BroBox API client
Project description
Overview
This tool provides a command-line client for BroBox One, a Bro appliance engineered from the ground up by Bro’s creators to transform network traffic into high-fidelity data for your analytics pipeline. Using the command-line client, you can configure and control a BroBox remotely through its comprehensive RESTful API. See the BroBox documentation for an extended version of this client overview.
- Version:
1.0.4
- Home:
- GitHub:
- Author:
License
This client is open-source under a BSD license. See COPYING for details.
Installation
The command-line client needs Python >= 3.4 with the requests module installed as its main dependency.
The easiest way to install the client is through the Python Package Index:
# pip3 install brobox-client
Alternatively, you can install the latest version from GitHub:
# git clone https://github.com/corelight/brobox-client # cd brobox-client # python3 setup.py install
If everything is installed correctly, --help will give you a usage message:
# brobox --help Usage: brobox [<global options>] <command> <subcommand> [<options>] [--ssl-ca-cert SSL_CA_CERT] [--ssl-no-verify-certificate] [--ssl-no-verify-hostname] [--cache CACHE] [...]
Note that initially, --help will not yet show you any further commands to use. Proceed to the next section to let the client connect to your device.
Access and Authentication
You need to enable access to the BroBox API through the device’s configuration interface. You also need to set passwords for the API users admin (for unlimited access) and monitor (for read-only access). See the BroBox documentation for more information.
Next, you need to tell the brobox client the network address of your BroBox. You have three choices for doing that:
Add -b <address> to the command-line.
Create a configuration file ~/.broboxrc with the content brobox=<address>.
Set the environment variable BROBOX=<address>.
If that’s all set up, brobox --help will now ask you for a username and password, and then show you the full list of commands that the device API enables the client to offer. If you confirm saving the credentials, the client will store them in ~/.brobox/credentials for future reuse. You can also specify authentication information through the Configuration File or as Global Options.
Usage
The client offers the API’s functionality through a set of commands of the format <command> <subcommand> [options]. By adding --help to any command, you get a description of all its functionality and options.
If the --help output lists a command’s option as being of type file, the client requires you to specify the path to a file to send. In addition, you can prefix any option’s value with file:// to read its content from a file instead of giving it on the command-line itself.
(Note: The --help output will contain the list of commands only if the client can connect, and authenticate, to the device.)
Global Options
The brobox client support the following global command-line options with all operations:
- --async
Does not wait for asynchronous commands to complete before exiting.
- --brobox
Specifies the network address of the BroBox device.
- --cache=<file>
Sets a custom file for caching BroBox meta data.
- --debug
Enables debugging output showing HTTP requests and replies.
- --password
Specifies the password for authentication.
- --ssl-ca-cert
Specifies a file containing a custom SSL CA certificate for validating the device’s authenticity.
- --ssl-no-verify-certificate
Instructs the client to accept any BroBox device SSL certificate.
- --ssl-no-verify-hostname
Instructs the client to accept the BroBox’s device SSL certificate even if it does not match its hostname.
- --user
Specifies the user name for authentication.
- --version
Displays the version of the brobox client and exits.
Configuration File
The brobox clients looks for a configuration file ~/.broboxrc. The file must consist of lines <key>=<value>. Comments starting with # are ignored. brobox support the following keys:
- brobox
The network address of the BroBox device.
- user
The user name for authentication.
- password
The password for authentication.
- ssl-ca-cert
A file containing a custom SSL CA certificate for validating the device’s authenticity.
- ssl-no-verify-certificate
If set to false, the client will accept any BroBox device SSL certificate.
- ssl-no-verify-hostname
If set to false, the client will accept the BroBox’ device SSL certificate even if it does not match its hostname.
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distribution
Hashes for brobox_client-1.0.4-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | b2b5d820a09b70d9d57f4146a285e7b0e6f0903de20aaaa85446cf2b82f2f53a |
|
MD5 | 41cf64be277863a5463c13a7db359c1f |
|
BLAKE2b-256 | 7813f782c32a6364009f0f82eabf4465f423bee0850626404a03991a2cdcd281 |