Skip to content

Python Client

Python client library for accessing the cyber.trackr.live API with comprehensive helper methods, smart search, and optional caching.

New to the API? Check out the API Getting Started Guide to understand the data model and endpoints.

Installation

bash
pip install cyber-trackr-live

With optimizations (recommended for production):

bash
pip install cyber-trackr-live[optimizations]
# OR manually:
pip install cyber-trackr-live hishel ratelimit

Requirements: Python 3.8+ (see .python-version)

Quick Start

python
from cyber_trackr_helper import CyberTrackrHelper

# Initialize the helper (includes generated client)
helper = CyberTrackrHelper()

# List all available STIGs
stigs = helper.list_stigs()
print(f"Available STIGs: {len(stigs)}")

# Search for specific STIGs (smart matching)
redhat_stigs = helper.search_documents("Red Hat", doc_type='stig')
for name in list(redhat_stigs.keys())[:5]:
    print(f"  - {name}")

# Get RMF control family
ac_controls = helper.get_control_family('AC', revision=5)
print(f"Access Control family: {len(ac_controls)} controls")

Architecture

The Python client consists of two main components:

1. Generated Client (cyber_trackr_api_client)

  • Auto-generated from OpenAPI specification using openapi-python-client
  • Low-level API access with full type hints (Pydantic)
  • Uses httpx for modern async/await support
  • Handles serialization and HTTP details
  • You could generate this yourself, but we maintain it for you

2. Helper Library (cyber_trackr_helper)

  • High-level convenience methods for common workflows
  • Wraps generated client with business logic
  • Provides simplified interfaces for complex operations
  • Unique value-add with smart features not available in raw client

Key Features

  • Smart search - Handles "Red Hat", "RedHat", "red_hat" equivalently
  • Fuzzy matching - Find documents with similarity scoring
  • Type safety - Full type hints with Pydantic v2
  • Async support - Native async/await with httpx
  • HTTP caching - Optional caching with hishel (RFC 9111 compliant)
  • Rate limiting - Optional respectful rate limiting
  • Severity filtering - Filter requirements by HIGH/MEDIUM/LOW
  • ID parsing - Utilities for V-IDs, SV-IDs, CCI-IDs, RMF controls
  • Cross-referencing - Map STIGs → CCIs → RMF controls
  • Pure Python - No external system dependencies
python
from cyber_trackr_helper import CyberTrackrHelper

# Best practice configuration with caching and rate limiting
helper = CyberTrackrHelper(
    enable_cache=True,  # Enable HTTP caching
    cache_ttl=3600,  # 1 hour cache (adjust as needed)
    cache_backend='filesystem',  # 'filesystem', 'sqlite', or 'redis'
    rate_limit_per_second=10  # Respectful rate limiting
)

# First call hits API (~300ms)
stigs = helper.list_stigs()

# Second call hits cache (~10ms) - 30x faster!
stigs = helper.list_stigs()

Helper Methods

The helper provides simplified methods for common workflows:

python
helper = CyberTrackrHelper()

# Document filtering
stigs = helper.list_stigs()  # Only STIGs
srgs = helper.list_srgs()  # Only SRGs
is_srg = CyberTrackrHelper.is_srg("Application_Security_Requirements_Guide")

# Smart search (handles various formats)
results = helper.search_documents("Red Hat", doc_type='stig')
fuzzy_results = helper.fuzzy_search_documents("RedHat Linux", threshold=0.6)

# Severity filtering
high_reqs = helper.get_high_severity_requirements(name, version, release)
summary = helper.get_requirements_summary_by_severity(name, version, release)

# RMF controls
ac_family = helper.get_control_family('AC', revision=5)
family_info = helper.get_control_family_info('AC')  # With full name

# CCI operations
password_ccis = helper.search_ccis('password')
control_ccis = helper.get_ccis_for_rmf_control('AC-1')

# Cross-referencing
chain = helper.get_compliance_chain(name, version, release, 'V-214518')
mapping = helper.map_stig_to_rmf(name, version, release)

# Batch operations with progress
def progress(current, total, v_id):
    print(f"Fetching {current}/{total}: {v_id}")

complete = helper.fetch_complete_stig(
    name, version, release,
    progress_callback=progress
)

Direct Client Access

For advanced use cases, access the generated client directly:

python
from cyber_trackr_api_client import Client
from cyber_trackr_api_client.api.documents import list_all_documents, get_document

# Create client
client = Client(base_url="https://cyber.trackr.live/api")

# Low-level API calls (fully typed)
all_docs = list_all_documents.sync(client=client)
stig = get_document.sync(
    name="Red_Hat_Enterprise_Linux_9",
    version="1",
    release="2",
    client=client
)

# Async support
async with Client(base_url="https://cyber.trackr.live/api") as client:
    all_docs = await list_all_documents.asyncio(client=client)

Learn More

Comparison: Python vs Ruby Client

FeatureRubyPython
Smart search
Fuzzy matching
HTTP caching✅ (optional)
Rate limiting⚠️ Manual✅ (optional)
Async support
Type hintsN/A✅ Full
ID parsing
Severity filtering

Both clients share core helper methods (document filtering, batch fetching, cross-referencing).

Support

Released under the Apache-2.0 License.