laceworkreports is a Python cli/package for creating reports from Lacework data.
Project description
Lacework Reports CLI/SDK
🚀 Features
- Retrieve Lacework API data from activities, entities, queries, configs
- Save results as csv, json, or to postgres
- Transform results using jinja template
- Override returned field names using field_map (supports nested json notation: parent.child.value)
- Stores complex json objects as JSONB in postgres
- Flatten json structures before writing
CLI Usage
laceworkreports export vulnerabilities hosts csv --file-path="export.csv"
See CLI README for details.
SDK Usage
from laceworkreports import common
from laceworkreports.sdk.DataHandlers import (
DataHandlerTypes,
ExportHandler,
QueryHandler,
)
eh = ExportHandler(
format=DataHandlerTypes.CSV,
results=QueryHandler(
client=LaceworkClient(),
type=common.ObjectTypes.Activities.value,
object=common.ActivitiesTypes.DNSSummaries.value,
filters=[{"field": "mid", "expression": "eq", "value": 851}],
returns=["fqdn"],
).execute(),
file_path="export.csv",
).export()
See example.py for details.
Installation
pip install -U laceworkreports
or install with Poetry
poetry add laceworkreports
Then you can run
laceworkreports --help
or with Poetry
:
poetry run laceworkreports --help
or run with docker
:
docker run --rm -it --name laceworkreports \
-v ~/.lacework.toml:/home/user/.lacework.toml -v $(pwd)/reports:/app/reports \
laceworkps/laceworkreports:latest --help
or run with docker
and start a shell:
docker run --rm --entrypoint="/bin/bash" -it --name laceworkreports \
-v ~/.lacework.toml:/home/user/.lacework.toml -v $(pwd)/reports:/app/reports \
laceworkps/laceworkreports:latest --help
or run with docker
and force uid:gid on the volume mount (may be required for write permissions):
docker run --rm -it \
--name laceworkreports \
-v ~/.lacework.toml:/home/user/.lacework.toml \
-v $(pwd)/reports:/app/reports \
--env=HOME=/home/user \
--user $UID:$GID \
laceworkps/laceworkreports:latest
📈 Releases
You can see the list of available releases on the GitHub Releases page.
We follow Semantic Versions specification.
We use Release Drafter
. As pull requests are merged, a draft release is kept up-to-date listing the changes, ready to publish when you’re ready. With the categories option, you can categorize pull requests in release notes using labels.
List of labels and corresponding titles
Label | Title in Releases |
---|---|
enhancement , feature |
🚀 Features |
bug , refactoring , bugfix , fix |
🔧 Fixes & Refactoring |
build , ci , testing |
📦 Build System & CI/CD |
breaking |
💥 Breaking Changes |
documentation |
📝 Documentation |
dependencies |
⬆️ Dependencies updates |
🛡 License
This project is licensed under the terms of the BSD-3
license. See LICENSE for more details.
📃 Citation
@misc{laceworkreports,
author = {Lacework Inc.},
title = {laceworkreports is a Python cli/package for creating reports from Lacework data.},
year = {2022},
publisher = {GitHub},
journal = {GitHub repository},
howpublished = {\url{https://github.com/laceworkps/laceworkreports}}
}
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for laceworkreports-1.3.48-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 1ff7c896299da167563473b08326e06bb8e20527acea8730161eb848736d38f2 |
|
MD5 | 89fd119fb145bf8f02933f7414607aaa |
|
BLAKE2b-256 | 56f818a39073db2330b4bff14a37fd162b4cfae6b0c6bbee6930ac4c7a738984 |