OPSWAT MetaDefender InSights API client
Project description
md-insights-client-api
API client for MetaDefender InSights threat intelligence feeds.
Installation
The app has been tested on Python 3.
It's best to install the program into a Python virtual environment. The recommended way to install it is using pipx:
pipx install md-insights-client
It can also be installed using pip into a target virtualenv.
/path/to/environment/bin/python3 -m pip install md-insights-client
Configuration
A configuration file must be populated with an API key. If only querying the API to perform lookups, this configuration setting is all that is required. If retrieving snapshots, a list of feed names to retrieve must also be specified.
A sample configuration file can be copied from config/dot.md-insights.yml and
installed at $HOME/.md-insights.yml. Update the configuration file to make
the following changes:
- Set your API key.
- Uncomment feed names for the MetaDefender InSights feeds you will access (if applicable).
Don't forget to set a restrictive mode on the file:
chmod 0600 ~/.md-insights.yml
Usage
When installed, two commands are available.
md-insights-query-client
The md-insights-query-client command can be used to query the MD InSights API
to look up artifacts against one or more threat intelligence collections.
See -h/--help output for help.
To use this command, provide multiple positional arguments to the script.
- The first argument is the query type, such as
c2-dns,c2-ip,reputationorall. The specialalltype autodetects the artifact format(s) to query all relevant collections. - The second and subsequent arguments are the artifacts for which to query. One or more artifacts such as IP addresses or domain names may be specified.
For example:
md-insights-query-client all appleprocesshub.com apimonger.com
By default, response data is output in tabular format, one indicator per row
that is found in MD InSights collections. If you prefer to see the raw JSON
response format from the API, use the -j/--json option.
md-insights-snapshot-client
The md-insights-snapshot-client command can be used to download feed
snapshots. To retrieve feed snapshots, your API key must be provisioned with
access to the selected feeds.
See -h/--help output for help.
When the command is called, the client script downloads feed snapshots from the API service. As the compressed snapshots are downloaded, they are decompressed and the feeds are written to disk.
Documentation
For information about MetaDefender InSights threat intelligence feeds, see the documentation site:
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file md_insights_client-0.3.1.tar.gz.
File metadata
- Download URL: md_insights_client-0.3.1.tar.gz
- Upload date:
- Size: 9.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
3de0721af5fd6b1de5510a152bc1d81a0dee5a8ccd4892ab54dcd42e3334a132
|
|
| MD5 |
adf9fadf5f49e7efafe00c46bab8b981
|
|
| BLAKE2b-256 |
756857dd7b40a9192dc112585c5dfba2a168bb95ddc66b0fa7efc193fe1c5213
|
File details
Details for the file md_insights_client-0.3.1-py2.py3-none-any.whl.
File metadata
- Download URL: md_insights_client-0.3.1-py2.py3-none-any.whl
- Upload date:
- Size: 10.6 kB
- Tags: Python 2, Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.5
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
59449bec65d8a2e15b9b61ec3f065e667b5b423b89c2d671e8d25310411746fd
|
|
| MD5 |
22b0a6481024de1f67590baf71ca99f6
|
|
| BLAKE2b-256 |
d62f5ee7a195edcbba92207ab9be80beacd4a039d1572770927744ac91c5b9c1
|
