Disclaimer
The Agari APIs are provided “as is” exclusive of any express or implied warranties whatsoever, and Agari provides no support for the Agari APIs. You agree that you bear all risks associated with using the APIs and Agari shall in no event have any liability, including but not limited to direct, indirect, special, incidental, or consequential damages, for you or your organization or company and any affiliates use of the Agari APIs. This library is not officially licensed by Agari. Support for this library is best-effort only. You may report any issues/bugs/requests regarding the functionality of the library however there will be no timeline nor implied SLA if/when these reports will be addressed.
Known issues/limitations
- This library only interacts with Brand Protection and Agari Phishing Defense
- Cisco customers are not supported by the library (yet)
Install
Download the zip file attached to the article.
Install the library using pip
pip install pyagari.zip
Quickstart
To use Pyagari in your script, import the library and gather your client_id and client_secret from the portal. We suggest creating another user (or service) account just for interacting with the API.
Import Pyagari
Create a Variable to hold the client_id and client_secret.
agari = Pyagari(client_id='<client_id>', client_secret='<client_secret>')
Results are stored into an array in which you will have to sort through using a for loop.
messages = agari.apd.messages() # Results stored in array
for message in messages: # Loop through the results
print(message['ip'])
APD Examples
messages = agari.apd.messages()
data = messages.process_page() # Process a single page of data
for x in data:
print(x['ip']) # Extracting just the IP addresses
Extracting the Domain Reputation
messages = agari.apd.messages()
data = messages.process_page()
for x in data:
print('Domain Reputation ' + x['domain_reputation'])
Limit Results
messages = agari.apd.messages(pretty=True, start_date='2020-04-30') # Adding options and start date
first_50_messages = [] # putting the results into an array
for i in range(0, 50): # limit to only 50 results
first_50_messages.append(messages.next())
print(first_50_messages)
Results from the past 24 hours
N = 1 # Number of days, you can change this for the past week or month
date_N_days_ago = datetime.now() - timedelta(days=N) # Finding the delta
messages = agari.apd.messages(pretty=True, start_date=str(date_N_days_ago.strftime('%Y-%m-%d')))
for message in messages:
print('Domain Reputation ' + message['from_domain'] + ' ' + message['domain_reputation'])
Domain Reputation Lower than 5
messages = agari.apd.messages()
for message in messages:
domain_rep = float(message['domain_reputation'])
if domain_rep <= 5:
print('Domain Reputation ' + message['from_domain'] + ' ' + message['domain_reputation'])
Export Results (Clean this one up maybe)
N = 1 # Set the number of days
date_N_days_ago = datetime.now() - timedelta(days=N)
messages = agari.apd.messages(pretty=True, start_date=str(date_N_days_ago.strftime('%Y-%m-%d')))
first_50_messages = []
for i in range(0, 50):
first_50_messages.append(messages.next())
data = open('results.csv', 'w') # File name
csvwriter = csv.writer(data)
count = 0 # Counter to prevent recopying the header row in the for loop
for x in first_50_messages:
if count == 0:
header = x.keys() # Extract header row
csvwriter.writerow(header)
count+=1
else:
csvwriter.writerow(x.values())
data.close()
Remove Message
agari.apd.messages.remediate(id='<messageid>')
Policy Events
policy_events = agari.apd.policy_events()
for policy_event in policy_events:
print('Policy %s - Action %s' % (policy_event['alert_definition_name'], policy_event['policy_action']))
BP Examples
Brand Protection Events
events = agari.bp.alert_events()
for event in events:
print('Alert Type: %s -- %s' % (event['alert_type'], event['summary']))
Comments
0 comments
Please sign in to leave a comment.