Package Documentation

Storm Package: synapse-efflux

The following Commands are available from this package. This documentation is generated for version 0.2.0 of the package.

Storm Commands

This package implements the following Storm Commands.

efflux.scans.byid

Ingest the results of a completed scan by ID.

Examples:
  // Retrieve scan results by job ID and yield the nodes
  efflux.scans.byid "fd648e7d-50a0-4206-b4ea-da3df4f21586" --yield


Usage: efflux.scans.byid [options] <jobid>

Options:

  --help                      : Display the command usage.
  --debug                     : Show verbose debug output.
  --size <size>               : Limit the number of results ingested to the given size (per-node).
  --yield                     : Yield the newly created nodes.

Arguments:

  <jobid>                     : The ID of the job to be rerun.

efflux.scans.list

List the status and details of scans.

Examples:
  // List the 10 most recent scans
  efflux.scans.list

  // List the 100 most recent scans
  efflux.scans.list --count 100


Usage: efflux.scans.list [options]

Options:

  --help                      : Display the command usage.
  --debug                     : Show verbose debug output.
  --count <count>             : The number of recent scans to return. (default: 10)

efflux.scans.resubmit

Request that a particular scan be rerun.

Examples:
  // Request that particular scan be rerun.
  efflux.scans.resubmit "fd648e7d-50a0-4206-b4ea-da3df4f21586"

  // Request that a  particular scan  be rerun, and wait for and yield any results
  efflux.scans.resubmit "fd648e7d-50a0-4206-b4ea-da3df4f21586" --wait


Usage: efflux.scans.resubmit [options] <jobid>

Options:

  --help                      : Display the command usage.
  --wait                      : Block on the scan being completed and yield results.
  --debug                     : Show verbose debug output.
  --size <size>               : Limit the number of results ingested to the given size (per-node).

Arguments:

  <jobid>                     : The ID of the job to be rerun.

efflux.scans.submit

Submit a set of nodes for scanning by Efflux.

Examples:

  // Scan ports 1 through 1000 on host 1.2.3.4 and pend on any results, limiting results to 100 nodes.
  inet:ipv4=1.2.3.4 | efflux.scans.submit --wait --size 100 --ports 1-1000

  // Submit a scan for domain vertex.link, enabling the highest level of fingerprinting and
  // scanning ports 1 through 400 and 1000 through 1100.
  inet:fqdn=vertex.link | efflux.scans.submit --extra ({"ports": ["1000-1100", "1-400"], "fingerprint": 2})


Usage: efflux.scans.submit [options]

Options:

  --help                      : Display the command usage.
  --batch-size <batch_size>   : Specify the number of inbound nodes to batch into each job (max 10000). (default: 100)
  --ports [<ports> ...]       : The ports, port ranges, or port lists to scan.
  --checks                    : Enable Efflux's Checks system for your scan.
  --fingerprint <fingerprint> : The level of service fingerprinting to perform. (default: 0, choices: 0, 1, 2)
  --proto <proto>             : The protocol to use when reaching out to various hosts. (default: tcp)
  --extra <extra>             : An optional dictionary to override any other scan options.
  --wait                      : Block on the scan being completed and yield results.
  --debug                     : Show verbose debug output.

efflux.setup.apikey

Manage the Efflux API key.

Examples

    // Set a global Efflux API key
    efflux.setup.apikey abcd1234

    // Set a Efflux API key for the current user
    efflux.setup.apikey --self abcd1234

    // Display the API key scope of the current key
    efflux.setup.apikey --show-scope

    // Display the current API key.
    efflux.setup.apikey --show-apikey

    // Remove the current global API key.
    efflux.setup.apikey --remove

    // Remove the per-user API key for the current user.
    efflux.setup.apikey --self --remove


Usage: efflux.setup.apikey [options] <apikey>

Options:

  --help                      : Display the command usage.
  --self                      : Set or remove the key as a user variable. If not used, the key is set globally.
  --show-scope                : Display the API key scope in use (global vs self).
  --show-apikey               : Display the API key value (requires admin perms or a "self" scope key).
  --remove                    : Remove the configured API key. May be used with --self.

Arguments:

  [apikey]                    : The API key string.

efflux.usage

Display Efflux API usage for the API key.


Usage: efflux.usage [options]

Options:

  --help                      : Display the command usage.
  --debug                     : Show verbose debug output.
  --by-days                   : Show usage by days.
  --months <months>           : The number of months of usage to query for.
  --org                       : Get usage for the entire org (if sharing is enabled).

Storm Modules

This package does not export any Storm APIs.