New Whitepaper: Working With The SIE Batch API: A Command Line Client In Ruby, Perl, Python and C
By Joe St Sauver
This is the third article in a three-part series about SIE Batch:
The first article (dated February 20th, 2020), is entitled What's SIE Batch? Why Might I Be Interested In It?
That article explains the basics of SIE Batch, and shows how to use the SIE Batch web interface to download cached data for select channels from the Farsight Security Information Exchange. If you haven't already read that article, doing so will give you a nice foundation for what comes after that.
The second article (dated March 23rd, 2020), is entitled SIE Batch API: A libcurl example in C ("sie_get") That second article introduces the SIE Batch API for developers and provides a simple example showing how you can use C with libcurl to query SIE Batch API, much as we've previously shared a small sample C program to query the DNSDB API with libcurl.
This article, the third and last in the series, announces the availability of an SIE Batch API whitepaper called Working With The SIE Batch API: A Command Line Client In Ruby, Perl, Python and C.
This whitepaper will help bootstrap developers because it shows examples of how to use the SIE Batch API in Ruby, Python, Perl and C. For each language, we build a simple command line client that let's you:
- Verify that your SIE Batch API key is OK
- List your subscribed channels
- Find the range of dates available for a specific channel (and how many bytes that data represents)
- Request data for a specific channel for a user-specified number of minutes (going back from now)
- Request data for a specific channel from a user-specified starting datetime to a user-specified ending datetime
These examples should give you a "quick start" when it comes to using SIE Batch and building your own custom apps.
Moreover, if you like to work at the command line/from the Un*x shell prompt, you may find these proof of concept applications are just what you need for:
- Quickly verifying that your SIE Batch API key is okay and that the channels you expect have been provisioned
- Routinely downloading SIE data (perhaps from a cron job)
- Making ad hoc SIE data requests to support one-off data requests for investigations
II. The White Paper, Code, and Access to SIE Channels
If you're a developer and you'd like to check out the whitepaper, a copy of it is available here.
A copy of the code for the sample client in Ruby, Python, Perl and C is available in the appendicies to the whitepaper, but many may prefer to just grab the code from the Farsight Security Blog code repository.
Access to SIE Batch API is required to use the sample clients. To arrange access, please contact Farsight Security Sales at email@example.com or give them a call at +1-650-489-7919. Be sure to mention that you want to try SIE Batch.
We think you'll enjoy working with SIE Batch API from Ruby, Python, Perl or C. With SIE Batch, it's never been easier to access data from the Security Information Exchange, and, once you try it, we think you'll be as excited about it as we are!
Joe St Sauver Ph.D. is a Distinguished Scientist with Farsight Security®, Inc.