Tool - ctx

The command line ctx tool allows performing essential tasks such as file uploads, scenario management, and retrieval of analysis results. It can be used to control multiple different Contextal Platform instances through separate user profiles.

Installation

The tool is part of the contextal package:

pip install contextal

Usage

Create Default Profile

ctx config create local_cloud http://contextal.my_company.lan --set-default

Create Additional Profile

ctx config create public_cloud https://contextal.my_company.com --token glpat-my-token

Upload File Using Default Profile

ctx work submit my_sample

Upload File Using Specific Profile

ctx work submit my_sample --profile public_cloud

Get Graph Generated For Work

ctx work graph MY_WORK_ID --pretty

Check Scenarios Results

This command will provide a list or recommended actions (if any) generated by scenarios for a given work.

ctx work actions MY_WORK_ID --pretty

Add New Scenario

Execute the following command to deploy an example scenario, which triggers a BLOCK action, for e-mails containing windows shortcut files.

ctx scenario add "-"<<EOF
{
    "action": "BLOCK",
    "creator": "me@my_company.com",
    "context": null,
    "description": "Block all mails containing windows link files",
    "local_query": "object_type=\"LNK\" && @has_root(object_type == \"Email\")",
    "max_ver": null,
    "min_ver": 1,
    "name": "MAIL_WITH_LNK"
}
EOF

Reload Scenarios

Call the reload option to make Contextal Platform start using any new/updated scenarios.

ctx scenario reload

Download Scenarios

Scenarios can be downloaded and used as a backup or template for new ones:

ctx scenario details SCENARIO_ID > scenario1.backup
# modify scenario using jq command 
cat scenario1.backup | jq '.name="MAIL_WITH_PE"|.local_query="object_type=\"PE\" && @has_root(object_type == \"Email\")"' > scenario2
# add scenario2
ctx scenario add scenario2
# call the reload option to make Contextal Platform start using any new scenarios
ctx scenario reload