Readme
laceworksdk is a community developed Python library for interacting with the Lacework APIs.
The purpose of this library is to simplify the common tasks required for interacting with the Lacework API, and allow users write simple code to automate tasks related to their Lacework instance(s). From data retrieval to configuration, this library aims to expose all publicly available APIs. For example, the following code would authenticate, fetch events, fetch host vulnerabilities, and fetch container vulnerabilities. The latest version of the SDK supports expressive searches as enabled by v2 of the Lacework APIs.
For more information read the documentation
from laceworksdk import LaceworkClient
lw = LaceworkClient() # This would leverage your default Lacework CLI profile.
lw = LaceworkClient(account="ACCOUNT",
subaccount="SUBACCOUNT",
api_key="API KEY",
api_secret="API SECRET")
events = lw.events.search(json={
"timeFilter": {
"startTime": start_time,
"endTime": end_time
}
})
host_vulns = lw.vulnerabilities.hosts.search(json={
"timeFilter": {
"startTime": start_time,
"endTime": end_time
}
})
container_vulns = lw.vulnerabilities.containers.search(json={
"timeFilter": {
"startTime": start_time,
"endTime": end_time
},
"filters": [
{
"field": "imageId",
"expression": "eq",
"value": "sha256:657922eb2d64b0a34fe7339f8b48afb9f2f44635d7d6eaa92af69591d29b3330"
}
]
})
The following information is required to instantiate a LaceworkClient instance:
account: The Lacework account/organization domain. (xxxxx.lacework.net)api_key: The API Key that was generated from the Lacework UI/API.api_secret: The API Secret that was generated from the Lacework UI/API.Optionally, you can also set a Lacework Sub-Account using the subaccount parameter.
To generate API credentials, you'll need to do the following in Lacework:
If you wish to configure the LaceworkClient instance using environment variables, this module honors the same
variables used by the Lacework CLI. The account, subaccount, api_key, api_secret, and profile parameters
can all be configured as specified below.
| Environment Variable | Description | Required |
|---|---|---|
LW_PROFILE | Lacework CLI profile to use (configured at ~/.lacework.toml) | N |
LW_ACCOUNT | Lacework account/organization domain (i.e. <account>.lacework.net) | Y |
LW_SUBACCOUNT | Lacework sub-account | N |
LW_API_KEY | Lacework API Access Key | Y |
LW_API_SECRET | Lacework API Access Secret | Y |
Installing and upgrading laceworksdk is easy:
Install via PIP
$ pip install laceworksdk
Upgrading to the latest Version
$ pip install laceworksdk --upgrade
Are you looking for some sample scripts? Check out the examples folder!
FAQs
Community-developed Python SDK for the Lacework APIs
We found that laceworksdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
This episode of the Risky Biz podcast discusses how the rise of small open source packages and the shift towards individual maintainers makes the ecosystem more vulnerable to supply chain attacks.
Product
Streamline your login process and enhance security by enabling Single Sign-On (SSO) on the Socket platform, now available for all customers on the Enterprise plan, supporting 20+ identity providers.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.