# PyPanther
**pypanther** is a Python library for building Panther analysis content for the Panther cybersecurity product.
It provides a simple and intuitive interface for creating, managing, and deploying detections to enhance your security posture.
Included is a `pypanther` CLI tool to interact with your content and upload it to the Panther web app.
## Features
- **Rule Creation**: Easily create rules using Python classes and inheritance.
- **Management**: Organize and manage rules efficiently with native Python.
- **Deployment**: Upload detections and more to Panther for real-time detection.
## Installation
To install **pypanther**, use pip:
```bash
pip install pypanther
```
## Prerequisites
- Python 3.11 or higher
- [Panther](https://panther.com) account and API access
## Usage
1. **Import pypanther**: Start by importing pypanther into your Python script.
2. **Create Rules**: Subclass the `Rule` class to define new rules.
3. **Register Rules**: Register your custom rules and Panther managed rules inside your `main.py` file.
4. **Test Rules**: Test all your registered rules using `pypanther test`.
5. **Upload Rules**: Upload all registered rules with your Panther deployment using the CLI tool (`pypanther upload`).
## Getting Started
Here is a simple example to get you started:
```python
from pypanther import Rule, register, LogType, Severity
# Create a new rule
class MyRule(Rule):
id = "MyRule"
default_severity = Severity.HIGH
log_types = [LogType.OKTA_SYSTEM_LOG]
def rule(self, event):
return event.get("status") == "breached"
# register the rule
register(MyRule)
```
Check out the [pypanther-starter-kit](https://github.com/panther-labs/pypanther-starter-kit) for more examples on how to use `pypanther`.
You can view detailed docs on the package and CLI tool on the [panther docs](https://docs.panther.com/detections/pypanther/cli).
## Local Development
We use [Poetry](https://python-poetry.org/) for dependency management and packaging. Poetry makes it easy to set up a consistent and
isolated development environment.
### Setting Up for Local Development
1. **Install Poetry**: Follow the instructions on the [Poetry website](https://python-poetry.org/docs/#installation) to install Poetry.
2. **Clone the repository**: Clone the `pypanther` repository to your local machine.
```bash
git clone git@github.com:panther-labs/pypanther.git
cd pypanther
```
3. **Install dependencies**: Use Poetry to install the project's dependencies.
```bash
poetry install
```
This will create a virtual environment and install all necessary dependencies specified in the `pyproject.toml` file.
4. **Activate the virtual environment**: You can activate the virtual environment created by Poetry using:
```bash
poetry shell
```
5. **Testing Locally**: You can create a `main.py` file within the `pypanther` directory to test commands and functionality
locally. This file can be used to run test commands or interact with `pypanther` features.
- **Create a `main.py` file**: Here is an example main file. Assumes you have a folder called `custom_rules` with all your test rules.
```python
# pypanther/main.py
from pypanther import register, get_panther_rules, get_rules
import custom_rules
register(get_panther_rules())
register(get_rules(custom_rules))
```
- **Running the CLI**: Use the following command to run `main.py` with Poetry:
```bash
poetry run python ./pypanther/main.py <cmd>
```
Replace `<cmd>` with any specific commands you want to test (e.g. `test` and `upload`)
6. **Adding Dependencies**: If you need to add new dependencies, use the following command:
```bash
poetry add <package-name>
```
This will update the `pyproject.toml` file with the new dependency.
## Contributing
We welcome contributions! Please fork the repository and submit a pull request for review. For major changes, please open an issue first to
discuss what you would like to change.
## Issues
If you encounter any issues or have questions, please open a support ticket.
## License
**pypanther** is released under [Apache License 2.0](LICENSE.txt).
Raw data
{
"_id": null,
"home_page": null,
"name": "pypanther",
"maintainer": null,
"docs_url": null,
"requires_python": "==3.11.*",
"maintainer_email": null,
"keywords": "Security, CLI",
"author": "Panther Labs Inc",
"author_email": "pypi@runpanther.io",
"download_url": "https://files.pythonhosted.org/packages/5e/4b/99d81217133df0315f940e6de267e93547c8a92269df005e2d63c58e8c97/pypanther-0.1.1a54.tar.gz",
"platform": null,
"description": "# PyPanther\n\n**pypanther** is a Python library for building Panther analysis content for the Panther cybersecurity product.\nIt provides a simple and intuitive interface for creating, managing, and deploying detections to enhance your security posture.\nIncluded is a `pypanther` CLI tool to interact with your content and upload it to the Panther web app.\n\n## Features\n\n- **Rule Creation**: Easily create rules using Python classes and inheritance.\n- **Management**: Organize and manage rules efficiently with native Python.\n- **Deployment**: Upload detections and more to Panther for real-time detection.\n\n## Installation\n\nTo install **pypanther**, use pip:\n\n```bash\npip install pypanther\n```\n\n## Prerequisites\n\n- Python 3.11 or higher\n- [Panther](https://panther.com) account and API access\n\n## Usage\n\n1. **Import pypanther**: Start by importing pypanther into your Python script.\n2. **Create Rules**: Subclass the `Rule` class to define new rules.\n3. **Register Rules**: Register your custom rules and Panther managed rules inside your `main.py` file.\n4. **Test Rules**: Test all your registered rules using `pypanther test`.\n5. **Upload Rules**: Upload all registered rules with your Panther deployment using the CLI tool (`pypanther upload`).\n\n## Getting Started\n\nHere is a simple example to get you started:\n\n```python\nfrom pypanther import Rule, register, LogType, Severity\n\n\n# Create a new rule\nclass MyRule(Rule):\n id = \"MyRule\"\n default_severity = Severity.HIGH\n log_types = [LogType.OKTA_SYSTEM_LOG]\n\n def rule(self, event):\n return event.get(\"status\") == \"breached\"\n\n\n# register the rule\nregister(MyRule)\n```\n\nCheck out the [pypanther-starter-kit](https://github.com/panther-labs/pypanther-starter-kit) for more examples on how to use `pypanther`.\n\nYou can view detailed docs on the package and CLI tool on the [panther docs](https://docs.panther.com/detections/pypanther/cli).\n\n## Local Development\n\nWe use [Poetry](https://python-poetry.org/) for dependency management and packaging. Poetry makes it easy to set up a consistent and\nisolated development environment.\n\n### Setting Up for Local Development\n\n1. **Install Poetry**: Follow the instructions on the [Poetry website](https://python-poetry.org/docs/#installation) to install Poetry.\n\n2. **Clone the repository**: Clone the `pypanther` repository to your local machine.\n\n ```bash\n git clone git@github.com:panther-labs/pypanther.git\n cd pypanther\n ```\n\n3. **Install dependencies**: Use Poetry to install the project's dependencies.\n\n ```bash\n poetry install\n ```\n\n This will create a virtual environment and install all necessary dependencies specified in the `pyproject.toml` file.\n\n4. **Activate the virtual environment**: You can activate the virtual environment created by Poetry using:\n\n ```bash\n poetry shell\n ```\n\n5. **Testing Locally**: You can create a `main.py` file within the `pypanther` directory to test commands and functionality\n locally. This file can be used to run test commands or interact with `pypanther` features.\n\n - **Create a `main.py` file**: Here is an example main file. Assumes you have a folder called `custom_rules` with all your test rules.\n\n ```python\n # pypanther/main.py\n\n from pypanther import register, get_panther_rules, get_rules\n import custom_rules\n\n\n register(get_panther_rules())\n register(get_rules(custom_rules))\n ```\n\n - **Running the CLI**: Use the following command to run `main.py` with Poetry:\n\n ```bash\n poetry run python ./pypanther/main.py <cmd>\n ```\n\n Replace `<cmd>` with any specific commands you want to test (e.g. `test` and `upload`)\n\n6. **Adding Dependencies**: If you need to add new dependencies, use the following command:\n\n ```bash\n poetry add <package-name>\n ```\n\n This will update the `pyproject.toml` file with the new dependency.\n\n## Contributing\n\nWe welcome contributions! Please fork the repository and submit a pull request for review. For major changes, please open an issue first to\ndiscuss what you would like to change.\n\n## Issues\n\nIf you encounter any issues or have questions, please open a support ticket.\n\n## License\n\n**pypanther** is released under [Apache License 2.0](LICENSE.txt).\n",
"bugtrack_url": null,
"license": "AGPL-3.0-only",
"summary": null,
"version": "0.1.1a54",
"project_urls": null,
"split_keywords": [
"security",
" cli"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "eeab62a7b52e34db18415f70b2b7bd70103a6c02687206d68a21521e86545501",
"md5": "b442f62083b8f42fe9b92ce8120cb835",
"sha256": "65de8c5b9e83f770d0292a9d30e3025547977b455cadfbc53bff12deca7f2edc"
},
"downloads": -1,
"filename": "pypanther-0.1.1a54-py3-none-any.whl",
"has_sig": false,
"md5_digest": "b442f62083b8f42fe9b92ce8120cb835",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": "==3.11.*",
"size": 998156,
"upload_time": "2025-01-13T09:41:01",
"upload_time_iso_8601": "2025-01-13T09:41:01.612395Z",
"url": "https://files.pythonhosted.org/packages/ee/ab/62a7b52e34db18415f70b2b7bd70103a6c02687206d68a21521e86545501/pypanther-0.1.1a54-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "5e4b99d81217133df0315f940e6de267e93547c8a92269df005e2d63c58e8c97",
"md5": "b5cab32236088b8c8e816b6420a736cd",
"sha256": "d6038ad2244fe153722b59ab0fffc21c99ed77bc84ae8bf49bf44ce507df0b33"
},
"downloads": -1,
"filename": "pypanther-0.1.1a54.tar.gz",
"has_sig": false,
"md5_digest": "b5cab32236088b8c8e816b6420a736cd",
"packagetype": "sdist",
"python_version": "source",
"requires_python": "==3.11.*",
"size": 480141,
"upload_time": "2025-01-13T09:41:05",
"upload_time_iso_8601": "2025-01-13T09:41:05.635756Z",
"url": "https://files.pythonhosted.org/packages/5e/4b/99d81217133df0315f940e6de267e93547c8a92269df005e2d63c58e8c97/pypanther-0.1.1a54.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-01-13 09:41:05",
"github": false,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"lcname": "pypanther"
}
JSON