This Python script automates the process of exporting parser actions from a Plextrac instance via API to a CSV file. It prompts the user to select a parser, and then fetches the corresponding parser actions. The exported CSV file includes detailed information about each parser action, including some details about any linked writeups.
After installing Python, pip, and pipenv, run the following commands to setup the Python virtual environment.
git clone this_repo
cd path/to/cloned/repo
pipenv installAfter setting up the Python environment the script will run in, you will need to setup a few things to configure the script before running.
In the config.yaml file you should add the full URL to your instance of Plextrac.
The config also can store your username and password. Plextrac authentication lasts for 15 mins before requiring you to re-authenticate. The script is set up to do this automatically through the authentication handler. If these 3 values are set in the config, and MFA is not enabled for the user, the script will take those values and authenticate automatically, both initially and every 15 mins. If any value is not saved in the config, you will be prompted when the script is run and during re-authentication.
After setting everything up you can run the script with the following command. You should run the command from the folder where you cloned the repo.
pipenv run python main.pyYou can also add values to the config.yaml file to simplify providing the script with custom parameters needed to run.
The following values can either be added to the config.yaml file or entered when prompted for when the script is run.
- PlexTrac Top Level Domain e.g. https://yourapp.plextrac.com
- Username
- Password
- Authenticates to instance of Plextrac
- Loads parser information from instance
- Prompts user to select a specific parser
- Fetches parser actions for selected parser
- Saves fetched data, including linked writeup details, to a CSV file