Host Findings (risksense_api.__subject.__host_findings.__host_findings)

Host Findings module defined for different host findings related api endpoints.

class risksense_api.__subject.__host_findings.__host_findings.HostFindings(profile)[source]

Bases: Subject

Class for HostFindings function defintions.

To utlise Host Findings function:

Parameters:

profile (object) – Profile Object

Usage:

self.{risksenseobjectname}.host_findings.{function}

Examples

To get model for host findings using get_model() function

>>> self.{risksenseobject}.host_findings.get_model()
__init__(profile)[source]

Initialization of HostFindings object.

profile: Profile Object :type profile: _profile

Parameters:

profile (object) –

downloadfilterinexport(filename, filters, client_id=None)[source]

Exports and Downloads a file based on the filters defined .

Parameters:

  • filename (str) – Name of the file to export as

  • filters (list) – host findings search filters based on which the export performs

  • client_id (typing.Optional[int]) – The client id to get the data from. If not supplied, takes default client id

IGNORE INTERNAL FUNCTION

Examples

>>>  self.{risksenseobject}.host_findings.downloadfilterinexport('hostfindingsdata',[])
create(host_id_list, assessment_id, severity, source_id, scanner_uuid, title, finding_type, synopsis, description, solution, service_name, service_portnumber, cveids=[], filters=[], csvdump=False, client_id=None)[source]

Manually create a new host finding.

Parameters:

  • host_id_list (list) – List of Host IDs to associate with this finding

  • assessment_id (int) – Assessment ID

  • severity (str) – Severity

  • source_id (str) – Source ID

  • scanner_uuid (str) – Scanner UUID

  • title (str) – Host Finding Title

  • finding_type (str) – Host Finding Type

  • synopsis (str) – Synopsis

  • description (str) – Description

  • solution (str) – Solution

  • service_name (str) – Service name

  • cveids (list) – Ids of cves

  • service_portnumber (str) – Service portnumber

  • filters (list) – A series of filters that make up a complete filter

  • csvdump (bool) – dumps id to csv

  • client_id – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.

Return type:

int

Returns:

The job ID is returned.

Example

Creating host finding

>>> self.{risksenseobject}.host_findings.create([123],190805,"9","publicnew","85200f98-1ea6-4641-9d27-171dc79f693f","something",'SERVICE',"testing to work on",,'somethingto work on','something to work on','new','5',[{"field":"id","exclusive":False,"operator":"IN","value":"6371904"}])

Note

You can also dump the host finding job id created in a csv using csvdump=True:

>>> self.{risksenseobject}.host_findings.create([123],190805,"9","publicnew","85200f98-1ea6-4641-9d27-171dc79f693f","something",'SERVICE',"testing to work on",,'somethingto work on','something to work on','new','5',[{"field":"id","exclusive":False,"operator":"IN","value":"6371904"}],csvdump=True)
update(hostfindingid, client_id=None, csvdump=False, **kwargs)[source]

Update a new host finding.

Parameters:

  • hostfindingid (int) – Host finding id which you want to update

  • client_id (typing.Optional[int]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.

  • csvdump (bool) – dumps id to csv

Keyword Arguments:

  • title (str) – title

  • description) (str) – description

  • synopsis (str) – synopsis

  • solution (str) – solution

Return type:

int

Returns:

The hostfinding ID is returned.

Example

To update host finding id 123’s description to ‘new description’

>>> self.rs.host_findings.update(123,description='new description')

Note

You can also dump the host finding job id updated in a csv using csvdump=True:

>>> self.rs.host_findings.update(123,description='new description',csvdump=True)
delete_manage_observations(hostfindingid, asssessmentid, csvdump=False, client_id=None)[source]

Delete manage observations

Parameters:

  • hostfindingid (int) – Host finding id

  • asssessmentid (list) – Assessment id

  • csvdump (bool) – dumps the data in csv

  • client_id (typing.Optional[int]) – Client id of user, if none gets default client id

Returns:

The jsonified response

Return type:

jsonified_response

Example

To delete observation linked to host finding id 123 and assessment id 1234

>>> self.{risksenseobject}.host_findings.delete_manage_observations(123,[1234])

Note

You can also dump the host findings data before deleting the manage observation using csvdump=True argument

>>> self.{risksenseobject}.host_findings.delete_manage_observations(123,[1234],csvdump=True)
get_hostfinding_history(vulnerableids, csvdump=True, client_id=None)[source]

Get Host findings history

Parameters:

  • vulnerableids (list) – List of vulnerable ids to get history of

  • client_id (typing.Optional[int]) – The client id , if none, default client id is taken

  • csvdump – dumps the data in csv

Return type:

list

Returns:

The jsonified response

Example

To get host finding history

get_groupby_hostfinding(client_id=None)[source]

Gets all the groupby key metrics for host findings

Parameters:

client_id (typing.Optional[int]) – The client id , if none, default client id is taken

Return type:

dict

Returns:

The group by key metrics

Example

>>>  self.{risksenseobject}.host_findings.get_groupby_hostfinding()

IGNORE INTERNAL FUNCTION .. note:: This function just returns the groupbyfields

groupby_hostfinding(filters=[], sortorder=None, client_id=None, csvdump=False)[source]

Get groupby values for host finding

Parameters:

  • filters (list) – The filters which will populate in groupby

  • sortorder (typing.Optional[str]) – The order to sort the groupby values, please choose ASC for ascending and DESC for descending

  • client_id (typing.Optional[int]) – The client id , if none, default client id is taken

  • csvdump (bool) – dumps the data in csv

Returns:

Group by information

Return type:

groupby

Example

>>>  self.{risksenseobject}.host_findings.groupby_hostfinding({filter})

The filter must be provided for the group by to be used. The groupby fields will be displayed in the terminal and you must choose a group by filter to which the data will be populated

Note

This function also has an option to dump the data in a csv by a simple argument, csvdump=True

>>>  self.{risksenseobject}.host_findings.groupby_hostfinding({filter},csvdump=True)
get_single_search_page(search_filters, projection='basic', page_num=0, page_size=150, sort_field='id', sort_dir='ASC', client_id=None, csvdump=False)[source]

Searches for and returns hostfindings based on the provided filter(s) and other parameters.

Parameters:

  • search_filters (list) – A list of dictionaries containing filter parameters.

  • projection (str) – Projection to be used in API request. Projection.BASIC or Projection.DETAIL

  • page_num (int) – The page number of results to be returned.

  • csvdump (bool) – Dumps the data in csv

  • page_size (int) – The number of results per page to be returned.

  • sort_field (str) – The field to be used for sorting results returned.

  • sort_dir (str) – The direction of sorting to be used. SortDirection.ASC or SortDirection.DESC

  • client_id (typing.Optional[int]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.

Return type:

dict

Returns:

The JSON response from the platform is returned.

Example

An example to get single search page of host findings data

>>> self.{risksenseobject}.host_findings.get_single_search_page([])

You can also try changing the other arguments to your liking to reflect the data as you suffice such as change page_size or page_num etc.

>>> self.{risksenseobject}.host_findings.get_single_search_page([],page_num=2,page_size=10)
search(search_filters, projection='basic', page_size=150, sort_field='id', sort_dir='ASC', csvdump=False, client_id=None)[source]

Searches for and returns hostfindings based on the provided filter(s) and other parameters. Rather than returning paginated results, this function cycles through all pages of results and returns them all in a single list.

Parameters:

  • search_filters (list) – A list of dictionaries containing filter parameters.

  • projection (str) – Projection to be used in API request. Projection.BASIC or Projection.DETAIL

  • page_size (int) – The number of results per page to be returned.

  • sort_field (str) – The field to be used for sorting results returned.

  • sort_dir (str) – The direction of sorting to be used. SortDirection.ASC or SortDirection.DESC

  • csvdump (bool) – dumps data in csv

  • client_id (typing.Optional[int]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.

Return type:

list

Returns:

A list containing all host findings returned by the search using the filter provided.

Example

An example to search for host finding data is

>>> self.{risksenseobject}.host_findings.search([])

Note

You can also dump the search based data in a csv by simply providing csvdump=True argument

>>> self.{risksenseobject}.host_findings.search([],csvdump=True)
get_count(search_filters, client_id=None)[source]

Gets a count of hostfindings identified using the provided filter(s).

Parameters:

  • search_filters (list) – A list of dictionaries containing filter parameters.

  • client_id (typing.Optional[int]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.

Return type:

int

Returns:

The number of hostfindings identified using the provided filter(s).

Example

An example to use get count function is as follows

>>> self.{risksenseobject}.host_findings.get_count([])
add_tag(search_filters, tag_id, csvdump=False, client_id=None)[source]

Adds a tag to hostfinding(s).

Parameters:

  • search_filters (list) – A list of dictionaries containing filter parameters.

  • tag_id (int) – ID of tag to tbe added to hostfinding(s).

  • csvdump (bool) – dumps the data in csv

  • client_id (typing.Optional[int]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.

Return type:

int

Returns:

The job ID is returned.

Example

An example to add a tag is

>>> self.{risksenseobject}.host_findings.add_tag([],1234)

Note

You can also dump the host findings from the search filters post the tag completion for more information by csvdump=True argument

>>> self.{risksenseobject}.host_findings.add_tag([],1234,csvdump=True)
remove_tag(search_filters, tag_id, client_id=None, csvdump=False)[source]

Removes a tag from hostfinding(s).

Parameters:

  • search_filters (list) – A list of dictionaries containing filter parameters.

  • tag_id (int) – ID of tag to tbe removed from hostfinding(s).

  • client_id (typing.Optional[int]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.

  • csvdump (bool) – dumps the data in csv

Return type:

int

Returns:

The job ID is returned.

Example

An example to use remove tag is

>>> self.{risksenseobject}.host_findings.remove_tag([],123)

Note

You can also dump the host findings which the tags will be removed from with a csvdump=True argument

>>> self.{risksenseobject}.host_findings.remove_tag([],123,csvdump=True)
assign(search_filters, users, csvdump=False, client_id=None)[source]

Assigns hostfinding(s) to a list of user IDs.

Parameters:

  • search_filters (list) – A list of dictionaries containing filter parameters.

  • users (list) – A list of user IDs to be assigned to hostfinding(s).

  • csvdump (bool) – dumps the data in csv

  • client_id (typing.Optional[int]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.

Return type:

int

Returns:

The job ID is returned.

Example

Lets assign user 123 to host findings based on filter of patch id 123

>>> self.{risksenseobject}.host_findings.assign([{"field":"source_patch_ids","exclusive":False,"operator":"IN","value":"123"}],[123])

Note

You can also dump the host findings data before assigning them to users using csvdump=True argument

>>> self.{risksenseobject}.host_findings.assign([{"field":"source_patch_ids","exclusive":False,"operator":"IN","value":"123"}],[123],csvdump=True)
unassign(search_filters, users, csvdump=False, client_id=None)[source]

Unassigns hostfinding(s) from a list of user IDs.

Parameters:

  • search_filters (list) – A list of dictionaries containing filter parameters.

  • users (list) – A list of user IDs to be unassigned from hostfinding(s).

  • csvdump (bool) – dumps the data in csv

  • client_id (typing.Optional[int]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.

Return type:

int

Returns:

The job ID is returned.

Example

Lets unassign user 123 from host findings based on filter of patch id 123

>>> self.{risksenseobject}.host_findings.unassign([{"field":"source_patch_ids","exclusive":False,"operator":"IN","value":"123"}],[123])

Note

You can also dump the host findings data before unassigning them from users using csvdump=True argument

>>> self.{risksenseobject}.host_findings.unassign([{"field":"source_patch_ids","exclusive":False,"operator":"IN","value":"123"}],[123],csvdump=True)
self_assign(filterfields, userid, csvdump=False, client_id=None)[source]

The host findings fetched are assigned to the current user

Parameters:

  • filterfields (list) – A list of dictionaries containing filter parameters.

  • csvdump (bool) – dumps the data in csv

  • userid (list) – A list of user IDs to be assigned to hostfinding(s).

  • client_id (typing.Optional[int]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.

Return type:

int

Returns:

The job ID in the platform is returned.

Example

Lets assign user 123 to host finding 1234

>>> self.{risksenseobject}.host_findings.self_assign([{"field":"id","exclusive":False,"operator":"IN","value":"1234"}],[123])

Note

You can also dump the host findings data before assigning them to users using csvdump=True argument

>>> self.{risksenseobject}.host_finding.self_assign([{"field":"id","exclusive":False,"operator":"IN","value":"1234"}],[123],csvdump=True)
self_unassign(filterfields, userids, client_id=None, csvdump=False)[source]

The host findings fetched are unassigned from the current user

Parameters:

  • filterfields (list) – A list of dictionaries containing filter parameters.

  • userids (list) – A list of integers of user ids

  • csvdump (bool) – dumps the data in csv

  • client_id (typing.Optional[int]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.

Return type:

int

Returns:

The job ID in the platform is returned.

Example

To unassign user 123 from finding id 1234

>>> self.{risksenseobject}.host_findings.self_unassign([{"field":"id","exclusive":False,"operator":"IN","value":"1234"}],[123])

Note

You can also dump the host findings data before unassigning them from users using csvdump=True argument

>>> self.{risksenseobject}.host_findings.self_unassign([{"field":"id","exclusive":False,"operator":"IN","value":"1234"}],[123],csvdump=True)
list_hostfinding_filter_fields(client_id=None)[source]

List filter endpoints.

Parameters:

client_id (typing.Optional[int]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.

Return type:

list

Returns:

The JSON output from the platform is returned, listing the available filters.

Examples

>>>  self.{risksenseobject}.host_findings.list_hostfinding_filter_fields()
getexporttemplate(client_id=None)[source]

Gets configurable export template for host findings.

Parameters:

client_id (typing.Optional[int]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.

Return type:

list

Returns:

The Exportable fields

Example

An example to use getexporttemplate

>>> self.{risksenseobject}.host_findings.getexporttemplate()

This gets all the export templates for host findings

getexporttemplatebyid(export_id=None, client_id=None)[source]

Gets configurable export template for host findings.

Parameters:

client_id (typing.Optional[int]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.

Return type:

list

Returns:

The Exportable fields

Example

An example to use getexporttemplate

>>> self.{risksenseobject}.host_findings.getexporttemplate()

This gets all the export templates for host findings

Parameters:

export_id (typing.Optional[int]) –

getexporttemplates(client_id=None)[source]

Gets created existing export template for host findings.

Parameters:

client_id (typing.Optional[int]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.

Return type:

list

Returns:

The Exportable fields

Example

An example to use getexporttemplates

>>> self.{risksenseobject}.host_findings.getexporttemplates()

This gets all the export templates for host findings

export(search_filters, file_name, row_count='All', file_type='CSV', export_id=None, client_id=None)[source]

Initiates an export job on the platform for host finding(s) based on the provided filter(s).

Parameters:

  • search_filters (list) – A list of dictionaries containing filter parameters.

  • file_name (str) – The name to be used for the exported file.

  • row_count (str) – No of rows to be exported. Available options ExportRowNumbers.ROW_10000, ExportRowNumbers.ROW_25000, ExportRowNumbers.ROW_50000, ExportRowNumbers.ROW_100000, ExportRowNumbers.ROW_ALL

  • exportable_filter – Exportable filter

  • file_type (str) – File type to export. ExportFileType.CSV, ExportFileType.JSON, or ExportFileType.XLSX

  • client_id (typing.Optional[int]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.

  • export_id (typing.Optional[int]) – If present, an export template id of the template to use to export.

Return type:

int

Returns:

The job ID in the platform from is returned.

Example

An example to use export is

>>> self.{risksenseobject}.host_findings.export([],'testingexport')

You can change the filetype to any of the names above or even the other positional arguments as mentioned

>>> self.{risksenseobject}.host_findings.export([],'testingexport',file_type=ExportFileType.JSON)
update_due_date(search_filters, new_due_date, csvdump=False, client_id=None)[source]

Updates the due date assigned to hostfinding(s) based on the provided filter(s)

Parameters:

  • search_filters (list) – A list of dictionaries containing filter parameters.

  • new_due_date (str) – The new due date in the “YYYY-MM-DD” format.

  • csvdump (bool) – dumps the data in csv

  • client_id (typing.Optional[int]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.

Return type:

int

Returns:

The job ID is returned.

Example

Lets update an host finding id 1234 to due date 2022-08-11

>>> self.{risksenseobject}.host_findings.update_due_date([{"field":"id","exclusive":False,"operator":"IN","value":"1234"}],'2022-08-11')

Note

You can also dump the host findings data after updating their due date using csvdump=True argument

>>> self.{risksenseobject}.host_findings.update_due_date([{"field":"id","exclusive":False,"operator":"IN","value":"1234"}],'2022-08-11',csvdump=True)
add_note(search_filters, new_note, csvdump=False, client_id=None)[source]

Adds a note to hostfinding(s) based on the filter(s) provided.

Parameters:

  • search_filters (list) – A list of dictionaries containing filter parameters.

  • new_note (str) – The note to be added to the hostfinding(s). String.

  • csvdump (bool) – dumps the data in csv

  • client_id (typing.Optional[int]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.

Return type:

int

Returns:

The job ID is returned.

Example

To add a note ‘testing’ to host finding id 123

>>> self.{risksenseobject}.host_findings.add_note([{"field":"id","exclusive":False,"operator":"IN","value":"123"}],'testing')

Note

You can also dump the host findings data post adding a note using csvdump=True argument

>>> self.{risksenseobject}.host_findings.add_note([{"field":"id","exclusive":False,"operator":"IN","value":"123"}],'testing',csvdump=True)
delete(search_filters, csvdump=False, client_id=None)[source]

Deletes hostfinding(s) based on the provided filter(s)

Parameters:

  • search_filters (list) – A list of dictionaries containing filter parameters.

  • csvdump (bool) – dumps the data in csv

  • client_id (typing.Optional[int]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.

Return type:

int

Returns:

The job ID is returned.

Example

To delete host finding by id 12345

>>> self.{risksenseobject}.host_findings.delete([{"field":"id","exclusive":False,"operator":"IN","value":"12345"}])

Note

You can also dump the host findings data before deleting the host findings using csvdump=True argument

>>> self.{risksenseobject}.host_findings.delete([{"field":"id","exclusive":False,"operator":"IN","value":"12345"}],csvdump=True)
subscribe_new_open_ransomware_findings(client_id=None)[source]

Subscribes the user to new open ransomware findings

Parameters:

client_id (typing.Optional[int]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.

Return type:

dict

Returns:

The response to the subscription that was performed

Example

An example to use subscribe_new_open_ransomware_findings()

>>> self.{risksenseobject}.host_findings.subscribe_new_open_ransomware_findings()

This helps the user subscrive to new open ransomware findings

unsubscribe_new_open_ransomware_findings(client_id=None)[source]

Unsubscribes the user from new open ransomware findings

Parameters:

client_id (typing.Optional[int]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.

Return type:

dict

Returns:

The response to the unsubscription that was performed

Example

An example to use unsubscribe_new_open_ransomware_findings()

>>> self.{risksenseobject}.host_findings.unsubscribe_new_open_ransomware_findings()

This helps the user unsubscribe from new open ransomware findings

subscribe_new_open_critical_findings_vrr(client_id=None)[source]

Subscribes the user to new open critical findings based on vrr

Parameters:

client_id (typing.Optional[int]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.

Return type:

dict

Returns:

The response to the subscription that was performed

Example

An example to use subscribe_new_open_critical_findings_vrr()

>>> self.{risksenseobject}.host_findings.subscribe_new_open_critical_findings_vrr()

This helps the user subscribe to new open critical findings based on vrr.

unsubscribe_new_open_critical_findings_vrr(client_id=None)[source]

Unsubscribes the user from new open critical findings based on vrr

Parameters:

client_id (typing.Optional[int]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.

Return type:

dict

Returns:

The response to the subscription that was performed

Example

An example to use unsubscribe_new_open_critical_findings_vrr()

>>> self.{risksenseobject}.host_findings.unsubscribe_new_open_critical_findings_vrr()

This helps the user to unsubscribe from new open critical findings based on vrr.

subscribe_new_open_critical_findings_severity(client_id=None)[source]

Subscribes the user to new open critical findings based on severity

Parameters:

client_id (typing.Optional[int]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.

Return type:

dict

Returns:

The response to the subscription that was performed

Example

An example to use subscribe_new_open_critical_findings_severity()

>>> self.{risksenseobject}.host_findings.subscribe_new_open_critical_findings_severity()

This helps the user subscribe to new open critical findings based on severity.

unsubscribe_new_open_critical_findings_severity(client_id=None)[source]

Unsubscribes the user from new open critical findings based on severity

Parameters:

client_id (typing.Optional[int]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.

Return type:

dict

Returns:

The response to the subscription that was performed

Example

An example to use unsubscribe_new_open_critical_findings_severity()

>>> self.{risksenseobject}.host_findings.unsubscribe_new_open_critical_findings_severity()

This helps the user unsubscribe from new open critical findings based on severity.

subscribe_new_open_high_findings_vrr(client_id=None)[source]

Subscribes the user to new open high findings based on vrr

Parameters:

client_id (typing.Optional[int]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.

Return type:

dict

Returns:

The response to the subscription that was performed

Example

An example to use subscribe_new_open_high_findings_vrr()

>>> self.{risksenseobject}.host_findings.subscribe_new_open_high_findings_vrr()

This helps the user subscribe to new open high findings based on vrr.

unsubscribe_new_open_high_findings_vrr(client_id=None)[source]

Unsubscribe the user from new open high findings based on vrr

Parameters:

client_id (typing.Optional[int]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.

Return type:

dict

Returns:

The response to the subscription that was performed

Example

An example to use unsubscribe_new_open_high_findings_vrr()

>>> self.{risksenseobject}.host_findings.unsubscribe_new_open_high_findings_vrr()

This helps the user unsubscribe from new open high findings based on vrr.

subscribe_new_open_high_findings_severity(client_id=None)[source]

Subscribes the user to new open high findings based on severity

Parameters:

client_id (typing.Optional[int]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.

Return type:

dict

Returns:

The response to the subscription that was performed

Example

An example to use subscribe_new_open_high_findings_severity()

>>> self.{risksenseobject}.host_findings.subscribe_new_open_high_findings_severity()

This helps the user subscribe to new open high findings based on severity.

unsubscribe_new_open_high_findings_severity(client_id=None)[source]

Unsubscribes the user from new open high findings based on severity

Parameters:

client_id (typing.Optional[int]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.

Return type:

dict

Returns:

The response to the subscription that was performed

Example

An example to use unsubscribe_new_open_high_findings_severity()

>>> self.{risksenseobject}.host_findings.unsubscribe_new_open_high_findings_severity()

This helps the user unsubscribe from new open high findings based on severity.

map_findings(filter_request, workflowtype, workflowuuid, csvdump=False, client_id=None)[source]

Map hostfindings to a workflow .

Parameters:

  • filter_request (list) – A list of dictionaries containing filter parameters.

  • workflowtype (str) – Type of workflow, either falsePositive,remediation,acceptance,severityChange. Please use the exact names as above for workflow type

  • workflowuuid (str) – workflow uuid

  • csvdump (bool) – dumps the data in csv

  • client_id (typing.Optional[int]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.

Return type:

bool

Returns:

The success flag.

Example

To map a workflow ‘st1234’ to finding by id ‘123’ of type severitychange

>>> self.{risksenseobject}.host_findings.map_findings([{"field":"id","exclusive":False,"operator":"IN","orWithPrevious":False,"implicitFilters":[],"value":"123"}],'severityChange','st1234')

Note

You can also dump the host findings data post mapping the findings using csvdump=True argument

>>> self.{risksenseobject}.host_findings.map_findings([{"field":"id","exclusive":False,"operator":"IN","orWithPrevious":False,"implicitFilters":[],"value":"123"}],'severityChange','st1234',csvdump=True)
add_ticket_tag(search_filters, tag_id, client_id=None)[source]

Adds a ticket tag to the host findings based on a search filter

Parameters:

  • search_filters (list) – A list of dictionaries containing filter parameters.

  • tag_id (int) – The tag id

  • client_id (typing.Optional[int]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.

Return type:

int

Returns:

The job ID in the platform is returned.

Example

To add a ticket tag to host findings

>>> self.{risksenseobject}.host_findings.add_ticket_tag([],123)
unmap_findings(filter_request, workflowtype, workflowuuid, csvdump=False, client_id=None)[source]

Unmap findings from workflow.

Parameters:

  • filter_request (list) – A list of dictionaries containing filter parameters.

  • workflowtype (str) – Type of workflow, either falsePositive,remediation,acceptance,severityChange. Please use the exact names as above for workflow type

  • workflowuuid (str) – workflow uuid

  • csvdump (bool) – dumps the data in csv

  • client_id (typing.Optional[int]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.

Return type:

bool

Returns:

The success flag.

Example

To unmap a workflow ‘st1234’ from finding by id ‘123’ of type severitychange

>>> self.{risksenseobject}.host_findings.unmap_findings([{"field":"id","exclusive":False,"operator":"IN","orWithPrevious":False,"implicitFilters":[],"value":"123"}],'severityChange','st1234')

Note

You can also dump the host findings data before unmapping the findings using csvdump=True argument

>>> self.{risksenseobject}.host_findings.unmap_findings([{"field":"id","exclusive":False,"operator":"IN","orWithPrevious":False,"implicitFilters":[],"value":"123"}],'severityChange','st1234',csvdump=True)
get_model(client_id=None)[source]

Get available projections and models for Host Findings.

Parameters:

client_id (typing.Optional[int]) – Client ID

Return type:

dict

Returns:

Host Finding projections and models are returned.

Example

An example to use get_model is

>>> self.{risksenseobject}.host_findings.get_model()
suggest(search_filter_1, search_filter_2, client_id=None)[source]

Suggest values for filter fields.

Parameters:

  • search_filter_1 (list) – Search Filter 1

  • search_filter_2 (dict) – Search Filter 2

  • client_id (typing.Optional[int]) – Client ID

Returns:

Value suggestions

Example

To use suggest function is

>>> self.{risksenseobject}.host_findings.suggest([],{})
apply_system_filters(csvdump=False, client_id=None)[source]

Get data from system filters for host findings.

Parameters:

  • client_id (typing.Optional[int]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.

  • csvdump (bool) – csvdump is a boolean which you can make true if you want to dump the data from system filters in a csv. Keep it false if it’s not needed.

Return type:

list

Returns:

The data of the system filter based host findings values are returned

Example

An example to use apply_system_filters is

>>> self.{risksenseobject}.host_findings.apply_system_filters()

The system filters will be displayed in the terminal to which you must provide a key value and the data returned will reflect based on the system filter chosen

Note

You can also dump the host findings from the system filters search by csvdump=True argument

>>> self.{risksenseobject}.host_findings.apply_system_filters(csvdump=True)