Skip to content

Releases: code42/incydr_python

2.4.0

27 May 17:51
@ceciliastevens ceciliastevens
v2.4.0
4558265
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
2.4.0

2.4.0 - 2025-05-27

Added

  • The files client to the SDK with two methods:
    • sdk.files.v1.download_file_by_sha256 to download a file and save it in the file system.
    • sdk.files.v1.stream_file_by_sha256 to stream a file, allowing more control over how it is downloaded.
  • Added the files download command to the CLI to download a file by SHA256 hash.
Loading

2.3.1

13 May 15:59
@ceciliastevens ceciliastevens
v2.3.1
89a469e
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
2.3.1

2.3.1 - 2025-05-13

Fixed

  • An issue where Sessions validation would fail due to an updated content inspection schema.

Updated

  • CSV and JSON input for the CLI's bulk agent commands will now look for agentGuid as a column header, in addition to agent_id, agentId, and guid.
Loading

2.3.0

18 Mar 18:29
@ceciliastevens ceciliastevens
v2.3.0
99eff63
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
2.3.0

2.3.0 - 2025-03-18

Added

  • watchlists.v2 methods are added to the SDK, for parity with the API.
  • New CLI watchlist commands list-excluded-actors and list-included-actors to replace the deprecated list-excluded-users and list-included-users.

Updated

  • The CLI's watchlists commands now use the v2 watchlist API. These commands correctly use actor_id instead of user_id. While the previous user_id parameters will still work for now, we recommend that users switch as soon as possible to using actor_id instead.

Fixed

  • A bug where the api endpoint used to download audit log events was incorrect.

Deprecated

  • Devices methods in the SDK and CLI are deprecated. Use the Agents methods instead.
  • Risk Profiles methods in the SDK and CLI, already deprecated, are more clearly marked.
  • The SDK's watchlists.v1 methods are deprecated.
  • The CLI's watchlist group list-excluded-users and list-included-users commands are deprecated. Use list-excluded-actors and list-included-actors instead.
Loading

2.2.4

11 Mar 14:07
@ceciliastevens ceciliastevens
v2.2.4
020860c
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
2.2.4

2.2.4 - 2025-03-11

Added

  • Improved documentation to clarify that all agent health issues can be queried and filtered using the CLI and SDK.
Loading

2.2.3

05 Feb 15:19
@ceciliastevens ceciliastevens
v2.2.3
d15dc87
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
2.2.3

2.2.3 - 2025-02-05

Fixed

  • A bug where in some rare cases searching file events could cause the SDK to throw a validation error on the server's correct response.
Loading

2.2.2

08 Jan 19:35
@ceciliastevens ceciliastevens
v2.2.2
d0725eb
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
2.2.2

2.2.2 - 2025-01-08

Fixed

  • A bug where dates (e.g. 2025-01-08) were incorrectly converted to timestamps when querying sessions.
Loading

2.2.1

18 Dec 17:55
@ceciliastevens ceciliastevens
v2.2.1
c44731e
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
2.2.1

2.2.1 - 2024-12-18

Added

  • Added support for pyton 3.13.

Updated

  • The CLI and SDK now have user-agent headers consistent with Code42 current standards.

Removed

  • Removed support for python 3.7 and 3.8, which are end-of-life.
Loading

v2.2.0

18 Nov 17:07
@tora-kozic tora-kozic
v2.2.0
2e9a9f4
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v2.2.0

2.2.0 - 2024-11-18

Updated

  • Updated the FileEventV2 model to all existing fields at this time. For example, the recently added responseControls response object is now available on the model.
  • Updated EventQuery objects to allow filtering by any string by removing the requirement that filter terms and values must match explicitly defined fields. This allows end users to filter by fields recently added to the file event response without requiring an SDK update.
  • client.actors.v1.get_actor_by_name now defaults to prefer_parent=True. Previously, it defaulted to False.
Loading

v2.1.0

30 Sep 15:58
@ceciliastevens ceciliastevens
v2.1.0
d211097
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v2.1.0

2.1.0 - 2024-09-30

Added

  • Support for the API to update actors.
    • client.actors.v1.update_actor - to update an actor's start date, end date, or notes.
  • A CLI command to update an actor.
    • incydr actors update - to update an actor's start date, end date, or notes.

Deprecated

  • Risk Profiles methods and commands are now deprecated, replaced by the actors command group.
Loading

v2.0.0

10 May 20:41
@tora-kozic tora-kozic
v2.0.0
c3634de
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v2.0.0

2.0.0 - 2024-05-10

Added

  • Support for the Sessions APIs
    • A sessions.v1 client to the SDK with the following methods:
      • client.sessions.v1.get_page() - to query a page of sessions.
      • client.sessions.v1.iter_all() - to lazily iterate through all pages of sessions.
      • client.sessions.v1.get_session_details() - to retrieve the details of a single session specified by ID.
      • client.sessions.v1.get_session_events() - to retrieve the file events associated with a session specified by ID.
      • client.sessions.v1.update_state_by_id() - to update the state of a session specified by ID.
      • client.sessions.v1.update_state_by_criteria() - to update the state of all sessions matching the filter criteria.
      • client.sessions.v1.add_note() - to attach a note to a session specified by ID.
    • A set of sessions CLI commands:
      • incydr sessions search to search sessions by criteria. Includes various filter, output, and checkpointing options.
      • incydr sessions show to show session details.
      • incydr sessions show-events to show file events associated with the session.
      • incydr sessions update to update the state and/or note of a session.
      • incydr sessions bulk-update-state to update the state and attach an optional note to multiple sessions at once
  • Support for Actors APIs, including:
    • An actors.v1 client to the SDK with the following methods:
      • client.actors.v1.get_page() - to query a single page of actors.
      • client.actors.v1.iter_all() - to lazily iterate through all pages of actors.
      • client.actors.v1.get_actor_by_id() - to retrieve details of a single actor by ID.
      • client.actors.v1.get_actor_by_name() - to retrieve details of a single actor by name.
      • client.actors.v1.get_family_by_member_id() - to retrieve details of an actor family by a member's ID.
      • client.actors.v1.get_family_by_member_name() - to retrieve details of an actor family by a member's name.
    • A set of actors CLI commands:
      • incydr actors list to list all actors matching search criteria (in table, CSV, or JSON formats).
      • incydr actors show to show details of a given actor by ID or name.
      • incydr actors show-family to show details of an actors family.

Removed

  • Breaking Change! Cloud alias risk profile functionality has been removed.
    • The following Python SDK methods have been removed:
      • client.user_risk_profiles.add_cloud_alias() should be replaced by client.actors.create_adoption()
      • client.user_risk_profiles.remove_cloud_alias() should be replaced by client.actors.remove_adoption()
    • The following CLI commands have been removed.
      • incydr risk-profiles add-cloud-alias should be replaced by incydr actors adoption create
      • incydr risk-profiles remove-cloud-alias should be replaced by incydr actors adoption remove
      • incydr risk-profiles bulk-add-cloud-aliases
      • incydr risk-profiles bulk-remove-cloud-aliases

Changed

  • Breaking Change! User risk profiles have been renamed as Risk profiles to better fit their additional application to actors.
    • The SDK has been updated to reflect this via the following changes:
      • UserRiskProfile model has been renamed to RiskProfile.
      • UserRiskProfilesPage model has been renamed to RiskProfilesPage.
      • The UserRiskProfiles class has been renamed to RiskProfiles
      • The Incydr client user_risk_profiles property has been renamed to risk_profiles, methods in that client have been renamed similarly.
        • client.user_risk_profiles.v1.get_user_risk_profile() would now be client.risk_profiles.v1.get_risk_profile().
      • The CLI has been updated to reflect this via the following changes:
        • The risk-profiles command group is no longer available under the users command group. It is still accessible as its own incydr command group. ex: incydr risk-profiles list.

Deprecated

  • Alerts Python SDK methods and the Alerts CLI commands group have been deprecated. Functionality is replaced by the Sessions SDK client and CLI command group.
Loading