sample#
Autogenerated API
- argus_api.lib.sampledb.v2.sample.add_analysis(sha256: str, analysisResult: dict = None, customer: str = None, userAgent: dict = None, tlp: str = None, acl: str = None, profile: str = None, triggeredDetections: dict = None, possibleDetections: int = None, verdictStatusOverride: str = None, tags: dict = None, executedWithInternetAccess: bool = None, analysisScore: int = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Adds an analysis to a sample (DEV)
- Parameters
sha256 (str) – Sha256 of sample to add analysis result to
analysisResult (dict) – The result of the analysis as a JSON object
customer (str) – The shortname or ID of customer the analysis belongs to
userAgent (dict) – The user agent used in add requests
tlp (str) – The TLP level of the analysis
acl (list) – The shortname or IDs of users or groups that will be given explicit access
profile (str) – The execution profile of the worker => [sw\{\}\$\-\(\).\[\]”'_/\,\*\+\#:@!?;=]*
triggeredDetections (list) – The triggered detections for this analysis
possibleDetections (int) – The maximum number of possible detections
verdictStatusOverride (str) – Can be set to signify that the worker posting the analysis result is 100% certain that the sample is malicious or benign. The verdict engine will consider this field and use as an override for the verdict status. If there are contradicting overrides, the verdict engine will set the verdict status to ‘unknown’ instead
tags (list) – The tags for the analysis
executedWithInternetAccess (bool) – A boolean to indicate whether the analysis have been executed with internet access or not
analysisScore (int) – The score for this analysis. The value is a score from -1 to 100 and is an indication of how certain the analyzer is that the sample is malicious. A value of -1 indicates no findings.
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ObjectNotFoundException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.sampledb.v2.sample.add_evidence(sha256: str, analysisID: str, evidence: str = None, mimeType: str = None, fileName: str = None, internal: bool = None, potentiallyMalicious: bool = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Adds evidence to an analysis (DEV)
- Parameters
sha256 (str) – Sha256 of sample that holds the analysis
analysisID (str) – UUID of analysis to add evidence to
evidence (str) – Base64 encoded evidence
mimeType (str) – The mimeType of the evidence
fileName (str) – The file name given to the evidence
internal (bool) – Whether the Evidence should be available to external users or not. By default this is false which means that external users have access. Set to true if only internal
potentiallyMalicious (bool) – Whether the Evidence is malicious or not
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ObjectNotFoundException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.sampledb.v2.sample.add_link(sha256: str, customer: str = None, userAgent: dict = None, tlp: str = None, acl: str = None, type: str = None, reference: str = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Adds an link to a sample (DEV)
- Parameters
sha256 (str) – Sha256 of sample to add link to
customer (str) – The shortname or ID of customer the link belongs to
userAgent (dict) – The user agent used in add requests
tlp (str) – The TLP level of the link
acl (list) – The shortname or IDs of users or groups that will be given explicit access
type (str) – The nature of the link between the two samples
reference (str) – The ID of the sample the link references
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ObjectNotFoundException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.sampledb.v2.sample.add_sample(json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Upload a new sample file (INTERNAL)
- Parameters
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
AnErrorOccurredException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.sampledb.v2.sample.add_static_fact(sha256: str, key: str = None, value: str = None, userAgent: dict = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Endpoint for registering a new static fact (DEV)
- Parameters
sha256 (str) – Sha256 of the sample to add the static fact to
key (str) – The static fact key
value (str) – The static fact value
userAgent (dict) – The user agent used in add requests
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ObjectNotFoundException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.sampledb.v2.sample.add_submission(sha256: str, fileName: str = None, customer: str = None, observedTimestamp: int = None, mimeType: str = None, metaData: dict = None, tlp: str = None, acl: str = None, userAgent: dict = None, challengeToken: dict = None, retention: str = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Add a new sample submission. Requires a challenge token. A challenge token is a solution to a challenge generated by the challenge endpoint (INTERNAL)
- Parameters
sha256 (str) – Sha256 of sample to add submission for
fileName (str) – The filename of the sample
customer (str) – The shortname or ID of customer the submission belongs to. Default value is the currernt user’s customer
observedTimestamp (int) – The timestamp of when the sample was observed. Defaults to the current time
mimeType (str) – The sample mime type (default application/octet-stream)
metaData (dict) – Meta data about the sample (default {})
tlp (str) – TLP color of the submission. Submissions with TLP Red will be rejected as Sample Service does not support submissions with TLP redDefaults to amber (default amber)
acl (list) – List of user IDs or shortnames that are given explicit access to the submission
userAgent (dict) – The user agent used in add requests
challengeToken (dict) – Request containing the answer to a challenge
retention (str) – Only retain the submission until the specified time. The submission will be deleted after this time, unless the sample is malicious. Allows unix timestamp (milliseconds), ISO timestamp, or relative time specifies. See https://docs.mnemonic.no/api/general_integration_guide/08-time_fields.html#api-iguide-general-time-search
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ObjectNotFoundException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.sampledb.v2.sample.add_verdict(sha256: str, comment: str = None, statusOverride: str = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Manually add a verdict to a sample (DEV)
- Parameters
sha256 (str) –
comment (str) – A comment providing information or context to the verdict => [sw\{\}\$\-\(\).\[\]”'_/\,\*\+\#:@!?;=]*
statusOverride (str) – Field for manually overriding the status of the sample. If this field is set, this overrides the future event generations and verdicts for this sample
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ObjectNotFoundException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.sampledb.v2.sample.advanced_search(keywords: str = None, keywordFieldStrategy: str = None, keywordMatchStrategy: str = None, sha256: str = None, sha512: str = None, sha1: str = None, md5: str = None, timeFieldStrategy: str = None, timeMatchStrategy: str = None, classification: dict = None, submission: dict = None, user: str = None, userFieldStrategy: str = None, userMatchStrategy: str = None, customer: str = None, tlp: str = None, analysis: dict = None, link: dict = None, verdict: dict = None, subCriteria: dict = None, fact: dict = None, indexStartTimestamp: str = None, indexEndTimestamp: str = None, sortBy: str = None, startTimestamp: str = None, endTimestamp: str = None, limit: int = 25, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Advanced search for samples (DEV)
- Parameters
keywords (list) – A set of keywords to search for
keywordFieldStrategy (list) – Restrict to search only in the selected keyword fields
keywordMatchStrategy (str) – Whether all or any (default) of the fields must match one or more of the keywords
sha256 (list) – Restrict to search only in the selected sample sha256 IDs
sha512 (list) – Restrict to search only in samples with these sha512 hashes
sha1 (list) – Restrict to search only in samples with these sha1 hashes
md5 (list) – Restrict to search only in samples with these md5 hashes
timeFieldStrategy (list) – Restrict the search by timestamp (indicated by startTimestamp and endTimestamp) to these fields. Default is ‘all’
timeMatchStrategy (str) – Whether all or any (default) of the fields must match the time period (indicated by startTimestamp and endTimestamp)
classification (list) – Search criteria for classifications
submission (list) – Search criteria for submissions
user (list) – Restrict the search to samples containing resources (indicated by userFieldStrategy) submitted by users
userFieldStrategy (list) – Define what resources to apply the user criteria to. Defaults to ‘all’
userMatchStrategy (str) – Whether all or any (default) of the fields must match the user criteria
customer (list) – Restrict the search to samples containing submissions owned by certain customers
tlp (list) – Restrict the search to samples where the sample contains one or more submission, analysis, or link with any of the defined TLPs
analysis (list) – Search criteria for analysis
link (list) – Search criteria for links
verdict (list) – Search criteria for verdicts
subCriteria (list) – Search sub criteria
fact (list) – Search criteria for static facts
indexStartTimestamp (str) – Restrict search to data after this time. Timestamps can be milliseconds since epoch, ISO8601 timestamp, or a string with a relative timestamp. See the general integration guide for more details (default now - 1 month)
indexEndTimestamp (str) – Restrict search to data before this time. Timestamps can be milliseconds since epoch, ISO8601 timestamp, or a string with a relative timestamp. See the general integration guide for more details (default now)
sortBy (list) – Specify sort ordering for returned samples (default -sampleCreatedTimestamp)
startTimestamp (str) – Restrict the search to resources (indicated by timeFieldStrategy) timestamped after this timestamp. Timestamps can be milliseconds since epoch, ISO8601 timestamp, or a string with a relative timestamp. See the general integration guide for more details
endTimestamp (str) – Restrict the search to resources (indicated by timeFieldStrategy) timestamped before this timestamp.Timestamps can be milliseconds since epoch, ISO8601 timestamp, or a string with a relative timestamp. See the general integration guide for more details
limit (int) – Limit the number of search results (default 25)
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.sampledb.v2.sample.delete_sample(sha256: str, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Delete a sample and all of its resources including submissions, analyses, links, classifications, verdicts, and jobs. A minimal metadata record will be left behind (DEV)
- Parameters
sha256 (str) – Sha256 of the sample
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
AnErrorOccurredException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.sampledb.v2.sample.download_raw_sample(sha256: str, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) requests.models.Response #
Download a raw sample file. Warning: The file returned may be malicious. Take caution (INTERNAL)
- Parameters
sha256 (str) – Sha256 of the sample
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
AnErrorOccurredException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
requests.Response
object
- argus_api.lib.sampledb.v2.sample.download_safe_sample(sha256: str, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) requests.models.Response #
Download a zipped sample file, password protected with the password “infected”. Warning: The zipped file may be malicious. Take caution (INTERNAL)
- Parameters
sha256 (str) – Sha256 of the sample
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
AnErrorOccurredException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
requests.Response
object
- argus_api.lib.sampledb.v2.sample.get_analysis(sha256: str, analysisID: str, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Fetches the analysis for the sample with the given ID (DEV)
- Parameters
sha256 (str) – Sha256 of sample to fetch the analysis from
analysisID (str) – ID of the analysis to fetch
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ObjectNotFoundException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.sampledb.v2.sample.get_analysis_summary(sha256: str, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Get a summary of all analysis results for a given sample (DEV)
- Parameters
sha256 (str) – Sha256 of sample to fetch the analysis summary from
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ObjectNotFoundException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.sampledb.v2.sample.get_evidence(sha256: str, analysisID: str, evidenceID: str, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Fetches the evidence metadata for the analysis for the sample with the given ID (DEV)
- Parameters
sha256 (str) – Sha256 of sample to fetch the analysis from
analysisID (str) – ID of the analysis the evidence is for
evidenceID (str) – ID of the evidence to fetch
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ObjectNotFoundException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.sampledb.v2.sample.get_evidence_data(sha256: str, analysisID: str, evidenceID: str, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) requests.models.Response #
Returns the evidence file. (DEV)
- Parameters
sha256 (str) – Sha256 of sample the analysis is from
analysisID (str) – The ID of the analysis you want to fetch evidence from
evidenceID (str) – The ID of the evidence data you want to fetch
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ObjectNotFoundException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
requests.Response
object
- argus_api.lib.sampledb.v2.sample.get_link(sha256: str, linkID: str, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Fetches the link for the sample with the given ID (DEV)
- Parameters
sha256 (str) – Sha256 of sample to fetch the link from
linkID (str) – ID of the link to fetch
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ObjectNotFoundException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.sampledb.v2.sample.get_link_summary(sha256: str, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Get a summary of up to 1000 links for a given sample (DEV)
- Parameters
sha256 (str) – Sha256 of the sample to fetch the links summary from
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ObjectNotFoundException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.sampledb.v2.sample.get_sample_meta_data(sha256: str, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Fetch meta data about a sample file (INTERNAL)
- Parameters
sha256 (str) – Sha256 of the sample
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
AnErrorOccurredException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.sampledb.v2.sample.get_submission(sha256: str, submissionID: str, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Fetch a submission for the sample with the given ID (INTERNAL)
- Parameters
sha256 (str) – Sha256 of the sample the submission belongs to
submissionID (str) – The ID of the submission to fetch
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
TheSampleCouldNotBeFoundException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.sampledb.v2.sample.get_upload_challenge(sha256: str, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Generate a new challenge for a sample. The solution of the challenge is SHA256(x) where x is ‘length’ bytes of data starting from ‘offset’ bytes into the sample file (INTERNAL)
- Parameters
sha256 (str) – Sha256 of sample to get submission challenge for
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
TheSampleCouldNotBeFoundException – on 404
ValidationErrorException – on 412
TheSampleFileIsTooSmall.UploadTheFullSampleAndUseTheChallengeTokenReturnedInThatResponseAsProofException – on 422
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.sampledb.v2.sample.list_analysis(sha256: str, limit: int = 25, offset: int = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Lists the analysis for the sample (DEV)
- Parameters
sha256 (str) – Sha256 of sample to fetch the analysis from
limit (int) – Maximum number of returned results
offset (int) – Skip a number of results
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ObjectNotFoundException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.sampledb.v2.sample.list_classifications(sha256: str, sortBy: str = None, limit: int = 25, offset: int = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Fetch all classifications for a sample (DEV)
- Parameters
sha256 (str) – Sha256 of the sample
sortBy (list) – The field on which to sort the classifications. Prefix with ‘-’ to sort descending
limit (int) – The maximum number of classifications to return
offset (int) – Skip a number of results
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
AnErrorOccurredException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.sampledb.v2.sample.list_evidence(sha256: str, analysisID: str, limit: int = 25, offset: int = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Lists the evidence metadata for the analysis (DEV)
- Parameters
sha256 (str) – Sha256 of sample the analysis is from
analysisID (str) – The ID of the analysis you want to list evidence from
limit (int) – Maximum number of returned results
offset (int) – Skip a number of results
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ObjectNotFoundException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.sampledb.v2.sample.list_links(sha256: str, limit: int = 25, offset: int = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Lists the links for the sample (DEV)
- Parameters
sha256 (str) – Sha256 of sample to fetch the link from
limit (int) – Maximum number of returned results
offset (int) – Skip a number of results
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ObjectNotFoundException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.sampledb.v2.sample.list_static_fact(sha256: str, sortBy: str = None, key: str = None, limit: int = 25, offset: int = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Endpoint for listing the static facts for a sample (DEV)
- Parameters
sha256 (str) – Sha256 of the sample the static facts are for
sortBy (list) – Sort order of returned results. Prefix with ‘-’ to sort descending
key (list) – A set of keys to search for
limit (int) – Maximum number of returned results
offset (int) – Skip a number of results
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ObjectNotFoundException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.sampledb.v2.sample.list_submissions(sha256: str, limit: int = 25, offset: int = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
List all the submissions for a sample (INTERNAL)
- Parameters
sha256 (str) – Sha256 of the sample to fetch submissions for
limit (int) – Maximum number of returned results
offset (int) – Skip a number of results
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
TheSampleCouldNotBeFoundException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.sampledb.v2.sample.list_verdicts(sha256: str, sortBy: str = None, limit: int = 25, offset: int = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
List all verdicts for a sample (DEV)
- Parameters
sha256 (str) – Sha256 of the sample to fetch verdicts for
sortBy (list) – The field on which to sort the verdicts. Prefix any of the allowed values with ‘-’ to sort descending
limit (int) – Maximum number of returned results
offset (int) – Skip a number of results
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
NotFoundException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.sampledb.v2.sample.reanalyse_sample(sha256: str, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Triggering reanalysis of a Sample without having to upload a new submission. (DEV)
- Parameters
sha256 (str) – Sha256 of the sample
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
AnErrorOccurredException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.sampledb.v2.sample.reclassify_sample(sha256: str, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Manually reclassify an existing sample (DEV)
- Parameters
sha256 (str) – Sha256 of the sample
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ObjectNotFoundException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.sampledb.v2.sample.simple_search(sortBy: str = None, keywords: str = None, keywordFieldStrategy: str = None, limit: int = 25, indexStartTimestamp: str = 'now - 1 month', indexEndTimestamp: str = 'now', keywordMatchStrategy: str = 'any', json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Simple search for samples (DEV)
- Parameters
sortBy (list) – The fields to sort the results by. Prefix with ‘-’ to sort descending
keywords (list) – A set of keywords to search for
keywordFieldStrategy (list) – Which fields to search on
limit (int) – Maximum number of returned results
indexStartTimestamp (str) – Restrict search to data after this time. Timestamps can be milliseconds since epoch, ISO8601 timestamp, or a string with a relative timestamp. See the general integration guide for more details
indexEndTimestamp (str) – Restrict search to data before this time. Timestamps can be milliseconds since epoch, ISO8601 timestamp, or a string with a relative timestamp. See the general integration guide for more details
keywordMatchStrategy (str) – Whether the keywords must match all or any of the keyword fields
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON
- argus_api.lib.sampledb.v2.sample.upload_evidence(sha256: str, analysisID: str, fileName: str, internal: bool = None, potentiallyMalicious: bool = None, json: bool = True, verify: Optional[bool] = None, proxies: Optional[dict] = None, apiKey: Optional[str] = None, authentication: Optional[dict] = None, server_url: Optional[str] = None, body: Optional[dict] = None, api_session: Optional[ArgusAPISession] = None) dict #
Uploads an evidence file (DEV)
- Parameters
sha256 (str) – Sha256 of sample that holds the analysis
analysisID (str) – UUID of analysis to add evidence to
fileName (str) – The name of the evidence file to upload
internal (bool) – If the evidence is internal
potentiallyMalicious (bool) – If the evidence is potentially malicious
json – return the response’s body as a
dict
parsed from json.True
by default. If set to false, the rawrequests.Response
object will be returned.verify – path to a certificate bundle or boolean indicating whether SSL verification should be performed.
apiKey – Argus API key.
authentication – authentication override
server_url – API base URL override
body – body of the request. other parameters will override keys defined in the body.
api_session – session to use for this request. If not set, the global session will be used.
- Raises
AuthenticationFailedException – on 401
AccessDeniedException – on 403
ObjectNotFoundException – on 404
ValidationErrorException – on 412
ArgusException – on other status codes
- Returns
dictionary translated from JSON