Axonius-api-client

<!-- MarkdownTOC -->

- [Bugfix: python 3.6 does not have re.Pattern](bugfix-python-36-does-not-have-repattern)
- [Bugfix: python 3.8 can not use typing.Union with isinstance](bugfix-python-38-can-not-use-typingunion-with-isinstance)
- [Bugfix: Parsing of --header and --cookie was being mishandled](bugfix-parsing-of---header-and---cookie-was-being-mishandled)
- [Bugfix: more header/cookie names should be hidden in logs by default](bugfix-more-headercookie-names-should-be-hidden-in-logs-by-default)

<!-- /MarkdownTOC -->

Bugfix: python 3.6 does not have re.Pattern

- now using typing.Pattern

Bugfix: python 3.8 can not use typing.Union with isinstance

- Would throw error
`TypeError: Subscripted generics cannot be used with class and instance checks`

- now using isinstance(val, (...))

Bugfix: Parsing of --header and --cookie was being mishandled

- fixed

Bugfix: more header/cookie names should be hidden in logs by default

- list of keys used to be

text
[
"api-key",
"api-secret",
]


- reworked to support string for exact key matches or regex patterns
- strings beginning with ~ will be turned into regex pattern
- list of keys is now

text
[
"~cookie",
"~auth",
"~token",
"~^cf_",
"~secret",
"~key",
"~username",
"~password",
]


What's Changed
* 4.40.5 by lifehackjim in https://github.com/Axonius/axonius_api_client/pull/205
* 4.40.5 by lifehackjim in https://github.com/Axonius/axonius_api_client/pull/206


**Full Changelog**: https://github.com/Axonius/axonius_api_client/compare/4.40.4...4.40.5

<!-- MarkdownTOC -->

- [Feature: Add support for supplying cookies](feature-add-support-for-supplying-cookies)
- [Feature: Specify request options when getting assets](feature-specify-request-options-when-getting-assets)
- [Bugfix: OS Env AX_HEADERS not parsing properly](bugfix-os-env-ax_headers-not-parsing-properly)
- [Bugfix: silence urllib3 deprecation warning](bugfix-silence-urllib3-deprecation-warning)
- [Schema Updates](schema-updates)
- [SavedQuery](savedquery)
- [Enforcements](enforcements)

<!-- /MarkdownTOC -->

Feature: Add support for supplying cookies

- New OS environment variable AX_COOKIES
- Treated as a CSV by default
- example: `AX_COOKIES="key1=value1,key2=value2"`
- Can be treated as JSON
- example: `AX_COOKIES='json:{"key1": "value1", "key2": "value2"}'`

- Added new argument to axonshell root command `--cookie`, examples:
- `axonshell --cookie key1=value1 --cookies key2=value2 devices count`
- `AX_COOKIES="key1=value1,key2=value2" axonshell devices count`
- `export AX_COOKIES="key1=value1,key2=value2"; axonshell devices count`

text
-cook, --cookie DICT_PARAM Additional cookies to supply with every
request (Example: 'key1=value1') (env var
parsed as CSV unless starts with 'json:')
(multiples) [env var: AX_COOKIES]


- Added more info to axonshell root command:

text
Using existing .env file: '/Users/jimbo/gh/Axonius/axonapi/.env'
AX_ENV=

Tips:
- All of the options listed above must be supplied BEFORE any commands or groups.
- CORRECT: axonshell --log-console devices count
- INCORRECT: axonshell devices count --log-console
- All values stored in a .env file will be treated as OS environment variables.
- Almost all options throughout axonshell have an associated OS environment variable.
- Use AX_ENV to point to a custom .env file:
- bash: export AX_ENV=/path/to/.env for all commands in current shell
- bash: AX_ENV=/path/to/.env axonshell tools shell for single commands
- cmd.exe: SET AX_ENV="c:\path\to\.env"
- powershell: $AX_ENV = "c:\path\to\.env"
- Use AX_COOKIES and AX_HEADERS as comma seperated values or json:
- AX_COOKIES="key1=value1,key2=value2,key3=value4"
- AX_HEADERS='json:{"key1": "value1", "key2": "value2"}'
- Use AX_URL, AX_KEY, AX_SECRET to specify credentials



- Internals: added new argument cookies:dict=None
- `axonius_api_client.http.Http.__init__`
- `axonius_api_client.http.Http.__call__`
- `axonius_api_client.connect.Connect.__init__`

Feature: Specify request options when getting assets

- Want to be able to set response timeout on specific calls
to get assets, example:

python
http_args = {"connect_timeout": 5, "response_timeout": 9999}
client.devices.get(http_args=http_args) noqa


- Internals: added new argument http_args:dict=None
- `client.devices.get`
- `client.users.get`
- `client.vulnerabilities.get`

Bugfix: OS Env AX_HEADERS not parsing properly

- Now works like the newly added AX_COOKIES

Bugfix: silence urllib3 deprecation warning

- Now only import pyopenssl on python<3.10.1

Schema Updates

SavedQuery

- new properties: access
- map access property to wonky private property replacement
- disable schema validation for "used_in" due to validation errors

Enforcements

- new properties: settings, description

What's Changed
* New example that adds adapter connections from a CSV. by nate-axonius in https://github.com/Axonius/axonius_api_client/pull/201
* 4.40.4 by lifehackjim in https://github.com/Axonius/axonius_api_client/pull/202
* 4.40.4 by lifehackjim in https://github.com/Axonius/axonius_api_client/pull/203


**Full Changelog**: https://github.com/Axonius/axonius_api_client/compare/4.40.3...4.40.4

Feature: Run Enforcement Set against trigger

New endpoints:
- run_set_against_trigger: PUT: api/V4.5/enforcements/{uuid}/trigger
- run_sets_against_trigger: POST: api/V4.5/enforcements/trigger

New Methods:
- client.enforcements.run
- client.enforcements._run_sets_against_trigger
- client.enforcements._run_set_against_trigger

New Commands:
- axonshell enforcements run

What's Changed
* 4.40.3 by lifehackjim in https://github.com/Axonius/axonius_api_client/pull/199
* 4.40.3 by lifehackjim in https://github.com/Axonius/axonius_api_client/pull/200


**Full Changelog**: https://github.com/Axonius/axonius_api_client/compare/4.40.2...4.40.3

Feature: Get Query History

New Methods:
- client.devices.saved_query.get_query_history
- client.devices.saved_query.get_query_history_generator
- client.devices.saved_query.get_query_history_run_by
- client.devices.saved_query.get_query_history_run_from

New Commands:
- axonshell devices saved-query get-query-history
- axonshell users saved-query get-query-history
- axonshell vulnerabilities saved-query get-query-history

Bugfix: Adapter specific Advanced settings using wrong schema

This command would produce the wrong output:

axonshell adapters config-get -ct specific -n tenable_io


This command would fail due to mismatched schema:

axonshell adapters config-update -ct specific -n tenable_io -c exclude_no_last_scan=y


Both of these issues are addressed in this version.

What's Changed
* 4.40.2 by lifehackjim in https://github.com/Axonius/axonius_api_client/pull/198

**Full Changelog**: https://github.com/Axonius/axonius_api_client/compare/4.40.1...4.40.2

Feature: Get Adapter Fetch History

New Methods:
- client.adapters.get_fetch_history
- client.adapters.get_fetch_history_generator
- client.adapters.get_fetch_history_filters

New Commands:
- axonshell adapters get-fetch-history-filters
- axonshell adapters get-fetch-history

Feature: Add support for new Get Saved Query arguments

New arguments for method client.devices.saved_query.get:
- include_usage (bool, default: False): include details of what other saved queries are using each sq
- get_view_data (bool, default: True): include the view object of each sq
- creators (optional, list of str, default: None, NOT YET SUPPORTED): only get sqs created by supplied users
- folder (optional, str, default: None, NOT YET SUPPORTED): name of folder to get saved queries from
- used_in (optional, list of str, default: None, NOT YET SUPPORTED): only get sq's that are used in supplied sqs
- paging options: page_sleep, page_size, row_start, row_stop

Feature: Include saved query ID and expressions when counting or getting assets by saved query

Performing a get_by_saved_query or count_by_saved_query will now accurately reflect the sq in the audit logs

Feature: Update schemas with new fields

Updated schemas:
- json_api.assets.AssetRequest
- json_api.adapters.Adapter
- json_api.adapters.Cnxs
- json_api.enforcements.SetBasic
- json_api.enforcements.UpdateResponse
- json_api.enforcements.ActionType
- json_api.instances.Instance
- json_api.saved_queries.SavedQuery
- json_api.system_users.SystemUser

Feature: Fix for Python 3.6

Changed parsing of datetime stamp for all_logs_list.py from `datetime.datetime.fromisoformat` (3.7+ only) to `dateutil.parser.parse`

Bugfix: History date arguments not showing in get-by-saved-query

axonshell devices/users/vulnerabilities get-by-saved-query now showing history arguments properly:
- `-hd, --history-date YYYY-MM-DD`
- `-hda, --history-days-ago TEXT`
- `-hex, --history-exact / -nhex, --no-history-exact`

Bugfix: explode_entities argument improperly named

`--explode-entities` accepted properly now, mistaken form of `--explode_entities` will be left for backwards compatibility


Bugfix: use-password-reset-token command had incorrect description

axonshell tools use-password-reset-token now shows the correct description.

What's Changed
* 4.40.1 by lifehackjim in https://github.com/Axonius/axonius_api_client/pull/195


**Full Changelog**: https://github.com/Axonius/axonius_api_client/compare/4.40.0...4.40.1

Feature: Support for SAAS instances and tunnels in Adapter Connections

New argument:
- name: tunnel
- type: string
- default: None
- description: name or ID of SAAS tunnel

'tunnel' argument added to methods
- client.adapters.cnx.get_by_adapter
- client.adapters.cnx.get_by_uuid
- client.adapters.cnx.get_by_label
- client.adapters.cnx.get_by_id
- client.adapters.cnx.update_by_id
- client.adapters.cnx.delete_by_id
- client.adapters.cnx.test_by_id

'--tunnel' argument added to commands:
- axonshell adapters cnx add
- axonshell adapters cnx add-from-json
- axonshell adapters cnx add-multiple-from-json
- axonshell adapters cnx delete-by-id
- axonshell adapters cnx get
- axonshell adapters cnx get-by-id
- axonshell adapters cnx set-active
- axonshell adapters cnx set-label
- axonshell adapters cnx test
- axonshell adapters cnx test-by-id
- axonshell adapters cnx update-by-id

Feature: Support for getting SAAS tunnels

New methods:
- client.instances.get_tunnels
- client.instances.get_tunnel
- client.instances.get_tunnel_default

Feature: Support for vulnerabilities asset type

This model should be considered BETA support for now. The query wizard does not yet support building the types
of queries needed for the vulnerabilities asset type.

New model:
- client.vulnerabilities

New command:
- axonshell vulnerabilities

Feature: Support for Split by asset entities

In order to mirror the functionality provided when doing a CSV export from the GUI and enabling "Split by asset entities".

New argument:
- name: explode_entities
- type: boolean
- default: False
- description: Enable --include-details and split each row into the data source from each adapter connection

'explode_entities' argument added to methods:
- client.devices.get*
- client.users.get*
- client.vulnerabilities.get*

'--explode_entities/--no-explode_entities' and '-exe/-nexe' arguments added to commands:
- axonshell devices get*
- axonshell users get*
- axonshell vulnerabilities get*

Bugfix: History date ignored when getting assets

Methods fixed:
- client.devices.get*
- client.users.get*
- client.vulnerabilities.get*

Commands fixed:
- axonshell devices get*
- axonshell users get*
- axonshell vulnerabilities get*

Bugfix: System user schema

Certain system user attributes are allowed to be None now:
- first_name
- last_name
- pic_name