Python Client
Python client library for accessing the cyber.trackr.live API with comprehensive helper methods, smart search, and optional caching.
New to the API? Check out the API Getting Started Guide to understand the data model and endpoints.
Installation
bash
pip install cyber-trackr-live
With optimizations (recommended for production):
bash
pip install cyber-trackr-live[optimizations]
# OR manually:
pip install cyber-trackr-live hishel ratelimit
Requirements: Python 3.8+ (see .python-version
)
Quick Start
python
from cyber_trackr_helper import CyberTrackrHelper
# Initialize the helper (includes generated client)
helper = CyberTrackrHelper()
# List all available STIGs
stigs = helper.list_stigs()
print(f"Available STIGs: {len(stigs)}")
# Search for specific STIGs (smart matching)
redhat_stigs = helper.search_documents("Red Hat", doc_type='stig')
for name in list(redhat_stigs.keys())[:5]:
print(f" - {name}")
# Get RMF control family
ac_controls = helper.get_control_family('AC', revision=5)
print(f"Access Control family: {len(ac_controls)} controls")
Architecture
The Python client consists of two main components:
1. Generated Client (cyber_trackr_api_client
)
- Auto-generated from OpenAPI specification using openapi-python-client
- Low-level API access with full type hints (Pydantic)
- Uses httpx for modern async/await support
- Handles serialization and HTTP details
- You could generate this yourself, but we maintain it for you
2. Helper Library (cyber_trackr_helper
)
- High-level convenience methods for common workflows
- Wraps generated client with business logic
- Provides simplified interfaces for complex operations
- Unique value-add with smart features not available in raw client
Key Features
- Smart search - Handles "Red Hat", "RedHat", "red_hat" equivalently
- Fuzzy matching - Find documents with similarity scoring
- Type safety - Full type hints with Pydantic v2
- Async support - Native async/await with httpx
- HTTP caching - Optional caching with hishel (RFC 9111 compliant)
- Rate limiting - Optional respectful rate limiting
- Severity filtering - Filter requirements by HIGH/MEDIUM/LOW
- ID parsing - Utilities for V-IDs, SV-IDs, CCI-IDs, RMF controls
- Cross-referencing - Map STIGs → CCIs → RMF controls
- Pure Python - No external system dependencies
Production Setup (Recommended)
python
from cyber_trackr_helper import CyberTrackrHelper
# Best practice configuration with caching and rate limiting
helper = CyberTrackrHelper(
enable_cache=True, # Enable HTTP caching
cache_ttl=3600, # 1 hour cache (adjust as needed)
cache_backend='filesystem', # 'filesystem', 'sqlite', or 'redis'
rate_limit_per_second=10 # Respectful rate limiting
)
# First call hits API (~300ms)
stigs = helper.list_stigs()
# Second call hits cache (~10ms) - 30x faster!
stigs = helper.list_stigs()
Helper Methods
The helper provides simplified methods for common workflows:
python
helper = CyberTrackrHelper()
# Document filtering
stigs = helper.list_stigs() # Only STIGs
srgs = helper.list_srgs() # Only SRGs
is_srg = CyberTrackrHelper.is_srg("Application_Security_Requirements_Guide")
# Smart search (handles various formats)
results = helper.search_documents("Red Hat", doc_type='stig')
fuzzy_results = helper.fuzzy_search_documents("RedHat Linux", threshold=0.6)
# Severity filtering
high_reqs = helper.get_high_severity_requirements(name, version, release)
summary = helper.get_requirements_summary_by_severity(name, version, release)
# RMF controls
ac_family = helper.get_control_family('AC', revision=5)
family_info = helper.get_control_family_info('AC') # With full name
# CCI operations
password_ccis = helper.search_ccis('password')
control_ccis = helper.get_ccis_for_rmf_control('AC-1')
# Cross-referencing
chain = helper.get_compliance_chain(name, version, release, 'V-214518')
mapping = helper.map_stig_to_rmf(name, version, release)
# Batch operations with progress
def progress(current, total, v_id):
print(f"Fetching {current}/{total}: {v_id}")
complete = helper.fetch_complete_stig(
name, version, release,
progress_callback=progress
)
Direct Client Access
For advanced use cases, access the generated client directly:
python
from cyber_trackr_api_client import Client
from cyber_trackr_api_client.api.documents import list_all_documents, get_document
# Create client
client = Client(base_url="https://cyber.trackr.live/api")
# Low-level API calls (fully typed)
all_docs = list_all_documents.sync(client=client)
stig = get_document.sync(
name="Red_Hat_Enterprise_Linux_9",
version="1",
release="2",
client=client
)
# Async support
async with Client(base_url="https://cyber.trackr.live/api") as client:
all_docs = await list_all_documents.asyncio(client=client)
Learn More
- Helper Methods - Complete reference for convenience methods
- Optimization Guide - Caching and rate limiting best practices
- Examples - Real-world usage examples and patterns
- API Documentation - Understand the underlying API
- Generate Other Clients - Create clients for other languages
Comparison: Python vs Ruby Client
Feature | Ruby | Python |
---|---|---|
Smart search | ❌ | ✅ |
Fuzzy matching | ❌ | ✅ |
HTTP caching | ❌ | ✅ (optional) |
Rate limiting | ⚠️ Manual | ✅ (optional) |
Async support | ❌ | ✅ |
Type hints | N/A | ✅ Full |
ID parsing | ❌ | ✅ |
Severity filtering | ❌ | ✅ |
Both clients share core helper methods (document filtering, batch fetching, cross-referencing).
Support
- 📚 Documentation: This site and inline code docstrings
- 🐛 Issues: GitHub Issues
- 💬 Discussions: GitHub Discussions