Detection Lists¶
-
class
py42.modules.detectionlists.
DetectionListsModule
(microservice_client_factory, user_client)¶ Bases:
object
-
add_user_cloud_aliases
(user_id, aliases)¶ Add one or more cloud alias.
- Parameters
user_id (str or int) – The user_id whose alias(es) need to be updated.
aliases (str or list of str) – A single alias or multiple aliases in a list to be added. e.g u”x” or [“email@id”, “y”], for python version 2.X, pass u”str” instead of “str”
- Returns
Add one or more tags.
- Parameters
user_id (str or int) – The user_id whose tag(s) needs to be updated.
tags (str or list of str) – A single tag or multiple tags in a list to be added. e.g u”tag1” or [“tag1”, “tag2”], for python version 2.X, pass u”str” instead of “str”
- Returns
-
create_user
(username)¶ Create a detection list profile for a user.
- Parameters
username (str) – Username of the user.
- Returns
-
get_user
(username)¶ Get user details by username.
- Parameters
username (str) – Username of the user.
- Returns
-
get_user_by_id
(user_id)¶ Get user details by user_id.
- Parameters
user_id (str or int) – Id of the user.
- Returns
-
remove_user_cloud_aliases
(user_id, aliases)¶ Remove one or more cloud alias.
- Parameters
user_id (str or int) – The user_id whose alias(es) need to be removed.
aliases (str or list of str) – A single alias or multiple aliases in a list to be removed. e.g u”x” or [“email@id”, “y”], for python version 2.X, pass u”str” instead of “str”
- Returns
Remove one or more tags.
- Parameters
user_id (str or int) – The user_id whose tag(s) needs to be removed.
tags (str or list of str) – A single tag or multiple tags in a list to be removed. e.g u”tag1” or [“tag1”, “tag2”], for python version 2.X, pass u”str” instead of “str”
- Returns
-
update_user_notes
(user_id, notes)¶ Add or update notes related to the user.
- Parameters
user_id (str or int) – The user_id whose notes need to be updated.
notes (str) – User profile notes.
- Returns
-
Departing Employee¶
-
class
py42.clients.detectionlists.departing_employee.
DepartingEmployeeClient
(session, user_context)¶ Bases:
py42.clients.BaseClient
A client for interacting with Code42 Departing Employee APIs.
-
create
(username, tenant_id=None, notes=None, departure_epoch=None, cloud_usernames=None)¶ Adds a user to Departing Employees. REST Documentation
- Parameters
username (str) – The username of the departing employee.
tenant_id (str, optional) – The identifier of the Customer tenant the user is in. Defaults to None (the tenant_id of SDK authorization user will be used).
notes (str, optional) – Optional descriptive information. Defaults to None.
departure_epoch (int, optional) – Employee departure date as POSIX timestamp. Defaults to None.
cloud_usernames (list, optional) – List of alternate usernames for this user from external data sources being searched by Forensic File Search (Google Drive, Box, OneDrive, Gmail, Office 365). Defaults to None.
- Returns
-
get_all
(tenant_id=None, departing_on_or_after_epoch=None, sort_key='CREATED_AT', sort_direction='DESC')¶ Gets all Departing Employees.
- Parameters
tenant_id (str, optional) – The identifier of the Customer tenant. Defaults to None (the tenant_id of SDK authorization user will be used).
departing_on_or_after_epoch (int, optional) – Filter results by the departure date of employee, requires a POSIX timestamp. Defaults to None.
sort_key (str, optional) – Key to sort results on. Options: (
CREATED_AT
,DEPARTURE_DATE
,DISPLAY_NAME
,NUM_EVENTS
,TOTAL_BYTES
). Defaults toCREATED_AT
.sort_direction (str, optional) – Sort direction. Options: (
ASC
,DESC
). Defaults toDESC
.
- Returns
An object that iterates over
py42.response.Py42Response
objects that each contain a page of departing employees.- Return type
generator
-
get_by_id
(case_id, tenant_id=None)¶ Gets details about a Departing Employee case. REST Documentation
- Parameters
case_id (str) – Identifier of the Departing Employee case.
tenant_id (str, optional) – The identifier of the Customer tenant the case is in. Defaults to None (the tenant_id of SDK authorization user will be used).
- Returns
A response containing the Departing Employee case.
- Return type
-
get_by_username
(username, tenant_id=None)¶ Gets Departing Employee case detail for a given user.
- Parameters
username (str) – Username of the Departing Employee to retrieve case info on.
tenant_id (str, optional) – The identifier of the Customer tenant the case is in. Defaults to None (the tenant_id of SDK authorization user will be used).
- Returns
A response containing the Departing Employee case.
- Return type
-
resolve
(case_id, tenant_id=None)¶ Removes a user from Departing Employees. REST Documentation
- Parameters
case_id (str) – The identifier of the Departing Employee.
tenant_id (str, optional) – The identifier of the Customer tenant the case is in. Defaults to None (the tenant_id of SDK authorization user will be used).
- Returns
-
toggle_alerts
(tenant_id=None, alerts_enabled=True)¶ Enable or disable email alerting on Departing Employee exposure events. REST Documentation
- Parameters
tenant_id (str, optional) – The identifier of the Customer tenant. Defaults to None (the tenant_id of SDK authorization user will be used).
alerts_enabled (bool) – Set alerting to on (True) or off (False). Defaults to True.
- Returns
-
update
(case_id, tenant_id=None, display_name=None, notes=None, departure_epoch=None, cloud_usernames=None)¶ Add or modify details of an existing Departing Employee case. REST Documentation
- Parameters
case_id (str) – Identifier of the Departing Employee case.
tenant_id (str, optional) – The identifier of the Customer tenant the case is in. Defaults to None (the tenant_id of SDK authorization user will be used).
display_name (str, optional) – The display name for the Departing Employee case. This defaults to username when adding a new Departing Employee, so it can be used to make the UI more user-friendly if your Organization has usernames that don’t correspond to real names. Defaults to None.
notes (str, optional) – Optional descriptive information. Defaults to None.
departure_epoch (int, optional) – Employee departure date as POSIX timestamp. Defaults to None.
cloud_usernames (list, optional) – List of alternate usernames for this user from external data sources being searched by Forensic File Search (Google Drive, Box, OneDrive, Gmail, Office 365). Defaults to None.
- Returns
-
High Risk Employee¶
-
class
py42.clients.detectionlists.high_risk_employee.
HighRiskEmployeeClient
(session, user_context, detection_list_user_client, user_client)¶ Bases:
py42.clients.BaseClient
Administrator utility to manage High Risk employees.
-
add
(user_id)¶ Adds a user to high risk employee detection list.
A user profile in detection list will be created before adding to High Risk Employee list if it doesn’t exist.
Returns failure when a user already exists in the high risk employee detection list.
- Parameters
user_id (str or int) – The Code42 userUid of the user who needs to be added to HRE detection list.
- Returns
-
get
(user_id)¶ Get user information.
- Parameters
user_id (str or int) – The Code42 userUid of the user has been added to the High Risk Employee detection list.
- Returns
-
get_all
(filter_type='OPEN', sort_key=None, sort_direction=None)¶ Search High Risk employee list. Filter results by filter_type.
- Parameters
filter_type (str) – Valid filter types.
sort_key (str) – Sort results based by field.
sort_direction (str) – “ASC” or “DESC”
- Returns
An object that iterates over
py42.response.Py42Response
objects that each contain a page of users.- Return type
generator
-
remove
(user_id)¶ Remove a user from high risk employee detection list.
- Parameters
user_id (str or int) – The Code42 userUid of the user who needs to be added to HRE detection lists.
- Returns
-
set_alerts_enabled
(enabled=True)¶ Enable alerts.
- Parameters
enabled (bool) – Whether to enable alerts for all users
- Returns
-