greynoise 0.4.0

Abstraction to interact with GreyNoise API.

Python GreyNoise

This is an abstract python library built on top of the GreyNoise service. It is preferred that users use this library when implementing integrations or plan to use GreyNoise within their code. The library includes a small client to interact with the API.

Quick Start

Install the library:

pip install greynoise or python setup.py install

Save your configuration:

greynoise setup --api-key <your-API-key>

Usage

Usage: greynoise [OPTIONS] COMMAND [ARGS]...

  GreyNoise CLI.

Options:
  -h, --help  Show this message and exit.

Commands:
  query*       Run a GNQL (GreyNoise Query Language) query.
  account      View information about your GreyNoise account.
  alerts       List, create, delete, and manage your GreyNoise alerts.
  analyze      Analyze the IP addresses in a log file, stdin, etc.
  feedback     Send feedback directly to the GreyNoise team.
  filter       "Filter the noise from a log file, stdin, etc.
  help         Show this message and exit.
  interesting  Report an IP as "interesting".
  ip           Query GreyNoise for all information on a given IP.
  pcap         Get PCAP for a given IP address.
  quick        Quickly check whether or not one or many IPs are "noise".
  repl         Start an interactive shell.
  setup        Configure API key.
  signature    Submit an IDS signature to GreyNoise to be deployed to all...
  stats        Get aggregate stats from a given GNQL query.
  version      Get version and OS information for your GreyNoise
               commandline...

Changelog

Version 0.4.0

Date: November 18, 2019

• API client: * add interesting method. * add filter method. * add analyze method. * add scroll and size parameters to query method. * add api_server and integration_name parameters to __init__ method.

• CLI: * add interesting subcommand. * add filter subcommand. * add analyze subcommand. * add api_server option to setup subcommand.

• Both API client and CLI: * use structlog logging library.

Version 0.3.0

Date: September 06, 2019

• API client:

  • rename API client methods to match CLI command names.

  • use LRU cache for IP context and quick check calls.

• CLI:

  • add help, repl and version subcommands.

  • global options moved to those subcommands where they apply.

  • make request timeout configurable.

Version 0.2.2

Date: August 28, 2019

• CLI: fix setup subcommand when configuration directory doesn’t exist.

Version 0.2.1

Date: August 28, 2019

• API client

  • Version sent in User-Agent header.

  • Raise RateLimitError on 429 response.

• CLI

  • Colored output.

  • Add -i / --input option.

Version 0.2.0

Date: August 21, 2019

• Complete codebase refactoring.