The Agari APIs are provided “as is” exclusive of any express or implied warranties whatsoever, and Agari provides no support for the Agari APIs. You agree that you bear all risks associated with using the APIs and Agari shall in no event have any liability, including but not limited to direct, indirect, special, incidental, or consequential damages, for you or your organization or company and any affiliates use of the Agari APIs. This library is not officially licensed by Agari. Support for this library is best-effort only. You may report any issues/bugs/requests regarding the functionality of the library however there will be no timeline nor implied SLA if/when these reports will be addressed.
- This library only interacts with Brand Protection and Agari Phishing Defense
- Cisco customers are not supported by the library (yet)
Download the zip file attached to the article.
Install the library using pip
pip install pyagari.zip
To use Pyagari in your script, import the library and gather your client_id and client_secret from the portal. We suggest creating another user (or service) account just for interacting with the API.
Create a Variable to hold the client_id and client_secret.
agari = Pyagari(client_id='<client_id>', client_secret='<client_secret>')
Results are stored into an array in which you will have to sort through using a for loop.
messages = agari.apd.messages() # Results stored in array for message in messages: # Loop through the results print(message['ip'])
messages = agari.apd.messages() data = messages.process_page() # Process a single page of data for x in data: print(x['ip']) # Extracting just the IP addresses
Extracting the Domain Reputation
messages = agari.apd.messages()
data = messages.process_page() for x in data:
print('Domain Reputation ' + x['domain_reputation'])
messages = agari.apd.messages(pretty=True, start_date='2020-04-30') # Adding options and start date first_50_messages =  # putting the results into an array for i in range(0, 50): # limit to only 50 results first_50_messages.append(messages.next()) print(first_50_messages)
Results from the past 24 hours
N = 1 # Number of days, you can change this for the past week or month date_N_days_ago = datetime.now() - timedelta(days=N) # Finding the delta messages = agari.apd.messages(pretty=True, start_date=str(date_N_days_ago.strftime('%Y-%m-%d'))) for message in messages: print('Domain Reputation ' + message['from_domain'] + ' ' + message['domain_reputation'])
Domain Reputation Lower than 5
messages = agari.apd.messages() for message in messages: domain_rep = float(message['domain_reputation']) if domain_rep <= 5: print('Domain Reputation ' + message['from_domain'] + ' ' + message['domain_reputation'])
Export Results (Clean this one up maybe)
N = 1 # Set the number of days date_N_days_ago = datetime.now() - timedelta(days=N) messages = agari.apd.messages(pretty=True, start_date=str(date_N_days_ago.strftime('%Y-%m-%d'))) first_50_messages =  for i in range(0, 50): first_50_messages.append(messages.next()) data = open('results.csv', 'w') # File name csvwriter = csv.writer(data) count = 0 # Counter to prevent recopying the header row in the for loop for x in first_50_messages: if count == 0: header = x.keys() # Extract header row csvwriter.writerow(header) count+=1 else: csvwriter.writerow(x.values()) data.close()
policy_events = agari.apd.policy_events() for policy_event in policy_events: print('Policy %s - Action %s' % (policy_event['alert_definition_name'], policy_event['policy_action']))
Brand Protection Events
events = agari.bp.alert_events() for event in events: print('Alert Type: %s -- %s' % (event['alert_type'], event['summary']))