通过 python SDK 获取 Azure 安全中心警报
Get Azure Security Center alerts via python SDK
我想使用 python SDK 列出 azure 安全中心警报。
我找到了这个包:
https://pypi.org/project/azure-mgmt-security/
必须包含在微软文档中:
https://docs.microsoft.com/en-gb/python/azure/?view=azure-python
https://github.com/Azure/azure-sdk-for-python
但我找不到任何参考或示例。
有人知道我在哪里可以找到这些信息吗?
此致。
我只能给个大概的参考。
安装包后 azure-mgmt-security, you should use List method in the package, source code is here。
这里是 doc 如何验证。
这里是 doc 关于如何获取 tenantId / client_id / key.
这是我的代码:
from azure.mgmt.security import SecurityCenter
from azure.common.credentials import ServicePrincipalCredentials
subscription_id = "xxxx"
# Tenant ID for your Azure subscription
TENANT_ID = '<Your tenant ID>'
# Your service principal App ID
CLIENT = '<Your service principal ID>'
# Your service principal password
KEY = '<Your service principal password>'
credentials = ServicePrincipalCredentials(
client_id = CLIENT,
secret = KEY,
tenant = TENANT_ID
)
client = SecurityCenter(credentials=credentials,subscription_id=subscription_id,asc_location="centralus")
client.alerts.list()
此外,您可以将 List Alerts api 与 python 中的 http 请求一起使用。
截至今天,即 2021 年 2 月,Microsoft 再次更改了凭据的实例化方式。这是当前的:
from azure.identity import DefaultAzureCredential
# Acquire a credential object for the app identity. When running in the cloud,
# DefaultAzureCredential uses the app's managed identity (MSI) or user-assigned service principal.
# When run locally, DefaultAzureCredential relies on environment variables named
# AZURE_CLIENT_ID, AZURE_CLIENT_SECRET, and AZURE_TENANT_ID.
credential = DefaultAzureCredential()
它还更改了 SecurityCenter 签名,credentials 参数重命名为 credential,没有“s”。
完整文档here。
我想使用 python SDK 列出 azure 安全中心警报。
我找到了这个包: https://pypi.org/project/azure-mgmt-security/
必须包含在微软文档中:
https://docs.microsoft.com/en-gb/python/azure/?view=azure-python https://github.com/Azure/azure-sdk-for-python
但我找不到任何参考或示例。
有人知道我在哪里可以找到这些信息吗?
此致。
我只能给个大概的参考。
安装包后 azure-mgmt-security, you should use List method in the package, source code is here。
这里是 doc 如何验证。 这里是 doc 关于如何获取 tenantId / client_id / key.
这是我的代码:
from azure.mgmt.security import SecurityCenter
from azure.common.credentials import ServicePrincipalCredentials
subscription_id = "xxxx"
# Tenant ID for your Azure subscription
TENANT_ID = '<Your tenant ID>'
# Your service principal App ID
CLIENT = '<Your service principal ID>'
# Your service principal password
KEY = '<Your service principal password>'
credentials = ServicePrincipalCredentials(
client_id = CLIENT,
secret = KEY,
tenant = TENANT_ID
)
client = SecurityCenter(credentials=credentials,subscription_id=subscription_id,asc_location="centralus")
client.alerts.list()
此外,您可以将 List Alerts api 与 python 中的 http 请求一起使用。
截至今天,即 2021 年 2 月,Microsoft 再次更改了凭据的实例化方式。这是当前的:
from azure.identity import DefaultAzureCredential
# Acquire a credential object for the app identity. When running in the cloud,
# DefaultAzureCredential uses the app's managed identity (MSI) or user-assigned service principal.
# When run locally, DefaultAzureCredential relies on environment variables named
# AZURE_CLIENT_ID, AZURE_CLIENT_SECRET, and AZURE_TENANT_ID.
credential = DefaultAzureCredential()
它还更改了 SecurityCenter 签名,credentials 参数重命名为 credential,没有“s”。
完整文档here。