This is a package for asynchronous fetching data from Wallarm API
- Download the project to local machine
- Add API credentials to the environment variables
WALLARM_UUIDWALLARM_SECRETWALLARM_API - Use main.py to get information you need
- Python >=3.7
requirements.txt
$ pip3 install -r requirements.txt- Make requests to the endpoints
To get info about:
- Attacks
- Hits
- Actions
- Vulnerabilities
- Blacklist
- Blacklist history
To create a rule:
- Virtual Patch
- Send JSON formatted data to the collectors:
- HTTP
- TCP
- UDP
To send raw requests to Splunk use generic function
splunk = SenderData(address='https://localhost:8088')
[await splunk.send_to_collector(rawhit, token='<token>', verify_ssl=False) for rawhit in raw_hits]To get all vulnerabilities into results dictionary
vulns = asyncio.create_task(api_call.get_vuln())
results = await asyncio.gather(vulns)To create a virtual patch to block access to the example.com/.git path
create_rule = asyncio.create_task(api_call.create_vpatch(instance='1', domain='example.com', action_name='.git'))
await asyncio.gather(*create_rule)