msiempy

package documentation

The pythonic way to deal with the McAfee SIEM API

Nitro

Welcome to the msiempy library documentation.

Back to GitHub | README.md

Module __utils__ Keep this module and imports for backwards compatibility. Please use msiempy.core.utils
Module __version__ Project version and meta informations.
Module alarm Provide alarm management. Define AlarmManager and Alarm.
Package core The core objects of the library: NitroSession, NitroConfig, NitroError and other.
Module device Provide ESM, Receiver and Datasource management. Define ESM, DevTree and DataSource.
Module event Provide event management. Define EventManager, Event, FieldFilter, GroupFilter, GroupedEventManager, GroupedEvent.
Module watchlist Provide watchlist management. Define WatchlistManager and Watchlist.

From the __init__.py module:

Class Alarm Dict-Like object. Represents a triggered alarm.
Class AlarmManager List-Like object. Interface to query and manage alarms.
Class DataSource Dict-Like object.
Class DevTree List-Like object. ESM device tree interface.
Class ESM Enterprise Security Manager interface.
Class Event Dict-Like object. Represents an event in the SIEM.
Class EventManager List-Like object. Interface to execute a event query.
Class FieldFilter Query field filter
Class GroupFilter Query group filter
Class GroupedEvent Dict-Like object. Represents a row of grouped query results.
Class GroupedEventManager List-Like object. Interface to execute a grouped event query.
Class NitroConfig configparser.ConfigParser parser object.
Class NitroError Base ESM exception. It's used when the user/passwd is incorrect and other HTTP errors.
Class NitroSession Single session handler and HTTP interface. The session object will handle authentication and intermittent (but annoying) SIEM errors.
Class Watchlist Dict-Like object. Represent a ESM Watchlist.
Class WatchlistManager List-Like object. Summary of ESM watchlists.
API Documentation for msiempy, generated by pydoctor 20.7.1 at 2020-11-18 14:02:21.