pytmv1 0.9.7

Python library for Trend Micro Vision One™

PyTMV1: Python Library for TrendAI Vision One™

Prerequisites

Using this project requires at least Python 3.8.

Features

• A thread-safe client for your application.
• HTTP pooling capabilities.
• Easy integration with TrendAI Vision One APIs.

Configuration

parameter	description
name	Identify the application using this library.
token	Authentication token created for your account.
url	Vision One API url this client connects to.
pool_connections	Number of connection pools to cache (defaults to 1).
pool_maxsize	Maximum size of the pool (defaults to 1).

Quick start

Installation

pip install pytmv1

Usage

>> import pytmv1
>> client = pytmv1.init("MyApplication", "Token", "https://api.xdr.trendmicro.com")
>> result = client.object.list_exception()
>> result.response
GetExceptionListResp(
    next_link=None,
    items=[
        ExceptionObject(
            url='https://*.example.com/path1/*',
            type= < ObjectType.URL: 'url' >,
            last_modified_date_time = '2023-01-12T14:05:37Z',
            description = 'object description'
        )
    ]
)
>> result.result_code
ResultCode.SUCCESS

Build the project

Set virtual env

python3 -m venv venv
source venv/bin/activate

Install dependencies

pip install -e ".[dev]"

Build

hatch build

Run unit tests

pytest --verbose ./tests/unit

Run integration tests

• $url: Vision One API url (i.e: https://api.xdr.trendmicro.com)

pytest --mock-url="$url" --verbose ./tests/integration

Supported APIs

Python	Vision One
Connectivity
system.check_connectivity	Check availability of service
API Keys
api_key.create	Create API Keys
api_key.get	Get API key
api_key.update	Update API key
api_key.delete	Delete API keys
api_key.[list, consume]	List API keys
Common
task.get_result	Download response task results
Custom Scripts
script.create	Add custom script
script.download	Download custom script
script.update	Update custom script
script.delete	Delete custom script
script.run	Run custom script
script.[list, consume]	List custom scripts
Domain Account
account.enable	Enable user account
account.disable	Disable user account
account.sign_out	Force sign out
account.reset	Force password reset
Email
email.restore	Restore email message
email.quarantine	Quarantine email message
email.delete	Delete email message
Endpoint
endpoint.collect_file	Collect file
endpoint.isolate	Isolate endpoint
endpoint.restore	Restore endpoint
endpoint.terminate_process	Terminate process
Observed Attack Techniques
oat.[list, consume]	Get Observed Attack Techniques events
Observed Attack Techniques Pipeline
oat.create_pipeline	Registers a customer to the Observed Attack Techniques data pipeline
oat.list_pipelines	Get active data pipelines
oat.update_pipeline	Modify data pipeline settings
oat.get_pipeline	Get pipeline settings
oat.delete_pipelines	Unregister from data pipeline
oat.list_packages/consume_packages	Get Observed Attack Techniques event packages
oat.get_package	Get Observed Attack Techniques package
Sandbox Analysis
sandbox.submit_file	Submit file to sandbox
sandbox.submit_url	Submit URLs to sandbox
sandbox.get_analysis_result	Get analysis results
sandbox.get_submission_status	Get submission status
sandbox.download_analysis_result	Download analysis results
sandbox.download_investigation_package	Download investigation package
sandbox.list_suspicious	Download suspicious object list
Search
email.get_activity_count	Get email activity data count
email.[list_activity, consume_activity]	Get email activity data
endpoint.get_activity_count	Get endpoint activity data count
endpoint.[list_data, consume_data]	Get endpoint data
endpoint.[list_activity, consume_activity]	Get endpoint activity data
Suspicious Objects
object.add_block	Add to block list
object.delete_block	Remove from block list
Suspicious Object Exception List
object.add_exception	Add to exception list
object.delete_exception	Remove from exception list
object.[list_exception, consume_exception]	Get exception list
Suspicious Object List
object.add_suspicious	Add to suspicious object list
object.delete_suspicious	Remove from suspicious object list
object.[list_suspicious, consume_suspicious]	List suspicious objects
Workbench
alert.get	Get alert details
alert.update_status	Modify alert status
alert.[list, consume]	Get alerts list
Workbench Notes
note.create	Add alert note
note.get	Get alert note
note.update	Edit alert note
note.delete	Delete alert notes
note.[list, consume]	Get alerts notes

Contributing

Read our contributing guide to learn about our development process, how to propose bug fixes and improvements, and how to build and test your changes to TrendAI Vision One.

Code of conduct

TrendAI™ has adopted a Code of Conduct that we expect project participants to adhere to. Please read the full text to understand what actions will and will not be tolerated.

License

Project distributed under the Apache 2.0 license.