API script to backup Reveal(x) Packet Sensors ( EDA/ECA)

Download Script Here:
extrahop_backup_script.py

This Script retrieves the backup file from the ExtraHop EDA/ECA(exbk file) in two methods
Version Tested On: 8.1.5

Method 1:
This method will look for the newest timestamp and download to the local directory of the file.

COMMAND:
python3 extrahop_backup_script.py -a [apikey} -H {eda/eca ip/hostname}
Method 2:
You can specify the ID of the backup if you get it from the API explorer.
COMMAND:
python3 extrahop_backup_script.py -a [apikey} -H {eda/eca ip/hostname} —id {id number}


REQUIRED python modules:
import argparse
import os
import requests
import logging
import sys
import time
import json


Help Command Output:
usage: extrahop_backup_script.py [-h] [-v] [-k] [-t TIME] [-H HOST]

[-a APIKEY] [-s] [-i ID]

optional arguments:
-h, --help show this help message and exit
-v, --verbose Print debug to console.
-k, --disable-cert-check

Disable certificate validation

-t TIME, --time TIME Relative time in minutes to start from. Default is

last 30 minutes

-H HOST, --host HOST Hostname or IP Address of extrahop.
-a APIKEY, --apikey APIKEY

API Key of Extrahop. Used with --host option

-s, --suppress suppress HTTPS warnings
-i ID, --id ID Manual ID of backup

2 Likes

Thank you for putting this together!

Very useful. Thank You.