Taegis IPython Magics
Project description
Taegis Magic
Taegis Magic is a Jupyter Notebook and Command Line Interface for interacting with the Secureworks Taegis™ security platform. The Magics project is intended to assist users with workflows and analysis through Jupyter Notebook integrations and Pandas DataFrames.
Installation
python -m pip install taegis-magic
Help
$ taegis --help
Usage: taegis [OPTIONS] COMMAND [ARGS]...
Taegis Magic main callback.
╭─ Options ───────────────────────────────────────────────────────────────────────────────────────╮
│ --warning --no-warning [default: warning] │
│ --verbose --no-verbose [default: no-verbose] │
│ --debug --no-debug [default: no-debug] │
│ --trace --no-trace [default: no-trace] │
│ --sdk-warning --no-sdk-warning [default: no-sdk-warning] │
│ --sdk-verbose --no-sdk-verbose [default: no-sdk-verbose] │
│ --sdk-debug --no-sdk-debug [default: no-sdk-debug] │
│ --install-completion Install completion for the current shell. │
│ --show-completion Show completion for the current shell, to copy │
│ it or customize the installation. │
│ --help -h Show this message and exit. │
╰─────────────────────────────────────────────────────────────────────────────────────────────────╯
╭─ Commands ──────────────────────────────────────────────────────────────────────────────────────╮
│ alerts │
│ audits │
│ clients │
│ configure │
│ events │
│ investigations │
│ preferences │
│ rules │
│ tenants │
│ threat │
│ users │
╰─────────────────────────────────────────────────────────────────────────────────────────────────╯
Sample Usage
For more in depth examples see docs.
CLI
taegis alerts search --limit 2 --cell "FROM alert EARLIEST=-1d" --graphql-output "alerts { list { id metadata { title } } }"
Magic
%load_ext taegis_magic
%%taegis alerts search --limit 10 --graphql-output "alerts { list { id metadata { title } } }" --assign df --display df
FROM alert
EARLIEST=-1d
| id | metadata.title | |
|---|---|---|
| 0 | alert://priv:event-filter:xxxxx:1668534654520:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx | AWS - GetCredentialReport |
| 1 | alert://priv:event-filter:xxxxx:1668534458035:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx | AWS - GetCredentialReport |
| 2 | alert://priv:event-filter:xxxxx:1668534458036:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx | AWS - GetCredentialReport |
| 3 | alert://priv:event-filter:xxxxx:1668534458037:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx | AWS - GetCredentialReport |
| 4 | alert://priv:event-filter:xxxxx:1668534458038:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx | AWS - GetCredentialReport |
| 5 | alert://priv:event-filter:xxxxx:1668534458039:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx | AWS - GetCredentialReport |
| 6 | alert://priv:event-filter:xxxxx:1668534458040:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx | AWS - GetCredentialReport |
| 7 | alert://priv:event-filter:xxxxx:1668534458040:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx | AWS - GetCredentialReport |
| 8 | alert://priv:event-filter:xxxxx:1668534458040:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx | AWS - GetCredentialReport |
| 9 | alert://priv:event-filter:xxxxx:1668534458042:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx | AWS - GetCredentialReport |
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
taegis_magic-2024.10.9.tar.gz
(52.7 kB
view hashes)
Built Distribution
Close
Hashes for taegis_magic-2024.10.9-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | cae7951a40e1e561bc0801992da356d343ca25d985a731db79497e0baaf949c7 |
|
| MD5 | 2c52d44a25369bb689c9c38316af4404 |
|
| BLAKE2b-256 | 92569ef17de7260e91c66c6394f9c07b98d33ebe31a5aedfd454a7d591d25560 |
