### Manage Integration Instances Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Demonstrates creating a new integration instance with a name and description, and starting a synchronization job for a given integration instance ID. ```python # Create integration instance j1.create_integration_instance( instance_name="Integration Name", instance_description="Description Text" ) # Start synchronization job j1.start_sync_job(instance_id='') ``` -------------------------------- ### Create Alert Rule with Webhook, Tagging, or Jira Actions (Python) Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Demonstrates creating JupiterOne alert rules with different action configurations. Includes examples for Webhook, Tag Entities, and Create Jira Ticket actions, showcasing how to define the action payload and integrate it into the `create_alert_rule` function. ```python webhook_action_config = { "type": "WEBHOOK", "endpoint": "https://webhook.domain.here/endpoint", "headers": { "Authorization": "Bearer ", }, "method": "POST", "body": { "queryData": "{{queries.query0.data}}" } } tag_entities_action_config = { "type": "TAG_ENTITIES", "entities": "{{queries.query0.data}}", "tags": [ { "name": "tagKey", "value": "tagValue" } ] } create_jira_ticket_action_config = { "integrationInstanceId" : "5b0eee42-60f5-467a-8125-08666f1383da", "type" : "CREATE_JIRA_TICKET", "entityClass" : "Record", "summary" : "Jira Task created via JupiterOne Alert Rule", "issueType" : "Task", "project" : "PROS", "additionalFields" : { "description" : { "type" : "doc", "version" : 1, "content" : [ { "type" : "paragraph", "content" : [ { "type" : "text", "text" : "{{alertWebLink}}\n\n**Affected Items:**\n\n* {{queries.query0.data|mapProperty('displayName')|join('\n* ')}}" } ] } ] }, "j1webLink" : "{{alertWebLink}}", "customfield_1234": "text-value", "customfield_5678": { "value": "select-value" }, "labels" : [ "label1","label2" ], } } j1.create_alert_rule(name="create_alert_rule-name", description="create_alert_rule-description", tags=['tag1', 'tag2'], polling_interval="DISABLED", severity="INFO", j1ql="find jupiterone_user", action_configs=webhook_action_config) ``` -------------------------------- ### Execute J1QL Queries Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Provides examples for executing J1QL queries using the client. Covers basic queries, including deleted entities, tree queries, paginated results with cursors, and handling large datasets with deferred responses. ```python # Basic query QUERY = 'FIND Host' query_result = j1.query_v1(query=QUERY) # Query including deleted entities query_result = j1.query_v1(query=QUERY, include_deleted=True) # Tree query QUERY = 'FIND Host RETURN TREE' query_result = j1.query_v1(query=QUERY) # Cursor query for paginated results QUERY = "FIND (Device | Person)" cursor_query_r = j1._cursor_query(query=QUERY) # Cursor query with parallel processing QUERY = "FIND (Device | Person)" cursor_query_r = j1._cursor_query(query=QUERY, max_workers=5) # Deferred response for large datasets QUERY = "FIND UnifiedDevice" deferred_response_query_r = j1.query_with_deferred_response(query=QUERY) ``` -------------------------------- ### Project Dependencies (requirements.txt) Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/dev-requirements.txt Lists the core Python packages required for the JupiterOne API Client project, including testing and mocking libraries. This file specifies dependencies for installation. ```text -r requirements.txt pytest responses ``` -------------------------------- ### JupiterOne API: Alert Rule Configuration Structures Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Defines common JSON structures used for configuring JupiterOne alert rules, including actions like creating alerts, tagging entities, and sending webhook notifications. Also shows a complex example for creating a Jira ticket. ```json { "type": "CREATE_ALERT" } ``` ```json { "type": "TAG_ENTITIES", "entities": "{{queries.query0.data}}", "tags": [ { "name": "tagName", "value": "tagValue" } ] } ``` ```json { "type": "WEBHOOK", "endpoint": "https://webhook.example", "headers": { "Authorization": "Bearer " }, "method": "POST", "body": { "queryData": "{{queries.query0.data}}" } } ``` ```json { "integrationInstanceId" : "5b0eee42-60f5-467a-8125-08666f1383da", "type" : "CREATE_JIRA_TICKET", "entityClass" : "Record", "summary" : "Jira Task created via JupiterOne Alert Rule", "issueType" : "Task", "project" : "PROS", "additionalFields" : { "description" : { "type" : "doc", "version" : 1, "content" : [ { "type" : "paragraph", "content" : [ { "type" : "text", "text" : "{{alertWebLink}}\n\n**Affected Items:**\n\n* {{queries.query0.data|mapProperty('displayName')|join('\n* ')}}" } ] } ] }, "j1webLink" : "{{alertWebLink}}", "customfield_1234": "text-value", "customfield_5678": { "value": "select-value" }, "labels" : [ "label1","label2" ] } } ``` ```json [ { "type": "WEBHOOK", "endpoint": "https://webhook.example", "headers": { "Authorization": "Bearer " }, "method": "POST", "body": { "queryData": "{{queries.query0.data}}" } }, { "type": "TAG_ENTITIES", "entities": "{{queries.query0.data}}", "tags": [ { "name": "tagName", "value": "tagValue" } ] } ] ``` -------------------------------- ### Get SmartClass Details Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Retrieves detailed information about a specific SmartClass, including its name, description, and associated queries. ```python j1.get_smartclass_details(smartclass_id='') ``` -------------------------------- ### JupiterOne API: Update Alert Rule Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Demonstrates updating an existing JupiterOne alert rule using the `update_alert_rule` method. Shows examples of overwriting or appending tags, and updating various rule properties. ```python j1.update_alert_rule(rule_id="", name="Updated Alert Rule Name", description="Updated Alert Rule Description", j1ql="find jupiterone_user", polling_interval="ONE_WEEK", tags=['tag1', 'tag2', 'tag3'], tag_op="OVERWRITE", severity="INFO", action_configs=alert_rule_config_tag, action_configs_op="OVERWRITE") ``` ```python j1.update_alert_rule(rule_id='', tags=['newTag1', 'newTag1'], tag_op="OVERWRITE") ``` ```python j1.update_alert_rule(rule_id='', tags=['additionalTag1', 'additionalTag2'], tag_op="APPEND") ``` -------------------------------- ### JupiterOne API: Get Account Parameter Details Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Fetches the details of a specific account parameter by its name. ```python j1.get_parameter_details(name="ParameterName") ``` -------------------------------- ### JupiterOne API: Get Compliance Framework Item Details Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Retrieves detailed information about a specific compliance framework item within JupiterOne. ```python j1.get_compliance_framework_item_details(item_id="") ``` -------------------------------- ### JupiterOne API: Get Integration Definition Details Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Retrieves details for a specific integration definition type, such as AWS, Azure, or Google Cloud. ```python # examples: 'aws', 'azure', 'google_cloud' j1.get_integration_definition_details(integration_type="") ``` -------------------------------- ### Get Alert Rule Details Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Retrieves the specific configuration details for a given alert rule, identified by its unique ID. ```python j1.get_alert_rule_details(rule_id='') ``` -------------------------------- ### Create JupiterOne Client Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Demonstrates how to instantiate the JupiterOneClient with account credentials and API endpoints. Supports custom URLs for regional or specific tenant configurations. ```python from jupiterone import JupiterOneClient j1 = JupiterOneClient( account='', token='', url='https://graphql.us.jupiterone.io', # Default for US region sync_url='https://api.us.jupiterone.io' # Default for US region ) # Example for EU region: # j1 = JupiterOneClient( # account='', # token='', # url='https://graphql.eu.jupiterone.io', # sync_url='https://api.eu.jupiterone.io' # ) ``` -------------------------------- ### Generate J1QL from Natural Language Prompt Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Converts a natural language description into a JupiterOne Query Language (J1QL) statement. This facilitates query creation for users unfamiliar with J1QL syntax. ```python j1.generate_j1ql(natural_language_prompt='') ``` -------------------------------- ### JupiterOne API: Fetch Integration Instances Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Lists all integration instances associated with a given integration definition ID. ```python j1.fetch_integration_instances(definition_id="") ``` -------------------------------- ### Create Relationship Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Illustrates how to create a relationship between two entities. Requires specifying the relationship type, class, and the IDs of the source and destination entities. ```python j1.create_relationship( relationship_key='this_entity_relates_to_that_entity', relationship_type='my_relationship_type', relationship_class='MYRELATIONSHIP', from_entity_id='', to_entity_id='' ) ``` -------------------------------- ### JupiterOne API: List Account Parameters Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Retrieves a list of all account parameters configured within JupiterOne. ```python j1.list_account_parameters() ``` -------------------------------- ### JupiterOne API: Fetch Integration Instance Details Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Retrieves specific details for a particular integration instance. ```python j1.get_integration_instance_details(instance_id="") ``` -------------------------------- ### JupiterOne API: Fetch Evaluation Result Download URL Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Generates a temporary URL to download the raw data associated with an alert rule evaluation. ```python j1.fetch_evaluation_result_download_url(raw_data_key="RULE_EVALUATION//query0.json") ``` -------------------------------- ### Upload Entities Batch Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Shows how to upload a batch of entities in JSON format. The payload is a list of entity dictionaries, each requiring essential keys like _key, _type, and _class. ```python entities_payload = [ { "_key": "1", "_type": "pythonclient", "_class": "API", "displayName": "pythonclient1", "propertyName": "value" }, { "_key": "2", "_type": "pythonclient", "_class": "API", "displayName": "pythonclient2", "propertyName": "value" }, { "_key": "3", "_type": "pythonclient", "_class": "API", "displayName": "pythonclient3", "propertyName": "value" } ] j1.upload_entities_batch_json(instance_job_id='', entities_list=entities_payload) ``` -------------------------------- ### List Alert Rules Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Retrieves a list of all configured alert rules within the JupiterOne platform. ```python j1.list_alert_rules() ``` -------------------------------- ### JupiterOne API: Fetch Downloaded Evaluation Results Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Retrieves the actual downloaded evaluation results using a provided download URL. ```python j1.fetch_downloaded_evaluation_results(download_url="https://download.us.jupiterone.io//RULE_EVALUATION///query0.json?token=&Expires=") ``` -------------------------------- ### Fetch Integration Instance Jobs Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Retrieves a list of synchronization jobs associated with a specific integration instance. ```python j1.fetch_integration_jobs(instance_id='') ``` -------------------------------- ### Create SmartClass Query Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Associates a J1QL query with an existing SmartClass. This query defines the criteria for entities that belong to the SmartClass. ```python j1.create_smartclass_query(smartclass_id='', query='', query_description='Query Description Text') ``` -------------------------------- ### Create SmartClass Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Creates a new SmartClass in the JupiterOne platform. SmartClasses are used to define logical groupings of entities based on specific criteria. ```python j1.create_smartclass(smartclass_name='SmartClassName', smartclass_description='SmartClass Description Text') ``` -------------------------------- ### Create Alert Rule Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Creates a new alert rule. Alert rules define conditions (using J1QL) that trigger notifications or actions when met. Supports configuration of polling interval and severity. ```python # polling_interval can be DISABLED, THIRTY_MINUTES, ONE_HOUR, FOUR_HOURS, EIGHT_HOURS, TWELVE_HOURS, ONE_DAY, or ONE_WEEK # severity can be INFO, LOW, MEDIUM, HIGH, or CRITICAL j1.create_alert_rule(name="create_alert_rule-name", description="create_alert_rule-description", tags=['tag1', 'tag2'], polling_interval="DISABLED", severity="INFO", j1ql="find jupiterone_user") ``` -------------------------------- ### Create or Update Entity Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Shows how to create a new entity or update an existing one. The operation acts as an upsert, creating the entity if it doesn't exist or modifying it if it does. Properties can include tags. ```python import time properties = { 'myProperty': 'myValue', 'tag.myTagProperty': 'value_will_be_a_tag' } entity = j1.create_entity( entity_key='my-unique-key', entity_type='my_type', entity_class='MyClass', properties=properties, timestamp=int(time.time()) * 1000 # Optional, defaults to current datetime ) print(entity['entity']) ``` -------------------------------- ### Upload Batch of Relationships Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Uploads a batch of relationship objects to the JupiterOne platform. Each relationship defines a connection between two entities with associated properties. ```python relationships_payload = [ { "_key": "1:2", "_class": "EXTENDS", "_type": "pythonclient_extends_pythonclient", "_fromEntityKey": "1", "_toEntityKey": "2", "relationshipProperty": "value" }, { "_key": "2:3", "_class": "EXTENDS", "_type": "pythonclient_extends_pythonclient", "_fromEntityKey": "2", "_toEntityKey": "3", "relationshipProperty": "value" } ] j1.upload_relationships_batch_json(instance_job_id='', relationships_list=relationships_payload) ``` -------------------------------- ### JupiterOne API: Evaluate Alert Rule Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Executes an existing JupiterOne alert rule to evaluate its conditions and actions. ```python j1.evaluate_alert_rule(rule_id='') ``` -------------------------------- ### Update Alert Rule (Python) Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Illustrates how to update an existing JupiterOne alert rule using Python. The snippet highlights configurable parameters such as `polling_interval`, `tag_op`, and `severity`, along with their allowed values. ```python # polling_interval can be DISABLED, THIRTY_MINUTES, ONE_HOUR, FOUR_HOURS, EIGHT_HOURS, TWELVE_HOURS, ONE_DAY, or ONE_WEEK # tag_op can be OVERWRITE or APPEND # severity can be INFO, LOW, MEDIUM, HIGH, or CRITICAL # Example usage (assuming 'j1' client is initialized and 'rule_id' is known): # j1.update_alert_rule(rule_id='', # polling_interval='ONE_HOUR', # tag_op='APPEND', # severity='LOW') ``` -------------------------------- ### Fetch Graph Data Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Includes methods to fetch all entity properties and tags from the graph, as well as retrieve the raw data for a specific entity using its ID. ```python # Fetch all entity properties j1.fetch_all_entity_properties() # Fetch all entity tags j1.fetch_all_entity_tags() # Fetch entity raw data j1.fetch_entity_raw_data(entity_id='') ``` -------------------------------- ### Run SmartClass Evaluation Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Triggers an evaluation of a SmartClass. This process runs the associated J1QL query to identify and update entities belonging to the SmartClass. ```python j1.evaluate_smartclass(smartclass_id='') ``` -------------------------------- ### Fetch Integration Instance Job Events Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Retrieves events related to a specific synchronization job within an integration instance. ```python j1.fetch_integration_job_events(instance_id='', instance_job_id='') ``` -------------------------------- ### Upload Batch of Entities and Relationships Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Uploads a combined batch containing both entity and relationship objects. This is useful for creating or updating data in a single operation. ```python combined_payload = { "entities": [ { "_key": "4", "_type": "pythonclient", "_class": "API", "displayName": "pythonclient4", "propertyName": "value" }, { "_key": "5", "_type": "pythonclient", "_class": "API", "displayName": "pythonclient5", "propertyName": "value" }, { "_key": "6", "_type": "pythonclient", "_class": "API", "displayName": "pythonclient6", "propertyName": "value" } ], "relationships": [ { "_key": "4:5", "_class": "EXTENDS", "_type": "pythonclient_extends_pythonclient", "_fromEntityKey": "4", "_toEntityKey": "5", "relationshipProperty": "value" }, { "_key": "5:6", "_class": "EXTENDS", "_type": "pythonclient_extends_pythonclient", "_fromEntityKey": "5", "_toEntityKey": "6", "relationshipProperty": "value" } ] } j1.upload_combined_batch_json(instance_job_id='', combined_payload=combined_payload) ``` -------------------------------- ### JupiterOne API: List Alert Rule Evaluation Results Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Fetches a list of evaluation results for a given JupiterOne alert rule. ```python j1.list_alert_rule_evaluation_results(rule_id="") ``` -------------------------------- ### Python Dependencies for JupiterOne API Client Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/requirements.txt Specifies the version requirements for key Python packages used by the JupiterOne API client. These include the 'retrying' library for handling retries and the 'requests' library for making HTTP calls. ```python retrying>=1.3.4,<2 requests>=2.31.0,<3 ``` -------------------------------- ### Update Existing Entity Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Demonstrates updating an existing entity by providing its ID and a dictionary of properties to add or modify. Only specified properties are affected; others remain unchanged. ```python properties = { 'newProperty': 'newPropertyValue' } j1.update_entity( entity_id='', properties=properties ) ``` -------------------------------- ### Update Relationship Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Shows how to update an existing relationship by providing its ID and a dictionary of properties to modify. Only the specified properties are updated. ```python j1.update_relationship( relationship_id='', properties={ "": "", }, ) ``` -------------------------------- ### JupiterOne API: Create or Update Account Parameter Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Creates a new account parameter or updates an existing one with a specified name and value. The `secret` flag determines if the value should be treated as sensitive. ```python j1.create_update_parameter(name="ParameterName", value="stored_value", secret=False) ``` -------------------------------- ### Finalize Synchronization Job Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Marks a synchronization job as complete. This should be called after all data for a specific sync job has been uploaded. ```python j1.finalize_sync_job(instance_job_id='') ``` -------------------------------- ### Delete Alert Rule (Python) Source: https://github.com/jupiterone/jupiterone-api-client-python/blob/main/README.md Provides the Python code snippet for deleting an alert rule from JupiterOne. It requires the unique identifier (`rule_id`) of the alert rule to be removed. ```python j1.delete_alert_rule(rule_id='