PyIntelOwl

Robust Python SDK and Command Line Client for interacting with IntelOwl's API.

Features

• Easy one-time configuration with self documented help and hints along the way.
• Request new analysis for observables and files.
  • Select which analyzers you want to run for every analysis you perform.
  • Choose whether you want to HTTP poll for the analysis to finish or not.
• List all jobs or view one job in a prettified tabular form.
• List all tags or view one tag in a prettified tabular form.

Demo

Installation

$ pip3 install pyintelowl

For development/testing, pip3 install pyintelowl[dev]

Quickstart

As Command Line Client

On successful installation, The pyintelowl entryscript should be directly invokable. For example,

$ pyintelowl
Usage: pyintelowl [OPTIONS] COMMAND [ARGS]...

Options:
  -d, --debug  Set log level to DEBUG
  --version    Show the version and exit.
  -h, --help   Show this message and exit.

Commands:
  analyse                Send new analysis request
  analyzer-healthcheck   Send healthcheck request for an analyzer...
  config                 Set or view config variables
  connector-healthcheck  Send healthcheck request for a connector
  jobs                   Manage Jobs
  tags                   Manage tags

As a library / SDK

from pyintelowl import IntelOwl
obj = IntelOwl("<your_api_key>", "<your_intelowl_instance_url>", "optional<path_to_pem_file>", "optional<proxies>")

For more comprehensive documentation, please see https://intelowlproject.github.io/docs/pyintelowl/.

Changelog

View CHANGELOG.md.

How to generate an API key

You need a valid API key to interact with the IntelOwl server. Keys can be created from the "API access" section of the user's menu in the IntelOwl's GUI.

Otherwise, you can create them from the Django Admin Interface of the IntelOwl application with an administration account. Section "Durin" -> "Auth tokens"