FalconPy v0.4.7
This release contains a new pattern for Service Classes that allows query string parameter payload values to be passed directly via the function call as arguments.
Example
import json
from falconpy.ml_exclusions import ML_Exclusions as FalconML
falcon = FalconML(creds={"client_id": client_ID, "client_secret": client_secret})
print(json.dumps(falcon.queryMLExclusionsV1(limit=10, offset=20, sort="value.asc"), indent=4))This release also contains the following Service Classes:
- D4C Registration API
- Installation Tokens API
- IOA Exclusions API
- Falcon Complete Dashboard API
- MalQuery API
- ML Exclusions API
- Overwatch Dashboard API
- Sensor Visibility Exclusions API
- Enhancement
- Updated unit tests
Unit test coverage
Name Stmts Miss Cover
------------------------------------------------------------------------------------
src/falconpy/__init__.py 10 0 100%
src/falconpy/_endpoint/__init__.py 83 0 100%
src/falconpy/_endpoint/_cloud_connect_aws.py 1 0 100%
src/falconpy/_endpoint/_cspm_registration.py 1 0 100%
src/falconpy/_endpoint/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/_d4c_registration.py 1 0 100%
src/falconpy/_endpoint/_detects.py 1 0 100%
src/falconpy/_endpoint/_device_control_policies.py 1 0 100%
src/falconpy/_endpoint/_event_streams.py 1 0 100%
src/falconpy/_endpoint/_falcon_complete_dashboard.py 1 0 100%
src/falconpy/_endpoint/_falconx_sandbox.py 1 0 100%
src/falconpy/_endpoint/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/_firewall_policies.py 1 0 100%
src/falconpy/_endpoint/_host_group.py 1 0 100%
src/falconpy/_endpoint/_hosts.py 1 0 100%
src/falconpy/_endpoint/_incidents.py 1 0 100%
src/falconpy/_endpoint/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/_intel.py 1 0 100%
src/falconpy/_endpoint/_ioa_exclusions.py 1 0 100%
src/falconpy/_endpoint/_iocs.py 1 0 100%
src/falconpy/_endpoint/_malquery.py 1 0 100%
src/falconpy/_endpoint/_ml_exclusions.py 1 0 100%
src/falconpy/_endpoint/_mssp.py 1 0 100%
src/falconpy/_endpoint/_oauth2.py 1 0 100%
src/falconpy/_endpoint/_overwatch_dashboard.py 1 0 100%
src/falconpy/_endpoint/_prevention_policies.py 1 0 100%
src/falconpy/_endpoint/_quick_scan.py 1 0 100%
src/falconpy/_endpoint/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/_real_time_response_admin.py 1 0 100%
src/falconpy/_endpoint/_sample_uploads.py 1 0 100%
src/falconpy/_endpoint/_sensor_download.py 1 0 100%
src/falconpy/_endpoint/_sensor_update_policies.py 1 0 100%
src/falconpy/_endpoint/_sensor_visibility_exclusions.py 1 0 100%
src/falconpy/_endpoint/_spotlight_vulnerabilities.py 1 0 100%
src/falconpy/_endpoint/_user_management.py 1 0 100%
src/falconpy/_endpoint/_zero_trust_assessment.py 1 0 100%
src/falconpy/_endpoint/deprecated/__init__.py 12 0 100%
src/falconpy/_endpoint/deprecated/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/deprecated/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/deprecated/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/deprecated/_iocs.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response_admin.py 1 0 100%
src/falconpy/_result.py 8 0 100%
src/falconpy/_service_class.py 44 0 100%
src/falconpy/_util.py 143 0 100%
src/falconpy/_version.py 8 0 100%
src/falconpy/api_complete.py 87 0 100%
src/falconpy/cloud_connect_aws.py 74 0 100%
src/falconpy/cspm_registration.py 128 0 100%
src/falconpy/custom_ioa.py 142 0 100%
src/falconpy/d4c_registration.py 71 0 100%
src/falconpy/detects.py 34 0 100%
src/falconpy/device_control_policies.py 77 0 100%
src/falconpy/event_streams.py 15 0 100%
src/falconpy/falcon_complete_dashboard.py 110 0 100%
src/falconpy/falconx_sandbox.py 82 0 100%
src/falconpy/firewall_management.py 148 0 100%
src/falconpy/firewall_policies.py 80 0 100%
src/falconpy/host_group.py 71 0 100%
src/falconpy/hosts.py 64 0 100%
src/falconpy/incidents.py 45 0 100%
src/falconpy/installation_tokens.py 67 0 100%
src/falconpy/intel.py 105 0 100%
src/falconpy/ioa_exclusions.py 43 0 100%
src/falconpy/iocs.py 60 0 100%
src/falconpy/malquery.py 71 0 100%
src/falconpy/ml_exclusions.py 43 0 100%
src/falconpy/mssp.py 159 0 100%
src/falconpy/oauth2.py 33 0 100%
src/falconpy/overwatch_dashboard.py 43 0 100%
src/falconpy/prevention_policy.py 77 0 100%
src/falconpy/quick_scan.py 29 0 100%
src/falconpy/real_time_response.py 147 0 100%
src/falconpy/real_time_response_admin.py 88 0 100%
src/falconpy/sample_uploads.py 31 0 100%
src/falconpy/sensor_download.py 42 0 100%
src/falconpy/sensor_update_policy.py 117 0 100%
src/falconpy/sensor_visibility_exclusions.py 43 0 100%
src/falconpy/spotlight_vulnerabilities.py 21 0 100%
src/falconpy/user_management.py 75 0 100%
src/falconpy/zero_trust_assessment.py 9 0 100%
------------------------------------------------------------------------------------
TOTAL 2879 0 100%Bandit analysis
[main] INFO running on Python 3.9.2
Run started:2021-04-24 18:39:48.789455
Test results:
No issues identified.
Code scanned:
Total lines of code: 18556
Total lines skipped (#nosec): 0
Run metrics:
Total issues (by severity):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Total issues (by confidence):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Files skipped (0):Added features and functionality
New Service Class pattern - Query String parameters can now be passed as function arguments.
This functionality is currently only available in the following new Service Classes while
regression testing is underway.
- Added: D4C Registration API Service Class (
d4c_registration.py)- GetCSPMAzureAccount
- CreateCSPMAzureAccount
- UpdateCSPMAzureAccountClientID
- GetCSPMAzureUserScriptsAttachment
- GetCSPMAzureUserScripts
- GetCSPMCGPAccount
- GetCSPMGCPAccount (redirects to GetCSPMCGPAccount)
- CreateCSPMGCPAccount
- GetCSPMGCPUserScriptsAttachment
- GetCSPMGCPUserScripts
- Added unit tests (
test_d4c_registration.py)
- Added: Installation Tokens API Service Class (
installation_tokens.py)- audit_events_read
- customer_settings_read
- tokens_read
- tokens_create
- tokens_delete
- tokens_update
- audit_events_query
- tokens_query
- Added unit tests (
test_installation_tokens.py)
- Added: IOA Exclusions API Service Class (
ioa_exclusions.py)- getIOAExclusionsV1
- createIOAExclusionsV1
- deleteIOAExclusionsV1
- updateIOAExclusionsV1
- queryIOAExclusionsV1
- Added unit tests (
test_ioa_exclusions.py)
- Added: Falcon Complete Dashboard API Service Class (
falcon_complete_dashboard.py)- AggregateAllowList
- AggregateBlockList
- AggregateDetections
- AggregateDeviceCountCollection
- AggregateEscalations
- AggregateFCIncidents
- AggregateRemediations
- QueryAllowListFilter
- QueryBlockListFilter
- QueryDetectionIdsByFilter
- GetDeviceCountCollectionQueriesByFilter
- QueryEscalationsFilter
- QueryIncidentIdsByFilter
- QueryRemediationsFilter
- Added unit tests (
test_falcon_complete_dashboard.py)
- Added: MalQuery API Service Class (
malquery.py)- GetMalQueryQuotasV1
- PostMalQueryFuzzySearchV1
- GetMalQueryDownloadV1
- GetMalQueryMetadataV1
- GetMalQueryRequestV1
- GetMalQueryEntitiesSamplesFetchV1
- PostMalQueryEntitiesSamplesMultidownloadV1
- PostMalQueryExactSearchV1
- PostMalQueryHuntV1
- Added unit tests (
test_malquery.py)
- Added: ML Exclusions API Service Class (
ml_exclusions.py)- getMLExclusionsV1
- createMLExclusionsV1
- deleteMLExclusionsV1
- updateMLExclusionsV1
- queryMLExclusionsV1
- Added unit tests (
test_ml_exclusions.py)
- Added: Overwatch Dashboard API Service Class (
overwatch_dashboard.py)- AggregatesDetectionsGlobalCounts
- AggregatesEventsCollections
- AggregatesEvents
- AggregatesIncidentsGlobalCounts
- AggregatesOWEventsGlobalCounts
- Added unit tests (
test_overwatch_dashboard.py)
- Added: Sensor Visibility Exclusions API Service Class (
sensor_visibility_exclusions.py)- getSensorVisibilityExclusionsV1
- createSVExclusionsV1
- deleteSensorVisibilityExclusionsV1
- updateSensorVisibilityExclusionsV1
- querySensorVisibilityExclusionsV1
- Added unit tests (
test_sensor_visibility_exclusions.py)
Other
- Added: args_to_params function (
_util.py) - Allows developers to specify parameter dictionary elements as function arguments- Unrecognized parameter values are discarded
- Initial testing in a limited number of Service Classes