laceworksdk.api.v2.report_definitions

Lacework ReportDefinitions API wrapper.

Module Contents

Classes

ReportDefinitionsAPI

A class used to represent the Report Definition API endpoint
class laceworksdk.api.v2.report_definitions.ReportDefinitionsAPI(session)[source]

Bases: laceworksdk.api.crud_endpoint.CrudEndpoint

A class used to represent the Report Definition API endpoint

A report definition contains data retrieval and layout information for a report. Lacework provides endpoints to create a report definition, to list all definitions, and to update or delete a definition.

property session

Get the HttpSession instance the object is using.

create(report_name, report_type, sub_report_type, report_definition, **request_params)[source]

A method to create a new report definition.

Parameters:

  • report_name (str) – The name of the report definition.

  • report_type (str) – Type of the report definition. Valid values: “COMPLIANCE”

  • sub_report_type (str) – The sub-type of the report definition. Valid values: “AWS”, “GCP”, “Azure”

  • report_definition (dict) –

    A dictionary representing the report definition. Fields are:

    • sections (list of dicts): A list of dictionaries representing the sections of the report definition. Fields are:

      • category (str): The section’s category.

      • title (str): The section’s title.

      • policies (list of str): A list strings representing the section’s policies.

  • request_params (dict, optional) – Use to pass any additional parameters the API

Returns:

The created report definition

Return type:

dict

get(id=None)[source]

A method to get report definitions. Using no args will get all report definitions.

Parameters:

id (str, optional) – The report definition ID to get.

Returns:

The requested report definition(s)

Return type:

dict

get_by_id(id)[source]

A method to get a report definition by ID.

Parameters:

id (str) – The report definition ID to get.

Returns:

The requested report definition

Return type:

dict

search()[source]

A method to ‘pass’ when attempting to search ReportDefinitions objects.

Search functionality is not yet implemented for Alert Profiles.

update(id, report_name, report_definition, **request_params)[source]

A method to update a report definition.

Parameters:

  • id – A string representing the object ID.

  • report_name (str) – The name of the report definition.

  • report_definition (dict) –

    A dictionary representing the report definition. Fields are:

    • sections (list of dicts): A list of dictionaries representing the sections of the report definition. Fields are:

      • category (str): The section’s category.

      • title (str): The section’s title.

      • policies (list of str): A list strings representing the section’s policies.

  • request_params (dict, optional) – Use to pass any additional parameters the API

Returns:

The updated report definition

Return type:

dict

delete(id)[source]

A method to delete a report definition.

Parameters:

id (str) – The ID of the report definition to delete.

Returns:

a Requests response object containing the response code

Return type:

requests.models.Response