Taegis Magic is a Jupyter Notebook and Command Line Interface for interacting with the Secureworks Taegis™ security platform. The Magics project is intended to assist users with workflows and analysis through Jupyter Notebook integrations and Pandas DataFrames.
All magic commands returned a normalized result, which contains a _repr_markdown_ as well as various other pretty printing methods added by the dataclass. We simply pass these objects to display, which will render all available MIME types.
As such, even without the --cache flag, the query result is pretty printed into the notebook as text/plain output, but isn't rendered in the notebook UI.
%%taegis alerts search --tenant $TAEGIS_TENANT_ID --region $TAEGIS_ENVIRONMENT --track --assign alerts_df
FROM alert
WHERE metadata.severity <= 0.6
EARLIEST='2023-09-12T12:47:00'
LATEST='2023-09-12T13:05:00'
[Test data, not customer data]
This means that notebook file sizes can grow dramatically in size (equal to the pretty printed SDK dataclasses) and is a potential source for accidental data leakage.
The fix is to pass exclude=["text/plain"] to the display call linked above. The markdown will render, but the repr for the dataclass will not.
All magic commands returned a normalized result, which contains a
_repr_markdown_
as well as various other pretty printing methods added by the dataclass. We simply pass these objects todisplay
, which will render all available MIME types.As such, even without the
--cache
flag, the query result is pretty printed into the notebook astext/plain
output, but isn't rendered in the notebook UI.[Test data, not customer data]
This means that notebook file sizes can grow dramatically in size (equal to the pretty printed SDK dataclasses) and is a potential source for accidental data leakage.
The fix is to pass
exclude=["text/plain"]
to thedisplay
call linked above. The markdown will render, but the repr for the dataclass will not.