Search:

Getting Started

Commands

Note that the --comae-hostname parameter is only mandatory for hosted clusters, the default api endpoint is api.comae.com

$ python .\comae.py
[COMAE] No action provided. Please provide an action.
usage: comae.py [-h] [-k] [-d] [-s] [--action ACTION] [--file-url FILE_URL] [--file-local FILE_LOCAL] [--bucket BUCKET] [--comae-case-id COMAE_CASE_ID] [--comae-client-id COMAE_CLIENT_ID]
                [--comae-client-secret COMAE_CLIENT_SECRET] [--comae-hostname COMAE_HOSTNAME] [--list-organizations] [--list-cases] [--gcp-creds-file GCP_CREDS_FILE] [--az-account-name AZ_ACCOUNT_NAME]     
                [--az-account-key AZ_ACCOUNT_KEY] [--aws-access-id AWS_ACCESS_ID] [--aws-access-secret AWS_ACCESS_SECRET]

Comae Stardust Client

optional arguments:
  -h, --help            show this help message and exit
  -k, --get-api-key     Get Comae Stardust API Key
  -d, --dump-it         Dump with Comae DumpIt and send to Comae Stardust
  -s, --snap-it         Dump Mem2Json and send to Comae Stardust
  --action ACTION       One of "store", "upload-comae", "upload-gcp", "upload-az", "upload-s3"
  --file-url FILE_URL   URL of a dump/snapshot file. The tool will not upload the local file if it is specified.
  --file-local FILE_LOCAL
                        URL of a dump/snapshot file. The tool will not upload the local file if it is specified.
  --bucket BUCKET       Name of bucket to use if uploading to GCP / Azure / S3
  --comae-case-id COMAE_CASE_ID
                        Comae Case ID if uploading to Comae Stardust
  --comae-client-id COMAE_CLIENT_ID
                        Comae Client ID if uploading to Comae Stardust
  --comae-client-secret COMAE_CLIENT_SECRET
                        Comae Client Secret if uploading to Comae Stardust
  --comae-hostname COMAE_HOSTNAME
                        Comae Client Secret if uploading to Comae Stardust
  --list-organizations  List oranizations for the account
  --list-cases          List cases of all the orgs
  --gcp-creds-file GCP_CREDS_FILE
                        Path to file containing GCP credentials, if uploading to GCP
  --az-account-name AZ_ACCOUNT_NAME
                        Account name if uploading to Azure
  --az-account-key AZ_ACCOUNT_KEY
                        Account key if uploading to Azure
  --aws-access-id AWS_ACCESS_ID
                        AWS access key ID
  --aws-access-secret AWS_ACCESS_SECRET
                        AWS access key secret

Retrieve information

Get the list of organizations

$ python .\comae.py --comae-client-id XXXXXXXXXXXXXXXXXXXXXXXXXXXXX --comae-client-secret YYYYYYYYYYYYYYYYYYYYYYYY --comae-hostname api.comae.com --list-organizations
[COMAE] Requesting Comae Stardust API key....
     Organization Id           Name
     ---------------           ----
     ffff58af916ac0001d4027d9  Comae Response

Get the list of cases

$ python .\comae.py --comae-client-id XXXXXXXXXXXXXXXXXXXXXXXXXXXXX --comae-client-secret YYYYYYYYYYYYYYYYYYYYYYYY --comae-hostname api.comae.com --list-cases
[COMAE] Requesting Comae Stardust API key....
     organizationId           _id                      name          description             creationDate             lastModificationDate     labels
     --------------           ---                      ----          -----------             ------------             --------------------     ------
     ffff2a9e9fcc6ffff1b631bb ffff69e61eac0ffffd4fcd27 TestCase      Hello                   2020-11-20T07:01:58.543Z 2020-11-20T07:01:58.543Z demo
     ffff2a9e9fcc6ffff1b631bb ffff6ad0b1f656001ef0e2e6 TestCase2     Description2            2020-11-20T07:05:52.495Z 2020-11-20T07:05:52.495Z workflow:state="complete"
     ffff2a9e9fcc6ffff1b631bb ffff7091ac3d30001d11f19a Demomaker     A bunch of random dumps 2020-11-20T07:30:25.246Z 2020-11-20T07:30:25.246Z iep2-policy:tlp="amber", ifx-vetting:vetted="legit-uncertain", 
priority-level:high, event-classification:event-class="general", workflow:state="ongoing"
     ffff2a9e9fcc6ffff1b631bb ffff87a057ec85001ed7a7bf Test3         Untitled                2020-11-20T09:08:48.546Z 2020-11-20T09:08:48.546Z workflow:state="incomplete"
     ffff2a9e9fcc6ffff1b631bb ffff9a08ac3d30001d11f1a2 NewOmega1     Untitled                2020-11-20T10:27:20.991Z 2020-11-20T10:27:20.991Z workflow:todo="add-tagging"
     ffff2a9e9fcc6ffff1b631bb ffff9cb0ac3d30001d11f1a4 Case123       Untitled                2020-11-20T10:38:40.916Z 2020-11-20T10:38:40.916Z
     ffff2a9e9fcc6ffff1b631bb ffffc24b1306f8001c2ab845 Untitled Case Untitled Case           2020-11-20T13:19:07.312Z 2020-11-20T13:19:07.312Z

Send a local file

If you use --dump-it or --snap-it without specifying a local file with the --file-local the cli will automatically collect and image to send, otherwise use the --file-local parameter to send an image dump (--dump-it) or a snapshot (--snap-it).

$ python .\comae.py --comae-client-id XXXXXXXXXXXXXXXXXXXXXXXXXXXXX --comae-client-secret YYYYYYYYYYYYYYYYYYYYYYYY --comae-hostname api.comae.com --action upload-comae --comae-case-id ffff7091ac3d30001d11f19a --file-local D:\Dumps\NVIDIARTX.dmp.zip --dump-it
[COMAE] Acquiring the memory image with Comae DumpIt...
[COMAE] Requesting Comae Stardust API key....
[COMAE] Requesting Comae Stardust API key....
[COMAE] Uploading file to Comae

[COMAE] Upload complete!
[COMAE] Uploaded to Comae Stardust

Created at: November 15, 2020