# pypanther
**pypanther** is a Python library for building Panther analysis content for the Panther cybersecurity product.
It provides a simple and intuitive interface for creating, managing, and deploying detections to enhance your security posture.
Included is a `pypanther` CLI tool to interact with your content and upload it to the Panther web app.
## Features
- **Rule Creation**: Easily create rules using Python classes and inheritance.
- **Management**: Organize and manage rules efficiently with native Python.
- **Deployment**: Upload detections and more to Panther for real-time detection.
## Installation
To install **pypanther**, use pip:
```bash
pip install pypanther
```
## Prerequisites
- Python 3.11 or higher
- [Panther](https://panther.com) account and API access
## Usage
1. **Import pypanther**: Start by importing pypanther into your Python script.
2. **Create Rules**: Subclass the `Rule` class to define new rules.
3. **Register Rules**: Register your custom rules and Panther managed rules inside your `main.py` file.
4. **Test Rules**: Test all your registered rules using `pypanther test`.
5. **Upload Rules**: Upload all registered rules with your Panther deployment using the CLI tool (`pypanther upload`).
## Getting Started
Here is a simple example to get you started:
```python
from pypanther import Rule, register, LogType, Severity
# Create a new rule
class MyRule(Rule):
id = "MyRule"
default_severity = Severity.HIGH
log_types = [LogType.OKTA_SYSTEM_LOG]
def rule(self, event):
return event.get("status") == "breached"
# register the rule
register(MyRule)
```
Check out the [pypanther-starter-kit](https://github.com/panther-labs/pypanther-starter-kit) for more examples on how to use `pypanther`.
You can view detailed docs on the package and CLI tool on the [panther docs]().
## Local Development
We use [Poetry](https://python-poetry.org/) for dependency management and packaging. Poetry makes it easy to set up a consistent and
isolated development environment.
### Setting Up for Local Development
1. **Install Poetry**: Follow the instructions on the [Poetry website](https://python-poetry.org/docs/#installation) to install Poetry.
2. **Clone the repository**: Clone the `pypanther` repository to your local machine.
```bash
git clone git@github.com:panther-labs/pypanther.git
cd pypanther
```
3. **Install dependencies**: Use Poetry to install the project's dependencies.
```bash
poetry install
```
This will create a virtual environment and install all necessary dependencies specified in the `pyproject.toml` file.
4. **Activate the virtual environment**: You can activate the virtual environment created by Poetry using:
```bash
poetry shell
```
5. **Testing Locally**: You can create a `main.py` file within the `pypanther` directory to test commands and functionality
locally. This file can be used to run test commands or interact with `pypanther` features.
- **Create a `main.py` file**: Here is an example main file. Assumes you have a folder called `custom_rules` with all your test rules.
```python
# pypanther/main.py
from pypanther import register, get_panther_rules, get_rules
import custom_rules
register(get_panther_rules())
register(get_rules(custom_rules))
```
- **Running the CLI**: Use the following command to run `main.py` with Poetry:
```bash
poetry run python ./pypanther/main.py <cmd>
```
Replace `<cmd>` with any specific commands you want to test (e.g. `test` and `upload`)
6. **Adding Dependencies**: If you need to add new dependencies, use the following command:
```bash
poetry add <package-name>
```
This will update the `pyproject.toml` file with the new dependency.
## Contributing
We welcome contributions! Please fork the repository and submit a pull request for review. For major changes, please open an issue first to
discuss what you would like to change.
## Issues
If you encounter any issues or have questions, please open a support ticket.
## License
**pypanther** is released under the [GNU Affero General Public License](LICENSE.txt).
Raw data
{
"_id": null,
"home_page": null,
"name": "pypanther",
"maintainer": null,
"docs_url": null,
"requires_python": "==3.11.*",
"maintainer_email": null,
"keywords": "Security, CLI",
"author": "Panther Labs Inc",
"author_email": "pypi@runpanther.io",
"download_url": "https://files.pythonhosted.org/packages/47/e4/fd9752c37930a3d2de14733c7bdaf49ede0004e8281ddfc1249c36114c22/pypanther-0.1.1a50.tar.gz",
"platform": null,
"description": "# pypanther\n\n**pypanther** is a Python library for building Panther analysis content for the Panther cybersecurity product.\nIt provides a simple and intuitive interface for creating, managing, and deploying detections to enhance your security posture.\nIncluded is a `pypanther` CLI tool to interact with your content and upload it to the Panther web app.\n\n## Features\n\n- **Rule Creation**: Easily create rules using Python classes and inheritance.\n- **Management**: Organize and manage rules efficiently with native Python.\n- **Deployment**: Upload detections and more to Panther for real-time detection.\n\n## Installation\n\nTo install **pypanther**, use pip:\n\n```bash\npip install pypanther\n```\n\n## Prerequisites\n\n- Python 3.11 or higher\n- [Panther](https://panther.com) account and API access\n\n## Usage\n\n1. **Import pypanther**: Start by importing pypanther into your Python script.\n2. **Create Rules**: Subclass the `Rule` class to define new rules.\n3. **Register Rules**: Register your custom rules and Panther managed rules inside your `main.py` file.\n4. **Test Rules**: Test all your registered rules using `pypanther test`.\n5. **Upload Rules**: Upload all registered rules with your Panther deployment using the CLI tool (`pypanther upload`).\n\n## Getting Started\n\nHere is a simple example to get you started:\n\n```python\nfrom pypanther import Rule, register, LogType, Severity\n\n\n# Create a new rule\nclass MyRule(Rule):\n id = \"MyRule\"\n default_severity = Severity.HIGH\n log_types = [LogType.OKTA_SYSTEM_LOG]\n\n def rule(self, event):\n return event.get(\"status\") == \"breached\"\n\n\n# register the rule\nregister(MyRule)\n```\n\nCheck out the [pypanther-starter-kit](https://github.com/panther-labs/pypanther-starter-kit) for more examples on how to use `pypanther`.\n\nYou can view detailed docs on the package and CLI tool on the [panther docs]().\n\n## Local Development\n\nWe use [Poetry](https://python-poetry.org/) for dependency management and packaging. Poetry makes it easy to set up a consistent and\nisolated development environment.\n\n### Setting Up for Local Development\n\n1. **Install Poetry**: Follow the instructions on the [Poetry website](https://python-poetry.org/docs/#installation) to install Poetry.\n\n2. **Clone the repository**: Clone the `pypanther` repository to your local machine.\n\n ```bash\n git clone git@github.com:panther-labs/pypanther.git\n cd pypanther\n ```\n\n3. **Install dependencies**: Use Poetry to install the project's dependencies.\n\n ```bash\n poetry install\n ```\n\n This will create a virtual environment and install all necessary dependencies specified in the `pyproject.toml` file.\n\n4. **Activate the virtual environment**: You can activate the virtual environment created by Poetry using:\n\n ```bash\n poetry shell\n ```\n\n5. **Testing Locally**: You can create a `main.py` file within the `pypanther` directory to test commands and functionality\n locally. This file can be used to run test commands or interact with `pypanther` features.\n\n - **Create a `main.py` file**: Here is an example main file. Assumes you have a folder called `custom_rules` with all your test rules.\n\n ```python\n # pypanther/main.py\n\n from pypanther import register, get_panther_rules, get_rules\n import custom_rules\n \n \n register(get_panther_rules())\n register(get_rules(custom_rules))\n ```\n\n - **Running the CLI**: Use the following command to run `main.py` with Poetry:\n\n ```bash\n poetry run python ./pypanther/main.py <cmd>\n ```\n\n Replace `<cmd>` with any specific commands you want to test (e.g. `test` and `upload`)\n\n6. **Adding Dependencies**: If you need to add new dependencies, use the following command:\n\n ```bash\n poetry add <package-name>\n ```\n\n This will update the `pyproject.toml` file with the new dependency.\n\n## Contributing\n\nWe welcome contributions! Please fork the repository and submit a pull request for review. For major changes, please open an issue first to\ndiscuss what you would like to change.\n\n## Issues\n\nIf you encounter any issues or have questions, please open a support ticket.\n\n## License\n\n**pypanther** is released under the [GNU Affero General Public License](LICENSE.txt).\n",
"bugtrack_url": null,
"license": "AGPL-3.0-only",
"summary": null,
"version": "0.1.1a50",
"project_urls": null,
"split_keywords": [
"security",
" cli"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "5d5adcd3cf12fa4d1b5bc699acd9c50f81ea46f4168ba6d1104e99d836c4d858",
"md5": "fdcbbaed6d9d38e892edad15c114bad5",
"sha256": "c347450fcdb58b60fce9a06f9d1f5dcf5fab2ab8ffe88a8448f5b69e6ce9659a"
},
"downloads": -1,
"filename": "pypanther-0.1.1a50-py3-none-any.whl",
"has_sig": false,
"md5_digest": "fdcbbaed6d9d38e892edad15c114bad5",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": "==3.11.*",
"size": 1005653,
"upload_time": "2024-10-23T18:59:56",
"upload_time_iso_8601": "2024-10-23T18:59:56.300523Z",
"url": "https://files.pythonhosted.org/packages/5d/5a/dcd3cf12fa4d1b5bc699acd9c50f81ea46f4168ba6d1104e99d836c4d858/pypanther-0.1.1a50-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "47e4fd9752c37930a3d2de14733c7bdaf49ede0004e8281ddfc1249c36114c22",
"md5": "16dfb93b90c4f958569959c91d472997",
"sha256": "a20de9d4f7b4920dfe3cfe099c1edd593c710df7a87657c75efbd3228aed296c"
},
"downloads": -1,
"filename": "pypanther-0.1.1a50.tar.gz",
"has_sig": false,
"md5_digest": "16dfb93b90c4f958569959c91d472997",
"packagetype": "sdist",
"python_version": "source",
"requires_python": "==3.11.*",
"size": 489418,
"upload_time": "2024-10-23T18:59:57",
"upload_time_iso_8601": "2024-10-23T18:59:57.956714Z",
"url": "https://files.pythonhosted.org/packages/47/e4/fd9752c37930a3d2de14733c7bdaf49ede0004e8281ddfc1249c36114c22/pypanther-0.1.1a50.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-10-23 18:59:57",
"github": false,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"lcname": "pypanther"
}
JSON