sift_client.resources.rules ¶

CLASS	DESCRIPTION
`RulesAPIAsync`	High-level API for interacting with rules.

RulesAPIAsync ¶

RulesAPIAsync(sift_client: SiftClient)

Bases: ResourceBase

High-level API for interacting with rules.

This class provides a Pythonic, notebook-friendly interface for interacting with the RulesAPI. It handles automatic handling of gRPC services, seamless type conversion, and clear error handling.

All methods in this class use the Rule class from the low-level wrapper, which is a user-friendly representation of a rule using standard Python data structures and types.

Initialize the RulesAPI.

PARAMETER	DESCRIPTION
`sift_client`	The Sift client to use. TYPE: `SiftClient`

METHOD	DESCRIPTION
`archive`	Archive a rule.
`batch_get_rule_versions`	Get multiple rules at specific versions by rule version IDs.
`batch_update_or_create_rules`	Batch update or create multiple rules.
`create`	Create a new rule.
`find`	Find a single rule matching the given query. Takes the same arguments as `list`. If more than one rule is found,
`get`	Get a Rule.
`get_rule_version`	Get a rule at a specific version by rule version ID.
`list_`	List rules with optional filtering.
`list_rule_versions`	List versions of a rule with optional filtering.
`unarchive`	Unarchive a rule.
`update`	Update a Rule.

ATTRIBUTE	DESCRIPTION
`client`	TYPE: `SiftClient`
`grpc_client`	TYPE: `GrpcClient`
`rest_client`	TYPE: `RestClient`

client `property` ¶

client: SiftClient

grpc_client `property` ¶

grpc_client: GrpcClient

rest_client `property` ¶

rest_client: RestClient

archive `async` ¶

archive(rule: str | Rule) -> Rule

Archive a rule.

PARAMETER	DESCRIPTION
`rule`	The id or Rule object of the rule to archive. TYPE: `str \| Rule`

RETURNS	DESCRIPTION
`Rule`	The archived Rule.

batch_get_rule_versions `async` ¶

batch_get_rule_versions(
    rule_versions: list[RuleVersion] | list[str],
) -> list[Rule]

Get multiple rules at specific versions by rule version IDs.

PARAMETER	DESCRIPTION
`rule_versions`	List of RuleVersion instances or rule version IDs. TYPE: `list[RuleVersion] \| list[str]`

RETURNS	DESCRIPTION
`list[Rule]`	List of Rules at those versions.

batch_update_or_create_rules `async` ¶

batch_update_or_create_rules(
    rules: Sequence[RuleCreate | RuleUpdate],
    *,
    override_expression_validation: bool = False,
) -> list[Rule]

Batch update or create multiple rules.

PARAMETER	DESCRIPTION
`rules`	List of rule creates or updates to apply. RuleUpdate objects must have resource_id set. TYPE: `Sequence[RuleCreate \| RuleUpdate]`
`override_expression_validation`	When true, the rules will be created even if the expressions are invalid. TYPE: `bool` DEFAULT: `False`

WARNS	DESCRIPTION
`SiftWarning`	If not all rules are created or updated.

RETURNS	DESCRIPTION
`list[Rule]`	List of updated or created Rules.

RAISES	DESCRIPTION
`ValueError`	If the update/create fails or if not all rules were updated/created.

create `async` ¶

create(
    create: RuleCreate | dict | Sequence[RuleCreate | dict],
    *,
    override_expression_validation: bool = True,
) -> Rule | list[Rule]

Create a new rule.

PARAMETER	DESCRIPTION
`create`	A RuleCreate object, a dictionary with configuration for the new rule, or a list of the previously mentioned objects. TYPE: `RuleCreate \| dict \| Sequence[RuleCreate \| dict]`
`override_expression_validation`	When true, the rule will be created even if the expression is invalid. TYPE: `bool` DEFAULT: `True`

WARNS	DESCRIPTION
`SiftWarning`	If not all rules are created.

RETURNS	DESCRIPTION
`Rule \| list[Rule]`	The created Rule (if a single dictionary or RuleCreate was provided) otherwise a list of the created rules.

find `async` ¶

find(**kwargs) -> Rule | None

Find a single rule matching the given query. Takes the same arguments as list. If more than one rule is found, raises an error.

PARAMETER	DESCRIPTION
`**kwargs`	Keyword arguments to pass to `list`. DEFAULT: `{}`

RETURNS	DESCRIPTION
`Rule \| None`	The Rule found or None.

get `async` ¶

get(
    *,
    rule_id: str | None = None,
    client_key: str | None = None,
) -> Rule

Get a Rule.

PARAMETER	DESCRIPTION
`rule_id`	The ID of the rule. TYPE: `str \| None` DEFAULT: `None`
`client_key`	The client key of the rule. TYPE: `str \| None` DEFAULT: `None`

RETURNS	DESCRIPTION
`Rule`	The Rule.

get_rule_version `async` ¶

get_rule_version(rule_version: RuleVersion | str) -> Rule

Get a rule at a specific version by rule version ID.

PARAMETER	DESCRIPTION
`rule_version`	The RuleVersion instance or rule version ID. TYPE: `RuleVersion \| str`

RETURNS	DESCRIPTION
`Rule`	The Rule at that version.

list_ `async` ¶

list_(
    *,
    name: str | None = None,
    names: list[str] | None = None,
    name_contains: str | None = None,
    name_regex: str | Pattern | None = None,
    rule_ids: list[str] | None = None,
    client_keys: list[str] | None = None,
    created_after: datetime | None = None,
    created_before: datetime | None = None,
    modified_after: datetime | None = None,
    modified_before: datetime | None = None,
    created_by: Any | str | None = None,
    modified_by: Any | str | None = None,
    metadata: list[Any] | None = None,
    assets: list[str] | list[Asset] | None = None,
    asset_tags: list[str | Tag] | None = None,
    description_contains: str | None = None,
    include_archived: bool = False,
    filter_query: str | None = None,
    order_by: str | None = None,
    limit: int | None = None,
) -> list[Rule]

List rules with optional filtering.

PARAMETER	DESCRIPTION
`name`	Exact name of the rule. TYPE: `str \| None` DEFAULT: `None`
`names`	List of rule names to filter by. TYPE: `list[str] \| None` DEFAULT: `None`
`name_contains`	Partial name of the rule. TYPE: `str \| None` DEFAULT: `None`
`name_regex`	Regular expression string to filter rules by name. TYPE: `str \| Pattern \| None` DEFAULT: `None`
`client_keys`	Client keys of rules to filter to. TYPE: `list[str] \| None` DEFAULT: `None`
`rule_ids`	IDs of rules to filter to. TYPE: `list[str] \| None` DEFAULT: `None`
`created_after`	Rules created after this datetime. TYPE: `datetime \| None` DEFAULT: `None`
`created_before`	Rules created before this datetime. TYPE: `datetime \| None` DEFAULT: `None`
`modified_after`	Rules modified after this datetime. TYPE: `datetime \| None` DEFAULT: `None`
`modified_before`	Rules modified before this datetime. TYPE: `datetime \| None` DEFAULT: `None`
`created_by`	Filter rules created by this User or user ID. TYPE: `Any \| str \| None` DEFAULT: `None`
`modified_by`	Filter rules last modified by this User or user ID. TYPE: `Any \| str \| None` DEFAULT: `None`
`metadata`	Filter rules by metadata criteria. TYPE: `list[Any] \| None` DEFAULT: `None`
`assets`	Filter rules associated with any of these Assets. TYPE: `list[str] \| list[Asset] \| None` DEFAULT: `None`
`asset_tags`	Filter rules associated with any Assets that have these Tag IDs. TYPE: `list[str \| Tag] \| None` DEFAULT: `None`
`description_contains`	Partial description of the rule. TYPE: `str \| None` DEFAULT: `None`
`include_archived`	If True, include archived rules in results. TYPE: `bool` DEFAULT: `False`
`filter_query`	Explicit CEL query to filter rules. TYPE: `str \| None` DEFAULT: `None`
`order_by`	Field and direction to order results by. TYPE: `str \| None` DEFAULT: `None`
`limit`	Maximum number of rules to return. If None, returns all matches. TYPE: `int \| None` DEFAULT: `None`

RETURNS	DESCRIPTION
`list[Rule]`	A list of Rules that matches the filter.

list_rule_versions `async` ¶

list_rule_versions(
    rule: Rule | str,
    *,
    user_notes_contains: str | None = None,
    change_message_contains: str | None = None,
    rule_version_ids: list[str] | None = None,
    filter_query: str | None = None,
    limit: int | None = None,
) -> list[RuleVersion]

List versions of a rule with optional filtering.

PARAMETER	DESCRIPTION
`rule`	The Rule instance or rule ID. TYPE: `Rule \| str`
`user_notes_contains`	Filter by user notes (notes for a given version) containing this string. TYPE: `str \| None` DEFAULT: `None`
`change_message_contains`	Filter by change messages containing this string. TYPE: `str \| None` DEFAULT: `None`
`rule_version_ids`	Limit to these rule version IDs. TYPE: `list[str] \| None` DEFAULT: `None`
`filter_query`	Raw CEL filter (fields: rule_version_id, user_notes, change_message). TYPE: `str \| None` DEFAULT: `None`
`limit`	Maximum number of versions to return. If None, returns all matches. TYPE: `int \| None` DEFAULT: `None`

RETURNS	DESCRIPTION
`list[RuleVersion]`	A list of RuleVersion objects matching the filters, ordered by newest versions first.

unarchive `async` ¶

unarchive(rule: str | Rule) -> Rule

Unarchive a rule.

PARAMETER	DESCRIPTION
`rule`	The id or Rule object of the rule to unarchive. TYPE: `str \| Rule`

RETURNS	DESCRIPTION
`Rule`	The unarchived Rule.

update `async` ¶

update(
    rule: Rule | str,
    update: RuleUpdate | dict,
    *,
    version_notes: str | None = None,
) -> Rule

Update a Rule.

PARAMETER	DESCRIPTION
`rule`	The Rule or rule ID to update. TYPE: `Rule \| str`
`update`	Updates to apply to the Rule. TYPE: `RuleUpdate \| dict`
`version_notes`	Notes to include in the rule version. TYPE: `str \| None` DEFAULT: `None`

RETURNS	DESCRIPTION
`Rule`	The updated Rule.

sift_client.resources.rules ¶

RulesAPIAsync ¶

client property ¶

grpc_client property ¶

rest_client property ¶

archive async ¶

batch_get_rule_versions async ¶

batch_update_or_create_rules async ¶

create async ¶

find async ¶

get async ¶

get_rule_version async ¶

list_ async ¶

list_rule_versions async ¶

unarchive async ¶

update async ¶