Taegis IPython Magics
Project description
Taegis Magic
Taegis Magic is a Jupyter Notebook and Command Line Interface for interacting with the Secureworks Taegis™ security platform. The Magics project is intended to assist users with workflows and analysis through Jupyter Notebook integrations and Pandas DataFrames.
Installation
python -m pip install taegis-magic
Help
$ taegis --help
Usage: taegis [OPTIONS] COMMAND [ARGS]...
Taegis Magic main callback.
╭─ Options ───────────────────────────────────────────────────────────────────────────────────────╮
│ --warning --no-warning [default: warning] │
│ --verbose --no-verbose [default: no-verbose] │
│ --debug --no-debug [default: no-debug] │
│ --trace --no-trace [default: no-trace] │
│ --sdk-warning --no-sdk-warning [default: no-sdk-warning] │
│ --sdk-verbose --no-sdk-verbose [default: no-sdk-verbose] │
│ --sdk-debug --no-sdk-debug [default: no-sdk-debug] │
│ --install-completion Install completion for the current shell. │
│ --show-completion Show completion for the current shell, to copy │
│ it or customize the installation. │
│ --help -h Show this message and exit. │
╰─────────────────────────────────────────────────────────────────────────────────────────────────╯
╭─ Commands ──────────────────────────────────────────────────────────────────────────────────────╮
│ alerts │
│ audits │
│ clients │
│ configure │
│ events │
│ investigations │
│ preferences │
│ rules │
│ tenants │
│ threat │
│ users │
╰─────────────────────────────────────────────────────────────────────────────────────────────────╯
Sample Usage
For more in depth examples see docs.
CLI
taegis alerts search --limit 2 --cell "FROM alert EARLIEST=-1d" --graphql-output "alerts { list { id metadata { title } } }"
Magic
%load_ext taegis_magic
%%taegis alerts search --limit 10 --graphql-output "alerts { list { id metadata { title } } }" --assign df --display df
FROM alert
EARLIEST=-1d
| id | metadata.title | |
|---|---|---|
| 0 | alert://priv:event-filter:xxxxx:1668534654520:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx | AWS - GetCredentialReport |
| 1 | alert://priv:event-filter:xxxxx:1668534458035:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx | AWS - GetCredentialReport |
| 2 | alert://priv:event-filter:xxxxx:1668534458036:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx | AWS - GetCredentialReport |
| 3 | alert://priv:event-filter:xxxxx:1668534458037:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx | AWS - GetCredentialReport |
| 4 | alert://priv:event-filter:xxxxx:1668534458038:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx | AWS - GetCredentialReport |
| 5 | alert://priv:event-filter:xxxxx:1668534458039:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx | AWS - GetCredentialReport |
| 6 | alert://priv:event-filter:xxxxx:1668534458040:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx | AWS - GetCredentialReport |
| 7 | alert://priv:event-filter:xxxxx:1668534458040:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx | AWS - GetCredentialReport |
| 8 | alert://priv:event-filter:xxxxx:1668534458040:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx | AWS - GetCredentialReport |
| 9 | alert://priv:event-filter:xxxxx:1668534458042:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx | AWS - GetCredentialReport |
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
taegis_magic-2024.5.24.tar.gz
(45.5 kB
view hashes)
Built Distribution
Close
Hashes for taegis_magic-2024.5.24-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 708118286e685901c40a5bb9a2574f64f1fcd4557a3f5f19484a4ab02443c2f6 |
|
| MD5 | d5b83e329035934c783f6c10f24a440d |
|
| BLAKE2b-256 | ac3d6adb333c186915c3624c958bc94192539ab138d8d6f2aa5805ffb354bbcc |
