submission#

Autogenerated API

Advanced search for submissions (DEV)

Parameters

  • id (list) – Restrict the search to submissions with any of the IDs defined

  • sampleSha256 (list) – Restrict the search to submissions with any of the sample sha256s defined

  • userAgent (list) – Restrict the search to submissions with any of the user agents defined

  • tlp (list) – Restrict the search to submissions where it must contain any of the defined TLPs

  • timeFieldStrategy (list) – Restrict the search by timestamp (indicated by startTimestamp and endTimestamp) to these fields. Default is ‘all’

  • timeMatchStrategy (str) – Whether all or any (default) of the fields must match the time period (indicated by startTimestamp and endTimestamp) (default any)

  • subCriteria (list) – Search sub criteria

  • startTimestamp (str) – Restrict search to data after this time (epoch millis). Allows unix timestamp (milliseconds), ISO timestamp, or relative time specifies. See https://docs.mnemonic.no/api/general_integration_guide/08-time_fields.html#api-iguide-general-time-search

  • endTimestamp (str) – Restrict search to data before this time (epoch millis). Allows unix timestamp (milliseconds), ISO timestamp, or relative time specifies. See https://docs.mnemonic.no/api/general_integration_guide/08-time_fields.html#api-iguide-general-time-search

  • mimeType (list) – Restrict the search to submissions with any of the mime types defined

  • metaData (list) – Restrict the search to submissions with any of the meta data properties defined

  • keywords (list) – A set of keywords to search for

  • keywordMatchStrategy (str) – Whether all or any (default) of the fields must match one or more of the keywords (default all)

  • keywordFieldStrategy (list) – Restrict to search only in the selected keyword fields (default all)

  • includeFlags (list) – Restrict the search to submissions containing any of the specified flags

  • excludeFlags (list) – Restrict the search to submissions not containing any of the specified flags

  • fileName (list) – Restrict the search to submissions with any of the file names defined

  • customer (list) – Restrict the search to submissions owned by certain customers identified by id or shortname

  • sortBy (list) – Specify sort ordering for returned submissions (default -submittedTimestamp)

  • indexStartTimestamp (str) – Restrict search to data after this time (epoch millis)Allows unix timestamp (milliseconds), ISO timestamp, or relative time specifies. See https://docs.mnemonic.no/api/general_integration_guide/08-time_fields.html#api-iguide-general-time-search (default now - 1 month)

  • indexEndTimestamp (str) – Restrict search to data before this time (epoch millis)Allows unix timestamp (milliseconds), ISO timestamp, or relative time specifies. See https://docs.mnemonic.no/api/general_integration_guide/08-time_fields.html#api-iguide-general-time-search (default now)

  • limit (int) – Limit the number of search results (default 25)

  • json – return the response’s body as a dict parsed from json. True by default. If set to false, the raw requests.Response object will be returned.

  • verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.

  • apiKey – Argus API key.

  • authentication – authentication override

  • server_url – API base URL override

  • body – body of the request. other parameters will override keys defined in the body.

  • api_session – session to use for this request. If not set, the global session will be used.

Raises
Returns

dictionary translated from JSON

Simple search for submissions (DEV)

Parameters

  • sortBy (list) – Fields to sort the results by. Prefix with ‘-’ to sort descending

  • keywords (list) – A set of keywords to search for

  • keywordFieldStrategy (list) – Which fields to search on

  • limit (int) – Maximum number of returned results

  • keywordMatchStrategy (str) – Whether the keywords must match all or any of the keyword fields

  • indexStartTimestamp (str) – Restrict search to data after this time. Timestamps can be milliseconds since epoch, ISO8601 timestamp, or a string with a relative timestamp. See the general integration guide for more details

  • indexEndTimestamp (str) – Restrict search to data before this time. Timestamps can be milliseconds since epoch, ISO8601 timestamp, or a string with a relative timestamp. See the general integration guide for more details

  • json – return the response’s body as a dict parsed from json. True by default. If set to false, the raw requests.Response object will be returned.

  • verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.

  • apiKey – Argus API key.

  • authentication – authentication override

  • server_url – API base URL override

  • body – body of the request. other parameters will override keys defined in the body.

  • api_session – session to use for this request. If not set, the global session will be used.

Raises
Returns

dictionary translated from JSON

argus_api.lib.sampledb.v2.submission.submission_statistics(id: str = None, sampleSha256: str = None, userAgent: dict = None, tlp: str = None, timeFieldStrategy: str = None, timeMatchStrategy: str = None, subCriteria: dict = None, startTimestamp: str = None, endTimestamp: str = None, mimeType: str = None, metaData: dict = None, keywords: str = None, keywordMatchStrategy: str = None, keywordFieldStrategy: str = None, includeFlags: str = None, excludeFlags: str = None, fileName: str = None, customer: str = None, indexStartTimestamp: str = None, indexEndTimestamp: str = None, groupBy: dict = None, statisticsMetrics: dict = None, statistics: dict = None, rangeMetrics: dict = None, timeline: dict = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict#

Aggregation for Submission statistics (DEV)

Parameters

  • id (list) – Restrict the search to submissions with any of the IDs defined

  • sampleSha256 (list) – Restrict the search to submissions with any of the sample sha256s defined

  • userAgent (list) – Restrict the search to submissions with any of the user agents defined

  • tlp (list) – Restrict the search to submissions where it must contain any of the defined TLPs

  • timeFieldStrategy (list) – Restrict the search by timestamp (indicated by startTimestamp and endTimestamp) to these fields. Default is ‘all’

  • timeMatchStrategy (str) – Whether all or any (default) of the fields must match the time period (indicated by startTimestamp and endTimestamp) (default any)

  • subCriteria (list) – Search sub criteria

  • startTimestamp (str) – Restrict search to data after this time (epoch millis). Allows unix timestamp (milliseconds), ISO timestamp, or relative time specifies. See https://docs.mnemonic.no/api/general_integration_guide/08-time_fields.html#api-iguide-general-time-search

  • endTimestamp (str) – Restrict search to data before this time (epoch millis). Allows unix timestamp (milliseconds), ISO timestamp, or relative time specifies. See https://docs.mnemonic.no/api/general_integration_guide/08-time_fields.html#api-iguide-general-time-search

  • mimeType (list) – Restrict the search to submissions with any of the mime types defined

  • metaData (list) – Restrict the search to submissions with any of the meta data properties defined

  • keywords (list) – A set of keywords to search for

  • keywordMatchStrategy (str) – Whether all or any (default) of the fields must match one or more of the keywords (default all)

  • keywordFieldStrategy (list) – Restrict to search only in the selected keyword fields (default all)

  • includeFlags (list) – Restrict the search to submissions containing any of the specified flags

  • excludeFlags (list) – Restrict the search to submissions not containing any of the specified flags

  • fileName (list) – Restrict the search to submissions with any of the file names defined

  • customer (list) – Restrict the search to submissions owned by certain customers identified by id or shortname

  • indexStartTimestamp (str) – Restrict search to data after this time (epoch millis)Allows unix timestamp (milliseconds), ISO timestamp, or relative time specifies. (default now - 1 month)

  • indexEndTimestamp (str) – Restrict search to data before this time (epoch millis)Allows unix timestamp (milliseconds), ISO timestamp, or relative time specifies. (default now)

  • groupBy (list) – The fields by which to group statistics

  • statisticsMetrics (list) – The numerical fields for which to generate metrics. Deprecated, use statistics instead

  • statistics (list) – The numerical fields for which to generate metrics

  • rangeMetrics (list) – The timestamp fields for which to generate statistics. Deprecated, use timeline instead

  • timeline (list) – The timestamp fields for which to generate statistics

  • json – return the response’s body as a dict parsed from json. True by default. If set to false, the raw requests.Response object will be returned.

  • verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.

  • apiKey – Argus API key.

  • authentication – authentication override

  • server_url – API base URL override

  • body – body of the request. other parameters will override keys defined in the body.

  • api_session – session to use for this request. If not set, the global session will be used.

Raises
Returns

dictionary translated from JSON