A command line tool that creates a super timeline from SentinelOne's Deep Visibility data

Related tags

Command-line ToolsS1SuperTimeline
Overview

S1SuperTimeline

A command line tool that creates a super timeline from SentinelOne's Deep Visibility data

What does it do?

The script accepts a S1QL query and returns a XLSX document with all the data. The script has mulithreading capabilities and allows the user to break up queries by minute increments. This method automates downloading datasets that are over 20K records (Deep Visibility's limit). For example, a hosts entire deep visbility history could be downloaded using this script. Assuming you do not go over 1,048,576 records (xlsx limit).

How to run it

Install dependencies

pip install -r requirements.txt

Run

# Hour Increments (60 min)
python3 s1_supertimeline.py -t my_api_token -url sentinelone.com -from 2020-01-01T00:00 -to 2020-01-01T12:30 -min 60

Help Page

python3 s1_supertimeline.py -h

usage: s1_supertimeline.py [-h] -t S1_API_TOKEN -url S1_URL -from FROM_DATE -to TO_DATE -min MIN_INCREMENTS [-u]

SentinelOne SuperTimeline :: By Juan Ortega 
   
    

options:
  -h, --help            show this help message and exit

Required Arguments:
  -t S1_API_TOKEN, --s1_api_token S1_API_TOKEN
                        SentinelOne API Token
  -url S1_URL, --s1_url S1_URL
                        SentinelOne Console Url
  -from FROM_DATE, --from_date FROM_DATE
                        From Date. Format YYYY-MM-DDTHH:MM or YYYY-MM-DD
  -to TO_DATE, --to_date TO_DATE
                        To Date. Format YYYY-MM-DDTHH:MM or YYYY-MM-DD
  -min MIN_INCREMENTS, --min_increments MIN_INCREMENTS
                        Minute increments to split time date range by
  -u, --utc             Accepts --date_from/--date_to as UTC, Default is local time

Troubleshooting

If you have issues running the script. Try installing tablib like this:

pip install "tablib['xlsx']"
Owner
Juan Ortega
Engineering. Incident Response. Network, Memory, and Disk Forensics. Python.
Juan Ortega
GitHub Repository
git-partial-submodule is a command-line script for setting up and working with submodules while enabling them to use git's partial clone and sparse checkout features.

Partial Submodules for Git git-partial-submodule is a command-line script for setting up and working with submodules while enabling them to use git's

Nathan Reed 15 Sep 22, 2022
Bear-Shell is a shell based in the terminal or command prompt.

Bear-Shell is a shell based in the terminal or command prompt. You can navigate files, run python files, create files via the BearUtils text editor, and a lot more coming up!

MichaelBear 6 Dec 25, 2021
Interact with Replit remotely with the Replit CLI

Replit CLI pip install repl-cli Welcome to Replit CLI! With the Replit CLI Application, you can work with your repls locally, including clone, pull,

Shuchir Jain 4 Aug 18, 2022
Plumbum: Shell Combinators

Plumbum: Shell Combinators Ever wished the compactness of shell scripts be put into a real programming language? Say hello to Plumbum Shell Combinator

Tomer Filiba 2.5k Dec 28, 2022
Linux commands Interpreter for Windows and Mac based systems using Python

DBHTermEcIbP Linux commands Interpreter for Windows and Mac based systems using Python Basic Linux commands supported viewing current working director

Vraj Patel 1 Dec 26, 2021
Code for the Open Data Day 2022 publicbodies.org Nepal data scraping activities.

Open Data Day Publicbodies.org Nepal We've gathered on Saturday, 5th March 2022 with Open Knowledge Nepal in order to try and automate the collection

Augusto Herrmann 2 Mar 12, 2022
Simple CLI prompt for easy I/O with OpenAI's API

openai-cli-prompt Simple CLI prompt for easy I/O with OpenAI's API Quickstart Create a .env file with: OPENAI_API_KEY=Your OpenAI API Key Configure

Erik Nomitch 1 Oct 12, 2021
xonsh is a Python-powered, cross-platform, Unix-gazing shell language and command prompt.

xonsh xonsh is a Python-powered, cross-platform, Unix-gazing shell language and command prompt. The language is a superset of Python 3.6+ with additio

xonsh 6.7k Jan 08, 2023
Chameleon is yet another PowerShell obfuscation tool designed to bypass AMSI and commercial antivirus solutions.

Chameleon is yet another PowerShell obfuscation tool designed to bypass AMSI and commercial antivirus solutions. The tool has been developed as a Python port of the Chimera project, by tokioneon_.

332 Dec 26, 2022
Autosub - Command-line utility for auto-generating subtitles for any video file

Auto-generated subtitles for any video Autosub is a utility for automatic speech recognition and subtitle generation. It takes a video or an a

Anastasis Germanidis 3.9k Jan 05, 2023
AWS Interactive CLI - Allows you to execute a complex AWS commands by chaining one or more other AWS CLI dependency

AWS Interactive CLI - Allows you to execute a complex AWS commands by chaining one or more other AWS CLI dependency

Rafael Torres 2 Dec 10, 2021
Convert shellcode into :sparkles: different :sparkles: formats!

Bluffy Convert shellcode into ✨ different ✨ formats! Bluffy is a utility which was used in experiments to bypass Anti-Virus products (statically) by f

pre.empt.dev 305 Dec 17, 2022
A very simple and lightweight ToDo app using python that can be used from the command line

A very simple and lightweight ToDo app using python that can be used from the command line

Nilesh Sengupta 2 Jul 20, 2022
Python3 library for multimedia functions at the command terminal

TERMINEDIA This is a Python library allowing using a text-terminal as a low-resolution graphics output, along with keyboard realtime reading, and a co

Joao S. O. Bueno 89 Dec 17, 2022
Python library & console tool for controlling Xiaomi smart appliances

python-miio This library (and its accompanying cli tool) can be used to interface with devices using Xiaomi's miIO and MIoT protocols. Getting started

Teemu R. 2.4k Jan 02, 2023
Simple Tool To Grab Like-Card Coupon

Simple Tool To Grab Like-Card Coupon

Soud 10 Jan 30, 2022
Colors in Terminal - Python Lang

🎨 Colorate - Python 🎨 About Colorate is an Open Source project that makes it easy to use Python color coding in your projects. After downloading the

0110 Henrique 1 Dec 01, 2021
Simple CLI interface for linear task manager

Linear CLI (Unmaintained) Simple CLI interface for linear task manager Usage Install: pip install linearcli Setup: Generate a pe

Mike Lyons 1 Jan 07, 2022
Calculator for CLI. Made with Python

Calculator for CLI. Made with Python

Brandon Arreguin 2 Jan 07, 2022
This tool is a free and unlimited python CLI for google translate. based on google_trans_new.

GoTransPy A free and unlimited python CLI for google translate based on google_trans_new. It's very easy to use and solve the problem that the old api

Youssef Mohamed 2 Jan 10, 2022