Security Data¶
-
class
py42.modules.securitydata.
SecurityModule
(security_client, storage_client_factory, microservices_client_factory)¶ Bases:
object
-
get_all_plan_security_events
(plan_storage_info, cursor=None, include_files=True, event_types=None, min_timestamp=None, max_timestamp=None)¶ Gets events for legacy Endpoint Monitoring file activity on removable media, in cloud sync folders, and browser uploads. Support Article
- Parameters
plan_storage_info (
py42.sdk.modules.securitydata.PlanStorageInfo
) – Information about storage nodes for a plan to get file event activity for.cursor (str, optional) – A cursor position for only getting file events you did not previously get. Defaults to None.
include_files (bool, optional) – Whether to include the files related to the file events.
to None. (Defaults) –
event_types –
(str, optional): A comma-separated list of event types to filter by.
- Available options are:
DEVICE_APPEARED
DEVICE_DISAPPEARED
DEVICE_FILE_ACTIVITY
PERSONAL_CLOUD_FILE_ACTIVITY
RESTORE_JOB
RESTORE_FILE
FILE_OPENED
RULE_MATCH
DEVICE_SCAN_RESULT
PERSONAL_CLOUD_SCAN_RESULT
Defaults to None.
min_timestamp (float, optional) – A POSIX timestamp representing the beginning of the date range of events to get. Defaults to None.
max_timestamp (float, optional) – A POSIX timestamp representing the end of the date range of events to get. Defaults to None.
- Returns
An object that iterates over
py42.response.Py42Response
objects that each contain a page of events.- Return type
generator
-
get_all_user_security_events
(user_uid, cursor=None, include_files=True, event_types=None, min_timestamp=None, max_timestamp=None)¶ Gets legacy Endpoint Monitoring file activity events for the user with the given UID.
- Parameters
user_uid (str) – The UID of the user to get security events for.
cursor (str, optional) – A cursor position for only getting events you did not previously get. Defaults to None.
include_files (bool, optional) – Whether to include the files related to the file activity events. Defaults to None.
event_types –
(str, optional): A comma-separated list of event types to filter by.
- Available options are:
DEVICE_APPEARED
DEVICE_DISAPPEARED
DEVICE_FILE_ACTIVITY
PERSONAL_CLOUD_FILE_ACTIVITY
RESTORE_JOB
RESTORE_FILE
FILE_OPENED
RULE_MATCH
DEVICE_SCAN_RESULT
PERSONAL_CLOUD_SCAN_RESULT
Defaults to None.
min_timestamp (float, optional) – A POSIX timestamp representing the beginning of the date range of events to get. Defaults to None.
max_timestamp (float, optional) – A POSIX timestamp representing the end of the date range of events to get. Defaults to None.
- Returns
An object that iterates over
py42.response.Py42Response
objects that each contain a page of events.- Return type
generator
-
get_security_plan_storage_info_list
(user_uid)¶ Gets IDs (plan UID, node GUID, and destination GUID) for the storage nodes containing the file activity event data for the user with the given UID. REST Documentation
- Parameters
user_uid (str) – The UID of the user to get plan storage information for.
- Returns
-
search_file_events
(query)¶ Searches for file events. REST Documentation
- Parameters
query (
py42.sdk.queries.fileevents.file_event_query.FileEventQuery
) – Also accepts a raw JSON str.- Returns
A response containing the first 10,000 events.
- Return type
-
-
class
py42.modules.securitydata.
PlanStorageInfo
(plan_uid, destination_guid, node_guid)¶ Bases:
object
-
property
destination_guid
¶ The GUID of the destination containing the storage archive.
-
property
node_guid
¶ The GUID of the storage node containing the archive.
-
property
plan_uid
¶ The UID of the storage plan.
-
property