Python command line utility to the Tenchi Security Zanshin API v1
Project description
Zanshin CLI
This Python package provides a command-line utility to interact with the API of the Zanshin SaaS service from Tenchi Security.
Is it based on the Zanshin Python SDK available on Github and PyPI.
If you are a Zanshin customer and have any questions regarding the use of the service, its API or this command-line utility, please get in touch via e-mail at support {at} tenchisecurity {dot} com or via the support widget on the Zanshin Portal.
Configuration File
The way the SDK and CLI handles credentials is by using a configuration file in the format created by the Python RawConfigParser class.
The file is located at ~/.tenchi/config, where ~ is the current user’s home directory.
Each section is treated as a configuration profile, and the SDK and CLI will look for a section called default if another is not explicitly selected.
These are the supported options:
api_key (required) which contains the Zanshin API key obtained at the Zanshin web portal.
user_agent (optional) allows you to override the default user-agent header used by the SDK when making API requests.
api_url (optional) directs the SDK and CLI to use a different API endpoint than the default (https://api.zanshin.tenchisecurity.com).
You can populate the file with the zanshin init command of the CLI tool. This is what a minimal configuration file would look like:
[default]
api_key = abcdefghijklmnopqrstuvxyz
Using the CLI Utility
This package installs a command-line utility called zanshin built with the great Typer package.
You can obtain help by using the --help option.
Keep in mind that when options are present that expect multiple values, these need to be provided as multiple options. For example if you wanted to list an organization’s alerts filtering by the OPEN and RISK_ACCEPTED states, this is the command you would use:
$ zanshin organization alerts d48edaa6-871a-4082-a196-4daab372d4a1 --state OPEN --state RISK_ACCEPTED
Command Reference
zanshin
Command-line utility to interact with the Zanshin SaaS service offered by Tenchi Security, go to https://github.com/tenchi-security/zanshin-cli for license, source code and documentation
Usage:
$ zanshin [OPTIONS] COMMAND [ARGS]...
Options:
--profile TEXT: Configuration file section to read API key and configutation from [default: default]
--format [json|table|csv|html]: Output format to use for list operations [default: json]
--verbose / --no-verbose: Print timiing and other information to stderr [default: True]
--install-completion: Install completion for the current shell.
--show-completion: Show completion for the current shell, to copy it or customize the installation.
--help: Show this message and exit.
Commands:
alert: Returns details about a specified alert
following: Operations on organizations that are being…
init: Update settings on configuration file.
me: Show details about the owner of the API key…
organization: Operations on organizations the API key owner…
version: Display the program and Python versions in…
zanshin alert
Returns details about a specified alert
Usage:
$ zanshin alert [OPTIONS] ALERT_ID
Arguments:
ALERT_ID: UUID of the alert to look up [required]
Options:
--help: Show this message and exit.
zanshin following
Operations on organizations that are being followed by one of the organizations the API key owner is a member of
Usage:
$ zanshin following [OPTIONS] COMMAND [ARGS]...
Options:
--help: Show this message and exit.
Commands:
alerts: Lists alerts of organizations that the API…
list: Lists other organizations that a specified…
requests: Operations on requests submitted by third…
stop: Stops one organization from following another
zanshin following alerts
Lists alerts of organizations that the API key owner is following
Usage:
$ zanshin following alerts [OPTIONS]
Options:
--following-id UUID: Only list alerts from the specified followed organizations
--state [OPEN|ACTIVE|IN_PROGRESS|RISK_ACCEPTED|RESOLVED|CLOSED]: Only list alerts in the specified states. [default: OPEN, ACTIVE, IN_PROGRESS, RISK_ACCEPTED, RESOLVED]
--severity [CRITICAL|HIGH|MEDIUM|LOW|INFO]: Only list alerts with the specified severities [default: CRITICAL, HIGH, MEDIUM, LOW, INFO]
--help: Show this message and exit.
zanshin following list
Lists other organizations that a specified organization is following
Usage:
$ zanshin following list [OPTIONS] ORGANIZATION_ID
Arguments:
ORGANIZATION_ID: UUID of the organization [required]
Options:
--help: Show this message and exit.
zanshin following requests
Operations on requests submitted by third parties to be followed by one of the organizations the API key owner is a member of
Usage:
$ zanshin following requests [OPTIONS] COMMAND [ARGS]...
Options:
--help: Show this message and exit.
Commands:
accept: Accepts a request to follow another…
decline: Declines a request to follow another…
list: Lists all of the requests from organizations…
zanshin following requests accept
Accepts a request to follow another organization
Usage:
$ zanshin following requests accept [OPTIONS] ORGANIZATION_ID FOLLOWING_ID
Arguments:
ORGANIZATION_ID: UUID of the organization that received the request [required]
FOLLOWING_ID: UUID of the organization that requested to be followed [required]
Options:
--help: Show this message and exit.
zanshin following requests decline
Declines a request to follow another organization
Usage:
$ zanshin following requests decline [OPTIONS] ORGANIZATION_ID FOLLOWING_ID
Arguments:
ORGANIZATION_ID: UUID of the organization that received the request [required]
FOLLOWING_ID: UUID of the organization that requested to be followed [required]
Options:
--help: Show this message and exit.
zanshin following requests list
Lists all of the requests from organizations that want to be followed by a specified organization that the API key owner is a member of
Usage:
$ zanshin following requests list [OPTIONS] ORGANIZATION_ID
Arguments:
ORGANIZATION_ID: UUID of the organization that received the request [required]
Options:
--help: Show this message and exit.
zanshin following stop
Stops one organization from following another
Usage:
$ zanshin following stop [OPTIONS] ORGANIZATION_ID FOLLOWING_ID
Arguments:
ORGANIZATION_ID: UUID of the follower organization (which the API key owner must be a member of) [required]
FOLLOWING_ID: UUID of the followed organization [required]
Options:
--help: Show this message and exit.
zanshin init
Update settings on configuration file.
Usage:
$ zanshin init [OPTIONS]
Options:
--help: Show this message and exit.
zanshin me
Show details about the owner of the API key being used.
Usage:
$ zanshin me [OPTIONS]
Options:
--help: Show this message and exit.
zanshin organization
Operations on organizations the API key owner has direct access to
Usage:
$ zanshin organization [OPTIONS] COMMAND [ARGS]...
Options:
--help: Show this message and exit.
Commands:
alerts: List alerts from a given organization, with…
list: Lists the organizations this user has direct…
scan_target: Operations on scan targets from organizations…
zanshin organization alerts
List alerts from a given organization, with optional filters by scan target, state or severity.
Usage:
$ zanshin organization alerts [OPTIONS] ORGANIZATION_ID
Arguments:
ORGANIZATION_ID: UUID of the organization [required]
Options:
--state [OPEN|ACTIVE|IN_PROGRESS|RISK_ACCEPTED|RESOLVED|CLOSED]: Only list alerts in the specified states. [default: OPEN, ACTIVE, IN_PROGRESS, RISK_ACCEPTED, RESOLVED]
--severity [CRITICAL|HIGH|MEDIUM|LOW|INFO]: Only list alerts with the specified severities [default: CRITICAL, HIGH, MEDIUM, LOW, INFO]
--help: Show this message and exit.
zanshin organization list
Lists the organizations this user has direct access to as a member.
Usage:
$ zanshin organization list [OPTIONS]
Options:
--help: Show this message and exit.
zanshin organization scan_target
Operations on scan targets from organizations the API key owner has direct access to
Usage:
$ zanshin organization scan_target [OPTIONS] COMMAND [ARGS]...
Options:
--help: Show this message and exit.
Commands:
check: Checks if a scan target is correctly…
list: Lists the scan targets (i.e.
scan: Starts an ad-hoc scan of a specified scan…
zanshin organization scan_target check
Checks if a scan target is correctly configured
Usage:
$ zanshin organization scan_target check [OPTIONS] ORGANIZATION_ID SCAN_TARGET_ID
Arguments:
ORGANIZATION_ID: UUID of the organization to list alerts from [required]
SCAN_TARGET_ID: UUID of the scan target to start scan [required]
Options:
--help: Show this message and exit.
zanshin organization scan_target list
Lists the scan targets (i.e. linked cloud accounts) from an organization that user has access to as a member.
Usage:
$ zanshin organization scan_target list [OPTIONS] ORGANIZATION_ID
Arguments:
ORGANIZATION_ID: UUID of the organizations whose scan targets should be listed [required]
Options:
--help: Show this message and exit.
zanshin organization scan_target scan
Starts an ad-hoc scan of a specified scan target
Usage:
$ zanshin organization scan_target scan [OPTIONS] ORGANIZATION_ID SCAN_TARGET_ID
Arguments:
ORGANIZATION_ID: UUID of the organization to list alerts from [required]
SCAN_TARGET_ID: UUID of the scan target to start scan [required]
Options:
--help: Show this message and exit.
zanshin version
Display the program and Python versions in use.
Usage:
$ zanshin version [OPTIONS]
Options:
--help: Show this message and exit.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.