Options
|
Description
|
-h, --help
|
show this help message and exit
|
--config=CONFIG
|
Load options from config file.
|
--url=URL
|
Carbon Black URL.
|
--org-key=ORG_KEY
--org_key=ORG_KEY
|
Carbon Black organization key to work with.
|
--token=TOKEN
|
Carbon Black Token (API key/API ID).
|
--feed=FEED
|
Carbon Black Feed name (default "Lumu Feed").
|
--score=SCORE
|
Score for each report [1-10] (default 10).
|
--company-key=COMPANY_KEY
--company_key=COMPANY_KEY
|
Lumu Defender API key.
|
--group-name=GROUP_NAME
|
Host group name to populate with IP IOCs.
|
--include-subdomains
,
--include_subdomains
|
Indicates if we must include subdomains for IOCs.
|
--include-subdirectories,
--include_subdirectories
|
Indicates if we must include subdirectories for IOCs.
|
--company-key=COMPANY_KEY,
--company_key=COMPANY_KEY
|
Lumu Defender API key.
|
--logging=LOGGING
|
Logging option (default screen).
|
-v, --verbose
|
Verbosity of the log.
|
-t, --use-saved-timestamp
|
Indicates the script to use the saved timestamp from the latest detected incident if any.
|
--from=FROM
|
To specify a specific “from” date
|
--to=TO
|
To specify a specific “to” date
|
--adversary-types=ADVERSARY-TYPES
|
To specify the adversary type to filter (case-sensitive). Possible values are: C2C, Malware, DGA, Mining, Spam, Phishing
|