- Follow the
Installation
steps - Setup the connection arguments using axonshell
tools_write_config
- Create a baseline script using
axonius_api_client.connect.Connect
Here's a simple example to get all device assets matching a query of:
- assets that have NOT been seen in the last 3 days
- assets seen by AWS
- assets with an OS Type of Windows
Include extra fields in addition to the default fields specified in the API:
- AWS: AWS Device Type
- OS: Type
- OS: Full OS String
>>> entries = [
... {'type': 'simple', 'value': '! last_seen last_days 3'},
... {'type': 'simple', 'value': 'os.type equals windows'},
... {'type': 'simple', 'value': 'aws:id exists'},
... ]
>>> fields = ["aws:aws_device_type", "os.type", "os.os_str"]
>>> assets = devices.get(wiz_entries=entries, fields=fields, field_null=True)
>>> print(devices.LAST_GET['filter'])
not (specific_data.data.last_seen >= date("NOW - 3d")) and (specific_data.data.os.type == "Windows") and ((adapters_data.aws_adapter.id == ({"$exists":true,"$ne":""})))
>>> len(assets)
5
>>> j(list(assets[0]))
[
"adapter_list_length",
"adapters",
"adapters_data.aws_adapter.aws_device_type",
"internal_axon_id",
"labels",
"specific_data.data.hostname",
"specific_data.data.name",
"specific_data.data.network_interfaces.ips",
"specific_data.data.network_interfaces.mac",
"specific_data.data.os.os_str",
"specific_data.data.os.type",
"specific_data.data.last_seen"
]
Note
Look in the axonius_api_client.examples
directory for proof of concept example scripts
- Adapters:
axonius_api_client.api.adapters.adapters.Adapters
- Adapter connections:
axonius_api_client.api.adapters.cnx.Cnx
- Device assets:
axonius_api_client.api.assets.devices.Devices
- User assets:
axonius_api_client.api.assets.users.Users
- Saved queries:
axonius_api_client.api.assets.saved_query.SavedQuery
- Fields:
axonius_api_client.api.assets.fields.Fields
- Tags:
axonius_api_client.api.assets.labels.Labels
- Export callbacks for
axonius_api_client.api.assets.devices.Devices.get
andaxonius_api_client.api.assets.users.Users.get
:- If
export
is not supplied, seeaxonius_api_client.api.asset_callbacks.base.Base.args_map
. - If
export
equalsjson
, seeaxonius_api_client.api.asset_callbacks.base_json.Json.args_map
. - If
export
equalscsv
, seeaxonius_api_client.api.asset_callbacks.base_csv.Csv.args_map
. - If
export
equalsjson_to_csv
, seeaxonius_api_client.api.asset_callbacks.base_json_to_csv.JsonToCsv.args_map
. - If
export
equalstable
, seeaxonius_api_client.api.asset_callbacks.base_table.Table.args_map
. - If
export
equalsxlsx
, seeaxonius_api_client.api.asset_callbacks.base_xlsx.Xlsx.args_map
.
- If
- Query wizards:
- For python objects:
axonius_api_client.api.wizards.wizard.Wizard
- For CSV files:
axonius_api_client.api.wizards.wizard_csv.WizardCsv
- For text files:
axonius_api_client.api.wizards.wizard_text.WizardText
- For python objects:
- Enforcements:
axonius_api_client.api.enforcements.enforcements.Enforcements
- Enforcement Actions:
axonius_api_client.api.enforcements.actions.RunAction
- Dashboards and discovery cycles:
axonius_api_client.api.system.dashboard.Dashboard
- Initial Signup:
axonius_api_client.api.system.signup.Signup
- Instances:
axonius_api_client.api.system.instances.Instances
- Meta Data:
axonius_api_client.api.system.meta.Meta
- System Roles:
axonius_api_client.api.system.system_roles.SystemRoles
- System Settings - Global Settings:
axonius_api_client.api.system.settings_global.SettingsGlobal
- System Settings - GUI Settings:
axonius_api_client.api.system.settings_gui.SettingsGui
- System Settings - Lifecyle Settings:
axonius_api_client.api.system.settings_lifecycle.SettingsLifecycle
- System Users:
axonius_api_client.api.system.system_users.SystemUsers