# QRadar API python client for scripting
> [!IMPORTANT]
> python3.10 and above supported.
>
> http libs such as requests or httpx should be installed separately or as optional packages, as described below.
## Features:
- Pulls API schema from QRadar and creates client methods dynamically for the API version specified. This makes this client source code as small as possible;
- Asyncronous and client with schema caching introduced
- All the endpoints of QRadar API is mapped to a client method by name;
- No dependencies introduced, tested with httpx and requests http protocol libs with dependency injection, but obviously will only work with libs that provide compatible requests-like interface for Session-like object. Of course, wrappers can help with using incompatible libs;
- Generates stub file for method hinting if needed. It takes ~10MB of disk space.
## Installation
`pip install qradar`
or with requests/httpx correspondingly:
`pip install qradar[requests]`
`pip install qradar[httpx]`
## Intended usage
> [!TIP]
> Made to be used as full-featured copypaste drop-in client for scripts where pip installation way be unwanted. Clients are used this way in [examples](examples).
>
> Of course, it is not prohibited to install this package with pip.
## How to use any client (refer to examples for more)
0) Use any of `import` statements:
```python
from qradar import QRadar, QRadarAsync, QRadarCached
```
or copy the coppersonding `qradar/client.py` file contents
1) Initialize client as following:
```python
q = QRadar("https://qradar.is.local", KEY, "22.0", requests.Session(), verify=False)
```
Having:
- qradar.is.local is QRadar console hostname or ip
- KEY is API key created from console
- `"22.0"` - replaced with API version you want
- `requests` imported (and installed)
> Also works with httpx, with minor differences. Refer to examples for details
2) Use client instance methods, forming the name of desired endpoint
>For example, the endpoint `22.0 - GET - /reference_data/map_of_sets` is referenced by name `q.get_reference_data_map_of_sets`. The http method goes first, and the API endpoint path is trailing it, having the slashes replaced with underscores.
> For endpoints such as `22.0 - GET - /reference_data/map_of_sets/{name}` use the `reference_data_map_of_sets_name`, with {name} part provided as keyword argument:
> `q.get_reference_data_map_of_sets_name(name='refmapofsetsname')`
> For params such as filter, use keyword arguments:
> `q.help_endpoint(filter=f"version={version}")`
> For data posting, use first non-keyword argument. It accepts json-serializable objects (lists, dicts, lists of dicts, etc.):
> `q.post_reference_data_map_of_sets({"data": ["data"]})`
## Generating .pyi file for intellisense
> [!IMPORTANT]
> This option may be used for setting up more convenient development environment.
> Final script version should be delivered without API schema.
1) Clone the repository into project folder
2) Run `python3 schema_prefetch.py` having correct parameters in source code
3) `client.pyi` file must appear. As far as it is in one folder with `client.py`, the methods will be hinted with the names, arguments and description from QRadar API schema
Raw data
{
"_id": null,
"home_page": "https://github.com/Chmele/qradar-client",
"name": "qradar",
"maintainer": null,
"docs_url": null,
"requires_python": null,
"maintainer_email": null,
"keywords": "client, scripting, qradar, qradar-api",
"author": "Chmele",
"author_email": null,
"download_url": "https://files.pythonhosted.org/packages/bb/36/4815558dd7b068913b00f0ee336298a36b0505f042a290bf72f8ceb0486e/qradar-0.0.3.tar.gz",
"platform": null,
"description": "# QRadar API python client for scripting\n\n> [!IMPORTANT]\n> python3.10 and above supported.\n> \n> http libs such as requests or httpx should be installed separately or as optional packages, as described below.\n\n## Features:\n- Pulls API schema from QRadar and creates client methods dynamically for the API version specified. This makes this client source code as small as possible;\n- Asyncronous and client with schema caching introduced\n- All the endpoints of QRadar API is mapped to a client method by name;\n- No dependencies introduced, tested with httpx and requests http protocol libs with dependency injection, but obviously will only work with libs that provide compatible requests-like interface for Session-like object. Of course, wrappers can help with using incompatible libs;\n- Generates stub file for method hinting if needed. It takes ~10MB of disk space.\n\n## Installation\n\n`pip install qradar`\n\n or with requests/httpx correspondingly:\n\n`pip install qradar[requests]`\n\n`pip install qradar[httpx]`\n\n## Intended usage\n> [!TIP]\n> Made to be used as full-featured copypaste drop-in client for scripts where pip installation way be unwanted. Clients are used this way in [examples](examples).\n>\n> Of course, it is not prohibited to install this package with pip.\n\n## How to use any client (refer to examples for more)\n0) Use any of `import` statements:\n```python\nfrom qradar import QRadar, QRadarAsync, QRadarCached\n```\nor copy the coppersonding `qradar/client.py` file contents\n1) Initialize client as following:\n```python\nq = QRadar(\"https://qradar.is.local\", KEY, \"22.0\", requests.Session(), verify=False) \n```\nHaving:\n- qradar.is.local is QRadar console hostname or ip\n- KEY is API key created from console\n- `\"22.0\"` - replaced with API version you want\n- `requests` imported (and installed)\n\n> Also works with httpx, with minor differences. Refer to examples for details\n\n2) Use client instance methods, forming the name of desired endpoint\n\n>For example, the endpoint `22.0 - GET - /reference_data/map_of_sets` is referenced by name `q.get_reference_data_map_of_sets`. The http method goes first, and the API endpoint path is trailing it, having the slashes replaced with underscores.\n\n> For endpoints such as `22.0 - GET - /reference_data/map_of_sets/{name}` use the `reference_data_map_of_sets_name`, with {name} part provided as keyword argument:\n> `q.get_reference_data_map_of_sets_name(name='refmapofsetsname')`\n\n> For params such as filter, use keyword arguments:\n> `q.help_endpoint(filter=f\"version={version}\")`\n\n> For data posting, use first non-keyword argument. It accepts json-serializable objects (lists, dicts, lists of dicts, etc.):\n> `q.post_reference_data_map_of_sets({\"data\": [\"data\"]})`\n\n## Generating .pyi file for intellisense\n\n> [!IMPORTANT]\n> This option may be used for setting up more convenient development environment. \n> Final script version should be delivered without API schema.\n\n1) Clone the repository into project folder\n2) Run `python3 schema_prefetch.py` having correct parameters in source code\n3) `client.pyi` file must appear. As far as it is in one folder with `client.py`, the methods will be hinted with the names, arguments and description from QRadar API schema\n",
"bugtrack_url": null,
"license": "MIT",
"summary": "QRadar client for python with API schema fetching",
"version": "0.0.3",
"project_urls": {
"Homepage": "https://github.com/Chmele/qradar-client"
},
"split_keywords": [
"client",
" scripting",
" qradar",
" qradar-api"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "f76f0cdc4633fc9908524769a3c07c3603d6e93dadc2673cb23244668592fbcd",
"md5": "6fd89e01a98a882296a286ee97aaecec",
"sha256": "2c4d9ab75a857f917a39730bb334521e261e6aef67090549651098b9d0a88bc0"
},
"downloads": -1,
"filename": "qradar-0.0.3-py3-none-any.whl",
"has_sig": false,
"md5_digest": "6fd89e01a98a882296a286ee97aaecec",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": null,
"size": 4809,
"upload_time": "2024-12-24T10:58:21",
"upload_time_iso_8601": "2024-12-24T10:58:21.167226Z",
"url": "https://files.pythonhosted.org/packages/f7/6f/0cdc4633fc9908524769a3c07c3603d6e93dadc2673cb23244668592fbcd/qradar-0.0.3-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "bb364815558dd7b068913b00f0ee336298a36b0505f042a290bf72f8ceb0486e",
"md5": "4a0b42a8adb7658edc6a8400f0052fa0",
"sha256": "61fcebf1fb570dfa71c96faec82ce61650bd87017bb2370b7374209d94c3f8b3"
},
"downloads": -1,
"filename": "qradar-0.0.3.tar.gz",
"has_sig": false,
"md5_digest": "4a0b42a8adb7658edc6a8400f0052fa0",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 5323,
"upload_time": "2024-12-24T10:58:23",
"upload_time_iso_8601": "2024-12-24T10:58:23.709458Z",
"url": "https://files.pythonhosted.org/packages/bb/36/4815558dd7b068913b00f0ee336298a36b0505f042a290bf72f8ceb0486e/qradar-0.0.3.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-12-24 10:58:23",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "Chmele",
"github_project": "qradar-client",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"lcname": "qradar"
}
JSON
