Using the pypanther Command Line Tool
View, test, and upload V2 detections
Overview
The pypanther
CLI tool is in closed beta starting with Panther version 1.108. Please share any bug reports and feature requests with your Panther support team.
Use the pypanther
command line interface (CLI) tool to view, test, and upload Pypanther Detections. To get started using pypanther
, follow the instructions in the pypanther-starter-kit's README.
See the list of available CLI commands below, and note that some require authentication.
pypanther
CLI command reference
pypanther
CLI command referenceAuthenticating CLI commands
Certain pypanther
CLI commands, like upload
, require authentication with your Panther instance. This means they require a valid Panther API host URL and API token. After you locate/generate these values, you will make them visible to pypanther
.
Step 1: Locate/generate your Panther API host URL and token
Panther API host URL: Follow these instructions to locate your GraphQL API URL.
Panther API token: Follow these instructions to generate an API token, being sure to attach any permissions required by the
pypanther
commands you'd like to use. See the Required API permission(s) column in the table above.
Step 2: Make API host and token values visible to pypanther
pypanther
Once you have API host and token values, you can choose how to expose them to pypanther
when you are executing a CLI command. The following methods are in order of precedence, meaning option one overrides option two:
Pass the host and token on the command line using
--api-token
and--api-host
.Set the host and token as environment variables using
PANTHER_API_TOKEN
andPANTHER_API_HOST
.
Last updated