Imperva Cyber Community

communities_1.jpg
 View Only
  • 1.  Python Script to extract data from DNS Protection to CSV file

    Posted 07-16-2024 15:36
    Edited by Gustavo Prates 07-16-2024 15:45
      |   view attached

    Hello everbody,

    I'm sharing a Python Script developed to extract the data from the last 7 days of all domains protected by DNS Protection.

    Below is how that script runs:

    I uploaded the file to this thread, however here is the link to github: dnsDashboard.py

    Example of graph in powerbi:

    Best regards,

    Gustavo Prates

    Cyber Security Analyst | CCSA, Cloud WAF, Forcepoint One

    M: +55 11 94235-2956 | T: +55 11 2699-3600

    Ícone

Descrição gerada automaticamente


    #AllImperva
    #CloudWAF(formerlyIncapsula)

    ------------------------------
    Gustavo Prates
    Cyber Security Analyst
    ETEK Novared Brasil Ltda
    São Paulo
    ------------------------------

    Attachment(s)

    txt
    dnsDashboard.txt   7 KB 1 version


  • 2.  RE: Python Script to extract data from DNS Protection to CSV file

    Posted 08-08-2024 06:15

    Thanks for sharing Gustavo!



    ------------------------------
    Sarah Lamont
    Digital Community Manager
    ------------------------------



  • 3.  RE: Python Script to extract data from DNS Protection to CSV file

    Posted 10-14-2024 16:05

    Super interesting Gustavo.  May I ask what the initial use case or impetus was that inspired you to write it?



    ------------------------------
    David Holmes
    ------------------------------



  • 4.  RE: Python Script to extract data from DNS Protection to CSV file

    Posted 10-14-2024 16:29

    Hi David,

    Our clients who use Imperva's DNS Protection face significant challenges in extracting data from the tool, as it only allows exports in PNG format.

    Some of them need more executive-level reports to present to the company's board, showing the effectiveness of Imperva's DNS protection.

    With this script, it's possible to extract data such as the number of queries over a given period, how many queries were blocked, served from cache, and so on. This can be done for a single zone or for all zones registered in DNS Protect.

    And since it's extracted in CSV format, the data can be used in various analytics tools to generate executive-level visualizations.

    Other clients are even using this script to monitor DNS zones instead of the console, due to the convenience of obtaining the data in the way they want.

    Best Regards,



    ------------------------------
    Gustavo Prates
    Cyber Security Analyst
    ETEK Novared Brasil Ltda
    São Paulo
    ------------------------------



  • 5.  RE: Python Script to extract data from DNS Protection to CSV file

    Posted 10-14-2024 17:23

    Most excellent, Gustavo! I didn't realize that the PNG limitation and can easily see how having the raw list could serve many more purposes.  Are there other limitations you're planning to script around next?



    ------------------------------
    David Holmes, Imperva AppSec CTO
    ------------------------------



  • 6.  RE: Python Script to extract data from DNS Protection to CSV file

    Posted 10-15-2024 08:30
    Edited by Roberto Junior 10-15-2024 08:34

    -



  • 7.  RE: Python Script to extract data from DNS Protection to CSV file

    Posted 10-15-2024 08:35

    I have already developed some other scripts to simplify some day-to-day tasks. For example, I have a script that allows replicating a custom rule created for one site to all sites or a specific list of websites.

    This helps avoid the need to manually create the same rule site by site.

    Here at Novared, we usually perform health checks on clients' environments. To do this, we extract various configuration details from the console for a report. It's still in development, but we've already automated part of the information collection process.

    Best Regards,



    ------------------------------
    Gustavo Prates
    Cyber Security Analyst
    ETEK Novared Brasil Ltda
    São Paulo
    ------------------------------