Certificate Discovery

class CertificateDiscovery(api)

Bases: _ClientWorkBase

create(name, certificate_location, recursive_paths=None, non_recursive_paths=None, max_filesize='10240', pkcs12_extensions=['.p12', '.pfx'], pkcs7_extensions=['.p7b', '.p7c', '.p7'], pem_extensions=['.cer', '.der', '.crt', '.pem'], ibmcms_extensions=['.kdb'], jks_jceks_extensions=['.jck', '.jceks', '.jks', 'cacerts'], iplanet_extensions=['.db'], exclude_recursive_paths=None, exclude_non_recursive_paths=None, exclude_file_patterns=None, scan_mounted_file_systems=False, log_threshold='Info', attributes=None, get_if_already_exists=True)
Parameters:

  • name (str) – The name of the client work.

  • certificate_location (Union[config.Object, str]) – Config Object or Distinguished Name (DN) of the folder to place certificates.

  • recursive_paths (list[str]) – A list of file paths to recursively search for new certificates

  • non_recursive_paths (list[str]) – A list of file paths to search for new certificates

  • max_filesize (str) – A maximum file size (Ignores files larger than this size)

  • pkcs12_extensions (list[str]) – A list of pkcs#12 extensions to match (defaults to .p12, .pfx)

  • pkcs7_extensions (list[str]) – A list of pkcs#7 extensions to match (defaults to .p7b, .p7c, .p7)

  • pem_extensions (list[str]) – A list of PEM extensions to match (defaults to .cer, .der, .crt, .pem)

  • ibmcms_extensions (list[str]) – A list of IBM CMS extensions to match (defaults to .kdb)

  • jks_jceks_extensions (list[str]) – A list of JKS/JCKES(java) extensions to match (defaults to .jck, .jceks, .jks, cacerts)

  • iplanet_extensions (list[str]) – A list of iPlanet(Berkeley/NSS) extensions to match (defaults to .db)

  • exclude_recursive_paths (list[str]) – A list of file paths to exclude (recursively) from discovery

  • exclude_non_recursive_paths (list[str]) – A list of file paths to exclude from discovery

  • exclude_file_patterns (list[str]) – A list of file patterns to exclude from discovery

  • scan_mounted_file_systems (bool) – Scan file systems mounted via NFS/CIFS/NTFS junction points (defaults to False)

  • log_threshold (str) – set the logging level (defaults to INFO)

  • attributes (dict) – Additional attributes to apply to the object.

  • get_if_already_exists (bool) – If the objects already exists, just return it as is.

Returns:

Config Object of the client work.

delete(work)

Deletes the client work.

Parameters:

work (Union[config.Object, str]) – Config Object or name of the client work.

disable(work)

Disables the client work.

Parameters:

work (Union[config.Object, str]) – Config Object or name of the client work.

enable(work)

Enables the client work.

Parameters:

work (Union[config.Object, str]) – Config Object or name of the client work.

get(name, raise_error_if_not_exists=True)
Parameters:

  • name (str) – The name of the client work.

  • raise_error_if_not_exists (bool) – Raise an exception if the client work does not exist.

Returns:

Config Object of the client work.

list()

Lists all client work.

Returns:

List of Config Object of all client work.

schedule(work, start_time=None, daily=False, hourly=False, on_receipt=False, days_of_week=None, days_of_month=None, randomize_minutes=0, full_scan=False)

Note

Only one of daily, hourly, on_receipt, days_of_week or days_of_month can be set. Schedules the Certificate Discovery work to run.

Parameters:

  • work (Union[config.Object, str]) – Config Object or name of the client work.

  • start_time (int) – The 24-hour UTC hour format (i.e. 20 = 8PM UTC) for the job to start.

  • daily (bool) – Runs the client work daily

  • hourly (bool) – Runs the client work hourly

  • on_receipt (bool) – Runs the client work on_receipt

  • days_of_week (list[str]) – Runs the client work on specific days of the week. It is a Zero-based index of the days of the week (i.e. Sunday = ‘0’).

  • days_of_month (list[str]) – Runs the client work on specific days of the month.

  • randomize_minutes (int) – Randomize the given minutes for agent to send data back to the server

  • full_scan (bool) – Reset the cache and perform a full scan (resend all the data to the server)

unschedule(work)

Removes any scheduling for the client work, but does not delete the client work.

Parameters:

work (Union[config.Object, str]) – Config Object or name of the client work.