laceworksdk.api.v2.vulnerability_exceptions
Lacework VulnerabilityExceptions API wrapper.
Module Contents
Classes
A class used to represent the Vulnerabilities Exceptions API endpoint . |
- class laceworksdk.api.v2.vulnerability_exceptions.VulnerabilityExceptionsAPI(session)[source]
Bases:
laceworksdk.api.crud_endpoint.CrudEndpoint
A class used to represent the Vulnerabilities Exceptions API endpoint .
Lacework provides the ability to create exceptions for certain vulnerable resources and criteria. For example, a certain CVE for a certain package or all packages can be excepted until a set expiry time.
- property session
Get the
HttpSession
instance the object is using.
- create(exception_name, exception_reason, exception_type, props, vulnerability_criteria, resource_scope=None, expiry_time=None, state=True, **request_params)[source]
A method to create a new vulnerability exception.
- Parameters:
exception_name (str) – The name of the exception.
exception_reason (str) – The exception reason. Valid values: “False Positive”, “Accepted Risk”, “Compensating Controls”, “Fix Pending”, “Other”
exception_type (str) – The exception type. Valid values: “Container”, “Host”
props (dict of str) – The properties of the exception. Fields are: - description (str): The exception description - createdBy (str): The creator of the exception - updatedBy (str): The updator of the exception.
vulnerability_criteria (dic) –
The criteria for excepted vulnerabilities. Fields are:
cve (list of str): The vulnerability (CVE) ID(s) that you want to constrain the exception to
package (list of dict): The package name(s) (for example, an operating system or language package). This can include a version number
severity (list of str): The severity levels of the vulnerability to constrain the exception to. Valid values: “Info”, “Low”, “Medium”, “High”, “Critical”
fixable (list of int): The fixability status (0 or 1)
resource_scope (dict) – The scope of resources for which to apply the exception. Fields for this dict change depending on the “exception type” field. See the API docs for field info.
expiry_time (str) – The expiration time for the exception.
state (bool|int) – Whether the exception is enabled.
request_params (dict, optional) – Use to pass any additional parameters the API
- Returns:
The newly created vulnerability exception
- Return type:
dict
- get(guid=None)[source]
A method to get vulnerability exceptions. Using no args will get all vulnerability exceptions.
- Parameters:
guid (str, optional) – The GUID of the vulnerability exception to get.
- Returns:
The requested vulnerability exception(s)
- Return type:
dict
- get_by_guid(guid)[source]
A method to get vulnerability exceptions by GUID.
- Parameters:
guid (str) – The GUID of the vulnerability exception to get.
- Returns:
The requested vulnerability exception(s)
- Return type:
dict
- update(guid, exception_name=None, exception_reason=None, props=None, vulnerability_criteria=None, resource_scope=None, expiry_time=None, state=None, **request_params)[source]
A method to update a VulnerabilityExceptions object.
- Parameters:
guid – A string representing the object GUID.
exception_name (str, optional) – The name of the exception.
exception_reason (str, optional) – The exception reason. Valid values: “False Positive”, “Accepted Risk”, “Compensating Controls”, “Fix Pending”, “Other”
props (dict of str) – The properties of the exception. Fields are: - description (str, optional): The exception description - createdBy (str, optional): The creator of the exception - updatedBy (str, optional): The updator of the exception.
vulnerability_criteria (dic) –
The criteria for excepted vulnerabilities. Fields are:
cve (list of str): The vulnerability (CVE) ID(s) that you want to constrain the exception to
package (list of dict): The package name(s) (for example, an operating system or language package). This can include a version number
severity (list of str): The severity levels of the vulnerability to constrain the exception to. Valid values: “Info”, “Low”, “Medium”, “High”, “Critical”
fixable (list of int): The fixability status (0 or 1)
resource_scope (dict, optional) –
The scope of resources for which to apply the exception. Fields for this dict change depending on the “exception type” field. See the API docs for field info.
expiry_time (str, optional) – The expiration time for the exception.
state (bool|int, optional) – Whether the exception is enabled.
request_params (dict, optional) – Use to pass any additional parameters the API
- Returns:
The updated vulnerability exception
- Return type:
dict
- delete(guid)[source]
A method to delete a vulnerability exception.
- Parameters:
guid (str) – The GUID of the vulnerability exception to delete
- Returns:
a Requests response object containing the response code
- Return type:
requests.models.Response
- search(json=None)
A method to search objects.
See the API documentation for this API endpoint for valid fields to search against.
NOTE: While the “value” and “values” fields are marked as “optional” you must use one of them, depending on the operation you are using.
- Parameters:
json (dict) –
The desired search parameters:
timeFilter (dict, optional): A dict containing the time frame for the search:
startTime (str): The start time for the search
endTime (str): The end time for the search
filters (list of dict, optional): Filters based on field contents:
field (str): The name of the data field to which the condition applies
expression (str): The comparison operator for the filter condition. Valid values are:
”eq”, “ne”, “in”, “not_in”, “like”, “ilike”, “not_like”, “not_ilike”, “not_rlike”, “rlike”, “gt”, “ge”, “lt”, “le”, “between”
value (str, optional): The value that the condition checks for in the specified field. Use this attribute when using an operator that requires a single value.
values (list of str, optional): The values that the condition checks for in the specified field. Use this attribute when using an operator that requires multiple values.
returns (list of str, optional): The fields to return
- Returns:
returns a dict containing the search results
- Return type:
dict