@jupiterone/jupiterone-client-nodejs
Advanced tools
A node.js client wrapper for JupiterOne public API
A node.js client wrapper and CLI utility for JupiterOne public API.
This is currently an experimental project and subject to change.
To install the client local to the current project:
npm install @jupiterone/jupiterone-client-nodejs
To install the client globally:
npm install @jupiterone/jupiterone-client-nodejs -g
Usage:
$ j1 --help
Usage: j1 [options]
Options:
-v, --version output the version number
-a, --account <name> JupiterOne account name.
-u, --user <email> JupiterOne user email.
-k, --key <apiToken> JupiterOne API access token.
-q, --query <j1ql> Execute a query.
-o, --operation <action> Supported operations: create, update, provision-alert-rule-pack
--entity Specifies entity operations.
--relationship Specifies relationship operations.
--alert Specifies alert rule operations.
-f, --file <dir> Input JSON file. Or the filename of the alert rule pack.
-h, --help output usage information
Run a J1QL query:
j1 -a j1dev -q 'Find jupiterone_account'
Validating inputs...
Authenticating with JupiterOne... OK
[
{
"id": "06ab12cd-a402-406c-8582-abcdef001122",
"entity": {
"_beginOn": 1553777431867,
"_createdOn": 1553366320704,
"_deleted": false,
"displayName": "YCO, Inc.",
"_type": [
"jupiterone_account"
],
"_key": "1a2b3c4d-44ce-4a2f-8cd8-99dd88cc77bb",
"_accountId": "j1dev",
"_source": "api",
"_id": "1a2b3c4d-44ce-4a2f-8cd8-99dd88cc77bb",
"_class": [
"Account"
],
"_version": 6
},
"properties": {
"emailDomain": "yourcompany.com",
"phoneNumber": "877-555-4321",
"webURL": "https://yourcompany.com/",
"name": "YCO"
}
}
]
Done!
Create or update entities from a JSON input file:
j1 -o create --entity -a j1dev -f ./local/entities.json
Validating inputs...
Authenticating with JupiterOne... Authenticated!
Created entity 12345678-fe34-44ee-b3b0-abcdef123456.
Created entity 12345678-e75f-40d6-858e-123456abcdef.
Done!
j1 -o update --entity -a j1dev -f ./local/entities.json
Validating inputs...
Authenticating with JupiterOne... Authenticated!
Updated entity 12345678-fe34-44ee-b3b0-abcdef123456.
Updated entity 12345678-e75f-40d6-858e-123456abcdef.
Done!
NOTE: the create operation will also update an existing entity, if an entity matching the provided Key, Type, and Class already exists in JupiterOne. The update operation will fail unless that entity Id already exists.
The input JSON file is a single entity or an array of entities. For example:
[
{
"entityId": "12345678-fe34-44ee-b3b0-abcdef123456",
"entityKey": "test:entity:1",
"entityType": "generic_resource",
"entityClass": "Resource",
"properties": {
"name": "Test Entity Resource 1",
"displayName": "TER1"
}
},
{
"entityId": "12345678-e75f-40d6-858e-123456abcdef",
"entityKey": "test:entity:3",
"entityType": "generic_resource",
"entityClass": "Resource",
"properties": {
"name": "Test Entity Resource 2",
"displayName": "TER2"
}
}
]
The entityId property is only necessary for update operations.
Create or update alert rules from a JSON input file:
j1 -o create --alert -a j1dev -f ./local/alerts.json
Validating inputs...
Authenticating with JupiterOne... OK
Created alert rule <uuid>.
Done!
The input JSON file is one or an array of alert rule instances. The following is an example of a single alert rule instance:
{
"instance": {
"name": "unencrypted-prod-data",
"description": "Data stores in production tagged critical and unencrypted",
"specVersion": 1,
"pollingInterval": "ONE_DAY",
"outputs": [
"alertLevel"
],
"operations": [
{
"when": {
"type": "FILTER",
"specVersion": 1,
"condition": [
"AND",
[ "queries.unencryptedCriticalData.total", "!=", 0 ]
]
},
"actions": [
{
"type": "SET_PROPERTY",
"targetProperty": "alertLevel",
"targetValue": "CRITICAL"
},
{
"type": "CREATE_ALERT"
}
]
}
],
"question": {
"queries": [
{
"query": "Find DataStore with (production=true or tag.Production=true) and classification='critical' and encrypted!=true as d return d.tag.AccountName as Account, d.displayName as UnencryptedDataStores, d._type as Type, d.encrypted as Encrypted",
"version": "v1",
"name": "unencryptedCriticalData"
}
]
}
}
}
Add "id": "<uuid>" property to the instance JSON when updating an alert rule.
The following command will provision all the default alert rules from
jupiterone-alert-rules with the rule pack name aws-config:
j1 -a <j1AccountId> -u <j1Username> -o provision-alert-rule-pack --alert -f aws-config
You can specify your own rule pack to provision as well, by specifying the full
file path to the rule-pack.json file:
j1 -a <j1AccountId> -u <j1Username> -o provision-alert-rule-pack --alert -f path/to/your/rule-pack.json
For more details about the rules and rule packs, see the jupiterone-alert-rules
project.
FAQs
A node.js client wrapper for JupiterOne public API
We found that @jupiterone/jupiterone-client-nodejs demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.