This is a basic script implementing all the different functionality of the ArcSight Logger SDK
Download or clone the git repository:
$ git clone https://github.com/arcsight-unofficial/arcsight-logger-api-sdkexampleInstall library with pip from the newly created folder:
$ cd arcsight-logger-api-sdkexample
$ pip install -r requirements.txtOpen up client.py with your faviourite editor, and ensure you change the first variables at the top:
$ vi client.py
$ Change HOST, USERNAME and PASSWORD to fit your environmentRun the test with your python binary (minimum python3) This will run different searches and show how each function in the SDK works. Feel free to change values or implementations to test the parts you want before running the basic script.
$ python3 ./client.pyThere is now new unofficial documentation for utilizing the ArcSight Logger API:
ArcSight Logger API Documentation, web based
ArcSight Logger API Examples using Postman
Only the mandatory options is implemented for each function call, all optional arguments for each API call can be found in the above web based documentation and can be supplied as the last arguments when creating an instance of the function. This is because each function with optional parameters also accepts unlimited kwargs as the last scope item. An example of this integration can be found in the SDK implementation of chart_data in this script.
This SDK and example is not officially supported by Micro Focus, for any issues please post a issue on the github issue page or ask on the ArcSight Community forums