Alert Rules

class py42.clients.alertrules.AlertRulesClient(alerts_service, alert_rules_service)

Bases: object

Rest Documentation

add_user(rule_id, user_id)

Update alert rule criteria to add a user and all their aliases to an alert rule. A rule’s user list can either be inclusive (only the users on the list can generate alerts) or exclusive (everyone can generate alerts, except users on the list). This method will include or exclude based on the rule configuration.

Rest Documentation

Parameters
  • rule_id (str) – Observer Id of a rule to be updated.

  • user_id (str) – The Code42 userUid of the user to add to the alert

Returns

py42.response.Py42Response

property cloudshare

A collection of methods for managing cloud sharing alert rules.

Returns

py42.services.alertrules.cloud_share.CloudShareService

property exfiltration

A collection of methods for managing exfiltration alert rules.

Returns

py42.services.alertrules.exfiltration.ExfiltrationService

property filetypemismatch

A collection of methods for managing file type mismatch alert rules.

Returns

py42.services.alertrules.file_type_mismatch.FileTypeMismatchService

get_all(sort_key='CreatedAt', sort_direction='DESC')

Fetch all available rules.

Parameters
  • sort_key (str, optional) – Sort results based by field. Defaults to ‘CreatedAt’.

  • sort_direction (str, optional) – ASC or DESC. Constants available at py42.constants.SortDirection. Defaults to “DESC”

Returns

An object that iterates over py42.response.Py42Response objects that each contain a page of rules.

Return type

generator

get_all_by_name(rule_name)

Search for matching rules by name.

Parameters

rule_name (str) – Rule name to search for, case insensitive search.

Returns

An object that iterates over py42.response.Py42Response objects that each contain a page of rules with the given name.

Return type

generator

get_by_observer_id(observer_id)

Get the rule with the matching observer ID.

Parameters

observer_id (str) – The observer ID of the rule to return.

Returns

py42.response.Py42Response

get_page(sort_key='CreatedAt', sort_direction='DESC', page_num=1, page_size=None)

Gets a page of alert rules. Note that you can use page_size here the same way as other methods that have a page_size parameter in py42. However, under the hood, it subtracts one from the given page size in the implementation as the Code42 alerts API expected the start page to be zero while the rest of the Code42 APIs expect the start page to be one.

Parameters
  • sort_key (str, optional) – Sort results based by field. Defaults to “CreatedAt”.

  • sort_direction (str, optional) – ASC or DESC. Constants available at py42.constants.SortDirection. Defaults to “DESC”.

  • page_num (int, optional) – The page number to get. Defaults to 1.

  • page_size (int, optional) – The number of items per page. Defaults to py42.settings.items_per_page.

Returns

py42.response.Py42Response

remove_all_users(rule_id)

Update alert rule criteria to remove all users the from the alert rule.

Rest Documentation

Parameters

rule_id (str) – Observer rule Id of a rule to be updated.

Returns

py42.response.Py42Response

remove_user(rule_id, user_id)

Update alert rule criteria to remove a user and all their aliases from an alert rule. A rule’s user list can either be inclusive (only the users on the list can generate alerts) or exclusive (everyone can generate alerts, except users on the list). This method will include or exclude based on the rule configuration.

Rest Documentation

Parameters
  • rule_id (str) – Observer rule Id of a rule to be updated.

  • user_id (str) – The Code42 userUid of the user to remove from the alert

Returns

py42.response.Py42Response

Exfiltration rules

class py42.services.alertrules.ExfiltrationService(connection, tenant_id)

Bases: py42.services.BaseService

get(rule_id)

Fetch exfiltration alert rule by rule id.

Parameters

rule_id (str) – Observer rule Id of a rule to be fetched.

Returns

py42.response.Py42Response

Cloud share rules

class py42.services.alertrules.CloudShareService(connection, tenant_id)

Bases: py42.services.BaseService

get(rule_id)

Fetch cloud share alert rule by rule id.

Parameters

rule_id (str) – Observer rule Id of a rule to be fetched.

Returns

py42.response.Py42Response

File type mismatch rules

class py42.services.alertrules.FileTypeMismatchService(connection, tenant_id)

Bases: py42.services.BaseService

get(rule_id)

Fetch File type mismatch alert rules by rule id.

Parameters

rule_id (str) – Observer rule Id of a rule to be fetched.

Returns

py42.response.Py42Response