Taegis IPython Magics

Navigation

Verified details

These details have been verified by PyPI
Project links
Maintainers
Avatar for mpegman-scwx from gravatar.com mpegman-scwx

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License (Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR U...)
  • Author: Micah Pegman
  • Requires: Python >=3.8
  • Provides-Extra: dev
Classifiers

Project description

Taegis Magic

Taegis Magic is a Jupyter Notebook and Command Line Interface for interacting with the Secureworks Taegis™ security platform. The Magics project is intended to assist users with workflows and analysis through Jupyter Notebook integrations and Pandas DataFrames.

Installation

python -m pip install taegis-magic

Help

$ taegis --help

 Usage: taegis [OPTIONS] COMMAND [ARGS]...                                                         
                                                                                                   
 Taegis Magic main callback.                                                                       
                                                                                                   
╭─ Options ───────────────────────────────────────────────────────────────────────────────────────╮
│ --warning                 --no-warning          [default: warning]                              │
│ --verbose                 --no-verbose          [default: no-verbose]                           │
│ --debug                   --no-debug            [default: no-debug]                             │
│ --trace                   --no-trace            [default: no-trace]                             │
│ --sdk-warning             --no-sdk-warning      [default: no-sdk-warning]                       │
│ --sdk-verbose             --no-sdk-verbose      [default: no-sdk-verbose]                       │
│ --sdk-debug               --no-sdk-debug        [default: no-sdk-debug]                         │
│ --install-completion                            Install completion for the current shell.       │
│ --show-completion                               Show completion for the current shell, to copy  │
│                                                 it or customize the installation.               │
│ --help                -h                        Show this message and exit.                     │
╰─────────────────────────────────────────────────────────────────────────────────────────────────╯
╭─ Commands ──────────────────────────────────────────────────────────────────────────────────────╮
│ alerts                                                                                          │
│ audits                                                                                          │
│ clients                                                                                         │
│ configure                                                                                       │
│ events                                                                                          │
│ investigations                                                                                  │
│ preferences                                                                                     │
│ rules                                                                                           │
│ tenants                                                                                         │
│ threat                                                                                          │
│ users                                                                                           │
╰─────────────────────────────────────────────────────────────────────────────────────────────────╯

Sample Usage

For more in depth examples see docs.

CLI

taegis alerts search --limit 2 --cell "FROM alert EARLIEST=-1d" --graphql-output "alerts { list { id metadata { title } } }"

Magic

%load_ext taegis_magic

%%taegis alerts search --limit 10 --graphql-output "alerts { list { id metadata { title } } }" --assign df --display df
FROM alert
EARLIEST=-1d
id metadata.title
0 alert://priv:event-filter:xxxxx:1668534654520:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx AWS - GetCredentialReport
1 alert://priv:event-filter:xxxxx:1668534458035:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx AWS - GetCredentialReport
2 alert://priv:event-filter:xxxxx:1668534458036:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx AWS - GetCredentialReport
3 alert://priv:event-filter:xxxxx:1668534458037:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx AWS - GetCredentialReport
4 alert://priv:event-filter:xxxxx:1668534458038:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx AWS - GetCredentialReport
5 alert://priv:event-filter:xxxxx:1668534458039:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx AWS - GetCredentialReport
6 alert://priv:event-filter:xxxxx:1668534458040:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx AWS - GetCredentialReport
7 alert://priv:event-filter:xxxxx:1668534458040:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx AWS - GetCredentialReport
8 alert://priv:event-filter:xxxxx:1668534458040:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx AWS - GetCredentialReport
9 alert://priv:event-filter:xxxxx:1668534458042:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx AWS - GetCredentialReport

Project details

Verified details

These details have been verified by PyPI
Project links
Maintainers
Avatar for mpegman-scwx from gravatar.com mpegman-scwx

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License (Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR U...)
  • Author: Micah Pegman
  • Requires: Python >=3.8
  • Provides-Extra: dev
Classifiers

Release history Release notifications | RSS feed

This version

2024.10.9

2024.10.8

2024.10.7

2024.9.10

2024.7.16

2024.5.24

2024.3.29

2023.11.13

2023.9.15

2023.8.30

0.0.1a0 pre-release

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

taegis_magic-2024.10.9.tar.gz (52.7 kB view details)

Uploaded Source

Built Distribution

taegis_magic-2024.10.9-py3-none-any.whl (74.8 kB view details)

Uploaded Python 3

File details

Details for the file taegis_magic-2024.10.9.tar.gz.

File metadata

  • Download URL: taegis_magic-2024.10.9.tar.gz
  • Upload date:
  • Size: 52.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.1.1 CPython/3.12.7

File hashes

Hashes for taegis_magic-2024.10.9.tar.gz
Algorithm Hash digest
SHA256 af5635e0ee88db577846a8c943548a8f075d8e3a970f7a4695678a37b76e907d
MD5 7a6a732e0f8e716457c57dc943af4d30
BLAKE2b-256 b0254e1217af174e50c29a54cf772b8a387f1a420635ba1539a2e919372ffdb1

See more details on using hashes here.

File details

Details for the file taegis_magic-2024.10.9-py3-none-any.whl.

File metadata

File hashes

Hashes for taegis_magic-2024.10.9-py3-none-any.whl
Algorithm Hash digest
SHA256 cae7951a40e1e561bc0801992da356d343ca25d985a731db79497e0baaf949c7
MD5 2c52d44a25369bb689c9c38316af4404
BLAKE2b-256 92569ef17de7260e91c66c6394f9c07b98d33ebe31a5aedfd454a7d591d25560

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page