A command line tool that creates a super timeline from SentinelOne's Deep Visibility data

Related tags

Command-line ToolsS1SuperTimeline
Overview

S1SuperTimeline

A command line tool that creates a super timeline from SentinelOne's Deep Visibility data

What does it do?

The script accepts a S1QL query and returns a XLSX document with all the data. The script has mulithreading capabilities and allows the user to break up queries by minute increments. This method automates downloading datasets that are over 20K records (Deep Visibility's limit). For example, a hosts entire deep visbility history could be downloaded using this script. Assuming you do not go over 1,048,576 records (xlsx limit).

How to run it

Install dependencies

pip install -r requirements.txt

Run

# Hour Increments (60 min)
python3 s1_supertimeline.py -t my_api_token -url sentinelone.com -from 2020-01-01T00:00 -to 2020-01-01T12:30 -min 60

Help Page

python3 s1_supertimeline.py -h

usage: s1_supertimeline.py [-h] -t S1_API_TOKEN -url S1_URL -from FROM_DATE -to TO_DATE -min MIN_INCREMENTS [-u]

SentinelOne SuperTimeline :: By Juan Ortega 
   
    

options:
  -h, --help            show this help message and exit

Required Arguments:
  -t S1_API_TOKEN, --s1_api_token S1_API_TOKEN
                        SentinelOne API Token
  -url S1_URL, --s1_url S1_URL
                        SentinelOne Console Url
  -from FROM_DATE, --from_date FROM_DATE
                        From Date. Format YYYY-MM-DDTHH:MM or YYYY-MM-DD
  -to TO_DATE, --to_date TO_DATE
                        To Date. Format YYYY-MM-DDTHH:MM or YYYY-MM-DD
  -min MIN_INCREMENTS, --min_increments MIN_INCREMENTS
                        Minute increments to split time date range by
  -u, --utc             Accepts --date_from/--date_to as UTC, Default is local time

Troubleshooting

If you have issues running the script. Try installing tablib like this:

pip install "tablib['xlsx']"
Owner
Juan Ortega
Engineering. Incident Response. Network, Memory, and Disk Forensics. Python.
Juan Ortega
GitHub Repository
gcp-doctor - Diagnostics for Google Cloud Platform

gcp-doctor is a command-line diagnostics tool for GCP customers. It finds and helps to fix common issues in Google Cloud Platform projects. It is used to test projects against a wide range of best-pr

Google Cloud Platform 185 Dec 20, 2022
This is a Command Line program to interact with your NFTs, Cryptocurrencies etc

This is a Command Line program to interact with your NFTs, Cryptocurrencies etc. via the ThirdWeb Platform. This is just a fun little project that I made to be able to connect to blockchains and Web3

Arpan Pandey 5 Oct 02, 2022
Rich is a Python library for rich text and beautiful formatting in the terminal.

The Rich API makes it easy to add color and style to terminal output. Rich can also render pretty tables, progress bars, markdown, syntax highlighted source code, tracebacks, and more — out of the bo

Will McGugan 41.4k Jan 03, 2023
A command line tool to query source code from your current Python env

wxc wxc (pronounced "which") allows you to inspect source code in your Python environment from the command line. It is based on the inspect module fro

Clément Robert 13 Nov 08, 2022
jrnl is a simple journal application for the command line.

jrnl To get help, submit an issue on Github. jrnl is a simple journal application for the command line. You can use it to easily create, search, and v

jrnl 5.7k Dec 31, 2022
Python Command Line Application (CLI) using Typer, SQLModel, Async-PostgrSQL, and FastAPI

pyflycli is a command-line interface application built with Typer that allows you to view flights above your location.

Kevin Zehnder 14 Oct 01, 2022
tiptop is a command-line system monitoring tool in the spirit of top.

Command-line system monitoring. tiptop is a command-line system monitoring tool in the spirit of top. It displays various interesting system stats, gr

Nico Schlömer 1.3k Jan 08, 2023
A ZSH plugin that enables you to use OpenAI's powerful Codex AI in the command line.

A ZSH plugin that enables you to use OpenAI's powerful Codex AI in the command line.

Tom Dörr 976 Jan 03, 2023
Aurornis - The Command Line Program Test Helper

Aurornis - The Command Line Program Test Helper Aurornis is a small, yet powerful library designed to help testing command line programs. The name is

Jérôme Deuchnord 1 Mar 08, 2022
Free and Open-Source Command Line tool for Text Replacement

Sniplet Free and Open Source Text Replacement Tool Description: Sniplet is a work in progress CLI tool which can do text replacement globally in Linux

Veeraraghavan Narasimhan 13 Nov 28, 2022
Dynamically Generate GitHub Stats as like Terminal Interface

GitHub Stats Terminal Style Dynamically Generate GitHub Stats as like Terminal Interface Usage Create a New Repository using this Template or click he

YOGESHWARAN R 63 Jan 03, 2023
A CLI Application to detect plagiarism in Source Code Files.

Plag Description A CLI Application to detect plagiarism in Source Code Files. Features Compare source code files for plagiarism. Extract code features

default=dev 2 Nov 10, 2022
A python CLI app that converts a mp4 file into a gif with ASCII effect added.

Video2ASCIIgif This CLI app takes in a mp4 format video, converts it to a gif with ASCII effect applied. This also includes full control over: backgro

Sriram R 6 Dec 31, 2021
Enriches Click with option groups, constraints, command aliases, help sections for subcommands, themes for --help and other stuff.

Enriches Click with option groups, constraints, command aliases, help sections for subcommands, themes for --help and other stuff.

Gianluca Gippetto 62 Dec 22, 2022
Management commands to help backup and restore your project database and media files

Django Database Backup This Django application provides management commands to help backup and restore your project database and media files with vari

687 Jan 04, 2023
The project help you to quickly build layouts in terminal,cross-platform

The project help you to quickly build layouts in terminal,cross-platform

gojuukaze 133 Nov 30, 2022
Python CLI utility and library for manipulating SQLite databases

sqlite-utils Python CLI utility and library for manipulating SQLite databases. Some feature highlights Pipe JSON (or CSV or TSV) directly into a new S

Simon Willison 1.1k Jan 04, 2023
Password manager for the CLI simps.

CLI Password Manager Password manager for the CLI simps. Free software: MIT license

1 Dec 30, 2021
A tool to automatically convert old string literal formatting to f-strings

flynt - string formatting converter flynt is a command line tool to automatically convert a project's Python code from old "%-formatted" and .format(.

Elijah K 551 Jan 06, 2023
A super simple wallet application for the NANO cryptocurrency that runs in the terminal

Nano Terminal Wallet A super simple wallet application for the NANO cryptocurrency that runs in the terminal Written in 2021 by NinjaSnail1080 (Discor

9 Jul 22, 2022