alarm#
Autogenerated API
- argus_api.lib.alarms.v1.alarm.add_alarm(shortName: str = None, description: str = None, info: str = None, references: str = None, links: str = None, labels: str = None, internalReference: str = None, signatures: str = None, attackCategoryID: int = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Add a new alarm (INTERNAL)
- Parameters
shortName (str) – Short name of the alarm => [a-zA-Z0-9_:\-.]*
description (str) – Alarm description => [sw\{\}\$\-\(\).\[\]”'_/\,\*\+\#:@!?;=]*
info (str) – Alarm verbose information => format:html
references (list) – Alarm vulnerability references (CVE-numbers, BID-numbers, URLs etc) => Sanitize by regex ^((?!(https?|ftp|gopher|telnet|file|javascript|mailto):))([sw\{\}\$\-\(\).\[\]”'_/\,\*\+\#:@!?;=])*|((https?|ftp|gopher|telnet|file):((/)|(\))+[wd:\#@%/;$()~_?\+-=\.&]*)
links (list) – Links to external descriptions of this alarm => ((https?|ftp|gopher|telnet|file):((/)|(\))+[wd:\#@%/;$()~_?\+-=\.&]*)
labels (list) – Tag an alarm with labels => [sw\{\}\$\-\(\).\[\]”'_/\,\*\+\#:@!?;=]*
internalReference (str) – A link to an internal reference for the alarm => [sw\{\}\$\-\(\).\[\]”'_/\,\*\+\#:@!?;=]*
signatures (list) – List of signatures to map to this alarm => Sanitize by regex [a-zA-Z0-9_/:@~!\+\-.\?]*
attackCategoryID (int) – Alarm attack category ID (default 0)
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.alarms.v1.alarm.add_alarm_comment(id: int, comment: str = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Add a comment to an alarm (INTERNAL)
- Parameters
id (int) – ID of the alarm
comment (str) – Comment content. Html is allowed, will be sanitized. => format:html
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ObjectNotFoundException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.alarms.v1.alarm.add_alarm_mitre_relationship(idOrShortName: str, mitreCategory: str = None, categoryModel: str = None, categoryVersion: str = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Adds a new relationship between an alarm and a MITRE category (DEV)
- Parameters
idOrShortName (str) – ID or short name of the alarm
mitreCategory (str) – ID or external ID of the MITRE category (external ID requires setting additional attributes: categoryModel, categoryVersion)
categoryModel (str) – Which threat model to use with external ID of the MITRE category
categoryVersion (str) – Which version to use with external ID of the MITRE category
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ObjectNotFoundException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.alarms.v1.alarm.delete_alarm(id: int, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Delete an existing alarm (INTERNAL)
- Parameters
id (int) – ID of the alarm
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ObjectNotFoundException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.alarms.v1.alarm.delete_alarm_comment(id: int, timestamp: int, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Delete an existing comment from an alarm (INTERNAL)
- Parameters
id (int) – ID of the alarm
timestamp (int) – Timestamp of the comment
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ObjectNotFoundException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.alarms.v1.alarm.delete_alarm_mitre_relationship(idOrShortName: str, idOrExtId: str, categoryModel: str = None, categoryVersion: str = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Deletes an existing relationship between an alarm and a MITRE category (DEV)
- Parameters
idOrShortName (str) – ID or short name of the alarm
idOrExtId (str) – ID or external ID of the MITRE category (external ID requires additional query parameters: categoryModel, categoryVersion)
categoryModel (str) – Which threat model to use with external ID of the MITRE category
categoryVersion (str) – Which version to use with external ID of the MITRE category
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ObjectNotFoundException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.alarms.v1.alarm.get_alarm_by_id(id: int, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Get an alarm by ID (PUBLIC)
- Parameters
id (int) – ID of the alarm
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ObjectNotFoundException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.alarms.v1.alarm.get_alarms(keywords: str = None, keywordField: str = None, keywordMatch: str = 'all', limit: int = 25, offset: int = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Get all alarms (PUBLIC)
- Parameters
keywords (list) – Search by keywords
keywordField (list) – Set field strategy for keyword search
keywordMatch (str) – Set match strategy for keyword search
limit (int) – Maximum number of returned alarms
offset (int) – Skip a number of alarms
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.alarms.v1.alarm.list_alarm_mitre_relationships(idOrShortName: str, categoryType: str = None, categoryModel: str = None, categoryVersion: str = None, includeDeleted: bool = None, sortBy: str = None, limit: int = None, offset: int = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
List relationships between an alarm and MITRE categories (DEV)
- Parameters
idOrShortName (str) – ID or short name of the alarm
categoryType (list) – Type(s) of the MITRE categories (all by default)
categoryModel (list) – The threat model(s) of the MITRE categories (all by default)
categoryVersion (list) – The version(s) of the MITRE categories (all by default)
includeDeleted (bool) – To include deleted relationships or not (not included by default)
sortBy (list) – Field(s) to sort results by (without sign is ascending, with ‘-’ sign is descending)
limit (int) – The max amount of items to return (25 by default, 0 means no limit)
offset (int) – The amount of items to skip from the beginning (0 by default)
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.alarms.v1.alarm.map_to_alarm(id: int, signatures: str = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Map signatures to an alarm (INTERNAL)
- Parameters
id (int) – ID of the alarm
signatures (list) – Signatures (exist/new) to be mapped to the alarm => Sanitize by regex [a-zA-Z0-9_/:@~!\+\-.\?]*
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.alarms.v1.alarm.search_alarm_mitre_relationships(id: str = None, alarm: str = None, category: str = None, categoryType: str = None, categoryModel: str = None, categoryVersion: str = None, includeFlags: str = None, excludeFlags: str = None, subCriteria: dict = None, sortBy: str = None, limit: int = 25, offset: int = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Searches for relationships between alarms and MITRE categories (DEV)
- Parameters
id (list) – A set of IDs of the searched relationships
alarm (list) – A set of IDs or short names of the alarms that take part in the relationships
category (list) – A set of IDs, external IDs or short names of the MITRE categories that take part in the relationships
categoryType (list) – A set of enumerated types of the MITRE categories that take part in the relationships
categoryModel (list) – A set of enumerated threat models of the MITRE categories that take part in the relationships
categoryVersion (list) – A set of versions of the MITRE categories that take part in the relationships
includeFlags (list) – A set of included enumerated flags of the searched relationships
excludeFlags (list) – A set of excluded enumerated flags of the searched relationships
subCriteria (list) – Set additional search criteria with AND, OR or AND NOT
sortBy (list) – Fields to sort results by (without sign is ascending, with ‘-’ sign is descending) (default mitreCategoryShortName, -createdTimestamp)
limit (int) – The max amount of items to return (default 25)
offset (int) – The amount of items to skip from the beginning (default 0)
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.alarms.v1.alarm.search_alarms(limit: int = None, offset: int = None, includeDeleted: bool = None, subCriteria: dict = None, exclude: bool = None, required: bool = None, attackCategoryID: int = None, alarmID: int = None, alarm: str = None, alarmReferences: str = None, labels: str = None, startTimestamp: int = None, endTimestamp: int = None, timeFieldStrategy: str = None, timeMatchStrategy: str = None, keywords: str = None, keywordFieldStrategy: str = None, keywordMatchStrategy: str = None, signature: str = None, sortBy: str = None, includeFlags: str = None, excludeFlags: str = None, includeMappings: bool = None, includeComments: bool = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Get all alarms matching a given search criteria (PUBLIC)
- Parameters
limit (int) – Max number of results.
offset (int) – Skip the first (offset) objects. By default, return result from first object.
includeDeleted (bool) – Set to true to include deleted objects. By default, exclude deleted objects.
subCriteria (list) – Set additional criterias which are applied using a logical OR.
exclude (bool) – Only relevant for subcriteria. If set to true, objects matching this subcriteria object will be excluded.
required (bool) – Only relevant for subcriteria. If set to true, objects matching this subcriteria are required (AND-ed together with parent criteria).
attackCategoryID (list) – A set of IDs for attack categories (alarm category).
alarmID (list) – A set of IDs for alarms.
alarm (list) – A set of IDs or short names for alarms.
alarmReferences (list) – A set of references. It does an exact match.
labels (list) – A set of labels. It does an exact match.
startTimestamp (int) – Only include alarms based on the set TimeFieldStrategy and TimeMatchStrategy (start timestamp)
endTimestamp (int) – Only include alarms based on the set TimeFieldStrategy and TimeMatchStrategy (end timestamp)
timeFieldStrategy (list) – TimeFieldStrategy to define which timestamp field(s) to match. (default lastUpdatedTimestamp)
timeMatchStrategy (str) – TimeMatchStrategy to define how to match startTimestamp and endTimestamp with fields. (default any)
keywords (list) – A set of keywords matched against alarms based on the set KeywordFieldStrategy and KeywordMatchStrategy.
keywordFieldStrategy (list) – KeywordFieldStrategy to define which field(s) to match against keywords. (default all)
keywordMatchStrategy (str) – KeywordMatchStrategy to define how to match keywords with fields. (default all)
signature (list) – A set of signatures. It does an exact match.
sortBy (list) – List of properties to sort by (prefix with “-” to sort descending).
includeFlags (list) – Only include objects which have includeFlags set.
excludeFlags (list) – Exclude objects which have excludeFlags set.
includeMappings (bool) – Set to include mappings in the search result. (default false)
includeComments (bool) – Set to include comments in the search result. (default false)
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.alarms.v1.alarm.unmap(id: int, signature: str, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Unmap signatures from an alarm (INTERNAL)
- Parameters
id (int) – ID of the alarm
signature (list) – Signatures to unmap
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.alarms.v1.alarm.update_alarm(id: int, shortName: str = None, description: str = None, info: str = None, disabled: bool = None, addReferences: str = None, deleteReferences: str = None, addLinks: str = None, deleteLinks: str = None, addLabels: str = None, deleteLabels: str = None, internalReference: str = None, attackCategoryID: int = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Update an existing alarm (INTERNAL)
- Parameters
id (int) – ID of the alarm
shortName (str) – Update short name of the alarm => [a-zA-Z0-9_:\-.]*
description (str) – Update description of alarm => [sw\{\}\$\-\(\).\[\]”'_/\,\*\+\#:@!?;=]*
info (str) – Update verbose information of alarm => format:html
disabled (bool) – Disable or enable alarm (unchanged if not set)
addReferences (list) – Add vulnerability references (CVE-numbers, BID-numbers, URLs etc) => Sanitize by regex ^((?!(https?|ftp|gopher|telnet|file|javascript|mailto):))([sw\{\}\$\-\(\).\[\]”'_/\,\*\+\#:@!?;=])*|((https?|ftp|gopher|telnet|file):((/)|(\))+[wd:\#@%/;$()~_?\+-=\.&]*)
deleteReferences (list) – Remove vulnerability references
addLinks (list) – Add external links => ((https?|ftp|gopher|telnet|file):((/)|(\))+[wd:\#@%/;$()~_?\+-=\.&]*)
deleteLinks (list) – Remove external links
addLabels (list) – Add labels => [sw\{\}\$\-\(\).\[\]”'_/\,\*\+\#:@!?;=]*
deleteLabels (list) – Remove labels => [sw\{\}\$\-\(\).\[\]”'_/\,\*\+\#:@!?;=]*
internalReference (str) – A link to an internal reference for the alarm => [sw\{\}\$\-\(\).\[\]”'_/\,\*\+\#:@!?;=]*
attackCategoryID (int) – Update category of alarm (unchanged if set to 0) (default 0)
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ObjectNotFoundException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON