Blumira CLI

Command-line interface for the Blumira SIEM API.

Installation

From npm (GitHub Packages)

npm install -g @wyre-technology/blumira-cli

From Source

git clone https://github.com/wyre-technology/blumira-cli.git
cd blumira-cli
npm install
npm run build
npm link

Configuration

Set your Blumira JWT token as an environment variable:

export BLUMIRA_JWT_TOKEN="your-jwt-token-here"

Alternatively, you can pass the token with the --jwt-token flag on individual commands.

Usage

blumira <resource> <action> [options]

Global Options

• --format <format> - Output format: json (default) or table
• --jwt-token <token> - Blumira JWT token (overrides environment variable)

Commands

Findings

Manage security findings:

# List findings
blumira findings list [options]
  --page <number>              Page number (default: 1)
  --page-size <number>         Results per page (default: 100)
  --limit <number>             Maximum records to return
  --status <number>            Filter by status (10=Open, 40=Resolved)
  --priority <number>          Filter by priority (1-5)
  --category <number>          Filter by category ID
  --name <string>              Filter by exact name
  --name-contains <string>     Filter by name substring
  --name-regex <string>        Filter by name regex
  --created-after <datetime>   Created after (UTC)
  --created-before <datetime>  Created before (UTC)
  --format <format>            Output format (json|table)

# Get a specific finding
blumira findings get <finding-id> [options]

# Get detailed finding information
blumira findings details <finding-id> [options]

# Resolve a finding
blumira findings resolve <finding-id> --resolution <number> [--notes <string>]
  # Resolution codes: 10=Valid, 20=False Positive, 30=No Action Needed, 40=Risk Accepted

# Assign owners to a finding
blumira findings assign <finding-id> --owner-type <type> --owners <uuids>
  # Owner types: responder, analyst, manager
  # Owners: comma-separated list of user UUIDs (empty to clear)

# List comments on a finding
blumira findings comments <finding-id>

# Add a comment to a finding
blumira findings add-comment <finding-id> --body <text> --sender <uuid>

Agents

Manage agents and devices:

# List agent devices
blumira agents devices [options]
  --page <number>        Page number
  --page-size <number>   Results per page
  --limit <number>       Maximum records
  --order-by <field>     Order by field
  --format <format>      Output format (json|table)

# Get a specific device
blumira agents device <device-id>

# List agent keys
blumira agents keys [options]

# Get a specific key
blumira agents key <key-id>

Users

Manage users:

# List users
blumira users list [options]
  --page <number>        Page number
  --page-size <number>   Results per page
  --limit <number>       Maximum records
  --order-by <field>     Order by field
  --format <format>      Output format (json|table)

Resolutions

View available resolution options:

# List resolution options
blumira resolutions list

MSP (Multi-Tenant)

Manage MSP accounts and operations:

# List MSP accounts
blumira msp accounts list [options]

# Get MSP account details
blumira msp accounts get <account-id>

# List findings across all MSP accounts
blumira msp findings list-all [options]
  --status <number>            Filter by status
  --priority <number>          Filter by priority
  --created-after <datetime>   Created after (UTC)
  --created-before <datetime>  Created before (UTC)

# List findings for a specific account
blumira msp findings list <account-id> [options]

# Get a finding from an MSP account
blumira msp findings get <account-id> <finding-id>

# Resolve a finding in an MSP account
blumira msp findings resolve <account-id> <finding-id> --resolution <number> [--notes <string>]

# Assign owners to a finding in an MSP account
blumira msp findings assign <account-id> <finding-id> --owner-type <type> --owners <uuids>

# List comments on a finding in an MSP account
blumira msp findings comments <account-id> <finding-id>

# Add a comment to a finding in an MSP account
blumira msp findings add-comment <account-id> <finding-id> --body <text> --sender <uuid>

# List devices for an MSP account
blumira msp devices list <account-id>

# Get a device from an MSP account
blumira msp devices get <account-id> <device-id>

# List keys for an MSP account
blumira msp keys list <account-id>

# Get a key from an MSP account
blumira msp keys get <account-id> <key-id>

# List users for an MSP account
blumira msp users list <account-id>

Examples

List open findings

blumira findings list --status 10 --format table

Get finding details

blumira findings details abc-123-def-456

Resolve a finding as false positive

blumira findings resolve abc-123-def-456 --resolution 20 --notes "Confirmed benign traffic"

List all MSP accounts

blumira msp accounts list --format table

View findings across all MSP accounts

blumira msp findings list-all --status 10 --priority 5

Output Formats

JSON (default)

blumira findings list --format json

Returns raw JSON output suitable for scripting and automation.

Table

blumira findings list --format table

Returns formatted table output for human readability.

Environment Variables

• BLUMIRA_JWT_TOKEN - Blumira JWT token for authentication

Development

# Install dependencies
npm install

# Build the project
npm run build

# Watch mode for development
npm run dev

# Type checking
npm run typecheck

# Linting
npm run lint

# Run tests
npm test

Contributing

See CONTRIBUTING.md for contribution guidelines.

License

MIT - see LICENSE file for details.

Support

• GitHub Issues: https://github.com/wyre-technology/blumira-cli/issues
• Documentation: https://github.com/wyre-technology/blumira-cli

Related Projects

• @wyre-technology/node-blumira - Node.js client library
• blumira-mcp - Model Context Protocol server