mitre

Autogenerated API

argus_api.lib.alarms.v1.mitre.add_mitre_category(externalId: str = None, shortName: str = None, name: str = None, type: str = None, model: str = None, version: str = None, url: str = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict

Adds a new MITRE category (DEV)

Parameters

• externalId (str) – External ID of the MITRE category

• shortName (str) – Short name of the MITRE category

• name (str) – Detailed name of the MITRE category

• type (str) – Enumerated type of the MITRE category

• model (str) – Enumerated threat model of the MITRE category

• version (str) – Version of the MITRE ATT&CK release

• url (str) – URL of the external MITRE category page => ((https?|ftp|gopher|telnet|file):((/)|(\))+[wd:\#@%/;$()~_?\+-=\.&]*)

• json – return the response’s body as a dict parsed from json. True by default. If set to false, the raw requests.Response object will be returned.

• verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.

• apiKey – Argus API key.

• authentication – authentication override

• server_url – API base URL override

• body – body of the request. other parameters will override keys defined in the body.

• api_session – session to use for this request. If not set, the global session will be used.

Raises

• AuthenticationFailedException – on 401

• AccessDeniedException – on 403

• ValidationErrorException – on 412

• ArgusException – on other status codes

Returns

dictionary translated from JSON

argus_api.lib.alarms.v1.mitre.add_mitre_category_relationship(idOrExtId: str, sourceCategoryModel: str = None, externalId: str = None, targetCategory: str = None, targetCategoryModel: str = None, type: str = None, version: str = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict

Adds a new MITRE category relationship (DEV)

Parameters

• idOrExtId (str) – ID or external ID of the source MITRE category (external ID requires an additional query parameter: sourceCategoryModel; version is already part of the request payload)

• sourceCategoryModel (str) – Which threat model to use with external ID of the source MITRE category

• externalId (str) – External ID of the MITRE category relationship

• targetCategory (str) – ID or external ID of target MITRE category (external ID requires setting an additional attribute: targetCategoryModel)

• targetCategoryModel (str) – Which threat model to use with target MITRE category external ID

• type (str) – Enumerated type of the MITRE category relationship

• version (str) – Version of the MITRE ATT&CK release, has to match the version of the related categories

• json – return the response’s body as a dict parsed from json. True by default. If set to false, the raw requests.Response object will be returned.

• verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.

• apiKey – Argus API key.

• authentication – authentication override

• server_url – API base URL override

• body – body of the request. other parameters will override keys defined in the body.

• api_session – session to use for this request. If not set, the global session will be used.

Raises

• AuthenticationFailedException – on 401

• AccessDeniedException – on 403

• ObjectNotFoundException – on 404

• ValidationErrorException – on 412

• ArgusException – on other status codes

Returns

dictionary translated from JSON

argus_api.lib.alarms.v1.mitre.add_or_update_mitre_model_version(model: str, version: str, markAsDefault: bool = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict

Adds or updates MITRE model version info (DEV)

Parameters

• model (str) – Threat model of the MITRE category

• version (str) – Version of the MITRE ATT&CK release

• markAsDefault (bool) – A boolean flag indicating whether this version should be marked as the default one for this model (default value is null, meaning no change)

• json – return the response’s body as a dict parsed from json. True by default. If set to false, the raw requests.Response object will be returned.

• verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.

• apiKey – Argus API key.

• authentication – authentication override

• server_url – API base URL override

• body – body of the request. other parameters will override keys defined in the body.

• api_session – session to use for this request. If not set, the global session will be used.

Raises

• AuthenticationFailedException – on 401

• AccessDeniedException – on 403

• ObjectNotFoundException – on 404

• ValidationErrorException – on 412

• ArgusException – on other status codes

Returns

dictionary translated from JSON

argus_api.lib.alarms.v1.mitre.delete_mitre_category(idOrExtId: str, model: str = None, version: str = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict

Deletes an existing MITRE category (DEV)

Parameters

• idOrExtId (str) – ID or external ID of the MITRE category (external ID requires additional query parameters: model, version)

• model (str) – Which threat model to use with external ID

• version (str) – Which version to use with external ID

• json – return the response’s body as a dict parsed from json. True by default. If set to false, the raw requests.Response object will be returned.

• verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.

• apiKey – Argus API key.

• authentication – authentication override

• server_url – API base URL override

• body – body of the request. other parameters will override keys defined in the body.

• api_session – session to use for this request. If not set, the global session will be used.

Raises

• AuthenticationFailedException – on 401

• AccessDeniedException – on 403

• ObjectNotFoundException – on 404

• ValidationErrorException – on 412

• ArgusException – on other status codes

Returns

dictionary translated from JSON

argus_api.lib.alarms.v1.mitre.delete_mitre_category_relationship(idOrExtId: str, version: str = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict

Deletes an existing MITRE category relationship (DEV)

Parameters

• idOrExtId (str) – ID or external ID of the MITRE category relationship (external ID requires an additional query parameter: version)

• version (str) – Which version to use with external ID

• json – return the response’s body as a dict parsed from json. True by default. If set to false, the raw requests.Response object will be returned.

• verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.

• apiKey – Argus API key.

• authentication – authentication override

• server_url – API base URL override

• body – body of the request. other parameters will override keys defined in the body.

• api_session – session to use for this request. If not set, the global session will be used.

Raises

• AuthenticationFailedException – on 401

• AccessDeniedException – on 403

• ObjectNotFoundException – on 404

• ValidationErrorException – on 412

• ArgusException – on other status codes

Returns

dictionary translated from JSON

argus_api.lib.alarms.v1.mitre.get_mitre_category(idOrExtId: str, model: str = None, version: str = None, includeRelationships: bool = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict

Gets an existing MITRE category by ID or external ID (DEV)

Parameters

• idOrExtId (str) – ID or external ID of the MITRE category (external ID requires additional query parameters: model, version)

• model (str) – Which threat model to use with external ID

• version (str) – Which version to use with external ID

• includeRelationships (bool) – Whether to include MITRE category relationships or not (not included by default)

• json – return the response’s body as a dict parsed from json. True by default. If set to false, the raw requests.Response object will be returned.

• verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.

• apiKey – Argus API key.

• authentication – authentication override

• server_url – API base URL override

• body – body of the request. other parameters will override keys defined in the body.

• api_session – session to use for this request. If not set, the global session will be used.

Raises

• AuthenticationFailedException – on 401

• AccessDeniedException – on 403

• ObjectNotFoundException – on 404

• ValidationErrorException – on 412

• ArgusException – on other status codes

Returns

dictionary translated from JSON

argus_api.lib.alarms.v1.mitre.get_mitre_category_relationship(idOrExtId: str, version: str = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict

Gets an existing MITRE category relationship by ID or external ID (DEV)

Parameters

• idOrExtId (str) – ID or external ID of the MITRE category relationship (external ID requires an additional query parameter: version)

• version (str) – Which version to use with external ID

• json – return the response’s body as a dict parsed from json. True by default. If set to false, the raw requests.Response object will be returned.

• verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.

• apiKey – Argus API key.

• authentication – authentication override

• server_url – API base URL override

• body – body of the request. other parameters will override keys defined in the body.

• api_session – session to use for this request. If not set, the global session will be used.

Raises

• AuthenticationFailedException – on 401

• AccessDeniedException – on 403

• ObjectNotFoundException – on 404

• ValidationErrorException – on 412

• ArgusException – on other status codes

Returns

dictionary translated from JSON

argus_api.lib.alarms.v1.mitre.get_mitre_model_version(model: str, version: str, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict

Gets MITRE model version info by model and version (DEV)

Parameters

• model (str) – Threat model of the MITRE category

• version (str) – Version of the MITRE ATT&CK release

• json – return the response’s body as a dict parsed from json. True by default. If set to false, the raw requests.Response object will be returned.

• verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.

• apiKey – Argus API key.

• authentication – authentication override

• server_url – API base URL override

• body – body of the request. other parameters will override keys defined in the body.

• api_session – session to use for this request. If not set, the global session will be used.

Raises

• AuthenticationFailedException – on 401

• AccessDeniedException – on 403

• ObjectNotFoundException – on 404

• ValidationErrorException – on 412

• ArgusException – on other status codes

Returns

dictionary translated from JSON

argus_api.lib.alarms.v1.mitre.list_mitre_categories(type: str = None, model: str = None, version: str = None, includeDeleted: bool = None, includeDeprecated: bool = None, includeRelationships: bool = None, sortBy: str = None, limit: int = None, offset: int = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict

List MITRE categories (DEV)

Parameters

• type (list) – Type(s) of the included MITRE categories (all by default)

• model (list) – Threat model(s) of the included MITRE categories (all by default)

• version (list) – Version(s) of the included MITRE categories (all by default)

• includeDeleted (bool) – Whether to include deleted MITRE categories or not (not included by default)

• includeDeprecated (bool) – Whether to include deprecated MITRE categories or not (not included by default)

• includeRelationships (bool) – Whether to include MITRE category relationships or not (not included by default)

• sortBy (list) – Field(s) to sort results by (without sign is ascending, with ‘-’ sign is descending)

• limit (int) – The max amount of items to return (25 by default, 0 means no limit)

• offset (int) – The amount of items to skip from the beginning (0 by default)

• json – return the response’s body as a dict parsed from json. True by default. If set to false, the raw requests.Response object will be returned.

• verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.

• apiKey – Argus API key.

• authentication – authentication override

• server_url – API base URL override

• body – body of the request. other parameters will override keys defined in the body.

• api_session – session to use for this request. If not set, the global session will be used.

Raises

• AuthenticationFailedException – on 401

• AccessDeniedException – on 403

• ValidationErrorException – on 412

• ArgusException – on other status codes

Returns

dictionary translated from JSON

argus_api.lib.alarms.v1.mitre.list_mitre_category_relationships(idOrExtId: str, model: str = None, version: str = None, includeDeleted: bool = None, sortBy: str = None, limit: int = None, offset: int = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict

List MITRE category relationships (DEV)

Parameters

• idOrExtId (str) – ID or external ID of the source or target MITRE category (external ID requires additional query parameters: model, version)

• model (str) – Which threat model to use with external ID of the MITRE category

• version (str) – Which version to use with external ID of the MITRE category

• includeDeleted (bool) – Whether to include deleted MITRE category relationships or not (not included by default)

• sortBy (list) – Field(s) to sort results by (without sign is ascending, with ‘-’ sign is descending)

• limit (int) – The max amount of items to return (25 by default, 0 means no limit)

• offset (int) – The amount of items to skip from the beginning (0 by default)

• json – return the response’s body as a dict parsed from json. True by default. If set to false, the raw requests.Response object will be returned.

• verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.

• apiKey – Argus API key.

• authentication – authentication override

• server_url – API base URL override

• body – body of the request. other parameters will override keys defined in the body.

• api_session – session to use for this request. If not set, the global session will be used.

Raises

• AuthenticationFailedException – on 401

• AccessDeniedException – on 403

• ValidationErrorException – on 412

• ArgusException – on other status codes

Returns

dictionary translated from JSON

argus_api.lib.alarms.v1.mitre.list_mitre_model_versions(model: str, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict

Lists available MITRE model versions’ info by model (DEV)

Parameters

• model (str) – Threat model of the MITRE category

• json – return the response’s body as a dict parsed from json. True by default. If set to false, the raw requests.Response object will be returned.

• verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.

• apiKey – Argus API key.

• authentication – authentication override

• server_url – API base URL override

• body – body of the request. other parameters will override keys defined in the body.

• api_session – session to use for this request. If not set, the global session will be used.

Raises

• AuthenticationFailedException – on 401

• AccessDeniedException – on 403

• ValidationErrorException – on 412

• ArgusException – on other status codes

Returns

dictionary translated from JSON

argus_api.lib.alarms.v1.mitre.search_mitre_categories(id: str = None, externalId: str = None, shortName: str = None, type: str = None, model: str = None, version: str = None, includeFlags: str = None, excludeFlags: str = None, keywords: str = None, keywordFieldStrategy: str = None, keywordMatchStrategy: str = None, subCriteria: dict = None, sortBy: str = None, includeRelationships: bool = None, limit: int = 25, offset: int = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict

Searches for MITRE categories (DEV)

Parameters

• id (list) – A set of IDs of the searched MITRE categories

• externalId (list) – A set of external IDs of the searched MITRE categories

• shortName (list) – A set of short names of the searched MITRE categories

• type (list) – A set of enumerated types of the searched MITRE categories

• model (list) – A set of enumerated threat models of the searched MITRE categories

• version (list) – A set of versions of the searched MITRE categories

• includeFlags (list) – A set of included enumerated flags of the searched MITRE categories

• excludeFlags (list) – A set of excluded enumerated flags of the searched MITRE categories

• keywords (list) – Keywords that are searched for in the fields of MITRE categories

• keywordFieldStrategy (list) – A set of fields of the MITRE categories where the keywords are searched (default all)

• keywordMatchStrategy (str) – Selected keyword matching strategy for searching in the fields of MITRE categories (default all)

• subCriteria (list) – Set additional search criteria with AND, OR or AND NOT

• sortBy (list) – Fields to sort results by (without sign is ascending, with ‘-’ sign is descending) (default shortName, -createdTimestamp)

• includeRelationships (bool) – Whether to include MITRE category relationships in search results or not (default false)

• limit (int) – The max amount of items to return (default 25)

• offset (int) – The amount of items to skip from the beginning (default 0)

• json – return the response’s body as a dict parsed from json. True by default. If set to false, the raw requests.Response object will be returned.

• verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.

• apiKey – Argus API key.

• authentication – authentication override

• server_url – API base URL override

• body – body of the request. other parameters will override keys defined in the body.

• api_session – session to use for this request. If not set, the global session will be used.

Raises

• AuthenticationFailedException – on 401

• AccessDeniedException – on 403

• ValidationErrorException – on 412

• ArgusException – on other status codes

Returns

dictionary translated from JSON

argus_api.lib.alarms.v1.mitre.update_mitre_category(idOrExtId: str, model: str = None, version: str = None, name: str = None, type: str = None, url: str = None, deprecated: bool = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict

Updates an existing MITRE category (DEV)

Parameters

• idOrExtId (str) – ID or external ID of the MITRE category (external ID requires additional query parameters: model, version)

• model (str) – Which threat model to use with external ID

• version (str) – Which version to use with external ID

• name (str) – Detailed name of the MITRE category

• type (str) – Enumerated type of the MITRE category

• url (str) – URL of the external MITRE category page => ((https?|ftp|gopher|telnet|file):((/)|(\))+[wd:\#@%/;$()~_?\+-=\.&]*)

• deprecated (bool) – A boolean flag indicating if the MITRE category is deprecated

• json – return the response’s body as a dict parsed from json. True by default. If set to false, the raw requests.Response object will be returned.

• verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.

• apiKey – Argus API key.

• authentication – authentication override

• server_url – API base URL override

• body – body of the request. other parameters will override keys defined in the body.

• api_session – session to use for this request. If not set, the global session will be used.

Raises

• AuthenticationFailedException – on 401

• AccessDeniedException – on 403

• ObjectNotFoundException – on 404

• ValidationErrorException – on 412

• ArgusException – on other status codes

Returns

dictionary translated from JSON

argus_api.lib.alarms.v1.mitre.update_mitre_category_relationship(idOrExtId: str, version: str = None, type: str = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) → dict

Updates an existing MITRE category relationship (DEV)

Parameters

• idOrExtId (str) – ID or external ID of the MITRE category relationship (external ID requires an additional query parameter: version)

• version (str) – Which version to use with external ID

• type (str) – Enumerated type of the MITRE category relationship

• json – return the response’s body as a dict parsed from json. True by default. If set to false, the raw requests.Response object will be returned.

• verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.

• apiKey – Argus API key.

• authentication – authentication override

• server_url – API base URL override

• body – body of the request. other parameters will override keys defined in the body.

• api_session – session to use for this request. If not set, the global session will be used.

Raises

• AuthenticationFailedException – on 401

• AccessDeniedException – on 403

• ObjectNotFoundException – on 404

• ValidationErrorException – on 412

• ArgusException – on other status codes

Returns

dictionary translated from JSON