The article describes on how to access and use test data with the sample Python application.

To access and use test data from the Data Feeds API, you edit the configuration file, run the Python script, and examine
the resulting data to determine how to use the data in your SIEM or other security monitoring applications.

Email security cloud

Prerequisites:

1. Locate and download an appropriate Python interpreter (version 3 and above) for your environment, and ensure that
your system recognizes files with the .py extension and associates them with the interpreter.
2. Decompress the NdfConfig.zip file that contains the Python configuration and script files, and save them to a
directory.

Edit the configuration file

1. Using a text editor such as Notepad++, open the configuration file NdfConfig.json:
{ "user" : "USERNAME",
 "password" : "PASSWORD",
#"proxy": "IP:PORT", # CHANGE ME, or  put false
    #"proxy": false,
 "uri": "https://datafeeds.emailsecurity.symantec.com/test",
 "resetUri": "https://datafeeds.emailsecurity.symantec.com/
test?reset=2016-09-01T00:00:00Z",
 "files" : {
 "cookiesFilePath" : "C:\\EXAMPLE_FILE_PATH",
 "logsFilePath" : "C:\\EXAMPLE_FILE_PATH" }

2. Replace USERNAME and PASSWORD with the Email Security.cloud portal credentials provided by your administrator.

3. In the uri and resetUri fields, ensure that FEED_NAME is test, which is the default state for the configuration file.

4. In the resetURI field, change the time to the right of reset= to the date and time from which you want to start to read
metadata.

NOTE: 
The resetURI mechanism is not used when you access data from the test feed, although it is required
for the all, malware, Threat isolation, clicktime URL Protection, Anti-spam, Email Threat Analytics
(ec_reports), and delivery feeds. It is included in the configuration file for use later when you want to
access these other feeds. The Python script ignores the resetUri when it accesses the test feed.

5. On the cookies FilePath line, specify the path at which to store the persistent cookies that are used to mark your
place in the feed.

6. On the logs FilePath line, specify the path at which to store the log files that the Data Feeds API connection session
produces.

7. Save and close NdfConfig.json.

Run the Python script

The NdfConfig.zip file you download from the Email Security.cloud portal contains both the configuration file and the
Python script file itself, called NdfScript.py. To use the Python script to access test feed data:

• Run NdfScript.py. If you specified the test URI in the configuration file, then you should begin to receive feed
data immediately. If you specified all, malware, isolation, clicktime, Email Threat Analytics (ec_reports), spam,
or delivery in the configuration file, then you must also have specified a time as part of the resetUri. Feed data
becomes available at the time you specified.

Examine the test feed contents

The best way to understand the structure and content of the data that the Data Feeds API returns is to examine the data
you receive from the test URI. In addition, you can also examine representations of the JSON files that are included in
this document that illustrate a variety of scenarios and conditions. See Sample JSON files produced by data feeds.