zanshincli 0.1.1

Python command line utility to the Tenchi Security Zanshin API v1

Zanshin CLI

This Python package provides a command-line utility to interact with the API of the Zanshin SaaS service from Tenchi Security.

Is it based on the Zanshin Python SDK available on Github and PyPI.

If you are a Zanshin customer and have any questions regarding the use of the service, its API or this command-line utility, please get in touch via e-mail at support {at} tenchisecurity {dot} com or via the support widget on the Zanshin Portal.

Configuration File

The way the SDK and CLI handles credentials is by using a configuration file in the format created by the Python RawConfigParser class.

The file is located at ~/.tenchi/config, where ~ is the current user’s home directory.

Each section is treated as a configuration profile, and the SDK and CLI will look for a section called default if another is not explicitly selected.

These are the supported options:

• api_key (required) which contains the Zanshin API key obtained at the Zanshin web portal.

• user_agent (optional) allows you to override the default user-agent header used by the SDK when making API requests.

• api_url (optional) directs the SDK and CLI to use a different API endpoint than the default (https://api.zanshin.tenchisecurity.com).

You can populate the file with the zanshin init command of the CLI tool. This is what a minimal configuration file would look like:

[default]
api_key = abcdefghijklmnopqrstuvxyz

Using the CLI Utility

This package installs a command-line utility called zanshin built with the great Typer package.

You can obtain help by using the --help option.

Keep in mind that when options are present that expect multiple values, these need to be provided as multiple options. For example if you wanted to list an organization’s alerts filtering by the OPEN and RISK_ACCEPTED states, this is the command you would use:

$ zanshin organization alerts d48edaa6-871a-4082-a196-4daab372d4a1 --state OPEN --state RISK_ACCEPTED

Command Reference

zanshin

Usage:

$ zanshin [OPTIONS] COMMAND [ARGS]...

Options:

• --install-completion: Install completion for the current shell.

• --show-completion: Show completion for the current shell, to copy it or customize the installation.

• --help: Show this message and exit.

Commands:

• init: Update settings on configuration file.

• me: Show details about the owner of the API key…

• organization: Operations on organizations the API key owner…

• version: Display the program and Python versions in…

zanshin init

Update settings on configuration file.

Usage:

$ zanshin init [OPTIONS]

Options:

• --help: Show this message and exit.

zanshin me

Show details about the owner of the API key being used.

Usage:

$ zanshin me [OPTIONS]

Options:

• --profile TEXT: Configuration file section to use for credentials and other settings [default: default]

• --help: Show this message and exit.

zanshin organization

Operations on organizations the API key owner has direct access to.

Usage:

$ zanshin organization [OPTIONS] COMMAND [ARGS]...

Options:

• --help: Show this message and exit.

Commands:

• alerts: List alerts from a given organization, with…

• list: Lists the organizations this user has direct…

• scan_target: Operations on scan targets from organizations…

zanshin organization alerts

List alerts from a given organization, with optional filters by scan target, state or severity.

Usage:

$ zanshin organization alerts [OPTIONS] ORGANIZATION_ID

Arguments:

• ORGANIZATION_ID: UUID of the organization to list alerts from. [required]

Options:

• --state [OPEN|ACTIVE|IN_PROGRESS|RISK_ACCEPTED|RESOLVED|CLOSED]: Only list alerts in the specified states. [default: OPEN, ACTIVE, IN_PROGRESS, RISK_ACCEPTED, RESOLVED]

• --severity [CRITICAL|HIGH|MEDIUM|LOW|INFO]: Only list alerts with the specified severities. [default: CRITICAL, HIGH, MEDIUM, LOW, INFO]

• --profile TEXT: Configuration file section to use for credentials and other settings [default: default]

• --format [json|table|csv|html]: Format to use for the output. [default: json]

• --help: Show this message and exit.

zanshin organization list

Lists the organizations this user has direct access to as a member.

Usage:

$ zanshin organization list [OPTIONS]

Options:

• --profile TEXT: Configuration file section to use for credentials and other settings [default: default]

• --format [json|table|csv|html]: Format to use for the output. [default: json]

• --help: Show this message and exit.

zanshin organization scan_target

Operations on scan targets from organizations the API key owner has direct access to.

Usage:

$ zanshin organization scan_target [OPTIONS] COMMAND [ARGS]...

Options:

• --help: Show this message and exit.

Commands:

• check: Check an scan_target status from an…

• list: Lists the scan targets from an organization…

• scan: Start an Scan in a specific scan_target from…

zanshin organization scan_target check

Check an scan_target status from an organization.

Usage:

$ zanshin organization scan_target check [OPTIONS] ORGANIZATION_ID SCAN_TARGET_ID

Arguments:

• ORGANIZATION_ID: UUID of the organization to list alerts from. [required]

• SCAN_TARGET_ID: UUID of the scan target to start scan. [required]

Options:

• --profile TEXT: Configuration file section to use for credentials and other settings [default: default]

• --help: Show this message and exit.

zanshin organization scan_target list

Lists the scan targets from an organization that user has access to as a member.

Usage:

$ zanshin organization scan_target list [OPTIONS] ORGANIZATION_ID

Arguments:

• ORGANIZATION_ID: UUID of the organizations whose scan targets should be listed. [required]

Options:

• --profile TEXT: Configuration file section to use for credentials and other settings [default: default]

• --format [json|table|csv|html]: Format to use for the output. [default: json]

• --help: Show this message and exit.

zanshin organization scan_target scan

Start an Scan in a specific scan_target from an organization.

Usage:

$ zanshin organization scan_target scan [OPTIONS] ORGANIZATION_ID SCAN_TARGET_ID

Arguments:

• ORGANIZATION_ID: UUID of the organization to list alerts from. [required]

• SCAN_TARGET_ID: UUID of the scan target to start scan. [required]

Options:

• --profile TEXT: Configuration file section to use for credentials and other settings [default: default]

• --help: Show this message and exit.

zanshin version

Display the program and Python versions in use.

Usage:

$ zanshin version [OPTIONS]

Options:

• --help: Show this message and exit.