Py42

Added

- Added new filter terms for the following file event fields to `py42.sdk.queries.fileevents.v2.filters`:
- `destination.Category`
- `source.Category`
- `risk.Indicators`
- Added remaining query filter terms and classes for all V2 file event fields.

Added

- Support for V2 file event data.
- Use queries built with V2 filters by importing the appropriate modules with `from py42.sdk.queries.fileevents.v2 import *`. Documentation is available for all V2 filter terms.
- The following functions will now use V2 apis for searching file events if sent a V2 query object:
- `securitydata.search_file_events()`
- `securitydata.search_all_file_events()`
- All saved search methods now have an optional `use_v2=False` argument. Set `use_v2=True` to opt into using the V2 saved search APIs. The following methods now accept this arg:
- `securitydata.savedsearches.get()`
- `securitydata.savedsearches.get_by_id()`
- `securitydata.savedsearches.get_query()`
- `securitydata.savedsearches.execute()`
- `securitydata.savedsearches.search_file_events()`

Fixed

- A bug where `sdk.watchlists.add_included_users_by_watchlist_type()` and `sdk.watchlists.delete_included_users_by_watchlist_type()` were not returning the response object.

Added

- `Watchlists` and `UserRiskProfile` clients
- These features replace the `DetectionLists` client as well as its `DepartingEmployee` and `HighRiskEmployee` services. All related classes and methods have been marked as deprecated and will raise deprecation warnings.
- `Watchlists` client includes the following methods:
- `get()`
- `delete()`
- `get_all()`
- `create()`
- `get_all_included_users()`
- `add_included_users_by_watchlist_id()`
- `add_included_users_by_watchlist_type()`
- `remove_included_users_by_watchlist_id()`
- `remove_included_users_by_watchlist_type()`
- `get_all_watchlist_members()`
- `get_watchlist_member()`
- `UserRiskProfile` client includes the following methods:
- `get_by_id()`
- `get_by_username()`
- `update()`
- `get_page()`
- `get_all()`
- `add_cloud_aliases()`
- `delete_cloud_aliases()`

- `sdk.devices.upgrade()` to instruct the Code42 cloud to upgrade an individual device to the latest available version.

- `sdk.archive.stream_from_backup()` and `sdk.archive.stream_to_device()` methods now accept an optional `backup_set_id` parameter to identify which backup set to restore from (only applicable to V3 archives).

Fixed

- Bug where attempting to restore from an empty archive would throw a confusing `TypeError`, we now raise appropriate `Py42ArchiveFileNotFoundError`.
- Py42 now automatically sleeps and retries file event search queries if a 429 (too many requests) error is hit.

Deprecated

- The `DetectionLists` client including its `DepartingEmployee` and `HighRiskEmployee` services.

Added
- `IncydrDeviceSettings` class to allow users to manage the settings on individual Incydr devices.

Fixed

- Bug with incorrect error being raised `sdk.detectionlists.add_user_cloud_alias()`

Added

- New file event filter query classes:
- in `sdk.queries.fileevents.filters.source_filters`:
- `SourceCategory`
- `SourceName`
- `SourceTabTitles`
- `SourceTabUrls`
- in `sdk.queries.filevents.filters.exposure_filters`:
- `DestinationCategory`
- `DestinationName`

Fixed

- Improved error handling for `sdk.detectionlists.add_user_cloud_alias()`