/pygreynoise

Python3 library and command line for GreyNoise

Primary LanguagePythonMIT LicenseMIT

Python GreyNoise

https://circleci.com/gh/GreyNoise-Intelligence/pygreynoise.svg?style=shield https://sonarcloud.io/api/project_badges/measure?project=GreyNoise-Intelligence_pygreynoise&metric=coverage https://readthedocs.org/projects/greynoise/badge/?version=latest https://quay.io/repository/greynoiseintel/pygreynoise/status

This is an abstract python library built on top of the GreyNoise service. It is preferred that users use this library when implementing integrations or plan to use GreyNoise within their code. The library includes a small client to interact with the API.

Documentation

Documentation is available here: Documentation

Quick Start

Install the library:

pip install greynoise or python setup.py install

Save your configuration:

greynoise setup --api-key <your-API-key>

Versioning

This python package follows semantic versioning. According to this:

  • We will NEVER push a breaking change without a major version release.
  • We will only add new features and/or bug fixes with minor version releases.
  • We will only do bug fixes for patch version release.

As such, we recommend you pin the dependency on this SDK to only allow minor version changes at most:

# allow patch version increments
greynoise~=1.4.0

# allow minor version increments
greynoise~=1.4

Usage

Usage: greynoise [OPTIONS] COMMAND [ARGS]...

  GreyNoise CLI.

Options:
  -h, --help  Show this message and exit.

Commands:
  account         View information about your GreyNoise account.
  alerts          List, create, delete, and manage your GreyNoise alerts.
  analyze         Analyze the IP addresses in a log file, stdin, etc.
  feedback        Send feedback directly to the GreyNoise team.
  filter          Filter the noise from a log file, stdin, etc.
  help            Show this message and exit.
  interesting     Report one or more IP addresses as "interesting".
  ip              Query GreyNoise for all information on a given IP.
  ip-multi        Perform Context lookup for multiple IPs at once.
  query           Run a GNQL (GreyNoise Query Language) query.
  quick           Quickly check whether or not one or many IPs are "noise".
  repl            Start an interactive shell.
  riot            Query GreyNoise IP to see if it is in the RIOT dataset.
  setup           Configure API key.
  signature       Submit an IDS signature to GreyNoise to be deployed to...
  similar         Query GreyNoise IP to identify Similar IPs.
  stats           Get aggregate stats from a given GNQL query.
  timeline        Query GreyNoise IP to identify Similar IPs.
  timelinehourly  Query GreyNoise IP to identify Similar IPs.
  version         Get version and OS information for your GreyNoise...