crimson-falcon 1.0.0 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (800) hide show
  1. checksums.yaml +4 -4
  2. data/README.md +886 -197
  3. data/lib/crimson-falcon/api/alerts.rb +4 -4
  4. data/lib/crimson-falcon/api/api_integrations.rb +1 -1
  5. data/lib/crimson-falcon/api/aspm.rb +2144 -275
  6. data/lib/crimson-falcon/api/cao_hunting.rb +305 -0
  7. data/lib/crimson-falcon/api/cloud_aws_registration.rb +0 -85
  8. data/lib/crimson-falcon/api/cloud_azure_registration.rb +5 -5
  9. data/lib/crimson-falcon/api/cloud_oci_registration.rb +509 -0
  10. data/lib/crimson-falcon/api/cloud_security_assets.rb +93 -4
  11. data/lib/crimson-falcon/api/cloud_snapshots.rb +6 -6
  12. data/lib/crimson-falcon/api/{compliance_assessments.rb → container_image_compliance.rb} +56 -56
  13. data/lib/crimson-falcon/api/container_images.rb +20 -14
  14. data/lib/crimson-falcon/api/container_packages.rb +75 -6
  15. data/lib/crimson-falcon/api/container_vulnerabilities.rb +2 -2
  16. data/lib/crimson-falcon/api/content_update_policies.rb +90 -16
  17. data/lib/crimson-falcon/api/correlation_rules.rb +538 -3
  18. data/lib/crimson-falcon/api/cspg_iac.rb +3 -3
  19. data/lib/crimson-falcon/api/cspm_registration.rb +9 -134
  20. data/lib/crimson-falcon/api/custom_storage.rb +463 -0
  21. data/lib/crimson-falcon/api/d4c_registration.rb +40 -5
  22. data/lib/crimson-falcon/api/datascanner.rb +1 -1
  23. data/lib/crimson-falcon/api/default.rb +156 -0
  24. data/lib/crimson-falcon/api/device_control_with_bluetooth.rb +420 -0
  25. data/lib/crimson-falcon/api/discover.rb +2 -66
  26. data/lib/crimson-falcon/api/execution.rb +122 -0
  27. data/lib/crimson-falcon/api/exposure_management.rb +66 -0
  28. data/lib/crimson-falcon/api/falconx_sandbox.rb +8 -8
  29. data/lib/crimson-falcon/api/foundry_logscale.rb +8 -8
  30. data/lib/crimson-falcon/api/host_migration.rb +6 -6
  31. data/lib/crimson-falcon/api/hosts.rb +148 -0
  32. data/lib/crimson-falcon/api/installation_tokens.rb +3 -3
  33. data/lib/crimson-falcon/api/installation_tokens_settings.rb +3 -3
  34. data/lib/crimson-falcon/api/intel.rb +10 -10
  35. data/lib/crimson-falcon/api/intelligence_feeds.rb +228 -0
  36. data/lib/crimson-falcon/api/intelligence_indicator_graph.rb +69 -10
  37. data/lib/crimson-falcon/api/kubernetes_container_compliance.rb +591 -0
  38. data/lib/crimson-falcon/api/kubernetes_protection.rb +100 -30
  39. data/lib/crimson-falcon/api/lookup_files.rb +28 -0
  40. data/lib/crimson-falcon/api/{humio_auth_proxy.rb → ngsiem.rb} +74 -51
  41. data/lib/crimson-falcon/api/quarantine.rb +3 -3
  42. data/lib/crimson-falcon/api/quick_scan.rb +6 -6
  43. data/lib/crimson-falcon/api/quick_scan_pro.rb +2 -2
  44. data/lib/crimson-falcon/api/release_notes.rb +5 -5
  45. data/lib/crimson-falcon/api/{vulnerabilities.rb → serverless_vulnerabilities.rb} +4 -4
  46. data/lib/crimson-falcon/api/spotlight_vulnerabilities.rb +4 -4
  47. data/lib/crimson-falcon/api/tailored_intelligence.rb +373 -0
  48. data/lib/crimson-falcon/api/threatgraph.rb +4 -4
  49. data/lib/crimson-falcon/api/user_management.rb +175 -13
  50. data/lib/crimson-falcon/api/workflows.rb +72 -0
  51. data/lib/crimson-falcon/models/activities_activity.rb +13 -1
  52. data/lib/crimson-falcon/models/activities_dependency.rb +285 -0
  53. data/lib/crimson-falcon/models/api_aggregates_response_v1.rb +266 -0
  54. data/lib/crimson-falcon/models/api_collection_metadata.rb +397 -0
  55. data/lib/crimson-falcon/models/api_create_rule_notification_config.rb +297 -0
  56. data/lib/crimson-falcon/models/api_create_rule_notifications.rb +264 -0
  57. data/lib/crimson-falcon/models/api_get_entities_rule_versions_response_v1.rb +266 -0
  58. data/lib/crimson-falcon/models/api_indexed_fields.rb +267 -0
  59. data/lib/crimson-falcon/models/api_intelligence_query_aggregates_response.rb +266 -0
  60. data/lib/crimson-falcon/models/api_intelligence_query_entity.rb +516 -0
  61. data/lib/crimson-falcon/models/api_intelligence_query_entity_response.rb +266 -0
  62. data/lib/crimson-falcon/models/api_job_link_response_v1.rb +266 -0
  63. data/lib/crimson-falcon/models/api_meta_info.rb +1 -4
  64. data/lib/crimson-falcon/models/api_paging.rb +275 -0
  65. data/lib/crimson-falcon/models/api_patch_rule_notification_config_v1.rb +272 -0
  66. data/lib/crimson-falcon/models/api_patch_rule_notifications_v1.rb +254 -0
  67. data/lib/crimson-falcon/models/api_patch_rule_search_v1.rb +13 -4
  68. data/lib/crimson-falcon/models/api_query_event_distribution.rb +285 -0
  69. data/lib/crimson-falcon/models/api_query_job_around_input.rb +281 -0
  70. data/lib/crimson-falcon/models/api_query_job_input.rb +359 -0
  71. data/lib/crimson-falcon/models/api_query_job_response.rb +255 -0
  72. data/lib/crimson-falcon/models/api_query_jobs_results.rb +351 -0
  73. data/lib/crimson-falcon/models/api_query_metadata_json.rb +553 -0
  74. data/lib/crimson-falcon/models/api_rule_create_request_v1.rb +37 -1
  75. data/lib/crimson-falcon/models/api_rule_patch_request_v1.rb +41 -1
  76. data/lib/crimson-falcon/models/api_rule_search_v1.rb +13 -4
  77. data/lib/crimson-falcon/models/api_rule_v1.rb +203 -132
  78. data/lib/crimson-falcon/models/{common_credentials.rb → api_rule_version_publish_request_v1.rb} +13 -13
  79. data/lib/crimson-falcon/models/{api_rule_operation_v1.rb → api_rule_version_report_request.rb} +30 -34
  80. data/lib/crimson-falcon/models/api_rule_version_sorted_search.rb +253 -0
  81. data/lib/crimson-falcon/models/api_schema_metadata.rb +366 -0
  82. data/lib/crimson-falcon/models/api_user_metadata.rb +266 -0
  83. data/lib/crimson-falcon/models/api_warning_json.rb +284 -0
  84. data/lib/crimson-falcon/models/api_workflow_metadata.rb +295 -0
  85. data/lib/crimson-falcon/models/aspm_data.rb +276 -0
  86. data/lib/crimson-falcon/models/assets_compliance_response.rb +261 -0
  87. data/lib/crimson-falcon/models/{rest_azure_download_script_request_data.rb → azure_azure_download_script_request_data.rb} +3 -3
  88. data/lib/crimson-falcon/models/azure_azure_download_script_request_v1.rb +241 -0
  89. data/lib/crimson-falcon/models/azure_azure_provision_get_account_script_response_v1.rb +266 -0
  90. data/lib/crimson-falcon/models/{rest_azure_script.rb → azure_azure_script.rb} +3 -3
  91. data/lib/crimson-falcon/models/{domain_azure_role_assignment.rb → azure_db_role_assignment.rb} +22 -4
  92. data/lib/crimson-falcon/models/{domain_azure_resource_permission.rb → azure_resource_permission.rb} +3 -3
  93. data/lib/crimson-falcon/models/common_count_as_resource.rb +18 -4
  94. data/lib/crimson-falcon/models/common_count_response.rb +20 -20
  95. data/lib/crimson-falcon/models/{domain_content_update_settings_v1.rb → content_update_content_update_settings_req_v1.rb} +4 -4
  96. data/lib/crimson-falcon/models/content_update_create_policy_req_v1.rb +1 -1
  97. data/lib/crimson-falcon/models/content_update_policy_v1.rb +440 -0
  98. data/lib/crimson-falcon/models/content_update_resp_v1.rb +272 -0
  99. data/lib/crimson-falcon/models/content_update_ring_assignment_override_setting_v1.rb +239 -0
  100. data/lib/crimson-falcon/models/{domain_ring_assignment_settings_v1.rb → content_update_ring_assignment_settings_req_v1.rb} +19 -19
  101. data/lib/crimson-falcon/models/content_update_ring_assignment_settings_v1.rb +43 -1
  102. data/lib/crimson-falcon/models/content_update_update_policy_req_v1.rb +1 -1
  103. data/lib/crimson-falcon/models/costs.rb +285 -0
  104. data/lib/crimson-falcon/models/custom_type1942251022.rb +271 -0
  105. data/lib/crimson-falcon/models/{common_registry_credentials_response.rb → custom_type4161059146.rb} +8 -6
  106. data/lib/crimson-falcon/models/dataclassifications_data_classification_finding.rb +267 -0
  107. data/lib/crimson-falcon/models/dataclassifications_response.rb +12 -1
  108. data/lib/crimson-falcon/models/day.rb +270 -0
  109. data/lib/crimson-falcon/models/detects_external_alert.rb +33 -1
  110. data/lib/crimson-falcon/models/detects_mitre_attack_mapping.rb +275 -0
  111. data/lib/crimson-falcon/models/device_control_req_update_default_settings_v1.rb +243 -0
  112. data/lib/crimson-falcon/models/device_control_resp_default_setting_v1.rb +268 -0
  113. data/lib/crimson-falcon/models/device_control_resp_update_default_settings_v1.rb +302 -0
  114. data/lib/crimson-falcon/models/device_device.rb +10 -1
  115. data/lib/crimson-falcon/models/device_device_policy.rb +10 -1
  116. data/lib/crimson-falcon/models/device_mapped_device_policies.rb +46 -19
  117. data/lib/crimson-falcon/models/{releasenotes_entities_get_response_wrapper.rb → deviceapi_device_combined_response_swagger.rb} +8 -6
  118. data/lib/crimson-falcon/models/deviceapi_device_paging_v2.rb +289 -0
  119. data/lib/crimson-falcon/models/deviceapi_device_swagger.rb +1 -1
  120. data/lib/crimson-falcon/models/deviceapi_mapped_device_policies_swagger.rb +459 -0
  121. data/lib/crimson-falcon/models/deviceapi_meta_info.rb +280 -0
  122. data/lib/crimson-falcon/models/devicecontent_content_category.rb +22 -4
  123. data/lib/crimson-falcon/models/devicecontent_state.rb +19 -1
  124. data/lib/crimson-falcon/models/devicecontrolapi_bluetooth_class.rb +274 -0
  125. data/lib/crimson-falcon/models/devicecontrolapi_bluetooth_custom_notifications.rb +234 -0
  126. data/lib/crimson-falcon/models/devicecontrolapi_bluetooth_exception.rb +376 -0
  127. data/lib/crimson-falcon/models/devicecontrolapi_bluetooth_exception_base.rb +331 -0
  128. data/lib/crimson-falcon/models/devicecontrolapi_bluetooth_minor_class.rb +252 -0
  129. data/lib/crimson-falcon/models/devicecontrolapi_bluetooth_settings.rb +263 -0
  130. data/lib/crimson-falcon/models/devicecontrolapi_custom_notification.rb +255 -0
  131. data/lib/crimson-falcon/models/devicecontrolapi_req_create_policies_v1.rb +242 -0
  132. data/lib/crimson-falcon/models/devicecontrolapi_req_create_policy_v1.rb +317 -0
  133. data/lib/crimson-falcon/models/devicecontrolapi_req_update_base_v1_external.rb +278 -0
  134. data/lib/crimson-falcon/models/devicecontrolapi_req_update_bases_v1_external.rb +242 -0
  135. data/lib/crimson-falcon/models/devicecontrolapi_req_update_bluetooth_base_v1.rb +315 -0
  136. data/lib/crimson-falcon/models/devicecontrolapi_req_update_bluetooth_class_v1.rb +306 -0
  137. data/lib/crimson-falcon/models/devicecontrolapi_req_update_bluetooth_classes_v1.rb +276 -0
  138. data/lib/crimson-falcon/models/devicecontrolapi_req_update_bluetooth_minor_class_v1.rb +289 -0
  139. data/lib/crimson-falcon/models/devicecontrolapi_req_update_policies_classes_v1.rb +241 -0
  140. data/lib/crimson-falcon/models/devicecontrolapi_req_update_policy_classes_v1.rb +257 -0
  141. data/lib/crimson-falcon/models/devicecontrolapi_req_update_usb_base_v1.rb +331 -0
  142. data/lib/crimson-falcon/models/devicecontrolapi_req_update_usb_base_v1_external.rb +309 -0
  143. data/lib/crimson-falcon/models/{domain_create_submission_v1_error_response.rb → devicecontrolapi_req_update_usb_class_v1.rb} +40 -54
  144. data/lib/crimson-falcon/models/devicecontrolapi_req_update_usb_classes_v1.rb +276 -0
  145. data/lib/crimson-falcon/models/devicecontrolapi_resp_msa_error_v1.rb +271 -0
  146. data/lib/crimson-falcon/models/devicecontrolapi_resp_msa_meta_v1.rb +276 -0
  147. data/lib/crimson-falcon/models/{domain_assessment_paging.rb → devicecontrolapi_resp_paging_details_v1.rb} +10 -14
  148. data/lib/crimson-falcon/models/devicecontrolapi_resp_policies_v2.rb +268 -0
  149. data/lib/crimson-falcon/models/{domain_content_update_policy_resp_v1.rb → devicecontrolapi_resp_policy_v2.rb} +67 -51
  150. data/lib/crimson-falcon/models/devicecontrolapi_resp_usb_class_settings_v2.rb +287 -0
  151. data/lib/crimson-falcon/models/devicecontrolapi_resp_usb_exception_v2.rb +404 -0
  152. data/lib/crimson-falcon/models/devicecontrolapi_resp_usb_settings_v2.rb +306 -0
  153. data/lib/crimson-falcon/models/devicecontrolapi_usb_custom_notification.rb +253 -0
  154. data/lib/crimson-falcon/models/devicecontrolapi_usb_custom_notifications.rb +243 -0
  155. data/lib/crimson-falcon/models/devicecontrolapi_usb_exception_base.rb +396 -0
  156. data/lib/crimson-falcon/models/digest_flow.rb +270 -0
  157. data/lib/crimson-falcon/models/domain_actor_document.rb +22 -12
  158. data/lib/crimson-falcon/models/domain_api_aggregate_compliance_by_asset_type_v1.rb +311 -0
  159. data/lib/crimson-falcon/models/domain_api_aggregate_compliance_by_cluster_type_v1.rb +311 -0
  160. data/lib/crimson-falcon/models/domain_api_aggregate_compliance_by_framework_v1.rb +339 -0
  161. data/lib/crimson-falcon/models/domain_api_aggregate_failed_rules_by_clusters_v3.rb +309 -0
  162. data/lib/crimson-falcon/models/domain_api_aggregate_group_by_clusters_v2.rb +519 -0
  163. data/lib/crimson-falcon/models/domain_api_aggregate_response_compliance_by_asset_type_v1.rb +266 -0
  164. data/lib/crimson-falcon/models/domain_api_aggregate_response_compliance_by_asset_type_v1_resources.rb +255 -0
  165. data/lib/crimson-falcon/models/domain_api_aggregate_response_compliance_by_cluster_type_v1.rb +266 -0
  166. data/lib/crimson-falcon/models/domain_api_aggregate_response_compliance_by_cluster_type_v1_resources.rb +255 -0
  167. data/lib/crimson-falcon/models/domain_api_aggregate_response_compliance_by_framework_v1.rb +266 -0
  168. data/lib/crimson-falcon/models/domain_api_aggregate_response_compliance_by_framework_v1_resources.rb +255 -0
  169. data/lib/crimson-falcon/models/domain_api_aggregate_response_failed_rules_by_clusters_type_v2.rb +266 -0
  170. data/lib/crimson-falcon/models/domain_api_aggregate_response_failed_rules_by_clusters_type_v2_resources.rb +255 -0
  171. data/lib/crimson-falcon/models/domain_api_aggregate_response_group_by_clusters_v2.rb +266 -0
  172. data/lib/crimson-falcon/models/domain_api_aggregate_response_group_by_clusters_v2_resources.rb +255 -0
  173. data/lib/crimson-falcon/models/domain_api_aggregate_response_group_by_rules_v1.rb +266 -0
  174. data/lib/crimson-falcon/models/domain_api_aggregate_response_group_by_rules_v1_resources.rb +255 -0
  175. data/lib/crimson-falcon/models/domain_api_aggregate_response_top_failed_images_v1.rb +266 -0
  176. data/lib/crimson-falcon/models/domain_api_aggregate_response_top_failed_images_v1_resources.rb +255 -0
  177. data/lib/crimson-falcon/models/domain_api_aggregate_top_failed_images_v1.rb +337 -0
  178. data/lib/crimson-falcon/models/domain_api_aggregation_group_by_rules_result_v1.rb +388 -0
  179. data/lib/crimson-falcon/models/domain_api_asset_compliance_finding_v1.rb +346 -0
  180. data/lib/crimson-falcon/models/domain_api_combined_images_findings.rb +325 -0
  181. data/lib/crimson-falcon/models/domain_api_combined_nodes_findings.rb +359 -0
  182. data/lib/crimson-falcon/models/domain_api_entity_matched_v1.rb +252 -0
  183. data/lib/crimson-falcon/models/domain_api_error.rb +27 -25
  184. data/lib/crimson-falcon/models/domain_api_evaluation_logic_host_info_v1.rb +242 -0
  185. data/lib/crimson-falcon/models/domain_api_evaluation_logic_item_v1.rb +10 -15
  186. data/lib/crimson-falcon/models/domain_api_evaluation_logic_v1.rb +48 -10
  187. data/lib/crimson-falcon/models/{flightcontrolapi_user_grant_response.rb → domain_api_response_images_findings_v1.rb} +5 -5
  188. data/lib/crimson-falcon/models/{rest_aws_account_validation_response.rb → domain_api_response_nodes_findings_v1.rb} +5 -5
  189. data/lib/crimson-falcon/models/domain_api_rule_metadata.rb +405 -0
  190. data/lib/crimson-falcon/models/domain_api_simplified_evaluation_logic_item_v1.rb +297 -0
  191. data/lib/crimson-falcon/models/domain_api_vulnerability_data_provider_v1.rb +11 -1
  192. data/lib/crimson-falcon/models/domain_api_vulnerability_host_facet_v2.rb +11 -1
  193. data/lib/crimson-falcon/models/domain_api_vulnerability_network_scan.rb +245 -0
  194. data/lib/crimson-falcon/models/domain_api_vulnerability_network_scan_facet_v2.rb +237 -0
  195. data/lib/crimson-falcon/models/domain_api_vulnerability_v2.rb +12 -1
  196. data/lib/crimson-falcon/models/domain_asset_finding.rb +351 -0
  197. data/lib/crimson-falcon/models/domain_aws_account_v2.rb +85 -13
  198. data/lib/crimson-falcon/models/domain_azure_client_service_principal_v1.rb +26 -12
  199. data/lib/crimson-falcon/models/domain_behavior.rb +10 -1
  200. data/lib/crimson-falcon/models/domain_botnet_config_source.rb +351 -0
  201. data/lib/crimson-falcon/models/domain_botnet_inject.rb +255 -0
  202. data/lib/crimson-falcon/models/domain_cid_policy_assignments.rb +24 -1
  203. data/lib/crimson-falcon/models/domain_cloud_aws_account_v1.rb +82 -1
  204. data/lib/crimson-falcon/models/domain_cloud_oci_feature.rb +288 -0
  205. data/lib/crimson-falcon/models/domain_cloud_oci_product_feature.rb +255 -0
  206. data/lib/crimson-falcon/models/domain_config_data.rb +369 -0
  207. data/lib/crimson-falcon/models/domain_count_by_severity.rb +281 -0
  208. data/lib/crimson-falcon/models/domain_ddos_attack_source.rb +423 -0
  209. data/lib/crimson-falcon/models/domain_ddos_target_details.rb +376 -0
  210. data/lib/crimson-falcon/models/domain_denormalized_adversary_reference.rb +10 -1
  211. data/lib/crimson-falcon/models/domain_discover_api_active_discovery_host.rb +1 -1
  212. data/lib/crimson-falcon/models/domain_discover_api_active_discovery_network.rb +15 -5
  213. data/lib/crimson-falcon/models/domain_discover_api_host.rb +23 -1
  214. data/lib/crimson-falcon/models/domain_discover_api_scan_details_host.rb +245 -0
  215. data/lib/crimson-falcon/models/domain_entity.rb +270 -0
  216. data/lib/crimson-falcon/models/domain_event.rb +400 -0
  217. data/lib/crimson-falcon/models/domain_event_entities_response.rb +266 -0
  218. data/lib/crimson-falcon/models/domain_execute_command_v1.rb +10 -1
  219. data/lib/crimson-falcon/models/domain_export_job_metadata_v1.rb +10 -1
  220. data/lib/crimson-falcon/models/domain_gcp_account_v1.rb +2 -2
  221. data/lib/crimson-falcon/models/domain_gpa.rb +341 -0
  222. data/lib/crimson-falcon/models/domain_gpas.rb +239 -0
  223. data/lib/crimson-falcon/models/domain_host.rb +69 -90
  224. data/lib/crimson-falcon/models/domain_ioa_counts.rb +280 -0
  225. data/lib/crimson-falcon/models/domain_iom_counts.rb +280 -0
  226. data/lib/crimson-falcon/models/domain_item_details_v1.rb +13 -1
  227. data/lib/crimson-falcon/models/domain_job_with_link.rb +253 -0
  228. data/lib/crimson-falcon/models/domain_kestrel_params.rb +15 -1
  229. data/lib/crimson-falcon/models/domain_key_value_pair.rb +253 -0
  230. data/lib/crimson-falcon/models/domain_last_scheduled_execution.rb +18 -4
  231. data/lib/crimson-falcon/models/domain_launch_export_job_request_v1.rb +1 -1
  232. data/lib/crimson-falcon/models/domain_malicious_file.rb +1 -1
  233. data/lib/crimson-falcon/models/domain_matched_rule.rb +255 -0
  234. data/lib/crimson-falcon/models/domain_meta_info.rb +23 -5
  235. data/lib/crimson-falcon/models/domain_mitre_attack_mapping.rb +266 -0
  236. data/lib/crimson-falcon/models/domain_msa_meta_info_with_search_after.rb +280 -0
  237. data/lib/crimson-falcon/models/domain_news_document.rb +19 -9
  238. data/lib/crimson-falcon/models/domain_oci_create_response.rb +254 -0
  239. data/lib/crimson-falcon/models/domain_oci_download_script_request_data.rb +264 -0
  240. data/lib/crimson-falcon/models/{rest_azure_download_script_request_v1.rb → domain_oci_download_script_request_v1.rb} +4 -4
  241. data/lib/crimson-falcon/models/domain_oci_issue.rb +281 -0
  242. data/lib/crimson-falcon/models/{domain_azure_management_group_role_assignment.rb → domain_oci_permission.rb} +9 -22
  243. data/lib/crimson-falcon/models/{rest_azure_provision_get_account_script_response_v1.rb → domain_oci_provision_get_account_script_response_v1.rb} +4 -4
  244. data/lib/crimson-falcon/models/domain_oci_tenancy_create_ext_v1.rb +310 -0
  245. data/lib/crimson-falcon/models/domain_oci_tenancy_create_request_ext_v1.rb +241 -0
  246. data/lib/crimson-falcon/models/domain_oci_tenancy_create_response_ext_v1.rb +266 -0
  247. data/lib/crimson-falcon/models/domain_oci_tenancy_response_ext_v1.rb +266 -0
  248. data/lib/crimson-falcon/models/domain_oci_tenancy_rotate_key_request_ext_v1.rb +241 -0
  249. data/lib/crimson-falcon/models/domain_oci_tenancy_rotate_key_response_ext_v1.rb +266 -0
  250. data/lib/crimson-falcon/models/domain_oci_tenancy_rotated_key.rb +281 -0
  251. data/lib/crimson-falcon/models/domain_oci_tenancy_script.rb +280 -0
  252. data/lib/crimson-falcon/models/domain_oci_tenancy_update_ext_v1.rb +315 -0
  253. data/lib/crimson-falcon/models/domain_oci_tenancy_update_request_ext_v1.rb +241 -0
  254. data/lib/crimson-falcon/models/domain_oci_tenancy_update_response_ext_v1.rb +266 -0
  255. data/lib/crimson-falcon/models/domain_oci_tenancy_v1.rb +575 -0
  256. data/lib/crimson-falcon/models/domain_oci_tenancy_validated.rb +300 -0
  257. data/lib/crimson-falcon/models/domain_oci_tenancy_validation_response.rb +266 -0
  258. data/lib/crimson-falcon/models/domain_oci_validate_request_data.rb +255 -0
  259. data/lib/crimson-falcon/models/domain_oci_validate_request_v1.rb +241 -0
  260. data/lib/crimson-falcon/models/domain_on_prem.rb +259 -0
  261. data/lib/crimson-falcon/models/domain_paging_with_search_after.rb +262 -0
  262. data/lib/crimson-falcon/models/domain_params.rb +261 -0
  263. data/lib/crimson-falcon/models/domain_pastebin_text_source.rb +294 -0
  264. data/lib/crimson-falcon/models/domain_platform.rb +11 -11
  265. data/lib/crimson-falcon/models/domain_product_feature_status.rb +345 -0
  266. data/lib/crimson-falcon/models/domain_product_feature_status_conditions.rb +323 -0
  267. data/lib/crimson-falcon/models/domain_report_metadata.rb +15 -1
  268. data/lib/crimson-falcon/models/domain_report_params.rb +2 -4
  269. data/lib/crimson-falcon/models/domain_request.rb +34 -12
  270. data/lib/crimson-falcon/models/domain_result_metadata.rb +18 -4
  271. data/lib/crimson-falcon/models/domain_role.rb +13 -4
  272. data/lib/crimson-falcon/models/domain_rule_entities_response.rb +266 -0
  273. data/lib/crimson-falcon/models/domain_rule_metadata_response.rb +266 -0
  274. data/lib/crimson-falcon/models/domain_sca_misconfigs_counts.rb +239 -0
  275. data/lib/crimson-falcon/models/domain_scan.rb +19 -1
  276. data/lib/crimson-falcon/models/domain_scan_profile.rb +19 -1
  277. data/lib/crimson-falcon/models/domain_scan_v2.rb +19 -1
  278. data/lib/crimson-falcon/models/domain_schedule.rb +19 -34
  279. data/lib/crimson-falcon/models/domain_scheduled_report_v1.rb +10 -1
  280. data/lib/crimson-falcon/models/domain_screenshot.rb +261 -0
  281. data/lib/crimson-falcon/models/domain_search_after_paging.rb +29 -15
  282. data/lib/crimson-falcon/models/domain_simple_actor.rb +11 -2
  283. data/lib/crimson-falcon/models/domain_tenancy_ocid.rb +239 -0
  284. data/lib/crimson-falcon/models/domain_tweet_source.rb +294 -0
  285. data/lib/crimson-falcon/models/domain_user.rb +12 -1
  286. data/lib/crimson-falcon/models/domain_vulnerabilities_count.rb +239 -0
  287. data/lib/crimson-falcon/models/domain_xdr_params.rb +12 -1
  288. data/lib/crimson-falcon/models/domain_xlr8_info.rb +281 -0
  289. data/lib/crimson-falcon/models/empowerapi_remote_command_put_file_v1.rb +5 -0
  290. data/lib/crimson-falcon/models/empowerapi_remote_command_put_file_v2.rb +5 -0
  291. data/lib/crimson-falcon/models/entities_ods_scan_request.rb +29 -1
  292. data/lib/crimson-falcon/models/entities_ods_schedule_scan_request.rb +29 -1
  293. data/lib/crimson-falcon/models/executions_condition_result.rb +257 -0
  294. data/lib/crimson-falcon/models/executions_execution_result.rb +13 -1
  295. data/lib/crimson-falcon/models/executions_flow_execution_result.rb +319 -0
  296. data/lib/crimson-falcon/models/falconx_submission_parameters_v1.rb +12 -1
  297. data/lib/crimson-falcon/models/falconx_submission_v1.rb +12 -1
  298. data/lib/crimson-falcon/models/figapi_indicator.rb +11 -11
  299. data/lib/crimson-falcon/models/flightcontrolapi_aggregates_response.rb +271 -0
  300. data/lib/crimson-falcon/models/{domain_user_grants.rb → flightcontrolapi_combined_user_roles_resource_v1.rb} +3 -3
  301. data/lib/crimson-falcon/models/flightcontrolapi_combined_user_roles_resource_v2.rb +329 -0
  302. data/lib/crimson-falcon/models/flightcontrolapi_combined_user_roles_response_v1.rb +266 -0
  303. data/lib/crimson-falcon/models/flightcontrolapi_combined_user_roles_response_v2.rb +266 -0
  304. data/lib/crimson-falcon/models/{domain_action_user_roles_request.rb → flightcontrolapi_grant_input.rb} +4 -3
  305. data/lib/crimson-falcon/models/graph_configured_activity.rb +24 -5
  306. data/lib/crimson-falcon/models/graph_configured_trigger.rb +23 -4
  307. data/lib/crimson-falcon/models/graph_inline_activity_config.rb +253 -0
  308. data/lib/crimson-falcon/models/graph_validation_error.rb +14 -4
  309. data/lib/crimson-falcon/models/hour.rb +270 -0
  310. data/lib/crimson-falcon/models/insights_insight.rb +255 -0
  311. data/lib/crimson-falcon/models/insights_insight_details.rb +257 -0
  312. data/lib/crimson-falcon/models/jsonschema_condition_group_fields.rb +10 -1
  313. data/lib/crimson-falcon/models/jsonschema_sub_schema.rb +7 -7
  314. data/lib/crimson-falcon/models/jsonschema_ui_extensions.rb +14 -4
  315. data/lib/crimson-falcon/models/model_mitre_attack_mapping.rb +248 -0
  316. data/lib/crimson-falcon/models/models_api_kubernetes_iom.rb +10 -1
  317. data/lib/crimson-falcon/models/models_compliance_export_grouped_by_images_report.rb +28 -1
  318. data/lib/crimson-falcon/models/models_container.rb +219 -307
  319. data/lib/crimson-falcon/models/models_deployment.rb +81 -361
  320. data/lib/crimson-falcon/models/models_detection.rb +1 -1
  321. data/lib/crimson-falcon/models/models_elf_binary.rb +1 -1
  322. data/lib/crimson-falcon/models/models_pod.rb +15 -1
  323. data/lib/crimson-falcon/models/models_registry_credentials_response.rb +2 -4
  324. data/lib/crimson-falcon/models/models_result_properties.rb +15 -1
  325. data/lib/crimson-falcon/models/non_compliant_by_severity.rb +281 -0
  326. data/lib/crimson-falcon/models/one_minute.rb +270 -0
  327. data/lib/crimson-falcon/models/packages_api_packages_by_image_count.rb +266 -0
  328. data/lib/crimson-falcon/models/policyframework_benchmark.rb +10 -1
  329. data/lib/crimson-falcon/models/policyframework_control.rb +12 -1
  330. data/lib/crimson-falcon/models/query_spent.rb +281 -0
  331. data/lib/crimson-falcon/models/quickscanpro_file_result.rb +2 -2
  332. data/lib/crimson-falcon/models/quickscanpro_scan_result.rb +2 -2
  333. data/lib/crimson-falcon/models/quickscanpro_url_result.rb +2 -2
  334. data/lib/crimson-falcon/models/quota_total_spent.rb +281 -0
  335. data/lib/crimson-falcon/models/registration_aws_account_ext_v2.rb +10 -1
  336. data/lib/crimson-falcon/models/registration_aws_account_patch.rb +25 -1
  337. data/lib/crimson-falcon/models/registration_azure_account_v1_ext.rb +71 -15
  338. data/lib/crimson-falcon/models/registration_azure_management_group_v1_ext.rb +15 -15
  339. data/lib/crimson-falcon/models/registration_gcp_account_req_obj_v2.rb +1 -1
  340. data/lib/crimson-falcon/models/registration_gcp_account_rsp_obj_v2.rb +1 -1
  341. data/lib/crimson-falcon/models/registration_gcp_account_validated_v1.rb +2 -2
  342. data/lib/crimson-falcon/models/registration_gcp_service_account_ext_v1.rb +1 -1
  343. data/lib/crimson-falcon/models/registration_gcp_service_account_patch_v1.rb +1 -1
  344. data/lib/crimson-falcon/models/registration_gcp_service_account_validation_request_obj_v1.rb +1 -1
  345. data/lib/crimson-falcon/models/releases_release.rb +19 -1
  346. data/lib/crimson-falcon/models/resource_counts.rb +281 -0
  347. data/lib/crimson-falcon/models/resources_benchmark.rb +267 -0
  348. data/lib/crimson-falcon/models/resources_cloud_context.rb +19 -1
  349. data/lib/crimson-falcon/models/resources_cloud_resource.rb +84 -1
  350. data/lib/crimson-falcon/models/resources_compliance_control.rb +470 -0
  351. data/lib/crimson-falcon/models/resources_control_info.rb +295 -0
  352. data/lib/crimson-falcon/models/resources_detection_count.rb +295 -0
  353. data/lib/crimson-falcon/models/resources_detections.rb +19 -1
  354. data/lib/crimson-falcon/models/resources_rule.rb +281 -0
  355. data/lib/crimson-falcon/models/rest_cloud_aws_account_create_ext_v1.rb +108 -7
  356. data/lib/crimson-falcon/models/restapi_indicator_feed_query_item.rb +252 -0
  357. data/lib/crimson-falcon/models/restapi_indicator_feed_query_response.rb +270 -0
  358. data/lib/crimson-falcon/models/restapi_indicator_get_feeds_item.rb +254 -0
  359. data/lib/crimson-falcon/models/restapi_indicator_get_feeds_response.rb +261 -0
  360. data/lib/crimson-falcon/models/restapi_indicators_aggregates_request.rb +241 -0
  361. data/lib/crimson-falcon/models/restapi_indicators_aggregates_response.rb +271 -0
  362. data/lib/crimson-falcon/models/sadomain_typosquatting_subdomain.rb +51 -1
  363. data/lib/crimson-falcon/models/{domain_condition.rb → statemgmt_condition.rb} +3 -3
  364. data/lib/crimson-falcon/models/ten_minutes.rb +270 -0
  365. data/lib/crimson-falcon/models/threatgraph_vertex_details.rb +13 -13
  366. data/lib/crimson-falcon/models/types_action_run.rb +5 -5
  367. data/lib/crimson-falcon/models/types_action_run_event.rb +18 -23
  368. data/lib/crimson-falcon/models/types_action_run_event_data.rb +3 -3
  369. data/lib/crimson-falcon/models/types_artifact.rb +1 -1
  370. data/lib/crimson-falcon/models/types_artifacts.rb +236 -0
  371. data/lib/crimson-falcon/models/types_count_response.rb +266 -0
  372. data/lib/crimson-falcon/models/types_create_executor_node.rb +351 -0
  373. data/lib/crimson-falcon/models/types_create_group_request.rb +290 -0
  374. data/lib/crimson-falcon/models/types_create_integration.rb +297 -0
  375. data/lib/crimson-falcon/models/types_create_integration_response.rb +243 -0
  376. data/lib/crimson-falcon/models/types_executor_node.rb +11 -2
  377. data/lib/crimson-falcon/models/types_executor_node_status.rb +267 -0
  378. data/lib/crimson-falcon/models/types_general_query_response.rb +266 -0
  379. data/lib/crimson-falcon/models/types_get_cloud_security_integration_state_response.rb +253 -0
  380. data/lib/crimson-falcon/models/types_get_services_request.rb +12 -1
  381. data/lib/crimson-falcon/models/types_group_details.rb +335 -0
  382. data/lib/crimson-falcon/models/{api_response_pagination.rb → types_group_hierarchy_response.rb} +18 -23
  383. data/lib/crimson-falcon/models/types_group_in_hierarchy.rb +308 -0
  384. data/lib/crimson-falcon/models/types_group_list_item.rb +288 -0
  385. data/lib/crimson-falcon/models/types_group_min_details.rb +243 -0
  386. data/lib/crimson-falcon/models/types_group_min_details_with_parent.rb +252 -0
  387. data/lib/crimson-falcon/models/types_integration.rb +1 -1
  388. data/lib/crimson-falcon/models/types_integration_task.rb +8 -8
  389. data/lib/crimson-falcon/models/types_integration_task_response.rb +2 -2
  390. data/lib/crimson-falcon/models/types_list_integration_item.rb +297 -0
  391. data/lib/crimson-falcon/models/types_list_integration_tasks_response.rb +1 -1
  392. data/lib/crimson-falcon/models/types_list_integrations_executor_node.rb +351 -0
  393. data/lib/crimson-falcon/models/types_list_integrations_response.rb +1 -1
  394. data/lib/crimson-falcon/models/types_overtime_response.rb +266 -0
  395. data/lib/crimson-falcon/models/types_query_count_response.rb +253 -0
  396. data/lib/crimson-falcon/models/types_query_overtime_response_item.rb +253 -0
  397. data/lib/crimson-falcon/models/types_query_response.rb +255 -0
  398. data/lib/crimson-falcon/models/types_set_cloud_security_integration_state_request.rb +239 -0
  399. data/lib/crimson-falcon/models/{rest_aws_account_validated.rb → types_update_group_request.rb} +65 -50
  400. data/lib/crimson-falcon/models/types_user.rb +381 -0
  401. data/lib/crimson-falcon/models/types_user_group.rb +351 -0
  402. data/lib/crimson-falcon/models/types_users_response.rb +255 -0
  403. data/lib/crimson-falcon/models/v2_activity.rb +20 -1
  404. data/lib/crimson-falcon/models/v2_agent_coverage.rb +387 -0
  405. data/lib/crimson-falcon/models/v2_cloud_provider_info.rb +270 -0
  406. data/lib/crimson-falcon/models/v2_cluster_entity_response_v2.rb +266 -0
  407. data/lib/crimson-falcon/models/v2_cluster_v2.rb +385 -0
  408. data/lib/crimson-falcon/models/v2_inline_config.rb +252 -0
  409. data/lib/crimson-falcon/models/v2_timestamp_fields.rb +253 -0
  410. data/lib/crimson-falcon/models/v2_trigger.rb +22 -4
  411. data/lib/crimson-falcon/models/webhooktrigger_api_key_config.rb +255 -0
  412. data/lib/crimson-falcon/models/webhooktrigger_api_request.rb +288 -0
  413. data/lib/crimson-falcon/models/webhooktrigger_auth_config.rb +267 -0
  414. data/lib/crimson-falcon/models/webhooktrigger_basic_auth_config.rb +245 -0
  415. data/lib/crimson-falcon/models/webhooktrigger_hmac_config.rb +317 -0
  416. data/lib/crimson-falcon/models/webhooktrigger_response_config.rb +260 -0
  417. data/lib/crimson-falcon/version.rb +2 -2
  418. data/lib/crimson-falcon.rb +257 -26
  419. data/spec/api/alerts_spec.rb +2 -2
  420. data/spec/api/aspm_spec.rb +333 -1
  421. data/spec/api/cao_hunting_spec.rb +102 -0
  422. data/spec/api/cloud_aws_registration_spec.rb +0 -14
  423. data/spec/api/cloud_azure_registration_spec.rb +1 -1
  424. data/spec/api/cloud_oci_registration_spec.rb +133 -0
  425. data/spec/api/cloud_security_assets_spec.rb +18 -2
  426. data/spec/api/cloud_snapshots_spec.rb +2 -2
  427. data/spec/api/{compliance_assessments_spec.rb → container_image_compliance_spec.rb} +17 -17
  428. data/spec/api/container_images_spec.rb +9 -7
  429. data/spec/api/container_packages_spec.rb +15 -3
  430. data/spec/api/content_update_policies_spec.rb +17 -5
  431. data/spec/api/correlation_rules_spec.rb +98 -1
  432. data/spec/api/cspg_iac_spec.rb +1 -1
  433. data/spec/api/cspm_registration_spec.rb +1 -23
  434. data/spec/api/custom_storage_spec.rb +73 -0
  435. data/spec/api/d4c_registration_spec.rb +6 -1
  436. data/spec/api/default_spec.rb +73 -0
  437. data/spec/api/device_control_with_bluetooth_spec.rb +117 -0
  438. data/spec/api/discover_spec.rb +1 -11
  439. data/spec/api/execution_spec.rb +66 -0
  440. data/spec/api/exposure_management_spec.rb +11 -0
  441. data/spec/api/falconx_sandbox_spec.rb +3 -3
  442. data/spec/api/host_migration_spec.rb +2 -2
  443. data/spec/api/hosts_spec.rb +30 -0
  444. data/spec/api/installation_tokens_settings_spec.rb +1 -1
  445. data/spec/api/installation_tokens_spec.rb +1 -1
  446. data/spec/api/intel_spec.rb +5 -5
  447. data/spec/api/intelligence_feeds_spec.rb +86 -0
  448. data/spec/api/intelligence_indicator_graph_spec.rb +11 -1
  449. data/spec/api/kubernetes_container_compliance_spec.rb +161 -0
  450. data/spec/api/kubernetes_protection_spec.rb +30 -15
  451. data/spec/api/lookup_files_spec.rb +4 -0
  452. data/spec/api/{humio_auth_proxy_spec.rb → ngsiem_spec.rb} +10 -8
  453. data/spec/api/quarantine_spec.rb +1 -1
  454. data/spec/api/quick_scan_pro_spec.rb +1 -1
  455. data/spec/api/quick_scan_spec.rb +2 -2
  456. data/spec/api/release_notes_spec.rb +2 -2
  457. data/spec/api/{vulnerabilities_spec.rb → serverless_vulnerabilities_spec.rb} +6 -6
  458. data/spec/api/spotlight_vulnerabilities_spec.rb +2 -2
  459. data/spec/api/tailored_intelligence_spec.rb +115 -0
  460. data/spec/api/user_management_spec.rb +32 -4
  461. data/spec/api/workflows_spec.rb +14 -0
  462. data/spec/models/activities_activity_spec.rb +6 -0
  463. data/spec/models/activities_dependency_spec.rb +69 -0
  464. data/spec/models/api_aggregates_response_v1_spec.rb +63 -0
  465. data/spec/models/api_collection_metadata_spec.rb +135 -0
  466. data/spec/models/api_create_rule_notification_config_spec.rb +75 -0
  467. data/spec/models/api_create_rule_notifications_spec.rb +63 -0
  468. data/spec/models/api_get_entities_rule_versions_response_v1_spec.rb +63 -0
  469. data/spec/models/api_indexed_fields_spec.rb +63 -0
  470. data/spec/models/api_intelligence_query_aggregates_response_spec.rb +63 -0
  471. data/spec/models/api_intelligence_query_entity_response_spec.rb +63 -0
  472. data/spec/models/api_intelligence_query_entity_spec.rb +189 -0
  473. data/spec/models/api_job_link_response_v1_spec.rb +63 -0
  474. data/spec/models/{domain_assessment_paging_spec.rb → api_paging_spec.rb} +13 -7
  475. data/spec/models/api_patch_rule_notification_config_v1_spec.rb +75 -0
  476. data/spec/models/api_patch_rule_notifications_v1_spec.rb +63 -0
  477. data/spec/models/api_patch_rule_search_v1_spec.rb +6 -0
  478. data/spec/models/api_query_event_distribution_spec.rb +69 -0
  479. data/spec/models/api_query_job_around_input_spec.rb +69 -0
  480. data/spec/models/api_query_job_input_spec.rb +123 -0
  481. data/spec/models/api_query_job_response_spec.rb +57 -0
  482. data/spec/models/api_query_jobs_results_spec.rb +93 -0
  483. data/spec/models/api_query_metadata_json_spec.rb +177 -0
  484. data/spec/models/api_rule_create_request_v1_spec.rb +18 -0
  485. data/spec/models/api_rule_patch_request_v1_spec.rb +24 -0
  486. data/spec/models/api_rule_search_v1_spec.rb +6 -0
  487. data/spec/models/api_rule_v1_spec.rb +34 -16
  488. data/spec/models/api_rule_version_publish_request_v1_spec.rb +51 -0
  489. data/spec/models/api_rule_version_report_request_spec.rb +63 -0
  490. data/spec/models/api_rule_version_sorted_search_spec.rb +57 -0
  491. data/spec/models/api_schema_metadata_spec.rb +111 -0
  492. data/spec/models/{api_rule_operation_v1_spec.rb → api_user_metadata_spec.rb} +10 -10
  493. data/spec/models/api_warning_json_spec.rb +69 -0
  494. data/spec/models/api_workflow_metadata_spec.rb +75 -0
  495. data/spec/models/aspm_data_spec.rb +75 -0
  496. data/spec/models/assets_compliance_response_spec.rb +63 -0
  497. data/spec/models/{rest_azure_download_script_request_data_spec.rb → azure_azure_download_script_request_data_spec.rb} +6 -6
  498. data/spec/models/azure_azure_download_script_request_v1_spec.rb +51 -0
  499. data/spec/models/azure_azure_provision_get_account_script_response_v1_spec.rb +63 -0
  500. data/spec/models/{rest_azure_script_spec.rb → azure_azure_script_spec.rb} +6 -6
  501. data/spec/models/azure_db_role_assignment_spec.rb +81 -0
  502. data/spec/models/{domain_azure_resource_permission_spec.rb → azure_resource_permission_spec.rb} +6 -6
  503. data/spec/models/common_count_as_resource_spec.rb +6 -0
  504. data/spec/models/common_count_response_spec.rb +3 -3
  505. data/spec/models/{domain_content_update_settings_v1_spec.rb → content_update_content_update_settings_req_v1_spec.rb} +6 -6
  506. data/spec/models/content_update_policy_v1_spec.rb +121 -0
  507. data/spec/models/content_update_resp_v1_spec.rb +63 -0
  508. data/spec/models/content_update_ring_assignment_override_setting_v1_spec.rb +51 -0
  509. data/spec/models/content_update_ring_assignment_settings_req_v1_spec.rb +63 -0
  510. data/spec/models/content_update_ring_assignment_settings_v1_spec.rb +18 -0
  511. data/spec/models/costs_spec.rb +69 -0
  512. data/spec/models/custom_type1942251022_spec.rb +63 -0
  513. data/spec/models/custom_type4161059146_spec.rb +63 -0
  514. data/spec/models/dataclassifications_data_classification_finding_spec.rb +63 -0
  515. data/spec/models/dataclassifications_response_spec.rb +6 -0
  516. data/spec/models/day_spec.rb +63 -0
  517. data/spec/models/detects_external_alert_spec.rb +12 -0
  518. data/spec/models/detects_mitre_attack_mapping_spec.rb +75 -0
  519. data/spec/models/device_control_req_update_default_settings_v1_spec.rb +57 -0
  520. data/spec/models/{common_registry_credentials_response_spec.rb → device_control_resp_default_setting_v1_spec.rb} +6 -6
  521. data/spec/models/device_control_resp_update_default_settings_v1_spec.rb +93 -0
  522. data/spec/models/device_device_policy_spec.rb +6 -0
  523. data/spec/models/device_device_spec.rb +6 -0
  524. data/spec/models/device_mapped_device_policies_spec.rb +25 -7
  525. data/spec/models/{releasenotes_entities_get_response_wrapper_spec.rb → deviceapi_device_combined_response_swagger_spec.rb} +6 -6
  526. data/spec/models/deviceapi_device_paging_v2_spec.rb +81 -0
  527. data/spec/models/deviceapi_mapped_device_policies_swagger_spec.rb +201 -0
  528. data/spec/models/deviceapi_meta_info_spec.rb +75 -0
  529. data/spec/models/devicecontent_content_category_spec.rb +12 -0
  530. data/spec/models/devicecontent_state_spec.rb +12 -0
  531. data/spec/models/devicecontrolapi_bluetooth_class_spec.rb +75 -0
  532. data/spec/models/devicecontrolapi_bluetooth_custom_notifications_spec.rb +51 -0
  533. data/spec/models/devicecontrolapi_bluetooth_exception_base_spec.rb +111 -0
  534. data/spec/models/devicecontrolapi_bluetooth_exception_spec.rb +141 -0
  535. data/spec/models/devicecontrolapi_bluetooth_minor_class_spec.rb +63 -0
  536. data/spec/models/devicecontrolapi_bluetooth_settings_spec.rb +69 -0
  537. data/spec/models/devicecontrolapi_custom_notification_spec.rb +57 -0
  538. data/spec/models/devicecontrolapi_req_create_policies_v1_spec.rb +51 -0
  539. data/spec/models/devicecontrolapi_req_create_policy_v1_spec.rb +85 -0
  540. data/spec/models/devicecontrolapi_req_update_base_v1_external_spec.rb +75 -0
  541. data/spec/models/devicecontrolapi_req_update_bases_v1_external_spec.rb +51 -0
  542. data/spec/models/{domain_create_submission_v1_error_response_spec.rb → devicecontrolapi_req_update_bluetooth_base_v1_spec.rb} +15 -15
  543. data/spec/models/devicecontrolapi_req_update_bluetooth_class_v1_spec.rb +67 -0
  544. data/spec/models/devicecontrolapi_req_update_bluetooth_classes_v1_spec.rb +63 -0
  545. data/spec/models/devicecontrolapi_req_update_bluetooth_minor_class_v1_spec.rb +61 -0
  546. data/spec/models/devicecontrolapi_req_update_policies_classes_v1_spec.rb +51 -0
  547. data/spec/models/devicecontrolapi_req_update_policy_classes_v1_spec.rb +63 -0
  548. data/spec/models/devicecontrolapi_req_update_usb_base_v1_external_spec.rb +77 -0
  549. data/spec/models/devicecontrolapi_req_update_usb_base_v1_spec.rb +87 -0
  550. data/spec/models/devicecontrolapi_req_update_usb_class_v1_spec.rb +65 -0
  551. data/spec/models/devicecontrolapi_req_update_usb_classes_v1_spec.rb +63 -0
  552. data/spec/models/devicecontrolapi_resp_msa_error_v1_spec.rb +69 -0
  553. data/spec/models/devicecontrolapi_resp_msa_meta_v1_spec.rb +69 -0
  554. data/spec/models/devicecontrolapi_resp_paging_details_v1_spec.rb +63 -0
  555. data/spec/models/devicecontrolapi_resp_policies_v2_spec.rb +63 -0
  556. data/spec/models/{domain_content_update_policy_resp_v1_spec.rb → devicecontrolapi_resp_policy_v2_spec.rb} +17 -11
  557. data/spec/models/devicecontrolapi_resp_usb_class_settings_v2_spec.rb +69 -0
  558. data/spec/models/devicecontrolapi_resp_usb_exception_v2_spec.rb +141 -0
  559. data/spec/models/devicecontrolapi_resp_usb_settings_v2_spec.rb +81 -0
  560. data/spec/models/devicecontrolapi_usb_custom_notification_spec.rb +57 -0
  561. data/spec/models/devicecontrolapi_usb_custom_notifications_spec.rb +57 -0
  562. data/spec/models/devicecontrolapi_usb_exception_base_spec.rb +125 -0
  563. data/spec/models/digest_flow_spec.rb +63 -0
  564. data/spec/models/domain_actor_document_spec.rb +6 -0
  565. data/spec/models/domain_api_aggregate_compliance_by_asset_type_v1_spec.rb +81 -0
  566. data/spec/models/domain_api_aggregate_compliance_by_cluster_type_v1_spec.rb +81 -0
  567. data/spec/models/domain_api_aggregate_compliance_by_framework_v1_spec.rb +93 -0
  568. data/spec/models/domain_api_aggregate_failed_rules_by_clusters_v3_spec.rb +81 -0
  569. data/spec/models/domain_api_aggregate_group_by_clusters_v2_spec.rb +171 -0
  570. data/spec/models/domain_api_aggregate_response_compliance_by_asset_type_v1_resources_spec.rb +57 -0
  571. data/spec/models/domain_api_aggregate_response_compliance_by_asset_type_v1_spec.rb +63 -0
  572. data/spec/models/domain_api_aggregate_response_compliance_by_cluster_type_v1_resources_spec.rb +57 -0
  573. data/spec/models/domain_api_aggregate_response_compliance_by_cluster_type_v1_spec.rb +63 -0
  574. data/spec/models/domain_api_aggregate_response_compliance_by_framework_v1_resources_spec.rb +57 -0
  575. data/spec/models/domain_api_aggregate_response_compliance_by_framework_v1_spec.rb +63 -0
  576. data/spec/models/domain_api_aggregate_response_failed_rules_by_clusters_type_v2_resources_spec.rb +57 -0
  577. data/spec/models/domain_api_aggregate_response_failed_rules_by_clusters_type_v2_spec.rb +63 -0
  578. data/spec/models/domain_api_aggregate_response_group_by_clusters_v2_resources_spec.rb +57 -0
  579. data/spec/models/domain_api_aggregate_response_group_by_clusters_v2_spec.rb +63 -0
  580. data/spec/models/domain_api_aggregate_response_group_by_rules_v1_resources_spec.rb +57 -0
  581. data/spec/models/domain_api_aggregate_response_group_by_rules_v1_spec.rb +63 -0
  582. data/spec/models/domain_api_aggregate_response_top_failed_images_v1_resources_spec.rb +57 -0
  583. data/spec/models/domain_api_aggregate_response_top_failed_images_v1_spec.rb +63 -0
  584. data/spec/models/domain_api_aggregate_top_failed_images_v1_spec.rb +93 -0
  585. data/spec/models/domain_api_aggregation_group_by_rules_result_v1_spec.rb +117 -0
  586. data/spec/models/domain_api_asset_compliance_finding_v1_spec.rb +99 -0
  587. data/spec/models/domain_api_combined_images_findings_spec.rb +87 -0
  588. data/spec/models/domain_api_combined_nodes_findings_spec.rb +123 -0
  589. data/spec/models/domain_api_entity_matched_v1_spec.rb +63 -0
  590. data/spec/models/domain_api_error_spec.rb +3 -3
  591. data/spec/models/domain_api_evaluation_logic_host_info_v1_spec.rb +51 -0
  592. data/spec/models/domain_api_evaluation_logic_item_v1_spec.rb +6 -6
  593. data/spec/models/domain_api_evaluation_logic_v1_spec.rb +20 -2
  594. data/spec/models/domain_api_response_images_findings_v1_spec.rb +63 -0
  595. data/spec/models/domain_api_response_nodes_findings_v1_spec.rb +63 -0
  596. data/spec/models/domain_api_rule_metadata_spec.rb +135 -0
  597. data/spec/models/domain_api_simplified_evaluation_logic_item_v1_spec.rb +87 -0
  598. data/spec/models/domain_api_vulnerability_data_provider_v1_spec.rb +6 -0
  599. data/spec/models/domain_api_vulnerability_host_facet_v2_spec.rb +6 -0
  600. data/spec/models/domain_api_vulnerability_network_scan_facet_v2_spec.rb +51 -0
  601. data/spec/models/domain_api_vulnerability_network_scan_spec.rb +57 -0
  602. data/spec/models/domain_api_vulnerability_v2_spec.rb +6 -0
  603. data/spec/models/domain_asset_finding_spec.rb +99 -0
  604. data/spec/models/domain_aws_account_v2_spec.rb +51 -3
  605. data/spec/models/domain_azure_client_service_principal_v1_spec.rb +7 -1
  606. data/spec/models/domain_behavior_spec.rb +6 -0
  607. data/spec/models/domain_botnet_config_source_spec.rb +93 -0
  608. data/spec/models/domain_botnet_inject_spec.rb +57 -0
  609. data/spec/models/domain_cid_policy_assignments_spec.rb +12 -0
  610. data/spec/models/domain_cloud_aws_account_v1_spec.rb +54 -0
  611. data/spec/models/domain_cloud_oci_feature_spec.rb +75 -0
  612. data/spec/models/domain_cloud_oci_product_feature_spec.rb +57 -0
  613. data/spec/models/domain_config_data_spec.rb +135 -0
  614. data/spec/models/domain_count_by_severity_spec.rb +69 -0
  615. data/spec/models/domain_ddos_attack_source_spec.rb +123 -0
  616. data/spec/models/domain_ddos_target_details_spec.rb +105 -0
  617. data/spec/models/domain_denormalized_adversary_reference_spec.rb +6 -0
  618. data/spec/models/domain_discover_api_active_discovery_network_spec.rb +6 -0
  619. data/spec/models/domain_discover_api_host_spec.rb +12 -0
  620. data/spec/models/domain_discover_api_scan_details_host_spec.rb +57 -0
  621. data/spec/models/{domain_azure_role_assignment_spec.rb → domain_entity_spec.rb} +10 -10
  622. data/spec/models/domain_event_entities_response_spec.rb +63 -0
  623. data/spec/models/domain_event_spec.rb +129 -0
  624. data/spec/models/domain_execute_command_v1_spec.rb +6 -0
  625. data/spec/models/domain_export_job_metadata_v1_spec.rb +6 -0
  626. data/spec/models/domain_gpa_spec.rb +111 -0
  627. data/spec/models/{common_credentials_spec.rb → domain_gpas_spec.rb} +7 -7
  628. data/spec/models/domain_host_spec.rb +9 -33
  629. data/spec/models/{rest_aws_account_validated_spec.rb → domain_ioa_counts_spec.rb} +16 -10
  630. data/spec/models/domain_iom_counts_spec.rb +75 -0
  631. data/spec/models/domain_item_details_v1_spec.rb +6 -0
  632. data/spec/models/domain_job_with_link_spec.rb +57 -0
  633. data/spec/models/domain_kestrel_params_spec.rb +6 -0
  634. data/spec/models/domain_key_value_pair_spec.rb +57 -0
  635. data/spec/models/domain_last_scheduled_execution_spec.rb +6 -0
  636. data/spec/models/domain_matched_rule_spec.rb +63 -0
  637. data/spec/models/domain_meta_info_spec.rb +12 -0
  638. data/spec/models/domain_mitre_attack_mapping_spec.rb +69 -0
  639. data/spec/models/domain_msa_meta_info_with_search_after_spec.rb +75 -0
  640. data/spec/models/domain_news_document_spec.rb +6 -0
  641. data/spec/models/domain_oci_create_response_spec.rb +57 -0
  642. data/spec/models/domain_oci_download_script_request_data_spec.rb +63 -0
  643. data/spec/models/{rest_azure_download_script_request_v1_spec.rb → domain_oci_download_script_request_v1_spec.rb} +6 -6
  644. data/spec/models/domain_oci_issue_spec.rb +69 -0
  645. data/spec/models/domain_oci_permission_spec.rb +57 -0
  646. data/spec/models/{rest_azure_provision_get_account_script_response_v1_spec.rb → domain_oci_provision_get_account_script_response_v1_spec.rb} +6 -6
  647. data/spec/models/domain_oci_tenancy_create_ext_v1_spec.rb +87 -0
  648. data/spec/models/domain_oci_tenancy_create_request_ext_v1_spec.rb +51 -0
  649. data/spec/models/domain_oci_tenancy_create_response_ext_v1_spec.rb +63 -0
  650. data/spec/models/domain_oci_tenancy_response_ext_v1_spec.rb +63 -0
  651. data/spec/models/domain_oci_tenancy_rotate_key_request_ext_v1_spec.rb +51 -0
  652. data/spec/models/domain_oci_tenancy_rotate_key_response_ext_v1_spec.rb +63 -0
  653. data/spec/models/domain_oci_tenancy_rotated_key_spec.rb +69 -0
  654. data/spec/models/domain_oci_tenancy_script_spec.rb +75 -0
  655. data/spec/models/domain_oci_tenancy_update_ext_v1_spec.rb +99 -0
  656. data/spec/models/domain_oci_tenancy_update_request_ext_v1_spec.rb +51 -0
  657. data/spec/models/domain_oci_tenancy_update_response_ext_v1_spec.rb +63 -0
  658. data/spec/models/domain_oci_tenancy_v1_spec.rb +189 -0
  659. data/spec/models/domain_oci_tenancy_validated_spec.rb +75 -0
  660. data/spec/models/domain_oci_tenancy_validation_response_spec.rb +63 -0
  661. data/spec/models/domain_oci_validate_request_data_spec.rb +57 -0
  662. data/spec/models/domain_oci_validate_request_v1_spec.rb +51 -0
  663. data/spec/models/domain_on_prem_spec.rb +63 -0
  664. data/spec/models/domain_paging_with_search_after_spec.rb +63 -0
  665. data/spec/models/domain_params_spec.rb +69 -0
  666. data/spec/models/domain_pastebin_text_source_spec.rb +75 -0
  667. data/spec/models/domain_platform_spec.rb +1 -1
  668. data/spec/models/domain_product_feature_status_conditions_spec.rb +87 -0
  669. data/spec/models/domain_product_feature_status_spec.rb +93 -0
  670. data/spec/models/domain_report_metadata_spec.rb +6 -0
  671. data/spec/models/domain_request_spec.rb +19 -1
  672. data/spec/models/domain_result_metadata_spec.rb +6 -0
  673. data/spec/models/domain_role_spec.rb +6 -0
  674. data/spec/models/domain_rule_entities_response_spec.rb +63 -0
  675. data/spec/models/domain_rule_metadata_response_spec.rb +63 -0
  676. data/spec/models/domain_sca_misconfigs_counts_spec.rb +51 -0
  677. data/spec/models/domain_scan_profile_spec.rb +12 -0
  678. data/spec/models/domain_scan_spec.rb +12 -0
  679. data/spec/models/domain_scan_v2_spec.rb +12 -0
  680. data/spec/models/domain_schedule_spec.rb +3 -3
  681. data/spec/models/domain_scheduled_report_v1_spec.rb +6 -0
  682. data/spec/models/domain_screenshot_spec.rb +69 -0
  683. data/spec/models/domain_search_after_paging_spec.rb +8 -2
  684. data/spec/models/domain_simple_actor_spec.rb +6 -0
  685. data/spec/models/domain_tenancy_ocid_spec.rb +51 -0
  686. data/spec/models/domain_tweet_source_spec.rb +75 -0
  687. data/spec/models/domain_user_spec.rb +6 -0
  688. data/spec/models/domain_vulnerabilities_count_spec.rb +51 -0
  689. data/spec/models/domain_xdr_params_spec.rb +6 -0
  690. data/spec/models/domain_xlr8_info_spec.rb +69 -0
  691. data/spec/models/entities_ods_scan_request_spec.rb +12 -0
  692. data/spec/models/entities_ods_schedule_scan_request_spec.rb +12 -0
  693. data/spec/models/executions_condition_result_spec.rb +63 -0
  694. data/spec/models/executions_execution_result_spec.rb +6 -0
  695. data/spec/models/executions_flow_execution_result_spec.rb +93 -0
  696. data/spec/models/falconx_submission_parameters_v1_spec.rb +6 -0
  697. data/spec/models/falconx_submission_v1_spec.rb +6 -0
  698. data/spec/models/figapi_indicator_spec.rb +6 -6
  699. data/spec/models/{flightcontrolapi_user_grant_response_spec.rb → flightcontrolapi_aggregates_response_spec.rb} +6 -6
  700. data/spec/models/{domain_user_grants_spec.rb → flightcontrolapi_combined_user_roles_resource_v1_spec.rb} +6 -6
  701. data/spec/models/flightcontrolapi_combined_user_roles_resource_v2_spec.rb +111 -0
  702. data/spec/models/flightcontrolapi_combined_user_roles_response_v1_spec.rb +63 -0
  703. data/spec/models/flightcontrolapi_combined_user_roles_response_v2_spec.rb +63 -0
  704. data/spec/models/{domain_action_user_roles_request_spec.rb → flightcontrolapi_grant_input_spec.rb} +6 -6
  705. data/spec/models/graph_configured_activity_spec.rb +12 -0
  706. data/spec/models/graph_configured_trigger_spec.rb +12 -0
  707. data/spec/models/graph_inline_activity_config_spec.rb +63 -0
  708. data/spec/models/graph_validation_error_spec.rb +6 -0
  709. data/spec/models/hour_spec.rb +63 -0
  710. data/spec/models/{domain_ring_assignment_settings_v1_spec.rb → insights_insight_details_spec.rb} +9 -9
  711. data/spec/models/insights_insight_spec.rb +57 -0
  712. data/spec/models/jsonschema_condition_group_fields_spec.rb +6 -0
  713. data/spec/models/jsonschema_sub_schema_spec.rb +1 -1
  714. data/spec/models/jsonschema_ui_extensions_spec.rb +6 -0
  715. data/spec/models/model_mitre_attack_mapping_spec.rb +57 -0
  716. data/spec/models/models_api_kubernetes_iom_spec.rb +6 -0
  717. data/spec/models/models_compliance_export_grouped_by_images_report_spec.rb +18 -0
  718. data/spec/models/models_container_spec.rb +106 -16
  719. data/spec/models/models_deployment_spec.rb +9 -129
  720. data/spec/models/models_pod_spec.rb +6 -0
  721. data/spec/models/models_result_properties_spec.rb +6 -0
  722. data/spec/models/non_compliant_by_severity_spec.rb +69 -0
  723. data/spec/models/one_minute_spec.rb +63 -0
  724. data/spec/models/packages_api_packages_by_image_count_spec.rb +63 -0
  725. data/spec/models/policyframework_benchmark_spec.rb +6 -0
  726. data/spec/models/policyframework_control_spec.rb +6 -0
  727. data/spec/models/query_spent_spec.rb +69 -0
  728. data/spec/models/quickscanpro_file_result_spec.rb +1 -1
  729. data/spec/models/quickscanpro_scan_result_spec.rb +1 -1
  730. data/spec/models/quickscanpro_url_result_spec.rb +1 -1
  731. data/spec/models/quota_total_spent_spec.rb +69 -0
  732. data/spec/models/registration_aws_account_ext_v2_spec.rb +6 -0
  733. data/spec/models/registration_aws_account_patch_spec.rb +6 -0
  734. data/spec/models/registration_azure_account_v1_ext_spec.rb +26 -2
  735. data/spec/models/registration_azure_management_group_v1_ext_spec.rb +6 -6
  736. data/spec/models/releases_release_spec.rb +12 -0
  737. data/spec/models/resource_counts_spec.rb +69 -0
  738. data/spec/models/resources_benchmark_spec.rb +63 -0
  739. data/spec/models/resources_cloud_context_spec.rb +12 -0
  740. data/spec/models/resources_cloud_resource_spec.rb +54 -0
  741. data/spec/models/resources_compliance_control_spec.rb +153 -0
  742. data/spec/models/{domain_azure_management_group_role_assignment_spec.rb → resources_control_info_spec.rb} +15 -9
  743. data/spec/models/resources_detection_count_spec.rb +75 -0
  744. data/spec/models/resources_detections_spec.rb +12 -0
  745. data/spec/models/resources_rule_spec.rb +69 -0
  746. data/spec/models/rest_cloud_aws_account_create_ext_v1_spec.rb +66 -0
  747. data/spec/models/restapi_indicator_feed_query_item_spec.rb +63 -0
  748. data/spec/models/restapi_indicator_feed_query_response_spec.rb +69 -0
  749. data/spec/models/restapi_indicator_get_feeds_item_spec.rb +63 -0
  750. data/spec/models/{rest_aws_account_validation_response_spec.rb → restapi_indicator_get_feeds_response_spec.rb} +6 -6
  751. data/spec/models/restapi_indicators_aggregates_request_spec.rb +51 -0
  752. data/spec/models/restapi_indicators_aggregates_response_spec.rb +63 -0
  753. data/spec/models/sadomain_typosquatting_subdomain_spec.rb +18 -0
  754. data/spec/models/{domain_condition_spec.rb → statemgmt_condition_spec.rb} +6 -6
  755. data/spec/models/ten_minutes_spec.rb +63 -0
  756. data/spec/models/threatgraph_vertex_details_spec.rb +5 -5
  757. data/spec/models/types_action_run_event_spec.rb +3 -3
  758. data/spec/models/types_artifacts_spec.rb +51 -0
  759. data/spec/models/types_count_response_spec.rb +63 -0
  760. data/spec/models/types_create_executor_node_spec.rb +129 -0
  761. data/spec/models/types_create_group_request_spec.rb +87 -0
  762. data/spec/models/types_create_integration_response_spec.rb +57 -0
  763. data/spec/models/types_create_integration_spec.rb +93 -0
  764. data/spec/models/types_executor_node_spec.rb +6 -0
  765. data/spec/models/types_executor_node_status_spec.rb +63 -0
  766. data/spec/models/types_general_query_response_spec.rb +63 -0
  767. data/spec/models/types_get_cloud_security_integration_state_response_spec.rb +57 -0
  768. data/spec/models/types_get_services_request_spec.rb +6 -0
  769. data/spec/models/types_group_details_spec.rb +117 -0
  770. data/spec/models/{api_response_pagination_spec.rb → types_group_hierarchy_response_spec.rb} +8 -8
  771. data/spec/models/types_group_in_hierarchy_spec.rb +99 -0
  772. data/spec/models/types_group_list_item_spec.rb +87 -0
  773. data/spec/models/types_group_min_details_spec.rb +57 -0
  774. data/spec/models/types_group_min_details_with_parent_spec.rb +63 -0
  775. data/spec/models/types_list_integration_item_spec.rb +93 -0
  776. data/spec/models/types_list_integrations_executor_node_spec.rb +129 -0
  777. data/spec/models/types_overtime_response_spec.rb +63 -0
  778. data/spec/models/types_query_count_response_spec.rb +57 -0
  779. data/spec/models/types_query_overtime_response_item_spec.rb +57 -0
  780. data/spec/models/types_query_response_spec.rb +57 -0
  781. data/spec/models/types_set_cloud_security_integration_state_request_spec.rb +51 -0
  782. data/spec/models/types_update_group_request_spec.rb +93 -0
  783. data/spec/models/types_user_group_spec.rb +99 -0
  784. data/spec/models/types_user_spec.rb +111 -0
  785. data/spec/models/types_users_response_spec.rb +57 -0
  786. data/spec/models/v2_activity_spec.rb +12 -0
  787. data/spec/models/v2_agent_coverage_spec.rb +153 -0
  788. data/spec/models/v2_cloud_provider_info_spec.rb +75 -0
  789. data/spec/models/v2_cluster_entity_response_v2_spec.rb +63 -0
  790. data/spec/models/v2_cluster_v2_spec.rb +141 -0
  791. data/spec/models/v2_inline_config_spec.rb +63 -0
  792. data/spec/models/v2_timestamp_fields_spec.rb +57 -0
  793. data/spec/models/v2_trigger_spec.rb +12 -0
  794. data/spec/models/webhooktrigger_api_key_config_spec.rb +63 -0
  795. data/spec/models/webhooktrigger_api_request_spec.rb +81 -0
  796. data/spec/models/webhooktrigger_auth_config_spec.rb +69 -0
  797. data/spec/models/webhooktrigger_basic_auth_config_spec.rb +57 -0
  798. data/spec/models/webhooktrigger_hmac_config_spec.rb +99 -0
  799. data/spec/models/webhooktrigger_response_config_spec.rb +63 -0
  800. metadata +2408 -1715
data/lib/crimson-falcon/api/tailored_intelligence.rb ADDED
@@ -0,0 +1,373 @@
1
+ =begin
2
+ Crimson Falcon - Ruby Client SDK
3
+
4
+ Code auto-generated by OpenAPI Generator; DO NOT EDIT.
5
+
6
+ MIT License
7
+
8
+ Copyright (c) 2023 Crowdstrike
9
+
10
+ Permission is hereby granted, free of charge, to any person obtaining a copy
11
+ of this software and associated documentation files (the "Software"), to deal
12
+ in the Software without restriction, including without limitation the rights
13
+ to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
14
+ copies of the Software, and to permit persons to whom the Software is
15
+ furnished to do so, subject to the following conditions:
16
+
17
+ The above copyright notice and this permission notice shall be included in all
18
+ copies or substantial portions of the Software.
19
+
20
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
21
+ IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
22
+ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
23
+ AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
24
+ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
25
+ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
26
+ SOFTWARE.
27
+
28
+ =end
29
+
30
+ require 'cgi'
31
+
32
+ module Falcon
33
+ class TailoredIntelligence
34
+ attr_accessor :api_client
35
+
36
+ def initialize(api_client = ApiClient.default)
37
+ @api_client = api_client
38
+ end
39
+ # Get event body for the provided event ID
40
+ # @param id [String] Return the event body for event id.
41
+ # @param [Hash] opts the optional parameters
42
+ # @return [Array<Integer>]
43
+ def get_events_body(id, opts = {})
44
+ data, _status_code, _headers = get_events_body_with_http_info(id, opts)
45
+ data
46
+ end
47
+
48
+ # Get event body for the provided event ID
49
+ # @param id [String] Return the event body for event id.
50
+ # @param [Hash] opts the optional parameters
51
+ # @return [Array<(Array<Integer>, Integer, Hash)>] Array<Integer> data, response status code and response headers
52
+ def get_events_body_with_http_info(id, opts = {})
53
+ if @api_client.config.debugging
54
+ @api_client.config.logger.debug 'Calling API: TailoredIntelligence.get_events_body ...'
55
+ end
56
+ # verify the required parameter 'id' is set
57
+ if @api_client.config.client_side_validation && id.nil?
58
+ fail ArgumentError, "Missing the required parameter 'id' when calling TailoredIntelligence.get_events_body"
59
+ end
60
+ # resource path
61
+ local_var_path = '/ti/events/entities/events-full-body/v2'
62
+
63
+ # query parameters
64
+ query_params = opts[:query_params] || {}
65
+ query_params[:'id'] = id
66
+
67
+ # header parameters
68
+ header_params = opts[:header_params] || {}
69
+ # HTTP header 'Accept' (if needed)
70
+ header_params['Accept'] = @api_client.select_header_accept(['application/octet-stream'])
71
+
72
+ # form parameters
73
+ form_params = opts[:form_params] || {}
74
+
75
+ # http body (model)
76
+ post_body = opts[:debug_body]
77
+
78
+ # return_type
79
+ return_type = opts[:debug_return_type] || 'Array<Integer>'
80
+
81
+ # auth_names
82
+ auth_names = opts[:debug_auth_names] || ['oauth2']
83
+
84
+ new_options = opts.merge(
85
+ :operation => :"TailoredIntelligence.get_events_body",
86
+ :header_params => header_params,
87
+ :query_params => query_params,
88
+ :form_params => form_params,
89
+ :body => post_body,
90
+ :auth_names => auth_names,
91
+ :return_type => return_type
92
+ )
93
+
94
+ data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
95
+ if @api_client.config.debugging
96
+ @api_client.config.logger.debug "API called: TailoredIntelligence#get_events_body\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
97
+ end
98
+ return data, status_code, headers
99
+ end
100
+
101
+ # Get events entities for specified ids.
102
+ # @param body [MsaIdsRequest]
103
+ # @param [Hash] opts the optional parameters
104
+ # @return [DomainEventEntitiesResponse]
105
+ def get_events_entities(body, opts = {})
106
+ data, _status_code, _headers = get_events_entities_with_http_info(body, opts)
107
+ data
108
+ end
109
+
110
+ # Get events entities for specified ids.
111
+ # @param body [MsaIdsRequest]
112
+ # @param [Hash] opts the optional parameters
113
+ # @return [Array<(DomainEventEntitiesResponse, Integer, Hash)>] DomainEventEntitiesResponse data, response status code and response headers
114
+ def get_events_entities_with_http_info(body, opts = {})
115
+ if @api_client.config.debugging
116
+ @api_client.config.logger.debug 'Calling API: TailoredIntelligence.get_events_entities ...'
117
+ end
118
+ # verify the required parameter 'body' is set
119
+ if @api_client.config.client_side_validation && body.nil?
120
+ fail ArgumentError, "Missing the required parameter 'body' when calling TailoredIntelligence.get_events_entities"
121
+ end
122
+ # resource path
123
+ local_var_path = '/ti/events/entities/events/GET/v2'
124
+
125
+ # query parameters
126
+ query_params = opts[:query_params] || {}
127
+
128
+ # header parameters
129
+ header_params = opts[:header_params] || {}
130
+ # HTTP header 'Accept' (if needed)
131
+ header_params['Accept'] = @api_client.select_header_accept(['application/json'])
132
+ # HTTP header 'Content-Type'
133
+ content_type = @api_client.select_header_content_type(['application/json'])
134
+ if !content_type.nil?
135
+ header_params['Content-Type'] = content_type
136
+ end
137
+
138
+ # form parameters
139
+ form_params = opts[:form_params] || {}
140
+
141
+ # http body (model)
142
+ post_body = opts[:debug_body] || @api_client.object_to_http_body(body)
143
+
144
+ # return_type
145
+ return_type = opts[:debug_return_type] || 'DomainEventEntitiesResponse'
146
+
147
+ # auth_names
148
+ auth_names = opts[:debug_auth_names] || ['oauth2']
149
+
150
+ new_options = opts.merge(
151
+ :operation => :"TailoredIntelligence.get_events_entities",
152
+ :header_params => header_params,
153
+ :query_params => query_params,
154
+ :form_params => form_params,
155
+ :body => post_body,
156
+ :auth_names => auth_names,
157
+ :return_type => return_type
158
+ )
159
+
160
+ data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
161
+ if @api_client.config.debugging
162
+ @api_client.config.logger.debug "API called: TailoredIntelligence#get_events_entities\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
163
+ end
164
+ return data, status_code, headers
165
+ end
166
+
167
+ # Get rules entities for specified ids.
168
+ # @param body [MsaIdsRequest]
169
+ # @param [Hash] opts the optional parameters
170
+ # @return [DomainRuleEntitiesResponse]
171
+ def get_rules_entities(body, opts = {})
172
+ data, _status_code, _headers = get_rules_entities_with_http_info(body, opts)
173
+ data
174
+ end
175
+
176
+ # Get rules entities for specified ids.
177
+ # @param body [MsaIdsRequest]
178
+ # @param [Hash] opts the optional parameters
179
+ # @return [Array<(DomainRuleEntitiesResponse, Integer, Hash)>] DomainRuleEntitiesResponse data, response status code and response headers
180
+ def get_rules_entities_with_http_info(body, opts = {})
181
+ if @api_client.config.debugging
182
+ @api_client.config.logger.debug 'Calling API: TailoredIntelligence.get_rules_entities ...'
183
+ end
184
+ # verify the required parameter 'body' is set
185
+ if @api_client.config.client_side_validation && body.nil?
186
+ fail ArgumentError, "Missing the required parameter 'body' when calling TailoredIntelligence.get_rules_entities"
187
+ end
188
+ # resource path
189
+ local_var_path = '/ti/rules/entities/rules/GET/v2'
190
+
191
+ # query parameters
192
+ query_params = opts[:query_params] || {}
193
+
194
+ # header parameters
195
+ header_params = opts[:header_params] || {}
196
+ # HTTP header 'Accept' (if needed)
197
+ header_params['Accept'] = @api_client.select_header_accept(['application/json'])
198
+ # HTTP header 'Content-Type'
199
+ content_type = @api_client.select_header_content_type(['application/json'])
200
+ if !content_type.nil?
201
+ header_params['Content-Type'] = content_type
202
+ end
203
+
204
+ # form parameters
205
+ form_params = opts[:form_params] || {}
206
+
207
+ # http body (model)
208
+ post_body = opts[:debug_body] || @api_client.object_to_http_body(body)
209
+
210
+ # return_type
211
+ return_type = opts[:debug_return_type] || 'DomainRuleEntitiesResponse'
212
+
213
+ # auth_names
214
+ auth_names = opts[:debug_auth_names] || ['oauth2']
215
+
216
+ new_options = opts.merge(
217
+ :operation => :"TailoredIntelligence.get_rules_entities",
218
+ :header_params => header_params,
219
+ :query_params => query_params,
220
+ :form_params => form_params,
221
+ :body => post_body,
222
+ :auth_names => auth_names,
223
+ :return_type => return_type
224
+ )
225
+
226
+ data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
227
+ if @api_client.config.debugging
228
+ @api_client.config.logger.debug "API called: TailoredIntelligence#get_rules_entities\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
229
+ end
230
+ return data, status_code, headers
231
+ end
232
+
233
+ # Get events ids that match the provided filter criteria.
234
+ # @param [Hash] opts the optional parameters
235
+ # @option opts [String] :offset Starting index of overall result set from which to return ids.
236
+ # @option opts [Integer] :limit Number of ids to return.
237
+ # @option opts [String] :sort Possible order by fields: source_type, created_date, updated_date. Ex: &#39;updated_date|desc&#39;.
238
+ # @option opts [String] :filter FQL query specifying the filter parameters. Special value &#39;*&#39; means to not filter on anything.
239
+ # @option opts [String] :q Match phrase_prefix query criteria; included fields: _all (all filter string fields indexed).
240
+ # @return [DomainQueryResponse]
241
+ def query_events(opts = {})
242
+ data, _status_code, _headers = query_events_with_http_info(opts)
243
+ data
244
+ end
245
+
246
+ # Get events ids that match the provided filter criteria.
247
+ # @param [Hash] opts the optional parameters
248
+ # @option opts [String] :offset Starting index of overall result set from which to return ids.
249
+ # @option opts [Integer] :limit Number of ids to return.
250
+ # @option opts [String] :sort Possible order by fields: source_type, created_date, updated_date. Ex: &#39;updated_date|desc&#39;.
251
+ # @option opts [String] :filter FQL query specifying the filter parameters. Special value &#39;*&#39; means to not filter on anything.
252
+ # @option opts [String] :q Match phrase_prefix query criteria; included fields: _all (all filter string fields indexed).
253
+ # @return [Array<(DomainQueryResponse, Integer, Hash)>] DomainQueryResponse data, response status code and response headers
254
+ def query_events_with_http_info(opts = {})
255
+ if @api_client.config.debugging
256
+ @api_client.config.logger.debug 'Calling API: TailoredIntelligence.query_events ...'
257
+ end
258
+ # resource path
259
+ local_var_path = '/ti/events/queries/events/v2'
260
+
261
+ # query parameters
262
+ query_params = opts[:query_params] || {}
263
+ query_params[:'offset'] = opts[:'offset'] if !opts[:'offset'].nil?
264
+ query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil?
265
+ query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
266
+ query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil?
267
+ query_params[:'q'] = opts[:'q'] if !opts[:'q'].nil?
268
+
269
+ # header parameters
270
+ header_params = opts[:header_params] || {}
271
+ # HTTP header 'Accept' (if needed)
272
+ header_params['Accept'] = @api_client.select_header_accept(['application/json'])
273
+
274
+ # form parameters
275
+ form_params = opts[:form_params] || {}
276
+
277
+ # http body (model)
278
+ post_body = opts[:debug_body]
279
+
280
+ # return_type
281
+ return_type = opts[:debug_return_type] || 'DomainQueryResponse'
282
+
283
+ # auth_names
284
+ auth_names = opts[:debug_auth_names] || ['oauth2']
285
+
286
+ new_options = opts.merge(
287
+ :operation => :"TailoredIntelligence.query_events",
288
+ :header_params => header_params,
289
+ :query_params => query_params,
290
+ :form_params => form_params,
291
+ :body => post_body,
292
+ :auth_names => auth_names,
293
+ :return_type => return_type
294
+ )
295
+
296
+ data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
297
+ if @api_client.config.debugging
298
+ @api_client.config.logger.debug "API called: TailoredIntelligence#query_events\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
299
+ end
300
+ return data, status_code, headers
301
+ end
302
+
303
+ # Get rules ids that match the provided filter criteria.
304
+ # @param [Hash] opts the optional parameters
305
+ # @option opts [String] :offset Starting index of overall result set from which to return ids.
306
+ # @option opts [Integer] :limit Number of ids to return.
307
+ # @option opts [String] :sort Possible order by fields: name, value, rule_type, customer_id, created_date, updated_date. Ex: &#39;updated_date|asc&#39;.
308
+ # @option opts [String] :filter FQL query specifying the filter parameters. Special value &#39;*&#39; means to not filter on anything.
309
+ # @option opts [String] :q Match phrase_prefix query criteria; included fields: _all (all filter string fields indexed).
310
+ # @return [DomainQueryResponse]
311
+ def query_rules(opts = {})
312
+ data, _status_code, _headers = query_rules_with_http_info(opts)
313
+ data
314
+ end
315
+
316
+ # Get rules ids that match the provided filter criteria.
317
+ # @param [Hash] opts the optional parameters
318
+ # @option opts [String] :offset Starting index of overall result set from which to return ids.
319
+ # @option opts [Integer] :limit Number of ids to return.
320
+ # @option opts [String] :sort Possible order by fields: name, value, rule_type, customer_id, created_date, updated_date. Ex: &#39;updated_date|asc&#39;.
321
+ # @option opts [String] :filter FQL query specifying the filter parameters. Special value &#39;*&#39; means to not filter on anything.
322
+ # @option opts [String] :q Match phrase_prefix query criteria; included fields: _all (all filter string fields indexed).
323
+ # @return [Array<(DomainQueryResponse, Integer, Hash)>] DomainQueryResponse data, response status code and response headers
324
+ def query_rules_with_http_info(opts = {})
325
+ if @api_client.config.debugging
326
+ @api_client.config.logger.debug 'Calling API: TailoredIntelligence.query_rules ...'
327
+ end
328
+ # resource path
329
+ local_var_path = '/ti/rules/queries/rules/v2'
330
+
331
+ # query parameters
332
+ query_params = opts[:query_params] || {}
333
+ query_params[:'offset'] = opts[:'offset'] if !opts[:'offset'].nil?
334
+ query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil?
335
+ query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
336
+ query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil?
337
+ query_params[:'q'] = opts[:'q'] if !opts[:'q'].nil?
338
+
339
+ # header parameters
340
+ header_params = opts[:header_params] || {}
341
+ # HTTP header 'Accept' (if needed)
342
+ header_params['Accept'] = @api_client.select_header_accept(['application/json'])
343
+
344
+ # form parameters
345
+ form_params = opts[:form_params] || {}
346
+
347
+ # http body (model)
348
+ post_body = opts[:debug_body]
349
+
350
+ # return_type
351
+ return_type = opts[:debug_return_type] || 'DomainQueryResponse'
352
+
353
+ # auth_names
354
+ auth_names = opts[:debug_auth_names] || ['oauth2']
355
+
356
+ new_options = opts.merge(
357
+ :operation => :"TailoredIntelligence.query_rules",
358
+ :header_params => header_params,
359
+ :query_params => query_params,
360
+ :form_params => form_params,
361
+ :body => post_body,
362
+ :auth_names => auth_names,
363
+ :return_type => return_type
364
+ )
365
+
366
+ data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
367
+ if @api_client.config.debugging
368
+ @api_client.config.logger.debug "API called: TailoredIntelligence#query_rules\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
369
+ end
370
+ return data, status_code, headers
371
+ end
372
+ end
373
+ end
data/lib/crimson-falcon/api/threatgraph.rb CHANGED
@@ -74,7 +74,7 @@ module Falcon
74
74
  fail ArgumentError, "Missing the required parameter 'edge_type' when calling Threatgraph.combined_edges_get"
75
75
  end
76
76
  # verify enum value
77
- allowable_values = ["attributed_by_process", "invalidated_by_process", "queried_on_customer", "connected_from_process", "triggering_domain", "has_attributed_process", "generated_failed_authentication_to_azure_app", "protected_by_shield", "associated_by_ip6", "macro_executed_by_process", "queried_on_sensor", "created_quarantined_file", "user", "generated_ldap_search_against_dc", "quarantined_file", "connected_to_accessory", "self_diagnostic_to_agent", "failed_to_authenticate_to_adfs_app", "network_close_ip4", "implicated_sensor", "ipv4_listen", "created_by_user", "failed_to_authenticate_to_azure_app", "wrote_module", "accessed_azure_application", "queried_dns", "connected_ip4", "trigger_process", "known_by_sha256", "attributed_on", "invalidated_firewall_rule", "associated_by_service_ticket", "closed_ip6_socket", "triggering_network", "attributed_from_module", "set_rule", "generated_failed_authentication_to_adfs_app", "involved_service_account", "disconnected_from_host", "set_firewall_rule", "reports_aggregate_indicator", "deleted_rule", "registered_by_incident", "triggered_indicator", "dns", "associated_vmware_sensor", "ipv6", "associated_module", "uninstalled_app", "network_listen_ip6", "accessed_ping_fed_application", "duplicates_app", "associated_idp_indicator", "generated_failed_authentication_to_service_account", "accessed_ad_computer", "generated_dce_rpc_request_against_dc", "opened_ip6_socket", "cert_is_presented_by", "renewed_to_generate", "associated_by_aggregate_indicator", "invalid_from_process", "installed_by_app", "device", "customer_user_to_sensor_user", "resolved_from_domain", "associated_by_certificate", "member_of_full_command_line", "connected_on_customer", "established_session", "established_on_ip4", "generated_by_renewing", "blocked_module", "wmicreated_process", "ipv6_listen", "initiated_by_azure_ad_user", "initiated_by_user", "connection_killed_by_app", "duplicated_by_app", "registered_scheduledtask", "associated_by_ip", "child_process", "parent_process", "attributed_to", "ip6_socket_closed_by_process", "invalid_firewall_rule", "created_by_process", "triggered_by_control_graph", "associated_by_azure_app", "generated_dce_rpc_epm_request_against_dc", "network_listen_ip4", "ip4_socket_closed_by_app", "killed_ip4_connection", "customer_agent_has_user", "connected_from_app", "assigned_to_sensor", "associated_k8s_sensor", "connection_killed_by_process", "injected_code_into_process", "generated_failed_authentication_to_okta_app", "extracted_file", "associated_quarantined_module", "witnessed_process", "blocked_by_sensor", "associated_by_incident", "unmounted_on_host", "executed_macro_script", "associated_by_app", "ipv4", "containerized_app", "connected_to_wifi_ap", "associated_with_sensor", "user_session", "loaded_module", "blocked_by_app", "denied_by_process", "failed_to_authenticate_ad_user", "presented_by_cloud", "denied_firewall_rule", "ipv6_close", "bundles_module", "established_on_sensor", "accessed_okta_application", "attributed_from_domain", "blocked_dns", "accessed_adfs_application", "customer_has_sensor", "assigned_ipv4_address", "dns_request", "primary_module_of_process", "initiated_by_okta_user", "allowed_firewall_rule", "established_on_ip6", "network_connect_ip4", "created_by_incident", "cert_presented", "associated_user_session", "resolved_to_ip6", "unmounted_from_host", "module_written", "customer_ioc", "authenticated_from_incident", "ip4_socket_opened_by_process", "control_graph", "accessed_service_account", "queried_by_process", "linking_event", "implicated_by_incident", "associated_to_ad_computer", "set_by_process", "primary_module", "associated_by_ad_group", "connected_from_host", "assigned_ipv6_address", "ip6_socket_opened_by_process", "associated_by_indicator", "ipv4_close", "denied_by_firewall_rule", "parent_of_command_line", "uncontainerized_by_sensor", "associated_by_control_graph", "associated_by_idp_session", "shield_activated_on_host", "failed_to_authenticate_to_service_account", "attributed_on_module", "script", "disconnected_from_accessory", "opened_ip4_socket", "attributed_on_domain", "rule_set_by_process", "customer_sensor_to_sensor", "allowed_by_process", "blocked_ip6", "mounted_on_host", "loaded_by_process", "associated_mobile_indicator", "generated_by_session", "network_close_ip6", "triggered_mobile_indicator", "authenticated_host", "module", "closed_ip4_socket", "initiated_by_ad_computer", "network_connect_ip6", "rooted_control_graph", "established_on_host_name", "associated_by_ad_computer", "connected_on_sensor", "established_on_ad_computer", "deleted_by_process", "associated_vmware_cluster", "accessed_by_session", "known_by_md5", "indexed", "executed_by_process", "associated_indicator", "failed_to_authenticate_to_ping_app", "command_line_parent_process", "created_service", "associated_firewall_rule", "associated_incident", "associated_by_azure_ad_user", "ip6_socket_closed_by_app", "associated_by_domain", "generated_failed_authentication_to_ping_app", "received_from_cloud", "associated_k8s_cluster", "generated_failed_authentication_to_ad_computer", "performed_psexec_against_dc", "accessed_by_kerberos_ticket", "detected_module", "wmicreated_by_incident", "associated_by_okta_user", "executed_script", "associated_root_process", "disconnect_from_wifi_ap", "associated_by_host", "killed_ip6_connection", "associated_mobile_forensics_report", "has_app_installed", "attributed_to_actor", "app_uninstalled_from_host", "failed_to_authenticate_to_ad_computer", "installed_on_host", "associated_primary_module", "parented_by_process", "associated_by_ad_user", "uncontainerized_app", "mounted_to_host", "has_attribution", "blocked_by_process", "triggered_xdr", "detection", "connected_ip6", "triggered_control_graph", "queried_by_sensor", "ip4_socket_closed_by_process", "executed_app", "has_firmware", "associated_by_ip4", "installed_app", "injected_thread", "containerized_by_sensor", "witnessed_by_sensor", "resolved_to_ip4", "associated_control_graph", "associated_quarantined_file", "blocked_ip4", "associated_by_host_name", "participating_process", "bundled_in_app", "had_code_injected_by_process", "established_user_session", "failed_to_authenticate_to_okta_app", "triggered_detection", "initiated_session", "injected_thread_from_process", "generated_service_ticket", "triggered_by_process", "associated_to_sensor", "written_by_process", "associated_with_process", "shell_io_redirect", "agent_to_self_diagnostic", "involved_ad_computer"]
77
+ allowable_values = ["accessed_ad_computer", "accessed_adfs_application", "accessed_azure_application", "accessed_by_kerberos_ticket", "accessed_by_process", "accessed_by_session", "accessed_okta_application", "accessed_ping_fed_application", "accessed_service_account", "accessed_web", "agent_to_self_diagnostic", "allowed_by_process", "allowed_firewall_rule", "app_uninstalled_from_host", "assigned_ipv4_address", "assigned_ipv6_address", "assigned_to_sensor", "associated_by_ad_computer", "associated_by_ad_group", "associated_by_ad_user", "associated_by_aggregate_indicator", "associated_by_app", "associated_by_azure_ad_user", "associated_by_azure_app", "associated_by_certificate", "associated_by_control_graph", "associated_by_domain", "associated_by_host", "associated_by_host_name", "associated_by_idp_session", "associated_by_incident", "associated_by_indicator", "associated_by_ip", "associated_by_ip4", "associated_by_ip6", "associated_by_okta_user", "associated_by_service_ticket", "associated_control_graph", "associated_firewall_rule", "associated_idp_indicator", "associated_incident", "associated_indicator", "associated_k8s_cluster", "associated_k8s_sensor", "associated_mobile_forensics_report", "associated_mobile_indicator", "associated_module", "associated_primary_module", "associated_quarantined_file", "associated_quarantined_module", "associated_root_process", "associated_to_ad_computer", "associated_to_sensor", "associated_user_session", "associated_vmware_cluster", "associated_vmware_sensor", "associated_with_process", "associated_with_sensor", "attributed_by_process", "attributed_from_domain", "attributed_from_module", "attributed_on", "attributed_on_domain", "attributed_on_module", "attributed_to", "attributed_to_actor", "authenticated_from_incident", "authenticated_host", "blocked_by_app", "blocked_by_process", "blocked_by_sensor", "blocked_dns", "blocked_ip4", "blocked_ip6", "blocked_module", "bundled_in_app", "bundles_module", "cert_is_presented_by", "cert_presented", "child_process", "closed_ip4_socket", "closed_ip6_socket", "command_line_parent_process", "connected_from_app", "connected_from_host", "connected_from_process", "connected_ip4", "connected_ip6", "connected_on_customer", "connected_on_sensor", "connected_to_accessory", "connected_to_wifi_ap", "connection_killed_by_app", "connection_killed_by_process", "containerized_app", "containerized_by_sensor", "control_graph", "created_by_incident", "created_by_process", "created_by_user", "created_quarantined_file", "created_service", "customer_agent_has_user", "customer_has_sensor", "customer_ioc", "customer_sensor_to_sensor", "customer_user_to_sensor_user", "deleted_by_process", "deleted_rule", "denied_by_firewall_rule", "denied_by_process", "denied_firewall_rule", "detected_module", "detection", "device", "disconnect_from_wifi_ap", "disconnected_from_accessory", "disconnected_from_host", "dns", "dns_request", "duplicated_by_app", "duplicates_app", "established_on_ad_computer", "established_on_host_name", "established_on_ip4", "established_on_ip6", "established_on_sensor", "established_session", "established_user_session", "executed_app", "executed_by_process", "executed_macro_script", "executed_script", "extracted_file", "failed_to_authenticate_ad_user", "failed_to_authenticate_to_ad_computer", "failed_to_authenticate_to_adfs_app", "failed_to_authenticate_to_azure_app", "failed_to_authenticate_to_okta_app", "failed_to_authenticate_to_ping_app", "failed_to_authenticate_to_service_account", "generated_by_renewing", "generated_by_session", "generated_dce_rpc_epm_request_against_dc", "generated_dce_rpc_request_against_dc", "generated_failed_authentication_to_ad_computer", "generated_failed_authentication_to_adfs_app", "generated_failed_authentication_to_azure_app", "generated_failed_authentication_to_okta_app", "generated_failed_authentication_to_ping_app", "generated_failed_authentication_to_service_account", "generated_ldap_search_against_dc", "generated_service_ticket", "had_code_injected_by_process", "has_app_installed", "has_attributed_process", "has_attribution", "has_firmware", "implicated_by_incident", "implicated_sensor", "indexed", "initiated_by_ad_computer", "initiated_by_azure_ad_user", "initiated_by_okta_user", "initiated_by_user", "initiated_session", "injected_code_into_process", "injected_thread", "injected_thread_from_process", "installed_app", "installed_by_app", "installed_on_host", "invalid_firewall_rule", "invalid_from_process", "invalidated_by_process", "invalidated_firewall_rule", "involved_ad_computer", "involved_service_account", "ip4_socket_closed_by_app", "ip4_socket_closed_by_process", "ip4_socket_opened_by_process", "ip6_socket_closed_by_app", "ip6_socket_closed_by_process", "ip6_socket_opened_by_process", "ipv4", "ipv4_close", "ipv4_listen", "ipv6", "ipv6_close", "ipv6_listen", "killed_ip4_connection", "killed_ip6_connection", "known_by_md5", "known_by_sha256", "linking_event", "loaded_by_process", "loaded_module", "macro_executed_by_process", "member_of_full_command_line", "module", "module_written", "mounted_on_host", "mounted_to_host", "network_close_ip4", "network_close_ip6", "network_connect_ip4", "network_connect_ip6", "network_listen_ip4", "network_listen_ip6", "opened_ip4_socket", "opened_ip6_socket", "parent_of_command_line", "parent_process", "parented_by_process", "participating_process", "performed_psexec_against_dc", "presented_by_cloud", "primary_module", "primary_module_of_process", "protected_by_shield", "quarantined_file", "queried_by_process", "queried_by_sensor", "queried_dns", "queried_on_customer", "queried_on_sensor", "received_from_cloud", "registered_by_incident", "registered_scheduledtask", "renewed_to_generate", "reports_aggregate_indicator", "resolved_from_domain", "resolved_to_ip4", "resolved_to_ip6", "rooted_control_graph", "rule_set_by_process", "script", "self_diagnostic_to_agent", "set_by_process", "set_firewall_rule", "set_rule", "shell_io_redirect", "shield_activated_on_host", "trigger_process", "triggered_by_control_graph", "triggered_by_process", "triggered_control_graph", "triggered_detection", "triggered_indicator", "triggered_mobile_indicator", "triggered_xdr", "triggering_domain", "triggering_network", "uncontainerized_app", "uncontainerized_by_sensor", "uninstalled_app", "unmounted_from_host", "unmounted_on_host", "user", "user_session", "witnessed_by_sensor", "witnessed_process", "wmicreated_by_incident", "wmicreated_process", "written_by_process", "wrote_module"]
78
78
  if @api_client.config.client_side_validation && !allowable_values.include?(edge_type)
79
79
  fail ArgumentError, "invalid value for \"edge_type\", must be one of #{allowable_values}"
80
80
  end
@@ -248,7 +248,7 @@ module Falcon
248
248
  fail ArgumentError, "Missing the required parameter 'vertex_type' when calling Threatgraph.combined_summary_get"
249
249
  end
250
250
  # verify enum value
251
- allowable_values = ["accessory", "accessories", "actor", "ad_computer", "ad-computers", "adfs_application", "adfs-applications", "ad_group", "ad-groups", "aggregate_indicator", "aggregate-indicators", "sensor", "devices", "mobile_app", "mobile-apps", "azure_application", "azure-applications", "azure_ad_user", "azure-ad-users", "containerized_app", "containerized-apps", "certificate", "certificates", "command_line", "command-lines", "control_graph", "control-graphs", "detection", "detections", "domain", "domains", "extracted_file", "extracted-files", "firmware", "firmwares", "mobile_fs_volume", "mobile-fs-volumes", "firewall", "firewalls", "firewall_rule_match", "firewall_rule_matches", "host_name", "host-names", "detection_index", "detection-indices", "idp_indicator", "idp-indicators", "idp_session", "idp-sessions", "incident", "incidents", "indicator", "indicators", "ipv4", "ipv6", "k8s_cluster", "k8s_clusters", "legacy_detection", "legacy-detections", "mobile_os_forensics_report", "mobile_os_forensics_reports", "mobile_indicator", "mobile-indicators", "module", "modules", "macro_script", "macro_scripts", "okta_application", "okta-applications", "okta_user", "okta-users", "process", "processes", "ping_fed_application", "ping-fed-applications", "quarantined_file", "quarantined-files", "script", "scripts", "shield", "shields", "sensor_self_diagnostic", "sensor-self-diagnostics", "kerberos_ticket", "kerberos-tickets", "user_id", "users", "user_session", "user-sessions", "vmware_cluster", "vmware_clusters", "wifi_access_point", "wifi-access-points", "xdr", "any-vertex"]
251
+ allowable_values = ["accessory", "accessories", "actor", "ad_computer", "ad-computers", "adfs_application", "adfs-applications", "ad_group", "ad-groups", "aggregate_indicator", "aggregate-indicators", "sensor", "devices", "mobile_app", "mobile-apps", "azure_application", "azure-applications", "azure_ad_user", "azure-ad-users", "containerized_app", "containerized-apps", "certificate", "certificates", "command_line", "command-lines", "control_graph", "control-graphs", "detection", "detections", "domain", "domains", "extracted_file", "extracted-files", "firmware", "firmwares", "mobile_fs_volume", "mobile-fs-volumes", "firewall", "firewalls", "firewall_rule_match", "firewall_rule_matches", "host_name", "host-names", "detection_index", "detection-indices", "idp_indicator", "idp-indicators", "idp_session", "idp-sessions", "incident", "incidents", "indicator", "indicators", "ipv4", "ipv6", "k8s_cluster", "k8s_clusters", "legacy_detection", "legacy-detections", "mobile_os_forensics_report", "mobile_os_forensics_reports", "mobile_indicator", "mobile-indicators", "module", "modules", "macro_script", "macro_scripts", "okta_application", "okta-applications", "okta_user", "okta-users", "process", "processes", "ping_fed_application", "ping-fed-applications", "quarantined_file", "quarantined-files", "script", "scripts", "shield", "shields", "sensor_self_diagnostic", "sensor-self-diagnostics", "kerberos_ticket", "kerberos-tickets", "user_id", "users", "user_session", "user-sessions", "vmware_cluster", "vmware_clusters", "web_access", "wifi_access_point", "wifi-access-points", "xdr", "any-vertex"]
252
252
  if @api_client.config.client_side_validation && !allowable_values.include?(vertex_type)
253
253
  fail ArgumentError, "invalid value for \"vertex_type\", must be one of #{allowable_values}"
254
254
  end
@@ -335,7 +335,7 @@ module Falcon
335
335
  fail ArgumentError, "Missing the required parameter 'vertex_type' when calling Threatgraph.entities_vertices_get"
336
336
  end
337
337
  # verify enum value
338
- allowable_values = ["accessory", "accessories", "actor", "ad_computer", "ad-computers", "adfs_application", "adfs-applications", "ad_group", "ad-groups", "aggregate_indicator", "aggregate-indicators", "sensor", "devices", "mobile_app", "mobile-apps", "azure_application", "azure-applications", "azure_ad_user", "azure-ad-users", "containerized_app", "containerized-apps", "certificate", "certificates", "command_line", "command-lines", "control_graph", "control-graphs", "detection", "detections", "domain", "domains", "extracted_file", "extracted-files", "firmware", "firmwares", "mobile_fs_volume", "mobile-fs-volumes", "firewall", "firewalls", "firewall_rule_match", "firewall_rule_matches", "host_name", "host-names", "detection_index", "detection-indices", "idp_indicator", "idp-indicators", "idp_session", "idp-sessions", "incident", "incidents", "indicator", "indicators", "ipv4", "ipv6", "k8s_cluster", "k8s_clusters", "legacy_detection", "legacy-detections", "mobile_os_forensics_report", "mobile_os_forensics_reports", "mobile_indicator", "mobile-indicators", "module", "modules", "macro_script", "macro_scripts", "okta_application", "okta-applications", "okta_user", "okta-users", "process", "processes", "ping_fed_application", "ping-fed-applications", "quarantined_file", "quarantined-files", "script", "scripts", "shield", "shields", "sensor_self_diagnostic", "sensor-self-diagnostics", "kerberos_ticket", "kerberos-tickets", "user_id", "users", "user_session", "user-sessions", "vmware_cluster", "vmware_clusters", "wifi_access_point", "wifi-access-points", "xdr", "any-vertex"]
338
+ allowable_values = ["accessory", "accessories", "actor", "ad_computer", "ad-computers", "adfs_application", "adfs-applications", "ad_group", "ad-groups", "aggregate_indicator", "aggregate-indicators", "sensor", "devices", "mobile_app", "mobile-apps", "azure_application", "azure-applications", "azure_ad_user", "azure-ad-users", "containerized_app", "containerized-apps", "certificate", "certificates", "command_line", "command-lines", "control_graph", "control-graphs", "detection", "detections", "domain", "domains", "extracted_file", "extracted-files", "firmware", "firmwares", "mobile_fs_volume", "mobile-fs-volumes", "firewall", "firewalls", "firewall_rule_match", "firewall_rule_matches", "host_name", "host-names", "detection_index", "detection-indices", "idp_indicator", "idp-indicators", "idp_session", "idp-sessions", "incident", "incidents", "indicator", "indicators", "ipv4", "ipv6", "k8s_cluster", "k8s_clusters", "legacy_detection", "legacy-detections", "mobile_os_forensics_report", "mobile_os_forensics_reports", "mobile_indicator", "mobile-indicators", "module", "modules", "macro_script", "macro_scripts", "okta_application", "okta-applications", "okta_user", "okta-users", "process", "processes", "ping_fed_application", "ping-fed-applications", "quarantined_file", "quarantined-files", "script", "scripts", "shield", "shields", "sensor_self_diagnostic", "sensor-self-diagnostics", "kerberos_ticket", "kerberos-tickets", "user_id", "users", "user_session", "user-sessions", "vmware_cluster", "vmware_clusters", "web_access", "wifi_access_point", "wifi-access-points", "xdr", "any-vertex"]
339
339
  if @api_client.config.client_side_validation && !allowable_values.include?(vertex_type)
340
340
  fail ArgumentError, "invalid value for \"vertex_type\", must be one of #{allowable_values}"
341
341
  end
@@ -422,7 +422,7 @@ module Falcon
422
422
  fail ArgumentError, "Missing the required parameter 'vertex_type' when calling Threatgraph.entities_vertices_getv2"
423
423
  end
424
424
  # verify enum value
425
- allowable_values = ["accessory", "accessories", "actor", "ad_computer", "ad-computers", "adfs_application", "adfs-applications", "ad_group", "ad-groups", "aggregate_indicator", "aggregate-indicators", "sensor", "devices", "mobile_app", "mobile-apps", "azure_application", "azure-applications", "azure_ad_user", "azure-ad-users", "containerized_app", "containerized-apps", "certificate", "certificates", "command_line", "command-lines", "control_graph", "control-graphs", "detection", "detections", "domain", "domains", "extracted_file", "extracted-files", "firmware", "firmwares", "mobile_fs_volume", "mobile-fs-volumes", "firewall", "firewalls", "firewall_rule_match", "firewall_rule_matches", "host_name", "host-names", "detection_index", "detection-indices", "idp_indicator", "idp-indicators", "idp_session", "idp-sessions", "incident", "incidents", "indicator", "indicators", "ipv4", "ipv6", "k8s_cluster", "k8s_clusters", "legacy_detection", "legacy-detections", "mobile_os_forensics_report", "mobile_os_forensics_reports", "mobile_indicator", "mobile-indicators", "module", "modules", "macro_script", "macro_scripts", "okta_application", "okta-applications", "okta_user", "okta-users", "process", "processes", "ping_fed_application", "ping-fed-applications", "quarantined_file", "quarantined-files", "script", "scripts", "shield", "shields", "sensor_self_diagnostic", "sensor-self-diagnostics", "kerberos_ticket", "kerberos-tickets", "user_id", "users", "user_session", "user-sessions", "vmware_cluster", "vmware_clusters", "wifi_access_point", "wifi-access-points", "xdr", "any-vertex"]
425
+ allowable_values = ["accessory", "accessories", "actor", "ad_computer", "ad-computers", "adfs_application", "adfs-applications", "ad_group", "ad-groups", "aggregate_indicator", "aggregate-indicators", "sensor", "devices", "mobile_app", "mobile-apps", "azure_application", "azure-applications", "azure_ad_user", "azure-ad-users", "containerized_app", "containerized-apps", "certificate", "certificates", "command_line", "command-lines", "control_graph", "control-graphs", "detection", "detections", "domain", "domains", "extracted_file", "extracted-files", "firmware", "firmwares", "mobile_fs_volume", "mobile-fs-volumes", "firewall", "firewalls", "firewall_rule_match", "firewall_rule_matches", "host_name", "host-names", "detection_index", "detection-indices", "idp_indicator", "idp-indicators", "idp_session", "idp-sessions", "incident", "incidents", "indicator", "indicators", "ipv4", "ipv6", "k8s_cluster", "k8s_clusters", "legacy_detection", "legacy-detections", "mobile_os_forensics_report", "mobile_os_forensics_reports", "mobile_indicator", "mobile-indicators", "module", "modules", "macro_script", "macro_scripts", "okta_application", "okta-applications", "okta_user", "okta-users", "process", "processes", "ping_fed_application", "ping-fed-applications", "quarantined_file", "quarantined-files", "script", "scripts", "shield", "shields", "sensor_self_diagnostic", "sensor-self-diagnostics", "kerberos_ticket", "kerberos-tickets", "user_id", "users", "user_session", "user-sessions", "vmware_cluster", "vmware_clusters", "web_access", "wifi_access_point", "wifi-access-points", "xdr", "any-vertex"]
426
426
  if @api_client.config.client_side_validation && !allowable_values.include?(vertex_type)
427
427
  fail ArgumentError, "invalid value for \"vertex_type\", must be one of #{allowable_values}"
428
428
  end