This repository has been archived by the owner on Mar 25, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 13
/
pc-alert-get.py
117 lines (93 loc) · 3.01 KB
/
pc-alert-get.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
from __future__ import print_function
try:
input = raw_input
except NameError:
pass
import pc_lib_api
import pc_lib_general
import json
# --Execution Block-- #
# --Parse command line arguments-- #
parser = pc_lib_general.pc_arg_parser_defaults()
parser.add_argument(
'--detailed',
action='store_true',
help='(Optional) - Detailed alerts response.')
parser.add_argument(
'-fas',
'--alertstatus',
type=str,
help='(Optional) - Filter - Alert Status.')
parser.add_argument(
'-fpt',
'--policytype',
type=str,
help='(Optional) - Filter - Policy Type.')
parser.add_argument(
'-tr',
'--timerange',
type=int,
default=30,
help='(Optional) - Time Range in days. Defaults to 30.')
parser.add_argument(
'-l',
'--limit',
type=int,
default=500,
help='(Optional) - Return values limit (Default to 500).')
args = parser.parse_args()
# --End parse command line arguments-- #
#### Example of using the v2 alerts API call with a filter ####
# --Main-- #
# Get login details worked out
pc_settings = pc_lib_general.pc_login_get(args.username, args.password, args.uiurl, args.config_file)
# Verification (override with -y)
if not args.yes:
print()
print('Ready to execute commands against your Prisma Cloud tenant.')
verification_response = str(input('Would you like to continue (y or yes to continue)?'))
continue_response = {'yes', 'y'}
print()
if verification_response not in continue_response:
pc_lib_general.pc_exit_error(400, 'Verification failed due to user response. Exiting...')
# Sort out API Login
print('API - Getting authentication token...', end='')
pc_settings = pc_lib_api.pc_jwt_get(pc_settings)
print('Done.')
# Sort out and built the filters JSON
print('Local - Building the filter JSON package...', end='')
alerts_filter = {}
if args.detailed:
alerts_filter['detailed'] = True
else:
alerts_filter['detailed'] = False
alerts_filter['timeRange'] = {}
alerts_filter['timeRange']['type'] = "relative"
alerts_filter['timeRange']['value'] = {}
alerts_filter['timeRange']['value']['unit'] = "day"
alerts_filter['timeRange']['value']['amount'] = args.timerange
alerts_filter['sortBy'] = ["id:asc"]
alerts_filter['offset'] = 0
alerts_filter['limit'] = args.limit
alerts_filter['filters'] = []
if args.alertstatus is not None:
temp_filter = {}
temp_filter['operator'] = "="
temp_filter['name'] = "alert.status"
temp_filter['value'] = args.alertstatus
alerts_filter['filters'].append(temp_filter)
if args.policytype is not None:
temp_filter = {}
temp_filter['operator'] = "="
temp_filter['name'] = "policy.type"
temp_filter['value'] = args.policytype
alerts_filter['filters'].append(temp_filter)
print('Done.')
# Get alerts list
print('API - Getting alerts list...', end='')
pc_settings, response_package = pc_lib_api.api_alert_v2_list_get(pc_settings, data=alerts_filter)
alerts_list = response_package['data']
print('Done.')
# Print the list to the screen
print()
print(json.dumps(alerts_list))