Sixgill clients package
Project description
Sixgill Clients
This module provides simple clients for two of Sixgill’s APIs:
- Sixgill Darkfeed (IOC) Client
- Sixgill Alerts Client
Sixgill Darkfeed Client Arguments
- client_id (Mandatory) - Your client id obtained by Sixgill’s portal,
- client_secret (Mandatory) - Your client secret obtained by Sixgill’s portal,
- channel_id (Mandatory) - Supported Sixgill channel id. If you don't have such a channel id please contact Sixgill's support (support@cybersixgill.com).
- logger (Optional) - Logger.
- bulk_size (Optional) - requests bulk size, default 1000 items.
- session (Optional) - Session object which manage and persist settings across requests (cookies, auth, proxies) default=requests.Session().
Supported Functions
get_bundle(self) -> Dict[str, Any]
- Returns a Bundle - A collection of arbitrary STIX v2.0 Objects
{
'id': 'bundle--bcbb94ea-2d3a-43f1-8c1a-62002594d2ba',
'objects': [{<STIX Domain Object, STIX Relationship Object, Marking Definition>}],
'spec_version': '2.0',
'type': 'bundle'
}
get_indicator(self)
- Returns a generator of STIX v2.0 items, while auto committing items that are read
commit_indicators(self)
- Commit on bundle.
- Ack server and notify indicators were received.
- As long as the server doesn't receive an Ack, the same items on each get_bundle() function call will be retrieved.
Quick Example
from sixgill.sixgill_darkfeed_client import SixgillDarkFeedClient
CLIENT_ID = "<Replace with your client id>"
CLIENT_SECRET = "<Replace with your client secret>"
CHANNEL_ID = "<Replace with channel id>"
sixgill_darkfeed_client = SixgillDarkFeedClient(CLIENT_ID, CLIENT_SECRET, CHANNEL_ID)
for indicator in sixgill_darkfeed_client.get_indicator():
print(indicator)
Sixgill Alert Client Arguments
- client_id (Mandatory) - Your client id obtained by Sixgill’s portal,
- client_secret (Mandatory) - Your client secret obtained by Sixgill’s portal,
- channel_id (Mandatory) - Supported Sixgill channel id. If you don't have such a channel id please contact Sixgill's support (support@cybersixgill.com).
- logger (Optional) - Logger.
- bulk_size (Optional) - requests bulk size, default 1000 items.
- session (Optional) - Session object which manage and persist settings across requests (cookies, auth, proxies) default=requests.Session().
Supported Functions
get_alerts_bulk(self, include_delivered_items: bool = True, sort_by: str = None, sort_order: str = None, is_read: str = None, severity: str = None, threat_level: str = None, threat_type: str = None) -> List[Dict[str, Any]]
-
params:
- include_delivered_items (Optional) - Should previously-delivered items be included in the response, Default False.
- sort_by (Optional) - One of the following [date, alert_name, severity, threat_level]. Default date.
- sort_order (Optional) - One of the following [asc, desc]. Default desc.
- is_read (Optional) - Filter alerts that were read \ unread. One of the following[read, unread]. Default None.
- severity (Optional) - Filter by alert severity. One of the following[low, med, high]. Default None.
- threat_level (Optional) - Filter by alert threat level. One of the following[imminent, emerging]. Default None.
- threat_type (Optional) - Filter by field threat type. Default None.
-
Returns a list of Sixgill alerts
get_alert(self, sort_by: str = None, sort_order: str = None, is_read: str = None, severity: str = None, threat_level: str = None, threat_type: str = None)
-
params:
- sort_by (Optional) - One of the following [date, alert_name, severity, threat_level]. Default date.
- sort_order (Optional) - One of the following [asc, desc]. Default desc.
- is_read (Optional) - Filter alerts that were read \ unread. One of the following[read, unread]. Default None.
- severity (Optional) - Filter by alert severity. One of the following[low, med, high]. Default None.
- threat_level (Optional) - Filter by alert threat level. One of the following[imminent, emerging]. Default None.
- threat_type (Optional) - Filter by field threat type. Default None.
-
Returns generator of Sixgill alerts, while auto committing on every bulk of ids
mark_digested_item(self, item)
- Mark an alert as consumed by storing alert id
commit_digested_items(self, force: bool = False)
- Mark a bulk of ids as consumed on Sixgill's servers
- This command is called automatically when using get_alert
Quick Example
from sixgill.sixgill_alert_client import SixgillAlertClient
CLIENT_ID = "<Replace with your client id>"
CLIENT_SECRET = "<Replace with your client secret>"
CHANNEL_ID = "<Replace with channel id>"
sixgill_alert_client = SixgillAlertClient(CLIENT_ID, CLIENT_SECRET, CHANNEL_ID)
for alert in sixgill_alert_client.get_alert():
sixgill_alert_client.mark_digested_item(alert)
print(alert)
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
sixgill-clients-0.1.1.tar.gz
(10.4 kB
view hashes)
Built Distribution
Close
Hashes for sixgill_clients-0.1.1-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | fd331c85a9d747a193f5a89c8d402a8f711dd035b4026f0052b126352fe91daa |
|
MD5 | e93dd4e940e30be00bb0f62fe426708e |
|
BLAKE2b-256 | cf8daf7878b13fec8397dd79c701f53f3f712586ee72db37e129217bdfc67bfe |