SecAutoBan SDK
Verified details
These details have been verified by PyPIProject links
GitHub Statistics
Maintainers
Project description
SecAutoBan Python SDK
安装
pip3 install SecAutoBan
样例
告警模块
from SecAutoBan import SecAutoBan
def alarm_analysis(ws_client):
ws_client.send_alarm("127.1.0.3", "127.0.0.1", "NMAP 扫描")
sec_auto_ban = SecAutoBan(
server_ip="127.0.0.1",
server_port=8000,
sk="sk-*****",
client_type="alarm",
alarm_analysis=alarm_analysis
)
sec_auto_ban.run()
封禁模块
from SecAutoBan import SecAutoBan
def block_ip(ip):
if check_exist_ip(ip):
return
pass
def unblock_ip(ip):
pass
def get_all_block_ip() -> list:
ip_list = []
return ip_list
def check_exist_ip(ip) -> bool:
return ip in get_all_block_ip()
sec_auto_ban = SecAutoBan(
server_ip="127.0.0.1",
server_port=8000,
sk="sk-*****",
client_type="block",
block_ip=block_ip,
unblock_ip=unblock_ip,
get_all_block_ip=get_all_block_ip,
enable_cidr=False
)
sec_auto_ban.run()
参数说明
| 参数 | 描述 | 是否需要填写 |
|---|---|---|
| server_ip | 核心模块回连IP | 需要 |
| server_port | 核心模块回连端口 | 需要 |
| sk | 设备页面生成的密钥 | 需要 |
| client_type | 模块类型(alarm/block) |
需要 |
| enable_cidr | 封禁模块是否开启 Cidr 封禁,若开启block_ip()和unblock_ip()参数将传入Cidr |
可选,默认为 False |
| alarm_analysis | 告警分析函数 | alarm模块必填 |
| block_ip | 封禁函数 | block模块必填 |
| unblock_ip | 解禁函数 | block模块必填 |
| get_all_block_ip | 获取设备中全部封禁IP函数 | block模块可选 |
| login_success_callback | 登陆成功回调 | 可选 |
SDK调用方法
send_alarm()
告警设备向平台发送告警信息。
eg:
def alarm_analysis(ws_client):
ws_client.send_alarm("攻击IP", "被攻击资产", "攻击方式")
or:
sec_auto_ban.send_alarm("攻击IP", "被攻击资产", "攻击方式")
send_notify()
向平台发送通知。
eg:
sec_auto_ban.send_notify("封禁失败", "xxx设备无法连接服务器")
send_sync()
封禁设备主动向平台请求全部封禁IP。常用于脚本第一次启动,需同步全量IP场景。
eg:
def login_success_callback():
sec_auto_ban.send_sync()
Project details
Verified details
These details have been verified by PyPIProject links
GitHub Statistics
Maintainers
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
secautoban-5.0.0.tar.gz
(4.5 kB
view details)
File details
Details for the file secautoban-5.0.0.tar.gz.
File metadata
- Download URL: secautoban-5.0.0.tar.gz
- Upload date:
- Size: 4.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.12.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
b38fe7bc8e93851fbdca95698889bb14f1214a46a9b183c77082f17a0143a90e
|
|
| MD5 |
0a6826f73947239f13c57caf0972527d
|
|
| BLAKE2b-256 |
39df5b13b4d04dd6ce0fdcbfd85f168a82e32ba68c2157ab5681c3d96b3f2282
|
Provenance
The following attestation bundles were made for secautoban-5.0.0.tar.gz:
Publisher:
python_sdk.yml on SecAegis/SecAutoBan
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
secautoban-5.0.0.tar.gz -
Subject digest:
b38fe7bc8e93851fbdca95698889bb14f1214a46a9b183c77082f17a0143a90e - Sigstore transparency entry: 315935471
- Sigstore integration time:
-
Permalink:
SecAegis/SecAutoBan@2405b645b544c091a5c254b905bd57252e070503 -
Branch / Tag:
refs/tags/v5.0.0 - Owner: https://github.com/SecAegis
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
python_sdk.yml@2405b645b544c091a5c254b905bd57252e070503 -
Trigger Event:
push
-
Statement type:
