FalconPy v1.4.2
This update implements the following:
- Adds 20 new API operations across 9 service collections
- Adds new arguments to 9 API operations
- Makes minor textual updates to argument description text
- Expands Environment Authentication functionality to allow developers to specify the names of the environment variables used
- Two bugs (#1122 and #1129) are resolved
- Enhancement
- Bug fixes
- Updated unit tests
- Documentation
Unit test coverage
Name Stmts Miss Cover
------------------------------------------------------------------------------------------
src/falconpy/__init__.py 92 0 100%
src/falconpy/_api_request/__init__.py 7 0 100%
src/falconpy/_api_request/_request.py 109 0 100%
src/falconpy/_api_request/_request_behavior.py 55 0 100%
src/falconpy/_api_request/_request_connection.py 8 0 100%
src/falconpy/_api_request/_request_meta.py 26 0 100%
src/falconpy/_api_request/_request_payloads.py 8 0 100%
src/falconpy/_api_request/_request_validator.py 6 0 100%
src/falconpy/_auth_object/__init__.py 6 0 100%
src/falconpy/_auth_object/_base_falcon_auth.py 13 0 100%
src/falconpy/_auth_object/_bearer_token.py 63 0 100%
src/falconpy/_auth_object/_falcon_interface.py 255 0 100%
src/falconpy/_auth_object/_interface_config.py 40 0 100%
src/falconpy/_auth_object/_uber_interface.py 42 0 100%
src/falconpy/_constant/__init__.py 11 0 100%
src/falconpy/_endpoint/__init__.py 172 0 100%
src/falconpy/_endpoint/_alerts.py 1 0 100%
src/falconpy/_endpoint/_cloud_connect_aws.py 1 0 100%
src/falconpy/_endpoint/_cloud_snapshots.py 1 0 100%
src/falconpy/_endpoint/_configuration_assessment.py 1 0 100%
src/falconpy/_endpoint/_configuration_assessment_evaluation_logic.py 1 0 100%
src/falconpy/_endpoint/_container_alerts.py 1 0 100%
src/falconpy/_endpoint/_container_detections.py 1 0 100%
src/falconpy/_endpoint/_container_images.py 1 0 100%
src/falconpy/_endpoint/_container_packages.py 1 0 100%
src/falconpy/_endpoint/_container_vulnerabilities.py 1 0 100%
src/falconpy/_endpoint/_cspm_registration.py 1 0 100%
src/falconpy/_endpoint/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/_custom_storage.py 1 0 100%
src/falconpy/_endpoint/_d4c_registration.py 1 0 100%
src/falconpy/_endpoint/_detects.py 1 0 100%
src/falconpy/_endpoint/_device_control_policies.py 1 0 100%
src/falconpy/_endpoint/_discover.py 1 0 100%
src/falconpy/_endpoint/_drift_indicators.py 1 0 100%
src/falconpy/_endpoint/_event_streams.py 1 0 100%
src/falconpy/_endpoint/_falcon_complete_dashboard.py 1 0 100%
src/falconpy/_endpoint/_falcon_container.py 1 0 100%
src/falconpy/_endpoint/_falconx_sandbox.py 1 0 100%
src/falconpy/_endpoint/_fdr.py 1 0 100%
src/falconpy/_endpoint/_filevantage.py 1 0 100%
src/falconpy/_endpoint/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/_firewall_policies.py 1 0 100%
src/falconpy/_endpoint/_foundry_logscale.py 1 0 100%
src/falconpy/_endpoint/_host_group.py 1 0 100%
src/falconpy/_endpoint/_hosts.py 1 0 100%
src/falconpy/_endpoint/_identity_protection.py 1 0 100%
src/falconpy/_endpoint/_image_assessment_policies.py 1 0 100%
src/falconpy/_endpoint/_incidents.py 1 0 100%
src/falconpy/_endpoint/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/_intel.py 1 0 100%
src/falconpy/_endpoint/_ioa_exclusions.py 1 0 100%
src/falconpy/_endpoint/_ioc.py 1 0 100%
src/falconpy/_endpoint/_iocs.py 1 0 100%
src/falconpy/_endpoint/_kubernetes_protection.py 1 0 100%
src/falconpy/_endpoint/_malquery.py 1 0 100%
src/falconpy/_endpoint/_message_center.py 1 0 100%
src/falconpy/_endpoint/_ml_exclusions.py 1 0 100%
src/falconpy/_endpoint/_mobile_enrollment.py 1 0 100%
src/falconpy/_endpoint/_mssp.py 1 0 100%
src/falconpy/_endpoint/_oauth2.py 1 0 100%
src/falconpy/_endpoint/_ods.py 1 0 100%
src/falconpy/_endpoint/_overwatch_dashboard.py 1 0 100%
src/falconpy/_endpoint/_prevention_policies.py 1 0 100%
src/falconpy/_endpoint/_quarantine.py 1 0 100%
src/falconpy/_endpoint/_quick_scan.py 1 0 100%
src/falconpy/_endpoint/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/_real_time_response_admin.py 1 0 100%
src/falconpy/_endpoint/_real_time_response_audit.py 1 0 100%
src/falconpy/_endpoint/_recon.py 1 0 100%
src/falconpy/_endpoint/_report_executions.py 1 0 100%
src/falconpy/_endpoint/_response_policies.py 1 0 100%
src/falconpy/_endpoint/_sample_uploads.py 1 0 100%
src/falconpy/_endpoint/_scheduled_reports.py 1 0 100%
src/falconpy/_endpoint/_sensor_download.py 1 0 100%
src/falconpy/_endpoint/_sensor_update_policies.py 1 0 100%
src/falconpy/_endpoint/_sensor_visibility_exclusions.py 1 0 100%
src/falconpy/_endpoint/_spotlight_evaluation_logic.py 1 0 100%
src/falconpy/_endpoint/_spotlight_vulnerabilities.py 1 0 100%
src/falconpy/_endpoint/_tailored_intelligence.py 1 0 100%
src/falconpy/_endpoint/_unidentified_containers.py 1 0 100%
src/falconpy/_endpoint/_user_management.py 1 0 100%
src/falconpy/_endpoint/_workflows.py 1 0 100%
src/falconpy/_endpoint/_zero_trust_assessment.py 1 0 100%
src/falconpy/_endpoint/deprecated/__init__.py 35 0 100%
src/falconpy/_endpoint/deprecated/_custom_ioa.py 1 0 100%
src/falconpy/_endpoint/deprecated/_d4c_registration.py 1 0 100%
src/falconpy/_endpoint/deprecated/_discover.py 1 0 100%
src/falconpy/_endpoint/deprecated/_fdr.py 1 0 100%
src/falconpy/_endpoint/deprecated/_firewall_management.py 1 0 100%
src/falconpy/_endpoint/deprecated/_hosts.py 1 0 100%
src/falconpy/_endpoint/deprecated/_identity_protection.py 1 0 100%
src/falconpy/_endpoint/deprecated/_installation_tokens.py 1 0 100%
src/falconpy/_endpoint/deprecated/_ioc.py 1 0 100%
src/falconpy/_endpoint/deprecated/_iocs.py 1 0 100%
src/falconpy/_endpoint/deprecated/_mapping.py 2 0 100%
src/falconpy/_endpoint/deprecated/_ods.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response.py 1 0 100%
src/falconpy/_endpoint/deprecated/_real_time_response_admin.py 1 0 100%
src/falconpy/_endpoint/deprecated/_report_executions.py 1 0 100%
src/falconpy/_endpoint/deprecated/_scheduled_reports.py 1 0 100%
src/falconpy/_endpoint/deprecated/_zero_trust_assessment.py 1 0 100%
src/falconpy/_enum/__init__.py 4 0 100%
src/falconpy/_enum/_base_url.py 7 0 100%
src/falconpy/_enum/_container_base_url.py 6 0 100%
src/falconpy/_enum/_token_fail_reason.py 4 0 100%
src/falconpy/_error/__init__.py 3 0 100%
src/falconpy/_error/_exceptions.py 68 0 100%
src/falconpy/_error/_warnings.py 73 0 100%
src/falconpy/_log/__init__.py 2 0 100%
src/falconpy/_log/_facility.py 34 0 100%
src/falconpy/_payload/__init__.py 30 0 100%
src/falconpy/_payload/_alerts.py 11 0 100%
src/falconpy/_payload/_cloud_connect_aws.py 23 0 100%
src/falconpy/_payload/_cloud_snapshots.py 22 0 100%
src/falconpy/_payload/_container.py 66 0 100%
src/falconpy/_payload/_cspm_registration.py 64 0 100%
src/falconpy/_payload/_d4c_registration.py 38 0 100%
src/falconpy/_payload/_detects.py 15 0 100%
src/falconpy/_payload/_device_control_policy.py 33 0 100%
src/falconpy/_payload/_falconx.py 25 0 100%
src/falconpy/_payload/_filevantage.py 34 0 100%
src/falconpy/_payload/_firewall.py 122 0 100%
src/falconpy/_payload/_foundry.py 16 0 100%
src/falconpy/_payload/_generic.py 66 0 100%
src/falconpy/_payload/_host_group.py 31 0 100%
src/falconpy/_payload/_incidents.py 15 0 100%
src/falconpy/_payload/_ioa.py 35 0 100%
src/falconpy/_payload/_ioc.py 52 0 100%
src/falconpy/_payload/_malquery.py 56 0 100%
src/falconpy/_payload/_message_center.py 22 0 100%
src/falconpy/_payload/_mssp.py 15 0 100%
src/falconpy/_payload/_ods.py 13 0 100%
src/falconpy/_payload/_prevention_policy.py 19 0 100%
src/falconpy/_payload/_real_time_response.py 27 0 100%
src/falconpy/_payload/_recon.py 84 0 100%
src/falconpy/_payload/_reports.py 19 0 100%
src/falconpy/_payload/_response_policy.py 19 0 100%
src/falconpy/_payload/_sample_uploads.py 9 0 100%
src/falconpy/_payload/_sensor_update_policy.py 30 0 100%
src/falconpy/_payload/_workflows.py 42 0 100%
src/falconpy/_result/__base_resource.py 28 0 100%
src/falconpy/_result/__init__.py 9 0 100%
src/falconpy/_result/_base_dictionary.py 31 0 100%
src/falconpy/_result/_errors.py 2 0 100%
src/falconpy/_result/_expanded_result.py 7 0 100%
src/falconpy/_result/_headers.py 25 0 100%
src/falconpy/_result/_meta.py 30 0 100%
src/falconpy/_result/_resources.py 14 0 100%
src/falconpy/_result/_response_component.py 24 0 100%
src/falconpy/_result/_result.py 220 0 100%
src/falconpy/_service_class/__init__.py 3 0 100%
src/falconpy/_service_class/_base_service_class.py 118 0 100%
src/falconpy/_service_class/_service_class.py 92 0 100%
src/falconpy/_util/__init__.py 5 0 100%
src/falconpy/_util/_auth.py 18 0 100%
src/falconpy/_util/_functions.py 392 0 100%
src/falconpy/_util/_service.py 3 0 100%
src/falconpy/_util/_uber.py 49 0 100%
src/falconpy/_version.py 33 0 100%
src/falconpy/alerts.py 62 0 100%
src/falconpy/api_complete/__init__.py 3 0 100%
src/falconpy/api_complete/_advanced.py 57 0 100%
src/falconpy/api_complete/_legacy.py 202 0 100%
src/falconpy/cloud_connect_aws.py 48 0 100%
src/falconpy/cloud_snapshots.py 33 0 100%
src/falconpy/configuration_assessment.py 13 0 100%
src/falconpy/configuration_assessment_evaluation_logic.py 9 0 100%
src/falconpy/container_alerts.py 17 0 100%
src/falconpy/container_detections.py 33 0 100%
src/falconpy/container_images.py 45 0 100%
src/falconpy/container_packages.py 25 0 100%
src/falconpy/container_vulnerabilities.py 45 0 100%
src/falconpy/cspm_registration.py 204 0 100%
src/falconpy/custom_ioa.py 86 0 100%
src/falconpy/custom_storage.py 68 0 100%
src/falconpy/d4c_registration.py 114 0 100%
src/falconpy/detects.py 32 0 100%
src/falconpy/device_control_policies.py 78 0 100%
src/falconpy/discover.py 38 0 100%
src/falconpy/drift_indicators.py 25 0 100%
src/falconpy/event_streams.py 20 0 100%
src/falconpy/falcon_complete_dashboard.py 111 0 100%
src/falconpy/falcon_container.py 57 0 100%
src/falconpy/falconx_sandbox.py 86 0 100%
src/falconpy/fdr.py 23 0 100%
src/falconpy/filevantage.py 127 0 100%
src/falconpy/firewall_management.py 139 0 100%
src/falconpy/firewall_policies.py 71 0 100%
src/falconpy/foundry_logscale.py 62 0 100%
src/falconpy/host_group.py 61 0 100%
src/falconpy/hosts.py 113 0 100%
src/falconpy/identity_protection.py 34 0 100%
src/falconpy/image_assessment_policies.py 63 0 100%
src/falconpy/incidents.py 41 0 100%
src/falconpy/installation_tokens.py 43 0 100%
src/falconpy/intel.py 105 0 100%
src/falconpy/ioa_exclusions.py 33 0 100%
src/falconpy/ioc.py 94 0 100%
src/falconpy/iocs.py 40 0 100%
src/falconpy/kubernetes_protection.py 254 0 100%
src/falconpy/malquery.py 50 0 100%
src/falconpy/message_center.py 81 0 100%
src/falconpy/ml_exclusions.py 35 0 100%
src/falconpy/mobile_enrollment.py 18 0 100%
src/falconpy/mssp.py 174 0 100%
src/falconpy/oauth2.py 30 0 100%
src/falconpy/ods.py 73 0 100%
src/falconpy/overwatch_dashboard.py 31 0 100%
src/falconpy/prevention_policy.py 62 0 100%
src/falconpy/quarantine.py 46 0 100%
src/falconpy/quick_scan.py 27 0 100%
src/falconpy/real_time_response.py 127 0 100%
src/falconpy/real_time_response_admin.py 83 0 100%
src/falconpy/real_time_response_audit.py 10 0 100%
src/falconpy/recon.py 128 0 100%
src/falconpy/report_executions.py 24 0 100%
src/falconpy/response_policies.py 61 0 100%
src/falconpy/sample_uploads.py 79 0 100%
src/falconpy/scheduled_reports.py 20 0 100%
src/falconpy/sensor_download.py 55 0 100%
src/falconpy/sensor_update_policy.py 110 0 100%
src/falconpy/sensor_visibility_exclusions.py 33 0 100%
src/falconpy/spotlight_evaluation_logic.py 23 0 100%
src/falconpy/spotlight_vulnerabilities.py 31 0 100%
src/falconpy/tailored_intelligence.py 41 0 100%
src/falconpy/unidentified_containers.py 17 0 100%
src/falconpy/user_management.py 139 0 100%
src/falconpy/workflows.py 84 0 100%
src/falconpy/zero_trust_assessment.py 23 0 100%
------------------------------------------------------------------------------------------
TOTAL 7919 0 100%Bandit analysis
[main] INFO profile include tests: None
[main] INFO profile exclude tests: None
[main] INFO cli include tests: None
[main] INFO cli exclude tests: None
[main] INFO running on Python 3.11.4
Run started:2024-03-20 16:59:57.582211
Test results:
No issues identified.
Code scanned:
Total lines of code: 66538
Total lines skipped (#nosec): 0
Run metrics:
Total issues (by severity):
Undefined: 0
Low: 0
Medium: 0
High: 0
Total issues (by confidence):
Undefined: 0
Low: 0
Medium: 0
High: 0
Files skipped (0):Added features and functionality
-
Expanded: Environment Authentication functionality has been expanded to allow developers to customize the names of the environment keys used to store API credentials.
_auth_object/_falcon_interface.py_auth_object/_uber_interface.py
Unit testing expanded to complete code coverage.
tests/test_authentications.py
from falconpy import Hosts # We can now define the prefix and the names of the # environment values used for API key lookups environment_keys = { "prefix": "CROWDSTRIKE_", "id_name": "API_ID", "secret_name": "API_SECRET" } # These values are provided as a dictionary to the class hosts = Hosts(environment=environment_keys) # Usage of the class is the same results = hosts.query_devices_by_filter_scroll()
-
Added:
include_hiddenargument added to the PostAggregatesAlertsV2, PatchEntitiesAlertsV3, PostEntitiesAlertsV2 and GetQueriesAlertsV2 operations within the Alerts Service Class.alerts.py
-
Added: Added 4 new operations to the Cloud Snapshots service collection.
- ReadDeploymentsCombined
- ReadDeploymentsEntities
- CreateDeploymentEntity
- GetScanReport
_endpoint/_cloud_snapshots.py_payload/__init__.py_payload/_cloud_snapshots.pycloud_snapshots.py
Unit testing expanded to complete code coverage.
tests/test_cloud_snapshots.py
-
Added: Added GetRuntimeDetectionsCombinedV2 to the Container Detections service collection.
_endpoint/_container_detections.pycontainer_detections.py
Unit testing expanded to complete code coverage.
tests/test_container_detections.py
-
Added: Added 3 new operations to the CSPM Registration service collection.
- DeleteCSPMAzureManagementGroup
- GetCSPMGCPValidateAccountsExt
- ValidateCSPMGCPServiceAccountExt
_endpoint/_cspm_registration.py_payload/__init__.py_payload/_cspm_registration.pycspm_registration.py
Unit testing expanded to complete code coverage.
tests/test_cspm_registration.py
-
Added: Added query_iot_hostsV2 operation to the Discover service collection.
_endpoint/_discover.py_endpoint/deprecated/_discover.pydiscover.py
Unit testing expanded to complete code coverage.
tests/test_discover.py
-
Added: Added AggregateSupportIssues operation to the Falcon Complete Dashboard service collection.
_endpoint/_falcon_complete_dashboard.pyfalcon_complete_dashboard.py
Unit testing expanded to complete code coverage.
tests/test_falcon_complete_dashboard.py
-
Added: Added IngestDataAsyncV1 operation to the Foundry LogScale service collection.
_endpoint/_foundry_logscale.pyfoundry_logscale.py
Unit testing expanded to complete code coverage.
tests/test_foundry_logscale.py
-
Added: Added
infer_json_typesandmatch_response_schemaarguments to the CreateSavedSearchesDynamicExecuteV1, GetSavedSearchesExecuteV1 and CreateSavedSearchesExecuteV1 operations within the Foundry LogScale service collection._endpoint/_foundry_logscale.pyfoundry_logscale.py
-
Added: Added
infer_json_typesargument to the GetSavedSearchesJobResultsDownloadV1 operation within the Foundry LogScale service collection._endpoint/_foundry_logscale.pyfoundry_logscale.py
-
Added: Added 3 new operations to the Intel service collection.
- GetMalwareEntities
- QueryMalware
- QueryMitreAttacksForMalware
_endpoint/_intel.pyintel.py
Unit testing expanded to complete code coverage.
tests/test_intel.py
-
Added: Added 4 new operations to the Sensor Download service collection.
- GetCombinedSensorInstallersByQueryV2
- DownloadSensorInstallerByIdV2
- GetSensorInstallersEntitiesV2
- GetSensorInstallersByQueryV2
_endpoint/_sensor_download.pysensor_download.py
Unit testing expanded to complete code coverage.
tests/test_sensor_download.py
-
Added: Added
sanitizeargument to the WorkflowDefinitionsExport operation within the Workflows service collection._endpoint/_workflows.pyworkflows.py
-
Added: Added 2 new operations to the Workflows service collection.
- WorkflowExecuteInternal
- WorkflowMockExecute
_endpoint/workflows.py_payload/__init__.py_payload/_workflows.pyworkflows.py
Unit testing expanded to complete code coverage.
tests/test_workflows.py
Issue resolved
-
Fixed: Resolved parsing issue with formData arguments provided to the ArchiveUploadV2 operation within the SampleUploads Service Class. Closes #1122.
sample_uploads.py
-
Fixed: Resolved conversion issue with query string boolean parameters not being properly converted to lowercase before API submission. Closes #1129.
_util/_functions.py
Other
-
Updated: Updated
bodyargument description for the PatchEntitiesAlertsV3 operation within the endpoint module._endpoint/_alerts.py
-
Updated: Added
highest_cps_current_ratingas an allowed sort parameter to the ReadCombinedImagesExport operation within the Container Images service collection._endpoint/_container_images.py
-
Updated: Added
watch_permissions_key_changesoption to the createRules operation within the FileVantage service collection._endpoint/_filevantage.py
-
Updated: Updated operation and argument descriptions in the deprecated IOCS service collection.
_endpoint/_iocs.py
-
Updated: Added
preventedas an allowed filter to the ReadKubernetesIomByDateRange, ReadKubernetesIomCount, SearchAndReadKubernetesIomEntities and SearchKubernetesIoms operations within the Kubernetes Protection service collection._endpoint/_kubernetes_protection.py
-
Updated: Updated the
bodyargument description for the BatchAdminCmd and RTR_ExecuteAdminCommand operations within the Real Time Response Admin service collection._endpoint/_real_time_response_admin.py_endpoint/deprecated/_real_time_response_admin.py
-
Updated: Updated the
bodyargument description for the BatchActiveResponderCmd, BatchCmd, RTR_ExecuteActiveResponderCommand, and RTR_ExecuteCommand operations within the Real Time Response service collection._endpoint/_real_time_response.py_endpoint/deprecated/_real_time_response.py
-
Removed: The CreateInventory operation is removed from the Cloud Snapshots Service Class.
_payload/__init__.py_payload/_cloud_snapshots.pycloud_snapshots.py
Unit testing updated to reflect current functionality.
tests/test_cloud_snapshots.py
-
Removed: The WorkflowDefinitionsCreate operation is removed from the Workflows service collection.
_endpoint/_workflows.pyworkflows.py
Unit testing updated to reflect current functionality.
tests/test_workflows.py