Skip to content

forensic-security/cybereason

BranchesTags

Repository files navigation

Cybereason

Async Cybereason API client

PyPI - Python Version

Installation

pip install cybereason

Install cybereason using:

  • pip install cybereason[zip] to enable on-the-fly extraction of files downloaded from sensors,
  • pip install cybereason[socks] to enable SOCKS proxy support, or
  • pip install cybereason[zip,socks] to enable both features.

Examples

Save metadata and config for every policy

from cybereason import Cybereason
import asyncio
import json

async def dump_policies_config():
    '''Save metadata and config for every policy.
    '''
    async with Cybereason(<tenant>, <username>, <password>) as client:
        async for policy in client.get_policies(show_config=True):
            filename = f'{policy["metadata"]["name"]}.json'
            with open(filename, 'w') as f:
                json.dump(policy, f, indent=4)

asyncio.run(dump_policies_config())

Download and parse into JSON all user audit logs (action log)

from cybereason import Cybereason
import asyncio
import json

async def user_audit():
    async with Cybereason(<tenant>, <username>, <password>) as client:
        # rotated=False to get only the latest logs
        logs = [log async for log in client.get_user_audit_logs(rotated=True)]
        with open('user_audit.json', 'w') as f:
            json.dump(logs, f, indent=4)

asyncio.run(user_audit())

Copyright © 2021-2024 Forensic & Security

About

Async Cybereason API client

pypi.org/project/cybereason

Topics

python security cybersecurity asyncio cybereason

Resources

Readme

License

BSD-3-Clause license
Activity
Custom properties

Stars

6 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

10 tags

Contributors 2

  •  
  •  

Languages