Datapath/pyhuntress
2
0
Fork 0
mirror of https://github.com/brygphilomena/pyhuntress.git synced 2025-11-04 16:27:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
pyhuntress/README.md
Peter Annabel 146431e818 Added all the endpoints 
Get requests should work for all but the completion certificate
Post requests still need work
2025-07-24 15:40:39 -05:00

155 lines
5.0 KiB
Markdown
Raw Blame History

# pyhuntress - An API library for Huntress SIEM and Huntress Managed SAT, written in Python
pyHuntress is a full-featured, type annotated API client written in Python for the Huntress APIs.
This library has been developed with the intention of making the Huntress APIs simple and accessible to non-coders while allowing experienced coders to utilize all features the API has to offer without the boilerplate.
pyHuntress currently supports both Huntress SIEM and Huntress Managed SAT products.
Features:
=========
- **100% API Coverage.** All endpoints and response models.
- **Non-coder friendly.** 100% annotated for full IDE auto-completion. Clients handle requests and authentication - just plug the right details in and go!
- **Fully annotated.** This library has a strong focus on type safety and type hinting. Models are declared and parsed using [Pydantic](https://github.com/pydantic/pydantic)
pyHuntress is currently in **development**.
Known Issues:
=============
- As this project is still a WIP, documentation or code commentary may not always align.
- Huntress Managed SAT is not built
Road Map:
=============
- Add Huntress Managed SAT Report
How-to:
=============
- [Install](#install)
- [Initializing the API Clients](#initializing-the-api-clients)
- [Huntress Managed SAT](#huntress-managed-sat)
- [Huntress SIEM](#huntress-siem)
- [Working with Endpoints](#working-with-endpoints)
- [Get many](#get-many)
- [Get one](#get-one)
- [Get with params](#get-with-params)
- [Pagination](#pagination)
- [Contributing](#contributing)
- [Supporting the project](#supporting-the-project)
# Install
Open a terminal and run ```pip install pyhuntress```
# Initializing the API Clients
### Huntress Managed SAT
```python
from pyhuntress import HuntressSATAPIClient
# init client
sat_api_client = HuntressSATAPIClient(
mycurricula.com,
# your api public key,
# your api private key,
)
```
### Huntress SIEM
```python
from pyhuntress import HuntressSIEMAPIClient
# init client
siem_api_client = HuntressSIEMAPIClient(
# huntress siem url
# your api public key,
# your api private key,
)
```
# Working with Endpoints
Endpoints are 1:1 to what's available for both the Huntress Managed SAT and Huntress SIEM.
For more information, check out the following resources:
- [Huntress Managed SAT REST API Docs](https://curricula.stoplight.io/docs/curricula-api/00fkcnpgk5vnn-getting-started)
- [Huntress SIEM REST API Docs](https://api.huntress.io/docs)
### Get many
```python
### Managed SAT ###
# sends GET request to /company/companies endpoint
companies = manage_api_client.company.companies.get()
### SIEM ###
# sends GET request to /agents endpoint
agents = siem_api_client.agents.get()
```
### Get one
```python
### Managed SAT ###
# sends GET request to /company/companies/{id} endpoint
accounts = sat_api_client.accounts.id("abc123").get()
### SIEM ###
# sends GET request to /agents/{id} endpoint
agent = siem_api_client.agents.id(250).get()
```
### Get with params
```python
### Managed SAT ###
# sends GET request to /company/companies with a conditions query string
conditional_company = sat_api_client.company.companies.get(params={
'conditions': 'company/id=250'
})
### SIEM ###
# sends GET request to /agents endpoint with a condition query string
conditional_agent = siem_api_client.clients.get(params={
'platform': 'windows'
})
```
# Pagination
The Huntress SIEM API paginates data for performance reasons through the ```page``` and ```limit``` query parameters. ```limit``` is limited to a maximum of 500.
To make working with paginated data easy, Endpoints that implement a GET response with an array also supply a ```paginated()``` method. Under the hood this wraps a GET request, but does a lot of neat stuff to make working with pages easier.
Working with pagination
```python
# initialize a PaginatedResponse instance for /agents, starting on page 1 with a pageSize of 100
paginated_agents = siem_api_client.agents.paginated(1,100)
# access the data from the current page using the .data field
page_one_data = paginated_agents.data
# if there's a next page, retrieve the next page worth of data
paginated_agents.get_next_page()
# if there's a previous page, retrieve the previous page worth of data
paginated_agents.get_previous_page()
# iterate over all companies on the current page
for agent in paginated_agents:
# ... do things ...
# iterate over all companies in all pages
# this works by yielding every item on the page, then fetching the next page and continuing until there's no data left
for agent in paginated_agents.all():
# ... do things ...
```
# Contributing
Contributions to the project are welcome. If you find any issues or have suggestions for improvement, please feel free to open an issue or submit a pull request.
# Supporting the project
:heart:
# Inspiration and Stolen Code
The premise behind this came from the [pyConnectWise](https://github.com/HealthITAU/pyconnectwise) package and I stole **most** of the code and adapted it to the Huntress API endpoints.
Reference in New Issue View Git Blame Copy Permalink