Scribd
Upload
7 views7 pages

Python Scripts and JSON Response Examples

The document contains Python scripts that interact with various APIs to retrieve alarm summaries, case details, and host information. Each API call includes authorization headers and handles responses, printing the status code and response body. The responses provide detailed information about alarms, cases, and hosts, including attributes like date, status, and descriptions.

Uploaded by

ghassensellami52
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
7 views7 pages

Python Scripts and JSON Response Examples

The document contains Python scripts that interact with various APIs to retrieve alarm summaries, case details, and host information. Each API call includes authorization headers and handles responses, printing the status code and response body. The responses provide detailed information about alarms, cases, and hosts, including attributes like date, status, and descriptions.

Uploaded by

ghassensellami52
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd

Alarms – Python script

import requests
import urllib3

# Suppress insecure HTTPS warnings


urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)

url = "https://46.153.254.180:8501/lr-alarm-api/alarms/66/summary"

headers = {
"Authorization": "Bearer
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOi0xMDAsImp0aSI6IjNhZmZkMGQ5L
WNlYjktNDkwYS1iOWJkLTY2MzNkYjdkOGVmMyIsImNpZCI6IjIxNjREQjEzLUEzNTEtNDQ5Qi0
5NDk0LTgwOUQ0QUI5NDZBMCIsImlzcyI6ImxyLWF1dGgiLCJyaWQiOiJnbG9iYWxBZG1pbiIsI
nBpZCI6LTEwMCwic3ViIjoiTG9nUmh5dGhtQWRtaW4iLCJleHAiOjE3NTgzNzM5NTYsImRlaWQ
iOjEsImlhdCI6MTc1NzA3Nzk1Nn0.L9_roh6H1IPSb9VBFj3-V2-
T8jP6QksGvBMlrzEEoflO24ofvDSl1KgPkXcHsxv7TJVEs2HyWLXALgAlyv_v6QCbNFc-
fXD5uZSJp4x_f6zMTkOSoSJdSTbHBG9l6OPXfMokT7nD7R6Zhe8zyVy5Me64QP9ufavBClTmOj
5vcFzq7oQjZA8AnvjsKUsxNmPi_g6ucGiJY0eTY9BvZRISwFY9YP7h7slS10qezI9Q1hUhFSx_
g-
hLw_Yb9anpUHd2W97IzLWGUCbn_U1acvKDXwIfhO47ee1CekookhTop1RCaU3VB9TFmvhgXB4X
QH1w2FsPiq1dctqV_n1hpivZ2Q",
"Accept": "application/json",
"Content-Type": "application/json"
}

response = requests.get(url, headers=headers, verify=False)

print("Status Code:", response.status_code)


print("Response Body:", response.text)

Response – the value need to be readed I bold below


Status Code: 200
Response Body: {

"alarmSummaryDetails": {

"dateInserted": "2025-09-04T05:50:27.623",

"rbpMax": 59,

"rbpAvg": 59,

"alarmRuleId": 1423,

"alarmRuleGroup": "CCF: Account",

"briefDescription": "AIE: This rule identifies activity originating


from unknown user accounts, based off of the CCF user lists.",
"additionalDetails": "AIE: Augment: GDPR, UAE-NESA, NIST, State Data
Protection Laws, NY DFS, CJIS, ISO 27001, ASD",

"alarmEventSummary": [

"msgClassId": 2200,

"msgClassName": "Suspicious",

"commonEventId": 1036358,

"commonEventName": "AIE: CCF: Unknown User Account Alarm",

"originKnownHostId": null,

"impactedKnownHostId": null,

"originHost": "192.168.1.14",

"impactedHost": null,

"originUser": "user016",

"impactedUser": "",

"originUserIdentityId": null,

"impactedUserIdentityId": null,

"originUserIdentityName": "",

"impactedUserIdentityName": "",

"originEntityName": "Global Entity",

"impactedEntityName": "Global Entity"

},

"statusCode": 200,

"statusMessage": "OK",

"responseMessage": "Success"

}
Cases

import requests
import urllib3

# Suppress insecure HTTPS warnings


urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)

url = "https://46.153.254.180:8501/lr-case-api//cases/1"

headers = {
"Authorization": "Bearer
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOi0xMDAsImp0aSI6IjNhZmZkMGQ5L
WNlYjktNDkwYS1iOWJkLTY2MzNkYjdkOGVmMyIsImNpZCI6IjIxNjREQjEzLUEzNTEtNDQ5Qi0
5NDk0LTgwOUQ0QUI5NDZBMCIsImlzcyI6ImxyLWF1dGgiLCJyaWQiOiJnbG9iYWxBZG1pbiIsI
nBpZCI6LTEwMCwic3ViIjoiTG9nUmh5dGhtQWRtaW4iLCJleHAiOjE3NTgzNzM5NTYsImRlaWQ
iOjEsImlhdCI6MTc1NzA3Nzk1Nn0.L9_roh6H1IPSb9VBFj3-V2-
T8jP6QksGvBMlrzEEoflO24ofvDSl1KgPkXcHsxv7TJVEs2HyWLXALgAlyv_v6QCbNFc-
fXD5uZSJp4x_f6zMTkOSoSJdSTbHBG9l6OPXfMokT7nD7R6Zhe8zyVy5Me64QP9ufavBClTmOj
5vcFzq7oQjZA8AnvjsKUsxNmPi_g6ucGiJY0eTY9BvZRISwFY9YP7h7slS10qezI9Q1hUhFSx_
g-
hLw_Yb9anpUHd2W97IzLWGUCbn_U1acvKDXwIfhO47ee1CekookhTop1RCaU3VB9TFmvhgXB4X
QH1w2FsPiq1dctqV_n1hpivZ2Q",
"Accept": "application/json",
"Content-Type": "application/json"
}

response = requests.get(url, headers=headers, verify=False)

print("Status Code:", response.status_code)


print("Response Body:", response.text)

Response - the value need to be readed I bold below


{

"id": "D97A3907-7732-4388-9AF3-7EB2F8DDBFCF",

"number": 1,

"externalId": "",

"dateCreated": "2025-09-05T06:45:26.8154591Z",

"dateUpdated": "2025-09-05T06:45:36.85Z",

"dateClosed": null,

"owner": {

"number": -100,
"name": "LogRhythm Administrator",

"disabled": false

},

"lastUpdatedBy": {

"number": -100,

"name": "LogRhythm Administrator",

"disabled": false

},

"name": "AIE: ISO-27001: Attack Detected Rule",

"status": {

"name": "Created",

"number": 1

},

"priority": 1,

"dueDate": "2025-09-06T06:45:23Z",

"resolution": null,

"resolutionDateUpdated": null,

"resolutionLastUpdatedBy": null,

"summary": "This AIE Rule creates an event and alerts on suspected


attacks (success/failure) against all boundary monitoring devices\r\n",

"entity": {

"number": -100,

"name": "Global Entity",

"fullName": "Global Entity"

},

"collaborators": [

"number": -100,

"name": "LogRhythm Administrator",

"disabled": false
}

],

"tags": []

Host
import requests
import urllib3

# Suppress insecure HTTPS warnings


urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)

url = "https://46.153.254.180:8501/lr-admin-api/hosts?
offset=0&count=1&orderBy=name&dir=ascending&recordStatus=all&excludeAIERec
ords=false"

headers = {
"Authorization": "Bearer
eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1aWQiOi0xMDAsImp0aSI6IjNhZmZkMGQ5L
WNlYjktNDkwYS1iOWJkLTY2MzNkYjdkOGVmMyIsImNpZCI6IjIxNjREQjEzLUEzNTEtNDQ5Qi0
5NDk0LTgwOUQ0QUI5NDZBMCIsImlzcyI6ImxyLWF1dGgiLCJyaWQiOiJnbG9iYWxBZG1pbiIsI
nBpZCI6LTEwMCwic3ViIjoiTG9nUmh5dGhtQWRtaW4iLCJleHAiOjE3NTgzNzM5NTYsImRlaWQ
iOjEsImlhdCI6MTc1NzA3Nzk1Nn0.L9_roh6H1IPSb9VBFj3-V2-
T8jP6QksGvBMlrzEEoflO24ofvDSl1KgPkXcHsxv7TJVEs2HyWLXALgAlyv_v6QCbNFc-
fXD5uZSJp4x_f6zMTkOSoSJdSTbHBG9l6OPXfMokT7nD7R6Zhe8zyVy5Me64QP9ufavBClTmOj
5vcFzq7oQjZA8AnvjsKUsxNmPi_g6ucGiJY0eTY9BvZRISwFY9YP7h7slS10qezI9Q1hUhFSx_
g-
hLw_Yb9anpUHd2W97IzLWGUCbn_U1acvKDXwIfhO47ee1CekookhTop1RCaU3VB9TFmvhgXB4X
QH1w2FsPiq1dctqV_n1hpivZ2Q",
"Accept": "application/json",
"Content-Type": "application/json"
}

response = requests.get(url, headers=headers, verify=False)

print("Status Code:", response.status_code)


print("Response Body:", response.text)
Response - the value need to be readed I bold below
[

"id": 3,

"entity": {

"id": 3,

"name": "NextGen-SOC/Windows Servers"

},

"name": "192.168.1.222",

"riskLevel": "None",

"threatLevel": "None",

"threatLevelComments": "",

"recordStatusName": "Active",

"hostZone": "Internal",

"location": {

"id": -1

},

"os": "Unknown",

"osVersion": "0",

"useEventlogCredentials": false,

"osType": "None",

"dateUpdated": "2025-09-03T18:52:48.137Z",

"hostRoles": [],

"hostIdentifiers": [

"hostIdentifierId": 7,

"type": "IPAddress",

"value": "192.168.1.222",

"dateAssigned": "2025-08-22T13:45:31.31Z"

}
],

"parentEntityID": 1

You might also like