intelxpy 5.0.0

Robust Python SDK and CLI for IntelX's API

IntelXPy

Robust Python SDK and Command Line Client for interacting with IntelX's API.

Features

• Easy one-time configuration with self documented help and hints along the way.
• Request new analysis for observables and files.
  • Select which analyzers you want to run for every analysis you perform.
  • Choose whether you want to HTTP poll for the analysis to finish or not.
• List all jobs or view one job in a prettified tabular form.
• List all tags or view one tag in a prettified tabular form.
• Tabular view of the analyzer_config.json and connector_config.json from IntelX with RegEx matching capabilities.

Demo

Installation

$ pip3 install intelxpy

For development/testing, pip3 install intelxpy[dev]

Quickstart

As Command Line Client

On successful installation, The intelxpy entryscript should be directly invokable. For example,

$ intelxpy
Usage: intelxpy [OPTIONS] COMMAND [ARGS]...

Options:
  -d, --debug  Set log level to DEBUG
  --version    Show the version and exit.
  -h, --help   Show this message and exit.

Commands:
  analyse                Send new analysis request
  analyzer-healthcheck   Send healthcheck request for an analyzer...
  config                 Set or view config variables
  connector-healthcheck  Send healthcheck request for a connector
  get-analyzer-config    Get current state of `analyzer_config.json` from...
  get-connector-config   Get current state of `connector_config.json` from...
  jobs                   Manage Jobs
  tags                   Manage tags

As a library / SDK

from intelxpy import IntelX
obj = IntelX("<your_api_key>", "<your_intelx_instance_url>", "optional<path_to_pem_file>", "optional<proxies>")

For more comprehensive documentation, please see https://intelxpy.readthedocs.io/.

Changelog

View CHANGELOG.md.

FAQ

Generate API key

You need a valid API key to interact with the IntelX server. Keys should be created from the admin interface of IntelX: you have to go in the Durin section (click on Auth tokens) and generate a key there.

Incompatibility after version 3.0

We did a complete rewrite of the IntelXPy client and CLI both for the version 3.0.0. We very much recommend you to update to the latest version to enjoy all new features.

(old auth method) JWT Token Authentication

this auth was available in IntelX versions <1.8.0 and intelxpy versions <2.0.0

From the admin interface of IntelX, you have to go in the Outstanding tokens section and generate a token there.

You can use it by pasting it into the file api_token.txt.