforcements.EnforcementBasicModel
,axonius_api_client.api.json_api.enforcements.EnforcementFullModel
,axonius_api_client.api.json_api.enforcements.UpdateEnforcementResponseModel
]) – enforcement set model or str with name or uuidrecurrence (
typing.Union
[str
,typing.List
[typing.Union
[str
,int
]]]) – run enforcement on days of weekhour (
int
) – hour of day to run scheduleminute (
int
) – minute of hour to run schedule
- Returns:
updated enforcement set
- Return type:
EnforcementFullModel
- update_schedule_monthly(value, recurrence, hour=13, minute=0)[source]¶
Set the schedule of an enforcement set to run monthly.
- Parameters:
value (
typing.Union
[str
,dict
,axonius_api_client.api.json_api.enforcements.EnforcementBasicModel
,axonius_api_client.api.json_api.enforcements.EnforcementFullModel
,axonius_api_client.api.json_api.enforcements.UpdateEnforcementResponseModel
]) – enforcement set model or str with name or uuidrecurrence (
typing.Union
[str
,typing.List
[typing.Union
[str
,int
]]]) – run enforcement on days of monthhour (
int
) – hour of day to run scheduleminute (
int
) – minute of hour to run schedule
- Returns:
updated enforcement set
- Return type:
EnforcementFullModel
- update_only_new_assets(value, update)[source]¶
Update enforcement set to only run against newly added assets from last automated run.
- Parameters:
value (
typing.Union
[str
,dict
,axonius_api_client.api.json_api.enforcements.EnforcementBasicModel
,axonius_api_client.api.json_api.enforcements.EnforcementFullModel
,axonius_api_client.api.json_api.enforcements.UpdateEnforcementResponseModel
]) – enforcement set model or str with name or uuidupdate (
bool
) – False=run against all assets each automated run, True=only run against newly added assets from last automated run
- Returns:
updated enforcement set
- Return type:
EnforcementFullModel
- update_on_count_increased(value, update)[source]¶
Update enforcement set to only run if asset count increased from last automated run.
- Parameters:
value (
typing.Union
[str
,dict
,axonius_api_client.api.json_api.enforcements.EnforcementBasicModel
,axonius_api_client.api.json_api.enforcements.EnforcementFullModel
,axonius_api_client.api.json_api.enforcements.UpdateEnforcementResponseModel
]) – enforcement set model or str with name or uuidupdate (
bool
) – False=run regardless if asset count increased, True=only perform automated run if asset count increased
- Returns:
updated enforcement set
- Return type:
EnforcementFullModel
- update_on_count_decreased(value, update)[source]¶
Update enforcement set to only run if asset count decreased from last automated run.
- Parameters:
value (
typing.Union
[str
,dict
,axonius_api_client.api.json_api.enforcements.EnforcementBasicModel
,axonius_api_client.api.json_api.enforcements.EnforcementFullModel
,axonius_api_client.api.json_api.enforcements.UpdateEnforcementResponseModel
]) – enforcement set model or str with name or uuidupdate (
bool
) – False=run regardless if asset count decreased, True=only perform automated run if asset count decreased
- Returns:
updated enforcement set
- Return type:
EnforcementFullModel
- update_on_count_above(value, update)[source]¶
Update enforcement set to only run automatically if asset count is above N.
- Parameters:
value (
typing.Union
[str
,dict
,axonius_api_client.api.json_api.enforcements.EnforcementBasicModel
,axonius_api_client.api.json_api.enforcements.EnforcementFullModel
,axonius_api_client.api.json_api.enforcements.UpdateEnforcementResponseModel
]) – enforcement set model or str with name or uuidupdate (
typing.Optional
[int
]) – None to always run automatically regardless of asset count, integer to only run automatically if asset count is above N
- Returns:
updated enforcement set
- Return type:
EnforcementFullModel
- update_on_count_below(value, update)[source]¶
Update enforcement set to only run automatically if asset count is below N.
- Parameters:
value (
typing.Union
[str
,dict
,axonius_api_client.api.json_api.enforcements.EnforcementBasicModel
,axonius_api_client.api.json_api.enforcements.EnforcementFullModel
,axonius_api_client.api.json_api.enforcements.UpdateEnforcementResponseModel
]) – enforcement set model or str with name or uuidupdate (
typing.Optional
[int
]) – None to always run automatically regardless of asset count, integer to only run automatically if asset count is below N
- Returns:
updated enforcement set
- Return type:
EnforcementFullModel
- update_from_model(value)[source]¶
Update an enforcement set from the values in a model.
- Parameters:
value (
axonius_api_client.api.json_api.enforcements.EnforcementFullModel
) – enforcement set model to update- Returns:
updated enforcement set
- Return type:
EnforcementFullModel
- create(name, main_action_name, main_action_type, query_name=None, query_type='devices', main_action_config=None, description='', schedule_type='never', schedule_hour=13, schedule_minute=0, schedule_recurrence=None, only_new_assets=False, on_count_above=None, on_count_below=None, on_count_increased=False, on_count_decreased=False, folder=None, create=True, echo=True)[source]¶
Create an enforcement set.
- Parameters:
name (
str
) – Name to assign to enforcement setdescription (
typing.Optional
[str
]) – Description to assign to enforcement setquery_name (
typing.Optional
[str
]) – Saved Query name to use for triggerquery_type (
str
) – Saved Query typemain_action_name (
str
) – name to assign to main actionmain_action_type (
str
) – action type to use for main actionmain_action_config (
typing.Optional
[dict
]) – action config for main actionschedule_type (
typing.Union
[axonius_api_client.api.json_api.enforcements.EnforcementSchedule
,str
]) – EnforcementSchedule type for automationschedule_hour (
int
) – Hour of day to use for schedule_typeschedule_minute (
int
) – Minute of hour to use for schedule_typeschedule_recurrence (
typing.Union
[int
,typing.List
[str
],None
]) – recurrence value to use for schedule_typeonly_new_assets (
bool
) – only run set against assets added since last runon_count_above (
typing.Optional
[int
]) – only run if asset count above Non_count_below (
typing.Optional
[int
]) – only run if asset count below Non_count_increased (
bool
) – only run if asset count increased since last runon_count_decreased (
bool
) – only run if asset count decreased since last runfolder (
typing.Union
[str
,axonius_api_client.api.json_api.folders.enforcements.FolderModel
,None
]) – folder to create set increate (
bool
) – create folder if it doesn’t existecho (
bool
) – echo folder creation
- Returns:
created enforcement set
- Return type:
EnforcementFullModel
- delete(value)[source]¶
Delete an enforcement set.
- Parameters:
value (
typing.Union
[str
,dict
,axonius_api_client.api.json_api.enforcements.EnforcementBasicModel
,axonius_api_client.api.json_api.enforcements.EnforcementFullModel
,axonius_api_client.api.json_api.enforcements.UpdateEnforcementResponseModel
]) – enforcement set model or str with name or uuid- Returns:
deleted enforcement set
- Return type:
EnforcementFullModel
- get_set_action(name, action_type, config=None)[source]¶
Get the action dictionary needed to add an action to an enforcement set.
- Parameters:
name (
str
) – name to assign to actionaction_type (
typing.Union
[str
,dict
,axonius_api_client.api.json_api.enforcements.ActionType
]) – action type to useconfig (
typing.Optional
[dict
]) – action config
- Returns:
action dictionary
- Return type:
- get_trigger_view(query_name=None, query_type='devices')[source]¶
Get the saved query for use in adding a query to an enforcement.
- Parameters:
query_name (
typing.Union
[str
,dict
,axonius_api_client.api.json_api.saved_queries.SavedQuery
,None
]) – Name of Saved Queryquery_type (
typing.Union
[axonius_api_client.api.json_api.saved_queries.QueryTypes
,str
]) – Type of Saved Query
- Returns:
None if query_name is not supplied, otherwise saved query model
- Return type:
- _delete(uuid)[source]¶
Delete an enforcement set by UUID.
- Parameters:
uuid (
str
) – UUID of set to delete- Returns:
deleted model
- Return type:
json_api.generic.Deleted
- _update(uuid, name, actions, folder_id='', triggers=None)[source]¶
Update an enforcement set.
- Parameters:
uuid (
str
) – UUID of set to updatename (
str
) – name of setactions (
dict
) – actions of settriggers (
typing.Optional
[typing.List
[dict
]]) – triggers of setfolder_id (
str
) –
- Returns:
updated set
- Return type:
EnforcementFullModel
- _create_from_model(request_obj)[source]¶
Pass.
- Parameters:
request_obj (
axonius_api_client.api.json_api.enforcements.CreateEnforcementModel
) –- Return type:
axonius_api_client.api.json_api.enforcements.EnforcementFullModel
- _create(name, main, folder_id='', description='', success=None, failure=None, post=None, triggers=None)[source]¶
Create an enforcement set.
- Parameters:
name (
str
) – name of enforcement to createmain (
dict
) – main actionsuccess (
typing.Optional
[typing.List
[dict
]]) – success actionsfailure (
typing.Optional
[typing.List
[dict
]]) – failure actionspost (
typing.Optional
[typing.List
[dict
]]) – post actionstriggers (
typing.Optional
[typing.List
[dict
]]) – saved query triggerfolder_id (
str
) –description (
str
) –
- Returns:
created set
- Return type:
EnforcementFullModel
- _get_sets(limit=2000, offset=0, sort=None, filter=None, search='')[source]¶
Get enforcement sets in basic model.
- Parameters:
limit (
int
) – limit to N rows per pageoffset (
int
) – start at row Nsort (
typing.Optional
[str
]) – sort based on a model attributefilter (
typing.Optional
[str
]) – AQL filtersearch (
str
) – search string
- Returns:
basic models
- Return type:
t.List[EnforcementBasicModel]
- _get_set(uuid)[source]¶
Get an enforcement set in full model.
- Parameters:
uuid (
str
) – UUID of set to get- Returns:
full model
- Return type:
EnforcementFullModel
- _get_action_types()[source]¶
Get all action types.
- Returns:
action type models
- Return type:
t.List[ActionType]
- _run_set_against_trigger(uuid, ec_page_run=False, use_conditions=False)[source]¶
Run an enforcement set against its trigger.
- _move_sets(folder_id, enforcements_ids)[source]¶
Move enforcements to a folder.
- Parameters:
folder_id (
str
) – ID of folder to move enforcements toenforcements_ids (
typing.Union
[str
,typing.List
[str
]]) – list of uuids to move
- Return type:
axonius_api_client.api.json_api.enforcements.MoveEnforcementsResponseModel
- _run_sets_against_trigger(uuids, include=True, use_conditions=False)[source]¶
Run enforcement sets against their triggers.
- Parameters:
uuids (
typing.List
[str
]) – UUIDs of enforcement sets to triggerinclude (
bool
) – select UUIDs in DB or UUIDs NOT in DBuse_conditions (
bool
) – use conditions configured on enforcement set to determine execution
- Return type:
axonius_api_client.api.json_api.generic.ListDictValue
- run(values, use_conditions=False, error=True)[source]¶
Run enforcement sets against their triggers.
- Parameters:
values (
typing.List
[str
]) – names or UUIDs of enforcement sets to triggeruse_conditions (
bool
) – use conditions configured on enforcement set to determine executionerror (
bool
) – throw error if an enforcement set has no trigger
- Return type:
typing.List
[axonius_api_client.api.json_api.enforcements.EnforcementFullModel
]
-
LOG:
logging.Logger
= None¶ Logger for this object.
- __init__(auth, log_level='debug', **kwargs)¶
Mixins for API Models.
- Parameters:
auth (
axonius_api_client.auth.model.AuthModel
) – object to use for auth and sending API requestslog_level (
typing.Union
[int
,str
]) – logging level to use for this objects logger**kwargs – passed to
_init()
- _init_auth(**kwargs)¶
Post init method for subclasses to use for overriding auth setup.
-
auth:
axonius_api_client.auth.model.AuthModel
= None¶ Authentication model with bound Http object to use for requests.
-
http:
axonius_api_client.http.Http
= None¶ Http object to use for requests.