|
1 | | -# File Security Post Scan Actions |
| 1 | +# Trend Vision One File Security Python SDK Example User Guide |
| 2 | + |
| 3 | +The Trend Vision One File Security Python SDK empowers developers to craft applications seamlessly integrating with the cloud-based Trend Vision One anti-malware file scanning service. This ensures a thorough scan of data and artifacts within the applications, identifying potential malicious elements. |
| 4 | + |
| 5 | +This guide outlines the steps to establish your development environment and configure your project, laying the foundation for utilizing the File Security Python SDK effectively. |
| 6 | + |
| 7 | +## Requirements |
| 8 | + |
| 9 | +- Python 3.9 or newer |
| 10 | +- Trend Vision One account with a chosen region - for more information, see the [Trend Vision One documentation](https://docs.trendmicro.com/en-us/enterprise/trend-micro-xdr-help/Home). |
| 11 | +- A Trend Vision One API key with proper role - for more information, see the [Trend Vision One API key documentation](https://docs.trendmicro.com/en-us/enterprise/trend-vision-one/administrative-setti/accountspartfoundati/api-keys.aspx). |
| 12 | + |
| 13 | +## Installation |
| 14 | + |
| 15 | +Install the File Security SDK package with pip: |
| 16 | + |
| 17 | + ```sh |
| 18 | + python -m pip install visionone-filesecurity |
| 19 | + ``` |
| 20 | + |
| 21 | +## Obtain an API Key |
| 22 | + |
| 23 | +The File Security SDK requires a valid API Key provided as parameter to the SDK client object. It can accept Trend Vision One API keys. |
| 24 | + |
| 25 | +When obtaining the API Key, ensure that the API Key is associated with the region that you plan to use. It is important to note that Trend Vision One API Keys are associated with different regions, please refer to the region flag below to obtain a better understanding of the valid regions associated with the respective API Key. |
| 26 | + |
| 27 | +If you plan on using a Trend Vision One region, be sure to pass in region parameter when running custom program with File Security SDK to specify the region of that API key and to ensure you have proper authorization. The list of supported Trend Vision One regions can be found at API Reference section below. |
| 28 | + |
| 29 | +1. Login to the Trend Vision One. |
| 30 | +2. Create a new Trend Vision One API key: |
| 31 | + |
| 32 | +- Navigate to the Trend Vision One User Roles page. |
| 33 | +- Verify that there is a role with the "Run file scan via SDK" permissions enabled. If not, create a role by clicking on "Add Role" and "Save" once finished. |
| 34 | +- Directly configure a new key on the Trend Vision One API Keys page, using the role which contains the "Run file scan via SDK" permission. It is advised to set an expiry time for the API key and make a record of it for future reference. |
| 35 | + |
| 36 | +## Run SDK |
| 37 | + |
| 38 | +### Run with File Security SDK examples |
| 39 | + |
| 40 | +1. Go to `/examples/` in current directory. |
| 41 | + |
| 42 | + ```sh |
| 43 | + cd examples/ |
| 44 | + ``` |
| 45 | + |
| 46 | +2. There are two Python examples in the folder, one with regular file i/o and one with asynchronous file i/o |
| 47 | + |
| 48 | + ```text |
| 49 | + client_aio.py |
| 50 | + client.py |
| 51 | + ``` |
| 52 | + |
| 53 | +3. Current Python examples support following command line arguments |
| 54 | + |
| 55 | + | Command Line Arguments | Value | Optional | |
| 56 | + |------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------| |
| 57 | + | --region or -r | The region you obtained your API key. Value provided must be one of the Vision One regions, e.g. `us-east-1`, `eu-central-1`, `ap-southeast-1`, `ap-southeast-2`, `ap-northeast-1`, `ap-south-1` | Yes, either -r or -a | |
| 58 | + | --addr or -a | Trend Vision One File Security server, such as: antimalware.__REGION__.cloudone.trendmicro.com:443 | Yes, either -r or -a | |
| 59 | + | --api_key | Vision One API Key | No | |
| 60 | + | --filename or -f | File to be scanned | No | |
| 61 | + | --pml | Predictive Machine Learning | Yes | |
| 62 | + | --tags or -t | List of tags | Yes | |
| 63 | + |
| 64 | +4. Run one of the examples. |
| 65 | + |
| 66 | + Make sure to customize the example program by configuring it with the API key from your Vision One account, found in your Vision One Dashboard. Assign the value of your Vision One Region's `API_KEY` to the variable and set `FILENAME` to the desired target file. |
| 67 | + |
| 68 | + ```sh |
| 69 | + python3 client.py -f FILENAME -r us-east-1 --tls --api_key API_KEY |
| 70 | + ``` |
| 71 | + |
| 72 | + or |
| 73 | + |
| 74 | + using File Security server address `-a` instead of region `-r`: |
| 75 | + |
| 76 | + ```sh |
| 77 | + python3 client.py -f FILENAME -a antimalware._REGION_.cloudone.trendmicro.com:443 --tls --api_key API_KEY |
| 78 | + ``` |
| 79 | + |
| 80 | + or |
| 81 | + |
| 82 | + using asynchronous IO example program: |
| 83 | + |
| 84 | + ```sh |
| 85 | + python3 client_aio.py -f FILENAME -a antimalware._REGION_.cloudone.trendmicro.com:443 --tls --api_key API_KEY |
| 86 | + ``` |
| 87 | + |
| 88 | +## File Security Post Scan Actions |
2 | 89 |
|
3 | 90 | Actions to perform after scanning files with Trend Vision One™ File Security |
4 | 91 |
|
|
0 commit comments