This python module can be run to trigger Uptycs API calls from Uptycs alerts.
Example: An alert is configured to fire when asset location is not in USA (possible GDPR issue). This python can then be run to automatically make an API call to disable the asset (so it stops collecting data).
Usage: ./api_call_from_alert.py <uptycs_apikey_file> [--domainsuffix <uptycs_domain>]
The --domainsuffix flag is only required for uptycs domains other than '.uptycs.io'
This python script reads alerts from Uptycs and then makes Uptycs API calls.
Each type of Uptycs alert to be processed must have a corresponding config file in
the "./alert_config/" directory. Each config file has the Uptycs alert code and details
of the API call to make.
Each time this script is run it pulls alerts for codes specified in the ./alert_config/*.json files
with timestamp greater than the last run time and less than the current run time.
The first time it is run it goes back a maximum of 1 day.
We recommend running this script every 30 mins and specifying a maximum interval of 15 mins
for SQL alerts.