Python command line utility to the Tenchi Security Zanshin API v1
Project description
Zanshin CLI
This Python package provides a command-line utility to interact with the API of the Zanshin SaaS service from Tenchi Security.
Is it based on the Zanshin Python SDK available on Github and PyPI.
If you are a Zanshin customer and have any questions regarding the use of the service, its API or this command-line utility, please get in touch via e-mail at support {at} tenchisecurity {dot} com or via the support widget on the Zanshin Portal.
Configuration File
The way the SDK and CLI handles credentials is by using a configuration file in the format created by the Python RawConfigParser class.
The file is located at ~/.tenchi/config, where ~ is the current user’s home directory.
Each section is treated as a configuration profile, and the SDK and CLI will look for a section called default if another is not explicitly selected.
These are the supported options:
api_key (required) which contains the Zanshin API key obtained at the Zanshin web portal.
user_agent (optional) allows you to override the default user-agent header used by the SDK when making API requests.
api_url (optional) directs the SDK and CLI to use a different API endpoint than the default (https://api.zanshin.tenchisecurity.com).
You can populate the file with the zanshin init command of the CLI tool. This is what a minimal configuration file would look like:
[default]
api_key = abcdefghijklmnopqrstuvxyz
Using the CLI Utility
This package installs a command-line utility called zanshin built with the great Typer package.
You can obtain help by using the --help option.
Keep in mind that when options are present that expect multiple values, these need to be provided as multiple options. For example if you wanted to list an organization’s alerts filtering by the OPEN and RISK_ACCEPTED states, this is the command you would use:
$ zanshin organization alerts d48edaa6-871a-4082-a196-4daab372d4a1 --state OPEN --state RISK_ACCEPTED
Command Reference
zanshin
Usage:
$ zanshin [OPTIONS] COMMAND [ARGS]...
Options:
--install-completion: Install completion for the current shell.
--show-completion: Show completion for the current shell, to copy it or customize the installation.
--help: Show this message and exit.
Commands:
init: Update settings on configuration file.
me: Show details about the owner of the API key…
organization: Operations on organizations the API key owner…
version: Display the program and Python versions in…
zanshin init
Update settings on configuration file.
Usage:
$ zanshin init [OPTIONS]
Options:
--help: Show this message and exit.
zanshin me
Show details about the owner of the API key being used.
Usage:
$ zanshin me [OPTIONS]
Options:
--profile TEXT: Configuration file section to use for credentials and other settings [default: default]
--help: Show this message and exit.
zanshin organization
Operations on organizations the API key owner has direct access to.
Usage:
$ zanshin organization [OPTIONS] COMMAND [ARGS]...
Options:
--help: Show this message and exit.
Commands:
alerts: List alerts from a given organization, with…
list: Lists the organizations this user has direct…
scan_target: Operations on scan targets from organizations…
zanshin organization alerts
List alerts from a given organization, with optional filters by scan target, state or severity.
Usage:
$ zanshin organization alerts [OPTIONS] ORGANIZATION_ID
Arguments:
ORGANIZATION_ID: UUID of the organization to list alerts from. [required]
Options:
--state [OPEN|ACTIVE|IN_PROGRESS|RISK_ACCEPTED|RESOLVED|CLOSED]: Only list alerts in the specified states. [default: OPEN, ACTIVE, IN_PROGRESS, RISK_ACCEPTED, RESOLVED]
--severity [CRITICAL|HIGH|MEDIUM|LOW|INFO]: Only list alerts with the specified severities. [default: CRITICAL, HIGH, MEDIUM, LOW, INFO]
--profile TEXT: Configuration file section to use for credentials and other settings [default: default]
--format [json|table|csv|html]: Format to use for the output. [default: json]
--help: Show this message and exit.
zanshin organization list
Lists the organizations this user has direct access to as a member.
Usage:
$ zanshin organization list [OPTIONS]
Options:
--profile TEXT: Configuration file section to use for credentials and other settings [default: default]
--format [json|table|csv|html]: Format to use for the output. [default: json]
--help: Show this message and exit.
zanshin organization scan_target
Operations on scan targets from organizations the API key owner has direct access to.
Usage:
$ zanshin organization scan_target [OPTIONS] COMMAND [ARGS]...
Options:
--help: Show this message and exit.
Commands:
check: Check an scan_target status from an…
list: Lists the scan targets from an organization…
scan: Start an Scan in a specific scan_target from…
zanshin organization scan_target check
Check an scan_target status from an organization.
Usage:
$ zanshin organization scan_target check [OPTIONS] ORGANIZATION_ID SCAN_TARGET_ID
Arguments:
ORGANIZATION_ID: UUID of the organization to list alerts from. [required]
SCAN_TARGET_ID: UUID of the scan target to start scan. [required]
Options:
--profile TEXT: Configuration file section to use for credentials and other settings [default: default]
--help: Show this message and exit.
zanshin organization scan_target list
Lists the scan targets from an organization that user has access to as a member.
Usage:
$ zanshin organization scan_target list [OPTIONS] ORGANIZATION_ID
Arguments:
ORGANIZATION_ID: UUID of the organizations whose scan targets should be listed. [required]
Options:
--profile TEXT: Configuration file section to use for credentials and other settings [default: default]
--format [json|table|csv|html]: Format to use for the output. [default: json]
--help: Show this message and exit.
zanshin organization scan_target scan
Start an Scan in a specific scan_target from an organization.
Usage:
$ zanshin organization scan_target scan [OPTIONS] ORGANIZATION_ID SCAN_TARGET_ID
Arguments:
ORGANIZATION_ID: UUID of the organization to list alerts from. [required]
SCAN_TARGET_ID: UUID of the scan target to start scan. [required]
Options:
--profile TEXT: Configuration file section to use for credentials and other settings [default: default]
--help: Show this message and exit.
zanshin version
Display the program and Python versions in use.
Usage:
$ zanshin version [OPTIONS]
Options:
--help: Show this message and exit.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.