crimson-falcon 1.0.1 → 1.1.0

data/spec/api/kubernetes_protection_spec.rb

@@ -99,7 +99,7 @@ describe 'KubernetesProtection' do
   # @option opts [Integer] :limit The upper-bound on the number of records to retrieve.
   # @option opts [Integer] :offset The offset from where to begin.
   # @option opts [String] :sort The fields to sort the records on.
-  # @option opts [String] :filter Retrieve count of Kubernetes containers that match a query in Falcon Query Language (FQL). Supported filter fields: - `agent_id` - `agent_type` - `allow_privilege_escalation` - `cid` - `cloud_account_id` - `cloud_instance_id` - `cloud_name` - `cloud_region` - `cloud_service` - `cluster_id` - `cluster_name` - `container_id` - `container_image_id` - `container_name` - `cve_id` - `detection_name` - `first_seen` - `image_detection_count` - `image_digest` - `image_has_been_assessed` - `image_id` - `image_registry` - `image_repository` - `image_tag` - `image_vulnerability_count` - `insecure_mount_source` - `insecure_mount_type` - `insecure_propagation_mode` - `interactive_mode` - `ipv4` - `ipv6` - `kac_agent_id` - `labels` - `last_seen` - `namespace` - `node_name` - `node_uid` - `package_name_version` - `pod_id` - `pod_name` - `port` - `privileged` - `root_write_access` - `run_as_root_group` - `run_as_root_user` - `running_status`
+  # @option opts [String] :filter Retrieve count of Kubernetes containers that match a query in Falcon Query Language (FQL). Supported filter fields: - `agent_id` - `agent_type` - `ai_related` - `allow_privilege_escalation` - `app_name` - `cid` - `cloud_account_id` - `cloud_instance_id` - `cloud_name` - `cloud_region` - `cloud_service` - `cluster_id` - `cluster_name` - `container_id` - `container_image_id` - `container_name` - `cve_id` - `detection_name` - `first_seen` - `image_detection_count` - `image_digest` - `image_has_been_assessed` - `image_id` - `image_registry` - `image_repository` - `image_tag` - `image_vulnerability_count` - `insecure_mount_source` - `insecure_mount_type` - `insecure_propagation_mode` - `interactive_mode` - `ipv4` - `ipv6` - `kac_agent_id` - `labels` - `last_seen` - `namespace` - `node_name` - `node_uid` - `package_name_version` - `pod_id` - `pod_name` - `port` - `privileged` - `root_write_access` - `run_as_root_group` - `run_as_root_user` - `running_status`
   # @return [ModelsContainerRuntimePivotResponse]
   describe 'find_containers_by_container_run_time_version test' do
     it 'should work' do
@@ -240,7 +240,7 @@ describe 'KubernetesProtection' do
   # unit tests for group_containers_by_managed
   # Group the containers by Managed
   # @param [Hash] opts the optional parameters
-  # @option opts [String] :filter Retrieve count of Kubernetes containers that match a query in Falcon Query Language (FQL). Supported filter fields: - `agent_id` - `allow_privilege_escalation` - `cid` - `cloud_account_id` - `cloud_instance_id` - `cloud_name` - `cloud_region` - `cloud_service` - `cluster_id` - `cluster_name` - `container_id` - `container_image_id` - `container_name` - `cve_id` - `detection_name` - `first_seen` - `image_detection_count` - `image_digest` - `image_has_been_assessed` - `image_id` - `image_registry` - `image_repository` - `image_tag` - `image_vulnerability_count` - `insecure_mount_source` - `insecure_mount_type` - `insecure_propagation_mode` - `interactive_mode` - `ipv4` - `ipv6` - `kac_agent_id` - `labels` - `last_seen` - `namespace` - `node_name` - `node_uid` - `pod_id` - `pod_name` - `port` - `privileged` - `root_write_access` - `run_as_root_group` - `run_as_root_user` - `running_status`
+  # @option opts [String] :filter Retrieve count of Kubernetes containers that match a query in Falcon Query Language (FQL). Supported filter fields: - `agent_id` - `ai_related` - `allow_privilege_escalation` - `app_name` - `cid` - `cloud_account_id` - `cloud_instance_id` - `cloud_name` - `cloud_region` - `cloud_service` - `cluster_id` - `cluster_name` - `container_id` - `container_image_id` - `container_name` - `cve_id` - `detection_name` - `first_seen` - `image_detection_count` - `image_digest` - `image_has_been_assessed` - `image_id` - `image_registry` - `image_repository` - `image_tag` - `image_vulnerability_count` - `insecure_mount_source` - `insecure_mount_type` - `insecure_propagation_mode` - `interactive_mode` - `ipv4` - `ipv6` - `kac_agent_id` - `labels` - `last_seen` - `namespace` - `node_name` - `node_uid` - `pod_id` - `pod_name` - `port` - `privileged` - `root_write_access` - `run_as_root_group` - `run_as_root_user` - `running_status`
   # @return [ModelsContainerCoverageResponseEntity]
   describe 'group_containers_by_managed test' do
     it 'should work' do
@@ -290,6 +290,21 @@ describe 'KubernetesProtection' do
     end
   end
 
+  # unit tests for read_cluster_combined_v2
+  # Maximum offset = 10000 - limit
+  # @param [Hash] opts the optional parameters
+  # @option opts [String] :filter Search Kubernetes clusters using a query in Falcon Query Language (FQL). Supported filter fields: - `access` - `agent_id` - `agent_status` - `agent_type` - `cid` - `cloud_account_id` - `cloud_name` - `cloud_region` - `cloud_service` - `cluster_id` - `cluster_name` - `cluster_status` - `container_count` - `iar_coverage` - `kac_agent_id` - `kubernetes_version` - `last_seen` - `management_status` - `node_count` - `pod_count` - `tags`
+  # @option opts [String] :sort The fields to sort the records on.
+  # @option opts [Boolean] :include_counts Flag to include node, pod and container counts in the response
+  # @option opts [Integer] :limit The upper-bound on the number of records to retrieve.
+  # @option opts [Integer] :offset The offset from where to begin.
+  # @return [V2ClusterEntityResponseV2]
+  describe 'read_cluster_combined_v2 test' do
+    it 'should work' do
+      # assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
+    end
+  end
+
   # unit tests for read_cluster_count
   # Retrieve cluster counts
   # @param [Hash] opts the optional parameters
@@ -348,7 +363,7 @@ describe 'KubernetesProtection' do
   # unit tests for read_container_combined
   # Maximum offset = 10000 - limit
   # @param [Hash] opts the optional parameters
-  # @option opts [String] :filter Search Kubernetes containers using a query in Falcon Query Language (FQL). Supported filter fields: - `agent_id` - `agent_type` - `allow_privilege_escalation` - `cid` - `cloud_account_id` - `cloud_instance_id` - `cloud_name` - `cloud_region` - `cloud_service` - `cluster_id` - `cluster_name` - `container_id` - `container_image_id` - `container_name` - `cve_id` - `detection_name` - `first_seen` - `image_detection_count` - `image_digest` - `image_has_been_assessed` - `image_id` - `image_registry` - `image_repository` - `image_tag` - `image_vulnerability_count` - `insecure_mount_source` - `insecure_mount_type` - `insecure_propagation_mode` - `interactive_mode` - `ipv4` - `ipv6` - `kac_agent_id` - `labels` - `last_seen` - `namespace` - `node_name` - `node_uid` - `package_name_version` - `pod_id` - `pod_name` - `port` - `privileged` - `root_write_access` - `run_as_root_group` - `run_as_root_user` - `running_status`
+  # @option opts [String] :filter Search Kubernetes containers using a query in Falcon Query Language (FQL). Supported filter fields: - `agent_id` - `agent_type` - `ai_related` - `allow_privilege_escalation` - `app_name` - `cid` - `cloud_account_id` - `cloud_instance_id` - `cloud_name` - `cloud_region` - `cloud_service` - `cluster_id` - `cluster_name` - `container_id` - `container_image_id` - `container_name` - `cve_id` - `detection_name` - `first_seen` - `image_detection_count` - `image_digest` - `image_has_been_assessed` - `image_id` - `image_registry` - `image_repository` - `image_tag` - `image_vulnerability_count` - `insecure_mount_source` - `insecure_mount_type` - `insecure_propagation_mode` - `interactive_mode` - `ipv4` - `ipv6` - `kac_agent_id` - `labels` - `last_seen` - `namespace` - `node_name` - `node_uid` - `package_name_version` - `pod_id` - `pod_name` - `port` - `privileged` - `root_write_access` - `run_as_root_group` - `run_as_root_user` - `running_status`
   # @option opts [String] :sort The fields to sort the records on.
   # @option opts [Integer] :limit The upper-bound on the number of records to retrieve.
   # @option opts [Integer] :offset The offset from where to begin.
@@ -362,7 +377,7 @@ describe 'KubernetesProtection' do
   # unit tests for read_container_count
   # Retrieve container counts
   # @param [Hash] opts the optional parameters
-  # @option opts [String] :filter Retrieve count of Kubernetes containers that match a query in Falcon Query Language (FQL). Supported filter fields: - `agent_id` - `agent_type` - `allow_privilege_escalation` - `cid` - `cloud_account_id` - `cloud_instance_id` - `cloud_name` - `cloud_region` - `cloud_service` - `cluster_id` - `cluster_name` - `container_id` - `container_image_id` - `container_name` - `cve_id` - `detection_name` - `first_seen` - `image_detection_count` - `image_digest` - `image_has_been_assessed` - `image_id` - `image_registry` - `image_repository` - `image_tag` - `image_vulnerability_count` - `insecure_mount_source` - `insecure_mount_type` - `insecure_propagation_mode` - `interactive_mode` - `ipv4` - `ipv6` - `kac_agent_id` - `labels` - `last_seen` - `namespace` - `node_name` - `node_uid` - `package_name_version` - `pod_id` - `pod_name` - `port` - `privileged` - `root_write_access` - `run_as_root_group` - `run_as_root_user` - `running_status`
+  # @option opts [String] :filter Retrieve count of Kubernetes containers that match a query in Falcon Query Language (FQL). Supported filter fields: - `agent_id` - `agent_type` - `ai_related` - `allow_privilege_escalation` - `app_name` - `cid` - `cloud_account_id` - `cloud_instance_id` - `cloud_name` - `cloud_region` - `cloud_service` - `cluster_id` - `cluster_name` - `container_id` - `container_image_id` - `container_name` - `cve_id` - `detection_name` - `first_seen` - `image_detection_count` - `image_digest` - `image_has_been_assessed` - `image_id` - `image_registry` - `image_repository` - `image_tag` - `image_vulnerability_count` - `insecure_mount_source` - `insecure_mount_type` - `insecure_propagation_mode` - `interactive_mode` - `ipv4` - `ipv6` - `kac_agent_id` - `labels` - `last_seen` - `namespace` - `node_name` - `node_uid` - `package_name_version` - `pod_id` - `pod_name` - `port` - `privileged` - `root_write_access` - `run_as_root_group` - `run_as_root_user` - `running_status`
   # @return [CommonCountResponse]
   describe 'read_container_count test' do
     it 'should work' do
@@ -397,7 +412,7 @@ describe 'KubernetesProtection' do
   # unit tests for read_container_image_detections_count_by_date
   # Retrieve count of image assessment detections on running containers over a period of time
   # @param [Hash] opts the optional parameters
-  # @option opts [String] :filter Retrieve count of Kubernetes containers that match a query in Falcon Query Language (FQL). Supported filter fields: - `agent_id` - `agent_type` - `allow_privilege_escalation` - `cid` - `cloud_account_id` - `cloud_instance_id` - `cloud_name` - `cloud_region` - `cloud_service` - `cluster_id` - `cluster_name` - `container_id` - `container_image_id` - `container_name` - `cve_id` - `detection_name` - `first_seen` - `image_detection_count` - `image_digest` - `image_has_been_assessed` - `image_id` - `image_registry` - `image_repository` - `image_tag` - `image_vulnerability_count` - `insecure_mount_source` - `insecure_mount_type` - `insecure_propagation_mode` - `interactive_mode` - `ipv4` - `ipv6` - `kac_agent_id` - `labels` - `last_seen` - `namespace` - `node_name` - `node_uid` - `package_name_version` - `pod_id` - `pod_name` - `port` - `privileged` - `root_write_access` - `run_as_root_group` - `run_as_root_user` - `running_status`
+  # @option opts [String] :filter Retrieve count of Kubernetes containers that match a query in Falcon Query Language (FQL). Supported filter fields: - `agent_id` - `agent_type` - `ai_related` - `allow_privilege_escalation` - `app_name` - `cid` - `cloud_account_id` - `cloud_instance_id` - `cloud_name` - `cloud_region` - `cloud_service` - `cluster_id` - `cluster_name` - `container_id` - `container_image_id` - `container_name` - `cve_id` - `detection_name` - `first_seen` - `image_detection_count` - `image_digest` - `image_has_been_assessed` - `image_id` - `image_registry` - `image_repository` - `image_tag` - `image_vulnerability_count` - `insecure_mount_source` - `insecure_mount_type` - `insecure_propagation_mode` - `interactive_mode` - `ipv4` - `ipv6` - `kac_agent_id` - `labels` - `last_seen` - `namespace` - `node_name` - `node_uid` - `package_name_version` - `pod_id` - `pod_name` - `port` - `privileged` - `root_write_access` - `run_as_root_group` - `run_as_root_user` - `running_status`
   # @return [ModelsAPIFilterResponse]
   describe 'read_container_image_detections_count_by_date test' do
     it 'should work' do
@@ -408,7 +423,7 @@ describe 'KubernetesProtection' do
   # unit tests for read_container_images_by_most_used
   # Bucket container by image-digest
   # @param [Hash] opts the optional parameters
-  # @option opts [String] :filter Retrieve count of Kubernetes containers that match a query in Falcon Query Language (FQL). Supported filter fields: - `agent_id` - `agent_type` - `allow_privilege_escalation` - `cid` - `cloud_account_id` - `cloud_instance_id` - `cloud_name` - `cloud_region` - `cloud_service` - `cluster_id` - `cluster_name` - `container_id` - `container_image_id` - `container_name` - `cve_id` - `detection_name` - `first_seen` - `image_detection_count` - `image_digest` - `image_has_been_assessed` - `image_id` - `image_registry` - `image_repository` - `image_tag` - `image_vulnerability_count` - `insecure_mount_source` - `insecure_mount_type` - `insecure_propagation_mode` - `interactive_mode` - `ipv4` - `ipv6` - `kac_agent_id` - `labels` - `last_seen` - `namespace` - `node_name` - `node_uid` - `package_name_version` - `pod_id` - `pod_name` - `port` - `privileged` - `root_write_access` - `run_as_root_group` - `run_as_root_user` - `running_status`
+  # @option opts [String] :filter Retrieve count of Kubernetes containers that match a query in Falcon Query Language (FQL). Supported filter fields: - `agent_id` - `agent_type` - `ai_related` - `allow_privilege_escalation` - `app_name` - `cid` - `cloud_account_id` - `cloud_instance_id` - `cloud_name` - `cloud_region` - `cloud_service` - `cluster_id` - `cluster_name` - `container_id` - `container_image_id` - `container_name` - `cve_id` - `detection_name` - `first_seen` - `image_detection_count` - `image_digest` - `image_has_been_assessed` - `image_id` - `image_registry` - `image_repository` - `image_tag` - `image_vulnerability_count` - `insecure_mount_source` - `insecure_mount_type` - `insecure_propagation_mode` - `interactive_mode` - `ipv4` - `ipv6` - `kac_agent_id` - `labels` - `last_seen` - `namespace` - `node_name` - `node_uid` - `package_name_version` - `pod_id` - `pod_name` - `port` - `privileged` - `root_write_access` - `run_as_root_group` - `run_as_root_user` - `running_status`
   # @return [ModelsAggregateValuesByFieldResponse]
   describe 'read_container_images_by_most_used test' do
     it 'should work' do
@@ -430,7 +445,7 @@ describe 'KubernetesProtection' do
   # unit tests for read_container_vulnerabilities_by_severity_count
   # Retrieve container vulnerabilities by severity counts
   # @param [Hash] opts the optional parameters
-  # @option opts [String] :filter Get vulnerabilities count by severity for container using a query in Falcon Query Language (FQL). Supported filter fields: - `agent_id` - `agent_type` - `allow_privilege_escalation` - `cid` - `cloud_account_id` - `cloud_instance_id` - `cloud_name` - `cloud_region` - `cloud_service` - `cluster_id` - `cluster_name` - `container_id` - `container_image_id` - `container_name` - `cve_id` - `detection_name` - `first_seen` - `image_detection_count` - `image_digest` - `image_has_been_assessed` - `image_id` - `image_registry` - `image_repository` - `image_tag` - `image_vulnerability_count` - `insecure_mount_source` - `insecure_mount_type` - `insecure_propagation_mode` - `interactive_mode` - `ipv4` - `ipv6` - `kac_agent_id` - `labels` - `last_seen` - `namespace` - `node_name` - `node_uid` - `package_name_version` - `pod_id` - `pod_name` - `port` - `privileged` - `root_write_access` - `run_as_root_group` - `run_as_root_user` - `running_status`
+  # @option opts [String] :filter Get vulnerabilities count by severity for container using a query in Falcon Query Language (FQL). Supported filter fields: - `agent_id` - `agent_type` - `ai_related` - `allow_privilege_escalation` - `app_name` - `cid` - `cloud_account_id` - `cloud_instance_id` - `cloud_name` - `cloud_region` - `cloud_service` - `cluster_id` - `cluster_name` - `container_id` - `container_image_id` - `container_name` - `cve_id` - `detection_name` - `first_seen` - `image_detection_count` - `image_digest` - `image_has_been_assessed` - `image_id` - `image_registry` - `image_repository` - `image_tag` - `image_vulnerability_count` - `insecure_mount_source` - `insecure_mount_type` - `insecure_propagation_mode` - `interactive_mode` - `ipv4` - `ipv6` - `kac_agent_id` - `labels` - `last_seen` - `namespace` - `node_name` - `node_uid` - `package_name_version` - `pod_id` - `pod_name` - `port` - `privileged` - `root_write_access` - `run_as_root_group` - `run_as_root_user` - `running_status`
   # @return [ModelsAggregateValuesByFieldResponse]
   describe 'read_container_vulnerabilities_by_severity_count test' do
     it 'should work' do
@@ -441,7 +456,7 @@ describe 'KubernetesProtection' do
   # unit tests for read_containers_by_date_range_count
   # Retrieve containers by date range counts
   # @param [Hash] opts the optional parameters
-  # @option opts [String] :filter Get container counts using a query in Falcon Query Language (FQL). Supported filter fields: - `agent_id` - `agent_type` - `allow_privilege_escalation` - `cid` - `cloud_account_id` - `cloud_instance_id` - `cloud_name` - `cloud_region` - `cloud_service` - `cluster_id` - `cluster_name` - `container_id` - `container_image_id` - `container_name` - `cve_id` - `detection_name` - `first_seen` - `image_detection_count` - `image_digest` - `image_has_been_assessed` - `image_id` - `image_registry` - `image_repository` - `image_tag` - `image_vulnerability_count` - `insecure_mount_source` - `insecure_mount_type` - `insecure_propagation_mode` - `interactive_mode` - `ipv4` - `ipv6` - `kac_agent_id` - `labels` - `last_seen` - `namespace` - `node_name` - `node_uid` - `package_name_version` - `pod_id` - `pod_name` - `port` - `privileged` - `root_write_access` - `run_as_root_group` - `run_as_root_user` - `running_status`
+  # @option opts [String] :filter Get container counts using a query in Falcon Query Language (FQL). Supported filter fields: - `agent_id` - `agent_type` - `ai_related` - `allow_privilege_escalation` - `app_name` - `cid` - `cloud_account_id` - `cloud_instance_id` - `cloud_name` - `cloud_region` - `cloud_service` - `cluster_id` - `cluster_name` - `container_id` - `container_image_id` - `container_name` - `cve_id` - `detection_name` - `first_seen` - `image_detection_count` - `image_digest` - `image_has_been_assessed` - `image_id` - `image_registry` - `image_repository` - `image_tag` - `image_vulnerability_count` - `insecure_mount_source` - `insecure_mount_type` - `insecure_propagation_mode` - `interactive_mode` - `ipv4` - `ipv6` - `kac_agent_id` - `labels` - `last_seen` - `namespace` - `node_name` - `node_uid` - `package_name_version` - `pod_id` - `pod_name` - `port` - `privileged` - `root_write_access` - `run_as_root_group` - `run_as_root_user` - `running_status`
   # @return [ModelsAggregateValuesByFieldResponse]
   describe 'read_containers_by_date_range_count test' do
     it 'should work' do
@@ -452,7 +467,7 @@ describe 'KubernetesProtection' do
   # unit tests for read_containers_sensor_coverage
   # Bucket containers by agent type and calculate sensor coverage
   # @param [Hash] opts the optional parameters
-  # @option opts [String] :filter Retrieve count of Kubernetes containers that match a query in Falcon Query Language (FQL). Supported filter fields: - `agent_id` - `agent_type` - `allow_privilege_escalation` - `cid` - `cloud_account_id` - `cloud_instance_id` - `cloud_name` - `cloud_region` - `cloud_service` - `cluster_id` - `cluster_name` - `container_id` - `container_image_id` - `container_name` - `cve_id` - `detection_name` - `first_seen` - `image_detection_count` - `image_digest` - `image_has_been_assessed` - `image_id` - `image_registry` - `image_repository` - `image_tag` - `image_vulnerability_count` - `insecure_mount_source` - `insecure_mount_type` - `insecure_propagation_mode` - `interactive_mode` - `ipv4` - `ipv6` - `kac_agent_id` - `labels` - `last_seen` - `namespace` - `node_name` - `node_uid` - `package_name_version` - `pod_id` - `pod_name` - `port` - `privileged` - `root_write_access` - `run_as_root_group` - `run_as_root_user` - `running_status`
+  # @option opts [String] :filter Retrieve count of Kubernetes containers that match a query in Falcon Query Language (FQL). Supported filter fields: - `agent_id` - `agent_type` - `ai_related` - `allow_privilege_escalation` - `app_name` - `cid` - `cloud_account_id` - `cloud_instance_id` - `cloud_name` - `cloud_region` - `cloud_service` - `cluster_id` - `cluster_name` - `container_id` - `container_image_id` - `container_name` - `cve_id` - `detection_name` - `first_seen` - `image_detection_count` - `image_digest` - `image_has_been_assessed` - `image_id` - `image_registry` - `image_repository` - `image_tag` - `image_vulnerability_count` - `insecure_mount_source` - `insecure_mount_type` - `insecure_propagation_mode` - `interactive_mode` - `ipv4` - `ipv6` - `kac_agent_id` - `labels` - `last_seen` - `namespace` - `node_name` - `node_uid` - `package_name_version` - `pod_id` - `pod_name` - `port` - `privileged` - `root_write_access` - `run_as_root_group` - `run_as_root_user` - `running_status`
   # @return [ModelsAggregateValuesByFieldResponse]
   describe 'read_containers_sensor_coverage test' do
     it 'should work' do
@@ -510,7 +525,7 @@ describe 'KubernetesProtection' do
   # unit tests for read_distinct_container_image_count
   # Retrieve count of distinct images running on containers
   # @param [Hash] opts the optional parameters
-  # @option opts [String] :filter Search Kubernetes containers using a query in Falcon Query Language (FQL). Supported filter fields: - `agent_id` - `agent_type` - `allow_privilege_escalation` - `cid` - `cloud_account_id` - `cloud_instance_id` - `cloud_name` - `cloud_region` - `cloud_service` - `cluster_id` - `cluster_name` - `container_id` - `container_image_id` - `container_name` - `cve_id` - `detection_name` - `first_seen` - `image_detection_count` - `image_digest` - `image_has_been_assessed` - `image_id` - `image_registry` - `image_repository` - `image_tag` - `image_vulnerability_count` - `insecure_mount_source` - `insecure_mount_type` - `insecure_propagation_mode` - `interactive_mode` - `ipv4` - `ipv6` - `kac_agent_id` - `labels` - `last_seen` - `namespace` - `node_name` - `node_uid` - `package_name_version` - `pod_id` - `pod_name` - `port` - `privileged` - `root_write_access` - `run_as_root_group` - `run_as_root_user` - `running_status`
+  # @option opts [String] :filter Search Kubernetes containers using a query in Falcon Query Language (FQL). Supported filter fields: - `agent_id` - `agent_type` - `ai_related` - `allow_privilege_escalation` - `app_name` - `cid` - `cloud_account_id` - `cloud_instance_id` - `cloud_name` - `cloud_region` - `cloud_service` - `cluster_id` - `cluster_name` - `container_id` - `container_image_id` - `container_name` - `cve_id` - `detection_name` - `first_seen` - `image_detection_count` - `image_digest` - `image_has_been_assessed` - `image_id` - `image_registry` - `image_repository` - `image_tag` - `image_vulnerability_count` - `insecure_mount_source` - `insecure_mount_type` - `insecure_propagation_mode` - `interactive_mode` - `ipv4` - `ipv6` - `kac_agent_id` - `labels` - `last_seen` - `namespace` - `node_name` - `node_uid` - `package_name_version` - `pod_id` - `pod_name` - `port` - `privileged` - `root_write_access` - `run_as_root_group` - `run_as_root_user` - `running_status`
   # @return [ModelsAPIFilterResponse]
   describe 'read_distinct_container_image_count test' do
     it 'should work' do
@@ -645,7 +660,7 @@ describe 'KubernetesProtection' do
   # unit tests for read_pod_combined
   # Maximum offset = 10000 - limit
   # @param [Hash] opts the optional parameters
-  # @option opts [String] :filter Search Kubernetes pods using a query in Falcon Query Language (FQL). Supported filter fields: - `agent_id` - `agent_type` - `allow_privilege_escalation` - `annotations_list` - `cid` - `cloud_account_id` - `cloud_name` - `cloud_region` - `cloud_service` - `cluster_id` - `cluster_name` - `container_count` - `first_seen` - `ipv4` - `ipv6` - `kac_agent_id` - `labels` - `last_seen` - `namespace` - `node_name` - `node_uid` - `owner_id` - `owner_type` - `pod_external_id` - `pod_id` - `pod_name` - `port` - `privileged` - `resource_status` - `root_write_access` - `run_as_root_group` - `run_as_root_user`
+  # @option opts [String] :filter Search Kubernetes pods using a query in Falcon Query Language (FQL). Supported filter fields: - `agent_id` - `agent_type` - `allow_privilege_escalation` - `annotations_list` - `app_name` - `cid` - `cloud_account_id` - `cloud_name` - `cloud_region` - `cloud_service` - `cluster_id` - `cluster_name` - `container_count` - `first_seen` - `ipv4` - `ipv6` - `kac_agent_id` - `labels` - `last_seen` - `namespace` - `node_name` - `node_uid` - `owner_id` - `owner_type` - `pod_external_id` - `pod_id` - `pod_name` - `port` - `privileged` - `resource_status` - `root_write_access` - `run_as_root_group` - `run_as_root_user`
   # @option opts [String] :sort The fields to sort the records on.
   # @option opts [Integer] :limit The upper-bound on the number of records to retrieve.
   # @option opts [Integer] :offset The offset from where to begin.
@@ -659,7 +674,7 @@ describe 'KubernetesProtection' do
   # unit tests for read_pod_count
   # Retrieve pod counts
   # @param [Hash] opts the optional parameters
-  # @option opts [String] :filter Retrieve count of Kubernetes pods that match a query in Falcon Query Language (FQL). Supported filter fields: - `agent_id` - `agent_type` - `allow_privilege_escalation` - `annotations_list` - `cid` - `cloud_account_id` - `cloud_name` - `cloud_region` - `cloud_service` - `cluster_id` - `cluster_name` - `container_count` - `first_seen` - `ipv4` - `ipv6` - `kac_agent_id` - `labels` - `last_seen` - `namespace` - `node_name` - `node_uid` - `owner_id` - `owner_type` - `pod_external_id` - `pod_id` - `pod_name` - `port` - `privileged` - `resource_status` - `root_write_access` - `run_as_root_group` - `run_as_root_user`
+  # @option opts [String] :filter Retrieve count of Kubernetes pods that match a query in Falcon Query Language (FQL). Supported filter fields: - `agent_id` - `agent_type` - `allow_privilege_escalation` - `annotations_list` - `app_name` - `cid` - `cloud_account_id` - `cloud_name` - `cloud_region` - `cloud_service` - `cluster_id` - `cluster_name` - `container_count` - `first_seen` - `ipv4` - `ipv6` - `kac_agent_id` - `labels` - `last_seen` - `namespace` - `node_name` - `node_uid` - `owner_id` - `owner_type` - `pod_external_id` - `pod_id` - `pod_name` - `port` - `privileged` - `resource_status` - `root_write_access` - `run_as_root_group` - `run_as_root_user`
   # @return [CommonCountResponse]
   describe 'read_pod_count test' do
     it 'should work' do
@@ -706,7 +721,7 @@ describe 'KubernetesProtection' do
   # unit tests for read_vulnerable_container_image_count
   # Retrieve count of vulnerable images running on containers
   # @param [Hash] opts the optional parameters
-  # @option opts [String] :filter Retrieve count of Kubernetes containers that match a query in Falcon Query Language (FQL). Supported filter fields: - `agent_id` - `agent_type` - `allow_privilege_escalation` - `cid` - `cloud_account_id` - `cloud_instance_id` - `cloud_name` - `cloud_region` - `cloud_service` - `cluster_id` - `cluster_name` - `container_id` - `container_image_id` - `container_name` - `cve_id` - `detection_name` - `first_seen` - `image_detection_count` - `image_digest` - `image_has_been_assessed` - `image_id` - `image_registry` - `image_repository` - `image_tag` - `image_vulnerability_count` - `insecure_mount_source` - `insecure_mount_type` - `insecure_propagation_mode` - `interactive_mode` - `ipv4` - `ipv6` - `kac_agent_id` - `labels` - `last_seen` - `namespace` - `node_name` - `node_uid` - `package_name_version` - `pod_id` - `pod_name` - `port` - `privileged` - `root_write_access` - `run_as_root_group` - `run_as_root_user` - `running_status`
+  # @option opts [String] :filter Retrieve count of Kubernetes containers that match a query in Falcon Query Language (FQL). Supported filter fields: - `agent_id` - `agent_type` - `ai_related` - `allow_privilege_escalation` - `app_name` - `cid` - `cloud_account_id` - `cloud_instance_id` - `cloud_name` - `cloud_region` - `cloud_service` - `cluster_id` - `cluster_name` - `container_id` - `container_image_id` - `container_name` - `cve_id` - `detection_name` - `first_seen` - `image_detection_count` - `image_digest` - `image_has_been_assessed` - `image_id` - `image_registry` - `image_repository` - `image_tag` - `image_vulnerability_count` - `insecure_mount_source` - `insecure_mount_type` - `insecure_propagation_mode` - `interactive_mode` - `ipv4` - `ipv6` - `kac_agent_id` - `labels` - `last_seen` - `namespace` - `node_name` - `node_uid` - `package_name_version` - `pod_id` - `pod_name` - `port` - `privileged` - `root_write_access` - `run_as_root_group` - `run_as_root_user` - `running_status`
   # @return [ModelsAPIFilterResponse]
   describe 'read_vulnerable_container_image_count test' do
     it 'should work' do
@@ -727,7 +742,7 @@ describe 'KubernetesProtection' do
   # unit tests for search_and_read_kubernetes_iom_entities
   # Maximum offset = 10000 - limit
   # @param [Hash] opts the optional parameters
-  # @option opts [String] :filter Search Kubernetes IOMs using a query in Falcon Query Language (FQL). Supported filter fields: - `cid` - `cis_id` - `cluster_id` - `cluster_name` - `containers_impacted_count` - `containers_impacted_ids` - `detection_type` - `name` - `namespace` - `prevented` - `resource_id` - `resource_name` - `resource_type` - `severity`
+  # @option opts [String] :filter Search Kubernetes IOMs using a query in Falcon Query Language (FQL). Supported filter fields: - `cid` - `cis_id` - `cluster_id` - `cluster_name` - `containers_impacted_ai_related` - `containers_impacted_count` - `containers_impacted_ids` - `detection_type` - `name` - `namespace` - `prevented` - `resource_id` - `resource_name` - `resource_type` - `severity`
   # @option opts [String] :sort The fields to sort the records on.
   # @option opts [Integer] :limit The upper-bound on the number of records to retrieve.
   # @option opts [Integer] :offset The offset from where to begin.
@@ -741,7 +756,7 @@ describe 'KubernetesProtection' do
   # unit tests for search_kubernetes_ioms
   # Maximum offset = 10000 - limit
   # @param [Hash] opts the optional parameters
-  # @option opts [String] :filter Search Kubernetes IOMs using a query in Falcon Query Language (FQL). Supported filter fields: - `cid` - `cis_id` - `cluster_id` - `cluster_name` - `containers_impacted_count` - `containers_impacted_ids` - `detection_type` - `name` - `namespace` - `prevented` - `resource_id` - `resource_name` - `resource_type` - `severity`
+  # @option opts [String] :filter Search Kubernetes IOMs using a query in Falcon Query Language (FQL). Supported filter fields: - `cid` - `cis_id` - `cluster_id` - `cluster_name` - `containers_impacted_ai_related` - `containers_impacted_count` - `containers_impacted_ids` - `detection_type` - `name` - `namespace` - `prevented` - `resource_id` - `resource_name` - `resource_type` - `severity`
   # @option opts [String] :sort The fields to sort the records on.
   # @option opts [Integer] :limit The upper-bound on the number of records to retrieve.
   # @option opts [Integer] :offset The offset from where to begin.

data/spec/api/lookup_files_spec.rb

@@ -54,6 +54,8 @@ describe 'LookupFiles' do
   # @param file File to be uploaded
   # @param name Name used to identify the file
   # @param [Hash] opts the optional parameters
+  # @option opts [String] :x_cs_username Requester Username.
+  # @option opts [String] :x_cs_useruuid Requester UUID.
   # @option opts [String] :description File description
   # @option opts [String] :id Unique identifier of the file being updated.
   # @option opts [String] :repo Name of repository or view to save the file
@@ -68,6 +70,8 @@ describe 'LookupFiles' do
   # Updates a lookup file
   # @param id Unique identifier of the file being updated.
   # @param [Hash] opts the optional parameters
+  # @option opts [String] :x_cs_username Requester Username.
+  # @option opts [String] :x_cs_useruuid Requester UUID.
   # @option opts [String] :description File description
   # @option opts [File] :file File to be uploaded
   # @return [DomainLookupFileWrapper]

data/spec/api/{humio_auth_proxy_spec.rb → ngsiem_spec.rb}

@@ -30,22 +30,22 @@ SOFTWARE.
 require 'spec_helper'
 require 'json'
 
-# Unit tests for Falcon::HumioAuthProxy
+# Unit tests for Falcon::Ngsiem
 # Automatically generated by openapi-generator (https://openapi-generator.tech)
 # Please update as you see appropriate
-describe 'HumioAuthProxy' do
+describe 'Ngsiem' do
   before(:all) do
     # run before each test
-    @api_instance = Falcon::HumioAuthProxy.new
+    @api_instance = Falcon::Ngsiem.new
   end
 
   after(:all) do
     # run after each test
   end
 
-  describe 'test an instance of HumioAuthProxy' do
-    it 'should create an instance of HumioAuthProxy' do
-      expect(@api_instance).to be_instance_of(Falcon::HumioAuthProxy)
+  describe 'test an instance of Ngsiem' do
+    it 'should create an instance of Ngsiem' do
+      expect(@api_instance).to be_instance_of(Falcon::Ngsiem)
     end
   end
 
@@ -93,7 +93,7 @@ describe 'HumioAuthProxy' do
   # @param repository name of repository
   # @param id id of query
   # @param [Hash] opts the optional parameters
-  # @return [MsaspecResponseFields]
+  # @return [ApiQueryJobsResults]
   describe 'get_search_status_v1 test' do
     it 'should work' do
       # assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
@@ -103,8 +103,9 @@ describe 'HumioAuthProxy' do
   # unit tests for start_search_v1
   # Initiate search
   # @param repository name of repository
+  # @param body Query Job JSON request body
   # @param [Hash] opts the optional parameters
-  # @return [nil]
+  # @return [ApiQueryJobResponse]
   describe 'start_search_v1 test' do
     it 'should work' do
       # assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
@@ -126,6 +127,7 @@ describe 'HumioAuthProxy' do
   # unit tests for upload_lookup_v1
   # Upload file to NGSIEM
   # @param repository name of repository
+  # @param file file to upload
   # @param [Hash] opts the optional parameters
   # @return [nil]
   describe 'upload_lookup_v1 test' do

data/spec/api/quarantine_spec.rb

@@ -90,7 +90,7 @@ describe 'Quarantine' do
   # @option opts [String] :sort Possible order by fields: hostname, username, date_updated, date_created, paths.path, state, paths.state. Ex: 'date_created|asc'.
   # @option opts [String] :filter FQL query specifying the filter parameters. Special value '*' means to not filter on anything. Filter term criteria: status, adversary_id, device.device_id, device.country, device.hostname, behaviors.behavior_id, behaviors.ioc_type, behaviors.ioc_value, behaviors.username, behaviors.tree_root_hash. Filter range criteria:, max_severity, max_confidence, first_behavior, last_behavior.
   # @option opts [String] :q Match phrase_prefix query criteria; included fields: _all (all filter string fields), sha256, state, paths.path, paths.state, hostname, username, date_updated, date_created.
-  # @return [MsaQueryResponse]
+  # @return [MsaspecQueryResponse]
   describe 'query_quarantine_files test' do
     it 'should work' do
       # assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/

data/spec/api/quick_scan_pro_spec.rb

@@ -108,7 +108,7 @@ describe 'QuickScanPro' do
   end
 
   # unit tests for upload_file_quick_scan_pro
-  # Uploads a file to be further analyzed with QuickScan Pro. The samples expire after 90 days.
+  # Uploads a file to be further analyzed with QuickScan Pro. The samples expire according to the Retention Policies set.
   # @param file Binary file to be uploaded. Max file size: 256 MB.
   # @param [Hash] opts the optional parameters
   # @option opts [Boolean] :scan If true, after upload, it starts scanning immediately. Default scan mode is 'false'

data/spec/api/quick_scan_spec.rb

@@ -71,7 +71,7 @@ describe 'QuickScan' do
     end
   end
 
-  # unit tests for query_submissions
+  # unit tests for query_submissions_mixin0
   # Find IDs for submitted scans by providing an FQL filter and paging details. Returns a set of volume IDs that match your criteria.
   # @param [Hash] opts the optional parameters
   # @option opts [String] :filter Optional filter and sort criteria in the form of an FQL query. For more information about FQL queries, see [our FQL documentation in Falcon](https://falcon.crowdstrike.com/support/documentation/45/falcon-query-language-feature-guide).
@@ -79,7 +79,7 @@ describe 'QuickScan' do
   # @option opts [Integer] :limit Maximum number of volume IDs to return. Max: 5000.
   # @option opts [String] :sort Sort order: `asc` or `desc`.
   # @return [MlscannerapiQueryResponse]
-  describe 'query_submissions test' do
+  describe 'query_submissions_mixin0 test' do
     it 'should work' do
       # assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
     end

data/spec/api/release_notes_spec.rb

@@ -66,12 +66,12 @@ describe 'ReleaseNotes' do
   end
 
   # unit tests for get_entity_ids_by_query_post
-  # returns the IDs of all entities in the database for the given page
+  # returns the release notes for the IDs in the request
   # @param authorization authorization header
   # @param body
   # @param [Hash] opts the optional parameters
   # @option opts [String] :x_cs_username user name
-  # @return [ReleasenotesEntitiesGetResponseWrapper]
+  # @return [ReleasenotesReleaseNoteWrapperV1]
   describe 'get_entity_ids_by_query_post test' do
     it 'should work' do
       # assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/

data/spec/api/{vulnerabilities_spec.rb → serverless_vulnerabilities_spec.rb}

@@ -30,22 +30,22 @@ SOFTWARE.
 require 'spec_helper'
 require 'json'
 
-# Unit tests for Falcon::Vulnerabilities
+# Unit tests for Falcon::ServerlessVulnerabilities
 # Automatically generated by openapi-generator (https://openapi-generator.tech)
 # Please update as you see appropriate
-describe 'Vulnerabilities' do
+describe 'ServerlessVulnerabilities' do
   before(:all) do
     # run before each test
-    @api_instance = Falcon::Vulnerabilities.new
+    @api_instance = Falcon::ServerlessVulnerabilities.new
   end
 
   after(:all) do
     # run after each test
   end
 
-  describe 'test an instance of Vulnerabilities' do
-    it 'should create an instance of Vulnerabilities' do
-      expect(@api_instance).to be_instance_of(Falcon::Vulnerabilities)
+  describe 'test an instance of ServerlessVulnerabilities' do
+    it 'should create an instance of ServerlessVulnerabilities' do
+      expect(@api_instance).to be_instance_of(Falcon::ServerlessVulnerabilities)
     end
   end
 

data/spec/api/spotlight_vulnerabilities_spec.rb

@@ -51,7 +51,7 @@ describe 'SpotlightVulnerabilities' do
 
   # unit tests for combined_query_vulnerabilities
   # Search for Vulnerabilities in your environment by providing an FQL filter and paging details. Returns a set of Vulnerability entities which match the filter criteria
-  # @param filter Filter items using a query in Falcon Query Language (FQL). Wildcards * and empty filter values are unsupported.    Available filter fields that supports match (~): N/A    Available filter fields that supports exact match: aid, cid, last_seen_within, status, cve.id, cve.is_cisa_kev, cve.remediation_level, cve.cps_rating, cve.exprt_rating, cve.exploit_status_to_include, cve.severity, cve.types, host_info.asset_criticality, host_info.asset_roles, host_info.internet_exposure, host_info.tags, host_info.groups, host_info.product_type_desc, host_info.platform_name, suppression_info.is_suppressed, suppression_info.reason    Available filter fields that supports wildcard (*): N/A    Available filter fields that supports range comparisons (>, <, >=, <=): created_timestamp, closed_timestamp, updated_timestamp
+  # @param filter Filter items using a query in Falcon Query Language (FQL). Wildcards * and empty filter values are unsupported.    Available filter fields that supports match (~): N/A    Available filter fields that supports exact match: aid, cid, last_seen_within, status, cve.id, cve.is_cisa_kev, cve.remediation_level, cve.cps_rating, cve.exprt_rating, cve.exploit_status_to_include, cve.severity, cve.base_score, cve.types, host_info.asset_criticality, host_info.asset_roles, host_info.internet_exposure, host_info.tags, host_info.groups, host_info.product_type_desc, host_info.platform_name, suppression_info.is_suppressed, suppression_info.reason, host_info.instance_state    Available filter fields that supports wildcard (*): N/A    Available filter fields that supports range comparisons (>, <, >=, <=): created_timestamp, closed_timestamp, updated_timestamp, cve.base_score
   # @param [Hash] opts the optional parameters
   # @option opts [String] :after A pagination token used with the `limit` parameter to manage pagination of results. On your first request, don't provide an `after` token. On subsequent requests, provide the `after` token from the previous response to continue from that place in the results.
   # @option opts [Integer] :limit The number of items to return in this response (default: 100, max: 5000). Use with the after parameter to manage pagination of results.
@@ -88,7 +88,7 @@ describe 'SpotlightVulnerabilities' do
 
   # unit tests for query_vulnerabilities
   # Search for Vulnerabilities in your environment by providing an FQL filter and paging details. Returns a set of Vulnerability IDs which match the filter criteria
-  # @param filter Filter items using a query in Falcon Query Language (FQL). Wildcards * and empty filter values are unsupported.    Available filter fields that supports match (~): N/A    Available filter fields that supports exact match: aid, cid, last_seen_within, status, cve.id, cve.is_cisa_kev, cve.remediation_level, cve.cps_rating, cve.exprt_rating, cve.exploit_status_to_include, cve.severity, cve.types, host_info.asset_criticality, host_info.asset_roles, host_info.internet_exposure, host_info.tags, host_info.groups, host_info.product_type_desc, host_info.platform_name, suppression_info.is_suppressed, suppression_info.reason    Available filter fields that supports wildcard (*): N/A    Available filter fields that supports range comparisons (>, <, >=, <=): created_timestamp, closed_timestamp, updated_timestamp
+  # @param filter Filter items using a query in Falcon Query Language (FQL). Wildcards * and empty filter values are unsupported.    Available filter fields that supports match (~): N/A    Available filter fields that supports exact match: aid, cid, last_seen_within, status, cve.id, cve.is_cisa_kev, cve.remediation_level, cve.cps_rating, cve.exprt_rating, cve.exploit_status_to_include, cve.severity, cve.base_score, cve.types, host_info.asset_criticality, host_info.asset_roles, host_info.internet_exposure, host_info.tags, host_info.groups, host_info.product_type_desc, host_info.platform_name, suppression_info.is_suppressed, suppression_info.reason, host_info.instance_state    Available filter fields that supports wildcard (*): N/A    Available filter fields that supports range comparisons (>, <, >=, <=): created_timestamp, closed_timestamp, updated_timestamp, cve.base_score
   # @param [Hash] opts the optional parameters
   # @option opts [String] :after A pagination token used with the `limit` parameter to manage pagination of results. On your first request, don't provide an `after` token. On subsequent requests, provide the `after` token from the previous response to continue from that place in the results.
   # @option opts [Integer] :limit The number of items to return in this response (default: 100, max: 400). Use with the after parameter to manage pagination of results.

data/spec/api/tailored_intelligence_spec.rb

@@ -0,0 +1,115 @@
+=begin
+Crimson Falcon - Ruby Client SDK
+
+Code auto-generated by OpenAPI Generator; DO NOT EDIT.
+
+MIT License
+
+Copyright (c) 2023 Crowdstrike
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+
+=end
+
+require 'spec_helper'
+require 'json'
+
+# Unit tests for Falcon::TailoredIntelligence
+# Automatically generated by openapi-generator (https://openapi-generator.tech)
+# Please update as you see appropriate
+describe 'TailoredIntelligence' do
+  before(:all) do
+    # run before each test
+    @api_instance = Falcon::TailoredIntelligence.new
+  end
+
+  after(:all) do
+    # run after each test
+  end
+
+  describe 'test an instance of TailoredIntelligence' do
+    it 'should create an instance of TailoredIntelligence' do
+      expect(@api_instance).to be_instance_of(Falcon::TailoredIntelligence)
+    end
+  end
+
+  # unit tests for get_events_body
+  # Get event body for the provided event ID
+  # @param id Return the event body for event id.
+  # @param [Hash] opts the optional parameters
+  # @return [Array<Integer>]
+  describe 'get_events_body test' do
+    it 'should work' do
+      # assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
+    end
+  end
+
+  # unit tests for get_events_entities
+  # Get events entities for specified ids.
+  # @param body
+  # @param [Hash] opts the optional parameters
+  # @return [DomainEventEntitiesResponse]
+  describe 'get_events_entities test' do
+    it 'should work' do
+      # assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
+    end
+  end
+
+  # unit tests for get_rules_entities
+  # Get rules entities for specified ids.
+  # @param body
+  # @param [Hash] opts the optional parameters
+  # @return [DomainRuleEntitiesResponse]
+  describe 'get_rules_entities test' do
+    it 'should work' do
+      # assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
+    end
+  end
+
+  # unit tests for query_events
+  # Get events ids that match the provided filter criteria.
+  # @param [Hash] opts the optional parameters
+  # @option opts [String] :offset Starting index of overall result set from which to return ids.
+  # @option opts [Integer] :limit Number of ids to return.
+  # @option opts [String] :sort Possible order by fields: source_type, created_date, updated_date. Ex: &#39;updated_date|desc&#39;.
+  # @option opts [String] :filter FQL query specifying the filter parameters. Special value &#39;*&#39; means to not filter on anything.
+  # @option opts [String] :q Match phrase_prefix query criteria; included fields: _all (all filter string fields indexed).
+  # @return [DomainQueryResponse]
+  describe 'query_events test' do
+    it 'should work' do
+      # assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
+    end
+  end
+
+  # unit tests for query_rules
+  # Get rules ids that match the provided filter criteria.
+  # @param [Hash] opts the optional parameters
+  # @option opts [String] :offset Starting index of overall result set from which to return ids.
+  # @option opts [Integer] :limit Number of ids to return.
+  # @option opts [String] :sort Possible order by fields: name, value, rule_type, customer_id, created_date, updated_date. Ex: &#39;updated_date|asc&#39;.
+  # @option opts [String] :filter FQL query specifying the filter parameters. Special value &#39;*&#39; means to not filter on anything.
+  # @option opts [String] :q Match phrase_prefix query criteria; included fields: _all (all filter string fields indexed).
+  # @return [DomainQueryResponse]
+  describe 'query_rules test' do
+    it 'should work' do
+      # assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
+    end
+  end
+
+end

data/spec/api/user_management_spec.rb

@@ -49,23 +49,51 @@ describe 'UserManagement' do
     end
   end
 
+  # unit tests for aggregate_users_v1
+  # Get host aggregates as specified via json in request body.
+  # @param body
+  # @param [Hash] opts the optional parameters
+  # @return [FlightcontrolapiAggregatesResponse]
+  describe 'aggregate_users_v1 test' do
+    it 'should work' do
+      # assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
+    end
+  end
+
   # unit tests for combined_user_roles_v1
-  # Get User Grant(s). This endpoint lists both direct as well as flight control grants between a User and a Customer.
+  # Deprecated : Please use GET /user-management/combined/user-roles/v2. Get User Grant(s). This endpoint lists both direct as well as flight control grants between a User and a Customer.
   # @param user_uuid User UUID to get available roles for.
   # @param [Hash] opts the optional parameters
   # @option opts [String] :cid Customer ID to get grants for. Empty CID would result in Role IDs for user against current CID in view.
   # @option opts [Boolean] :direct_only Specifies if to request direct Only role grants or all role grants between user and CID (specified in query params)
-  # @option opts [String] :filter Filter using a query in Falcon Query Language (FQL). Supported filters: role_id, role_name
+  # @option opts [String] :filter Filter using a query in Falcon Query Language (FQL). Supported filters: expires_at, role_id, role_name
   # @option opts [Integer] :offset The offset to start retrieving records from
   # @option opts [Integer] :limit The maximum records to return. [1-500]
   # @option opts [String] :sort The property to sort by
-  # @return [FlightcontrolapiUserGrantResponse]
+  # @return [FlightcontrolapiCombinedUserRolesResponseV1]
   describe 'combined_user_roles_v1 test' do
     it 'should work' do
       # assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
     end
   end
 
+  # unit tests for combined_user_roles_v2
+  # Get User Grant(s). This endpoint lists both direct as well as flight control grants between a User and a Customer.
+  # @param user_uuid User UUID to get available roles for.
+  # @param [Hash] opts the optional parameters
+  # @option opts [String] :cid Customer ID to get grants for. Empty CID would result in Role IDs for user against current CID in view.
+  # @option opts [Boolean] :direct_only Specifies if to request direct Only role grants or all role grants between user and CID (specified in query params)
+  # @option opts [String] :filter Filter using a query in Falcon Query Language (FQL). Supported filters: expires_at, role_id, role_name
+  # @option opts [Integer] :offset The offset to start retrieving records from
+  # @option opts [Integer] :limit The maximum records to return. [1-500]
+  # @option opts [String] :sort The property to sort by
+  # @return [FlightcontrolapiCombinedUserRolesResponseV2]
+  describe 'combined_user_roles_v2 test' do
+    it 'should work' do
+      # assertion here. ref: https://rspec.info/features/3-12/rspec-expectations/built-in-matchers/
+    end
+  end
+
   # unit tests for create_user
   # Deprecated : Please use POST /user-management/entities/users/v1. Create a new user. After creating a user, assign one or more roles with POST /user-roles/entities/user-roles/v1
   # @param body Attributes for this user. `uid` (required) is the user's email address, which is their username in Falcon.  Optional attributes:  <ul><li>`firstName`</li><li>`lastName`</li><li>`password`</li></ul>  As a best practice, we recommend omitting `password`. If single sign-on is enabled for your customer account, the `password` attribute is ignored. If single sign-on is not enabled, we send a user activation request to their email address when you create the user with no `password`. The user should use the activation email to set their own password.
@@ -183,7 +211,7 @@ describe 'UserManagement' do
   # unit tests for query_user_v1
   # List user IDs for all users in your customer account. For more information on each user, provide the user ID to `/user-management/entities/users/GET/v1`.
   # @param [Hash] opts the optional parameters
-  # @option opts [String] :filter Filter using a query in Falcon Query Language (FQL). Supported filters: assigned_cids, cid, first_name, last_name, name, uid
+  # @option opts [String] :filter Filter using a query in Falcon Query Language (FQL). Supported filters: assigned_cids, cid, direct_assigned_cids, factors, first_name, has_temporary_roles, last_name, name, status, temporarily_assigned_cids, uid
   # @option opts [Integer] :offset The offset to start retrieving records from
   # @option opts [Integer] :limit The maximum records to return. [1-500]
   # @option opts [String] :sort The property to sort by