Source code for laceworksdk.api.v2.alert_profiles

# -*- coding: utf-8 -*-
"""Lacework AlertProfiles API wrapper."""

from laceworksdk.api.crud_endpoint import CrudEndpoint


[docs] class AlertProfilesAPI(CrudEndpoint): """A class used to represent the `Alert Profiles API endpoint <https://docs.lacework.net/api/v2/docs/#tag/AlertProfiles>`_ An alert profile is a set of metadata that defines how your LQL queries get consumed into events and alerts. """ def __init__(self, session): """Initializes the AlertProfilesAPI object. Args: session (HttpSession): An instance of the HttpSession class Returns: AlertProfilesAPI: returns an AlertProfilesAPI object """ super().__init__(session, "AlertProfiles")
[docs] def create(self, alert_profile_id, alerts, extends, **request_params): """A method to create a new AlertProfiles object. Args: alert_profile_id (str): A unique ID to name the new alert profile extends (str):The base alert profile object. alerts (list of dict): A list of dictionaries containing alert details to create. Alert fields are: - name (str): The name of the alert. - eventName (str): The name to show in Event Triage. - description (str): The description to show in Event Triage. - subject (str): The subject to show in the Event Dossier. request_params (dict, optional): Use to pass any additional parameters the API Returns: dict: A JSON object containing the created Alert Profile """ return super().create( alert_profile_id=alert_profile_id, alerts=alerts, extends=extends, **request_params, )
[docs] def get(self, id=None): """A method to get AlertProfiles objects. Args: id (str): A string representing the alert profile ID. Returns: dict: The returned alert profile(s) """ return super().get(id=id)
[docs] def get_by_id(self, id): """A method to get an AlertProfiles object by ID. Args: id (str): A string representing the alert profile ID. Returns: dict: The returned alert profile(s) """ return self.get(id=id)
[docs] def search(self, **request_params): """ Search functionality is not yet implemented for Alert Profiles. """ pass
[docs] def update(self, id, alerts=None, **request_params): """A method to update an AlertProfiles object. Args: id (str): A string representing the object ID. alerts (list of dicts): A list of dictionaries containing alert details to update. Alert fields are: - name (str): The name of the alert. - eventName (str): The name to show in Event Triage. - description (str): The description to show in Event Triage. - subject (str): The subject to show in the Event Dossier. request_params (dict, optional): Use to pass any additional parameters the API Returns: dict: The updated Alert Profile """ return super().update(id=id, alerts=alerts, **request_params)
[docs] def delete(self, id): """A method to delete an AlertProfiles object. Args: id (str): A string representing the alert profile ID. Returns: requests.models.Response: a Requests response object containing the response code """ return super().delete(id=id)