Skip to content

Latest commit

 

History

History

docs

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
modules
modules
 
 
README.md
README.md
 
 
authentication_fix.md
authentication_fix.md
 
 

README.md

Darktrace SDK Documentation

This documentation provides detailed information about each module in the Darktrace SDK and how to use them.

Getting Started

from darktrace import DarktraceClient

# Initialize the client
client = DarktraceClient(
    host="https://your-darktrace-instance",
    public_token="YOUR_PUBLIC_TOKEN",
    private_token="YOUR_PRIVATE_TOKEN",
    debug=False  # Set to True for verbose output
)

Available Modules

The Darktrace SDK provides access to all Darktrace API endpoints through the following modules:

  1. Advanced Search - Complex search operations across the Darktrace platform
  2. AI Analyst - AI Analyst incidents and investigations
  3. Antigena - Antigena actions and configurations
  4. Model Breaches - Model breach alerts and information
  5. Components - Darktrace component information
  6. CVEs - CVE information related to devices
  7. Details - Detailed information about specific entities
  8. Device Info - Detailed device information
  9. Devices - Device management and information
  10. Device Search - Search for devices with specific criteria
  11. Device Summary - Summarized device information
  12. Email - Darktrace Email security features
  13. Endpoint Details - Endpoint-specific information
  14. Enums - Enumeration values used in the Darktrace platform
  15. Filter Types - Available filter types for searches
  16. Intel Feed - Threat intelligence feed information
  17. Model Breach Comments - Comments on model breaches
  18. Metric Data - Time-series metric data
  19. Metrics - Available metrics and their information
  20. Models - Darktrace models and their configurations
  21. Network - Network information and statistics
  22. PCAPs - Packet capture functionality
  23. Similar Devices - Find devices similar to a given device
  24. Status - System status information
  25. Subnets - Subnet information and management
  26. Summary Statistics - Overall system statistics
  27. Tags - Tag management for devices and entities

Authentication

The SDK handles authentication automatically using the provided public and private tokens. See Authentication for more details.

Error Handling

try:
    devices = client.devices.get()
except Exception as e:
    print(f"Error: {e}")

Debugging

Enable debug mode to see detailed API requests and responses:

client = DarktraceClient(
    host="https://your-darktrace-instance",
    public_token="YOUR_PUBLIC_TOKEN",
    private_token="YOUR_PRIVATE_TOKEN",
    debug=True  # Enable debug output
)