Add .env

.env_sample

@@ -0,0 +1,2 @@
+API_KEY=your-secret-api-key
+MANAGEMENT_CONSOLE_URL=https://your-management-console-url

sentinel_one.py

@@ -3,12 +3,16 @@ import re
 import requests
 import json
 from datetime import datetime
+from dotenv import load_dotenv
 
-# User-defined variables
+# Load environment variables from .env file
-api_url = "https://<MANAGEMENT_CONSOLE_URL>/web/api/v2.1/threats?limit=10"
+load_dotenv()
-api_key = "<API_KEY>"
+
+# Retrieve API key and management console URL securely
+api_url = os.getenv("MANAGEMENT_CONSOLE_URL") + "/web/api/v2.1/threats?limit=10"
+api_key = os.getenv("API_KEY")
 log_file_path = "/var/log/sentinelone.json"
-custom_timestamp = "" #Enter your preferred timestamp within the quotes using the format 2023-01-01T00:00:00
+custom_timestamp = ""  # Enter your preferred timestamp using format 2023-01-01T00:00:00
 
 
 def get_last_timestamp(log_file_path):
@@ -29,6 +33,7 @@ def get_last_timestamp(log_file_path):
     except FileNotFoundError:
         return None
 
+
 def get_logs(start_timestamp):
     headers = {
         'Authorization': f'ApiToken {api_key}',
@@ -47,7 +52,12 @@ def get_logs(start_timestamp):
         print(f"Failed to fetch logs: {response.status_code}")
         return None
 
+
 def main():
+    if not api_key or not api_url:
+        print("Error: API key or Management Console URL not set. Check your .env file.")
+        return
+
     # Get the last timestamp from the log file
     last_timestamp = get_last_timestamp(log_file_path)
     if last_timestamp:
@@ -56,27 +66,17 @@ def main():
         print("Log file is empty or doesn't exist.")
 
     if custom_timestamp:
-        # If custom timestamp is specified, check the log file first
         last_timestamp_from_file = get_last_timestamp(log_file_path)
-        if last_timestamp_from_file:
+        start_timestamp = last_timestamp_from_file if last_timestamp_from_file else custom_timestamp
-            start_timestamp = last_timestamp_from_file
+        print(f"Using timestamp: {start_timestamp}")
-            print(f"Using last timestamp from log file: {start_timestamp}")
-        else:
-            start_timestamp = custom_timestamp
-            print(f"Using custom timestamp: {start_timestamp}")
     else:
-        start_timestamp = last_timestamp
+        start_timestamp = last_timestamp if last_timestamp else None
-        if last_timestamp:
+        print(f"Using last timestamp from log file: {start_timestamp}" if start_timestamp else "No last timestamp found.")
-            print(f"Using last timestamp from log file: {start_timestamp}")
-        else:
-            print("No last timestamp found in log file.")
-            start_timestamp = None  # Reset start timestamp to None if neither custom nor file timestamp available
 
     # Query the SentinelOne API for logs since the start timestamp
     logs = get_logs(start_timestamp)
 
     if logs:
-        # Write the logs to the local log file
         with open(log_file_path, 'a') as file:
             for log in logs['data']:
                 file.write(json.dumps(log))
@@ -85,5 +85,6 @@ def main():
     else:
         print("No logs fetched.")
 
+
 if __name__ == "__main__":
     main()