Taegis IPython Magics
Project description
Taegis Magic
Taegis Magic is a Jupyter Notebook and Command Line Interface for interacting with the Secureworks Taegis™ security platform. The Magics project is intended to assist users with workflows and analysis through Jupyter Notebook integrations and Pandas DataFrames.
Installation
python -m pip install taegis-magic
Help
$ taegis --help
Usage: taegis [OPTIONS] COMMAND [ARGS]...
Taegis Magic main callback.
╭─ Options ───────────────────────────────────────────────────────────────────────────────────────╮
│ --warning --no-warning [default: warning] │
│ --verbose --no-verbose [default: no-verbose] │
│ --debug --no-debug [default: no-debug] │
│ --trace --no-trace [default: no-trace] │
│ --sdk-warning --no-sdk-warning [default: no-sdk-warning] │
│ --sdk-verbose --no-sdk-verbose [default: no-sdk-verbose] │
│ --sdk-debug --no-sdk-debug [default: no-sdk-debug] │
│ --install-completion Install completion for the current shell. │
│ --show-completion Show completion for the current shell, to copy │
│ it or customize the installation. │
│ --help -h Show this message and exit. │
╰─────────────────────────────────────────────────────────────────────────────────────────────────╯
╭─ Commands ──────────────────────────────────────────────────────────────────────────────────────╮
│ alerts │
│ audits │
│ clients │
│ configure │
│ events │
│ investigations │
│ preferences │
│ rules │
│ tenants │
│ threat │
│ users │
╰─────────────────────────────────────────────────────────────────────────────────────────────────╯
Sample Usage
For more in depth examples see docs.
CLI
taegis alerts search --limit 2 --cell "FROM alert EARLIEST=-1d" --graphql-output "alerts { list { id metadata { title } } }"
Magic
%load_ext taegis_magic
%%taegis alerts search --limit 10 --graphql-output "alerts { list { id metadata { title } } }" --assign df --display df
FROM alert
EARLIEST=-1d
| id | metadata.title | |
|---|---|---|
| 0 | alert://priv:event-filter:xxxxx:1668534654520:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx | AWS - GetCredentialReport |
| 1 | alert://priv:event-filter:xxxxx:1668534458035:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx | AWS - GetCredentialReport |
| 2 | alert://priv:event-filter:xxxxx:1668534458036:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx | AWS - GetCredentialReport |
| 3 | alert://priv:event-filter:xxxxx:1668534458037:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx | AWS - GetCredentialReport |
| 4 | alert://priv:event-filter:xxxxx:1668534458038:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx | AWS - GetCredentialReport |
| 5 | alert://priv:event-filter:xxxxx:1668534458039:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx | AWS - GetCredentialReport |
| 6 | alert://priv:event-filter:xxxxx:1668534458040:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx | AWS - GetCredentialReport |
| 7 | alert://priv:event-filter:xxxxx:1668534458040:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx | AWS - GetCredentialReport |
| 8 | alert://priv:event-filter:xxxxx:1668534458040:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx | AWS - GetCredentialReport |
| 9 | alert://priv:event-filter:xxxxx:1668534458042:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx | AWS - GetCredentialReport |
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
taegis_magic-2024.9.10.tar.gz
(52.4 kB
view hashes)
Built Distribution
Close
Hashes for taegis_magic-2024.9.10-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 89497cd7e9d4acb20aa1adbbc8909f66c01020030e899274e3e78558dbf13962 |
|
| MD5 | 86d61f4cb39d9ee30165fe1d1cce54c7 |
|
| BLAKE2b-256 | 356a05a22844af09071631be4014c7a64dfe5d6beba01c630aaa0921219955fd |
