Axonius-api-client

Feature: Run Enforcement Set against trigger

New endpoints:
- run_set_against_trigger: PUT: api/V4.5/enforcements/{uuid}/trigger
- run_sets_against_trigger: POST: api/V4.5/enforcements/trigger

New Methods:
- client.enforcements.run
- client.enforcements._run_sets_against_trigger
- client.enforcements._run_set_against_trigger

New Commands:
- axonshell enforcements run

What's Changed
* 4.40.3 by lifehackjim in https://github.com/Axonius/axonius_api_client/pull/199
* 4.40.3 by lifehackjim in https://github.com/Axonius/axonius_api_client/pull/200


**Full Changelog**: https://github.com/Axonius/axonius_api_client/compare/4.40.2...4.40.3

Feature: Get Query History

New Methods:
- client.devices.saved_query.get_query_history
- client.devices.saved_query.get_query_history_generator
- client.devices.saved_query.get_query_history_run_by
- client.devices.saved_query.get_query_history_run_from

New Commands:
- axonshell devices saved-query get-query-history
- axonshell users saved-query get-query-history
- axonshell vulnerabilities saved-query get-query-history

Bugfix: Adapter specific Advanced settings using wrong schema

This command would produce the wrong output:

axonshell adapters config-get -ct specific -n tenable_io


This command would fail due to mismatched schema:

axonshell adapters config-update -ct specific -n tenable_io -c exclude_no_last_scan=y


Both of these issues are addressed in this version.

What's Changed
* 4.40.2 by lifehackjim in https://github.com/Axonius/axonius_api_client/pull/198

**Full Changelog**: https://github.com/Axonius/axonius_api_client/compare/4.40.1...4.40.2

Feature: Get Adapter Fetch History

New Methods:
- client.adapters.get_fetch_history
- client.adapters.get_fetch_history_generator
- client.adapters.get_fetch_history_filters

New Commands:
- axonshell adapters get-fetch-history-filters
- axonshell adapters get-fetch-history

Feature: Add support for new Get Saved Query arguments

New arguments for method client.devices.saved_query.get:
- include_usage (bool, default: False): include details of what other saved queries are using each sq
- get_view_data (bool, default: True): include the view object of each sq
- creators (optional, list of str, default: None, NOT YET SUPPORTED): only get sqs created by supplied users
- folder (optional, str, default: None, NOT YET SUPPORTED): name of folder to get saved queries from
- used_in (optional, list of str, default: None, NOT YET SUPPORTED): only get sq's that are used in supplied sqs
- paging options: page_sleep, page_size, row_start, row_stop

Feature: Include saved query ID and expressions when counting or getting assets by saved query

Performing a get_by_saved_query or count_by_saved_query will now accurately reflect the sq in the audit logs

Feature: Update schemas with new fields

Updated schemas:
- json_api.assets.AssetRequest
- json_api.adapters.Adapter
- json_api.adapters.Cnxs
- json_api.enforcements.SetBasic
- json_api.enforcements.UpdateResponse
- json_api.enforcements.ActionType
- json_api.instances.Instance
- json_api.saved_queries.SavedQuery
- json_api.system_users.SystemUser

Feature: Fix for Python 3.6

Changed parsing of datetime stamp for all_logs_list.py from `datetime.datetime.fromisoformat` (3.7+ only) to `dateutil.parser.parse`

Bugfix: History date arguments not showing in get-by-saved-query

axonshell devices/users/vulnerabilities get-by-saved-query now showing history arguments properly:
- `-hd, --history-date YYYY-MM-DD`
- `-hda, --history-days-ago TEXT`
- `-hex, --history-exact / -nhex, --no-history-exact`

Bugfix: explode_entities argument improperly named

`--explode-entities` accepted properly now, mistaken form of `--explode_entities` will be left for backwards compatibility


Bugfix: use-password-reset-token command had incorrect description

axonshell tools use-password-reset-token now shows the correct description.

What's Changed
* 4.40.1 by lifehackjim in https://github.com/Axonius/axonius_api_client/pull/195


**Full Changelog**: https://github.com/Axonius/axonius_api_client/compare/4.40.0...4.40.1

Feature: Support for SAAS instances and tunnels in Adapter Connections

New argument:
- name: tunnel
- type: string
- default: None
- description: name or ID of SAAS tunnel

'tunnel' argument added to methods
- client.adapters.cnx.get_by_adapter
- client.adapters.cnx.get_by_uuid
- client.adapters.cnx.get_by_label
- client.adapters.cnx.get_by_id
- client.adapters.cnx.update_by_id
- client.adapters.cnx.delete_by_id
- client.adapters.cnx.test_by_id

'--tunnel' argument added to commands:
- axonshell adapters cnx add
- axonshell adapters cnx add-from-json
- axonshell adapters cnx add-multiple-from-json
- axonshell adapters cnx delete-by-id
- axonshell adapters cnx get
- axonshell adapters cnx get-by-id
- axonshell adapters cnx set-active
- axonshell adapters cnx set-label
- axonshell adapters cnx test
- axonshell adapters cnx test-by-id
- axonshell adapters cnx update-by-id

Feature: Support for getting SAAS tunnels

New methods:
- client.instances.get_tunnels
- client.instances.get_tunnel
- client.instances.get_tunnel_default

Feature: Support for vulnerabilities asset type

This model should be considered BETA support for now. The query wizard does not yet support building the types
of queries needed for the vulnerabilities asset type.

New model:
- client.vulnerabilities

New command:
- axonshell vulnerabilities

Feature: Support for Split by asset entities

In order to mirror the functionality provided when doing a CSV export from the GUI and enabling "Split by asset entities".

New argument:
- name: explode_entities
- type: boolean
- default: False
- description: Enable --include-details and split each row into the data source from each adapter connection

'explode_entities' argument added to methods:
- client.devices.get*
- client.users.get*
- client.vulnerabilities.get*

'--explode_entities/--no-explode_entities' and '-exe/-nexe' arguments added to commands:
- axonshell devices get*
- axonshell users get*
- axonshell vulnerabilities get*

Bugfix: History date ignored when getting assets

Methods fixed:
- client.devices.get*
- client.users.get*
- client.vulnerabilities.get*

Commands fixed:
- axonshell devices get*
- axonshell users get*
- axonshell vulnerabilities get*

Bugfix: System user schema

Certain system user attributes are allowed to be None now:
- first_name
- last_name
- pic_name

API Library

Query Wizard Fixes

- fixed error when using is_ipv4 and is_ipv6 operators, i.e.

simple public_ips is_ipv4
simple public_ips is_ipv6


Query Wizard Enhancements

- Added support for specifying data scopes, i.e.:

simple data_scope equals Name Of Data Scope
simple data_scope equals UUID_OF_DATA_SCOPE


- Saved query supports using name or UUID, i.e.

simple sq equals Name Of Saved Query
simple sq equals UUID_OF_SQ


- Adapter name supports using short internal name, full internal name, or title, ie.e:

short internal name
simple adapters equals aws
full internal name
simple adapters equals aws_adapter
title
simple adapters equals tanium asset


- reworked custom enums into callbacks
- added better caching controls

What's Changed
* bonzai by lifehackjim in https://github.com/Axonius/axonius_api_client/pull/189
* 4.30.2 by lifehackjim in https://github.com/Axonius/axonius_api_client/pull/190


**Full Changelog**: https://github.com/Axonius/axonius_api_client/compare/4.30.1...4.30.2

AXONSHELL

AXONSHELL enhancements

- NEW COMMAND GROUP:
- `axonshell system data-scopes` - work with data scopes, commands:
- `axonshell system data-scopes create` - Create a data scope.
- `axonshell system data-scopes delete` - Delete a data scope.
- `axonshell system data-scopes get` - Get data scopes.
- `axonshell system data-scopes update-description` - Update the description of a data scope.
- `axonshell system data-scopes update-device-scopes` - Update the device asset scopes of a data scope.
- `axonshell system data-scopes update-name` - Update the name of a data scope.
- `axonshell system data-scopes update-user-scopes` - Update the user asset scopes of a data scope.

- NEW ARGUMENTS:
- For command `axonshell system roles add`:
- `--data-scope/-ds` - Specify a data scope to associate with the role

- NEW COMMANDS:
- For command group `axonshell system roles`:
- `axonshell system roles update-data-scope` - Update a roles data scope.
- `axonshell system roles get-perms` - Get a print out of all role permission categories and actions.

- MODIFIED ARGUMENTS:
- For all commands in command group `axonshell system roles`:
- `--export-format/-xf`:
- Now supports `str-args`
- `str` format changed, to get the old str format use `str-args`
- Default format is now `table`
- Added more metadata to output

API Library

API Library Enhancements
- `client.data_scopes` - new api model for working with data scopes
- `client.data_scopes.get` - get data scopes
- `client.data_scopes.get_safe` - get data scopes (will not error if data scope feature not enabled)
- `client.data_scopes.build_role_data_scope` - build a data scope restriction for use in a system role
- `client.data_scopes.create` - create a data scope
- `client.data_scopes.delete` - delete a data scope
- `client.data_scopes.update_name` - update the name of a data scope
- `client.data_scopes.update_description` - update the description of a data scope
- `client.data_scopes.update_user_scopes` - update the user asset scopes of a data scope
- `client.data_scopes.update_device_scopes` - update the device asset scopes of a data scope
- `client.data_scopes.check_feature_enabled` - throw an exception if data scope feature is not enabled
- `client.data_scopes.is_feature_enabled` - check if data scope feature is enabled
- `client.data_scopes.check_exists` - check if a data scope already exists with a name
- `client.data_scopes.get_asset_scopes` - get all saved query's that are asset scopes for users and devices
- `client.data_scopes._get` - private direct API method to get data scopes
- `client.data_scopes._delete` - private direct API method to delete a data scope
- `client.data_scopes._create` - private direct API method to create a data scope
- `client.data_scopes._update` - private direct API method to update a data scope
- `client.data_scopes._update_from_model` - private direct API method to update a data scope

- `client.system_roles` - new methods:
- `client.system_roles.update_data_scope` - Update the data scope for a role

- `client.system_roles.add` - new arguments:
- `data_scope` optional string with name or UUID of data scope for the role

What's Changed
* 4.30.1 by lifehackjim in https://github.com/Axonius/axonius_api_client/pull/188


**Full Changelog**: https://github.com/Axonius/axonius_api_client/compare/4.30.0...4.30.1