A command line tool that creates a super timeline from SentinelOne's Deep Visibility data

Related tags

Command-line ToolsS1SuperTimeline
Overview

S1SuperTimeline

A command line tool that creates a super timeline from SentinelOne's Deep Visibility data

What does it do?

The script accepts a S1QL query and returns a XLSX document with all the data. The script has mulithreading capabilities and allows the user to break up queries by minute increments. This method automates downloading datasets that are over 20K records (Deep Visibility's limit). For example, a hosts entire deep visbility history could be downloaded using this script. Assuming you do not go over 1,048,576 records (xlsx limit).

How to run it

Install dependencies

pip install -r requirements.txt

Run

# Hour Increments (60 min)
python3 s1_supertimeline.py -t my_api_token -url sentinelone.com -from 2020-01-01T00:00 -to 2020-01-01T12:30 -min 60

Help Page

python3 s1_supertimeline.py -h

usage: s1_supertimeline.py [-h] -t S1_API_TOKEN -url S1_URL -from FROM_DATE -to TO_DATE -min MIN_INCREMENTS [-u]

SentinelOne SuperTimeline :: By Juan Ortega 
   
    

options:
  -h, --help            show this help message and exit

Required Arguments:
  -t S1_API_TOKEN, --s1_api_token S1_API_TOKEN
                        SentinelOne API Token
  -url S1_URL, --s1_url S1_URL
                        SentinelOne Console Url
  -from FROM_DATE, --from_date FROM_DATE
                        From Date. Format YYYY-MM-DDTHH:MM or YYYY-MM-DD
  -to TO_DATE, --to_date TO_DATE
                        To Date. Format YYYY-MM-DDTHH:MM or YYYY-MM-DD
  -min MIN_INCREMENTS, --min_increments MIN_INCREMENTS
                        Minute increments to split time date range by
  -u, --utc             Accepts --date_from/--date_to as UTC, Default is local time

Troubleshooting

If you have issues running the script. Try installing tablib like this:

pip install "tablib['xlsx']"
Owner
Juan Ortega
Engineering. Incident Response. Network, Memory, and Disk Forensics. Python.
Juan Ortega
GitHub Repository
EODAG is a command line tool and a plugin-oriented Python framework for searching, aggregating results and downloading remote sensed images while offering a unified API for data access regardless of the data provider

EODAG (Earth Observation Data Access Gateway) is a command line tool and a plugin-oriented Python framework for searching, aggregating results and downloading remote sensed images while offering a un

CS GROUP 205 Jan 03, 2023
Generate an ASCII Art from keyword put in the cli

ascii-art-generator-cli Generate an ASCII Art from keyword put in the cli Install git clone https://github.com/Nathanlauga/ascii-art-generator-cli cd

Nathan Lauga 1 Nov 14, 2021
dbt-subdocs is a python CLI you can used to generate a dbt-docs for a subset of your dbt project

dbt-subdocs dbt-subdocs is a python CLI you can used to generate a dbt-docs for a subset of your dbt project 馃 Description This project is useful if

Jambe 6 Jan 03, 2023
A Command Line Calculator With Python

CalculadoraPY Usando no Termux apt install python3 apt install git pip3 install termcolor git clone https://github.com/kayke981/CalculadoraPY.git

kayake 5 Jan 30, 2022
Stephen's Obsessive Note-Storage Engine.

Latest Release 路 PyPi Package 路 Issues 路 Changelog 路 License # Get Sonse and tell it where your notes are... $ pip install sonse $ export SONSE="$HOME

Stephen Malone 23 Jun 10, 2022
An ZFS administration tool inspired on Midnight commander

ZC - ZFS Commander An ZFS administration tool inspired on Midnight commander Work in Progress Description ZFS Commander is a simple front-end for the

34 Dec 07, 2022
triggercmd is a CLI client for the TRIGGERcmd cloud service.

TriggerCMD CLI client triggercmd is a CLI client for the TRIGGERcmd cloud service. installation the triggercmd package is available in PyPI. to instal

Gustavo Soares 7 Oct 18, 2022
An awesome Python wrapper for an awesome Docker CLI!

An awesome Python wrapper for an awesome Docker CLI!

Gabriel de Marmiesse 303 Jan 03, 2023
CLI/GUI Math commands based on python 3

PyMath Commands Syntax Installation Commands: pymath add: usage: pymath add 12.5 12.5 sub: usage: pymath sub 25 12.5 div: usage: pymath div 144 12 mul

eggsnham07 0 Nov 22, 2021
CLI para o projeto Compilado (Newsletter e Podcast do C贸digo Fonte TV)

Compilado CLI Automatiza莽茫o de tarefas atrav茅s de linha de comando para a gera莽茫o de assets para epis贸dios do Compilado, a newsletter e podcast do can

Gabriel Froes 18 Nov 21, 2022
An easy-to-bundle GTK terminal emulator.

EasyTerm An easy-to-bundle GTK terminal emulator. This project is meant to be used as a dependency for other

Bottles 4 May 15, 2022
A startpage configured aesthetically with terminal-esque link formatting

Terminal-y Startpage Setup Clone the repository, then make an unformatted.txt file following the specifications in example.txt. Run format.py Open ind

belkarx 13 May 01, 2022
A CLI application that downloads your AC submissions from OJ's like Atcoder,Codeforces,CodeChef and distil it into beautiful Submission HeatMap.

Yoda A CLI that takes away the hassle of managing your submission files on different online-judges by automating the entire process of collecting and organizing your code submissions in one single Di

Nikhar Manchanda 1 Jul 28, 2022
Colab-xterm allows you to open a terminal in a cell

colab-xterm Colab-xterm allows you to open a terminal in a cell. Usage Install package and load the extension !pip install git+https://github.com/popc

InfuseAI 194 Dec 29, 2022
A simple web-based SSH client.

Kommander A simple web-based SSH client. It supports: entering SSH login details (including private key and custom ports) and connecting user authenti

KingWaffleIII 2 Jan 01, 2022
A terminal UI dashboard to monitor requests for code review across Github and Gitlab repositories.

A terminal UI dashboard to monitor requests for code review across Github and Gitlab repositories.

Kyle Harrison 150 Dec 14, 2022
Shortcut-Maker - It is a tool that can be set to run any tool with a single command

Shortcut-Maker It is a tool that can be set to run any tool with a single command Coded by Dave Smith(Owner of Sl Cyber Warriors) Command list 馃憞 pkg

Dave Smith 10 Sep 14, 2022
Simple CLI tool to track your cryptocurrency portfolio in real time.

Simple tool to track your crypto portfolio in realtime. It can be used to track any coin on the BNB network, even obscure coins that are not listed or trackable by major portfolio tracking applicatio

Trevor White 69 Oct 24, 2022
Konsave lets use save your KDE Plasma customizatios and restore them very easily!

Konsave (Save Plasma Customization) A CLI program that will let you save and apply your KDE Plasma customizations with just one command! Als

439 Jan 02, 2023
A VIM-inspired filemanager for the console

ranger 1.9.3 ranger is a console file manager with VI key bindings. It provides a minimalistic and nice curses interface with a view on the directory

12.6k Dec 30, 2022