field.RestField('proxy_enabled', required=False, encrypted=False, default=None, validator=None), field.RestField('proxy_type', required=False, encrypted=False, default='http', validator=None), field.RestField('proxy_url', required=False, encrypted=False, default=None, validator=validator.String( min_len=0, max_len=4096, )), field.RestField('proxy_port', required=False, encrypted=False, default=None, validator=validator.Number( min_val=1, max_val=65535, )), field.RestField('proxy_username', required=False, encrypted=False, default=None, validator=validator.String( min_len=0,
field.RestField( 'interval', required=True, encrypted=False, default=None, validator=validator.Pattern( regex=r"""^\-[1-9]\d*$|^\d*$""", ) ), field.RestField( 'index', required=True, encrypted=False, default='default', validator=validator.String( min_len=1, max_len=80, ) ), field.RestField( 'mitre_subtechniques_url', required=False, encrypted=False, default='https://raw.githubusercontent.com/mitre/cti/subtechniques/enterprise-attack/enterprise-attack.json', validator=validator.String( min_len=0, max_len=8192, ) ), field.RestField( 'disabled',
validator, RestModel, SingleModel, ) from splunktaucclib.rest_handler import admin_external, util from splunk_aoblib.rest_migration import ConfigMigrationHandler util.remove_http_proxy_env_vars() fields = [ field.RestField('username', required=True, encrypted=False, default=None, validator=validator.String( min_len=1, max_len=200, )), field.RestField('password', required=True, encrypted=True, default=None, validator=validator.String( min_len=1, max_len=8192, )) ] model = RestModel(fields, name=None) endpoint = SingleModel( 'ta_defender_atp_hunting_account', model,
util.remove_http_proxy_env_vars() fields = [ field.RestField('interval', required=True, encrypted=False, default=None, validator=validator.Pattern( regex=r"""^\-[1-9]\d*$|^\d*$""", )), field.RestField('index', required=True, encrypted=False, default='default', validator=validator.String( min_len=1, max_len=80, )), field.RestField('debug_mode', required=True, encrypted=False, default='disabled', validator=None), field.RestField('disabled', required=False, validator=None) ] model = RestModel(fields, name=None) endpoint = DataInputModel( 'canary_api', model, )
validator, RestModel, DataInputModel, ) from splunktaucclib.rest_handler import admin_external, util from splunk_aoblib.rest_migration import ConfigMigrationHandler util.remove_http_proxy_env_vars() fields = [ field.RestField('index', required=True, encrypted=False, default='default', validator=validator.String( max_len=80, min_len=1, )), field.RestField('delta', required=True, encrypted=False, default='5', validator=validator.String( max_len=8192, min_len=0, )), field.RestField('site', required=True, encrypted=False, default=None, validator=validator.String( max_len=8192,
field.RestField( 'interval', required=True, encrypted=False, default=None, validator=validator.Pattern( regex=r"""^\-[1-9]\d*$|^\d*$""", ) ), field.RestField( 'index', required=True, encrypted=False, default='default', validator=validator.String( max_len=80, min_len=1, ) ), field.RestField( 'tenant', required=True, encrypted=False, default=None, validator=None ), field.RestField( 'disabled', required=False, validator=None )
field.RestField('proxy_enabled', required=False, encrypted=False, default=None, validator=None), field.RestField('proxy_type', required=False, encrypted=False, default='http', validator=None), field.RestField('proxy_url', required=False, encrypted=False, default=None, validator=validator.String( max_len=4096, min_len=0, )), field.RestField('proxy_port', required=False, encrypted=False, default=None, validator=validator.Number( max_val=65535, min_val=1, )), field.RestField('proxy_username', required=False, encrypted=False, default=None, validator=validator.String( max_len=50,
validator, RestModel, DataInputModel, ) from splunktaucclib.rest_handler import admin_external, util from splunk_aoblib.rest_migration import ConfigMigrationHandler util.remove_http_proxy_env_vars() fields = [ field.RestField('edition_ids', required=True, encrypted=False, default='GeoLite2-Country GeoLite2-City', validator=validator.String( min_len=0, max_len=8192, )), field.RestField('global_account', required=True, encrypted=False, default=None, validator=None), field.RestField('disabled', required=False, validator=None), field.RestField('interval', default='10000', validator=None) ] model = RestModel(fields, name='main') endpoint = DataInputModel( 'geoipupdate', model, )
SingleModel, ) from splunktaucclib.rest_handler import admin_external, util from splunk_aoblib.rest_migration import ConfigMigrationHandler util.remove_http_proxy_env_vars() fields = [ field.RestField( 'username', required=True, encrypted=False, default=None, validator=validator.String( max_len=200, min_len=1, ) ), field.RestField( 'password', required=True, encrypted=True, default=None, validator=validator.String( max_len=8192, min_len=1, ) ) ] model = RestModel(fields, name=None)
required=False, encrypted=False, default='INFO', validator=None ) ] model_logging = RestModel(fields_logging, name='logging') fields_additional_parameters = [ field.RestField( 'aws_access_key', required=True, encrypted=True, default='', validator=validator.String( max_len=8192, min_len=0, ) ), field.RestField( 'aws_secret_key', required=True, encrypted=True, default='', validator=validator.String( max_len=8192, min_len=0, ) ), field.RestField( 'iam_role_arn', required=False,