Provides the WazuhActiveResponseCommand class, which allows to parse the /active-response api endpoint response data.

class WazuhActiveResponseCommand(command: str, arguments: list[str] | None = None, alert: dict[slice(<class 'str'>, <built-in function any>, None)] | None=None)

Bases: object

Object representation of the Active Response Command request body.

Wazuh reference: https://documentation.wazuh.com/current/user-manual/api/reference.html#tag/Active-response/operation/api.controllers.active_response_controller.run_command

alert: dict[slice(<class 'str'>, <built-in function any>, None)]

Alert data of the Active Response command.

arguments: list[str]

List of arguments.

command: str

Command which will be executed by the agents. If this value starts with !, then it refers to a script name instead of a command name.

json() → str

Creates a json string which is safe to use for Active Response run API requests

On this page