dlp#

The following methods allow for interaction with the ZIA DLP Dictionary API endpoints.

Methods are accessible via zia.dlp

class DLPAPI#
add_dict(name, match_type, **kwargs)#

Add a new Patterns and Phrases DLP Dictionary to ZIA.

Parameters:

  • name (str) – The name of the DLP Dictionary.

  • match_type (str) – The DLP custom phrase/pattern match type. Accepted values are all or any.

  • **kwargs – Optional keyword args.

Keyword Arguments:

  • description (str) – Additional information about the DLP Dictionary.

  • phrases (list) –

    A list of DLP phrases, with each phrase provided by a tuple following the convention (action, pattern). Accepted actions are all or unique. E.g.

    ('all', 'TOP SECRET')
('unique', 'COMMERCIAL-IN-CONFIDENCE')

  • patterns (list) –

    A list of DLP patterns, with each pattern provided by a tuple following the convention (action, pattern). Accepted actions are all or unique. E.g.

    ('all', '\d{2} \d{3} \d{3} \d{3}')
('unique', '[A-Z]{6}[A-Z0-9]{2,5}')

Returns:

The newly created DLP Dictionary resource record.

Return type:

Box

Examples

Match text found that contains an IPv4 address using patterns:

>>> zia.dlp.add_dict(name='IPv4 Addresses',
...                description='Matches IPv4 address pattern.',
...                match_type='all',
...                patterns=[
...                    ('all', '\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}(/(\d|[1-2]\d|3[0-2]))?')
...                ]))

Match text found that contains government document caveats using phrases.

>>> zia.dlp.add_dict(name='Gov Document Caveats',
...                description='Matches government classification caveats.',
...                match_type='any',
...                phrases=[
...                    ('all', 'TOP SECRET'),
...                    ('all', 'SECRET'),
...                    ('all', 'CONFIDENTIAL')
...                ]))

Match text found that meets the criteria for a Secret Project’s document markings using phrases and patterns:

>>> zia.dlp.add_dict(name='Secret Project Documents',
...                description='Matches documents created for the Secret Project.',
...                match_type='any',
...                phrases=[
...                    ('all', 'Project Umbrella'),
...                    ('all', 'UMBRELLA')
...                ],
...                patterns=[
...                    ('unique', '\d{1,2}-\d{1,2}-[A-Z]{5}')
...                ]))
delete_dict(dict_id)#

Deletes the DLP Dictionary that matches the specified DLP Dictionary id.

Parameters:

dict_id (str) – The unique id for the DLP Dictionary.

Returns:

The status code for the operation.

Return type:

int

Examples

>>> zia.dlp.delete_dict('8')
get_dict(dict_id)#

Returns the DLP Dictionary that matches the specified DLP Dictionary id.

Parameters:

dict_id (str) – The unique id for the DLP Dictionary.

Returns:

The ZIA DLP Dictionary resource record.

Return type:

Box

Examples

>>> pprint(zia.dlp.get_dict('3'))
list_dicts(query=None)#

Returns a list of all custom and predefined ZIA DLP Dictionaries.

Parameters:

query (str) – A search string used to match against a DLP dictionary’s name or description attributes.

Returns:

A list containing ZIA DLP Dictionaries.

Return type:

BoxList

Examples

Print all dictionaries

>>> for dictionary in zia.dlp.list_dicts():
...    pprint(dictionary)

Print dictionaries that match the name or description ‘GDPR’

>>> pprint(zia.dlp.list_dicts('GDPR'))
update_dict(dict_id, **kwargs)#

Updates the specified DLP Dictionary.

Parameters:

  • dict_id (str) – The unique id of the DLP Dictionary.

  • **kwargs – Optional keyword args.

Keyword Arguments:

  • description (str) – Additional information about the DLP Dictionary.

  • match_type (str) – The DLP custom phrase/pattern match type. Accepted values are all or any.

  • name (str) – The name of the DLP Dictionary.

  • phrases (list) –

    A list of DLP phrases, with each phrase provided by a tuple following the convention (action, pattern). Accepted actions are all or unique. E.g.

    ('all', 'TOP SECRET')
('unique', 'COMMERCIAL-IN-CONFIDENCE')

  • patterns (list) –

    A list of DLP pattersn, with each pattern provided by a tuple following the convention (action, pattern). Accepted actions are all or unique. E.g.

    ('all', '\d{2} \d{3} \d{3} \d{3}')
('unique', '[A-Z]{6}[A-Z0-9]{2,5}')

Returns:

The updated DLP Dictionary resource record.

Return type:

Box

Examples

Update the name of a DLP Dictionary:

>>> zia.dlp.update_dict('3',
...                name='IPv4 and IPv6 Addresses')

Update the description and phrases for a DLP Dictionary.

>>> zia.dlp.update_dict('4',
...        description='Updated government caveats.'
...        phrases=[
...                    ('all', 'TOP SECRET'),
...                    ('all', 'SECRET'),
...                    ('all', 'PROTECTED')
...                ])
validate_dict(pattern)#

Validates the provided pattern for usage in a DLP Dictionary.

Note: The ZIA API documentation doesn’t provide information on how to structure a request for this API endpoint.

This endpoint is returning a valid response but validation isn’t failing for obvious wrong patterns. Use at own risk.

Parameters:

pattern (str) – DLP Pattern for evaluation.

Returns:

Information on the provided pattern.

Return type:

Box