crimson-falcon 0.5.0 → 1.0.0

data/lib/crimson-falcon/api/downloads.rb

@@ -0,0 +1,108 @@
+=begin
+Crimson Falcon - Ruby Client SDK
+
+Code auto-generated by OpenAPI Generator; DO NOT EDIT.
+
+MIT License
+
+Copyright (c) 2023 Crowdstrike
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+
+=end
+
+require 'cgi'
+
+module Falcon
+  class Downloads
+    attr_accessor :api_client
+
+    def initialize(api_client = ApiClient.default)
+      @api_client = api_client
+    end
+    # Gets pre-signed URL for the file
+    # @param file_name [String] Name of the file to be downloaded
+    # @param file_version [String] Version of the file to be downloaded
+    # @param [Hash] opts the optional parameters
+    # @return [CommonEntitiesResponse]
+    def download_file(file_name, file_version, opts = {})
+      data, _status_code, _headers = download_file_with_http_info(file_name, file_version, opts)
+      data
+    end
+
+    # Gets pre-signed URL for the file
+    # @param file_name [String] Name of the file to be downloaded
+    # @param file_version [String] Version of the file to be downloaded
+    # @param [Hash] opts the optional parameters
+    # @return [Array<(CommonEntitiesResponse, Integer, Hash)>] CommonEntitiesResponse data, response status code and response headers
+    def download_file_with_http_info(file_name, file_version, opts = {})
+      if @api_client.config.debugging
+        @api_client.config.logger.debug 'Calling API: Downloads.download_file ...'
+      end
+      # verify the required parameter 'file_name' is set
+      if @api_client.config.client_side_validation && file_name.nil?
+        fail ArgumentError, "Missing the required parameter 'file_name' when calling Downloads.download_file"
+      end
+      # verify the required parameter 'file_version' is set
+      if @api_client.config.client_side_validation && file_version.nil?
+        fail ArgumentError, "Missing the required parameter 'file_version' when calling Downloads.download_file"
+      end
+      # resource path
+      local_var_path = '/csdownloads/entities/files/download/v1'
+
+      # query parameters
+      query_params = opts[:query_params] || {}
+      query_params[:'file_name'] = file_name
+      query_params[:'file_version'] = file_version
+
+      # header parameters
+      header_params = opts[:header_params] || {}
+      # HTTP header 'Accept' (if needed)
+      header_params['Accept'] = @api_client.select_header_accept(['application/json'])
+
+      # form parameters
+      form_params = opts[:form_params] || {}
+
+      # http body (model)
+      post_body = opts[:debug_body]
+
+      # return_type
+      return_type = opts[:debug_return_type] || 'CommonEntitiesResponse'
+
+      # auth_names
+      auth_names = opts[:debug_auth_names] || ['oauth2']
+
+      new_options = opts.merge(
+        :operation => :"Downloads.download_file",
+        :header_params => header_params,
+        :query_params => query_params,
+        :form_params => form_params,
+        :body => post_body,
+        :auth_names => auth_names,
+        :return_type => return_type
+      )
+
+      data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
+      if @api_client.config.debugging
+        @api_client.config.logger.debug "API called: Downloads#download_file\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+      end
+      return data, status_code, headers
+    end
+  end
+end

data/lib/crimson-falcon/api/{downloads_api_api.rb → downloads_api.rb}

@@ -30,81 +30,12 @@ SOFTWARE.
 require 'cgi'
 
 module Falcon
-  class DownloadsApiApi
+  class DownloadsApi
     attr_accessor :api_client
 
     def initialize(api_client = ApiClient.default)
       @api_client = api_client
     end
-    # Gets pre-signed URL for the file
-    # @param file_name [String] Name of the file to be downloaded
-    # @param file_version [String] Version of the file to be downloaded
-    # @param [Hash] opts the optional parameters
-    # @return [CommonEntitiesResponse]
-    def download_file(file_name, file_version, opts = {})
-      data, _status_code, _headers = download_file_with_http_info(file_name, file_version, opts)
-      data
-    end
-
-    # Gets pre-signed URL for the file
-    # @param file_name [String] Name of the file to be downloaded
-    # @param file_version [String] Version of the file to be downloaded
-    # @param [Hash] opts the optional parameters
-    # @return [Array<(CommonEntitiesResponse, Integer, Hash)>] CommonEntitiesResponse data, response status code and response headers
-    def download_file_with_http_info(file_name, file_version, opts = {})
-      if @api_client.config.debugging
-        @api_client.config.logger.debug 'Calling API: DownloadsApiApi.download_file ...'
-      end
-      # verify the required parameter 'file_name' is set
-      if @api_client.config.client_side_validation && file_name.nil?
-        fail ArgumentError, "Missing the required parameter 'file_name' when calling DownloadsApiApi.download_file"
-      end
-      # verify the required parameter 'file_version' is set
-      if @api_client.config.client_side_validation && file_version.nil?
-        fail ArgumentError, "Missing the required parameter 'file_version' when calling DownloadsApiApi.download_file"
-      end
-      # resource path
-      local_var_path = '/csdownloads/entities/files/download/v1'
-
-      # query parameters
-      query_params = opts[:query_params] || {}
-      query_params[:'file_name'] = file_name
-      query_params[:'file_version'] = file_version
-
-      # header parameters
-      header_params = opts[:header_params] || {}
-      # HTTP header 'Accept' (if needed)
-      header_params['Accept'] = @api_client.select_header_accept(['application/json'])
-
-      # form parameters
-      form_params = opts[:form_params] || {}
-
-      # http body (model)
-      post_body = opts[:debug_body]
-
-      # return_type
-      return_type = opts[:debug_return_type] || 'CommonEntitiesResponse'
-
-      # auth_names
-      auth_names = opts[:debug_auth_names] || ['oauth2']
-
-      new_options = opts.merge(
-        :operation => :"DownloadsApiApi.download_file",
-        :header_params => header_params,
-        :query_params => query_params,
-        :form_params => form_params,
-        :body => post_body,
-        :auth_names => auth_names,
-        :return_type => return_type
-      )
-
-      data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
-      if @api_client.config.debugging
-        @api_client.config.logger.debug "API called: DownloadsApiApi#download_file\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
-      end
-      return data, status_code, headers
-    end
-
     # Enumerates a list of files available for CID
     # @param [Hash] opts the optional parameters
     # @option opts [String] :file_name Apply filtering on file name
@@ -130,7 +61,7 @@ module Falcon
     # @return [Array<(CommonEntitiesResponse, Integer, Hash)>] CommonEntitiesResponse data, response status code and response headers
     def enumerate_file_with_http_info(opts = {})
       if @api_client.config.debugging
-        @api_client.config.logger.debug 'Calling API: DownloadsApiApi.enumerate_file ...'
+        @api_client.config.logger.debug 'Calling API: DownloadsApi.enumerate_file ...'
       end
       # resource path
       local_var_path = '/csdownloads/entities/files/enumerate/v1'
@@ -162,7 +93,7 @@ module Falcon
       auth_names = opts[:debug_auth_names] || ['oauth2']
 
       new_options = opts.merge(
-        :operation => :"DownloadsApiApi.enumerate_file",
+        :operation => :"DownloadsApi.enumerate_file",
         :header_params => header_params,
         :query_params => query_params,
         :form_params => form_params,
@@ -173,7 +104,7 @@ module Falcon
 
       data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
       if @api_client.config.debugging
-        @api_client.config.logger.debug "API called: DownloadsApiApi#enumerate_file\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+        @api_client.config.logger.debug "API called: DownloadsApi#enumerate_file\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
       end
       return data, status_code, headers
     end

data/lib/crimson-falcon/api/{drift_indicators_api.rb → drift_indicators.rb}

@@ -30,7 +30,7 @@ SOFTWARE.
 require 'cgi'
 
 module Falcon
-  class DriftIndicatorsApi
+  class DriftIndicators
     attr_accessor :api_client
 
     def initialize(api_client = ApiClient.default)
@@ -38,7 +38,7 @@ module Falcon
     end
     # Returns the count of Drift Indicators by the date. by default it's for 7 days.
     # @param [Hash] opts the optional parameters
-    # @option opts [String] :filter Filter drift indicators using a query in Falcon Query Language (FQL). Supported filters: cid,cloud_name,command_line,container_id,file_name,file_sha256,host_id,indicator_process_id,namespace,occurred_at,parent_process_id,pod_name,prevented,scheduler_name,severity,worker_node_name
+    # @option opts [String] :filter Filter Drift Indicators using a query in Falcon Query Language (FQL). Supported filter fields: - `cid` - `cloud_name` - `command_line` - `container_id` - `file_name` - `file_sha256` - `host_id` - `indicator_process_id` - `namespace` - `occurred_at` - `parent_process_id` - `pod_name` - `prevented` - `scheduler_name` - `severity` - `worker_node_name`
     # @option opts [Integer] :limit The upper-bound on the number of records to retrieve.
     # @return [DriftindicatorsDriftIndicatorsFieldValue]
     def get_drift_indicators_values_by_date(opts = {})
@@ -48,12 +48,12 @@ module Falcon
 
     # Returns the count of Drift Indicators by the date. by default it's for 7 days.
     # @param [Hash] opts the optional parameters
-    # @option opts [String] :filter Filter drift indicators using a query in Falcon Query Language (FQL). Supported filters: cid,cloud_name,command_line,container_id,file_name,file_sha256,host_id,indicator_process_id,namespace,occurred_at,parent_process_id,pod_name,prevented,scheduler_name,severity,worker_node_name
+    # @option opts [String] :filter Filter Drift Indicators using a query in Falcon Query Language (FQL). Supported filter fields: - `cid` - `cloud_name` - `command_line` - `container_id` - `file_name` - `file_sha256` - `host_id` - `indicator_process_id` - `namespace` - `occurred_at` - `parent_process_id` - `pod_name` - `prevented` - `scheduler_name` - `severity` - `worker_node_name`
     # @option opts [Integer] :limit The upper-bound on the number of records to retrieve.
     # @return [Array<(DriftindicatorsDriftIndicatorsFieldValue, Integer, Hash)>] DriftindicatorsDriftIndicatorsFieldValue data, response status code and response headers
     def get_drift_indicators_values_by_date_with_http_info(opts = {})
       if @api_client.config.debugging
-        @api_client.config.logger.debug 'Calling API: DriftIndicatorsApi.get_drift_indicators_values_by_date ...'
+        @api_client.config.logger.debug 'Calling API: DriftIndicators.get_drift_indicators_values_by_date ...'
       end
       # resource path
       local_var_path = '/container-security/aggregates/drift-indicators/count-by-date/v1'
@@ -81,7 +81,7 @@ module Falcon
       auth_names = opts[:debug_auth_names] || ['oauth2']
 
       new_options = opts.merge(
-        :operation => :"DriftIndicatorsApi.get_drift_indicators_values_by_date",
+        :operation => :"DriftIndicators.get_drift_indicators_values_by_date",
         :header_params => header_params,
         :query_params => query_params,
         :form_params => form_params,
@@ -92,7 +92,7 @@ module Falcon
 
       data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
       if @api_client.config.debugging
-        @api_client.config.logger.debug "API called: DriftIndicatorsApi#get_drift_indicators_values_by_date\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+        @api_client.config.logger.debug "API called: DriftIndicators#get_drift_indicators_values_by_date\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
       end
       return data, status_code, headers
     end
@@ -112,7 +112,7 @@ module Falcon
     # @return [Array<(DriftindicatorsDriftEntityResponse, Integer, Hash)>] DriftindicatorsDriftEntityResponse data, response status code and response headers
     def read_drift_indicator_entities_with_http_info(opts = {})
       if @api_client.config.debugging
-        @api_client.config.logger.debug 'Calling API: DriftIndicatorsApi.read_drift_indicator_entities ...'
+        @api_client.config.logger.debug 'Calling API: DriftIndicators.read_drift_indicator_entities ...'
       end
       # resource path
       local_var_path = '/container-security/entities/drift-indicators/v1'
@@ -139,7 +139,7 @@ module Falcon
       auth_names = opts[:debug_auth_names] || ['oauth2']
 
       new_options = opts.merge(
-        :operation => :"DriftIndicatorsApi.read_drift_indicator_entities",
+        :operation => :"DriftIndicators.read_drift_indicator_entities",
         :header_params => header_params,
         :query_params => query_params,
         :form_params => form_params,
@@ -150,14 +150,14 @@ module Falcon
 
       data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
       if @api_client.config.debugging
-        @api_client.config.logger.debug "API called: DriftIndicatorsApi#read_drift_indicator_entities\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+        @api_client.config.logger.debug "API called: DriftIndicators#read_drift_indicator_entities\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
       end
       return data, status_code, headers
     end
 
     # Returns the total count of Drift indicators over a time period
     # @param [Hash] opts the optional parameters
-    # @option opts [String] :filter Filter images using a query in Falcon Query Language (FQL). Supported filters:  cid,cloud_name,command_line,container_id,file_name,file_sha256,host_id,indicator_process_id,namespace,occurred_at,parent_process_id,pod_name,prevented,scheduler_name,severity,worker_node_name
+    # @option opts [String] :filter Filter Drift Indicators using a query in Falcon Query Language (FQL). Supported filter fields: - &#x60;cid&#x60; - &#x60;cloud_name&#x60; - &#x60;command_line&#x60; - &#x60;container_id&#x60; - &#x60;file_name&#x60; - &#x60;file_sha256&#x60; - &#x60;host_id&#x60; - &#x60;indicator_process_id&#x60; - &#x60;namespace&#x60; - &#x60;occurred_at&#x60; - &#x60;parent_process_id&#x60; - &#x60;pod_name&#x60; - &#x60;prevented&#x60; - &#x60;scheduler_name&#x60; - &#x60;severity&#x60; - &#x60;worker_node_name&#x60;
     # @return [DriftindicatorsDriftIndicatorsCountValue]
     def read_drift_indicators_count(opts = {})
       data, _status_code, _headers = read_drift_indicators_count_with_http_info(opts)
@@ -166,11 +166,11 @@ module Falcon
 
     # Returns the total count of Drift indicators over a time period
     # @param [Hash] opts the optional parameters
-    # @option opts [String] :filter Filter images using a query in Falcon Query Language (FQL). Supported filters:  cid,cloud_name,command_line,container_id,file_name,file_sha256,host_id,indicator_process_id,namespace,occurred_at,parent_process_id,pod_name,prevented,scheduler_name,severity,worker_node_name
+    # @option opts [String] :filter Filter Drift Indicators using a query in Falcon Query Language (FQL). Supported filter fields: - &#x60;cid&#x60; - &#x60;cloud_name&#x60; - &#x60;command_line&#x60; - &#x60;container_id&#x60; - &#x60;file_name&#x60; - &#x60;file_sha256&#x60; - &#x60;host_id&#x60; - &#x60;indicator_process_id&#x60; - &#x60;namespace&#x60; - &#x60;occurred_at&#x60; - &#x60;parent_process_id&#x60; - &#x60;pod_name&#x60; - &#x60;prevented&#x60; - &#x60;scheduler_name&#x60; - &#x60;severity&#x60; - &#x60;worker_node_name&#x60;
     # @return [Array<(DriftindicatorsDriftIndicatorsCountValue, Integer, Hash)>] DriftindicatorsDriftIndicatorsCountValue data, response status code and response headers
     def read_drift_indicators_count_with_http_info(opts = {})
       if @api_client.config.debugging
-        @api_client.config.logger.debug 'Calling API: DriftIndicatorsApi.read_drift_indicators_count ...'
+        @api_client.config.logger.debug 'Calling API: DriftIndicators.read_drift_indicators_count ...'
       end
       # resource path
       local_var_path = '/container-security/aggregates/drift-indicators/count/v1'
@@ -197,7 +197,7 @@ module Falcon
       auth_names = opts[:debug_auth_names] || ['oauth2']
 
       new_options = opts.merge(
-        :operation => :"DriftIndicatorsApi.read_drift_indicators_count",
+        :operation => :"DriftIndicators.read_drift_indicators_count",
         :header_params => header_params,
         :query_params => query_params,
         :form_params => form_params,
@@ -208,33 +208,33 @@ module Falcon
 
       data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
       if @api_client.config.debugging
-        @api_client.config.logger.debug "API called: DriftIndicatorsApi#read_drift_indicators_count\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+        @api_client.config.logger.debug "API called: DriftIndicators#read_drift_indicators_count\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
       end
       return data, status_code, headers
     end
 
-    # Retrieve Drift Indicators by the provided search criteria
+    # Maximum offset = 10000 - limit
     # @param [Hash] opts the optional parameters
-    # @option opts [String] :filter Filter Drift Indicators using a query in Falcon Query Language (FQL). Supported filters:  cid, cloud_name, command_line, container_id, file_name, file_sha256, host_id, indicator_process_id, namespace, occurred_at, parent_process_id, pod_name, prevented, scheduler_name, severity, worker_node_name
-    # @option opts [Integer] :limit The upper-bound on the number of records to retrieve.
-    # @option opts [Integer] :offset The offset from where to begin.
+    # @option opts [String] :filter Filter Drift Indicators using a query in Falcon Query Language (FQL). Supported filter fields: - &#x60;cid&#x60; - &#x60;cloud_name&#x60; - &#x60;command_line&#x60; - &#x60;container_id&#x60; - &#x60;file_name&#x60; - &#x60;file_sha256&#x60; - &#x60;host_id&#x60; - &#x60;indicator_process_id&#x60; - &#x60;namespace&#x60; - &#x60;occurred_at&#x60; - &#x60;parent_process_id&#x60; - &#x60;pod_name&#x60; - &#x60;prevented&#x60; - &#x60;scheduler_name&#x60; - &#x60;severity&#x60; - &#x60;worker_node_name&#x60;
     # @option opts [String] :sort The fields to sort the records on.
+    # @option opts [Integer] :limit The upper-bound on the number of records to retrieve. (default to 100)
+    # @option opts [Integer] :offset The offset from where to begin.
     # @return [DriftindicatorsDriftEntityResponse]
     def search_and_read_drift_indicator_entities(opts = {})
       data, _status_code, _headers = search_and_read_drift_indicator_entities_with_http_info(opts)
       data
     end
 
-    # Retrieve Drift Indicators by the provided search criteria
+    # Maximum offset &#x3D; 10000 - limit
     # @param [Hash] opts the optional parameters
-    # @option opts [String] :filter Filter Drift Indicators using a query in Falcon Query Language (FQL). Supported filters:  cid, cloud_name, command_line, container_id, file_name, file_sha256, host_id, indicator_process_id, namespace, occurred_at, parent_process_id, pod_name, prevented, scheduler_name, severity, worker_node_name
-    # @option opts [Integer] :limit The upper-bound on the number of records to retrieve.
-    # @option opts [Integer] :offset The offset from where to begin.
+    # @option opts [String] :filter Filter Drift Indicators using a query in Falcon Query Language (FQL). Supported filter fields: - &#x60;cid&#x60; - &#x60;cloud_name&#x60; - &#x60;command_line&#x60; - &#x60;container_id&#x60; - &#x60;file_name&#x60; - &#x60;file_sha256&#x60; - &#x60;host_id&#x60; - &#x60;indicator_process_id&#x60; - &#x60;namespace&#x60; - &#x60;occurred_at&#x60; - &#x60;parent_process_id&#x60; - &#x60;pod_name&#x60; - &#x60;prevented&#x60; - &#x60;scheduler_name&#x60; - &#x60;severity&#x60; - &#x60;worker_node_name&#x60;
     # @option opts [String] :sort The fields to sort the records on.
+    # @option opts [Integer] :limit The upper-bound on the number of records to retrieve. (default to 100)
+    # @option opts [Integer] :offset The offset from where to begin.
     # @return [Array<(DriftindicatorsDriftEntityResponse, Integer, Hash)>] DriftindicatorsDriftEntityResponse data, response status code and response headers
     def search_and_read_drift_indicator_entities_with_http_info(opts = {})
       if @api_client.config.debugging
-        @api_client.config.logger.debug 'Calling API: DriftIndicatorsApi.search_and_read_drift_indicator_entities ...'
+        @api_client.config.logger.debug 'Calling API: DriftIndicators.search_and_read_drift_indicator_entities ...'
       end
       # resource path
       local_var_path = '/container-security/combined/drift-indicators/v1'
@@ -242,9 +242,9 @@ module Falcon
       # query parameters
       query_params = opts[:query_params] || {}
       query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil?
+      query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
       query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil?
       query_params[:'offset'] = opts[:'offset'] if !opts[:'offset'].nil?
-      query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
 
       # header parameters
       header_params = opts[:header_params] || {}
@@ -264,7 +264,7 @@ module Falcon
       auth_names = opts[:debug_auth_names] || ['oauth2']
 
       new_options = opts.merge(
-        :operation => :"DriftIndicatorsApi.search_and_read_drift_indicator_entities",
+        :operation => :"DriftIndicators.search_and_read_drift_indicator_entities",
         :header_params => header_params,
         :query_params => query_params,
         :form_params => form_params,
@@ -275,33 +275,33 @@ module Falcon
 
       data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
       if @api_client.config.debugging
-        @api_client.config.logger.debug "API called: DriftIndicatorsApi#search_and_read_drift_indicator_entities\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+        @api_client.config.logger.debug "API called: DriftIndicators#search_and_read_drift_indicator_entities\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
       end
       return data, status_code, headers
     end
 
-    # Retrieve all drift indicators that match the given query
+    # Maximum offset = 10000 - limit
     # @param [Hash] opts the optional parameters
-    # @option opts [String] :filter Filter Drift Indicators using a query in Falcon Query Language (FQL). Supported filters:  cid, cloud_name, command_line, container_id, file_name, file_sha256, host_id, indicator_process_id, namespace, occurred_at, parent_process_id, pod_name, prevented, scheduler_name, severity, worker_node_name
-    # @option opts [Integer] :limit The upper-bound on the number of records to retrieve.
-    # @option opts [Integer] :offset The offset from where to begin.
+    # @option opts [String] :filter Filter Drift Indicators using a query in Falcon Query Language (FQL). Supported filter fields: - &#x60;cid&#x60; - &#x60;cloud_name&#x60; - &#x60;command_line&#x60; - &#x60;container_id&#x60; - &#x60;file_name&#x60; - &#x60;file_sha256&#x60; - &#x60;host_id&#x60; - &#x60;indicator_process_id&#x60; - &#x60;namespace&#x60; - &#x60;occurred_at&#x60; - &#x60;parent_process_id&#x60; - &#x60;pod_name&#x60; - &#x60;prevented&#x60; - &#x60;scheduler_name&#x60; - &#x60;severity&#x60; - &#x60;worker_node_name&#x60;
     # @option opts [String] :sort The fields to sort the records on.
+    # @option opts [Integer] :limit The upper-bound on the number of records to retrieve. (default to 100)
+    # @option opts [Integer] :offset The offset from where to begin.
     # @return [MsaspecQueryResponse]
     def search_drift_indicators(opts = {})
       data, _status_code, _headers = search_drift_indicators_with_http_info(opts)
       data
     end
 
-    # Retrieve all drift indicators that match the given query
+    # Maximum offset &#x3D; 10000 - limit
     # @param [Hash] opts the optional parameters
-    # @option opts [String] :filter Filter Drift Indicators using a query in Falcon Query Language (FQL). Supported filters:  cid, cloud_name, command_line, container_id, file_name, file_sha256, host_id, indicator_process_id, namespace, occurred_at, parent_process_id, pod_name, prevented, scheduler_name, severity, worker_node_name
-    # @option opts [Integer] :limit The upper-bound on the number of records to retrieve.
-    # @option opts [Integer] :offset The offset from where to begin.
+    # @option opts [String] :filter Filter Drift Indicators using a query in Falcon Query Language (FQL). Supported filter fields: - &#x60;cid&#x60; - &#x60;cloud_name&#x60; - &#x60;command_line&#x60; - &#x60;container_id&#x60; - &#x60;file_name&#x60; - &#x60;file_sha256&#x60; - &#x60;host_id&#x60; - &#x60;indicator_process_id&#x60; - &#x60;namespace&#x60; - &#x60;occurred_at&#x60; - &#x60;parent_process_id&#x60; - &#x60;pod_name&#x60; - &#x60;prevented&#x60; - &#x60;scheduler_name&#x60; - &#x60;severity&#x60; - &#x60;worker_node_name&#x60;
     # @option opts [String] :sort The fields to sort the records on.
+    # @option opts [Integer] :limit The upper-bound on the number of records to retrieve. (default to 100)
+    # @option opts [Integer] :offset The offset from where to begin.
     # @return [Array<(MsaspecQueryResponse, Integer, Hash)>] MsaspecQueryResponse data, response status code and response headers
     def search_drift_indicators_with_http_info(opts = {})
       if @api_client.config.debugging
-        @api_client.config.logger.debug 'Calling API: DriftIndicatorsApi.search_drift_indicators ...'
+        @api_client.config.logger.debug 'Calling API: DriftIndicators.search_drift_indicators ...'
       end
       # resource path
       local_var_path = '/container-security/queries/drift-indicators/v1'
@@ -309,9 +309,9 @@ module Falcon
       # query parameters
       query_params = opts[:query_params] || {}
       query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil?
+      query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
       query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil?
       query_params[:'offset'] = opts[:'offset'] if !opts[:'offset'].nil?
-      query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
 
       # header parameters
       header_params = opts[:header_params] || {}
@@ -331,7 +331,7 @@ module Falcon
       auth_names = opts[:debug_auth_names] || ['oauth2']
 
       new_options = opts.merge(
-        :operation => :"DriftIndicatorsApi.search_drift_indicators",
+        :operation => :"DriftIndicators.search_drift_indicators",
         :header_params => header_params,
         :query_params => query_params,
         :form_params => form_params,
@@ -342,7 +342,7 @@ module Falcon
 
       data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
       if @api_client.config.debugging
-        @api_client.config.logger.debug "API called: DriftIndicatorsApi#search_drift_indicators\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+        @api_client.config.logger.debug "API called: DriftIndicators#search_drift_indicators\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
       end
       return data, status_code, headers
     end

data/lib/crimson-falcon/api/{event_schema_api.rb → event_schema.rb}

@@ -30,7 +30,7 @@ SOFTWARE.
 require 'cgi'
 
 module Falcon
-  class EventSchemaApi
+  class EventSchema
     attr_accessor :api_client
 
     def initialize(api_client = ApiClient.default)
@@ -49,7 +49,7 @@ module Falcon
     # @return [Array<(SchemaSensorEventResponseV1, Integer, Hash)>] SchemaSensorEventResponseV1 data, response status code and response headers
     def fdrschema_combined_event_get_with_http_info(opts = {})
       if @api_client.config.debugging
-        @api_client.config.logger.debug 'Calling API: EventSchemaApi.fdrschema_combined_event_get ...'
+        @api_client.config.logger.debug 'Calling API: EventSchema.fdrschema_combined_event_get ...'
       end
       # resource path
       local_var_path = '/fdr/combined/schema-members/v1'
@@ -75,7 +75,7 @@ module Falcon
       auth_names = opts[:debug_auth_names] || ['oauth2']
 
       new_options = opts.merge(
-        :operation => :"EventSchemaApi.fdrschema_combined_event_get",
+        :operation => :"EventSchema.fdrschema_combined_event_get",
         :header_params => header_params,
         :query_params => query_params,
         :form_params => form_params,
@@ -86,7 +86,7 @@ module Falcon
 
       data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
       if @api_client.config.debugging
-        @api_client.config.logger.debug "API called: EventSchemaApi#fdrschema_combined_event_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+        @api_client.config.logger.debug "API called: EventSchema#fdrschema_combined_event_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
       end
       return data, status_code, headers
     end
@@ -106,7 +106,7 @@ module Falcon
     # @return [Array<(SchemaSensorEventResponseV1, Integer, Hash)>] SchemaSensorEventResponseV1 data, response status code and response headers
     def fdrschema_entities_event_get_with_http_info(opts = {})
       if @api_client.config.debugging
-        @api_client.config.logger.debug 'Calling API: EventSchemaApi.fdrschema_entities_event_get ...'
+        @api_client.config.logger.debug 'Calling API: EventSchema.fdrschema_entities_event_get ...'
       end
       # resource path
       local_var_path = '/fdr/entities/schema-events/v1'
@@ -133,7 +133,7 @@ module Falcon
       auth_names = opts[:debug_auth_names] || ['oauth2']
 
       new_options = opts.merge(
-        :operation => :"EventSchemaApi.fdrschema_entities_event_get",
+        :operation => :"EventSchema.fdrschema_entities_event_get",
         :header_params => header_params,
         :query_params => query_params,
         :form_params => form_params,
@@ -144,7 +144,7 @@ module Falcon
 
       data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
       if @api_client.config.debugging
-        @api_client.config.logger.debug "API called: EventSchemaApi#fdrschema_entities_event_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+        @api_client.config.logger.debug "API called: EventSchema#fdrschema_entities_event_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
       end
       return data, status_code, headers
     end
@@ -170,7 +170,7 @@ module Falcon
     # @return [Array<(MsaspecQueryResponse, Integer, Hash)>] MsaspecQueryResponse data, response status code and response headers
     def fdrschema_queries_event_get_with_http_info(opts = {})
       if @api_client.config.debugging
-        @api_client.config.logger.debug 'Calling API: EventSchemaApi.fdrschema_queries_event_get ...'
+        @api_client.config.logger.debug 'Calling API: EventSchema.fdrschema_queries_event_get ...'
       end
       # resource path
       local_var_path = '/fdr/queries/schema-events/v1'
@@ -200,7 +200,7 @@ module Falcon
       auth_names = opts[:debug_auth_names] || ['oauth2']
 
       new_options = opts.merge(
-        :operation => :"EventSchemaApi.fdrschema_queries_event_get",
+        :operation => :"EventSchema.fdrschema_queries_event_get",
         :header_params => header_params,
         :query_params => query_params,
         :form_params => form_params,
@@ -211,7 +211,7 @@ module Falcon
 
       data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
       if @api_client.config.debugging
-        @api_client.config.logger.debug "API called: EventSchemaApi#fdrschema_queries_event_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+        @api_client.config.logger.debug "API called: EventSchema#fdrschema_queries_event_get\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
       end
       return data, status_code, headers
     end

data/lib/crimson-falcon/api/{event_streams_api.rb → event_streams.rb}

@@ -30,7 +30,7 @@ SOFTWARE.
 require 'cgi'
 
 module Falcon
-  class EventStreamsApi
+  class EventStreams
     attr_accessor :api_client
 
     def initialize(api_client = ApiClient.default)
@@ -53,11 +53,11 @@ module Falcon
     # @return [Array<(MainDiscoveryResponseV2, Integer, Hash)>] MainDiscoveryResponseV2 data, response status code and response headers
     def list_available_streams_o_auth2_with_http_info(app_id, opts = {})
       if @api_client.config.debugging
-        @api_client.config.logger.debug 'Calling API: EventStreamsApi.list_available_streams_o_auth2 ...'
+        @api_client.config.logger.debug 'Calling API: EventStreams.list_available_streams_o_auth2 ...'
       end
       # verify the required parameter 'app_id' is set
       if @api_client.config.client_side_validation && app_id.nil?
-        fail ArgumentError, "Missing the required parameter 'app_id' when calling EventStreamsApi.list_available_streams_o_auth2"
+        fail ArgumentError, "Missing the required parameter 'app_id' when calling EventStreams.list_available_streams_o_auth2"
       end
       # resource path
       local_var_path = '/sensors/entities/datafeed/v2'
@@ -85,7 +85,7 @@ module Falcon
       auth_names = opts[:debug_auth_names] || ['oauth2']
 
       new_options = opts.merge(
-        :operation => :"EventStreamsApi.list_available_streams_o_auth2",
+        :operation => :"EventStreams.list_available_streams_o_auth2",
         :header_params => header_params,
         :query_params => query_params,
         :form_params => form_params,
@@ -96,7 +96,7 @@ module Falcon
 
       data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
       if @api_client.config.debugging
-        @api_client.config.logger.debug "API called: EventStreamsApi#list_available_streams_o_auth2\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+        @api_client.config.logger.debug "API called: EventStreams#list_available_streams_o_auth2\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
       end
       return data, status_code, headers
     end
@@ -120,19 +120,19 @@ module Falcon
     # @return [Array<(MsaReplyMetaOnly, Integer, Hash)>] MsaReplyMetaOnly data, response status code and response headers
     def refresh_active_stream_session_with_http_info(action_name, app_id, partition, opts = {})
       if @api_client.config.debugging
-        @api_client.config.logger.debug 'Calling API: EventStreamsApi.refresh_active_stream_session ...'
+        @api_client.config.logger.debug 'Calling API: EventStreams.refresh_active_stream_session ...'
       end
       # verify the required parameter 'action_name' is set
       if @api_client.config.client_side_validation && action_name.nil?
-        fail ArgumentError, "Missing the required parameter 'action_name' when calling EventStreamsApi.refresh_active_stream_session"
+        fail ArgumentError, "Missing the required parameter 'action_name' when calling EventStreams.refresh_active_stream_session"
       end
       # verify the required parameter 'app_id' is set
       if @api_client.config.client_side_validation && app_id.nil?
-        fail ArgumentError, "Missing the required parameter 'app_id' when calling EventStreamsApi.refresh_active_stream_session"
+        fail ArgumentError, "Missing the required parameter 'app_id' when calling EventStreams.refresh_active_stream_session"
       end
       # verify the required parameter 'partition' is set
       if @api_client.config.client_side_validation && partition.nil?
-        fail ArgumentError, "Missing the required parameter 'partition' when calling EventStreamsApi.refresh_active_stream_session"
+        fail ArgumentError, "Missing the required parameter 'partition' when calling EventStreams.refresh_active_stream_session"
       end
       # resource path
       local_var_path = '/sensors/entities/datafeed-actions/v1/{partition}'.sub('{' + 'partition' + '}', CGI.escape(partition.to_s))
@@ -160,7 +160,7 @@ module Falcon
       auth_names = opts[:debug_auth_names] || ['oauth2']
 
       new_options = opts.merge(
-        :operation => :"EventStreamsApi.refresh_active_stream_session",
+        :operation => :"EventStreams.refresh_active_stream_session",
         :header_params => header_params,
         :query_params => query_params,
         :form_params => form_params,
@@ -171,7 +171,7 @@ module Falcon
 
       data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
       if @api_client.config.debugging
-        @api_client.config.logger.debug "API called: EventStreamsApi#refresh_active_stream_session\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+        @api_client.config.logger.debug "API called: EventStreams#refresh_active_stream_session\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
       end
       return data, status_code, headers
     end