Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add debug functionality #1193

Merged
merged 2 commits into from
Jul 1, 2024
Merged

Add debug functionality #1193

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
92633b1
Add debug functionality
okewoma Jun 28, 2024
e61709b
Update README.md in spotlight_quick_report to show debugging function…
okewoma Jun 28, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions samples/spotlight/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -227,6 +227,12 @@ If you wish to allow duplicate matches to be present within your report, pass th
```shell
python3 spotlight_quick_report.py -k $FALCON_CLIENT_ID -s $FALCON_CLIENT_SECRET -a
```
#### Debugging
If you want to debug code and quickly find errors within code `--debug` argument.

```shell
python3 spotlight_quick_report.py -k $FALCON_CLIENT_ID -s $FALCON_CLIENT_SECRET --debug
```

#### Command-line help
Command-line help is available via the `-h` argument.
Expand Down Expand Up @@ -275,6 +281,7 @@ required arguments:
CrowdStrike Falcon API Client ID.
-s CLIENT_SECRET, --client_secret CLIENT_SECRET
CrowdStrike Falcon API Client Secret.
--debug Enables code debugging
```

### Example source code
Expand Down
18 changes: 15 additions & 3 deletions samples/spotlight/spotlight_quick_report.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,10 +19,11 @@
\___\_\_,_/_/\__/_/\_\ /_/|_|\__/ .__/\___/_/ \__/
/_/

This example requires crowdstrike-falconpy v1.2.2 or greater.
This example requires crowdstrike-falconpy v1.3.0 or greater.

Easy Object Authentication is also demonstrated in this sample.
"""
import logging
import json
import time
from datetime import datetime
Expand Down Expand Up @@ -64,6 +65,11 @@ def consume_arguments() -> Namespace:
help="CrowdStrike Falcon API Client Secret.",
required=True
)
parser.add_argument("--debug",
help="Enable API debugging",
action="store_true",
default=False
)
parser.add_argument("-d", "--days",
help="Include days from X days backwards (3-45).",
default=0
Expand All @@ -83,8 +89,14 @@ def consume_arguments() -> Namespace:
default=False,
action="store_true"
)


parsed = parser.parse_args()
if parsed.debug:
logging.basicConfig(level=logging.DEBUG)


return parser.parse_args()
return parsed


def query_spotlight(key: str, secret: str, days: str, aft: str = None):
Expand Down Expand Up @@ -274,7 +286,7 @@ def process_results(output_file: str, matches: dict, total_matched: int): # pyl
start_time = datetime.now().timestamp()
args = consume_arguments()
if args.file:
HOST_AUTH = Hosts(client_id=args.client_id, client_secret=args.client_secret)
HOST_AUTH = Hosts(client_id=args.client_id, client_secret=args.client_secret, debug=args.debug)
process_results(args.output, *process_matches(args))
total_run_time = datetime.now().timestamp() - start_time
print(f"\nReport generated in {total_run_time:,.2f} seconds.")
Loading