Playbooks (risksense_api.__subject.__playbooks.__playbooks
)¶
Playbooks module defined for different playbooks related api endpoints.
- class risksense_api.__subject.__playbooks.__playbooks.Playbooks(profile)[source]¶
Bases:
Subject
Playbooks class
- Parameters:
profile (
object
) –
- __init__(profile)[source]¶
Initialization of Playbooks object.
- Parameters:
profile (
object
) – Profile Object
- get_supported_inputs(csvdump=False, client_id=None)[source]¶
Get a list of supported playbook inputs.
- Parameters:
client_id (
typing.Optional
[int
]) – Client IDcsvdump (
bool
) – dumps the data in csv
- Return type:
list
- Returns:
Supported inputs
Example
To get supported inputs
>>> self.{risksenseobject}.playbooks.get_supported_inputs()
Note
You can also dump the data in csv using
csvdump=True
>>> self.{risksenseobject}.playbooks.get_supported_inputs(csvdump=True)
- get_supported_actions(csvdump=False, client_id=None)[source]¶
Get a list of supported playbook actions.
- Parameters:
client_id (
typing.Optional
[int
]) – Client IDcsvdump (
bool
) – Dumps the data in csv
- Return type:
list
- Returns:
Supported actions
Example
To get supported actions
>>> self.{risksenseobject}.playbooks.get_supported_actions()
Note
You can also dump the data in a csv using
csvdump=True
>>> self.{risksenseobject}.playbooks.get_supported_actions(csvdump=True)
- get_supported_frequencies(client_id=None)[source]¶
Get a list of supported playbook frequencies.
- Parameters:
client_id (
typing.Optional
[int
]) – Client IDcsvdump – Dumps the data in csv
- Return type:
list
- Returns:
Supported frequencies
Example
To get supported frequencies
>>> self.{risksenseobject}.playbooks.get_supported_frequencies()
Note
You can also dump the data in a csv using
csvdump=True
>>> self.{risksenseobject}.playbooks.get_supported_frequencies(csvdump=True)
- get_supported_outputs(csvdump=False, client_id=None)[source]¶
Get a list of supported playbook outputs.
- Parameters:
client_id (
typing.Optional
[int
]) – Client IDcsvdump (
bool
) – Dumps the data in csv
- Return type:
list
- Returns:
Supported outputs
Example
To get supported outputs
>>> self.{risksenseobject}.playbooks.get_supported_outputs()
Note
You can also dump the data in a csv using
csvdump=True
>>> self.{risksenseobject}.playbooks.get_supported_outputs(csvdump=True)
- get_subject_supported_actions(csvdump=False, client_id=None)[source]¶
Get a list of subject-supported playbook actions.
- Parameters:
client_id (
typing.Optional
[int
]) – Client IDcsvdump (
bool
) – Dumps the data in csv
- Return type:
dict
- Returns:
Subject Supported actions
Example
To get Subject Supported actions
>>> self.{risksenseobject}.playbooks.get_subject_supported_actions()
Note
You can also dump the data in a csv using
csvdump=True
>>> self.{risksenseobject}.playbooks.get_subject_supported_actions(csvdump=True)
- get_playbooks_single_page(page_size=1000, page_num=0, sort_dir='ASC', client_id=None)[source]¶
Fetch a single page of playbooks from client
- Parameters:
page_size (
int
) – Page Sizepage_num (
int
) – Page Numbersort_dir (
str
) – Sort Directionclient_id (
typing.Optional
[int
]) – Client ID
- Return type:
dict
- Returns:
The paginated JSON response from the platform is returned.
Example
An example to get single search page of playbooks data
>>> self.{risksenseobject}.playbooks.get_single_search_page([])
You can also try changing the other arguments to your liking to reflect the data as you suffice such as change page_size or page_num etc.
>>> self.{risksenseobject}.playbooks.get_single_search_page([],page_num=2,page_size=10)
- get_all_playbooks(csvdump=False, client_id=None)[source]¶
Get all playbooks for a client.
- Parameters:
client_id (
typing.Optional
[int
]) – Client IDcsvdump (
bool
) – dumps the data in csv
- Return type:
list
- Returns:
All Playbooks for a client
Example
To get all playbooks
>>> self.{risksenseobject}.playbooks.get_all_playbooks()
Note
You can also dump the data using
csvdump=True
argument>>> self.{risksenseobject}.playbooks.get_all_playbooks(csvdump=True)
- get_specific_playbook(playbook_uuid, csvdump=False, client_id=None)[source]¶
Fetch a specific playbook by UUID.
- Parameters:
playbook_uuid (
str
) – Playbook UUIDcsvdump (
bool
) – dumps the data in csvclient_id (
typing.Optional
[int
]) – Client ID
- Return type:
dict
- Returns:
The Playbook information
Example
To get specific playbook 1234str
>>> self.{risksenseobject}.playbooks.get_specific_playbook('1234str')
Note
You can also dump the data using
csvdump=True
argument>>> self.{risksenseobject}.playbooks.get_specific_playbook('1234str',csvdump=True)
- get_single_page_playbook_rules(playbook_uuid, page_num=0, page_size=1000, sort_dir='ASC', client_id=None)[source]¶
Get a single page of rules for a specific playbook
- Parameters:
playbook_uuid (
str
) – Playbook UUIDpage_num (
int
) – Page number to retrievepage_size (
int
) – Number of items per page to returnsort_dir (
int
) – Sort Directionclient_id (
typing.Optional
[int
]) – Client ID
- Return type:
dict
- Returns:
Playbook rules
Example
To get single page playbook rule from playbook 123str
>>> self.{risksenseobject}.playbooks.get_single_page_playbook_rules('123str')
- get_all_rules_for_playbook(playbook_uuid, sort_dir='ASC', csvdump=False, client_id=None)[source]¶
Get all rules for a specific playbook
- Parameters:
playbook_uuid (
str
) – Playbook UUIDsort_dir (
str
) – Sort Directioncsvdump (
bool
) – dumps the data in csvclient_id (
typing.Optional
[int
]) – Client ID
- Return type:
list
- Returns:
All playbook rules
Example
To get all rules for playbook 123str
>>> self.{risksenseobject}.playbooks.get_all_rules_for_playbook('123str')
Note
You can also dump the data using
csvdump=True
argument>>> self.{risksenseobject}.playbooks.get_all_rules_for_playbook('123str',csvdump=True)
- add_rule(playbook_uuid, rule_name, rule_desc, rule_input, rule_action_type, rule_action, rule_output_type, rule_output, csvdump=False, client_id=None)[source]¶
Add a rule to a playbook.
- Parameters:
playbook_uuid (
str
) – Playbook UUIDrule_name (
str
) – Rule Namerule_desc (
str
) – Rule Descriptionrule_input (
str
) – Rule Inputrule_action_type (
str
) – Rule Action Typerule_action (
dict
) – Rule action to takerule_output_type (
str
) – Rule output typerule_output (
dict
) – Rule outputcsvdump (
bool
) – dumps the data in csvclient_id (
typing.Optional
[int
]) – Client ID
- Return type:
list
- Returns:
List containing dict of rule details.
Example
To add a rule to a playbook
>>> self.{risksenseobject}.playbooks.add_rule('11ec58c8-123-123-a0b0-06933745a4d6','newtest',"testingsomethinghere","HOST_FINDING","ASSIGNMENT",{"userIds":[123],"filterRequest":{"filters":[{"field":"group_names","exclusive":False,"operator":"EXACT","value":"AdamM","orWithPrevious":False,"enabled":True,"implicitFilters":[],"altQueryConstruction":False},{"field":"lastFoundOn","exclusive":False,"operator":"BEFORE","value":"2021-01-28","orWithPrevious":False,"enabled":True,"implicitFilters":[],"altQueryConstruction":False}]}},"NO_OUTPUT",{})
Note
You can also dump the data using
csvdump=True
argument>>> self.{risksenseobject}.playbooks.add_rule('11ec58c8-123-123-a0b0-06933745a4d6','newtest',"testingsomethinghere","HOST_FINDING","ASSIGNMENT",{"userIds":[123],"filterRequest":{"filters":[{"field":"group_names","exclusive":False,"operator":"EXACT","value":"AdamM","orWithPrevious":False,"enabled":True,"implicitFilters":[],"altQueryConstruction":False},{"field":"lastFoundOn","exclusive":False,"operator":"BEFORE","value":"2021-01-28","orWithPrevious":False,"enabled":True,"implicitFilters":[],"altQueryConstruction":False}]}},"NO_OUTPUT",{},csvdump=True)
- add_multiple_rules(playbook_uuid, rules, csvdump=False, client_id=None)[source]¶
Add multiple rules to a playbook.
- Parameters:
playbook_uuid (
str
) – Playbook UUIDrules (
list
) – List of Rules the user want to createcsvdump (
bool
) – dumps the data in csvclient_id (
typing.Optional
[int
]) – Client ID
- Return type:
list
- Returns:
List containing dict of rule details.
Example
To add multiple rules for a playbook
>>> self.{risksenseobject}.playbooks.add_multiple_rules('11ec8a6e-1234-123-9fb0-02a87de7e1ee',[ {"name": "testnew2", "description": "test", "input": "HOST", "actionType": "TAG_APPLY", "action": {"tagIds": [], "isRemove": False, "filterRequest": {"filters": [{"field": "criticality", "exclusive": False, "operator": "IN", "value": "4", "orWithPrevious": False, "implicitFilters": [], "enabled": True}]}}, "outputType": "NO_OUTPUT", "output": {}},{"name": "testnew3", "description": "testing2", "input": "HOST", "actionType": "TAG_APPLY", "action": {"tagIds": [], "isRemove": False, "filterRequest": {"filters": [{"field": "criticality", "exclusive": False, "operator": "IN", "value": "4", "orWithPrevious": False, "implicitFilters": [], "enabled": True}]}}, "outputType": "NO_OUTPUT", "output": {}}])
Note
You can also dump the data using
csvdump=True
argument>>> self.{risksenseobject}.playbooks.add_multiple_rules('11ec8a6e-1234-123-9fb0-02a87de7e1ee',[ {"name": "testnew2", "description": "test", "input": "HOST", "actionType": "TAG_APPLY", "action": {"tagIds": [], "isRemove": False, "filterRequest": {"filters": [{"field": "criticality", "exclusive": False, "operator": "IN", "value": "4", "orWithPrevious": False, "implicitFilters": [], "enabled": True}]}}, "outputType": "NO_OUTPUT", "output": {}},{"name": "testnew3", "description": "testing2", "input": "HOST", "actionType": "TAG_APPLY", "action": {"tagIds": [], "isRemove": False, "filterRequest": {"filters": [{"field": "criticality", "exclusive": False, "operator": "IN", "value": "4", "orWithPrevious": False, "implicitFilters": [], "enabled": True}]}}, "outputType": "NO_OUTPUT", "output": {}}],csvdump=True)
- create(name, description, schedule_freq, hour_of_day, client_id=None, csvdump=False, **kwargs)[source]¶
Create a new playbook
- Parameters:
name (
str
) – Namedescription (
str
) – Descriptionschedule_freq (
str
) – Schedule Frequency (ScheduleFreq.DAILY, ScheduleFreq.WEEKLY, ScheduleFreq.MONTHLY, ‘DISABLED’)hour_of_day (
str
) – Hour of the dayclient_id (
typing.Optional
[int
]) – Client IDcsvdump (
bool
) – dumps the data in csv
- Keyword Arguments:
day_of_week (
str
) – Day of the weekday_of_month (
str
) – Day of the month
- Return type:
str
- Returns:
Playbook UUID
Example
To create a playbook
>>> self.{risksenseobject}.playbooks.create("teamtest1","test",self.rs.schedulefreq.DAILY,"5")
Note
You can also dump the data in csv using
csvdump=True
>>> self.{risksenseobject}.playbooks.create("teamtest1","test",self.rs.schedulefreq.DAILY,"5",csvdump=True)
- update(playbook_uuid, name, description, schedule_freq, hour_of_day, csvdump=False, client_id=None, **kwargs)[source]¶
Update a playbook
- Parameters:
playbook_uuid (
str
) – Playbook UUIDname (
str
) – Namedescription (
str
) – Descriptionschedule_freq (
str
) – Schedule Frequency (ScheduleFreq.DAILY, ScheduleFreq.WEEKLY, ScheduleFreq.MONTHLY, ‘DISABLED’)csvdump (
bool
) – dumps the data in csvclient_id (
typing.Optional
[int
]) – Client IDhour_of_day (
str
) – Hour of the day
- Keyword Arguments:
day_of_week (
str
) – Day of the weekday_of_month (
str
) – Day of the month
- Return type:
dict
- Returns:
Playbook and its details
Example
To update a playbook
>>> self.{risksenseobject}.playbooks.update('123456-3f1c-3b81-b7ab-06933745a4d6','testing2','somethingtotestrighthere',"DAILY",hour_of_day=5)
Note
You can also dump the data in csv using
csvdump=True
>>> self.{risksenseobject}.playbooks.update('123456-3f1c-3b81-b7ab-06933745a4d6','testing2','somethingtotestrighthere',"DAILY",hour_of_day=5,csvdump=True)
- delete(playbook_uuid, csvdump=False, client_id=None)[source]¶
Delete a playbook.
- Parameters:
playbook_uuid (
str
) – playbook UUIDcsvdump (
bool
) – dumps the data in csvclient_id (
typing.Optional
[int
]) – client ID
- Return type:
bool
- Returns:
true/false indicating successful deletion
Example
To delete a playbook
>>> self.{risksenseobject}.playbooks.delete('123-123')
Note
You can also dump the data in csv using
csvdump=True
>>> self.{risksenseobject}.playbooks.delete('123-123',csvdump=True)
- get_playbook_details(playbook_uuid, csvdump=False, client_id=None)[source]¶
Get the details for a specific playbook
- Parameters:
playbook_uuid (
str
) – playbook UUIDclient_id (
typing.Optional
[int
]) – client IDcsvdump (
bool
) – Dump the data in a csv
- Return type:
dict
- Returns:
Playbook details
Example
To get playbook details
>>> self.{risksenseobject}.get_playbook_details('123-123')
Note
You can also dump the data in csv using
csvdump=True
>>> self.{risksenseobject}.get_playbook_details('123-123',csvdump=True)
- rule_reorder(playbook_uuid, rule_uuids, csvdump=False, client_id=None)[source]¶
Reorder playbook rules for an already existing playbook
- Parameters:
playbook_uuid (
str
) – UUID for playbook to be reorderedrule_uuids (
list
) – A list of rule UUIDs (strings), in the order desiredcsvdump (
bool
) – dumps the data in csvclient_id (
typing.Optional
[int
]) – Client ID
- Return type:
list
- Returns:
List of reordered rule definitions
Example
To reorder the rules
>>> self.{risksenseobject}.playbooks.rule_reorder('1234-87dc-353b-a0b0-06933745a4d6',["4321-10bc-3f1f-a0b0-06933745a4d6",'1234-1151-3d17-b7ab-06933745a4d6',"111-55bc-421a-b7ab-06933745a4d6","111-28fa-b4eb-b7ab-06933745a4d6","111-fa9b-e4ad-b7ab-06933745a4d6"])
Note
You can also dump the reodered data in a csv using
>>> self.{risksenseobject}.playbooks.rule_reorder('1234-87dc-353b-a0b0-06933745a4d6',["4321-10bc-3f1f-a0b0-06933745a4d6",'1234-1151-3d17-b7ab-06933745a4d6',"111-55bc-421a-b7ab-06933745a4d6","111-28fa-b4eb-b7ab-06933745a4d6","111-fa9b-e4ad-b7ab-06933745a4d6"],csvdump=True)
- update_rule(rule_uuid, playbook_name, playbook_desc, playbook_input, playbook_action_type, playbook_action, playbook_output_type, playbook_output, csvdump=False, client_id=None)[source]¶
Update an existing playbook rule
- Parameters:
rule_uuid (
str
) – UUID for rule to be updatedplaybook_name (
str
) – Playbook nameplaybook_desc (
str
) – Playbook descriptionplaybook_input (
str
) – Playbook Inputplaybook_action_type (
str
) – Playbook action typeplaybook_action (
dict
) – Playbook actionplaybook_output_type (
str
) – Playbook output typeplaybook_output (
dict
) – Playbook outputcsvdump (
bool
) – dumps the data in csvclient_id (
typing.Optional
[int
]) – Client ID
- Return type:
bool
- Returns:
Indication of success
Example
To update a playbook rule
>>> self.{risksenseobject}.playbooks.update_rule('11ec8ae5-73dd-c48c-9fb0-02a87de7e1ee',"namingconventionchanged","testnew2", "HOST", "TAG_APPLY", {"tagIds": [], "isRemove": False, "filterRequest": {"filters": [{"field": "criticality", "exclusive": False, "operator": "IN", "value": "4", "orWithPrevious": False, "implicitFilters": [], "enabled": True}]}},"NO_OUTPUT", {})
Note
You can also dump the data in csv using
csvdump=True
>>> self.{risksenseobject}.playbooks.update_rule('11ec8ae5-73dd-c48c-9fb0-02a87de7e1ee',"namingconventionchanged","testnew2", "HOST", "TAG_APPLY", {"tagIds": [], "isRemove": False, "filterRequest": {"filters": [{"field": "criticality", "exclusive": False, "operator": "IN", "value": "4", "orWithPrevious": False, "implicitFilters": [], "enabled": True}]}},"NO_OUTPUT", {},csvdump=True)
- delete_playbook_rule(rule_uuid, csvdump=False, client_id=None)[source]¶
Delete an existing playbook rule.
- Parameters:
rule_uuid (
str
) – Rule UUIDcsvdump (
bool
) – dumps the data in csvclient_id (
typing.Optional
[int
]) – Client ID
- Return type:
bool
- Returns:
Indication of success
Example
To delete a playbook rule
>>> self.{risksenseobject}.playbooks.delete_playbook_rule('1234-6fb3-206e-9fb0-02a87de7e1ee')
Note
You can also dump the data in csv using
csvdump=True
>>> self.{risksenseobject}.playbooks.delete_playbook_rule('1234-6fb3-206e-9fb0-02a87de7e1ee',csvdump=True)
- get_specific_playbook_rule(rule_uuid, csvdump=False, client_id=None)[source]¶
Get details for a specific playbook rule.
- Parameters:
rule_uuid (
str
) – Playbook rule UUIDclient_id (
typing.Optional
[int
]) – Client IDcsvdump (
bool
) – dumps the data in csv
- Return type:
dict
- Returns:
Playbook rule details
Example
To get specific playbook rule
>>> self.{risksenseobject}.playbooks.get_specific_playbook_rule('123456-73dd-c48c-9fb0-02a87de7e1ee')
Note
You can also dump the data in csv using
csvdump=True
>>> self.{risksenseobject}.playbooks.get_specific_playbook_rule('123456-73dd-c48c-9fb0-02a87de7e1ee',csvdump=True)
- toggle_enabled(playbook_uuids, enabled=False, client_id=None)[source]¶
Enable/Disable playbooks.
- Parameters:
playbook_uuids (
list
) – A list of Playbook UUIDs to enable/disableenabled (
bool
) – Enable/Disable playbooks,please provide true for enabled and false for disabledclient_id (
typing.Optional
[int
]) – Client ID
- Returns:
True
Example
To enable a playbook
>>> self.{risksenseobject}.playbooks.toggle_enabled(['11ed13b4-52c3-a3c1-9fb0-02a87de7e1ee'],enabled=True)
To disable a playbook
>>> self.{risksenseobject}.playbooks.toggle_enabled(['11ed13b4-52c3-a3c1-9fb0-02a87de7e1ee'],enabled=False)
- run_playbook(playbook_uuid, csvdump=False, client_id=None)[source]¶
Run a playbook.
- Parameters:
playbook_uuid (
str
) – Playbook UUIDclient_id (
typing.Optional
[int
]) – Client IDcsvdump (
bool
) – dumps the data in csv
- Return type:
dict
- Returns:
JSON response from platform
Example
>>> self.{risksenseobject}.playbooks.run_playbook('12345-1234-123')
Note
You can also dump the data in csv using
csvdump=True
>>> self.{risksenseobject}.playbooks.run_playbook('12345-1234-123',csvdump=True)
- _get_playbook_page_info(url, page_size)[source]¶
Get number of available pages for fetch.
- Parameters:
url (
str
) – URL of endpointpage_size (
int
) – page size
- Return type:
int
- Returns:
Total number of available pages
IGNORE function as it is an Internal Function*
- _fetch_in_bulk(func_name, page_range, **func_args)[source]¶
Threaded fetch of playbook info, supporting multiple threads. Combines all results in a single list and returns.
- Parameters:
func_name (
str
) – Search function namepage_range (
int
) – Page range
IGNORE - INTERNAL FUNCTION
- Keyword Arguments:
func_args (
dict
) – args to be passed to search function- Return type:
list
- Returns:
List of all results returned by search function