Host Findings (risksense_api.__subject.__host_findings.__host_findings
)¶
Host Findings module defined for different host findings related api endpoints.
- class risksense_api.__subject.__host_findings.__host_findings.HostFindings(profile)[source]¶
Bases:
Subject
Class for HostFindings function defintions.
To utlise Host Findings function:
- Parameters:
profile (
object
) – Profile Object
- Usage:
self.{risksenseobjectname}.host_findings.{function}
Examples
To get model for host findings using
get_model()
function>>> self.{risksenseobject}.host_findings.get_model()
- __init__(profile)[source]¶
Initialization of HostFindings object.
profile: Profile Object :type profile: _profile
- Parameters:
profile (
object
) –
- downloadfilterinexport(filename, filters, client_id=None)[source]¶
Exports and Downloads a file based on the filters defined .
- Parameters:
filename (
str
) – Name of the file to export asfilters (
list
) – host findings search filters based on which the export performsclient_id (
typing.Optional
[int
]) – The client id to get the data from. If not supplied, takes default client id
IGNORE INTERNAL FUNCTION
Examples
>>> self.{risksenseobject}.host_findings.downloadfilterinexport('hostfindingsdata',[])
- create(host_id_list, assessment_id, severity, source_id, scanner_uuid, title, finding_type, synopsis, description, solution, service_name, service_portnumber, cveids=[], filters=[], csvdump=False, client_id=None)[source]¶
Manually create a new host finding.
- Parameters:
host_id_list (
list
) – List of Host IDs to associate with this findingassessment_id (
int
) – Assessment IDseverity (
str
) – Severitysource_id (
str
) – Source IDscanner_uuid (
str
) – Scanner UUIDtitle (
str
) – Host Finding Titlefinding_type (
str
) – Host Finding Typesynopsis (
str
) – Synopsisdescription (
str
) – Descriptionsolution (
str
) – Solutionservice_name (
str
) – Service namecveids (
list
) – Ids of cvesservice_portnumber (
str
) – Service portnumberfilters (
list
) – A series of filters that make up a complete filtercsvdump (
bool
) – dumps id to csvclient_id – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.
- Return type:
int
- Returns:
The job ID is returned.
Example
Creating host finding
>>> self.{risksenseobject}.host_findings.create([123],190805,"9","publicnew","85200f98-1ea6-4641-9d27-171dc79f693f","something",'SERVICE',"testing to work on",,'somethingto work on','something to work on','new','5',[{"field":"id","exclusive":False,"operator":"IN","value":"6371904"}])
Note
You can also dump the host finding job id created in a csv using
csvdump=True
:>>> self.{risksenseobject}.host_findings.create([123],190805,"9","publicnew","85200f98-1ea6-4641-9d27-171dc79f693f","something",'SERVICE',"testing to work on",,'somethingto work on','something to work on','new','5',[{"field":"id","exclusive":False,"operator":"IN","value":"6371904"}],csvdump=True)
- update(hostfindingid, client_id=None, csvdump=False, **kwargs)[source]¶
Update a new host finding.
- Parameters:
hostfindingid (
int
) – Host finding id which you want to updateclient_id (
typing.Optional
[int
]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.csvdump (
bool
) – dumps id to csv
- Keyword Arguments:
title (
str
) – titledescription) (
str
) – descriptionsynopsis (
str
) – synopsissolution (
str
) – solution
- Return type:
int
- Returns:
The hostfinding ID is returned.
Example
To update host finding id 123’s description to ‘new description’
>>> self.rs.host_findings.update(123,description='new description')
Note
You can also dump the host finding job id updated in a csv using
csvdump=True
:>>> self.rs.host_findings.update(123,description='new description',csvdump=True)
- delete_manage_observations(hostfindingid, asssessmentid, csvdump=False, client_id=None)[source]¶
Delete manage observations
- Parameters:
hostfindingid (
int
) – Host finding idasssessmentid (
list
) – Assessment idcsvdump (
bool
) – dumps the data in csvclient_id (
typing.Optional
[int
]) – Client id of user, if none gets default client id
- Returns:
The jsonified response
- Return type:
jsonified_response
Example
To delete observation linked to host finding id 123 and assessment id 1234
>>> self.{risksenseobject}.host_findings.delete_manage_observations(123,[1234])
Note
You can also dump the host findings data before deleting the manage observation using
csvdump=True
argument>>> self.{risksenseobject}.host_findings.delete_manage_observations(123,[1234],csvdump=True)
- get_hostfinding_history(vulnerableids, csvdump=True, client_id=None)[source]¶
Get Host findings history
- Parameters:
vulnerableids (
list
) – List of vulnerable ids to get history ofclient_id (
typing.Optional
[int
]) – The client id , if none, default client id is takencsvdump – dumps the data in csv
- Return type:
list
- Returns:
The jsonified response
Example
To get host finding history
- get_groupby_hostfinding(client_id=None)[source]¶
Gets all the groupby key metrics for host findings
- Parameters:
client_id (
typing.Optional
[int
]) – The client id , if none, default client id is taken- Return type:
dict
- Returns:
The group by key metrics
Example
>>> self.{risksenseobject}.host_findings.get_groupby_hostfinding()
IGNORE INTERNAL FUNCTION .. note:: This function just returns the groupbyfields
- groupby_hostfinding(filters=[], sortorder=None, client_id=None, csvdump=False)[source]¶
Get groupby values for host finding
- Parameters:
filters (
list
) – The filters which will populate in groupbysortorder (
typing.Optional
[str
]) – The order to sort the groupby values, please choose ASC for ascending and DESC for descendingclient_id (
typing.Optional
[int
]) – The client id , if none, default client id is takencsvdump (
bool
) – dumps the data in csv
- Returns:
Group by information
- Return type:
groupby
Example
>>> self.{risksenseobject}.host_findings.groupby_hostfinding({filter})
The filter must be provided for the group by to be used. The groupby fields will be displayed in the terminal and you must choose a group by filter to which the data will be populated
Note
This function also has an option to dump the data in a csv by a simple argument,
csvdump=True
>>> self.{risksenseobject}.host_findings.groupby_hostfinding({filter},csvdump=True)
- get_single_search_page(search_filters, projection='basic', page_num=0, page_size=150, sort_field='id', sort_dir='ASC', client_id=None, csvdump=False)[source]¶
Searches for and returns hostfindings based on the provided filter(s) and other parameters.
- Parameters:
search_filters (
list
) – A list of dictionaries containing filter parameters.projection (
str
) – Projection to be used in API request. Projection.BASIC or Projection.DETAILpage_num (
int
) – The page number of results to be returned.csvdump (
bool
) – Dumps the data in csvpage_size (
int
) – The number of results per page to be returned.sort_field (
str
) – The field to be used for sorting results returned.sort_dir (
str
) – The direction of sorting to be used. SortDirection.ASC or SortDirection.DESCclient_id (
typing.Optional
[int
]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.
- Return type:
dict
- Returns:
The JSON response from the platform is returned.
Example
An example to get single search page of host findings data
>>> self.{risksenseobject}.host_findings.get_single_search_page([])
You can also try changing the other arguments to your liking to reflect the data as you suffice such as change page_size or page_num etc.
>>> self.{risksenseobject}.host_findings.get_single_search_page([],page_num=2,page_size=10)
- search(search_filters, projection='basic', page_size=150, sort_field='id', sort_dir='ASC', csvdump=False, client_id=None)[source]¶
Searches for and returns hostfindings based on the provided filter(s) and other parameters. Rather than returning paginated results, this function cycles through all pages of results and returns them all in a single list.
- Parameters:
search_filters (
list
) – A list of dictionaries containing filter parameters.projection (
str
) – Projection to be used in API request. Projection.BASIC or Projection.DETAILpage_size (
int
) – The number of results per page to be returned.sort_field (
str
) – The field to be used for sorting results returned.sort_dir (
str
) – The direction of sorting to be used. SortDirection.ASC or SortDirection.DESCcsvdump (
bool
) – dumps data in csvclient_id (
typing.Optional
[int
]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.
- Return type:
list
- Returns:
A list containing all host findings returned by the search using the filter provided.
Example
An example to search for host finding data is
>>> self.{risksenseobject}.host_findings.search([])
Note
You can also dump the search based data in a csv by simply providing
csvdump=True
argument>>> self.{risksenseobject}.host_findings.search([],csvdump=True)
- get_count(search_filters, client_id=None)[source]¶
Gets a count of hostfindings identified using the provided filter(s).
- Parameters:
search_filters (
list
) – A list of dictionaries containing filter parameters.client_id (
typing.Optional
[int
]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.
- Return type:
int
- Returns:
The number of hostfindings identified using the provided filter(s).
Example
An example to use get count function is as follows
>>> self.{risksenseobject}.host_findings.get_count([])
- add_tag(search_filters, tag_id, csvdump=False, client_id=None)[source]¶
Adds a tag to hostfinding(s).
- Parameters:
search_filters (
list
) – A list of dictionaries containing filter parameters.tag_id (
int
) – ID of tag to tbe added to hostfinding(s).csvdump (
bool
) – dumps the data in csvclient_id (
typing.Optional
[int
]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.
- Return type:
int
- Returns:
The job ID is returned.
Example
An example to add a tag is
>>> self.{risksenseobject}.host_findings.add_tag([],1234)
Note
You can also dump the host findings from the search filters post the tag completion for more information by
csvdump=True
argument>>> self.{risksenseobject}.host_findings.add_tag([],1234,csvdump=True)
- remove_tag(search_filters, tag_id, client_id=None, csvdump=False)[source]¶
Removes a tag from hostfinding(s).
- Parameters:
search_filters (
list
) – A list of dictionaries containing filter parameters.tag_id (
int
) – ID of tag to tbe removed from hostfinding(s).client_id (
typing.Optional
[int
]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.csvdump (
bool
) – dumps the data in csv
- Return type:
int
- Returns:
The job ID is returned.
Example
An example to use remove tag is
>>> self.{risksenseobject}.host_findings.remove_tag([],123)
Note
You can also dump the host findings which the tags will be removed from with a
csvdump=True
argument>>> self.{risksenseobject}.host_findings.remove_tag([],123,csvdump=True)
- assign(search_filters, users, csvdump=False, client_id=None)[source]¶
Assigns hostfinding(s) to a list of user IDs.
- Parameters:
search_filters (
list
) – A list of dictionaries containing filter parameters.users (
list
) – A list of user IDs to be assigned to hostfinding(s).csvdump (
bool
) – dumps the data in csvclient_id (
typing.Optional
[int
]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.
- Return type:
int
- Returns:
The job ID is returned.
Example
Lets assign user 123 to host findings based on filter of patch id 123
>>> self.{risksenseobject}.host_findings.assign([{"field":"source_patch_ids","exclusive":False,"operator":"IN","value":"123"}],[123])
Note
You can also dump the host findings data before assigning them to users using
csvdump=True
argument>>> self.{risksenseobject}.host_findings.assign([{"field":"source_patch_ids","exclusive":False,"operator":"IN","value":"123"}],[123],csvdump=True)
- unassign(search_filters, users, csvdump=False, client_id=None)[source]¶
Unassigns hostfinding(s) from a list of user IDs.
- Parameters:
search_filters (
list
) – A list of dictionaries containing filter parameters.users (
list
) – A list of user IDs to be unassigned from hostfinding(s).csvdump (
bool
) – dumps the data in csvclient_id (
typing.Optional
[int
]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.
- Return type:
int
- Returns:
The job ID is returned.
Example
Lets unassign user 123 from host findings based on filter of patch id 123
>>> self.{risksenseobject}.host_findings.unassign([{"field":"source_patch_ids","exclusive":False,"operator":"IN","value":"123"}],[123])
Note
You can also dump the host findings data before unassigning them from users using
csvdump=True
argument>>> self.{risksenseobject}.host_findings.unassign([{"field":"source_patch_ids","exclusive":False,"operator":"IN","value":"123"}],[123],csvdump=True)
- self_assign(filterfields, userid, csvdump=False, client_id=None)[source]¶
The host findings fetched are assigned to the current user
- Parameters:
filterfields (
list
) – A list of dictionaries containing filter parameters.csvdump (
bool
) – dumps the data in csvuserid (
list
) – A list of user IDs to be assigned to hostfinding(s).client_id (
typing.Optional
[int
]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.
- Return type:
int
- Returns:
The job ID in the platform is returned.
Example
Lets assign user 123 to host finding 1234
>>> self.{risksenseobject}.host_findings.self_assign([{"field":"id","exclusive":False,"operator":"IN","value":"1234"}],[123])
Note
You can also dump the host findings data before assigning them to users using
csvdump=True
argument>>> self.{risksenseobject}.host_finding.self_assign([{"field":"id","exclusive":False,"operator":"IN","value":"1234"}],[123],csvdump=True)
- self_unassign(filterfields, userids, client_id=None, csvdump=False)[source]¶
The host findings fetched are unassigned from the current user
- Parameters:
filterfields (
list
) – A list of dictionaries containing filter parameters.userids (
list
) – A list of integers of user idscsvdump (
bool
) – dumps the data in csvclient_id (
typing.Optional
[int
]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.
- Return type:
int
- Returns:
The job ID in the platform is returned.
Example
To unassign user 123 from finding id 1234
>>> self.{risksenseobject}.host_findings.self_unassign([{"field":"id","exclusive":False,"operator":"IN","value":"1234"}],[123])
Note
You can also dump the host findings data before unassigning them from users using
csvdump=True
argument>>> self.{risksenseobject}.host_findings.self_unassign([{"field":"id","exclusive":False,"operator":"IN","value":"1234"}],[123],csvdump=True)
- list_hostfinding_filter_fields(client_id=None)[source]¶
List filter endpoints.
- Parameters:
client_id (
typing.Optional
[int
]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.- Return type:
list
- Returns:
The JSON output from the platform is returned, listing the available filters.
Examples
>>> self.{risksenseobject}.host_findings.list_hostfinding_filter_fields()
- getexporttemplate(client_id=None)[source]¶
Gets configurable export template for host findings.
- Parameters:
client_id (
typing.Optional
[int
]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.- Return type:
list
- Returns:
The Exportable fields
Example
An example to use getexporttemplate
>>> self.{risksenseobject}.host_findings.getexporttemplate()
This gets all the export templates for host findings
- getexporttemplatebyid(export_id=None, client_id=None)[source]¶
Gets configurable export template for host findings.
- Parameters:
client_id (
typing.Optional
[int
]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.- Return type:
list
- Returns:
The Exportable fields
Example
An example to use getexporttemplate
>>> self.{risksenseobject}.host_findings.getexporttemplate()
This gets all the export templates for host findings
- Parameters:
export_id (
typing.Optional
[int
]) –
- getexporttemplates(client_id=None)[source]¶
Gets created existing export template for host findings.
- Parameters:
client_id (
typing.Optional
[int
]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.- Return type:
list
- Returns:
The Exportable fields
Example
An example to use getexporttemplates
>>> self.{risksenseobject}.host_findings.getexporttemplates()
This gets all the export templates for host findings
- export(search_filters, file_name, row_count='All', file_type='CSV', export_id=None, client_id=None)[source]¶
Initiates an export job on the platform for host finding(s) based on the provided filter(s).
- Parameters:
search_filters (
list
) – A list of dictionaries containing filter parameters.file_name (
str
) – The name to be used for the exported file.row_count (
str
) – No of rows to be exported. Available options ExportRowNumbers.ROW_10000, ExportRowNumbers.ROW_25000, ExportRowNumbers.ROW_50000, ExportRowNumbers.ROW_100000, ExportRowNumbers.ROW_ALLexportable_filter – Exportable filter
file_type (
str
) – File type to export. ExportFileType.CSV, ExportFileType.JSON, or ExportFileType.XLSXclient_id (
typing.Optional
[int
]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.export_id (
typing.Optional
[int
]) – If present, an export template id of the template to use to export.
- Return type:
int
- Returns:
The job ID in the platform from is returned.
Example
An example to use export is
>>> self.{risksenseobject}.host_findings.export([],'testingexport')
You can change the filetype to any of the names above or even the other positional arguments as mentioned
>>> self.{risksenseobject}.host_findings.export([],'testingexport',file_type=ExportFileType.JSON)
- update_due_date(search_filters, new_due_date, csvdump=False, client_id=None)[source]¶
Updates the due date assigned to hostfinding(s) based on the provided filter(s)
- Parameters:
search_filters (
list
) – A list of dictionaries containing filter parameters.new_due_date (
str
) – The new due date in the “YYYY-MM-DD” format.csvdump (
bool
) – dumps the data in csvclient_id (
typing.Optional
[int
]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.
- Return type:
int
- Returns:
The job ID is returned.
Example
Lets update an host finding id 1234 to due date 2022-08-11
>>> self.{risksenseobject}.host_findings.update_due_date([{"field":"id","exclusive":False,"operator":"IN","value":"1234"}],'2022-08-11')
Note
You can also dump the host findings data after updating their due date using
csvdump=True
argument>>> self.{risksenseobject}.host_findings.update_due_date([{"field":"id","exclusive":False,"operator":"IN","value":"1234"}],'2022-08-11',csvdump=True)
- add_note(search_filters, new_note, csvdump=False, client_id=None)[source]¶
Adds a note to hostfinding(s) based on the filter(s) provided.
- Parameters:
search_filters (
list
) – A list of dictionaries containing filter parameters.new_note (
str
) – The note to be added to the hostfinding(s). String.csvdump (
bool
) – dumps the data in csvclient_id (
typing.Optional
[int
]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.
- Return type:
int
- Returns:
The job ID is returned.
Example
To add a note ‘testing’ to host finding id 123
>>> self.{risksenseobject}.host_findings.add_note([{"field":"id","exclusive":False,"operator":"IN","value":"123"}],'testing')
Note
You can also dump the host findings data post adding a note using
csvdump=True
argument>>> self.{risksenseobject}.host_findings.add_note([{"field":"id","exclusive":False,"operator":"IN","value":"123"}],'testing',csvdump=True)
- delete(search_filters, csvdump=False, client_id=None)[source]¶
Deletes hostfinding(s) based on the provided filter(s)
- Parameters:
search_filters (
list
) – A list of dictionaries containing filter parameters.csvdump (
bool
) – dumps the data in csvclient_id (
typing.Optional
[int
]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.
- Return type:
int
- Returns:
The job ID is returned.
Example
To delete host finding by id 12345
>>> self.{risksenseobject}.host_findings.delete([{"field":"id","exclusive":False,"operator":"IN","value":"12345"}])
Note
You can also dump the host findings data before deleting the host findings using
csvdump=True
argument>>> self.{risksenseobject}.host_findings.delete([{"field":"id","exclusive":False,"operator":"IN","value":"12345"}],csvdump=True)
- subscribe_new_open_ransomware_findings(client_id=None)[source]¶
Subscribes the user to new open ransomware findings
- Parameters:
client_id (
typing.Optional
[int
]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.- Return type:
dict
- Returns:
The response to the subscription that was performed
Example
An example to use subscribe_new_open_ransomware_findings()
>>> self.{risksenseobject}.host_findings.subscribe_new_open_ransomware_findings()
This helps the user subscrive to new open ransomware findings
- unsubscribe_new_open_ransomware_findings(client_id=None)[source]¶
Unsubscribes the user from new open ransomware findings
- Parameters:
client_id (
typing.Optional
[int
]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.- Return type:
dict
- Returns:
The response to the unsubscription that was performed
Example
An example to use unsubscribe_new_open_ransomware_findings()
>>> self.{risksenseobject}.host_findings.unsubscribe_new_open_ransomware_findings()
This helps the user unsubscribe from new open ransomware findings
- subscribe_new_open_critical_findings_vrr(client_id=None)[source]¶
Subscribes the user to new open critical findings based on vrr
- Parameters:
client_id (
typing.Optional
[int
]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.- Return type:
dict
- Returns:
The response to the subscription that was performed
Example
An example to use subscribe_new_open_critical_findings_vrr()
>>> self.{risksenseobject}.host_findings.subscribe_new_open_critical_findings_vrr()
This helps the user subscribe to new open critical findings based on vrr.
- unsubscribe_new_open_critical_findings_vrr(client_id=None)[source]¶
Unsubscribes the user from new open critical findings based on vrr
- Parameters:
client_id (
typing.Optional
[int
]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.- Return type:
dict
- Returns:
The response to the subscription that was performed
Example
An example to use unsubscribe_new_open_critical_findings_vrr()
>>> self.{risksenseobject}.host_findings.unsubscribe_new_open_critical_findings_vrr()
This helps the user to unsubscribe from new open critical findings based on vrr.
- subscribe_new_open_critical_findings_severity(client_id=None)[source]¶
Subscribes the user to new open critical findings based on severity
- Parameters:
client_id (
typing.Optional
[int
]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.- Return type:
dict
- Returns:
The response to the subscription that was performed
Example
An example to use subscribe_new_open_critical_findings_severity()
>>> self.{risksenseobject}.host_findings.subscribe_new_open_critical_findings_severity()
This helps the user subscribe to new open critical findings based on severity.
- unsubscribe_new_open_critical_findings_severity(client_id=None)[source]¶
Unsubscribes the user from new open critical findings based on severity
- Parameters:
client_id (
typing.Optional
[int
]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.- Return type:
dict
- Returns:
The response to the subscription that was performed
Example
An example to use unsubscribe_new_open_critical_findings_severity()
>>> self.{risksenseobject}.host_findings.unsubscribe_new_open_critical_findings_severity()
This helps the user unsubscribe from new open critical findings based on severity.
- subscribe_new_open_high_findings_vrr(client_id=None)[source]¶
Subscribes the user to new open high findings based on vrr
- Parameters:
client_id (
typing.Optional
[int
]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.- Return type:
dict
- Returns:
The response to the subscription that was performed
Example
An example to use subscribe_new_open_high_findings_vrr()
>>> self.{risksenseobject}.host_findings.subscribe_new_open_high_findings_vrr()
This helps the user subscribe to new open high findings based on vrr.
- unsubscribe_new_open_high_findings_vrr(client_id=None)[source]¶
Unsubscribe the user from new open high findings based on vrr
- Parameters:
client_id (
typing.Optional
[int
]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.- Return type:
dict
- Returns:
The response to the subscription that was performed
Example
An example to use unsubscribe_new_open_high_findings_vrr()
>>> self.{risksenseobject}.host_findings.unsubscribe_new_open_high_findings_vrr()
This helps the user unsubscribe from new open high findings based on vrr.
- subscribe_new_open_high_findings_severity(client_id=None)[source]¶
Subscribes the user to new open high findings based on severity
- Parameters:
client_id (
typing.Optional
[int
]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.- Return type:
dict
- Returns:
The response to the subscription that was performed
Example
An example to use subscribe_new_open_high_findings_severity()
>>> self.{risksenseobject}.host_findings.subscribe_new_open_high_findings_severity()
This helps the user subscribe to new open high findings based on severity.
- unsubscribe_new_open_high_findings_severity(client_id=None)[source]¶
Unsubscribes the user from new open high findings based on severity
- Parameters:
client_id (
typing.Optional
[int
]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.- Return type:
dict
- Returns:
The response to the subscription that was performed
Example
An example to use unsubscribe_new_open_high_findings_severity()
>>> self.{risksenseobject}.host_findings.unsubscribe_new_open_high_findings_severity()
This helps the user unsubscribe from new open high findings based on severity.
- map_findings(filter_request, workflowtype, workflowuuid, csvdump=False, client_id=None)[source]¶
Map hostfindings to a workflow .
- Parameters:
filter_request (
list
) – A list of dictionaries containing filter parameters.workflowtype (
str
) – Type of workflow, either falsePositive,remediation,acceptance,severityChange. Please use the exact names as above for workflow typeworkflowuuid (
str
) – workflow uuidcsvdump (
bool
) – dumps the data in csvclient_id (
typing.Optional
[int
]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.
- Return type:
bool
- Returns:
The success flag.
Example
To map a workflow ‘st1234’ to finding by id ‘123’ of type severitychange
>>> self.{risksenseobject}.host_findings.map_findings([{"field":"id","exclusive":False,"operator":"IN","orWithPrevious":False,"implicitFilters":[],"value":"123"}],'severityChange','st1234')
Note
You can also dump the host findings data post mapping the findings using
csvdump=True
argument>>> self.{risksenseobject}.host_findings.map_findings([{"field":"id","exclusive":False,"operator":"IN","orWithPrevious":False,"implicitFilters":[],"value":"123"}],'severityChange','st1234',csvdump=True)
- add_ticket_tag(search_filters, tag_id, client_id=None)[source]¶
Adds a ticket tag to the host findings based on a search filter
- Parameters:
search_filters (
list
) – A list of dictionaries containing filter parameters.tag_id (
int
) – The tag idclient_id (
typing.Optional
[int
]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.
- Return type:
int
- Returns:
The job ID in the platform is returned.
Example
To add a ticket tag to host findings
>>> self.{risksenseobject}.host_findings.add_ticket_tag([],123)
- unmap_findings(filter_request, workflowtype, workflowuuid, csvdump=False, client_id=None)[source]¶
Unmap findings from workflow.
- Parameters:
filter_request (
list
) – A list of dictionaries containing filter parameters.workflowtype (
str
) – Type of workflow, either falsePositive,remediation,acceptance,severityChange. Please use the exact names as above for workflow typeworkflowuuid (
str
) – workflow uuidcsvdump (
bool
) – dumps the data in csvclient_id (
typing.Optional
[int
]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.
- Return type:
bool
- Returns:
The success flag.
Example
To unmap a workflow ‘st1234’ from finding by id ‘123’ of type severitychange
>>> self.{risksenseobject}.host_findings.unmap_findings([{"field":"id","exclusive":False,"operator":"IN","orWithPrevious":False,"implicitFilters":[],"value":"123"}],'severityChange','st1234')
Note
You can also dump the host findings data before unmapping the findings using
csvdump=True
argument>>> self.{risksenseobject}.host_findings.unmap_findings([{"field":"id","exclusive":False,"operator":"IN","orWithPrevious":False,"implicitFilters":[],"value":"123"}],'severityChange','st1234',csvdump=True)
- get_model(client_id=None)[source]¶
Get available projections and models for Host Findings.
- Parameters:
client_id (
typing.Optional
[int
]) – Client ID- Return type:
dict
- Returns:
Host Finding projections and models are returned.
Example
An example to use get_model is
>>> self.{risksenseobject}.host_findings.get_model()
- suggest(search_filter_1, search_filter_2, client_id=None)[source]¶
Suggest values for filter fields.
- Parameters:
search_filter_1 (
list
) – Search Filter 1search_filter_2 (
dict
) – Search Filter 2client_id (
typing.Optional
[int
]) – Client ID
- Returns:
Value suggestions
Example
To use suggest function is
>>> self.{risksenseobject}.host_findings.suggest([],{})
- apply_system_filters(csvdump=False, client_id=None)[source]¶
Get data from system filters for host findings.
- Parameters:
client_id (
typing.Optional
[int
]) – Client ID. If an ID isn’t passed, will use the profile’s default Client ID.csvdump (
bool
) – csvdump is a boolean which you can make true if you want to dump the data from system filters in a csv. Keep it false if it’s not needed.
- Return type:
list
- Returns:
The data of the system filter based host findings values are returned
Example
An example to use apply_system_filters is
>>> self.{risksenseobject}.host_findings.apply_system_filters()
The system filters will be displayed in the terminal to which you must provide a key value and the data returned will reflect based on the system filter chosen
Note
You can also dump the host findings from the system filters search by
csvdump=True
argument>>> self.{risksenseobject}.host_findings.apply_system_filters(csvdump=True)