Using this project requires at least Python 3.8.
- A thread-safe client for your application.
- HTTP pooling capabilities.
- Easy integration with Trend Vision One APIs.
| parameter | description |
|---|---|
| name | Identify the application using this library. |
| token | Authentication token created for your account. |
| url | Vision One API url this client connects to. |
| pool_connections | Number of connection pools to cache (defaults to 1). |
| pool_maxsize | Maximum size of the pool (defaults to 1). |
Installation
pip install pytmv1
Usage
>> import pytmv1
>> client = pytmv1.init("MyApplication", "Token", "https://api.xdr.trendmicro.com")
>> result = client.object.list_exception()
>> result.response
GetExceptionListResp(
next_link=None,
items=[
ExceptionObject(
url='https://*.example.com/path1/*',
type= < ObjectType.URL: 'url' >,
last_modified_date_time = '2023-01-12T14:05:37Z',
description = 'object description'
)
]
)
>> result.result_code
ResultCode.SUCCESSSet virtual env
python3 -m venv venv
source venv/bin/activateInstall dependencies
pip install -e ".[dev]"Build
hatch buildRun unit tests
pytest --verbose ./tests/unitRun integration tests
$url: Vision One API url (i.e: https://api.xdr.trendmicro.com)
pytest --mock-url="$url" --verbose ./tests/integration| Python | Vision One |
|---|---|
| Connectivity | |
system.check_connectivity |
Check availability of service |
| API Keys | |
api_key.create |
Create API Keys |
api_key.get |
Get API key |
api_key.update |
Update API key |
api_key.delete |
Delete API keys |
api_key.[list, consume] |
List API keys |
| Common | |
task.get_result |
Download response task results |
| Custom Scripts | |
script.create |
Add custom script |
script.download |
Download custom script |
script.update |
Update custom script |
script.delete |
Delete custom script |
script.run |
Run custom script |
script.[list, consume] |
List custom scripts |
| Domain Account | |
account.enable |
Enable user account |
account.disable |
Disable user account |
account.sign_out |
Force sign out |
account.reset |
Force password reset |
email.restore |
Restore email message |
email.quarantine |
Quarantine email message |
email.delete |
Delete email message |
| Endpoint | |
endpoint.collect_file |
Collect file |
endpoint.isolate |
Isolate endpoint |
endpoint.restore |
Restore endpoint |
endpoint.terminate_process |
Terminate process |
| Observed Attack Techniques | |
oat.[list, consume] |
Get Observed Attack Techniques events |
| Observed Attack Techniques Pipeline | |
oat.create_pipeline |
Registers a customer to the Observed Attack Techniques data pipeline |
oat.list_pipelines |
Get active data pipelines |
oat.update_pipeline |
Modify data pipeline settings |
oat.get_pipeline |
Get pipeline settings |
oat.delete_pipelines |
Unregister from data pipeline |
oat.list_packages/consume_packages |
Get Observed Attack Techniques event packages |
oat.get_package |
Get Observed Attack Techniques package |
| Sandbox Analysis | |
sandbox.submit_file |
Submit file to sandbox |
sandbox.submit_url |
Submit URLs to sandbox |
sandbox.get_analysis_result |
Get analysis results |
sandbox.get_submission_status |
Get submission status |
sandbox.download_analysis_result |
Download analysis results |
sandbox.download_investigation_package |
Download investigation package |
sandbox.list_suspicious |
Download suspicious object list |
| Search | |
email.get_activity_count |
Get email activity data count |
email.[list_activity, consume_activity] |
Get email activity data |
endpoint.get_activity_count |
Get endpoint activity data count |
endpoint.[list_data, consume_data] |
Get endpoint data |
endpoint.[list_activity, consume_activity] |
Get endpoint activity data |
| Suspicious Objects | |
object.add_block |
Add to block list |
object.delete_block |
Remove from block list |
| Suspicious Object Exception List | |
object.add_exception |
Add to exception list |
object.delete_exception |
Remove from exception list |
object.[list_exception, consume_exception] |
Get exception list |
| Suspicious Object List | |
object.add_suspicious |
Add to suspicious object list |
object.delete_suspicious |
Remove from suspicious object list |
object.[list_suspicious, consume_suspicious] |
List suspicious objects |
| Workbench | |
alert.get |
Get alert details |
alert.update_status |
Modify alert status |
alert.[list, consume] |
Get alerts list |
| Workbench Notes | |
note.create |
Add alert note |
note.get |
Get alert note |
note.update |
Edit alert note |
note.delete |
Delete alert notes |
note.[list, consume] |
Get alerts notes |
Read our contributing guide to learn about our development process, how to propose bug fixes and improvements, and how to build and test your changes to Trend Vision One.
Trend Micro has adopted a Code of Conduct that we expect project participants to adhere to. Please read the full text to understand what actions will and will not be tolerated.
Project distributed under the Apache 2.0 license.