laceworksdk.api.v2.vulnerabilities

Lacework Vulnerabilities API wrapper.

Module Contents

Classes

VulnerabilitiesAPI

A class used to represent the Vulnerabilities API endpoint .
class laceworksdk.api.v2.vulnerabilities.VulnerabilitiesAPI(session)[source]

A class used to represent the Vulnerabilities API endpoint .

The Vulnerabilities API endpoint is a parent for different types of vulnerabilities that can be queried. Due to namespace overlap with the v1 API, this class is a subclass of VulnerabilityAPI to expose those methods and provide backwards compatibility.

Attributes:

containers:

A ContainerVulnerabilitiesAPI instance.

hosts:

A HostVulnerabilitiesAPI instance.

packages:

A SoftwarePackagesAPI instance.

class ContainerVulnerabilitiesAPI(session, object_type, endpoint_root='/api/v2')[source]

Bases: laceworksdk.api.search_endpoint.SearchEndpoint

A class used to represent the Container Vulnerabilities API endpoint.

property session

Get the HttpSession instance the object is using.

scan(registry, repository, tag, **request_params)[source]

A method to issue Container Vulnerability scans.

Parameters:

  • registry (str) – The container registry to use.

  • repository (str) – The container repository to use.

  • tag (str) – The container tag to use.

  • request_params (dict, optional) – Use to pass any additional parameters the API

Returns:

The status of the requested scan

Return type:

dict

status(request_id)[source]

A method to get the status of a Container Vulnerability scan.

Parameters:

request_id (str) – The request ID of the container scan

Returns:

The status of the requested scan

Return type:

dict

search(json=None, resource=None)

A method to search objects.

See the API documentation for this API endpoint for valid fields to search against.

NOTE: While the “value” and “values” fields are marked as “optional” you must use one of them, depending on the operation you are using.

Parameters:

  • json (dict) –

    The desired search parameters:

    • timeFilter (dict, optional): A dict containing the time frame for the search:

      • startTime (str): The start time for the search

      • endTime (str): The end time for the search

    • filters (list of dict, optional): Filters based on field contents:

      • field (str): The name of the data field to which the condition applies

      • expression (str): The comparison operator for the filter condition. Valid values are:

      ”eq”, “ne”, “in”, “not_in”, “like”, “ilike”, “not_like”, “not_ilike”, “not_rlike”, “rlike”, “gt”, “ge”, “lt”, “le”, “between”

      • value (str, optional): The value that the condition checks for in the specified field. Use this attribute when using an operator that requires a single value.

      • values (list of str, optional): The values that the condition checks for in the specified field. Use this attribute when using an operator that requires multiple values.

    • returns (list of str, optional): The fields to return

  • resource (str) – The Lacework API resource to search (Example: “AlertChannels”)

Yields:

dict – returns a generator which yields a page of objects at a time as returned by the Lacework API.

class ImageSummaryVulnerabilitiesAPI(session, object_type, endpoint_root='/api/v2')[source]

Bases: laceworksdk.api.search_endpoint.SearchEndpoint

A class used to represent the ImageSummary Vulnerabilities API endpoint.

property session

Get the HttpSession instance the object is using.

search(json=None, resource=None)

A method to search objects.

See the API documentation for this API endpoint for valid fields to search against.

NOTE: While the “value” and “values” fields are marked as “optional” you must use one of them, depending on the operation you are using.

Parameters:

  • json (dict) –

    The desired search parameters:

    • timeFilter (dict, optional): A dict containing the time frame for the search:

      • startTime (str): The start time for the search

      • endTime (str): The end time for the search

    • filters (list of dict, optional): Filters based on field contents:

      • field (str): The name of the data field to which the condition applies

      • expression (str): The comparison operator for the filter condition. Valid values are:

      ”eq”, “ne”, “in”, “not_in”, “like”, “ilike”, “not_like”, “not_ilike”, “not_rlike”, “rlike”, “gt”, “ge”, “lt”, “le”, “between”

      • value (str, optional): The value that the condition checks for in the specified field. Use this attribute when using an operator that requires a single value.

      • values (list of str, optional): The values that the condition checks for in the specified field. Use this attribute when using an operator that requires multiple values.

    • returns (list of str, optional): The fields to return

  • resource (str) – The Lacework API resource to search (Example: “AlertChannels”)

Yields:

dict – returns a generator which yields a page of objects at a time as returned by the Lacework API.

class HostVulnerabilitiesAPI(session, object_type, endpoint_root='/api/v2')[source]

Bases: laceworksdk.api.search_endpoint.SearchEndpoint

A class used to represent the Host Vulnerabilities API endpoint.

property session

Get the HttpSession instance the object is using.

search(json=None, resource=None)

A method to search objects.

See the API documentation for this API endpoint for valid fields to search against.

NOTE: While the “value” and “values” fields are marked as “optional” you must use one of them, depending on the operation you are using.

Parameters:

  • json (dict) –

    The desired search parameters:

    • timeFilter (dict, optional): A dict containing the time frame for the search:

      • startTime (str): The start time for the search

      • endTime (str): The end time for the search

    • filters (list of dict, optional): Filters based on field contents:

      • field (str): The name of the data field to which the condition applies

      • expression (str): The comparison operator for the filter condition. Valid values are:

      ”eq”, “ne”, “in”, “not_in”, “like”, “ilike”, “not_like”, “not_ilike”, “not_rlike”, “rlike”, “gt”, “ge”, “lt”, “le”, “between”

      • value (str, optional): The value that the condition checks for in the specified field. Use this attribute when using an operator that requires a single value.

      • values (list of str, optional): The values that the condition checks for in the specified field. Use this attribute when using an operator that requires multiple values.

    • returns (list of str, optional): The fields to return

  • resource (str) – The Lacework API resource to search (Example: “AlertChannels”)

Yields:

dict – returns a generator which yields a page of objects at a time as returned by the Lacework API.

class SoftwarePackagesAPI(session, object_type, endpoint_root='/api/v2')[source]

Bases: laceworksdk.api.base_endpoint.BaseEndpoint

A class used to represent the Software Packages API endpoint.

property session

Get the HttpSession instance the object is using.

scan(os_pkg_info_list, **request_params)[source]

A method to initiate a software package vulnerability scan.

Parameters:

  • os_pkg_info_list (list of dict) –

    A list of packages to be scanned given the OS, OS version, package, and package version. Fields are:

    • os (str): The name of the operating system.

    • osVer (str): The version of the operating system.

    • pkg (str): The name of the software package.

    • pkgVer (str): The verion of the software package.

  • request_params (dict, optional) – Use to pass any additional parameters the API

Returns:

The resulting vulnerability data

Return type:

dict