From e319bb520369db9c10bbac8d40000f9bd2346187 Mon Sep 17 00:00:00 2001 From: Calvin Remsburg Date: Thu, 17 Oct 2024 17:07:53 -0500 Subject: [PATCH] Update Anti-Spyware Profile documentation for improved clarity Enhanced the Anti-Spyware Profile documentation with detailed class definitions, comprehensive examples, and improved code snippets for creating, retrieving, updating, deleting, and listing profiles using the Strata Cloud Manager SDK. This update aims to provide a more streamlined and understandable guide for users working with Anti-Spyware Profiles. --- .../config/security_services/anti_spyware.md | 234 ++++----- .../anti_spyware_profile_models.md | 446 ++++++++++++++---- 2 files changed, 475 insertions(+), 205 deletions(-) diff --git a/docs/sdk/config/security_services/anti_spyware.md b/docs/sdk/config/security_services/anti_spyware.md index 5991ab3c..4a1ae6b6 100644 --- a/docs/sdk/config/security_services/anti_spyware.md +++ b/docs/sdk/config/security_services/anti_spyware.md @@ -1,12 +1,17 @@ # Anti-Spyware Profile -The `AntiSpywareProfile` class manages Anti-Spyware Profiles in Palo Alto Networks' Strata Cloud Manager. +The `AntiSpywareProfile` class manages Anti-Spyware Profiles in Palo Alto Networks' Strata Cloud Manager. It provides +methods to create, retrieve, update, delete, and list Anti-Spyware Profiles using the Strata Cloud Manager API. -## Overview +## Class Definition -This class provides methods to create, retrieve, update, delete, and list Anti-Spyware Profiles using the Strata Cloud -Manager API. It supports operations within folders, snippets, or devices, and allows filtering of profiles based on -various criteria. +```python +class AntiSpywareProfile(BaseObject): + ENDPOINT = "/config/security/v1/anti-spyware-profiles" + + def __init__(self, api_client): + super().__init__(api_client) +``` ## Methods @@ -14,16 +19,10 @@ various criteria. Creates a new Anti-Spyware Profile. -
- - - ```python def create(self, data: Dict[str, Any]) -> AntiSpywareProfileResponseModel: ``` -
- #### Parameters - `data` (Dict[str, Any]): A dictionary containing the Anti-Spyware Profile configuration. @@ -36,24 +35,29 @@ def create(self, data: Dict[str, Any]) -> AntiSpywareProfileResponseModel:
- - ```python -anti_spyware_profile = AntiSpywareProfile(api_client) +from pan_scm_sdk import SCMClient +from pan_scm_sdk.config.security import AntiSpywareProfile + +client = SCMClient(client_id="your-client-id", client_secret="your-client-secret") +anti_spyware = AntiSpywareProfile(client) + profile_data = { - "name": "Custom Anti-Spyware Profile", - "description": "A custom anti-spyware profile", - "folder": "My Folder", + "name": "Example Profile", + "description": "An example Anti-Spyware Profile", + "folder": "Shared", "rules": [ { - "name": "Block Critical Threats", - "severity": ["critical"], + "name": "Rule 1", + "severity": ["critical", "high"], "category": "spyware", - "action": {"block_ip": {"track_by": "source", "duration": 300}} + "action": {"alert": {}} } ] } -created_profile = anti_spyware_profile.create(profile_data) + +created_profile = anti_spyware.create(profile_data) +print(f"Created profile ID: {created_profile.id}") ```
@@ -62,16 +66,10 @@ created_profile = anti_spyware_profile.create(profile_data) Retrieves an Anti-Spyware Profile by its ID. -
- - - ```python def get(self, object_id: str) -> AntiSpywareProfileResponseModel: ``` -
- #### Parameters - `object_id` (str): The ID of the Anti-Spyware Profile to retrieve. @@ -84,11 +82,10 @@ def get(self, object_id: str) -> AntiSpywareProfileResponseModel:
- - ```python -anti_spyware_profile = AntiSpywareProfile(api_client) -profile = anti_spyware_profile.get("profile-123") +profile_id = "1234567890abcdef" +retrieved_profile = anti_spyware.get(profile_id) +print(f"Retrieved profile name: {retrieved_profile.name}") ```
@@ -97,16 +94,10 @@ profile = anti_spyware_profile.get("profile-123") Updates an existing Anti-Spyware Profile. -
- - - ```python def update(self, object_id: str, data: Dict[str, Any]) -> AntiSpywareProfileResponseModel: ``` -
- #### Parameters - `object_id` (str): The ID of the Anti-Spyware Profile to update. @@ -120,23 +111,22 @@ def update(self, object_id: str, data: Dict[str, Any]) -> AntiSpywareProfileResp
- - ```python -anti_spyware_profile = AntiSpywareProfile(api_client) -updated_data = { - "name": "Updated Anti-Spyware Profile", - "description": "An updated anti-spyware profile", +profile_id = "1234567890abcdef" +update_data = { + "description": "Updated Anti-Spyware Profile description", "rules": [ { - "name": "Alert on High Threats", - "severity": ["high"], + "name": "Updated Rule", + "severity": ["critical", "high", "medium"], "category": "spyware", - "action": {"alert": {}} + "action": {"drop": {}} } ] } -updated_profile = anti_spyware_profile.update("profile-123", updated_data) + +updated_profile = anti_spyware.update(profile_id, update_data) +print(f"Updated profile description: {updated_profile.description}") ```
@@ -145,16 +135,10 @@ updated_profile = anti_spyware_profile.update("profile-123", updated_data) Deletes an Anti-Spyware Profile. -
- - - ```python def delete(self, object_id: str) -> None: ``` -
- #### Parameters - `object_id` (str): The ID of the Anti-Spyware Profile to delete. @@ -163,11 +147,10 @@ def delete(self, object_id: str) -> None:
- - ```python -anti_spyware_profile = AntiSpywareProfile(api_client) -anti_spyware_profile.delete("profile-123") +profile_id = "1234567890abcdef" +anti_spyware.delete(profile_id) +print(f"Deleted profile with ID: {profile_id}") ```
@@ -176,10 +159,6 @@ anti_spyware_profile.delete("profile-123") Lists Anti-Spyware Profiles based on specified criteria. -
- - - ```python def list( self, @@ -193,15 +172,13 @@ def list( ) -> List[AntiSpywareProfileResponseModel]: ``` -
- #### Parameters - `folder` (Optional[str]): The folder to list profiles from. - `snippet` (Optional[str]): The snippet to list profiles from. - `device` (Optional[str]): The device to list profiles from. - `offset` (Optional[int]): The offset for pagination. -- `limit` (Optional[int]): The limit for pagination. +- `limit` (Optional[int]): The maximum number of profiles to return. - `name` (Optional[str]): Filter profiles by name. - `**filters`: Additional filters to apply. @@ -213,93 +190,116 @@ def list(
- - ```python -anti_spyware_profile = AntiSpywareProfile(api_client) -profiles = anti_spyware_profile.list(folder="My Folder", limit=10, name="Custom") -``` +# List profiles in a specific folder +folder_profiles = anti_spyware.list(folder="Shared", limit=10) +print(f"Number of profiles in Shared folder: {len(folder_profiles)}") -
- -## Error Handling +# List profiles with a specific name pattern +named_profiles = anti_spyware.list(name="Test*", limit=5) +print(f"Number of profiles starting with 'Test': {len(named_profiles)}") -The `AntiSpywareProfile` class may raise the following exceptions: +# List profiles with custom filters +custom_profiles = anti_spyware.list(folder="Custom", severity="high", limit=20) +print(f"Number of high-severity profiles in Custom folder: {len(custom_profiles)}") +``` -- `ValidationError`: Raised when invalid container parameters are provided. -- `ValueError`: Raised when invalid pagination parameters are provided. + -## Additional Examples +## Complete Example -### Creating a profile with threat exceptions +Here's a complete example demonstrating the usage of the `AntiSpywareProfile` class:
- - ```python -anti_spyware_profile = AntiSpywareProfile(api_client) -profile_data = { - "name": "Profile with Exceptions", - "description": "Anti-spyware profile with threat exceptions", - "folder": "Security Policies", +from pan_scm_sdk import SCMClient +from pan_scm_sdk.config.security import AntiSpywareProfile + +# Initialize the SCM client +client = SCMClient(client_id="your-client-id", client_secret="your-client-secret") + +# Create an AntiSpywareProfile instance +anti_spyware = AntiSpywareProfile(client) + +# Create a new Anti-Spyware Profile +new_profile_data = { + "name": "Comprehensive Anti-Spyware Profile", + "description": "A comprehensive Anti-Spyware Profile with multiple rules", + "folder": "Shared", + "cloud_inline_analysis": True, + "inline_exception_edl_url": ["https://example.com/edl1", "https://example.com/edl2"], + "inline_exception_ip_address": ["192.168.1.1", "10.0.0.1"], + "mica_engine_spyware_enabled": [ + {"name": "MICA-Engine-1", "inline_policy_action": "alert"}, + {"name": "MICA-Engine-2", "inline_policy_action": "drop"} + ], "rules": [ { - "name": "Default Rule", - "severity": ["any"], - "category": "any", - "action": {"alert": {}} + "name": "Critical Threats", + "severity": ["critical"], + "category": "spyware", + "action": {"block_ip": {"track_by": "source", "duration": 3600}}, + "packet_capture": "single-packet" + }, + { + "name": "High Severity Threats", + "severity": ["high"], + "category": "command-and-control", + "action": {"reset-both": {}}, + "packet_capture": "extended-capture" } ], "threat_exception": [ { - "name": "Exception for Known IP", + "name": "Exception 1", "packet_capture": "disable", "action": {"allow": {}}, - "exempt_ip": [{"name": "10.0.0.1"}] + "exempt_ip": [{"name": "192.168.100.1"}], + "notes": "Exemption for internal testing server" } ] } -created_profile = anti_spyware_profile.create(profile_data) -``` -
+created_profile = anti_spyware.create(new_profile_data) +print(f"Created profile ID: {created_profile.id}") -### Updating a profile with MICA engine settings - -
+# Retrieve the created profile +retrieved_profile = anti_spyware.get(created_profile.id) +print(f"Retrieved profile name: {retrieved_profile.name}") - - -```python -anti_spyware_profile = AntiSpywareProfile(api_client) -updated_data = { - "name": "Updated MICA Profile", - "description": "Profile with MICA engine settings", - "mica_engine_spyware_enabled": [ - { - "name": "MICA-Engine-1", - "inline_policy_action": "alert" - }, - { - "name": "MICA-Engine-2", - "inline_policy_action": "drop" - } - ], +# Update the profile +update_data = { + "description": "Updated comprehensive Anti-Spyware Profile", "rules": [ { - "name": "MICA Rule", - "severity": ["high", "critical"], + "name": "Updated Critical Threats", + "severity": ["critical", "high"], "category": "spyware", - "action": {"reset_both": {}} + "action": {"reset-server": {}}, + "packet_capture": "extended-capture" } ] } -updated_profile = anti_spyware_profile.update("profile-456", updated_data) + +updated_profile = anti_spyware.update(created_profile.id, update_data) +print(f"Updated profile description: {updated_profile.description}") + +# List profiles +list_result = anti_spyware.list(folder="Shared", limit=10) +print(f"Number of profiles in Shared folder: {len(list_result)}") + +# Delete the profile +anti_spyware.delete(created_profile.id) +print(f"Deleted profile with ID: {created_profile.id}") ```
+This example demonstrates creating, retrieving, updating, listing, and deleting an Anti-Spyware Profile using the +`AntiSpywareProfile` class. + + --- ## Related Models diff --git a/docs/sdk/models/security_services/anti_spyware_profile_models.md b/docs/sdk/models/security_services/anti_spyware_profile_models.md index 42ded69e..9200ceec 100644 --- a/docs/sdk/models/security_services/anti_spyware_profile_models.md +++ b/docs/sdk/models/security_services/anti_spyware_profile_models.md @@ -1,138 +1,408 @@ # Anti-Spyware Profile Models -This section covers the data models associated with the `AntiSpywareProfile` configuration object. +This page describes the Pydantic models used for Anti-Spyware Profiles in the Strata Cloud Manager SDK. ---- +## AntiSpywareProfileBaseModel -## AntiSpywareProfileRequestModel +The base model for Anti-Spyware Profiles, containing common fields. -Used when creating or updating an anti-spyware profile object. +```python +class AntiSpywareProfileBaseModel(BaseModel): + name: str + description: Optional[str] = None + cloud_inline_analysis: Optional[bool] = False + inline_exception_edl_url: Optional[List[str]] = None + inline_exception_ip_address: Optional[List[str]] = None + mica_engine_spyware_enabled: Optional[List[MicaEngineSpywareEnabledEntry]] = None +``` -### Attributes +### Fields -- `name` (str): **Required.** The name of the anti-spyware profile. -- `description` (Optional[str]): A description of the anti-spyware profile. -- `cloud_inline_analysis` (Optional[bool]): Enable or disable cloud inline analysis. Defaults to False. +- `name` (str): Profile name. +- `description` (Optional[str]): Description of the profile. +- `cloud_inline_analysis` (Optional[bool]): Enable or disable cloud inline analysis. - `inline_exception_edl_url` (Optional[List[str]]): List of inline exception EDL URLs. - `inline_exception_ip_address` (Optional[List[str]]): List of inline exception IP addresses. - `mica_engine_spyware_enabled` (Optional[List[MicaEngineSpywareEnabledEntry]]): List of MICA engine spyware enabled entries. -- **Container Type Fields** (Exactly one must be provided): - - `folder` (Optional[str]): The folder where the profile is defined. - - `snippet` (Optional[str]): The snippet where the profile is defined. - - `device` (Optional[str]): The device where the profile is defined. -- `rules` (List[RuleRequest]): **Required.** List of rules for the profile. -- `threat_exception` (Optional[List[ThreatExceptionRequest]]): List of threat exceptions for the profile. -### Example +## AntiSpywareProfileRequestModel + +Represents an anti-spyware profile for API requests. ```python -anti_spyware_profile_request = AntiSpywareProfileRequestModel( - name="test_profile", - description="Test anti-spyware profile", - folder="Prisma Access", - rules=[ - RuleRequest( - name="rule1", - severity=["critical", "high"], - category="spyware", - action=ActionRequest(root={"alert": {}}) - ) - ] -) +class AntiSpywareProfileRequestModel(AntiSpywareProfileBaseModel): + folder: Optional[str] = None + snippet: Optional[str] = None + device: Optional[str] = None + rules: List[RuleRequest] + threat_exception: Optional[List[ThreatExceptionRequest]] = None ``` ---- +### Fields + +Inherits all fields from `AntiSpywareProfileBaseModel` and adds: + +- `folder` (Optional[str]): Folder name. +- `snippet` (Optional[str]): Snippet name. +- `device` (Optional[str]): Device name. +- `rules` (List[RuleRequest]): List of rules for the profile. +- `threat_exception` (Optional[List[ThreatExceptionRequest]]): List of threat exceptions. ## AntiSpywareProfileResponseModel -Used when parsing anti-spyware profile objects retrieved from the API. +Represents an anti-spyware profile for API responses. -### Attributes +```python +class AntiSpywareProfileResponseModel(AntiSpywareProfileBaseModel): + id: str + folder: Optional[str] = None + snippet: Optional[str] = None + device: Optional[str] = None + rules: List[RuleResponse] + threat_exception: Optional[List[ThreatExceptionResponse]] = None +``` -- `id` (str): The UUID of the anti-spyware profile object. -- `name` (str): The name of the anti-spyware profile. -- `description` (Optional[str]): A description of the anti-spyware profile. -- `cloud_inline_analysis` (Optional[bool]): Cloud inline analysis setting. -- `inline_exception_edl_url` (Optional[List[str]]): List of inline exception EDL URLs. -- `inline_exception_ip_address` (Optional[List[str]]): List of inline exception IP addresses. -- `mica_engine_spyware_enabled` (Optional[List[MicaEngineSpywareEnabledEntry]]): List of MICA engine spyware enabled - entries. -- **Container Type Fields**: - - `folder` (Optional[str]): The folder where the profile is defined. - - `snippet` (Optional[str]): The snippet where the profile is defined. - - `device` (Optional[str]): The device where the profile is defined. +### Fields + +Inherits all fields from `AntiSpywareProfileBaseModel` and adds: + +- `id` (str): Profile ID. +- `folder` (Optional[str]): Folder name. +- `snippet` (Optional[str]): Snippet name. +- `device` (Optional[str]): Device name. - `rules` (List[RuleResponse]): List of rules for the profile. -- `threat_exception` (Optional[List[ThreatExceptionResponse]]): List of threat exceptions for the profile. +- `threat_exception` (Optional[List[ThreatExceptionResponse]]): List of threat exceptions. + +## Examples -### Example +### Example 1: Creating an AntiSpywareProfileRequestModel + +
```python -anti_spyware_profile_response = AntiSpywareProfileResponseModel( - id="123e4567-e89b-12d3-a456-426655440000", - name="test_profile", - description="Test anti-spyware profile", - folder="Prisma Access", +from pan_scm_sdk.models.security import ( + AntiSpywareProfileRequestModel, + RuleRequest, + ActionRequest, + Severity, + Category, + PacketCapture, +) + +profile_request = AntiSpywareProfileRequestModel( + name="Example Profile", + description="An example Anti-Spyware Profile", + folder="Shared", + rules=[ + RuleRequest( + name="Rule 1", + severity=[Severity.critical, Severity.high], + category=Category.spyware, + action=ActionRequest(root={"alert": {}}), + packet_capture=PacketCapture.single_packet, + ) + ], +) + +print(profile_request.model_dump_json(indent=2)) +``` + +
+ +### Example 2: Creating an AntiSpywareProfileResponseModel + +
+ +```python +from pan_scm_sdk.models.security import ( + AntiSpywareProfileResponseModel, + RuleResponse, + ActionResponse, + Severity, + Category, + PacketCapture, +) + +profile_response = AntiSpywareProfileResponseModel( + id="1234567890abcdef", + name="Example Profile", + description="An example Anti-Spyware Profile", + folder="Shared", rules=[ RuleResponse( - name="rule1", - severity=["critical", "high"], - category="spyware", - action=ActionResponse(root={"alert": {}}) + name="Rule 1", + severity=[Severity.critical, Severity.high], + category=Category.spyware, + action=ActionResponse(root={"alert": {}}), + packet_capture=PacketCapture.single_packet, + ) + ], +) + +print(profile_response.model_dump_json(indent=2)) +``` + +
+ +### Example 3: Using MicaEngineSpywareEnabledEntry + +
+ +```python +from pan_scm_sdk.models.security import ( + AntiSpywareProfileRequestModel, + MicaEngineSpywareEnabledEntry, + InlinePolicyAction, +) + +profile_request = AntiSpywareProfileRequestModel( + name="MICA Engine Profile", + description="Profile with MICA engine settings", + folder="Shared", + mica_engine_spyware_enabled=[ + MicaEngineSpywareEnabledEntry( + name="MICA-Engine-1", + inline_policy_action=InlinePolicyAction.alert, + ), + MicaEngineSpywareEnabledEntry( + name="MICA-Engine-2", + inline_policy_action=InlinePolicyAction.drop, + ), + ], + rules=[], # Add rules as needed +) + +print(profile_request.model_dump_json(indent=2)) +``` + +
+ +### Example 4: Using ThreatExceptionRequest + +
+ +```python +from pan_scm_sdk.models.security import ( + AntiSpywareProfileRequestModel, + ThreatExceptionRequest, + ActionRequest, + PacketCapture, + ExemptIpEntry, +) + +profile_request = AntiSpywareProfileRequestModel( + name="Profile with Exceptions", + description="Profile demonstrating threat exceptions", + folder="Shared", + rules=[], # Add rules as needed + threat_exception=[ + ThreatExceptionRequest( + name="Exception 1", + packet_capture=PacketCapture.disable, + action=ActionRequest(root={"allow": {}}), + exempt_ip=[ExemptIpEntry(name="192.168.1.1")], + notes="Exemption for internal server", ) - ] + ], ) + +print(profile_request.model_dump_json(indent=2)) ``` ---- +
-## Additional Models +### Example 5: Using BlockIpAction -### MicaEngineSpywareEnabledEntry +
-Represents an entry in the 'mica_engine_spyware_enabled' list. +```python +from pan_scm_sdk.models.security import ( + AntiSpywareProfileRequestModel, + RuleRequest, + ActionRequest, + Severity, + Category, + BlockIpAction, +) -#### Attributes +profile_request = AntiSpywareProfileRequestModel( + name="Block IP Profile", + description="Profile demonstrating block IP action", + folder="Shared", + rules=[ + RuleRequest( + name="Block IP Rule", + severity=[Severity.critical], + category=Category.spyware, + action=ActionRequest( + root={ + "block_ip": BlockIpAction( + track_by="source", + duration=3600, + ).model_dump() + } + ), + ) + ], +) -- `name` (str): Name of the MICA engine spyware detector. -- `inline_policy_action` (InlinePolicyAction): Action to be taken by the inline policy. +print(profile_request.model_dump_json(indent=2)) +``` -### RuleRequest and RuleResponse +
-Represents a rule in the anti-spyware profile. +### Example 6: Using multiple rules and threat exceptions -#### Attributes +
-- `name` (str): Rule name. -- `severity` (List[Severity]): List of severities. -- `category` (Category): Category of the rule. -- `threat_name` (Optional[str]): Threat name. -- `packet_capture` (Optional[PacketCapture]): Packet capture setting. -- `action` (ActionRequest or ActionResponse): Action to be taken. +```python +from pan_scm_sdk.models.security import ( + AntiSpywareProfileRequestModel, + RuleRequest, + ThreatExceptionRequest, + ActionRequest, + Severity, + Category, + PacketCapture, + ExemptIpEntry, +) -### ThreatExceptionRequest and ThreatExceptionResponse +profile_request = AntiSpywareProfileRequestModel( + name="Comprehensive Profile", + description="Profile with multiple rules and exceptions", + folder="Shared", + cloud_inline_analysis=True, + inline_exception_edl_url=["https://example.com/edl1", "https://example.com/edl2"], + inline_exception_ip_address=["192.168.1.1", "10.0.0.1"], + rules=[ + RuleRequest( + name="Critical Threats", + severity=[Severity.critical], + category=Category.spyware, + action=ActionRequest(root={"drop": {}}), + packet_capture=PacketCapture.single_packet, + ), + RuleRequest( + name="High Severity Threats", + severity=[Severity.high], + category=Category.command_and_control, + action=ActionRequest(root={"reset-both": {}}), + packet_capture=PacketCapture.extended_capture, + ), + ], + threat_exception=[ + ThreatExceptionRequest( + name="Exception 1", + packet_capture=PacketCapture.disable, + action=ActionRequest(root={"allow": {}}), + exempt_ip=[ExemptIpEntry(name="192.168.100.1")], + notes="Exemption for internal testing server", + ) + ], +) -Represents a threat exception in the anti-spyware profile. +print(profile_request.model_dump_json(indent=2)) +``` -#### Attributes +
-- `name` (str): Threat exception name. -- `packet_capture` (PacketCapture): Packet capture setting. -- `exempt_ip` (Optional[List[ExemptIpEntry]]): Exempt IP list. -- `notes` (Optional[str]): Notes. -- `action` (ActionRequest or ActionResponse): Action to be taken. +## Complete Example -### ActionRequest and ActionResponse +Here's a complete example demonstrating the usage of Anti-Spyware Profile models: -Represents the 'action' field in rules and threat exceptions. +
-#### Methods +```python +from pan_scm_sdk.models.security import ( + AntiSpywareProfileRequestModel, + RuleRequest, + ThreatExceptionRequest, + ActionRequest, + Severity, + Category, + PacketCapture, + ExemptIpEntry, + MicaEngineSpywareEnabledEntry, + InlinePolicyAction, + BlockIpAction, +) -- `get_action_name() -> str`: Returns the name of the action. +# Create a comprehensive Anti-Spyware Profile request +profile_request = AntiSpywareProfileRequestModel( + name="Comprehensive Anti-Spyware Profile", + description="A comprehensive Anti-Spyware Profile with multiple rules and settings", + folder="Shared", + cloud_inline_analysis=True, + inline_exception_edl_url=["https://example.com/edl1", "https://example.com/edl2"], + inline_exception_ip_address=["192.168.1.1", "10.0.0.1"], + mica_engine_spyware_enabled=[ + MicaEngineSpywareEnabledEntry( + name="MICA-Engine-1", + inline_policy_action=InlinePolicyAction.alert, + ), + MicaEngineSpywareEnabledEntry( + name="MICA-Engine-2", + inline_policy_action=InlinePolicyAction.drop, + ), + ], + rules=[ + RuleRequest( + name="Critical Threats", + severity=[Severity.critical], + category=Category.spyware, + action=ActionRequest( + root={ + "block_ip": BlockIpAction( + track_by="source", + duration=3600, + ).model_dump() + } + ), + packet_capture=PacketCapture.single_packet, + ), + RuleRequest( + name="High Severity Threats", + severity=[Severity.high], + category=Category.command_and_control, + action=ActionRequest(root={"reset-both": {}}), + packet_capture=PacketCapture.extended_capture, + ), + ], + threat_exception=[ + ThreatExceptionRequest( + name="Exception 1", + packet_capture=PacketCapture.disable, + action=ActionRequest(root={"allow": {}}), + exempt_ip=[ExemptIpEntry(name="192.168.100.1")], + notes="Exemption for internal testing server", + ) + ], +) + +# Print the JSON representation of the profile request +print(profile_request.model_dump_json(indent=2)) + +# Validate the model +try: + profile_request.model_validate(profile_request.model_dump()) + print("\nProfile request model is valid.") +except ValueError as e: + print(f"\nValidation error: {e}") + +# Create a response model based on the request +profile_response = AntiSpywareProfileResponseModel( + id="1234567890abcdef", + **profile_request.model_dump() +) + +# Print the JSON representation of the profile response +print("\nProfile Response:") +print(profile_response.model_dump_json(indent=2)) +``` -### Enums +
-- `InlinePolicyAction`: Enumeration of allowed inline policy actions. -- `PacketCapture`: Enumeration of packet capture options. -- `Severity`: Enumeration of severity levels. -- `Category`: Enumeration of threat categories. +This example demonstrates creating a comprehensive Anti-Spyware Profile request model, validating it, and then creating +a response model based on the request. It showcases the usage of various nested models and fields within the +Anti-Spyware Profile models. \ No newline at end of file