There is no parent module to import from

[krishnabapu-genesys]

Describe the bug A clear and concise description of what the bug is. Not sure if I want to call this a bug however, when I try to compile(interpet) using python 3 for discovery.py, I get the following error

from ._util import force_default, process_service_request ImportError: attempted relative import with no known parent package

To Reproduce Steps to reproduce the behavior. I am currently using Windows 10, DOS command shell as well as VSC, commandline command is below and I get the above error python3 discovery.py

Expected behavior A clear and concise description of what you expected to happen. Should execute with some discovery data

Environment (please complete the following information):

• OS: [e.g. Red Hat Enterprise Linux 8.3]
• Python: [e.g. 3.9]
• FalconPy: [e.g. 0.7.1] OS = WIndows 10 Python = 3.9.9 FalconPy = 0.9.0

Additional context Add any other context about the problem here.

[jshcodes]

Are you trying to execute the code in src/falconpy/discover.py directly? (This won't work, you'll need to import the main package.)

Working example

If you've not installed the crowdstrike-falconpy package, install this first with the command python3 -m pip install crowdstrike-falconpy

from falconpy import Discover

discover = Discover(client_id="API_KEY_HERE", client_secret="API_SECRET_HERE")

print(discover.query_hosts(limit=1))

[krishnabapu-genesys]

No

1. I am trying to execute my code in my home directory where I have copied discover.py file only and the rest of the modules should be in the path, like any other module(s)
2. I have already installed 0.9.0 version
3. In the discover.py, I have inserted the right creds

Thanks!

[jshcodes]

The discover.py module is not intended to be executed stand-alone. You shouldn't have to copy any falconpy source into your folder, just installing the package should make it available for import using from falconpy import {ClassName}.

If you'd like, go ahead and paste a sample of your code here and I can see if I can't give you an example for what you're trying to do.

Don't forget to sanitize any API keys, CIDs and AIDs.

[jshcodes]

Follow up: here's a basic example for retrieving hosts identified by Discover.

from falconpy import Discover

discover = Discover(client_id="API_ID_HERE", client_secret="API_SECRET_HERE")

# Limit can be adjusted up to the maximum of 100
hosts_found = discover.query_hosts(limit=20)

# Maximum number of ids that can be retrieved is also 100
host_details = discover.get_hosts(ids=hosts_found["body"]["resources"])

for host in host_details["body"]["resources"]:
    display = "Hostname / IP not found"
    if "local_ip" in host:
        display = host["local_ip"]
    if "hostname" in host:
        display = host["hostname"]
    print(display)

[krishnabapu-genesys]

Thanks – would be a good idea if we could add a sample code to ‘consume’ these functions/APIs.

What I am trying to do is just ensure that Falcon is accessible to our SOC team, effectively validating that Crowdstrike back-end to our network connectivity are all working/operational and I chose discover API as my ‘solution’ for the above use-case.

Now, I will create a sample code and send it across later today.

Bests,

[jshcodes]

Hi @krishnabapu-genesys,

For your SOC team - additional documentation can be found in our wiki (link in the tabs above), or on https://falconpy.io. We don't have any Discover samples online yet, but they may also find value in the other samples we've posted in the repo here: https://github.com/CrowdStrike/falconpy/tree/main/samples.

Thanks for the question! :smile: