Session
- dfir_iris_client.session.API_VERSION = '2.0.0'
client_session Defines a global session, accessible by all classes. client_session is of type ClientSession.
- class dfir_iris_client.session.ClientSession(apikey=None, host=None, agent='iris-client', ssl_verify=True, proxy=None, timeout=120)
Represents a client that can interacts with Iris. It is basic wrapper handling authentication and the requests to the server.
Args:
Returns:
- pi_get(uri: str, cid: int | None = None, no_wrap: bool = False) ApiResponse | Response
Adds the CID information needed by the server when issuing GET requests and then issue the request itself.
- Parameters:
uri – URI endpoint to request
no_wrap – Do not wrap the response in ApiResponse object
cid – Target case ID
- Returns:
ApiResponse or Response object
- pi_post(uri: str, data: dict | None = None, cid: int | None = None) ApiResponse
Issues a POSt request with the provided data. Simple wrapper around _pi_request
- Parameters:
uri – URI endpoint to request
data – data to be posted. Expect a dict
cid – Target case ID
- Returns:
ApiResponse object
- pi_post_files(uri: str, files: dict | None = None, data: dict | None = None, cid: int | None = None) ApiResponse
Issues a POST request in multipart with the provided data.
- Parameters:
uri – URI endpoint to request
files – data to be posted. Expect a dict
data – data to be posted. Expect a dict
cid – Target case ID
- Returns:
ApiResponse object
- preload_base_objects() None
Preload the base objects most commonly used. This simply init the BaseObjects class, which in turns requests and build all the most common objects such as AnalysisStatus, EventCategory, EventType, etc.
For future use only
Args:
Returns:
- dfir_iris_client.session.log = <Logger dfir_iris_client.session (WARNING)>
API_VERSION The API version is not directly correlated with Iris version. Server has an endpoint /api/versions which should returns the API compatible versions it can handles.