DSaaS Python 通过 HASH 搜索全局规则的脚本
DSaaS Python Script to Search for Global Rule by HASH
想用Python搜索DSaaS全局规则,看看某个HASH/SHA256是否在全局规则集中。
代码如下。如何获取 search_filter 对象中的 SHA256 值 (hash256)?
hash256 = str(input("Pleas enter the hash that you would like to search: "))
print(hash256)
try:
search_filter = deepsecurity.SearchFilter()
api_response = api_instance.search_global_rules(api_version, search_filter=search_filter)
pprint(api_response)
except ApiException as e:
print("An exception occurred when calling GlobalRulesApi.search_global_rules: %s\n" % e)
无法通过 HASH 进行搜索
为了对 Application Control 全局规则执行搜索,您需要先创建一个 SearchCriteria,如下所示
# Create SearchCriteria
searchCriteria = deepsecurity.SearchCriteria(
field_name='sha256',
string_test='equal',
string_value=hash256
)
然后将其添加到您的 SearchFilter 对象
search_filter = deepsecurity.SearchFilter(search_criteria=searchCriteria)
总的来说你的代码如下
hash256 = str(input("Please enter the hash that you would like to search: "))
print(hash256)
# Create SearchCriteria
searchCriteria = deepsecurity.SearchCriteria(
field_name='sha256',
string_test='equal',
string_value=hash256
)
# Add SearchCriteria to SearchFilter
search_filter = deepsecurity.SearchFilter(search_criteria=searchCriteria)
try:
api_response = api_instance.search_global_rules(api_version, search_filter=search_filter)
pprint(api_response)
except ApiException as e:
print("An exception occurred when calling GlobalRulesApi.search_global_rules: %s\n" % e)
查看此 guide 以了解高级搜索,例如使用通配符等。
P.S。我在趋势科技的 Deep Security 团队工作。
想用Python搜索DSaaS全局规则,看看某个HASH/SHA256是否在全局规则集中。
代码如下。如何获取 search_filter 对象中的 SHA256 值 (hash256)?
hash256 = str(input("Pleas enter the hash that you would like to search: "))
print(hash256)
try:
search_filter = deepsecurity.SearchFilter()
api_response = api_instance.search_global_rules(api_version, search_filter=search_filter)
pprint(api_response)
except ApiException as e:
print("An exception occurred when calling GlobalRulesApi.search_global_rules: %s\n" % e)
无法通过 HASH 进行搜索
为了对 Application Control 全局规则执行搜索,您需要先创建一个 SearchCriteria,如下所示
# Create SearchCriteria
searchCriteria = deepsecurity.SearchCriteria(
field_name='sha256',
string_test='equal',
string_value=hash256
)
然后将其添加到您的 SearchFilter 对象
search_filter = deepsecurity.SearchFilter(search_criteria=searchCriteria)
总的来说你的代码如下
hash256 = str(input("Please enter the hash that you would like to search: "))
print(hash256)
# Create SearchCriteria
searchCriteria = deepsecurity.SearchCriteria(
field_name='sha256',
string_test='equal',
string_value=hash256
)
# Add SearchCriteria to SearchFilter
search_filter = deepsecurity.SearchFilter(search_criteria=searchCriteria)
try:
api_response = api_instance.search_global_rules(api_version, search_filter=search_filter)
pprint(api_response)
except ApiException as e:
print("An exception occurred when calling GlobalRulesApi.search_global_rules: %s\n" % e)
查看此 guide 以了解高级搜索,例如使用通配符等。
P.S。我在趋势科技的 Deep Security 团队工作。