-
Notifications
You must be signed in to change notification settings - Fork 4
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Showing
4 changed files
with
80 additions
and
68 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| ## IntelOwl Class | ||
|
|
||
| ::: docs.Submodules.pyintelowl.pyintelowl.IntelOwl |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| ## IntelOwlClientException Class | ||
|
|
||
| ::: docs.Submodules.pyintelowl.pyintelowl.exceptions.IntelOwlClientException |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,92 +1,95 @@ | ||
| :fontawesome-brands-github: [PyIntelOwl Repository](https://github.com/intelowlproject/pyintelowl) | ||
|
|
||
| # PyIntelOwl | ||
| # Welcome to PyIntelOwl's documentation! | ||
|
|
||
| [](https://badge.fury.io/py/pyintelowl) | ||
| [](https://pypi.python.org/pypi/pyintelowl/) | ||
| ## Robust Python SDK and Command Line Client for interacting with IntelOwl API. | ||
|
|
||
| [](https://github.com/intelowlproject/pyintelowl/actions/workflows/pull_request_automation.yml) | ||
| [](https://codecov.io/gh/intelowlproject/pyintelowl) | ||
| [](https://www.codefactor.io/repository/github/intelowlproject/pyintelowl) | ||
| ### Installation | ||
|
|
||
| Robust Python **SDK** and **Command Line Client** for interacting with [IntelOwl](https://github.com/intelowlproject/IntelOwl)'s API. | ||
|
|
||
| ## Features | ||
|
|
||
| - Easy one-time configuration with self documented help and hints along the way. | ||
| - Request new analysis for observables and files. | ||
| - Select which analyzers you want to run for every analysis you perform. | ||
| - Choose whether you want to HTTP poll for the analysis to finish or not. | ||
| - List all jobs or view one job in a prettified tabular form. | ||
| - List all tags or view one tag in a prettified tabular form. | ||
| - Tabular view of the `analyzer_config.json` and `connector_config.json` from IntelOwl with RegEx matching capabilities. | ||
|
|
||
| ## Demo | ||
|
|
||
| [](https://asciinema.org/a/z7L93lsIzOQ0Scve7hMl30mJJ?t=5) | ||
|
|
||
| ## Installation | ||
|
|
||
| ```bash | ||
| $ pip3 install pyintelowl | ||
| ``` | ||
| pip install pyintelowl | ||
| ``` | ||
|
|
||
| For development/testing, `pip3 install pyintelowl[dev]` | ||
|
|
||
| ## Quickstart | ||
|
|
||
| ### As Command Line Client | ||
| ### Usage as CLI | ||
|
|
||
| On successful installation, The `pyintelowl` entryscript should be directly invokable. For example, | ||
| ``` | ||
| pyintelowl | ||
| Usage: pyintelowl [OPTIONS] COMMAND [ARGS]... | ||
| Options: | ||
| -d, --debug Set log level to DEBUG | ||
| --version Show the version and exit. | ||
| -h, --help Show this message and exit. | ||
| Commands: | ||
| analyse Send new analysis request | ||
| analyzer-healthcheck Send healthcheck request for an analyzer... | ||
| config Set or view config variables | ||
| connector-healthcheck Send healthcheck request for a connector | ||
| get-analyzer-config Get current state of `analyzer_config.json` from... | ||
| get-connector-config Get current state of `connector_config.json` from... | ||
| get-playbook-config Get current state of `playbook_config.json` from... | ||
| jobs Manage Jobs | ||
| tags Manage tags | ||
| ``` | ||
|
|
||
| ```bash | ||
| $ pyintelowl | ||
| Usage: pyintelowl [OPTIONS] COMMAND [ARGS]... | ||
| #### Configuration: | ||
|
|
||
| Options: | ||
| -d, --debug Set log level to DEBUG | ||
| --version Show the version and exit. | ||
| -h, --help Show this message and exit. | ||
| You can use `set` to set the config variables and `get` to view them. | ||
|
|
||
| Commands: | ||
| analyse Send new analysis request | ||
| analyzer-healthcheck Send healthcheck request for an analyzer... | ||
| config Set or view config variables | ||
| connector-healthcheck Send healthcheck request for a connector | ||
| get-analyzer-config Get current state of `analyzer_config.json` from... | ||
| get-connector-config Get current state of `connector_config.json` from... | ||
| jobs Manage Jobs | ||
| tags Manage tags | ||
| ``` | ||
|
|
||
| ### As a library / SDK | ||
|
|
||
| ```python | ||
| from pyintelowl import IntelOwl | ||
| obj = IntelOwl("<your_api_key>", "<your_intelowl_instance_url>", "optional<path_to_pem_file>", "optional<proxies>") | ||
| pyintelowl config set -k 4bf03f20add626e7138f4023e4cf52b8 -u "http://localhost:80" | ||
| pyintelowl config get | ||
| ``` | ||
|
|
||
| For more comprehensive documentation, please see https://pyintelowl.readthedocs.io/. | ||
| #### Hint | ||
| The CLI would is well-documented which will help you navigate various commands easily. Invoke `pyintelowl -h` or `pyintelowl <command> -h` to get help. | ||
|
|
||
| ## Changelog | ||
|
|
||
| View [CHANGELOG.md](https://github.com/intelowlproject/pyintelowl/blob/master/.github/CHANGELOG.md). | ||
| ### Usage as SDK/library | ||
|
|
||
| ## FAQ | ||
| ```python | ||
| from pyintelowl import IntelOwl, IntelOwlClientException | ||
| obj = IntelOwl( | ||
| "4bf03f20add626e7138f4023e4cf52b8", | ||
| "http://localhost:80", | ||
| None, | ||
| ) | ||
| """ | ||
| obj = IntelOwl( | ||
| "<your_api_key>", | ||
| "<your_intelowl_instance_url>", | ||
| "optional<path_to_pem_file>" | ||
| "optional<proxies>" | ||
| ) | ||
| """ | ||
|
|
||
| try: | ||
| ans = obj.get_analyzer_configs() | ||
| print(ans) | ||
| except IntelOwlClientException as e: | ||
| print("Oh no! Error: ", e) | ||
| ``` | ||
|
|
||
| #### Generate API key | ||
| #### Tip | ||
|
|
||
| You need a valid API key to interact with the IntelOwl server. | ||
| Keys should be created from the admin interface of [IntelOwl](https://github.com/intelowlproject/intelowl): you have to go in the _Durin_ section (click on `Auth tokens`) and generate a key there. | ||
| We very much recommend going through the [:class:`pyintelowl.pyintelowl.IntelOwl`](https://github.com/intelowlproject/pyintelowl/blob/master/docs/index.rst#id1) docs. | ||
|
|
||
| #### Incompatibility after version 3.0 | ||
| ### Index | ||
|
|
||
| We did a complete rewrite of the PyIntelOwl client and CLI both for the version `3.0.0`. We very much recommend you to update to the latest version to enjoy all new features. | ||
| ``` | ||
| .. toctree:: | ||
| :maxdepth: 2 | ||
| :caption: Usage | ||
| #### (old auth method) JWT Token Authentication | ||
| pyintelowl | ||
| ``` | ||
|
|
||
| > this auth was available in IntelOwl versions <1.8.0 and pyintelowl versions <2.0.0 | ||
| ``` | ||
| .. toctree:: | ||
| :maxdepth: 2 | ||
| :caption: Development | ||
| From the admin interface of IntelOwl, you have to go in the _Outstanding tokens_ section and generate a token there. | ||
| tests | ||
| You can use it by pasting it into the file [api_token.txt](api_token.txt). | ||
| ``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters