4.7.1.2. Asset API models¶
API model mixin for device and user assets.
- class axonius_api_client.api.assets.asset_mixin.AssetMixin(auth, log_level='debug', **kwargs)[source]¶
Bases:
ModelMixins
API model mixin for device and user assets.
Examples
Get count of assets:
count()
Get count of assets from a saved query:
count_by_saved_query()
Get assets:
get()
Get assets from a saved query:
get_by_saved_query()
Get the full data set for a single asset:
get_by_id()
Work with saved queries:
axonius_api_client.api.assets.saved_query.SavedQuery
Work with fields:
axonius_api_client.api.assets.fields.Fields
Work with tags:
axonius_api_client.api.assets.labels.Labels
See also
This object is not usable directly, it only stores the logic that is common for working with the various asset types:
Device assets
axonius_api_client.api.assets.devices.Devices
User assets
axonius_api_client.api.assets.users.Users
- Parameters:
auth (
axonius_api_client.auth.model.AuthModel
) –log_level (
typing.Union
[int
,str
]) –
- run_enforcement(eset, ids, verify_and_run=True, verified=False, verify_count=True, prompt=False, do_echo=False, refetch=False, src_query=None, src_fields=None, check_stdin=True, grabber=None)[source]¶
Run an enforcement set against a manually selected list of assets.
Examples
>>> import axonius_api_client as axonapi >>> connect_args: dict = axonapi.get_env_connect() >>> client: axonapi.Connect = axonapi.Connect(**connect_args) >>> apiobj: axonapi.api.assets.AssetMixin = client.devices >>> # or client.users or client.vulnerabilities >>> WIZ: str = "simple os.type equals Windows" # "query of assets to target" >>> ESET: str = "test" # "name or uuid of enforcement set"
Get a list of assets from a query and manually extract the IDs. We know assets are valid because we just got them, so we pass verified=True. >>> ITEMS: list[dict] = apiobj.get(wiz_entries=WIZ) >>> IDS: list[str] = list(map(lambda x: x[‘internal_axon_id’], ITEMS)) >>> RUNNER: Runner = apiobj.run_enforcement(eset=ESET, ids=IDS, verified=True) >>> print(RUNNER) Runner(
state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=None, verified=True, verify_count=True, prompt=False, grabber=None,
)
- Parameters:
eset (ENFORCEMENT) – name, uuid, or Enforcement Set object to run
ids (t.Union[str, t.List[str]]) – Asset IDs to run Enforcement Set against, csv-like string or list of csv-like strings
verify_and_run (bool, optional) – if false, return the Runner object to use manually. if true, run :method:`Runner.verify_and_run` before returning the Runner object
verified (bool) – $ids already verified, just run $eset against $ids
verify_count (bool) – Verify that the count of $query equals the count of $ids
prompt (bool) – Prompt user for verification when applicable.
do_echo (bool) – Echo output to console as well as log
refetch (bool) – refetch $eset even if it is already a model
src_query (str) – query to use to get $ids
src_fields (list) – fields to use to get $ids
check_stdin (bool) – error if stdin is a TTY when prompting
grabber (
typing.Optional
[axonius_api_client.parsers.grabber.Grabber
]) – (grabber): Grabber used to get IDs
- Returns:
Runner object used to verify and run $eset
- Return type:
Runner
- run_enforcement_from_items(eset, items, keys=None, do_echo_grab=True, do_raise_grab=False, **kwargs)[source]¶
Get Asset IDs from a list of dicts or strs and run $eset against them.
Examples
>>> import axonius_api_client as axonapi >>> connect_args: dict = axonapi.get_env_connect() >>> client: axonapi.Connect = axonapi.Connect(**connect_args) >>> apiobj: axonapi.api.assets.AssetMixin = client.devices >>> # or client.users or client.vulnerabilities >>> WIZ: str = "simple os.type equals Windows" # "query of assets to target" >>> ESET: str = "test" # "name or uuid of enforcement set"
Get a list of assets from a query and use the grabber get the IDs. We know assets are valid because we just got them, so we pass verified=True. >>> ITEMS: list[dict] = apiobj.get(wiz_entries=WIZ) >>> RUNNER: Runner = apiobj.run_enforcement_from_items(eset=ESET, items=ITEMS, … verified=True) >>> print(RUNNER) Runner(
state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=None, verified=True, verify_count=True, prompt=False, grabber=Grabber( count_supplied=31, count_found=31, do_echo=True, do_raise=False, source=None,
)
- Parameters:
eset (ENFORCEMENT) – name, uuid, or Enforcement Set object to run
items (t.Union[str, t.List[str], dict, t.List[dict], types.GeneratorType]) – list of strs or dicts to grab Asset IDs from
keys (t.Union[str, t.List[str]]) – additional keys for grabber to look for Asset IDs in
do_echo_grab (bool, optional) – Echo output of Asset ID grabber to console as well as log
do_raise_grab (bool, optional) – Throw an error if grabber fails to find an Asset ID in any items
**kwargs – passed to :method:`run_enforcement`
- Returns:
Runner object used to verify and run $eset
- Return type:
Runner
- run_enforcement_from_json(eset, items, keys=None, do_echo_grab=True, do_raise_grab=False, **kwargs)[source]¶
Get Asset IDs from a JSON string with a list of dicts and run $eset against them.
Examples
>>> import axonius_api_client as axonapi >>> connect_args: dict = axonapi.get_env_connect() >>> client: axonapi.Connect = axonapi.Connect(**connect_args) >>> apiobj: axonapi.api.assets.AssetMixin = client.devices >>> # or client.users or client.vulnerabilities >>> WIZ: str = "simple os.type equals Windows" # "query of assets to target" >>> ESET: str = "test" # "name or uuid of enforcement set"
Get a list of assets from a query and export the assets to a JSON str then run an enforcement against all asset IDs from the JSON str. We know assets are valid because we just got them, so we pass verified=True. >>> import io >>> FH = io.StringIO() >>> _ = apiobj.get(wiz_entries=WIZ, export=”json”, export_fd=FH, export_fd_close=False) >>> FH.seek(0) >>> ITEMS: str = FH.getvalue() >>> RUNNER: Runner = apiobj.run_enforcement_from_json(eset=ESET, items=ITEMS, … verified=True) >>> print(RUNNER) Runner(
state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=None, verified=True, verify_count=True, prompt=False, grabber=Grabber( count_supplied=31, count_found=31, do_echo=True, do_raise=False, source=’from_json items type=str, length=15519 post_load type=list, length=31’,
), )
Get a list of assets from a query and export the assets to a JSON file then run an enforcement against all asset IDs from the JSON file. We know assets are valid because we just got them, so we pass verified=True. >>> import pathlib >>> PATH: pathlib.Path = pathlib.Path(“data.json”) >>> _ = apiobj.get(wiz_entries=WIZ, export=”json”, export_file=PATH) >>> RUNNER: Runner = apiobj.run_enforcement_from_json(eset=ESET, items=PATH, … verified=True) >>> print(RUNNER) Runner(
state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=None, verified=True, verify_count=True, prompt=False, grabber=Grabber( count_supplied=31, count_found=31, do_echo=True, do_raise=False, source=’from_json items type=PosixPath, length=None post_load type=list, length=31’,
), )
- Parameters:
eset (ENFORCEMENT) – name, uuid, or Enforcement Set object to run
items (t.Union[str, bytes, t.IO, pathlib.Path]) – json str, handle for file containing json str, or pathlib.Path of path containing json str
keys (t.Union[str, t.List[str]]) – additional keys for grabber to look for Asset IDs in
do_echo_grab (bool, optional) – Echo output of Asset ID grabber to console as well as log
do_raise_grab (bool, optional) – Throw an error if grabber fails to find an Asset ID in any items
**kwargs – passed to :method:`run_enforcement`
- Returns:
Runner object used to verify and run $eset
- Return type:
Runner
- run_enforcement_from_jsonl(eset, items, keys=None, do_echo_grab=True, do_raise_grab=False, **kwargs)[source]¶
Get Asset IDs from a JSONL string with one dict per line and run $eset against them.
Examples
>>> import axonius_api_client as axonapi >>> connect_args: dict = axonapi.get_env_connect() >>> client: axonapi.Connect = axonapi.Connect(**connect_args) >>> apiobj: axonapi.api.assets.AssetMixin = client.devices >>> # or client.users or client.vulnerabilities >>> WIZ: str = "simple os.type equals Windows" # "query of assets to target" >>> ESET: str = "test" # "name or uuid of enforcement set"
Get a list of assets from a query and export the assets to a JSONL str then run an enforcement against all asset IDs from the JSONL str. We know assets are valid because we just got them, so we pass verified=True. >>> import io >>> FH = io.StringIO() >>> _ = apiobj.get(wiz_entries=WIZ, export=”json”, json_flat=True, … export_fd=FH, export_fd_close=False) >>> FH.seek(0) >>> RUNNER: Runner = apiobj.run_enforcement_from_jsonl(eset=ESET, items=FH, … verified=True) >>> print(RUNNER) Runner(
state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=None, verified=True, verify_count=True, prompt=False, grabber=Grabber( count_supplied=31, count_found=31, do_echo=True, do_raise=False, source=’from_jsonl items type=StringIO, length=None post_load type=list, length=31’,
), )
Get a list of assets from a query and export the assets to a JSONL file then run an enforcement against all asset IDs from the JSONL file. We know assets are valid because we just got them, so we pass verified=True. >>> import pathlib >>> PATH = pathlib.Path(“data.jsonl”) >>> _ = apiobj.get( … wiz_entries=WIZ, export=”json”, json_flat=True, export_file=PATH, … export_overwrite=True) >>> RUNNER: Runner = apiobj.run_enforcement_from_jsonl(eset=ESET, items=PATH, … verified=True) >>> print(RUNNER) Runner(
state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=None, verified=True, verify_count=True, prompt=False, grabber=Grabber( count_supplied=31, count_found=31, do_echo=True, do_raise=False, source=’from_jsonl items type=PosixPath, length=None post_load type=list, length=31’,
), )
- Parameters:
eset (ENFORCEMENT) – name, uuid, or Enforcement Set object to run
items (t.Union[str, bytes, t.IO, pathlib.Path]) – jsonl str, handle for file containing jsonl str, or pathlib.Path of path containing jsonl str
keys (t.Union[str, t.List[str]]) – additional keys for grabber to look for Asset IDs in
do_echo_grab (bool, optional) – Echo output of Asset ID grabber to console as well as log
do_raise_grab (bool, optional) – Throw an error if grabber fails to find an Asset ID in any items
**kwargs – passed to :method:`run_enforcement`
- Returns:
Runner object used to verify and run $eset
- Return type:
Runner
- run_enforcement_from_csv(eset, items, keys=None, do_echo_grab=True, do_raise_grab=False, load_args=None, **kwargs)[source]¶
Get Asset IDs from a CSV string and run $eset against them.
Examples
>>> import axonius_api_client as axonapi >>> connect_args: dict = axonapi.get_env_connect() >>> client: axonapi.Connect = axonapi.Connect(**connect_args) >>> apiobj: axonapi.api.assets.AssetMixin = client.devices >>> # or client.users or client.vulnerabilities >>> WIZ: str = "simple os.type equals Windows" # "query of assets to target" >>> ESET: str = "test" # "name or uuid of enforcement set"
Get a list of assets from a query and export the assets to a JSONL str then run an enforcement against all asset IDs from the JSONL str. We can also use a CSV file exported from the GUI. We know assets are valid because we just got them, so we pass verified=True.
>>> import io >>> FH: io.StringIO = io.StringIO() >>> _ = apiobj.get(wiz_entries=WIZ, export="csv", export_fd=FH, export_fd_close=False) >>> FH.seek(0) >>> ITEMS: str = axonapi.tools.bom_strip(FH.getvalue()) >>> RUNNER: Runner = apiobj.run_enforcement_from_csv(eset=ESET, items=ITEMS, ... verified=True) >>> print(RUNNER) Runner( state='Ran Enforcement Set against 31 supplied Asset IDs', eset='test', executed=True, count_ids=31, count_result=None, verified=True, verify_count=True, prompt=False, grabber=Grabber( count_supplied=33, count_found=31, do_echo=True, do_raise=False, source='from_csv items type=str, length=6556 post_load type=list, length=33', ), )
Get a list of assets from a query and export the assets to a CSV file then run an enforcement against all asset IDs from the CSV file. We can also use a CSV file exported from the GUI. We know assets are valid because we just got them, so we pass verified=True. >>> import pathlib >>> PATH: pathlib.Path = pathlib.Path(“data.csv”) >>> _ = apiobj.get(wiz_entries=WIZ, export=”csv”, export_file=PATH) >>> RUNNER: Runner = apiobj.run_enforcement_from_csv(eset=ESET, items=PATH, … verified=True) >>> print(RUNNER) Runner(
state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=None, verified=True, verify_count=True, prompt=False, grabber=Grabber( count_supplied=33, count_found=31, do_echo=True, do_raise=False, source=’from_csv items type=PosixPath, length=None post_load type=list, length=33’,
), )
- Parameters:
eset (ENFORCEMENT) – name, uuid, or Enforcement Set object to run
items (t.Union[str, bytes, t.IO, pathlib.Path]) – csv str, handle for file containing csv str, or pathlib.Path of path containing csv str
keys (t.Union[str, t.List[str]]) – additional keys for grabber to look for Asset IDs in
do_echo_grab (bool, optional) – Echo output of Asset ID grabber to console as well as log
do_raise_grab (bool, optional) – Throw an error if grabber fails to find an Asset ID in any items
load_args (
typing.Optional
[dict
]) – passed topandas.read_csv()
**kwargs – passed to :method:`run_enforcement`
- Returns:
Runner object used to verify and run $eset
- Return type:
Runner
- run_enforcement_from_text(eset, items, keys=None, do_echo_grab=True, do_raise_grab=False, **kwargs)[source]¶
Get Asset IDs from a text string and run $eset against them.
Examples
>>> import axonius_api_client as axonapi >>> connect_args: dict = axonapi.get_env_connect() >>> client: axonapi.Connect = axonapi.Connect(**connect_args) >>> apiobj: axonapi.api.assets.AssetMixin = client.devices >>> # or client.users or client.vulnerabilities >>> WIZ: str = "simple os.type equals Windows" # "query of assets to target" >>> ESET: str = "test" # "name or uuid of enforcement set"
Get a list of assets from a query and export the assets to a text file then run an enforcement against all asset IDs from the text file. All lines will have any non-alphanumeric characters removed from them and if a 32 character alphanumeric string is found it is considered an Asset ID. We know assets are valid because we just got them, so we pass verified=True. >>> import pathlib >>> PATH: pathlib.Path = pathlib.Path(“data.txt”) >>> ITEMS: list[dict] = apiobj.get(wiz_entries=WIZ) >>> IDS: list[str] = list(map(lambda x: x[‘internal_axon_id’], ITEMS)) >>> PATH.write_text(’n’.join(IDS)) >>> RUNNER: Runner = apiobj.run_enforcement_from_text( … eset=ESET, items=PATH, verified=True) >>> print(RUNNER) Runner(
state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=None, verified=True, verify_count=True, prompt=False, grabber=Grabber( count_supplied=31, count_found=31, do_echo=True, do_raise=False, source=’from_text items type=PosixPath, length=None’,
), )
- Parameters:
eset (ENFORCEMENT) – name, uuid, or Enforcement Set object to run
items (t.Union[str, bytes, t.IO, pathlib.Path]) – text str, handle for file containing text str, or pathlib.Path of path containing text str
do_echo_grab (bool, optional) – Echo output of Asset ID grabber to console as well as log
do_raise_grab (bool, optional) – Throw an error if grabber fails to find an Asset ID in any items
**kwargs – passed to :method:`run_enforcement`
- Returns:
Runner object used to verify and run $eset
- Return type:
Runner
- run_enforcement_from_json_path(eset, path, keys=None, do_echo_grab=True, do_raise_grab=False, **kwargs)[source]¶
Get Asset IDs from a JSON file with a list of dicts and run $eset against them.
Examples
>>> import axonius_api_client as axonapi >>> connect_args: dict = axonapi.get_env_connect() >>> client: axonapi.Connect = axonapi.Connect(**connect_args) >>> apiobj: axonapi.api.assets.AssetMixin = client.devices >>> # or client.users or client.vulnerabilities >>> ESET: str = "test" # "name or uuid of enforcement set"
Run an enforcement against all asset IDs from a JSON file. We are unsure if Asset IDs are still valid for this instance of Axonius, so we do not pass verified=True. >>> PATH: str = “data.json” >>> RUNNER: Runner = apiobj.run_enforcement_from_json_path(eset=ESET, path=PATH) >>> print(RUNNER) Runner(
state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=31, verified=True, verify_count=True, prompt=False, grabber=Grabber( count_supplied=31, count_found=31, do_echo=True, do_raise=False, source=’from_json_path /Users/jimbo/gh/Axonius/axonapi/data.json /
from_json items type=PosixPath, length=None post_load type=list, length=31’, ), )
- Parameters:
eset (ENFORCEMENT) – name, uuid, or Enforcement Set object to run
path (PathLike) – str or pathlib.Path of path containing json str
keys (t.Union[str, t.List[str]]) – additional keys for grabber to look for Asset IDs in
do_echo_grab (bool, optional) – Echo output of Asset ID grabber to console as well as log
do_raise_grab (bool, optional) – Throw an error if grabber fails to find an Asset ID in any items
**kwargs – passed to :method:`run_enforcement`
- Returns:
Runner object used to verify and run $eset
- Return type:
Runner
- run_enforcement_from_jsonl_path(eset, path, keys=None, do_echo_grab=True, do_raise_grab=False, **kwargs)[source]¶
Get Asset IDs from a JSONL file with one dict per line and run $eset against them.
Examples
>>> import axonius_api_client as axonapi >>> connect_args: dict = axonapi.get_env_connect() >>> client: axonapi.Connect = axonapi.Connect(**connect_args) >>> apiobj: axonapi.api.assets.AssetMixin = client.devices >>> # or client.users or client.vulnerabilities >>> ESET: str = "test" # "name or uuid of enforcement set"
Run an enforcement against all asset IDs from a JSONL file. We are unsure if Asset IDs are still valid for this instance, so we do not pass verified=True. >>> PATH: str = “data.jsonl” >>> RUNNER: Runner = apiobj.run_enforcement_from_jsonl_path(eset=ESET, path=PATH) >>> print(RUNNER) Runner(
state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=31, verified=True, verify_count=True, prompt=False, grabber=Grabber( count_supplied=31, count_found=31, do_echo=True, do_raise=False, source=’from_jsonl_path /Users/jimbo/gh/Axonius/axonapi/data.jsonl /
from_jsonl items type=PosixPath, length=None post_load type=list, length=31’, ), )
- Parameters:
eset (ENFORCEMENT) – name, uuid, or Enforcement Set object to run
path (PathLike) – str or pathlib.Path of path containing jsonl str
keys (t.Union[str, t.List[str]]) – additional keys for grabber to look for Asset IDs in
do_echo_grab (bool, optional) – Echo output of Asset ID grabber to console as well as log
do_raise_grab (bool, optional) – Throw an error if grabber fails to find an Asset ID in any items
**kwargs – passed to :method:`run_enforcement`
- Returns:
Runner object used to verify and run $eset
- Return type:
Runner
- run_enforcement_from_csv_path(eset, path, keys=None, do_echo_grab=True, do_raise_grab=False, **kwargs)[source]¶
Get Asset IDs from a CSV file and run $eset against them.
Examples
>>> import axonius_api_client as axonapi >>> connect_args: dict = axonapi.get_env_connect() >>> client: axonapi.Connect = axonapi.Connect(**connect_args) >>> apiobj: axonapi.api.assets.AssetMixin = client.devices >>> # or client.users or client.vulnerabilities >>> ESET: str = "test" # "name or uuid of enforcement set"
Run an enforcement against all asset IDs from a JSONL file. We are unsure if Asset IDs are still valid for this instance, so we do not pass verified=True. >>> PATH: str = “data.csv” >>> RUNNER: Runner = apiobj.run_enforcement_from_csv_path(eset=ESET, path=PATH) >>> print(RUNNER) Runner(
state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=31, verified=True, verify_count=True, prompt=False, grabber=Grabber( count_supplied=33, count_found=31, do_echo=True, do_raise=False, source=’from_csv_path /Users/jimbo/gh/Axonius/axonapi/data.csv /
from_csv items type=PosixPath, length=None post_load type=list, length=33’, ), )
- Parameters:
eset (ENFORCEMENT) – name, uuid, or Enforcement Set object to run
path (PathLike) – str or pathlib.Path of path containing csv str
keys (t.Union[str, t.List[str]]) – additional keys for grabber to look for Asset IDs in
do_echo_grab (bool, optional) – Echo output of Asset ID grabber to console as well as log
do_raise_grab (bool, optional) – Throw an error if grabber fails to find an Asset ID in any items
**kwargs – passed to :method:`run_enforcement`
- Returns:
Runner object used to verify and run $eset
- Return type:
Runner
- run_enforcement_from_text_path(eset, path, keys=None, do_echo_grab=True, do_raise_grab=False, **kwargs)[source]¶
Get Asset IDs from a text file and run $eset against them.
Examples
>>> import axonius_api_client as axonapi >>> connect_args: dict = axonapi.get_env_connect() >>> client: axonapi.Connect = axonapi.Connect(**connect_args) >>> apiobj: axonapi.api.assets.AssetMixin = client.devices >>> # or client.users or client.vulnerabilities >>> ESET: str = "test" # "name or uuid of enforcement set"
Run an enforcement against all asset IDs from a text file. All lines will have any non-alphanumeric characters removed from them and if a 32 character alphanumeric string is found it is considered an Asset ID. We are unsure if Asset IDs are still valid for this instance, so we do not pass verified=True. >>> PATH: str = “data.txt” >>> RUNNER: Runner = apiobj.run_enforcement_from_text_path(eset=ESET, path=PATH) >>> print(RUNNER) Runner(
state=’Ran Enforcement Set against 31 supplied Asset IDs’, eset=’test’, executed=True, count_ids=31, count_result=None, verified=True, verify_count=True, prompt=False, grabber=Grabber( count_supplied=31, count_found=31, do_echo=True, do_raise=False, source=’from_text_path /Users/jimbo/gh/Axonius/axonapi/data.txt /
from_text items type=PosixPath, length=None post_load type=generator, length=None’, ), )
- Parameters:
eset (ENFORCEMENT) – name, uuid, or Enforcement Set object to run
path (PathLike) – str or pathlib.Path of path containing text str
do_echo_grab (bool, optional) – Echo output of Asset ID grabber to console as well as log
do_raise_grab (bool, optional) – Throw an error if grabber fails to find an Asset ID in any items
**kwargs – passed to :method:`run_enforcement`
- Returns:
Runner object used to verify and run $eset
- Return type:
Runner
- property enforcements¶
Work with enforcements.
- count(query=None, history_date=None, history_days_ago=None, history_exact=False, wiz_entries=None, wiz_parsed=None, history_date_parsed=None, use_cache_entry=False, frontend_sent_time=None, query_id=None, saved_query_id=None, request_obj=None, http_args=None, sleep=0.5, **kwargs)[source]¶
Get the count of assets from a query.
Examples
>>> import axonius_api_client as axonapi >>> connect_args: dict = axonapi.get_env_connect() >>> client: axonapi.Connect = axonapi.Connect(**connect_args) >>> apiobj: axonapi.api.assets.AssetMixin = client.devices >>> # or client.users or client.vulnerabilities Get count of all assets >>> path: int = apiobj.count() Get count of all assets for a given date >>> path: int = apiobj.count(history_date="2020-09-29") Get count of assets matching a query built by the GUI query wizard >>> use_query: str = '(specific_data.data.name == "test")' >>> path: int = apiobj.count(query=use_query) Get count of assets matching a query built by the API client query wizard >>> entries: str = 'simple name equals test' >>> path: int = apiobj.count(wiz_entries=entries) Same as above but using a list of dicts instead of a string for wiz_entries >>> entries: t.List[dict] = [{'type': 'simple', 'path': 'name equals test'}] >>> path: int = apiobj.count(wiz_entries=entries)
- Parameters:
query (
typing.Optional
[str
]) – only return the count of assets that match the queryhistory_date (
typing.Union
[str
,datetime.timedelta
,datetime.datetime
,None
]) – return asset count for a given historical datehistory_days_ago (
typing.Optional
[int
]) – return asset count for a given historical date that is N days agohistory_exact (
bool
) – if True, return the exact asset count for a given historical date if False, return the asset count for the closest historical datewiz_entries (
typing.Union
[typing.List
[dict
],typing.List
[str
],dict
,str
,None
]) – build a query from the entries and return the count of assets that match the querywiz_parsed (
typing.Optional
[typing.List
[dict
]]) – previously parsed wiz_entrieshistory_date_parsed (
typing.Optional
[str
]) – previously parsed history_dateuse_cache_entry (
bool
) – if True, use the last query that was run to get the countfrontend_sent_time (
typing.Optional
[datetime.datetime
]) – time that the query was sent from the frontendquery_id (
typing.Union
[str
,uuid.UUID
,None
]) – ID to identify this querysaved_query_id (
typing.Optional
[str
]) – ID of saved query that count is being issued forrequest_obj (
typing.Optional
[axonius_api_client.api.json_api.assets.count_request.CountRequest
]) – request object to use instead of building onehttp_args (
typing.Optional
[dict
]) – args to pass to http requestsleep (
typing.Union
[int
,float
,None
]) – time to sleep between requests**kwargs – sent to
build_count_request()
- Return type:
- count_by_saved_query(name, **kwargs)[source]¶
Get the count of assets for a query defined in a saved query.
Examples
>>> import axonius_api_client as axonapi >>> connect_args: dict = axonapi.get_env_connect() >>> client: axonapi.Connect = axonapi.Connect(**connect_args) >>> apiobj: axonapi.api.assets.AssetMixin = client.devices >>> # or client.users or client.vulnerabilities Get count of assets returned from a saved query >>> count: int = apiobj.count_by_saved_query(name="test") Get count of assets returned from a saved query for a given date >>> count: int = apiobj.count_by_saved_query(name="test", history_date="2020-09-29")
- get(generator=False, **kwargs)[source]¶
Get assets from a query.
Examples
>>> import axonius_api_client as axonapi >>> connect_args: dict = axonapi.get_env_connect() >>> client: axonapi.Connect = axonapi.Connect(**connect_args) >>> apiobj: axonapi.api.assets.AssetMixin = client.devices >>> # or client.users or client.vulnerabilities Get all assets with the default fields defined in the API client >>> assets: list[dict] = apiobj.get() Get all assets using a generator >>> assets: list[dict] = list(apiobj.get(generator=True)) Get all assets and include more fields >>> fields: list[str] = ["os.type", "aws:aws_device_type"] >>> assets: list[dict] = apiobj.get(fields=fields) Get all assets and include fields that fuzzy match names and no default fields >>> fields_fuzzy: list[str] = ["last", "os"] >>> assets: list[dict] = apiobj.get(fields_fuzzy=fields_fuzzy, fields_default=False) Get all assets and include fields that regex match names a >>> fields_regex: list[str] = ["^os\."] >>> assets: list[dict] = apiobj.get(fields_regex=fields_regex) Get all assets and include all root fields for an adapter >>> assets: list[dict] = apiobj.get(fields_root="aws") Get all assets for a given date in history and sort the rows on a field >>> assets: list[dict] = apiobj.get(history_date="2020-09-29", sort_field="name") Get all assets with details of which adapter connection provided the aggregated data >>> assets: list[dict] = apiobj.get(include_details=True) Get assets matching a query built by the GUI query wizard >>> query: str ='(specific_data.data.name == "test")' >>> assets: list[dict] = apiobj.get(query=query) Get assets matching a query built by the API client query wizard >>> wiz_entries: list[dict] = [{'type': 'simple', 'path': 'name equals test'}] >>> assets: list[dict] = apiobj.get(wiz_entries=wiz_entries)
See also
This method is used by all other get* methods under the hood and their kwargs are passed through to this method and passed to
get_generator()
which are then passed to whatever callback is used based on theexport
argument.If
export
is not supplied, seeaxonius_api_client.api.asset_callbacks.base.Base.args_map()
.If
export
equalsjson
, seeaxonius_api_client.api.asset_callbacks.base_json.Json.args_map()
.If
export
equalscsv
, seeaxonius_api_client.api.asset_callbacks.base_csv.Csv.args_map()
.If
export
equalsjson_to_csv
, seeaxonius_api_client.api.asset_callbacks.base_json_to_csv.JsonToCsv.args_map()
.If
export
equalstable
, seeaxonius_api_client.api.asset_callbacks.base_table.Table.args_map()
.If
export
equalsxlsx
, seeaxonius_api_client.api.asset_callbacks.base_xlsx.Xlsx.args_map()
.axonius_api_client.constants.asset_helpers.ASSET_HELPERS
for a list of helpers that translate between GUI titles, API request attributes, and saved query paths.- Parameters:
generator (
bool
) – return an iterator for assets that will yield rows as they are fetched**kwargs – passed to
get_generator()
- Return type:
typing.Union
[typing.Generator
[dict
,None
,None
],typing.List
[dict
]]
- get_generator(query=None, fields=None, fields_manual=None, fields_regex=None, fields_regex_root_only=True, fields_fuzzy=None, fields_default=True, fields_root=None, fields_error=True, max_rows=None, max_pages=None, row_start=0, page_size=2000, page_start=0, page_sleep=0, export='base', sort_field=None, sort_descending=False, history_date=None, history_days_ago=None, history_exact=False, wiz_entries=None, wiz_parsed=None, file_date=None, sort_field_parsed=None, search=None, history_date_parsed=None, field_filters=None, excluded_adapters=None, asset_excluded_adapters=None, asset_filters=None, expressions=None, fields_parsed=None, include_details=False, include_notes=False, use_cursor=True, cursor_id=None, saved_query_id=None, query_id=None, is_refresh=False, null_for_non_exist=False, source_component=None, frontend_sent_time=None, filter_out_non_existing_fields=True, complex_fields_preview_limit=None, max_field_items=None, initial_count=None, request_obj=None, export_templates=None, http_args=None, return_plain_data=None, **kwargs)[source]¶
Get assets from a query.
See also
If
export
is not supplied, seeaxonius_api_client.api.asset_callbacks.base.Base.args_map()
.If
export
equalsjson
, seeaxonius_api_client.api.asset_callbacks.base_json.Json.args_map()
.If
export
equalscsv
, seeaxonius_api_client.api.asset_callbacks.base_csv.Csv.args_map()
.If
export
equalsjson_to_csv
, seeaxonius_api_client.api.asset_callbacks.base_json_to_csv.JsonToCsv.args_map()
.If
export
equalstable
, seeaxonius_api_client.api.asset_callbacks.base_table.Table.args_map()
.If
export
equalsxlsx
, seeaxonius_api_client.api.asset_callbacks.base_xlsx.Xlsx.args_map()
.axonius_api_client.constants.asset_helpers.ASSET_HELPERS
for a list of helpers that translate between GUI titles, API request attributes, and saved query paths.- Parameters:
query (
typing.Optional
[str
]) – if supplied, only get the assets that match the queryfields (
typing.Union
[str
,typing.List
[str
],None
]) – fields to return for each asset (will be validated)fields_manual (
typing.Union
[str
,typing.List
[str
],None
]) – fields to return for each asset (will NOT be validated)fields_regex (
typing.Union
[str
,typing.List
[str
],None
]) – regex of fields to return for each assetfields_regex_root_only (
bool
) – only match fields_regex values against root fieldsfields_fuzzy (
typing.Union
[str
,typing.List
[str
],None
]) – string to fuzzy match of fields to return for each assetfields_default (
bool
) – include the default fields infields_default
fields_root (
typing.Optional
[str
]) – include all fields of an adapter that are not complex sub-fieldsfields_error (
bool
) – throw validation errors on supplied fieldsfields_parsed (
typing.Union
[dict
,typing.List
[str
],None
]) – previously parsed fieldsmax_rows (
typing.Optional
[int
]) – only return N rowsmax_pages (
typing.Optional
[int
]) – only return N pagesrow_start (
int
) – start at row Npage_size (
int
) – fetch N rows per pagepage_start (
int
) – start at page Npage_sleep (
int
) – sleep for N seconds between each page fetchexport (
str
) – export assets using a callback methodinclude_notes (
bool
) – include any defined notes for each adapterinclude_details (
bool
) – include details fields showing the adapter source of agg valuessaved_query_id (
typing.Optional
[str
]) – ID of saved query this fetch is associated withexpressions (
typing.Optional
[typing.List
[dict
]]) – expressions used by query wizard to create querysort_field (
typing.Optional
[str
]) – sort the returned assets on a given fieldsort_descending (
bool
) – reverse the sort of the returned assetshistory_date (
typing.Union
[str
,datetime.timedelta
,datetime.datetime
,None
]) – return assets for a given historical datehistory_days_ago (
typing.Optional
[int
]) – return assets for a history date N days agohistory_exact (
bool
) – Use the closest match for history_date and history_days_agowiz_entries (
typing.Union
[typing.List
[dict
],typing.List
[str
],dict
,str
,None
]) – wizard expressions to create query fromfile_date (
typing.Optional
[str
]) – string to use in filename templates for {DATE}wiz_parsed (
typing.Optional
[dict
]) – parsed output from a query wizardsort_field_parsed (
typing.Optional
[str
]) – previously parsed sort fieldhistory_date_parsed (
typing.Optional
[str
]) – previously parsed history dateinitial_count (
typing.Optional
[int
]) – previously fetched initial countsearch (
typing.Optional
[str
]) – search string to use for this queryuse_cursor (
bool
) – use cursor based paginationfield_filters (
typing.Optional
[typing.List
[dict
]]) – field filters to apply to this queryexcluded_adapters (
typing.Optional
[typing.List
[dict
]]) – adapters to exclude from this queryasset_excluded_adapters (
typing.Optional
[typing.List
[dict
]]) – adapters to exclude from this queryasset_filters (
typing.Optional
[typing.List
[dict
]]) – asset filters to apply to this querycursor_id (
typing.Optional
[str
]) – cursor ID to use for this queryquery_id (
typing.Union
[str
,uuid.UUID
,None
]) – query ID to use for this queryis_refresh (
bool
) – is this a refresh querynull_for_non_exist (
bool
) – return null for non existent fieldssource_component (
typing.Optional
[str
]) – source component to use for this queryexport_templates (
typing.Optional
[dict
]) – filename template replacement mappingsfilter_out_non_existing_fields (
bool
) – filter out fields that do not existcomplex_fields_preview_limit (
typing.Optional
[int
]) – limit the number of complex fields to previewmax_field_items (
typing.Optional
[int
]) – max number of items to return for a fieldfrontend_sent_time (
typing.Optional
[datetime.datetime
]) – frontend sent time to use for this queryhttp_args (
typing.Optional
[dict
]) – http args to pass toaxonius_api_client.http.Http.__call__()
for each page fetchedrequest_obj (
typing.Optional
[axonius_api_client.api.json_api.assets.asset_request.AssetRequest
]) – request object to use for this query**kwargs – passed thru to the asset callback defined in
export
return_plain_data (
typing.Optional
[bool
]) –
- Return type:
- get_by_saved_query(name, include_fields=True, include_excluded_adapters=True, include_asset_excluded_adapters=True, include_field_filters=True, include_asset_filters=True, **kwargs)[source]¶
Get assets that would be returned by a saved query.
Examples
First, create a
client
usingaxonius_api_client.connect.Connect
and assumeapiobj
isclient.devices
orclient.users
>>> import axonius_api_client as axonapi >>> connect_args: dict = axonapi.get_env_connect() >>> client: axonapi.Connect = axonapi.Connect(**connect_args) >>> apiobj: axonapi.api.assets.AssetMixin = client.devices >>> # or client.users or client.vulnerabilitiesGet assets from a saved query with complex fields flattened >>> assets: t.List[dict] = apiobj.get_by_saved_query(name=”test”, field_flatten=True)
See also
axonius_api_client.constants.asset_helpers.ASSET_HELPERS
for a list of helpers that translate between GUI titles, API request attributes, and saved query paths.- Parameters:
name (
str
) – name of saved query to get assets frominclude_fields (
bool
) – include fields from saved queryinclude_excluded_adapters (
bool
) – include column filters for excluded adapters from saved queryinclude_asset_excluded_adapters (
bool
) – include column filters for asset excluded adapters from saved queryinclude_field_filters (
bool
) – include column filters for field filters from saved queryinclude_asset_filters (
bool
) – include column filters for asset filters from saved query**kwargs – passed to
get()
- Return type:
typing.Union
[typing.Generator
[dict
,None
,None
],typing.List
[dict
]]
- get_wiz_entries(wiz_entries=None)[source]¶
Build a query and expressions.
Examples
>>> import axonius_api_client as axonapi >>> connect_args: dict = axonapi.get_env_connect() >>> client: axonapi.Connect = axonapi.Connect(**connect_args) >>> apiobj: axonapi.api.assets.AssetMixin = client.devices >>> # or client.users or client.vulnerabilities
None is returned if no wiz_entries are passed >>> items = None >>> parsed = apiobj.get_wiz_entries(wiz_entries=items) >>> print(parsed) None
A string or list of strings will be parsed into a query and expressions: >>> items = “simple hostname contains test” >>> parsed = apiobj.get_wiz_entries(wiz_entries=items) >>> client.jdump(parsed)
- {
- “expressions”: [
- {
“bracketWeight”: 0, “children”: [
- {
“condition”: “”, “expression”: {
“compOp”: “”, “field”: “”, “filteredAdapters”: null, “value”: null
}, “i”: 0
}
], “compOp”: “contains”, “field”: “specific_data.data.hostname”, “fieldType”: “axonius”, “filter”: “(“specific_data.data.hostname” == regex(“test”, “i”))”, “filteredAdapters”: null, “leftBracket”: false, “logicOp”: “”, “not”: false, “rightBracket”: false, “value”: “test”
}
], “query”: “(“specific_data.data.hostname” == regex(“test”, “i”))”
}
A dict or list of dicts will be parsed into a query and expressions >>> items = {“type”: “simple”, “value”: “hostname contains test”} >>> parsed = client.devices.get_wiz_entries(items) >>> # same output as above
- Parameters:
wiz_entries (
typing.Union
[typing.List
[dict
],typing.List
[str
],dict
,str
,None
]) – list of dicts or list of strings or single dict or single string- Return type:
- get_sort_field(field=None, descending=False, validate=True)[source]¶
Build the parsed sort field based off of field and descending.
- Parameters:
field (
typing.Optional
[str
]) – field to sort bydescending (
bool
) – if True, sort descendingvalidate (
bool
) – if True, validate field name
- Return type:
- Returns:
field (prefixed with - if descending), None if field is None
- get_history_date(date=None, days_ago=None, exact=False)[source]¶
Get a history date.
- Parameters:
date (
typing.Union
[str
,datetime.timedelta
,datetime.datetime
,None
]) – date to getdays_ago (
typing.Optional
[int
]) – days ago to getexact (
bool
) – if True, do not round to the nearest day
- Return type:
- Returns:
date in YYYY-MM-DD format or None
- get_by_id(id)[source]¶
Get the full data set of all adapters for a single asset.
Examples
>>> import axonius_api_client as axonapi >>> connect_args: dict = axonapi.get_env_connect() >>> client: axonapi.Connect = axonapi.Connect(**connect_args) >>> apiobj: axonapi.api.assets.AssetMixin = client.devices >>> # or client.users or client.vulnerabilities >>> assets: list[dict] = apiobj.get(max_rows=1) >>> asset_id: str = assets[0]["internal_axon_id"] >>> asset: dict = apiobj.get_by_id(id=as)
- Parameters:
id (
str
) – internal_axon_id of asset to get all data set for- Raises:
NotFoundError – if id is not found
- Return type:
- destroy(destroy, history)[source]¶
Delete ALL assets.
Notes
Enable the
Enable API destroy endpoints
setting underSettings > Global Settings > API Settings > Enable advanced API settings
for this method to function.
- get_by_values(values, field, not_flag=False, pre='', post='', field_manual=False, **kwargs)[source]¶
Build a query to get assets where field in values.
Notes
It is better to use
wizard
,wizard_text
, orwizard_csv
to build queries!- Parameters:
values (
typing.List
[str
]) – list of values that must match fieldfield (
str
) – name of field to query againstnot_flag (
bool
) – prefix query with ‘not’pre (
str
) – query to add to the beginning of the querypost (
str
) – query to add to the end of the queryfield_manual (
bool
) – consider supplied field as a fully qualified field name**kwargs – passed to
get()
- Return type:
typing.Union
[typing.Generator
[dict
,None
,None
],typing.List
[dict
]]
- get_by_value_regex(value, field, cast_insensitive=True, not_flag=False, pre='', post='', field_manual=False, **kwargs)[source]¶
Build a query to get assets where field regex matches a value.
Notes
It is better to use
wizard
,wizard_text
, orwizard_csv
to build queries!- Parameters:
value (
str
) – regex that must match fieldfield (
str
) – name of field to query againstcast_insensitive (
bool
) – ignore case when performing the regex matchnot_flag (
bool
) – prefix query with ‘not’pre (
str
) – query to add to the beginning of the querypost (
str
) – query to add to the end of the queryfield_manual (
bool
) – consider supplied field as a fully qualified field name**kwargs – passed to
get()
- Return type:
typing.Union
[typing.Generator
[dict
,None
,None
],typing.List
[dict
]]
- get_by_value(value, field, not_flag=False, pre='', post='', field_manual=False, **kwargs)[source]¶
Build a query to get assets where field equals a value.
Notes
It is better to use
wizard
,wizard_text
, orwizard_csv
to build queries!- Parameters:
value (
str
) – value that must equal fieldfield (
str
) – name of field to query againstnot_flag (
bool
) – prefix query with ‘not’pre (
str
) – query to add to the beginning of the querypost (
str
) – query to add to the end of the queryfield_manual (
bool
) – consider supplied field as a fully qualified field name**kwargs – passed to
get()
- Return type:
typing.Union
[typing.Generator
[dict
,None
,None
],typing.List
[dict
]]
- history_dates_obj()[source]¶
Pass.
- Return type:
axonius_api_client.api.json_api.assets.history_dates_human.AssetTypeHistoryDates
- _build_query(inner, not_flag=False, pre='', post='')[source]¶
Query builder with basic functionality.
Notes
It is better to use
wizard
,wizard_text
, orwizard_csv
to build queries!
- static build_get_request(request_obj=None, offset=0, limit=2000, remove_unknown_arguments=True, warn_unknown_arguments=True, **kwargs)[source]¶
Build a request object for a get assets request.
- Parameters:
request_obj (
typing.Optional
[axonius_api_client.api.json_api.assets.asset_request.AssetRequest
]) – request object to useoffset (
typing.Optional
[int
]) – offset to start atlimit (
typing.Optional
[int
]) – number of assets to returnremove_unknown_arguments (
bool
) – remove unknown arguments from kwargswarn_unknown_arguments (
bool
) – warn about unknown arguments**kwargs – passed to
load_request()
- Return type:
axonius_api_client.api.json_api.assets.asset_request.AssetRequest
- static build_count_request(request_obj=None, remove_unknown_arguments=True, warn_unknown_arguments=True, **kwargs)[source]¶
Build a request object for a get asset count request.
- Parameters:
request_obj (
typing.Optional
[axonius_api_client.api.json_api.assets.count_request.CountRequest
]) – request object to useremove_unknown_arguments (
bool
) – remove unknown arguments from kwargswarn_unknown_arguments (
bool
) – warn about unknown arguments**kwargs – passed to
load_request()
- Return type:
axonius_api_client.api.json_api.assets.count_request.CountRequest
- property data_scopes¶
Work with data scopes.
- _get(request_obj=None, offset=0, limit=2000, http_args=None, **kwargs)[source]¶
Private API method to get a page of assets using a request object.
- Parameters:
request_obj (
typing.Optional
[axonius_api_client.api.json_api.assets.asset_request.AssetRequest
]) – request object to useoffset (
typing.Optional
[int
]) – offset to start atlimit (
typing.Optional
[int
]) – number of assets to returnhttp_args (
typing.Optional
[dict
]) – arguments to pass torequests.Session.request()
**kwargs – passed to
build_get_request()
- Return type:
axonius_api_client.api.json_api.assets.asset_response.AssetsPage
- _count(request_obj=None, http_args=None, **kwargs)[source]¶
Direct API method to get the count of assets using a request object.
- Parameters:
request_obj (
typing.Optional
[axonius_api_client.api.json_api.assets.count_request.CountRequest
]) – request object to usehttp_args (
typing.Optional
[dict
]) – Arguments to pass to the HTTP requestkwargs – Arguments to pass to
build_count_request()
- Return type:
axonius_api_client.api.json_api.assets.count_response.Count
- _get_by_id(id)[source]¶
Private API method to get the full metadata of all adapters for a single asset.
- Parameters:
id (
str
) – asset to get all metadata for- Return type:
axonius_api_client.api.json_api.assets.asset_id_response.AssetById
- _history_dates()[source]¶
Private API method to get all known historical dates.
- Return type:
axonius_api_client.api.json_api.assets.history_dates_response.HistoryDates
- _run_enforcement(name, ids, include=True, fields=None, query='')[source]¶
Run an enforcement set manually against a list of assets internal_axon_ids.
- Parameters:
name (str) – Name of enforcement set to execute
ids (t.List[str]) – internal_axon_id’s of assets to run enforcement set against
include (bool, optional) – select IDs in DB or IDs NOT in DB
fields (t.Optional[t.List[str]], optional) – list of fields used to select assets
query (str, optional) – filter used to select assets
- Returns:
Empty response
- Return type:
TYPE
-
FIELD_LAST_SEEN:
str
= 'specific_data.data.last_seen'¶ Field name for last time an adapter saw the asset.
- LOG: logging.Logger = None¶
Logger for this object.
- __init__(auth, log_level='debug', **kwargs)¶
Mixins for API Models.
- Parameters:
auth (
axonius_api_client.auth.model.AuthModel
) – object to use for auth and sending API requestslog_level (
typing.Union
[int
,str
]) – logging level to use for this objects logger**kwargs – passed to
_init()
- _init_auth(**kwargs)¶
Post init method for subclasses to use for overriding auth setup.
- auth: AuthModel = None¶
Authentication model with bound Http object to use for requests.
- http: Http = None¶
Http object to use for requests.
-
FIELDS_API:
typing.List
[str
] = ['internal_axon_id', 'adapters', 'labels', 'adapter_list_length']¶ Field names that are always returned by the REST API no matter what fields are selected
- wizard_csv = None¶
Query wizard for CSV files.