Python API Module for Threat Response APIs
- Local:
pip install -U .
pip show threatresponse
- GitHub:
pip install git+https://github.com/CiscoSecurity/tr-05-api-module.git[@branch_name_or_release_version]
pip show threatresponse
- PyPi:
pip install threatresponse[==release_version]
pip show threatresponse
from threatresponse import ThreatResponse
tr = TreatResponse(
client_id='<YOUR TR CLIENT ID>', # required
client_password='<YOUR TR CLIENT PASSWORD>', # required
region='<YOUR TR REGION>', # optional
logger=<SOME LOGGER INSTANCE>, # optional
timeout=<SOME NUMBER OF SECONDS>, # optional
proxy='<SOME PROXY URL>', # optional
)
client_id
andclient_password
credentials must be taken from an existing API client for accessing the Cisco Threat Response APIs. The official documentation on how to create such a client can be found here. Make sure to properly set some scopes which will grant the client different (ideally minimum) privileges.region
must be one of:''
(default),'eu'
,'apjc'
. Other regions are not supported yet.logger
must be an (already configured) instance of the built-inlogging.Logger
class (or one of its descendants).timeout
must be a number (int
orfloat
) meaning the default amount of time (in seconds) to wait for the server to send data before giving up and raising an exception. Can be overwritten by explicitly specifyingtimeout
on each call to any endpoint.proxy
must be a URL in the format:http[s]://[username[:password]@]host[:port]
.