4.7.1.2. Asset API models

API model mixin for device and user assets.

class axonius_api_client.api.assets.asset_mixin.AssetMixin(auth, log_level='debug', **kwargs)[source]

Bases: ModelMixins

API model mixin for device and user assets.

Examples

See also

This object is not usable directly, it only stores the logic that is common for working with the various asset types:

Parameters:
  • auth (axonius_api_client.auth.model.AuthModel) –

  • log_level (typing.Union[int, str]) –

ASSET_TYPE: str = ''
classmethod asset_types()[source]

Pass.

Return type:

typing.List[str]

classmethod asset_modules()[source]

Pass.

Return type:

typing.List[typing.Type[axonius_api_client.api.assets.asset_mixin.AssetMixin]]

run_enforcement(eset, ids, verify_and_run=True, verified=False, verify_count=True, prompt=False, do_echo=False, refetch=False, src_query=None, src_fields=None, check_stdin=True, grabber=None)[source]

Run an enforcement set against a manually selected list of assets.

Examples

>>> import axonius_api_client as axonapi
>>> connect_args: dict = axonapi.get_env_connect()
>>> client: axonapi.Connect = axonapi.Connect(**connect_args)
>>> apiobj: axonapi.api.assets.AssetMixin = client.devices
>>>       # or client.users or client.vulnerabilities
>>> WIZ: str = "simple os.type equals Windows"  # "query of assets to target"
>>> ESET: str = "test"  # "name or uuid of enforcement set"

Get a list of assets from a query and manually extract the IDs. We know assets are valid because we just got them, so we pass verified=True. >>> ITEMS: list[dict] = apiobj.get(wiz_entries=WIZ) >>> IDS: list[str] = list(map(lambda x: x[‘internal_axon_id’], ITEMS)) >>> RUNNER: Runner = apiobj.run_enforcement(eset=ESET, ids=IDS, verified=True) >>> print(RUNNER) Runner(

state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=None, verified=True, verify_count=True, prompt=False, grabber=None,

)

Parameters:
  • eset (ENFORCEMENT) – name, uuid, or Enforcement Set object to run

  • ids (t.Union[str, t.List[str]]) – Asset IDs to run Enforcement Set against, csv-like string or list of csv-like strings

  • verify_and_run (bool, optional) – if false, return the Runner object to use manually. if true, run :method:`Runner.verify_and_run` before returning the Runner object

  • verified (bool) – $ids already verified, just run $eset against $ids

  • verify_count (bool) – Verify that the count of $query equals the count of $ids

  • prompt (bool) – Prompt user for verification when applicable.

  • do_echo (bool) – Echo output to console as well as log

  • refetch (bool) – refetch $eset even if it is already a model

  • src_query (str) – query to use to get $ids

  • src_fields (list) – fields to use to get $ids

  • check_stdin (bool) – error if stdin is a TTY when prompting

  • grabber (typing.Optional[axonius_api_client.parsers.grabber.Grabber]) – (grabber): Grabber used to get IDs

Returns:

Runner object used to verify and run $eset

Return type:

Runner

run_enforcement_from_items(eset, items, keys=None, do_echo_grab=True, do_raise_grab=False, **kwargs)[source]

Get Asset IDs from a list of dicts or strs and run $eset against them.

Examples

>>> import axonius_api_client as axonapi
>>> connect_args: dict = axonapi.get_env_connect()
>>> client: axonapi.Connect = axonapi.Connect(**connect_args)
>>> apiobj: axonapi.api.assets.AssetMixin = client.devices
>>>       # or client.users or client.vulnerabilities
>>> WIZ: str = "simple os.type equals Windows"  # "query of assets to target"
>>> ESET: str = "test"  # "name or uuid of enforcement set"

Get a list of assets from a query and use the grabber get the IDs. We know assets are valid because we just got them, so we pass verified=True. >>> ITEMS: list[dict] = apiobj.get(wiz_entries=WIZ) >>> RUNNER: Runner = apiobj.run_enforcement_from_items(eset=ESET, items=ITEMS, … verified=True) >>> print(RUNNER) Runner(

state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=None, verified=True, verify_count=True, prompt=False, grabber=Grabber( count_supplied=31, count_found=31, do_echo=True, do_raise=False, source=None,

)

Parameters:
  • eset (ENFORCEMENT) – name, uuid, or Enforcement Set object to run

  • items (t.Union[str, t.List[str], dict, t.List[dict], types.GeneratorType]) – list of strs or dicts to grab Asset IDs from

  • keys (t.Union[str, t.List[str]]) – additional keys for grabber to look for Asset IDs in

  • do_echo_grab (bool, optional) – Echo output of Asset ID grabber to console as well as log

  • do_raise_grab (bool, optional) – Throw an error if grabber fails to find an Asset ID in any items

  • **kwargs – passed to :method:`run_enforcement`

Returns:

Runner object used to verify and run $eset

Return type:

Runner

run_enforcement_from_json(eset, items, keys=None, do_echo_grab=True, do_raise_grab=False, **kwargs)[source]

Get Asset IDs from a JSON string with a list of dicts and run $eset against them.

Examples

>>> import axonius_api_client as axonapi
>>> connect_args: dict = axonapi.get_env_connect()
>>> client: axonapi.Connect = axonapi.Connect(**connect_args)
>>> apiobj: axonapi.api.assets.AssetMixin = client.devices
>>>       # or client.users or client.vulnerabilities
>>> WIZ: str = "simple os.type equals Windows"  # "query of assets to target"
>>> ESET: str = "test"  # "name or uuid of enforcement set"

Get a list of assets from a query and export the assets to a JSON str then run an enforcement against all asset IDs from the JSON str. We know assets are valid because we just got them, so we pass verified=True. >>> import io >>> FH = io.StringIO() >>> _ = apiobj.get(wiz_entries=WIZ, export=”json”, export_fd=FH, export_fd_close=False) >>> FH.seek(0) >>> ITEMS: str = FH.getvalue() >>> RUNNER: Runner = apiobj.run_enforcement_from_json(eset=ESET, items=ITEMS, … verified=True) >>> print(RUNNER) Runner(

state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=None, verified=True, verify_count=True, prompt=False, grabber=Grabber( count_supplied=31, count_found=31, do_echo=True, do_raise=False, source=’from_json items type=str, length=15519 post_load type=list, length=31’,

), )

Get a list of assets from a query and export the assets to a JSON file then run an enforcement against all asset IDs from the JSON file. We know assets are valid because we just got them, so we pass verified=True. >>> import pathlib >>> PATH: pathlib.Path = pathlib.Path(“data.json”) >>> _ = apiobj.get(wiz_entries=WIZ, export=”json”, export_file=PATH) >>> RUNNER: Runner = apiobj.run_enforcement_from_json(eset=ESET, items=PATH, … verified=True) >>> print(RUNNER) Runner(

state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=None, verified=True, verify_count=True, prompt=False, grabber=Grabber( count_supplied=31, count_found=31, do_echo=True, do_raise=False, source=’from_json items type=PosixPath, length=None post_load type=list, length=31’,

), )

Parameters:
  • eset (ENFORCEMENT) – name, uuid, or Enforcement Set object to run

  • items (t.Union[str, bytes, t.IO, pathlib.Path]) – json str, handle for file containing json str, or pathlib.Path of path containing json str

  • keys (t.Union[str, t.List[str]]) – additional keys for grabber to look for Asset IDs in

  • do_echo_grab (bool, optional) – Echo output of Asset ID grabber to console as well as log

  • do_raise_grab (bool, optional) – Throw an error if grabber fails to find an Asset ID in any items

  • **kwargs – passed to :method:`run_enforcement`

Returns:

Runner object used to verify and run $eset

Return type:

Runner

run_enforcement_from_jsonl(eset, items, keys=None, do_echo_grab=True, do_raise_grab=False, **kwargs)[source]

Get Asset IDs from a JSONL string with one dict per line and run $eset against them.

Examples

>>> import axonius_api_client as axonapi
>>> connect_args: dict = axonapi.get_env_connect()
>>> client: axonapi.Connect = axonapi.Connect(**connect_args)
>>> apiobj: axonapi.api.assets.AssetMixin = client.devices
>>>       # or client.users or client.vulnerabilities
>>> WIZ: str = "simple os.type equals Windows"  # "query of assets to target"
>>> ESET: str = "test"  # "name or uuid of enforcement set"

Get a list of assets from a query and export the assets to a JSONL str then run an enforcement against all asset IDs from the JSONL str. We know assets are valid because we just got them, so we pass verified=True. >>> import io >>> FH = io.StringIO() >>> _ = apiobj.get(wiz_entries=WIZ, export=”json”, json_flat=True, … export_fd=FH, export_fd_close=False) >>> FH.seek(0) >>> RUNNER: Runner = apiobj.run_enforcement_from_jsonl(eset=ESET, items=FH, … verified=True) >>> print(RUNNER) Runner(

state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=None, verified=True, verify_count=True, prompt=False, grabber=Grabber( count_supplied=31, count_found=31, do_echo=True, do_raise=False, source=’from_jsonl items type=StringIO, length=None post_load type=list, length=31’,

), )

Get a list of assets from a query and export the assets to a JSONL file then run an enforcement against all asset IDs from the JSONL file. We know assets are valid because we just got them, so we pass verified=True. >>> import pathlib >>> PATH = pathlib.Path(“data.jsonl”) >>> _ = apiobj.get( … wiz_entries=WIZ, export=”json”, json_flat=True, export_file=PATH, … export_overwrite=True) >>> RUNNER: Runner = apiobj.run_enforcement_from_jsonl(eset=ESET, items=PATH, … verified=True) >>> print(RUNNER) Runner(

state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=None, verified=True, verify_count=True, prompt=False, grabber=Grabber( count_supplied=31, count_found=31, do_echo=True, do_raise=False, source=’from_jsonl items type=PosixPath, length=None post_load type=list, length=31’,

), )

Parameters:
  • eset (ENFORCEMENT) – name, uuid, or Enforcement Set object to run

  • items (t.Union[str, bytes, t.IO, pathlib.Path]) – jsonl str, handle for file containing jsonl str, or pathlib.Path of path containing jsonl str

  • keys (t.Union[str, t.List[str]]) – additional keys for grabber to look for Asset IDs in

  • do_echo_grab (bool, optional) – Echo output of Asset ID grabber to console as well as log

  • do_raise_grab (bool, optional) – Throw an error if grabber fails to find an Asset ID in any items

  • **kwargs – passed to :method:`run_enforcement`

Returns:

Runner object used to verify and run $eset

Return type:

Runner

run_enforcement_from_csv(eset, items, keys=None, do_echo_grab=True, do_raise_grab=False, load_args=None, **kwargs)[source]

Get Asset IDs from a CSV string and run $eset against them.

Examples

>>> import axonius_api_client as axonapi
>>> connect_args: dict = axonapi.get_env_connect()
>>> client: axonapi.Connect = axonapi.Connect(**connect_args)
>>> apiobj: axonapi.api.assets.AssetMixin = client.devices
>>>       # or client.users or client.vulnerabilities
>>> WIZ: str = "simple os.type equals Windows"  # "query of assets to target"
>>> ESET: str = "test"  # "name or uuid of enforcement set"

Get a list of assets from a query and export the assets to a JSONL str then run an enforcement against all asset IDs from the JSONL str. We can also use a CSV file exported from the GUI. We know assets are valid because we just got them, so we pass verified=True.

>>> import io
>>> FH: io.StringIO = io.StringIO()
>>> _ = apiobj.get(wiz_entries=WIZ, export="csv", export_fd=FH, export_fd_close=False)
>>> FH.seek(0)
>>> ITEMS: str = axonapi.tools.bom_strip(FH.getvalue())
>>> RUNNER: Runner = apiobj.run_enforcement_from_csv(eset=ESET, items=ITEMS,
... verified=True)
>>> print(RUNNER)
Runner(
  state='Ran Enforcement Set against 31 supplied Asset IDs',
  eset='test',
  executed=True,
  count_ids=31,
  count_result=None,
  verified=True,
  verify_count=True,
  prompt=False,
  grabber=Grabber(
  count_supplied=33,
  count_found=31,
  do_echo=True,
  do_raise=False,
  source='from_csv items type=str, length=6556 post_load type=list, length=33',
),
)

Get a list of assets from a query and export the assets to a CSV file then run an enforcement against all asset IDs from the CSV file. We can also use a CSV file exported from the GUI. We know assets are valid because we just got them, so we pass verified=True. >>> import pathlib >>> PATH: pathlib.Path = pathlib.Path(“data.csv”) >>> _ = apiobj.get(wiz_entries=WIZ, export=”csv”, export_file=PATH) >>> RUNNER: Runner = apiobj.run_enforcement_from_csv(eset=ESET, items=PATH, … verified=True) >>> print(RUNNER) Runner(

state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=None, verified=True, verify_count=True, prompt=False, grabber=Grabber( count_supplied=33, count_found=31, do_echo=True, do_raise=False, source=’from_csv items type=PosixPath, length=None post_load type=list, length=33’,

), )

Parameters:
  • eset (ENFORCEMENT) – name, uuid, or Enforcement Set object to run

  • items (t.Union[str, bytes, t.IO, pathlib.Path]) – csv str, handle for file containing csv str, or pathlib.Path of path containing csv str

  • keys (t.Union[str, t.List[str]]) – additional keys for grabber to look for Asset IDs in

  • do_echo_grab (bool, optional) – Echo output of Asset ID grabber to console as well as log

  • do_raise_grab (bool, optional) – Throw an error if grabber fails to find an Asset ID in any items

  • load_args (typing.Optional[dict]) – passed to pandas.read_csv()

  • **kwargs – passed to :method:`run_enforcement`

Returns:

Runner object used to verify and run $eset

Return type:

Runner

run_enforcement_from_text(eset, items, keys=None, do_echo_grab=True, do_raise_grab=False, **kwargs)[source]

Get Asset IDs from a text string and run $eset against them.

Examples

>>> import axonius_api_client as axonapi
>>> connect_args: dict = axonapi.get_env_connect()
>>> client: axonapi.Connect = axonapi.Connect(**connect_args)
>>> apiobj: axonapi.api.assets.AssetMixin = client.devices
>>>       # or client.users or client.vulnerabilities
>>> WIZ: str = "simple os.type equals Windows"  # "query of assets to target"
>>> ESET: str = "test"  # "name or uuid of enforcement set"

Get a list of assets from a query and export the assets to a text file then run an enforcement against all asset IDs from the text file. All lines will have any non-alphanumeric characters removed from them and if a 32 character alphanumeric string is found it is considered an Asset ID. We know assets are valid because we just got them, so we pass verified=True. >>> import pathlib >>> PATH: pathlib.Path = pathlib.Path(“data.txt”) >>> ITEMS: list[dict] = apiobj.get(wiz_entries=WIZ) >>> IDS: list[str] = list(map(lambda x: x[‘internal_axon_id’], ITEMS)) >>> PATH.write_text(’n’.join(IDS)) >>> RUNNER: Runner = apiobj.run_enforcement_from_text( … eset=ESET, items=PATH, verified=True) >>> print(RUNNER) Runner(

state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=None, verified=True, verify_count=True, prompt=False, grabber=Grabber( count_supplied=31, count_found=31, do_echo=True, do_raise=False, source=’from_text items type=PosixPath, length=None’,

), )

Parameters:
  • eset (ENFORCEMENT) – name, uuid, or Enforcement Set object to run

  • items (t.Union[str, bytes, t.IO, pathlib.Path]) – text str, handle for file containing text str, or pathlib.Path of path containing text str

  • keys (t.Union[str, t.List[str]]) – n/a

  • do_echo_grab (bool, optional) – Echo output of Asset ID grabber to console as well as log

  • do_raise_grab (bool, optional) – Throw an error if grabber fails to find an Asset ID in any items

  • **kwargs – passed to :method:`run_enforcement`

Returns:

Runner object used to verify and run $eset

Return type:

Runner

run_enforcement_from_json_path(eset, path, keys=None, do_echo_grab=True, do_raise_grab=False, **kwargs)[source]

Get Asset IDs from a JSON file with a list of dicts and run $eset against them.

Examples

>>> import axonius_api_client as axonapi
>>> connect_args: dict = axonapi.get_env_connect()
>>> client: axonapi.Connect = axonapi.Connect(**connect_args)
>>> apiobj: axonapi.api.assets.AssetMixin = client.devices
>>>       # or client.users or client.vulnerabilities
>>> ESET: str = "test"  # "name or uuid of enforcement set"

Run an enforcement against all asset IDs from a JSON file. We are unsure if Asset IDs are still valid for this instance of Axonius, so we do not pass verified=True. >>> PATH: str = “data.json” >>> RUNNER: Runner = apiobj.run_enforcement_from_json_path(eset=ESET, path=PATH) >>> print(RUNNER) Runner(

state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=31, verified=True, verify_count=True, prompt=False, grabber=Grabber( count_supplied=31, count_found=31, do_echo=True, do_raise=False, source=’from_json_path /Users/jimbo/gh/Axonius/axonapi/data.json /

from_json items type=PosixPath, length=None post_load type=list, length=31’, ), )

Parameters:
  • eset (ENFORCEMENT) – name, uuid, or Enforcement Set object to run

  • path (PathLike) – str or pathlib.Path of path containing json str

  • keys (t.Union[str, t.List[str]]) – additional keys for grabber to look for Asset IDs in

  • do_echo_grab (bool, optional) – Echo output of Asset ID grabber to console as well as log

  • do_raise_grab (bool, optional) – Throw an error if grabber fails to find an Asset ID in any items

  • **kwargs – passed to :method:`run_enforcement`

Returns:

Runner object used to verify and run $eset

Return type:

Runner

run_enforcement_from_jsonl_path(eset, path, keys=None, do_echo_grab=True, do_raise_grab=False, **kwargs)[source]

Get Asset IDs from a JSONL file with one dict per line and run $eset against them.

Examples

>>> import axonius_api_client as axonapi
>>> connect_args: dict = axonapi.get_env_connect()
>>> client: axonapi.Connect = axonapi.Connect(**connect_args)
>>> apiobj: axonapi.api.assets.AssetMixin = client.devices
>>>       # or client.users or client.vulnerabilities
>>> ESET: str = "test"  # "name or uuid of enforcement set"

Run an enforcement against all asset IDs from a JSONL file. We are unsure if Asset IDs are still valid for this instance, so we do not pass verified=True. >>> PATH: str = “data.jsonl” >>> RUNNER: Runner = apiobj.run_enforcement_from_jsonl_path(eset=ESET, path=PATH) >>> print(RUNNER) Runner(

state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=31, verified=True, verify_count=True, prompt=False, grabber=Grabber( count_supplied=31, count_found=31, do_echo=True, do_raise=False, source=’from_jsonl_path /Users/jimbo/gh/Axonius/axonapi/data.jsonl /

from_jsonl items type=PosixPath, length=None post_load type=list, length=31’, ), )

Parameters:
  • eset (ENFORCEMENT) – name, uuid, or Enforcement Set object to run

  • path (PathLike) – str or pathlib.Path of path containing jsonl str

  • keys (t.Union[str, t.List[str]]) – additional keys for grabber to look for Asset IDs in

  • do_echo_grab (bool, optional) – Echo output of Asset ID grabber to console as well as log

  • do_raise_grab (bool, optional) – Throw an error if grabber fails to find an Asset ID in any items

  • **kwargs – passed to :method:`run_enforcement`

Returns:

Runner object used to verify and run $eset

Return type:

Runner

run_enforcement_from_csv_path(eset, path, keys=None, do_echo_grab=True, do_raise_grab=False, **kwargs)[source]

Get Asset IDs from a CSV file and run $eset against them.

Examples

>>> import axonius_api_client as axonapi
>>> connect_args: dict = axonapi.get_env_connect()
>>> client: axonapi.Connect = axonapi.Connect(**connect_args)
>>> apiobj: axonapi.api.assets.AssetMixin = client.devices
>>>       # or client.users or client.vulnerabilities
>>> ESET: str = "test"  # "name or uuid of enforcement set"

Run an enforcement against all asset IDs from a JSONL file. We are unsure if Asset IDs are still valid for this instance, so we do not pass verified=True. >>> PATH: str = “data.csv” >>> RUNNER: Runner = apiobj.run_enforcement_from_csv_path(eset=ESET, path=PATH) >>> print(RUNNER) Runner(

state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=31, verified=True, verify_count=True, prompt=False, grabber=Grabber( count_supplied=33, count_found=31, do_echo=True, do_raise=False, source=’from_csv_path /Users/jimbo/gh/Axonius/axonapi/data.csv /

from_csv items type=PosixPath, length=None post_load type=list, length=33’, ), )

Parameters:
  • eset (ENFORCEMENT) – name, uuid, or Enforcement Set object to run

  • path (PathLike) – str or pathlib.Path of path containing csv str

  • keys (t.Union[str, t.List[str]]) – additional keys for grabber to look for Asset IDs in

  • do_echo_grab (bool, optional) – Echo output of Asset ID grabber to console as well as log

  • do_raise_grab (bool, optional) – Throw an error if grabber fails to find an Asset ID in any items

  • **kwargs – passed to :method:`run_enforcement`

Returns:

Runner object used to verify and run $eset

Return type:

Runner

run_enforcement_from_text_path(eset, path, keys=None, do_echo_grab=True, do_raise_grab=False, **kwargs)[source]

Get Asset IDs from a text file and run $eset against them.

Examples

>>> import axonius_api_client as axonapi
>>> connect_args: dict = axonapi.get_env_connect()
>>> client: axonapi.Connect = axonapi.Connect(**connect_args)
>>> apiobj: axonapi.api.assets.AssetMixin = client.devices
>>>       # or client.users or client.vulnerabilities
>>> ESET: str = "test"  # "name or uuid of enforcement set"

Run an enforcement against all asset IDs from a text file. All lines will have any non-alphanumeric characters removed from them and if a 32 character alphanumeric string is found it is considered an Asset ID. We are unsure if Asset IDs are still valid for this instance, so we do not pass verified=True. >>> PATH: str = “data.txt” >>> RUNNER: Runner = apiobj.run_enforcement_from_text_path(eset=ESET, path=PATH) >>> print(RUNNER) Runner(

state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=None, verified=True, verify_count=True, prompt=False, grabber=Grabber( count_supplied=31, count_found=31, do_echo=True, do_raise=False, source=’from_text_path /Users/jimbo/gh/Axonius/axonapi/data.txt /

from_text items type=PosixPath, length=None post_load type=generator, length=None’, ), )

Parameters:
  • eset (ENFORCEMENT) – name, uuid, or Enforcement Set object to run

  • path (PathLike) – str or pathlib.Path of path containing text str

  • keys (t.Union[str, t.List[str]]) – n/a

  • do_echo_grab (bool, optional) – Echo output of Asset ID grabber to console as well as log

  • do_raise_grab (bool, optional) – Throw an error if grabber fails to find an Asset ID in any items

  • **kwargs – passed to :method:`run_enforcement`

Returns:

Runner object used to verify and run $eset

Return type:

Runner

property enforcements

Work with enforcements.

count(query=None, history_date=None, history_days_ago=None, history_exact=False, wiz_entries=None, wiz_parsed=None, history_date_parsed=None, use_cache_entry=False, frontend_sent_time=None, query_id=None, saved_query_id=None, request_obj=None, http_args=None, sleep=0.5, **kwargs)[source]

Get the count of assets from a query.

Examples

>>> import axonius_api_client as axonapi
>>> connect_args: dict = axonapi.get_env_connect()
>>> client: axonapi.Connect = axonapi.Connect(**connect_args)
>>> apiobj: axonapi.api.assets.AssetMixin = client.devices
>>>       # or client.users or client.vulnerabilities
Get count of all assets
>>> path: int = apiobj.count()
Get count of all assets for a given date
>>> path: int = apiobj.count(history_date="2020-09-29")
Get count of assets matching a query built by the GUI query wizard
>>> use_query: str = '(specific_data.data.name == "test")'
>>> path: int = apiobj.count(query=use_query)
Get count of assets matching a query built by the API client query wizard
>>> entries: str = 'simple name equals test'
>>> path: int = apiobj.count(wiz_entries=entries)
Same as above but using a list of dicts instead of a string for wiz_entries
>>> entries: t.List[dict] = [{'type': 'simple', 'path': 'name equals test'}]
>>> path: int = apiobj.count(wiz_entries=entries)
Parameters:
Return type:

int

count_by_saved_query(name, **kwargs)[source]

Get the count of assets for a query defined in a saved query.

Examples

>>> import axonius_api_client as axonapi
>>> connect_args: dict = axonapi.get_env_connect()
>>> client: axonapi.Connect = axonapi.Connect(**connect_args)
>>> apiobj: axonapi.api.assets.AssetMixin = client.devices
>>>       # or client.users or client.vulnerabilities
Get count of assets returned from a saved query
>>> count: int = apiobj.count_by_saved_query(name="test")
Get count of assets returned from a saved query for a given date
>>> count: int = apiobj.count_by_saved_query(name="test", history_date="2020-09-29")
Parameters:
  • name (str) – saved query to get count of assets from

  • kwargs – supplied to count()

Return type:

int

get(generator=False, **kwargs)[source]

Get assets from a query.

Examples

>>> import axonius_api_client as axonapi
>>> connect_args: dict = axonapi.get_env_connect()
>>> client: axonapi.Connect = axonapi.Connect(**connect_args)
>>> apiobj: axonapi.api.assets.AssetMixin = client.devices
>>>       # or client.users or client.vulnerabilities
Get all assets with the default fields defined in the API client
>>> assets: list[dict] = apiobj.get()
Get all assets using a generator
>>> assets: list[dict] = list(apiobj.get(generator=True))
Get all assets and include more fields
>>> fields: list[str] = ["os.type", "aws:aws_device_type"]
>>> assets: list[dict] = apiobj.get(fields=fields)
Get all assets and include fields that fuzzy match names and no default fields
>>> fields_fuzzy: list[str] = ["last", "os"]
>>> assets: list[dict] = apiobj.get(fields_fuzzy=fields_fuzzy, fields_default=False)
Get all assets and include fields that regex match names a
>>> fields_regex: list[str] = ["^os\."]
>>> assets: list[dict] = apiobj.get(fields_regex=fields_regex)
Get all assets and include all root fields for an adapter
>>> assets: list[dict] = apiobj.get(fields_root="aws")
Get all assets for a given date in history and sort the rows on a field
>>> assets: list[dict] = apiobj.get(history_date="2020-09-29", sort_field="name")
Get all assets with details of which adapter connection provided the aggregated data
>>> assets: list[dict] = apiobj.get(include_details=True)
Get assets matching a query built by the GUI query wizard
>>> query: str ='(specific_data.data.name == "test")'
>>> assets: list[dict] = apiobj.get(query=query)
Get assets matching a query built by the API client query wizard
>>> wiz_entries: list[dict] = [{'type': 'simple', 'path': 'name equals test'}]
>>> assets: list[dict] = apiobj.get(wiz_entries=wiz_entries)

See also

This method is used by all other get* methods under the hood and their kwargs are passed through to this method and passed to get_generator() which are then passed to whatever callback is used based on the export argument.

If export is not supplied, see axonius_api_client.api.asset_callbacks.base.Base.args_map().

If export equals json, see axonius_api_client.api.asset_callbacks.base_json.Json.args_map().

If export equals csv, see axonius_api_client.api.asset_callbacks.base_csv.Csv.args_map().

If export equals json_to_csv, see axonius_api_client.api.asset_callbacks.base_json_to_csv.JsonToCsv.args_map().

If export equals table, see axonius_api_client.api.asset_callbacks.base_table.Table.args_map().

If export equals xlsx, see axonius_api_client.api.asset_callbacks.base_xlsx.Xlsx.args_map().

axonius_api_client.constants.asset_helpers.ASSET_HELPERS for a list of helpers that translate between GUI titles, API request attributes, and saved query paths.

Parameters:
  • generator (bool) – return an iterator for assets that will yield rows as they are fetched

  • **kwargs – passed to get_generator()

Return type:

typing.Union[typing.Generator[dict, None, None], typing.List[dict]]

get_generator(query=None, fields=None, fields_manual=None, fields_regex=None, fields_regex_root_only=True, fields_fuzzy=None, fields_default=True, fields_root=None, fields_error=True, max_rows=None, max_pages=None, row_start=0, page_size=2000, page_start=0, page_sleep=0, export='base', sort_field=None, sort_descending=False, history_date=None, history_days_ago=None, history_exact=False, wiz_entries=None, wiz_parsed=None, file_date=None, sort_field_parsed=None, search=None, history_date_parsed=None, field_filters=None, excluded_adapters=None, asset_excluded_adapters=None, asset_filters=None, expressions=None, fields_parsed=None, include_details=False, include_notes=False, use_cursor=True, cursor_id=None, saved_query_id=None, query_id=None, is_refresh=False, null_for_non_exist=False, source_component=None, frontend_sent_time=None, filter_out_non_existing_fields=True, complex_fields_preview_limit=None, max_field_items=None, initial_count=None, request_obj=None, export_templates=None, http_args=None, return_plain_data=None, **kwargs)[source]

Get assets from a query.

See also

If export is not supplied, see axonius_api_client.api.asset_callbacks.base.Base.args_map().

If export equals json, see axonius_api_client.api.asset_callbacks.base_json.Json.args_map().

If export equals csv, see axonius_api_client.api.asset_callbacks.base_csv.Csv.args_map().

If export equals json_to_csv, see axonius_api_client.api.asset_callbacks.base_json_to_csv.JsonToCsv.args_map().

If export equals table, see axonius_api_client.api.asset_callbacks.base_table.Table.args_map().

If export equals xlsx, see axonius_api_client.api.asset_callbacks.base_xlsx.Xlsx.args_map().

axonius_api_client.constants.asset_helpers.ASSET_HELPERS for a list of helpers that translate between GUI titles, API request attributes, and saved query paths.

Parameters:
Return type:

typing.Generator[dict, None, None]

get_by_saved_query(name, include_fields=True, include_excluded_adapters=True, include_asset_excluded_adapters=True, include_field_filters=True, include_asset_filters=True, **kwargs)[source]

Get assets that would be returned by a saved query.

Examples

First, create a client using axonius_api_client.connect.Connect and assume apiobj is client.devices or client.users >>> import axonius_api_client as axonapi >>> connect_args: dict = axonapi.get_env_connect() >>> client: axonapi.Connect = axonapi.Connect(**connect_args) >>> apiobj: axonapi.api.assets.AssetMixin = client.devices >>> # or client.users or client.vulnerabilities

Get assets from a saved query with complex fields flattened >>> assets: t.List[dict] = apiobj.get_by_saved_query(name=”test”, field_flatten=True)

See also

axonius_api_client.constants.asset_helpers.ASSET_HELPERS for a list of helpers that translate between GUI titles, API request attributes, and saved query paths.

Parameters:
  • name (str) – name of saved query to get assets from

  • include_fields (bool) – include fields from saved query

  • include_excluded_adapters (bool) – include column filters for excluded adapters from saved query

  • include_asset_excluded_adapters (bool) – include column filters for asset excluded adapters from saved query

  • include_field_filters (bool) – include column filters for field filters from saved query

  • include_asset_filters (bool) – include column filters for asset filters from saved query

  • **kwargs – passed to get()

Return type:

typing.Union[typing.Generator[dict, None, None], typing.List[dict]]

get_wiz_entries(wiz_entries=None)[source]

Build a query and expressions.

Examples

>>> import axonius_api_client as axonapi
>>> connect_args: dict = axonapi.get_env_connect()
>>> client: axonapi.Connect = axonapi.Connect(**connect_args)
>>> apiobj: axonapi.api.assets.AssetMixin = client.devices
>>>       # or client.users or client.vulnerabilities

None is returned if no wiz_entries are passed >>> items = None >>> parsed = apiobj.get_wiz_entries(wiz_entries=items) >>> print(parsed) None

A string or list of strings will be parsed into a query and expressions: >>> items = “simple hostname contains test” >>> parsed = apiobj.get_wiz_entries(wiz_entries=items) >>> client.jdump(parsed)

{
“expressions”: [
{

“bracketWeight”: 0, “children”: [

{

“condition”: “”, “expression”: {

“compOp”: “”, “field”: “”, “filteredAdapters”: null, “value”: null

}, “i”: 0

}

], “compOp”: “contains”, “field”: “specific_data.data.hostname”, “fieldType”: “axonius”, “filter”: “(“specific_data.data.hostname” == regex(“test”, “i”))”, “filteredAdapters”: null, “leftBracket”: false, “logicOp”: “”, “not”: false, “rightBracket”: false, “value”: “test”

}

], “query”: “(“specific_data.data.hostname” == regex(“test”, “i”))”

}

A dict or list of dicts will be parsed into a query and expressions >>> items = {“type”: “simple”, “value”: “hostname contains test”} >>> parsed = client.devices.get_wiz_entries(items) >>> # same output as above

Parameters:

wiz_entries (typing.Union[typing.List[dict], typing.List[str], dict, str, None]) – list of dicts or list of strings or single dict or single string

Return type:

typing.Optional[dict]

get_sort_field(field=None, descending=False, validate=True)[source]

Build the parsed sort field based off of field and descending.

Parameters:
  • field (typing.Optional[str]) – field to sort by

  • descending (bool) – if True, sort descending

  • validate (bool) – if True, validate field name

Return type:

typing.Optional[str]

Returns:

field (prefixed with - if descending), None if field is None

get_history_date(date=None, days_ago=None, exact=False)[source]

Get a history date.

Parameters:
Return type:

typing.Optional[str]

Returns:

date in YYYY-MM-DD format or None

get_by_id(id)[source]

Get the full data set of all adapters for a single asset.

Examples

>>> import axonius_api_client as axonapi
>>> connect_args: dict = axonapi.get_env_connect()
>>> client: axonapi.Connect = axonapi.Connect(**connect_args)
>>> apiobj: axonapi.api.assets.AssetMixin = client.devices
>>>       # or client.users or client.vulnerabilities
>>> assets: list[dict] = apiobj.get(max_rows=1)
>>> asset_id: str = assets[0]["internal_axon_id"]
>>> asset: dict = apiobj.get_by_id(id=as)
Parameters:

id (str) – internal_axon_id of asset to get all data set for

Raises:

NotFoundError – if id is not found

Return type:

dict

property fields_default: List[dict]

Fields to use by default for getting assets.

destroy(destroy, history)[source]

Delete ALL assets.

Notes

Enable the Enable API destroy endpoints setting under Settings > Global Settings > API Settings > Enable advanced API settings for this method to function.

Parameters:
  • destroy (bool) – Must be true in order to actually perform the delete

  • history (bool) – Also delete all historical information

Return type:

dict

get_by_values(values, field, not_flag=False, pre='', post='', field_manual=False, **kwargs)[source]

Build a query to get assets where field in values.

Notes

It is better to use wizard, wizard_text, or wizard_csv to build queries!

Parameters:
  • values (typing.List[str]) – list of values that must match field

  • field (str) – name of field to query against

  • not_flag (bool) – prefix query with ‘not’

  • pre (str) – query to add to the beginning of the query

  • post (str) – query to add to the end of the query

  • field_manual (bool) – consider supplied field as a fully qualified field name

  • **kwargs – passed to get()

Return type:

typing.Union[typing.Generator[dict, None, None], typing.List[dict]]

get_by_value_regex(value, field, cast_insensitive=True, not_flag=False, pre='', post='', field_manual=False, **kwargs)[source]

Build a query to get assets where field regex matches a value.

Notes

It is better to use wizard, wizard_text, or wizard_csv to build queries!

Parameters:
  • value (str) – regex that must match field

  • field (str) – name of field to query against

  • cast_insensitive (bool) – ignore case when performing the regex match

  • not_flag (bool) – prefix query with ‘not’

  • pre (str) – query to add to the beginning of the query

  • post (str) – query to add to the end of the query

  • field_manual (bool) – consider supplied field as a fully qualified field name

  • **kwargs – passed to get()

Return type:

typing.Union[typing.Generator[dict, None, None], typing.List[dict]]

get_by_value(value, field, not_flag=False, pre='', post='', field_manual=False, **kwargs)[source]

Build a query to get assets where field equals a value.

Notes

It is better to use wizard, wizard_text, or wizard_csv to build queries!

Parameters:
  • value (str) – value that must equal field

  • field (str) – name of field to query against

  • not_flag (bool) – prefix query with ‘not’

  • pre (str) – query to add to the beginning of the query

  • post (str) – query to add to the end of the query

  • field_manual (bool) – consider supplied field as a fully qualified field name

  • **kwargs – passed to get()

Return type:

typing.Union[typing.Generator[dict, None, None], typing.List[dict]]

history_dates_obj()[source]

Pass.

Return type:

axonius_api_client.api.json_api.assets.history_dates_human.AssetTypeHistoryDates

history_dates()[source]

Get all known historical dates.

Return type:

dict

_build_query(inner, not_flag=False, pre='', post='')[source]

Query builder with basic functionality.

Notes

It is better to use wizard, wizard_text, or wizard_csv to build queries!

Parameters:
  • inner (str) – inner query portion to wrap in parens and prefix with not

  • not_flag (bool) – prefix query with ‘not’

  • pre (str) – query to add to the beginning of the query

  • post (str) – query to add to the end of the query

Return type:

str

static build_get_request(request_obj=None, offset=0, limit=2000, remove_unknown_arguments=True, warn_unknown_arguments=True, **kwargs)[source]

Build a request object for a get assets request.

Parameters:
  • request_obj (typing.Optional[axonius_api_client.api.json_api.assets.asset_request.AssetRequest]) – request object to use

  • offset (typing.Optional[int]) – offset to start at

  • limit (typing.Optional[int]) – number of assets to return

  • remove_unknown_arguments (bool) – remove unknown arguments from kwargs

  • warn_unknown_arguments (bool) – warn about unknown arguments

  • **kwargs – passed to load_request()

Return type:

axonius_api_client.api.json_api.assets.asset_request.AssetRequest

static build_count_request(request_obj=None, remove_unknown_arguments=True, warn_unknown_arguments=True, **kwargs)[source]

Build a request object for a get asset count request.

Parameters:
  • request_obj (typing.Optional[axonius_api_client.api.json_api.assets.count_request.CountRequest]) – request object to use

  • remove_unknown_arguments (bool) – remove unknown arguments from kwargs

  • warn_unknown_arguments (bool) – warn about unknown arguments

  • **kwargs – passed to load_request()

Return type:

axonius_api_client.api.json_api.assets.count_request.CountRequest

property data_scopes

Work with data scopes.

_init(**kwargs)[source]

Post init method for subclasses to use for extra setup.

_get(request_obj=None, offset=0, limit=2000, http_args=None, **kwargs)[source]

Private API method to get a page of assets using a request object.

Parameters:
Return type:

axonius_api_client.api.json_api.assets.asset_response.AssetsPage

_count(request_obj=None, http_args=None, **kwargs)[source]

Direct API method to get the count of assets using a request object.

Parameters:
Return type:

axonius_api_client.api.json_api.assets.count_response.Count

_get_by_id(id)[source]

Private API method to get the full metadata of all adapters for a single asset.

Parameters:

id (str) – asset to get all metadata for

Return type:

axonius_api_client.api.json_api.assets.asset_id_response.AssetById

_destroy(destroy, history)[source]

Private API method to destroy ALL assets.

Parameters:
  • destroy (bool) – Must be true in order to actually perform the delete

  • history (bool) – Also delete all historical information

Return type:

dict

_history_dates()[source]

Private API method to get all known historical dates.

Return type:

axonius_api_client.api.json_api.assets.history_dates_response.HistoryDates

_run_enforcement(name, ids, include=True, fields=None, query='')[source]

Run an enforcement set manually against a list of assets internal_axon_ids.

Parameters:
  • name (str) – Name of enforcement set to execute

  • ids (t.List[str]) – internal_axon_id’s of assets to run enforcement set against

  • include (bool, optional) – select IDs in DB or IDs NOT in DB

  • fields (t.Optional[t.List[str]], optional) – list of fields used to select assets

  • query (str, optional) – filter used to select assets

Returns:

Empty response

Return type:

TYPE

FIELD_TAGS: str = 'labels'

Field name for getting tabs (labels).

FIELD_AXON_ID: str = 'internal_axon_id'

Field name for asset unique ID.

FIELD_ADAPTERS: str = 'adapters'

Field name for list of adapters on an asset.

FIELD_ADAPTER_LEN: str = 'adapter_list_length'

Field name for count of adapters on an asset.

FIELD_LAST_SEEN: str = 'specific_data.data.last_seen'

Field name for last time an adapter saw the asset.

FIELD_MAIN: str = 'internal_axon_id'

Field name of the main identifier.

FIELD_SIMPLE: str = 'internal_axon_id'

Field name of a simple field.

LOG: logging.Logger = None

Logger for this object.

__init__(auth, log_level='debug', **kwargs)

Mixins for API Models.

Parameters:
  • auth (axonius_api_client.auth.model.AuthModel) – object to use for auth and sending API requests

  • log_level (typing.Union[int, str]) – logging level to use for this objects logger

  • **kwargs – passed to _init()

__repr__()

Show info for this model object.

Return type:

str

__str__()

Show info for this model object.

Return type:

str

_init_auth(**kwargs)

Post init method for subclasses to use for overriding auth setup.

auth: AuthModel = None

Authentication model with bound Http object to use for requests.

http: Http = None

Http object to use for requests.

FIELD_COMPLEX: str = None

Field name of a complex field.

FIELD_COMPLEX_SUB: str = None

Field name of a complex sub field.

FIELDS_API: typing.List[str] = ['internal_axon_id', 'adapters', 'labels', 'adapter_list_length']

Field names that are always returned by the REST API no matter what fields are selected

wizard: str = None

Query wizard for python objects.

Type:

axonius_api_client.api.wizards.wizard.Wizard

wizard_text: str = None

Query wizard for text files.

Type:

axonius_api_client.api.wizards.wizard_text.WizardText

wizard_csv = None

Query wizard for CSV files.

Type:

axonius_api_client.api.wizards.wizard_csv.WizardCsv