1. Advisor
  2. cbapi
  3. functions
  4. cbapi.example_helpers.build_cli_parser
View all cbapi analysis

How to use the cbapi.example_helpers.build_cli_parser function in cbapi

To help you get started, we’ve selected a few cbapi examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github carbonblack / cbapi-python / examples / psc / list_devices.py View on Github external
def main():
    parser = build_cli_parser("List devices")
    parser.add_argument("-q", "--query", help="Query string for looking for devices")
    parser.add_argument("-A", "--ad_group_id", action="append", type=int, help="Active Directory Group ID")
    parser.add_argument("-p", "--policy_id", action="append", type=int, help="Policy ID")
    parser.add_argument("-s", "--status", action="append", help="Status of device")
    parser.add_argument("-P", "--priority", action="append", help="Target priority of device")
    parser.add_argument("-S", "--sort_by", help="Field to sort the output by")
    parser.add_argument("-R", "--reverse", action="store_true", help="Reverse order of sort")

    args = parser.parse_args()
    cb = get_cb_psc_object(args)

    query = cb.select(Device)
    if args.query:
        query = query.where(args.query)
    if args.ad_group_id:
        query = query.set_ad_group_ids(args.ad_group_id)
github carbonblack / cbapi-python / examples / response / dump_all_binaries.py View on Github external
def main():
    parser = build_cli_parser("Grab all binaries from a Cb server")
    parser.add_argument('-d', '--destdir', action='store', help='Destination directory to place the events',
                        default=os.curdir)

    # TODO: we don't have a control on the "start" value in the query yet
    parser.add_argument('--query', action='store', dest='query', help='Query string to filter results', default=None)
    parser.add_argument('-v', action='store_true', dest='verbose', help='Enable verbose debugging messages',
                        default=False)
    args = parser.parse_args()

    query = args.query

    cb = get_cb_response_object(args)

    if args.verbose:
        logging.basicConfig(level=logging.DEBUG)
    else:
github carbonblack / cbapi-python / examples / response / ban_hash.py View on Github external
def main():
    parser = build_cli_parser("Add an MD5 hash to the banned hash list in Cb Response")
    parser.add_argument("-H", "--hash", help="MD5 hash of the file to ban in Cb Response", required=True)
    parser.add_argument("-d", "--description", help="Description of why the hash is banned")

    args = parser.parse_args()
    cb = get_cb_response_object(args)

    return ban_hash(cb, args)
github carbonblack / cb-reporting / incident_report.py View on Github external
def main():
    parser = cbhelper.build_cli_parser()
    parser.add_argument("--guid", dest="guid", help="GUID of target process",required=True)
    args = parser.parse_args()
    cbapi = cbhelper.get_cb_response_object(args)
    repgen = IncidentReportGenerator(cbapi=cbapi)
    print("[+] Generating report for process guid: {}\n".format(args.guid))
    repgen.generate_report(guid=args.guid, verbose=True if args.verbose else False)
github carbonblack / cbapi-python / examples / response / watchlist_operations.py View on Github external
def main():
    parser = build_cli_parser()
    commands = parser.add_subparsers(help="Watchlist commands", dest="command_name")

    commands.add_parser("list", help="List all configured watchlists")

    list_actions_command = commands.add_parser("list-actions", help="List actions associated with a watchlist")
    list_actions_specifier = list_actions_command.add_mutually_exclusive_group(required=True)
    list_actions_specifier.add_argument("-i", "--id", type=int, help="ID of watchlist")
    list_actions_specifier.add_argument("-N", "--name", help="Name of watchlist")

    add_command = commands.add_parser("add", help="Add new watchlist")
    add_command.add_argument("-N", "--name", help="Name of watchlist", required=True)
    add_command.add_argument("-q", "--query", help="Watchlist query string, e.g. process_name:notepad.exe",
                             required=True)
    add_command.add_argument("-t", "--type", help="Watchlist type 'events' or 'modules'", required=True)

    del_command = commands.add_parser("delete", help="Delete watchlists")
github carbonblack / cbapi-python / examples / psc / list_watchlist_alert_facets.py View on Github external
def main():
    parser = build_cli_parser("List watchlist alert facets")
    setup_parser_with_watchlist_criteria(parser)
    parser.add_argument("-F", "--facet", action="append", choices=["ALERT_TYPE", "CATEGORY", "REPUTATION", "WORKFLOW",
                                                                   "TAG", "POLICY_ID", "POLICY_NAME", "DEVICE_ID",
                                                                   "DEVICE_NAME", "APPLICATION_HASH",
                                                                   "APPLICATION_NAME", "STATUS", "RUN_STATE",
                                                                   "POLICY_APPLIED_STATE", "POLICY_APPLIED",
                                                                   "SENSOR_ACTION"],
                        required=True, help="Retrieve these fields as facet information")

    args = parser.parse_args()
    cb = get_cb_psc_object(args)

    query = cb.select(WatchlistAlert)
    load_watchlist_criteria(query, args)

    facetinfos = query.facets(args.facet)
github carbonblack / cbapi-python / examples / threathunter / list_feeds.py View on Github external
def main():
    parser = build_cli_parser("List CbTH feeds")
    parser.add_argument("-p", help="show public feeds in addition to private ones", action="store_true", default=False)
    parser.add_argument("-r", help="show the reports in each feed", action="store_true", default=False)

    args = parser.parse_args()
    cb = get_cb_threathunter_feed_object(args)

    feeds = cb.select(Feed).where(include_public=args.p)

    for feed in feeds:
        print(feed)
        if args.r:
            print("========== reports ==========")
            for report in feed.reports():
                print(report)
            print("==========   end   ==========")
github carbonblack / cbapi-python / examples / response / server_info.py View on Github external
def main():
    parser = build_cli_parser()
    args = parser.parse_args()
    cb = get_cb_response_object(args)

    output_info(cb.url, cb.info())
github carbonblack / cbapi-python / examples / response / sensor_group_operations.py View on Github external
def main():
    parser = build_cli_parser()
    commands = parser.add_subparsers(help="Sensor Group commands", dest="command_name")

    commands.add_parser("list", help="List all configured sensor groups")

    add_command = commands.add_parser("add", help="Add new sensor group")
    add_command.add_argument("-n", "--name", action="store", help="Sensor group name", required=True,
                             dest="new_group_name")
    site_group = add_command.add_mutually_exclusive_group(required=False)
    site_group.add_argument("-s", "--site", action="store", help="Site name", dest="site_name")
    site_group.add_argument("-i", "--site-id", action="store", help="Site ID", dest="site_id")

    del_command = commands.add_parser("delete", help="Delete sensor groups")
    del_sensor_group_specifier = del_command.add_mutually_exclusive_group(required=True)
    del_sensor_group_specifier.add_argument("-i", "--id", type=int, help="ID of sensor group to delete")
    del_sensor_group_specifier.add_argument("-n", "--name",
                                            help="Name of sensor group to delete. Specify --force to delete"

cbapi

Carbon Black REST API Python Bindings

GitHub
MIT
Latest version published 3 months ago

Package Health Score

73 / 100
Full package analysis

Popular cbapi functions

Similar packages