{
"info": {
"author": "Jerod Gawne",
"author_email": "jerod@jerodg.dev",
"bugtrack_url": null,
"classifiers": [
"Development Status :: 5 - Production/Stable",
"Environment :: Console",
"Intended Audience :: Developers",
"Intended Audience :: End Users/Desktop",
"Intended Audience :: System Administrators",
"License :: Other/Proprietary License",
"Natural Language :: English",
"Operating System :: MacOS :: MacOS X",
"Operating System :: Microsoft :: Windows",
"Operating System :: POSIX",
"Programming Language :: Python :: 3.8",
"Topic :: Internet",
"Topic :: Internet :: WWW/HTTP",
"Topic :: Utilities"
],
"description": "```\n ___ _ _ _ ___ ___ ___ _ _ _ \n| _ \\ |_ __ _ _ _| |_ ___ _ __ /_\\ | _ \\_ _| / __| (_)___ _ _| |_ \n| _/ ' \\/ _` | ' \\ _/ _ \\ ' \\ / _ \\| _/| | | (__| | / -_) ' \\ _|\n|_| |_||_\\__,_|_||_\\__\\___/_|_|_| /_/ \\_\\_| |___| \\___|_|_\\___|_||_\\__|\n```\n\n\n\n\n![](\"https://img.shields.io/badge/License-SSPL-green.svg\")
\n\n![](\"https://img.shields.io/badge/Say%20Thanks-!-1EAEDB.svg\")
\n\n# Splunk-Phantom, API client.\nClient library for Phantom's REST API.\n\nDeveloped for use with Phantom v4.5+, however, most functionality *should work \nwith previous versions.\n\nDeveloped fro use with Python3.8+, however, it should work with 3.6/7+. There is\nno guarantee that future development won't utilize 3.8+ specifc syntax.\n\n__*Not Affiliated with Splunk or Phantom__\n\n## Installation\n```bash\npip install phantom-api-client\n```\n\n## Basic Usage\nThis modules' primary use-case is inheritance from other REST API clients.\n\n```python\n\n```\n\n## API Implementation, Categories (2/24) ~8.3%/Functions (30/116) ~25.9%\n__*These should match unit tests.__\n- [ ] Actions:\n - [ ] Run Action\n - [ ] Cancel Running Action\n- [ ] Aggregation Rules:\n - [ ] Create Rule\n - [ ] Update Rule\n - [ ] Delete Rule\n- [ ] Apps:\n - [ ] Install App \n- [x] Artifacts:\n - [x] Get All Artifacts Count\n - [x] Get Container Artifacts Count\n - [x] Get All Artifacts\n - [x] Get One Artifact\n - [x] Get All Container Artifacts \n - [x] Create One Artifact\n - [x] Create Artifacts\n - [x] Update Artifact\n - [x] Update Artifacts\n - [x] Delete One Artifact\n - [x] Delete Artifacts\n- [ ] Assets:\n - [ ] Create Assets\n- [ ] Attachments:\n - [ ] Get Attachment\n - [ ] Get Attachments\n - [ ] Create Attachment\n - [ ] Delete Attachment\n- [ ] Audit:\n - [ ] Get One User Audit Data\n - [ ] Get 'N' Users Audit Data\n - [ ] Get One Role Audit Data\n - [ ] Get 'N' Role Audit Data\n - [ ] Get Authentication Audit Data\n - [ ] Get Administration Audit Data\n - [ ] Get One Playbook Audit Data\n - [ ] Get 'N' Playbooks Audit Data\n - [x] Get One Container Audit Data\n - [x] Get 'N' Containers Audit Data\n - [ ] Get All Audit Data\n- [ ] CEF:\n - [ ] Get Available CEFs\n - [ ] Create Custom CEF\n - [ ] Get Custom CEFs\n - [ ] Get Custom CEF\n - [ ] Update Custom CEF\n - [ ] Delete Custom CEF\n- [ ] Clustering:\n - [ ] Get Nodes\n- [x] Containers:\n - [x] Get Containers Count\n - [x] Get Containers Count Filtered\n - [x] Get All Containers\n - [x] Get All Containers Filtered\n - [x] Get One Container\n - [x] Create One Container\n - [x] Create Containers\n - [x] Update Container\n - [x] Update Containers\n - [x] Delete Container\n - [x] Delete Containers\n - [x] Get Container Whitelisted Users\n - [x] Get Whitelist Candidates (users who can view a container)\n- [ ] Custom Lists:\n - [ ] Get List\n - [ ] Create List\n - [ ] Update List\n - [ ] Delete List\n- [ ] Evidence:\n - [ ] Get Container Evidence\n - [ ] Create Container Evidence\n - [ ] Delete Container Evidence\n- [ ] HUD:\n - [ ] Pin Container\n - [ ] Update Pin\n- [ ] Indicators:\n - [ ] Get Indicator Counts\n - [ ] Get Top Event Labels\n - [ ] Get Top Indicator Types\n - [ ] Get Top Indicator Values\n - [ ] Get Indicators\n - [ ] Get Indicator\n - [ ] Get Artifacts by Indicator\n - [ ] Get Indicator Timeline by Value\n - [ ] Get Containers by Indicator\n- [ ] Informational:\n - [ ] Get Version\n - [ ] Get System Info\n - [ ] Get License\n - [ ] Get System Health\n - [ ] Get App Status Info\n - [ ] Get Widget Info \n- [ ] Notes:\n - [ ] Create Container Note\n - [ ] Create Containers Notes\n - [ ] Create Artifact Note\n - [ ] Create Task Note\n - [ ] Update Container Note\n - [ ] Get Container Notes\n - [ ] Get Container Note\n - [ ] Delete Note\n - [ ] Get Artifact Notes\n - [ ] Get Task Notes\n - [ ] Search Notes\n- [ ] Playbooks:\n - [ ] Update Playbook Status\n - [ ] Run Playbook\n - [ ] Cancel Running Playbook\n - [ ] Update Source Control Repository\n- [ ] Search:\n - [ ] Run Search\n- [ ] Severity:\n - [ ] Get Severity's\n - [ ] Create Severity\n - [ ] Delete Severity\n - [ ] Update Severity\n- [ ] Status:\n - [ ] Get Status Labels\n - [ ] Create Status Label\n - [ ] Delete Status Label\n- [ ] System Settings:\n - [ ] Update System Settings\n- [ ] Tenants:\n - [ ] Create Tenant\n - [ ] Update Tenant\n- [ ] Users:\n - [x] Get Users Count\n - [x] Get One User\n - [x] Get All Users\n - [ ] Create One User\n - [ ] Update One User\n - [x] Delete One User\n - [ ] Create Role/Permissions\n- [ ] Workbooks (formerly known as Case Templates):\n - [ ] Create Case Workflow Template\n - [ ] Create Phase Object\n - [ ] Create Task Object\n - [ ] Add Phase Template to Workflow Template\n - [ ] Add Task to Phase Template \n - [ ] Get Workbook Phases\n\n## Performance Notes\nPhantom v4.2.7532 | Intel(R) Xeon(R) CPU E7-8860 v4 @ 2.20GHz (8 Cores VMWare) | 32GB RAM\n\n#### Get Containers\n_No Pretty or Expensive_\n\n| Semaphore \t| PageSize \t| ResultsCount \t| Duration (seconds) \t| Records/Sec. |\n|-----------\t|----------\t|--------------\t|--------------------\t| ------------ |\n| 1\t| 0\t| 10260\t| 550.368098\t| 18.642069\t|\n| 1\t| 100\t| 10242\t| 506.718879\t| 20.212390 |\n| 1\t| 250\t| 10245\t| 507.401462\t| 20.191112 |\n| 1\t| 500\t| 10247\t| 505.141626\t| 20.285400 |\n| 1\t| 1000\t| 10248\t| 499.583309\t| **20.513095** |\n| 5\t| 100\t| 10252\t| 103.920112\t| 98.652703 |\n| 5\t| 250\t| 10252\t| 104.045734\t| 98.533592 |\n| 5 | 500\t| 10252\t| 103.959837\t| **98.615006** |\n| 5 | 1000\t| 10252\t| 103.284216\t| 99.260084 |\n| 10\t| 100\t| 10252\t| 62.194716\t| 164.83715 |\n| 10\t| 250\t| 10252\t| 61.711901\t| **166.12678** |\n| 10\t| 500\t| 10252\t| 61.747280\t| 166.03160 |\n| 10\t| 1000\t| 10252\t| 61.791430\t| 165.91297 |\n| 15\t| 100\t| 10252\t| 53.376854\t| 192.068269\t|\n| 15\t| 250\t| 10252\t| 53.870317\t| 190.308884\t|\n| 15\t| 500\t| 10252\t| 53.380755\t| 192.054232\t|\n| 15\t| 1000\t| 10252\t| 53.107964\t| **193.040729**\t|\n| 25\t| 100\t| 10252\t| 52.471258\t| 195.383156\t|\n| 25\t| 250\t| 10252\t| 52.522734\t| 195.191668\t|\n| 25\t| 500\t| 10253\t| 54.730120\t| 187.337430\t|\n| 25\t| 1000\t| 10253\t| 52.401570\t| **195.662075**\t|\n| 50\t| 100\t| 10253\t| 52.405708\t| **195.646626**\t|\n| 50\t| 250\t| 10253\t| 53.681816\t| 190.995773\t|\n| 50\t| 500\t| 10253\t| 53.105051\t| 193.070148\t|\n| 50\t| 1000\t| 10253\t| 52.813425\t| 194.136245\t|\n| 75\t| 100\t| 10258\t| 59.042822\t| **173.738309**\t|\n| 75\t| 250\t| 10258\t| 60.795224\t| 168.730359\t|\n| 75\t| 500\t| 10258\t| 62.890662\t| 163.108475\t|\n| 75\t| 1000\t| 10258\t| 65.159076\t| 157.430102\t|\n\nMore than 100 simultaneous connections/queries results in missing records.\n\n| Semaphore \t| PageSize \t| ResultsCount \t| Duration (seconds) \t| Records/Sec. |\n|-----------\t|----------\t|--------------\t|--------------------\t| ------------ |\n| 100\t| 100\t| 7995\t| 47.714157\t| **167.560332**\t|\n| 100\t| 250\t| 1483\t| 14.284200\t| 103.821007\t|\n| 100\t| 500\t| 1501\t| 15.164913\t| 98.978475\t|\n| 100\t| 1000\t| 1012\t| 12.785591\t| 79.151602\t|\n| 250\t| 100\t| 1043\t| 13.511003\t| 77.196340\t|\n| 250\t| 250\t| 1568\t| 17.039635\t| 92.020751\t|\n| 250\t| 500\t| 1592\t| 16.626970\t| **95.748051**\t|\n| 250\t| 1000\t| 1493\t| 17.328146\t| 86.160400\t|\n\n## Documentation\n[GitHub Pages](https://jerodg.github.io/phantom-api-client/)\n- Work in Process\n\n## License\nCopyright \u00a9 2019 Jerod Gawne \n\nThis program is free software: you can redistribute it and/or modify\nit under the terms of the Server Side Public License (SSPL) as\npublished by MongoDB, Inc., either version 1 of the\nLicense, or (at your option) any later version.\n\nThis program is distributed in the hope that it will be useful,\nbut WITHOUT ANY WARRANTY; without even the implied warranty of\nMERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\nSSPL for more details.\n\nYou should have received a copy of the SSPL along with this program.\nIf not, see .\n\n\n",
"description_content_type": "text/markdown",
"docs_url": null,
"download_url": "",
"downloads": {
"last_day": -1,
"last_month": -1,
"last_week": -1
},
"home_page": "https://pypi.org/project/phantom-api-client/",
"keywords": "phantom api client rest",
"license": "Server Side Public License (SSPL)",
"maintainer": "",
"maintainer_email": "",
"name": "phantom-api-client",
"package_url": "https://pypi.org/project/phantom-api-client/",
"platform": "",
"project_url": "https://pypi.org/project/phantom-api-client/",
"project_urls": {
"Bugs": "https://github.com/jerodg/phantom-api-client/issues",
"Documentation": "https://jerodg.github.io/phantom-api-client",
"Funding": "https://www.paypal.me/jerodgawne",
"Homepage": "https://pypi.org/project/phantom-api-client/",
"Say Thanks!": "https://saythanks.io/to/jerodg",
"Source": "https://github.com/jerodg/phantom-api-client"
},
"release_url": "https://pypi.org/project/phantom-api-client/0.30.0/",
"requires_dist": [
"aiodns",
"aiohttp",
"base-api-client",
"cchardet",
"toml",
"ujson"
],
"requires_python": ">=3.8, <3.9",
"summary": "Phantom API Client Library",
"version": "0.30.0"
},
"last_serial": 5850402,
"releases": {
"0.30.0": [
{
"comment_text": "",
"digests": {
"md5": "d8021a5dcce72e22babff6633b11991e",
"sha256": "318545c81404ebf6cd14630e62a8d6318d35317c1a69055bb028da26f2e619f9"
},
"downloads": -1,
"filename": "phantom_api_client-0.30.0-py2.py3-none-any.whl",
"has_sig": true,
"md5_digest": "d8021a5dcce72e22babff6633b11991e",
"packagetype": "bdist_wheel",
"python_version": "py2.py3",
"requires_python": ">=3.8, <3.9",
"size": 60627,
"upload_time": "2019-09-18T13:50:53",
"url": "https://files.pythonhosted.org/packages/c5/7e/4cdacb75cc818f652c7dd99a04ec68424aa6a7bf09b0d5da300a51851cab/phantom_api_client-0.30.0-py2.py3-none-any.whl"
}
],
"0.4.0": [
{
"comment_text": "",
"digests": {
"md5": "e997c1554dc643231e225b85c3cb9ad7",
"sha256": "89939f25ea9e6beeca595fad200fda91a963b8efa457c24338e68ac38becc76f"
},
"downloads": -1,
"filename": "phantom_api_client-0.4.0-py2.py3-none-any.whl",
"has_sig": true,
"md5_digest": "e997c1554dc643231e225b85c3cb9ad7",
"packagetype": "bdist_wheel",
"python_version": "py2.py3",
"requires_python": ">=3.7, <3.9",
"size": 49392,
"upload_time": "2019-08-14T21:29:20",
"url": "https://files.pythonhosted.org/packages/b9/2d/6ec767b3a9fa6ecf8bb64694bc76e66279294a7b1b9c486d423b3318dfda/phantom_api_client-0.4.0-py2.py3-none-any.whl"
},
{
"comment_text": "",
"digests": {
"md5": "13b7dda61fe283d420e6eb871b9a0912",
"sha256": "36ef7621dc51cc3d8b870523087fe1c383da8bacb5d5d5c13190d4c63f52ea78"
},
"downloads": -1,
"filename": "phantom-api-client-0.4.0.tar.gz",
"has_sig": true,
"md5_digest": "13b7dda61fe283d420e6eb871b9a0912",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.7, <3.9",
"size": 30627,
"upload_time": "2019-08-14T21:29:22",
"url": "https://files.pythonhosted.org/packages/4c/e8/b50748ef6fbf703fb3109ff22494dd2057023786e2759f147542548d875c/phantom-api-client-0.4.0.tar.gz"
}
]
},
"urls": [
{
"comment_text": "",
"digests": {
"md5": "d8021a5dcce72e22babff6633b11991e",
"sha256": "318545c81404ebf6cd14630e62a8d6318d35317c1a69055bb028da26f2e619f9"
},
"downloads": -1,
"filename": "phantom_api_client-0.30.0-py2.py3-none-any.whl",
"has_sig": true,
"md5_digest": "d8021a5dcce72e22babff6633b11991e",
"packagetype": "bdist_wheel",
"python_version": "py2.py3",
"requires_python": ">=3.8, <3.9",
"size": 60627,
"upload_time": "2019-09-18T13:50:53",
"url": "https://files.pythonhosted.org/packages/c5/7e/4cdacb75cc818f652c7dd99a04ec68424aa6a7bf09b0d5da300a51851cab/phantom_api_client-0.30.0-py2.py3-none-any.whl"
}
]
}