:py:mod:`laceworksdk.api.v2.entities` ===================================== .. py:module:: laceworksdk.api.v2.entities .. autoapi-nested-parse:: Lacework Entities API wrapper. Module Contents --------------- Classes ~~~~~~~ .. autoapisummary:: laceworksdk.api.v2.entities.EntitiesAPI .. py:class:: EntitiesAPI(session) A class used to represent the `Entities API endpoint `_ The Entities API endpoint is simply a parent for different types of entities that can be queried. Attributes: ---------- applications: A ApplicationsAPI instance. command_lines: A CommandLinesAPI instance. containers: A ContainersAPI instance. files: A FilesAPI instance. images: A ImagesAPI instance. internal_ip_addresses: A InternalIPAddressesAPI instance. k8s_pods: A K8sPodsAPI instance. machines: A MachinesAPI instance. machine_details: A MachineDetailsAPI instance. network_interfaces: A NetworkInterfacesAPI instance. new_file_hashes: A NewFileHashesAPI instance. packages: A PackagesAPI instance. processes: A ProcessesAPI instance. users: A UsersAPI instance. .. py:class:: ApplicationsAPI(session, object_type, endpoint_root='/api/v2') Bases: :py:obj:`laceworksdk.api.search_endpoint.SearchEndpoint` A class used to represent the Applications API endpoint. Methods: ------- search(json=None) A method to search Applications objects. .. py:property:: session Get the :class:`HttpSession` instance the object is using. .. py:method:: search(json=None, resource=None) A method to search objects. See the API documentation for this API endpoint for valid fields to search against. NOTE: While the "value" and "values" fields are marked as "optional" you must use one of them, depending on the operation you are using. :param json: The desired search parameters: - timeFilter (dict, optional): A dict containing the time frame for the search: - startTime (str): The start time for the search - endTime (str): The end time for the search - filters (list of dict, optional): Filters based on field contents: - field (str): The name of the data field to which the condition applies - expression (str): The comparison operator for the filter condition. Valid values are: "eq", "ne", "in", "not_in", "like", "ilike", "not_like", "not_ilike", "not_rlike", "rlike", "gt", "ge", "lt", "le", "between" - value (str, optional): The value that the condition checks for in the specified field. Use this attribute when using an operator that requires a single value. - values (list of str, optional): The values that the condition checks for in the specified field. Use this attribute when using an operator that requires multiple values. - returns (list of str, optional): The fields to return :type json: dict :param resource: The Lacework API resource to search (Example: "AlertChannels") :type resource: str :Yields: *dict* -- returns a generator which yields a page of objects at a time as returned by the Lacework API. .. py:class:: CommandLinesAPI(session, object_type, endpoint_root='/api/v2') Bases: :py:obj:`laceworksdk.api.search_endpoint.SearchEndpoint` A class used to represent the Command Lines API endpoint. Methods: ------- search(json=None) A method to search CommandLines objects. .. py:property:: session Get the :class:`HttpSession` instance the object is using. .. py:method:: search(json=None, resource=None) A method to search objects. See the API documentation for this API endpoint for valid fields to search against. NOTE: While the "value" and "values" fields are marked as "optional" you must use one of them, depending on the operation you are using. :param json: The desired search parameters: - timeFilter (dict, optional): A dict containing the time frame for the search: - startTime (str): The start time for the search - endTime (str): The end time for the search - filters (list of dict, optional): Filters based on field contents: - field (str): The name of the data field to which the condition applies - expression (str): The comparison operator for the filter condition. Valid values are: "eq", "ne", "in", "not_in", "like", "ilike", "not_like", "not_ilike", "not_rlike", "rlike", "gt", "ge", "lt", "le", "between" - value (str, optional): The value that the condition checks for in the specified field. Use this attribute when using an operator that requires a single value. - values (list of str, optional): The values that the condition checks for in the specified field. Use this attribute when using an operator that requires multiple values. - returns (list of str, optional): The fields to return :type json: dict :param resource: The Lacework API resource to search (Example: "AlertChannels") :type resource: str :Yields: *dict* -- returns a generator which yields a page of objects at a time as returned by the Lacework API. .. py:class:: ContainersAPI(session, object_type, endpoint_root='/api/v2') Bases: :py:obj:`laceworksdk.api.search_endpoint.SearchEndpoint` A class used to represent the Containers API endpoint. Methods: ------- search(json=None) A method to search Containers objects. .. py:property:: session Get the :class:`HttpSession` instance the object is using. .. py:method:: search(json=None, resource=None) A method to search objects. See the API documentation for this API endpoint for valid fields to search against. NOTE: While the "value" and "values" fields are marked as "optional" you must use one of them, depending on the operation you are using. :param json: The desired search parameters: - timeFilter (dict, optional): A dict containing the time frame for the search: - startTime (str): The start time for the search - endTime (str): The end time for the search - filters (list of dict, optional): Filters based on field contents: - field (str): The name of the data field to which the condition applies - expression (str): The comparison operator for the filter condition. Valid values are: "eq", "ne", "in", "not_in", "like", "ilike", "not_like", "not_ilike", "not_rlike", "rlike", "gt", "ge", "lt", "le", "between" - value (str, optional): The value that the condition checks for in the specified field. Use this attribute when using an operator that requires a single value. - values (list of str, optional): The values that the condition checks for in the specified field. Use this attribute when using an operator that requires multiple values. - returns (list of str, optional): The fields to return :type json: dict :param resource: The Lacework API resource to search (Example: "AlertChannels") :type resource: str :Yields: *dict* -- returns a generator which yields a page of objects at a time as returned by the Lacework API. .. py:class:: FilesAPI(session, object_type, endpoint_root='/api/v2') Bases: :py:obj:`laceworksdk.api.search_endpoint.SearchEndpoint` A class used to represent the Files API endpoint. Methods: ------- search(json=None) A method to search Files objects. .. py:property:: session Get the :class:`HttpSession` instance the object is using. .. py:method:: search(json=None, resource=None) A method to search objects. See the API documentation for this API endpoint for valid fields to search against. NOTE: While the "value" and "values" fields are marked as "optional" you must use one of them, depending on the operation you are using. :param json: The desired search parameters: - timeFilter (dict, optional): A dict containing the time frame for the search: - startTime (str): The start time for the search - endTime (str): The end time for the search - filters (list of dict, optional): Filters based on field contents: - field (str): The name of the data field to which the condition applies - expression (str): The comparison operator for the filter condition. Valid values are: "eq", "ne", "in", "not_in", "like", "ilike", "not_like", "not_ilike", "not_rlike", "rlike", "gt", "ge", "lt", "le", "between" - value (str, optional): The value that the condition checks for in the specified field. Use this attribute when using an operator that requires a single value. - values (list of str, optional): The values that the condition checks for in the specified field. Use this attribute when using an operator that requires multiple values. - returns (list of str, optional): The fields to return :type json: dict :param resource: The Lacework API resource to search (Example: "AlertChannels") :type resource: str :Yields: *dict* -- returns a generator which yields a page of objects at a time as returned by the Lacework API. .. py:class:: ImagesAPI(session, object_type, endpoint_root='/api/v2') Bases: :py:obj:`laceworksdk.api.search_endpoint.SearchEndpoint` A class used to represent the Images API endpoint. Methods: ------- search(json=None) A method to search Images objects. .. py:property:: session Get the :class:`HttpSession` instance the object is using. .. py:method:: search(json=None, resource=None) A method to search objects. See the API documentation for this API endpoint for valid fields to search against. NOTE: While the "value" and "values" fields are marked as "optional" you must use one of them, depending on the operation you are using. :param json: The desired search parameters: - timeFilter (dict, optional): A dict containing the time frame for the search: - startTime (str): The start time for the search - endTime (str): The end time for the search - filters (list of dict, optional): Filters based on field contents: - field (str): The name of the data field to which the condition applies - expression (str): The comparison operator for the filter condition. Valid values are: "eq", "ne", "in", "not_in", "like", "ilike", "not_like", "not_ilike", "not_rlike", "rlike", "gt", "ge", "lt", "le", "between" - value (str, optional): The value that the condition checks for in the specified field. Use this attribute when using an operator that requires a single value. - values (list of str, optional): The values that the condition checks for in the specified field. Use this attribute when using an operator that requires multiple values. - returns (list of str, optional): The fields to return :type json: dict :param resource: The Lacework API resource to search (Example: "AlertChannels") :type resource: str :Yields: *dict* -- returns a generator which yields a page of objects at a time as returned by the Lacework API. .. py:class:: InternalIPAddressesAPI(session, object_type, endpoint_root='/api/v2') Bases: :py:obj:`laceworksdk.api.search_endpoint.SearchEndpoint` A class used to represent the Internal IP Addresses API endpoint. Methods: ------- search(json=None) A method to search InternalIPAddresses objects. .. py:property:: session Get the :class:`HttpSession` instance the object is using. .. py:method:: search(json=None, resource=None) A method to search objects. See the API documentation for this API endpoint for valid fields to search against. NOTE: While the "value" and "values" fields are marked as "optional" you must use one of them, depending on the operation you are using. :param json: The desired search parameters: - timeFilter (dict, optional): A dict containing the time frame for the search: - startTime (str): The start time for the search - endTime (str): The end time for the search - filters (list of dict, optional): Filters based on field contents: - field (str): The name of the data field to which the condition applies - expression (str): The comparison operator for the filter condition. Valid values are: "eq", "ne", "in", "not_in", "like", "ilike", "not_like", "not_ilike", "not_rlike", "rlike", "gt", "ge", "lt", "le", "between" - value (str, optional): The value that the condition checks for in the specified field. Use this attribute when using an operator that requires a single value. - values (list of str, optional): The values that the condition checks for in the specified field. Use this attribute when using an operator that requires multiple values. - returns (list of str, optional): The fields to return :type json: dict :param resource: The Lacework API resource to search (Example: "AlertChannels") :type resource: str :Yields: *dict* -- returns a generator which yields a page of objects at a time as returned by the Lacework API. .. py:class:: K8sPodsAPI(session, object_type, endpoint_root='/api/v2') Bases: :py:obj:`laceworksdk.api.search_endpoint.SearchEndpoint` A class used to represent the K8s Pods API endpoint. Methods: ------- search(json=None) A method to search K8sPods objects. .. py:property:: session Get the :class:`HttpSession` instance the object is using. .. py:method:: search(json=None, resource=None) A method to search objects. See the API documentation for this API endpoint for valid fields to search against. NOTE: While the "value" and "values" fields are marked as "optional" you must use one of them, depending on the operation you are using. :param json: The desired search parameters: - timeFilter (dict, optional): A dict containing the time frame for the search: - startTime (str): The start time for the search - endTime (str): The end time for the search - filters (list of dict, optional): Filters based on field contents: - field (str): The name of the data field to which the condition applies - expression (str): The comparison operator for the filter condition. Valid values are: "eq", "ne", "in", "not_in", "like", "ilike", "not_like", "not_ilike", "not_rlike", "rlike", "gt", "ge", "lt", "le", "between" - value (str, optional): The value that the condition checks for in the specified field. Use this attribute when using an operator that requires a single value. - values (list of str, optional): The values that the condition checks for in the specified field. Use this attribute when using an operator that requires multiple values. - returns (list of str, optional): The fields to return :type json: dict :param resource: The Lacework API resource to search (Example: "AlertChannels") :type resource: str :Yields: *dict* -- returns a generator which yields a page of objects at a time as returned by the Lacework API. .. py:class:: MachinesAPI(session, object_type, endpoint_root='/api/v2') Bases: :py:obj:`laceworksdk.api.search_endpoint.SearchEndpoint` A class used to represent the Machines API endpoint. Methods: ------- search(json=None) A method to search Machines objects. .. py:property:: session Get the :class:`HttpSession` instance the object is using. .. py:method:: search(json=None, resource=None) A method to search objects. See the API documentation for this API endpoint for valid fields to search against. NOTE: While the "value" and "values" fields are marked as "optional" you must use one of them, depending on the operation you are using. :param json: The desired search parameters: - timeFilter (dict, optional): A dict containing the time frame for the search: - startTime (str): The start time for the search - endTime (str): The end time for the search - filters (list of dict, optional): Filters based on field contents: - field (str): The name of the data field to which the condition applies - expression (str): The comparison operator for the filter condition. Valid values are: "eq", "ne", "in", "not_in", "like", "ilike", "not_like", "not_ilike", "not_rlike", "rlike", "gt", "ge", "lt", "le", "between" - value (str, optional): The value that the condition checks for in the specified field. Use this attribute when using an operator that requires a single value. - values (list of str, optional): The values that the condition checks for in the specified field. Use this attribute when using an operator that requires multiple values. - returns (list of str, optional): The fields to return :type json: dict :param resource: The Lacework API resource to search (Example: "AlertChannels") :type resource: str :Yields: *dict* -- returns a generator which yields a page of objects at a time as returned by the Lacework API. .. py:class:: MachineDetailsAPI(session, object_type, endpoint_root='/api/v2') Bases: :py:obj:`laceworksdk.api.search_endpoint.SearchEndpoint` A class used to represent the Machine Details API endpoint. Methods: ------- search(json=None) A method to search MachineDetails objects. .. py:property:: session Get the :class:`HttpSession` instance the object is using. .. py:method:: search(json=None, resource=None) A method to search objects. See the API documentation for this API endpoint for valid fields to search against. NOTE: While the "value" and "values" fields are marked as "optional" you must use one of them, depending on the operation you are using. :param json: The desired search parameters: - timeFilter (dict, optional): A dict containing the time frame for the search: - startTime (str): The start time for the search - endTime (str): The end time for the search - filters (list of dict, optional): Filters based on field contents: - field (str): The name of the data field to which the condition applies - expression (str): The comparison operator for the filter condition. Valid values are: "eq", "ne", "in", "not_in", "like", "ilike", "not_like", "not_ilike", "not_rlike", "rlike", "gt", "ge", "lt", "le", "between" - value (str, optional): The value that the condition checks for in the specified field. Use this attribute when using an operator that requires a single value. - values (list of str, optional): The values that the condition checks for in the specified field. Use this attribute when using an operator that requires multiple values. - returns (list of str, optional): The fields to return :type json: dict :param resource: The Lacework API resource to search (Example: "AlertChannels") :type resource: str :Yields: *dict* -- returns a generator which yields a page of objects at a time as returned by the Lacework API. .. py:class:: NetworkInterfacesAPI(session, object_type, endpoint_root='/api/v2') Bases: :py:obj:`laceworksdk.api.search_endpoint.SearchEndpoint` A class used to represent the Network Interfaces API endpoint. Methods: ------- search(json=None) A method to search NetworkInterfaces objects. .. py:property:: session Get the :class:`HttpSession` instance the object is using. .. py:method:: search(json=None, resource=None) A method to search objects. See the API documentation for this API endpoint for valid fields to search against. NOTE: While the "value" and "values" fields are marked as "optional" you must use one of them, depending on the operation you are using. :param json: The desired search parameters: - timeFilter (dict, optional): A dict containing the time frame for the search: - startTime (str): The start time for the search - endTime (str): The end time for the search - filters (list of dict, optional): Filters based on field contents: - field (str): The name of the data field to which the condition applies - expression (str): The comparison operator for the filter condition. Valid values are: "eq", "ne", "in", "not_in", "like", "ilike", "not_like", "not_ilike", "not_rlike", "rlike", "gt", "ge", "lt", "le", "between" - value (str, optional): The value that the condition checks for in the specified field. Use this attribute when using an operator that requires a single value. - values (list of str, optional): The values that the condition checks for in the specified field. Use this attribute when using an operator that requires multiple values. - returns (list of str, optional): The fields to return :type json: dict :param resource: The Lacework API resource to search (Example: "AlertChannels") :type resource: str :Yields: *dict* -- returns a generator which yields a page of objects at a time as returned by the Lacework API. .. py:class:: NewFileHashesAPI(session, object_type, endpoint_root='/api/v2') Bases: :py:obj:`laceworksdk.api.search_endpoint.SearchEndpoint` A class used to represent the New File Hashes API endpoint. Methods: ------- search(json=None) A method to search NewFileHashes objects. .. py:property:: session Get the :class:`HttpSession` instance the object is using. .. py:method:: search(json=None, resource=None) A method to search objects. See the API documentation for this API endpoint for valid fields to search against. NOTE: While the "value" and "values" fields are marked as "optional" you must use one of them, depending on the operation you are using. :param json: The desired search parameters: - timeFilter (dict, optional): A dict containing the time frame for the search: - startTime (str): The start time for the search - endTime (str): The end time for the search - filters (list of dict, optional): Filters based on field contents: - field (str): The name of the data field to which the condition applies - expression (str): The comparison operator for the filter condition. Valid values are: "eq", "ne", "in", "not_in", "like", "ilike", "not_like", "not_ilike", "not_rlike", "rlike", "gt", "ge", "lt", "le", "between" - value (str, optional): The value that the condition checks for in the specified field. Use this attribute when using an operator that requires a single value. - values (list of str, optional): The values that the condition checks for in the specified field. Use this attribute when using an operator that requires multiple values. - returns (list of str, optional): The fields to return :type json: dict :param resource: The Lacework API resource to search (Example: "AlertChannels") :type resource: str :Yields: *dict* -- returns a generator which yields a page of objects at a time as returned by the Lacework API. .. py:class:: PackagesAPI(session, object_type, endpoint_root='/api/v2') Bases: :py:obj:`laceworksdk.api.search_endpoint.SearchEndpoint` A class used to represent the Packages API endpoint. Methods: ------- search(json=None) A method to search Packages objects. .. py:property:: session Get the :class:`HttpSession` instance the object is using. .. py:method:: search(json=None, resource=None) A method to search objects. See the API documentation for this API endpoint for valid fields to search against. NOTE: While the "value" and "values" fields are marked as "optional" you must use one of them, depending on the operation you are using. :param json: The desired search parameters: - timeFilter (dict, optional): A dict containing the time frame for the search: - startTime (str): The start time for the search - endTime (str): The end time for the search - filters (list of dict, optional): Filters based on field contents: - field (str): The name of the data field to which the condition applies - expression (str): The comparison operator for the filter condition. Valid values are: "eq", "ne", "in", "not_in", "like", "ilike", "not_like", "not_ilike", "not_rlike", "rlike", "gt", "ge", "lt", "le", "between" - value (str, optional): The value that the condition checks for in the specified field. Use this attribute when using an operator that requires a single value. - values (list of str, optional): The values that the condition checks for in the specified field. Use this attribute when using an operator that requires multiple values. - returns (list of str, optional): The fields to return :type json: dict :param resource: The Lacework API resource to search (Example: "AlertChannels") :type resource: str :Yields: *dict* -- returns a generator which yields a page of objects at a time as returned by the Lacework API. .. py:class:: ProcessesAPI(session, object_type, endpoint_root='/api/v2') Bases: :py:obj:`laceworksdk.api.search_endpoint.SearchEndpoint` A class used to represent the Processes API endpoint. Methods: ------- search(json=None) A method to search Processes objects. .. py:property:: session Get the :class:`HttpSession` instance the object is using. .. py:method:: search(json=None, resource=None) A method to search objects. See the API documentation for this API endpoint for valid fields to search against. NOTE: While the "value" and "values" fields are marked as "optional" you must use one of them, depending on the operation you are using. :param json: The desired search parameters: - timeFilter (dict, optional): A dict containing the time frame for the search: - startTime (str): The start time for the search - endTime (str): The end time for the search - filters (list of dict, optional): Filters based on field contents: - field (str): The name of the data field to which the condition applies - expression (str): The comparison operator for the filter condition. Valid values are: "eq", "ne", "in", "not_in", "like", "ilike", "not_like", "not_ilike", "not_rlike", "rlike", "gt", "ge", "lt", "le", "between" - value (str, optional): The value that the condition checks for in the specified field. Use this attribute when using an operator that requires a single value. - values (list of str, optional): The values that the condition checks for in the specified field. Use this attribute when using an operator that requires multiple values. - returns (list of str, optional): The fields to return :type json: dict :param resource: The Lacework API resource to search (Example: "AlertChannels") :type resource: str :Yields: *dict* -- returns a generator which yields a page of objects at a time as returned by the Lacework API. .. py:class:: UsersAPI(session, object_type, endpoint_root='/api/v2') Bases: :py:obj:`laceworksdk.api.search_endpoint.SearchEndpoint` A class used to represent the Users API endpoint. Methods: ------- search(json=None) A method to search Users objects. .. py:property:: session Get the :class:`HttpSession` instance the object is using. .. py:method:: search(json=None, resource=None) A method to search objects. See the API documentation for this API endpoint for valid fields to search against. NOTE: While the "value" and "values" fields are marked as "optional" you must use one of them, depending on the operation you are using. :param json: The desired search parameters: - timeFilter (dict, optional): A dict containing the time frame for the search: - startTime (str): The start time for the search - endTime (str): The end time for the search - filters (list of dict, optional): Filters based on field contents: - field (str): The name of the data field to which the condition applies - expression (str): The comparison operator for the filter condition. Valid values are: "eq", "ne", "in", "not_in", "like", "ilike", "not_like", "not_ilike", "not_rlike", "rlike", "gt", "ge", "lt", "le", "between" - value (str, optional): The value that the condition checks for in the specified field. Use this attribute when using an operator that requires a single value. - values (list of str, optional): The values that the condition checks for in the specified field. Use this attribute when using an operator that requires multiple values. - returns (list of str, optional): The fields to return :type json: dict :param resource: The Lacework API resource to search (Example: "AlertChannels") :type resource: str :Yields: *dict* -- returns a generator which yields a page of objects at a time as returned by the Lacework API.