Crowdstrike-falconpy

Issues resolved
+ Bug fix: Fixed bad comparison for endpoint lookups when using Service Classes. Closes 305. `_util.py`
+ Bug fix: Fixed typo in operation ID for query_platforms method within CustomIOA Service Class. Closes 307. `custom_ioa.py`
+ Bug fix: Fixed typo in operation ID for create_user_groups method within FlightControl Service Class. Closes 308. `mssp.py`

---

Added features and functionality
+ Refactored Cloud Connect AWS Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 271. `cloud_connect_aws.py`
+ Refactored CSPM Registration Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 272. `cspm_registration.py`
+ Refactored Custom IOA Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 258. `custom_ioa.py`
+ Refactored D4C Registration Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 273. `d4c_registration.py`
+ Refactored Detects Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 274. `detects.py`
+ Refactored Device Control Policies Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 275. `device_control_policies.py`
+ Refactored Events Streams Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 248. `event_streams.py`
+ Refactored Falcon Complete Dashboard Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 294. `falcon_complete_dashboard.py`
+ Refactored Falcon Flight Control Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 292. `mssp.py`
+ Refactored Falcon X Sandbox Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 259. `falconx_sandbox.py`
+ Refactored Firewall Management Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 257. `firewall_management.py`
+ Refactored Firewall Policies Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 296. `firewall_policies.py`
+ Refactored Hosts Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 269. `hosts.py`
+ Refactored Host Group Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 286. `host_group.py`
+ Refactored Identity Protection Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 299. `identity_protection.py`
+ Refactored Incidents Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 289. `incidents.py`
+ Refactored Installation Tokens Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 287. `installation_tokens.py`
+ Refactored Intel Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 264. `intel.py`
+ Refactored IOA Exclusions Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 283. `ioa_exclusions.py`
+ Refactored IOC Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 267. `ioc.py`
+ Refactored IOCs Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 284. `iocs.py`
+ Refactored Kubernetes Protection Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 293. `kubernetes_protection.py`
+ Refactored MalQuery Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 298. `malquery.py`
+ Refactored ML Exclusions Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 281. `ml_exclusions.py`
+ Refactored Overwatch Dashboard Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 278. `overwatch_dashboard.py`
+ Refactored Prevention Policy Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 290. `prevention_policy.py`
+ Refactored Quick Scan Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 282. `quick_scan.py`
+ Refactored Real Time Response Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 280. `real_time_response.py`
+ Refactored Real Time Response Admin Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 256. `real_time_response_admin.py`
+ Refactored Recon Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 297. `recon.py`
+ Refactored Response Policies Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 295. `response_policies.py`
+ Refactored Sample Uploads Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 255. `sample_uploads.py`
+ Refactored Sensor Download Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 285. `sensor_download.py`
+ Refactored Sensor Update Policy Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 288. `sensor_update_policy.py`
+ Refactored Sensor Visibility Exclusions Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 279. `sensor_visibility_exclusions.py`
+ Refactored Spotlight Vulnerabilities Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 277. `spotlight_vulnerabilities.py`
+ Refactored User Management Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 276. `user_management.py`
+ Refactored Zero Trust Assessment Service Class to the latest pattern (rev 3), aligns syntax to PEP8. Closes 260. `zero_trust_assessment.py`

+ Added client_id and client_secret as keywords to the base Service Class, Uber Class, and Authentication class. `api_complete.py`, `oauth2.py`, `_service_class.py`

> This change allows you to specify your API ID and secret when you create an instance of any of the service class. (Direct Authentication)
python
from falconpy.hosts import Hosts
falcon = Hosts(client_id="CLIENT_ID_HERE", client_secret="CLIENT_SECRET_HERE")
results = falcon.query_devices_by_filter(sort="devices.hostname|desc", limit=10)
print(results)


+ Added _new_ Report Executions Service Class. `report_executions.py`
- Basic unit test implemented: `test_report_executions.py`
+ Added _new_ Schedule Reports Service Class. `scheduled_reports.py`
- Basic unit test implemented: `test_scheduled_reports.py`

+ Added new operation (getComplianceV1) to Zero Trust Assessment Service Class. `zero_trust_assessment.py`

Issues resolved
+ Bug fix: Resolved HTTP status code 415 on calls to refreshActiveStreamSession (refresh_active_stream). Closes 247. `event_streams.py`
+ Bug fix: Resolved header pollution issue within Falcon X Sandbox Service Class. Closes 250. `falconx_sandbox.py`
+ Bug fix: Resolved header pollution issue within Firewall Management Service Class. Closes 252. `firewall_management.py`
+ Bug fix: Resolved header pollution issue within Custom IOA Service Class. Closes 253. `custom_ioa.py`
+ Bug fix: Resolved header pollution issue within Sample Uploads Service Class. Closes 254. `sample_uploads.py`
+ Bug fix: Resolved HTTP status code 500 error on calls to RTR_CreatePut_Files (create_put_files). Closes 261. `real_time_response_admin.py`
+ Bug fix: Resolved HTTP status code 400 or 500 error on calls to RTR_UpdateScripts (update_scripts) and calls to RTR_CreateScripts (create_scripts). Closes 262. `real_time_response_admin.py`
+ Bug fix: Added handle_single_argument helper to attempt to handle single arguments passed to Service Class methods. Addresses a potential breaking change introduced by v0.5.4. Closes 263. `_util.py`

> Developers should use keywords, __not arguments__, when specifying parameters provided to Service Class or the Uber Class command methods.
Example
python
from falconpy.hosts import Hosts
falcon = Hosts(creds={"client_id": "CLIENT_ID_HERE", "client_secret": "CLIENT_SECRET_HERE"})

result = falcon.GetDeviceDetails(ids="12345")) This syntax will always work
print(result)
result = falcon.GetDeviceDetails("12345") This syntax may fail depending on method
print(result) (will work in this example)
bad_result = falcon.QueryHiddenDevices(1, 0, "devices.hostname|desc", "")
print(bad_result) This syntax will always fail

> Whenever possible, Service Classes attempt to guess the keyword for the first argument passed (if present). Typically these are aligned to the one required parameter for the method. (_Example: the **ids** parameter_)
+ Related to 263: Updated Uber class to no longer leverage the force_default helper, allowing users to still use the first argument to specify the action to be performed. `api_complete.py`
+ Bug fix: Added the **after** parameter to the endpoint parameter definitions for _indicator_combined_v1_ and _indicator_search_v1_. Closes 266. `_endpoint/_ioc.py`
+ Bug fix: Multiple methods within the Flight Control Service Class make use of the wrong HTTP method. Closes 291. `mssp.py`

Other
+ Initial refactoring of unit test harnesses for service classes detailed above.
+ Reduced token-related API requests performed by unit testing series.
+ Minor adjustment to Uber class unit tests to better demonstrate proper method usage.
+ Updated unit tests to support US-2 / Gov base URL testing.

---

Added features and functionality
+ Added: New functionality for handling service class modules within FalconDebug.

Issues resolved
+ Bug fix: Resolved JSONDecode error on RTR_DeleteSession. Closes 238.
+ Bug fix: Resolved issue with credential authentication in service classes not respecting custom API configuration attributes. Closes 242.

Other
+ Package metadata updates
+ Updated IDP unit tests to more accurately cover functionality
+ Flaky unit test adjustments
+ FalconDebug added to linting workflows `debug.py`

---

Added features and functionality
+ Refactored Custom IOA Service Class to the new pattern to provide for new parameter handling functionality, closes 217. `custom_ioa.py`
+ Refactored Device Control Policies Service Class to the new pattern to provide for new parameter handling functionality, closes 224. `device_control_policies.py`
+ Refactored Firewall Policies Service Class to the new pattern to provide for new parameter handling functionality, closes 227. `firewall_policies.py`
+ Refactored Firewall Management Service Class to match the most recent pattern, closes 232. `firewall_management.py`
+ Refactored Falcon X Sandbox Service Class to the new pattern to provide for new parameter handling functionality, closes 226. `falconx_sandbox.py`
+ Refactored Hosts Service Class to the new pattern to provide for new parameter handling functionality, closes 218. `hosts.py`
+ Refactored Host Group Service Class to the new pattern to provide for new parameter handling functionality, closes 223. `host_group.py`
+ Refactored Intel Service Class to match the most recent pattern, closes 231. `intel.py`
+ Refactored OAuth2 class to reflect new functionality and linting patterns, closes 233. `oauth2.py`
+ Refactored Quick Scan Service Class to match the most recent pattern, closes 219. `quick_scan.py`
+ Refactored Real Time Response Service Class to match the most recent pattern, closes 230. `real_time_response.py`
+ Refactored Real Time Response Admin Service Class to match the most recent pattern, closes 229. `real_time_response_admin.py`
+ Refactored Sensor Updated Policy Service Class to the new pattern to provide for new parameter handling functionality, closes 222. `sensor_update_policy.py`
+ Refactored Sensor Downloads Service Class to the new pattern to provide for new parameter handling functionality, closes 221. `sensor_downloads.py`
+ Refactored Sample Uploads Service Class to the new pattern to provide for new parameter handling functionality, closes 220. `sample_uploads.py`
+ Refactored User Management Service Class to match the most recent pattern, closes 228. `user_management.py`

Issues resolved
+ Bug fix: Resolved issue with the timeout parameter not being passed to the OAuth2 class when legacy authentication was being used. Closes 225.

Other
+ Enabled Pylint stopping the build on linting failures within package source.
+ Unit test updates to expand code coverage for new code paths.
+ This update provides part of the functionality requested in 115.

---

Added features and functionality
+ Added `identity_protection.py` - Identity Protection service class.
+ Added utility to create a zip archive to be used with AWS Lambda layers. (`create-lambda-layer.sh`)

Issues resolved
+ Bug fix: Resolved order of operations issue with body validation in __validate_payload__ helper function. (`_util.py`)
+ Updated `cloud_connect_aws.py` - Cloud_Connect_AWS Service Class. Closes 209.
+ Updated `detects.py` - Detects Service Class. Closes 210.
+ Updated `event_streams.py` - Event Streams Service Class. Closes 212.
+ Updated `incidents.py` - Incidents Service Class. Closes 213.
+ Updated `spotlight_vulnerabilities.py` - Spotlight Vulnerabilities Service Class. Closes 214.
+ Updated `zero_trust_assessment.py` - Zero Trust Assessment Service Class. Closes 211.
+ Updated query used for unit testing of Spotlight Vulnerabilities service class. 2020 -> 2021 (`test_spotlight_vulnerabilities.py`)
+ Bug fix: Resolved flaky unit test for RegenerateAPIKey for Kubernetes Protection service class. (`test_kubernetes_protection.py`).

Other
+ Added pylint workflow to push / pull_request actions.
+ _endpoint module updates to support new service class.
+ Added unit testing for new service class.
+ Unit testing updates to complete code coverage.
+ README.md updated.
+ Added additional classifiers and developer requirements to PIP package metadata. (`setup.py`)

---

Issues resolved
+ Bug fix: Resolves 200 by moving the failing method (entities_processes) in `iocs.py` to the latest code pattern.

---