StellarCyberAPI
StellarCyberAPI
StellarCyberAPI is a client for interacting with the Stellar Cyber API.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
host | str | Stellar Cyber host URL (e.g. https://example.stellarcyber.cloud) | required |
username | str | Stellar Cyber username (Generally an email address) | required |
api_key | str | Stellar Cyber API key | required |
version | Literal['4.3.0', '4.3.1', '4.3.7', '5.1.x', '5.2.x', '5.3.x'] | Stellar Cyber Platform version, defaults to "5.2.x" | '5.2.x' |
verify_ssl | bool | None | Boolean to verify SSL of Stellar Cyber Host, defaults to True | None |
alert_stats(start_date, end_date, tenant=None)
Public method to return alert statistics for a given date range.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
start_date | date | Start date object for query. | required |
end_date | date | End date object for query. | required |
tenant | str | None | Tenant to restrict to single tenant. Defaults to None. | None |
Returns:
| Type | Description |
|---|---|
dict[str, Any] | Alert statistics dictionary. |
es_search(index, query)
Public method to query Stellar Cyber Elasticsearch index with query.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
index | str | Elasticsearch index name. | required |
query | dict | Query dictionary. | required |
Returns:
| Type | Description |
|---|---|
dict[str, Any] | Response JSON dictionary. |
get_connector_log_data_sources(start_date, end_date, tenant=None)
Public method to return a list of connector log data sources.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
start_date | date | Start date object for query. | required |
end_date | date | End date object for query. | required |
tenant | str | None | Tenant to restrict to single tenant. Defaults to None. | None |
Returns:
| Type | Description |
|---|---|
list[str] | List of connector log data sources. |
get_connectors(tenant_id=None)
Public method to return a list of connectors from the Stellar Cyber API.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
tenant_id | str | None | Supply a tenant_id to restrict to a single tenant. Defaults to None. | None |
Returns:
| Type | Description |
|---|---|
list[dict[str, Any]] | List of connectors as dictionaries. |
get_detections(tenant_id=None, only_builtin=None, only_custom=None)
Public method to return a list of detections from the Stellar Cyber API. Either all, only built-in, or only custom.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
tenant_id | str | None | Supply a tenant_id to restrict to a single tenant. Defaults to None. | None |
only_builtin | bool | None | Return only built-in detections. Defaults to False. | None |
only_custom | bool | None | Return only custom detections. Defaults to False. | None |
Returns:
| Type | Description |
|---|---|
list[dict[str, Any]] | List of detections as dictionaries. |
get_sensor_sources(start_date, end_date, tenant=None)
Public method to return a list of sensor sources.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
start_date | date | Start date object for query. | required |
end_date | date | End date object for query. | required |
tenant | str | None | Tenant to restrict to single tenant. Defaults to None. | None |
Returns:
| Type | Description |
|---|---|
list[str] | List of sensor sources. |
get_tenants(as_options=None)
Public method to return a list of tenants from the Stellar Cyber API.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
as_options | bool | None | Return just tenant names as sorted list. Defaults to False. | None |
Returns:
| Type | Description |
|---|---|
list[str] | list[dict[str, Any]] | List of tenants as dictionaries or names. |
get_token()
Public method to return the current access token as string.
Returns:
| Type | Description |
|---|---|
str | Access token string. |