The aim of this article is to give you as a user a simple, all inclusive, guide to installing and using the toolbelt!
If you have trouble during any of these steps, take a look at Troubleshooting.
This part of the guide will show you how to install and configure the toolbelt.
Installing the toolbelt is done via pip. This will install the framework as well as the script to run the toolbelt.
To install the toolbelt simply write the following
If you're getting permission problems when installing, you might have to use the --user flag when installing.
Installation with the --user option will place the script in ~/.local/bin/ on unix systems and %APPDATA%\Roaming\Python\Python<VERSION>\Scripts on windows.
These are typically not in your PATH variable, and thus you'll need to add them.
To update the toolbelt, the following command is used.
After having installed the toolbelt you'll have to provide a configuration with your API key.
To generate an API key, go to your User Preferences in Argus.
Create a file in your home directory called .argus_cli.yaml and add your configuration there. Since your API key only should be used by you, it's recommended to set the permissions on the file so that only you can view and edit it.
The following is what you want to place in the file. Remember to replace the "api_key" parameter to your own API key.
After having installed the toolbelt you can simply call the argus-cli command. After installation this should have been added to your path. On a Linux machine, simply type argus-cli in your terminal, and on a Windows machine you'll have to type argus-cli.exe in your terminal.
If you're ever wondering how to use a command (or what commands are avaliable). Simply use --help on the command.
Using a custom made command
In this example case is the plugin while statistics is the command. Here we're getting statistics for a month for mnemonic. Dates follow ISO8061. Because this is a custom written command, it will give you a more readable output. In this example it will give you a CSV output, which can be further visualized with programs like excel.
Using a auto generated api endpoint
In this example we're searching for cases containing the keyword "Email containing malicious data" for customer 1.
This example uses an autogenerated API endpoint, which would mimic a result you'd get by using curl on the endpoint. The resulting output will be in a JSON format.
Autogenerated api endpoint commands can typically be identified by having a version in the command path (in this example: v2)
Creating a simple command
Development for the toolbelt is aimed to be accessible for everyone.
The following is a simple command for printing case-numbers when searching a case.
Now to be able to use this command you need to add the file or folder to your config.
Now you can run the command!