dlp#
The following methods allow for interaction with the ZIA DLP Dictionary API endpoints.
Methods are accessible via zia.dlp
- class DLPAPI#
- add_dict(name, match_type, **kwargs)#
Add a new Patterns and Phrases DLP Dictionary to ZIA.
- Parameters:
- Keyword Arguments:
description (str) – Additional information about the DLP Dictionary.
phrases (list) –
A list of DLP phrases, with each phrase provided by a tuple following the convention (action, pattern). Accepted actions are
all
orunique
. E.g.('all', 'TOP SECRET') ('unique', 'COMMERCIAL-IN-CONFIDENCE')
patterns (list) –
A list of DLP patterns, with each pattern provided by a tuple following the convention (action, pattern). Accepted actions are
all
orunique
. E.g.('all', '\d{2} \d{3} \d{3} \d{3}') ('unique', '[A-Z]{6}[A-Z0-9]{2,5}')
- Returns:
The newly created DLP Dictionary resource record.
- Return type:
Box
Examples
Match text found that contains an IPv4 address using patterns:
>>> zia.dlp.add_dict(name='IPv4 Addresses', ... description='Matches IPv4 address pattern.', ... match_type='all', ... patterns=[ ... ('all', '\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}(/(\d|[1-2]\d|3[0-2]))?') ... ]))
Match text found that contains government document caveats using phrases.
>>> zia.dlp.add_dict(name='Gov Document Caveats', ... description='Matches government classification caveats.', ... match_type='any', ... phrases=[ ... ('all', 'TOP SECRET'), ... ('all', 'SECRET'), ... ('all', 'CONFIDENTIAL') ... ]))
Match text found that meets the criteria for a Secret Project’s document markings using phrases and patterns:
>>> zia.dlp.add_dict(name='Secret Project Documents', ... description='Matches documents created for the Secret Project.', ... match_type='any', ... phrases=[ ... ('all', 'Project Umbrella'), ... ('all', 'UMBRELLA') ... ], ... patterns=[ ... ('unique', '\d{1,2}-\d{1,2}-[A-Z]{5}') ... ]))
- delete_dict(dict_id)#
Deletes the DLP Dictionary that matches the specified DLP Dictionary id.
- Parameters:
dict_id (str) – The unique id for the DLP Dictionary.
- Returns:
The status code for the operation.
- Return type:
Examples
>>> zia.dlp.delete_dict('8')
- get_dict(dict_id)#
Returns the DLP Dictionary that matches the specified DLP Dictionary id.
- Parameters:
dict_id (str) – The unique id for the DLP Dictionary.
- Returns:
The ZIA DLP Dictionary resource record.
- Return type:
Box
Examples
>>> pprint(zia.dlp.get_dict('3'))
- list_dicts(query=None)#
Returns a list of all custom and predefined ZIA DLP Dictionaries.
- Parameters:
query (str) – A search string used to match against a DLP dictionary’s name or description attributes.
- Returns:
A list containing ZIA DLP Dictionaries.
- Return type:
BoxList
Examples
Print all dictionaries
>>> for dictionary in zia.dlp.list_dicts(): ... pprint(dictionary)
Print dictionaries that match the name or description ‘GDPR’
>>> pprint(zia.dlp.list_dicts('GDPR'))
- update_dict(dict_id, **kwargs)#
Updates the specified DLP Dictionary.
- Parameters:
dict_id (str) – The unique id of the DLP Dictionary.
**kwargs – Optional keyword args.
- Keyword Arguments:
description (str) – Additional information about the DLP Dictionary.
match_type (str) – The DLP custom phrase/pattern match type. Accepted values are
all
orany
.name (str) – The name of the DLP Dictionary.
phrases (list) –
A list of DLP phrases, with each phrase provided by a tuple following the convention (action, pattern). Accepted actions are
all
orunique
. E.g.('all', 'TOP SECRET') ('unique', 'COMMERCIAL-IN-CONFIDENCE')
patterns (list) –
A list of DLP pattersn, with each pattern provided by a tuple following the convention (action, pattern). Accepted actions are
all
orunique
. E.g.('all', '\d{2} \d{3} \d{3} \d{3}') ('unique', '[A-Z]{6}[A-Z0-9]{2,5}')
- Returns:
The updated DLP Dictionary resource record.
- Return type:
Box
Examples
Update the name of a DLP Dictionary:
>>> zia.dlp.update_dict('3', ... name='IPv4 and IPv6 Addresses')
Update the description and phrases for a DLP Dictionary.
>>> zia.dlp.update_dict('4', ... description='Updated government caveats.' ... phrases=[ ... ('all', 'TOP SECRET'), ... ('all', 'SECRET'), ... ('all', 'PROTECTED') ... ])
- validate_dict(pattern)#
Validates the provided pattern for usage in a DLP Dictionary.
- Note: The ZIA API documentation doesn’t provide information on how to structure a request for this API endpoint.
This endpoint is returning a valid response but validation isn’t failing for obvious wrong patterns. Use at own risk.
- Parameters:
pattern (str) – DLP Pattern for evaluation.
- Returns:
Information on the provided pattern.
- Return type:
Box