Alert Rules¶

class py42.modules.alertrules.AlertRulesModule(microservice_client_factory)¶

Bases: object

add_user(rule_id, user_id)¶

Update alert rule to monitor user aliases against the Uid for the given rule id.

Parameters:	rule_id (str) – Observer Id of a rule to be updated. user_id (str) – The Code42 userUid of the user to add to the alert

Returns: py42.response.Py42Response

cloudshare¶

A collection of methods for managing cloud sharing alert rules.

Returns:	`py42.clients.alertrules.cloud_share.CloudShareClient`

exfiltration¶

A collection of methods for managing exfiltration alert rules.

Returns:	`py42.clients.alertrules.exfiltration.ExfiltrationClient`

filetypemismatch¶

A collection of methods for managing file type mismatch alert rules.

Returns:	`py42.clients.alertrules.file_type_mismatch.FileTypeMismatchClient`

get_all(sort_key='CreatedAt', sort_direction='DESC')¶

Fetch all available rules.

Parameters:	sort_key (str) – Sort results based by field. Defaults to ‘CreatedAt’. sort_direction (str) – `ASC` or `DESC`. Defaults to “DESC”
Returns:	An object that iterates over `py42.response.Py42Response` objects that each contain a page of rules.
Return type:	generator

get_all_by_name(rule_name)¶

Search for matching rules by name.

Parameters:	rule_name (str) – Rule name to search for, case insensitive search.
Returns:	An object that iterates over `py42.response.Py42Response` objects that each contain a page of rules with the given name.
Return type:	generator

get_by_observer_id(observer_id)¶

Get the rule with the matching observer ID.

Parameters:	observer_id (str) – The observer ID of the rule to return.

Returns: py42.response.Py42Response

remove_all_users(rule_id)¶

Update alert rule criteria to remove all users the from the alert rule.

Parameters:	rule_id (str) – Observer rule Id of a rule to be updated.

Returns: py42.response.Py42Response

remove_user(rule_id, user_id)¶

Update alert rule criteria to remove a user and all its aliases from a rule.

Parameters:	rule_id (str) – Observer rule Id of a rule to be updated. user_id (str) – The Code42 userUid of the user to remove from the alert

Returns: py42.response.Py42Response

Exfiltration rules¶

class py42.clients.alertrules.exfiltration.ExfiltrationClient(session, tenant_id)¶

Bases: py42.clients.BaseClient

get(rule_id)¶

Fetch exfiltration alert rule by rule id.

Parameters:	rule_id (str) – Observer rule Id of a rule to be fetched.

Returns: py42.response.Py42Response

Cloud share rules¶

class py42.clients.alertrules.cloud_share.CloudShareClient(session, tenant_id)¶

Bases: py42.clients.BaseClient

get(rule_id)¶

Fetch cloud share alert rule by rule id.

Parameters:	rule_id (str) – Observer rule Id of a rule to be fetched.

Returns: py42.response.Py42Response

File type mismatch rules¶

class py42.clients.alertrules.file_type_mismatch.FileTypeMismatchClient(session, tenant_id)¶

Bases: py42.clients.BaseClient

get(rule_id)¶

Fetch File type mismatch alert rules by rule id.

Parameters:	rule_id (str) – Observer rule Id of a rule to be fetched.

Returns: py42.response.Py42Response