iris-client
iris-client copied to clipboard
dfir-iris
Python client for DFIR-IRIS
The [function](https://github.com/dfir-iris/iris-client/blob/a29bb029c298ebe0b1c02bb840f284f8a4ec0ecc/dfir_iris_client/case.py#L2237) contains the wrong post method instead of the get method return self._s.pi_post(f'case/{object_name}/{object_id}/comments/list', cid=cid)
I've been trying to retrieve alerts between two dates but the query always returns all results. dfir-iris-client==2.0.1 ``` session = ClientSession(apikey="", host='http://localhost:8000', ssl_verify=False) alertInstance = Alert(session=session) results = alertInstance.filter_alerts(alert_start_date="2023-09-01",alert_end_date="2023-09-02") ```...
For integration between different system (or even reporting done outside of IRIS) i think https://docs.dfir-iris.org/_static/iris_api_reference_v2.0.1.html#tag/Manage-case/operation/get-manage-cases-list should support filtering by - time - user - case status -
add_note_group and group_id are deprecated but were replaced by add_note_directory and directory_id. The documentation does not reflect this change yet.
When using custom attributes on the add_case method, I find them to be in a bad format if I use the update_case afterwards. The solution I found for this was...
When creating a case it should be possible to add tags and the owner. Right now it is only possible by doing a second request with update_case.
If I create a case A with any of those flags active, with attachment A, they work by adding the file to the evidences and IOCs. But if I create...
Relates to https://github.com/dfir-iris/iris-web/pull/506
The way the `filter_events` function calls `pi_get` (`return self._s.pi_get(f'case/timeline/advanced-filter?q={filter_uri}&', cid=cid)`) leads to the `q` parameter being placed before the `cid` parameter. One would not expect this to be a problem,...
One can install v2.0.4 via pip (which is required for the current iris-web version 2.4.11), but somehow the code here on GitHub (v2.0.1) and the official python API client documentation...