jobscry/s1_agent_passphrases_csv.py

## s1_agent_passphrases_csv.py
#! python3

import argparse
import csv

import requests

HEADERS = {
    "Accept": "application/json",
    "User-Agent": "vz/s1_agent_passphrases_v1.0",
    "Content-Type": "application/json",
}
S1_PASSPHRASE_API_ENDPOINT = "/web/api/v2.1/agents/passphrases"
FIELDS = ["computerName", "domain", "passphrase"]
LIMIT = 200


def result_generator(base_url, api_key, site_ids):
    headers = {**HEADERS, "Authorization": "ApiToken " + api_key}
    url = base_url + S1_PASSPHRASE_API_ENDPOINT
    params = {"limit": LIMIT, "siteIds": site_ids.split(",")}
    next_cursor = None
    done, errored = False, False

    while not (done or errored):
        if next_cursor:
            params = {**params, "cursor": next_cursor}

        response = requests.get(url, headers=headers, params=params,)

        if response.status_code != requests.codes.ok:
            errored = True
            print(f"error getting data: {response.status_code}")
            print(response.headers)
        else:
            data = response.json()

            next_cursor = data["pagination"]["nextCursor"]
            if next_cursor is None:
                done = True

            if "data" in data:
                for item in data["data"]:
                    yield {k: item[k] for k in FIELDS if k in item}
            else:
                errored = True
                print("error parsing data")
                print(data["errors"])

            del data


def main():
    parser = argparse.ArgumentParser(
        description="Query SentinelOne API, return agent passphrases as CSV."
    )
    parser.add_argument("url")
    parser.add_argument("api_key", help="API Key")
    parser.add_argument("site_ids", help="SentinelOne site Id(s), separated by commas.")
    parser.add_argument(
        "--output_file",
        "-o",
        help="Output filename, default is output.csv",
        default="output.csv",
    )

    args = parser.parse_args()

    with open(args.output_file, "w", newline="") as csvfile:
        writer = csv.DictWriter(csvfile, fieldnames=FIELDS)
        writer.writeheader()

        for line in result_generator(args.url, args.api_key, args.site_ids):
            writer.writerow(line)


if __name__ == "__main__":
    main()
	#! python3

	import argparse
	import csv

	import requests

	HEADERS = {
	"Accept": "application/json",
	"User-Agent": "vz/s1_agent_passphrases_v1.0",
	"Content-Type": "application/json",
	}
	S1_PASSPHRASE_API_ENDPOINT = "/web/api/v2.1/agents/passphrases"
	FIELDS = ["computerName", "domain", "passphrase"]
	LIMIT = 200


	def result_generator(base_url, api_key, site_ids):
	headers = {**HEADERS, "Authorization": "ApiToken " + api_key}
	url = base_url + S1_PASSPHRASE_API_ENDPOINT
	params = {"limit": LIMIT, "siteIds": site_ids.split(",")}
	next_cursor = None
	done, errored = False, False

	while not (done or errored):
	if next_cursor:
	params = {**params, "cursor": next_cursor}

	response = requests.get(url, headers=headers, params=params,)

	if response.status_code != requests.codes.ok:
	errored = True
	print(f"error getting data: {response.status_code}")
	print(response.headers)
	else:
	data = response.json()

	next_cursor = data["pagination"]["nextCursor"]
	if next_cursor is None:
	done = True

	if "data" in data:
	for item in data["data"]:
	yield {k: item[k] for k in FIELDS if k in item}
	else:
	errored = True
	print("error parsing data")
	print(data["errors"])

	del data


	def main():
	parser = argparse.ArgumentParser(
	description="Query SentinelOne API, return agent passphrases as CSV."
	)
	parser.add_argument("url")
	parser.add_argument("api_key", help="API Key")
	parser.add_argument("site_ids", help="SentinelOne site Id(s), separated by commas.")
	parser.add_argument(
	"--output_file",
	"-o",
	help="Output filename, default is output.csv",
	default="output.csv",
	)

	args = parser.parse_args()

	with open(args.output_file, "w", newline="") as csvfile:
	writer = csv.DictWriter(csvfile, fieldnames=FIELDS)
	writer.writeheader()

	for line in result_generator(args.url, args.api_key, args.site_ids):
	writer.writerow(line)


	if __name__ == "__main__":
	main()