Giter VIP home page Giter VIP logo

stealthwatch-enterprise-sample-scripts's Introduction

Stealthwatch Enterprise API Sample Scripts

This repository contains sample Python scripts related to Cisco Stealthwatch Enterprise APIs. It is available for use by the Cisco DevNet community through Code Exchange. For more information on the Stealthwatch Enterprise REST API, please see the following link: https://developer.cisco.com/docs/stealthwatch/enterprise

Compatibility

The minimum supported version of Stealthwatch Enterprise that is required to use each respective API capability:

  • v6.5.0 (Host Snapshot)
  • v6.10.0 (Domains / Tenants, Top Reports, Security Events)
  • v7.0.0 (Flows, Host Groups / Tags)
  • v7.1.0 (Cognitive Intelligence Incidents)

Installation

  1. Ensure Python 3 is installed.
  2. Ensure the Python requests module is installed.
  3. Download the .py files located in the python directory.

Alternatively, advanced users can also use git to checkout / clone this project.

Configuration

Open the desired .py file that you intend to run and enter the following values where specified:

  • SMC_USER = ""
  • SMC_PASSWORD = ""
  • SMC_HOST = ""

(Note: additional fields may also be required)

Cognitive Intelligence Incidents API Configuration

The Cognitive Intelligence Incidents REST API is disabled by default. To enable the API:

  • Enable Cognitive Analytics in External Services on your SMC and Flow Collector(s).
  • Locate /lancope/tomcat/webapps/cta-events-collector/WEB-INF/classes/app.properties file on your SMC system
  • Under #CTA_ENABLED section set the cta.api.enabled option to true
  • Restart web server on your SMC system: systemctl restart lc-tomcat

(Note: The API returns CTA incidents for all domains and expects tenantId to be 0 in the API path parameter. Requesting data for any specific tenant will result in error.)

Usage

  1. Identify the path to your Python 3 executible.
    • Depending how Python 3 was installed, this might be as simple as just calling the command python or python3.
  2. Run the Python script with the following command:
    • $ <PYTHON-PATH> <PYTHON-SCRIPT-PATH>
    • Example: $ /usr/bin/python ./get_flows.py

Known issues

No known issues.

Getting help

Use this project at your own risk (support not provided). If you need technical support with Cisco Stealthwatch APIs, do one of the following:

Browse the Forum

Check out our forum to pose a question or to see if any questions have already been answered by our community. We monitor these forums on a best effort basis and will periodically post answers.

Open A Case

Getting involved

Contributions to this code are welcome and appreciated. See CONTRIBUTING for details. Please adhere to our Code of Conduct at all times.

Licensing info

This code is licensed under the BSD 3-Clause License. See LICENSE for details.

stealthwatch-enterprise-sample-scripts's People

Contributors

kyle-winters avatar chrivand avatar eckelcu avatar grmaclea avatar pglave avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.