crimson-falcon 1.0.1 → 1.2.0

data/lib/crimson-falcon/api/exposure_management.rb

@@ -582,6 +582,72 @@ module Falcon
       return data, status_code, headers
     end
 
+    # Add external assets for external asset scanning.
+    # @param body [InventoryapiUserExternalAssetCreateRequestV1] Asset addition specification.
+    # @param [Hash] opts the optional parameters
+    # @return [InventoryapiUserExternalAssetCreateResponseV1]
+    def post_external_assets_inventory_v1(body, opts = {})
+      data, _status_code, _headers = post_external_assets_inventory_v1_with_http_info(body, opts)
+      data
+    end
+
+    # Add external assets for external asset scanning.
+    # @param body [InventoryapiUserExternalAssetCreateRequestV1] Asset addition specification.
+    # @param [Hash] opts the optional parameters
+    # @return [Array<(InventoryapiUserExternalAssetCreateResponseV1, Integer, Hash)>] InventoryapiUserExternalAssetCreateResponseV1 data, response status code and response headers
+    def post_external_assets_inventory_v1_with_http_info(body, opts = {})
+      if @api_client.config.debugging
+        @api_client.config.logger.debug 'Calling API: ExposureManagement.post_external_assets_inventory_v1 ...'
+      end
+      # verify the required parameter 'body' is set
+      if @api_client.config.client_side_validation && body.nil?
+        fail ArgumentError, "Missing the required parameter 'body' when calling ExposureManagement.post_external_assets_inventory_v1"
+      end
+      # resource path
+      local_var_path = '/fem/entities/external-asset-inventory/v1'
+
+      # query parameters
+      query_params = opts[:query_params] || {}
+
+      # header parameters
+      header_params = opts[:header_params] || {}
+      # HTTP header 'Accept' (if needed)
+      header_params['Accept'] = @api_client.select_header_accept(['application/json'])
+      # HTTP header 'Content-Type'
+      content_type = @api_client.select_header_content_type(['application/json'])
+      if !content_type.nil?
+        header_params['Content-Type'] = content_type
+      end
+
+      # form parameters
+      form_params = opts[:form_params] || {}
+
+      # http body (model)
+      post_body = opts[:debug_body] || @api_client.object_to_http_body(body)
+
+      # return_type
+      return_type = opts[:debug_return_type] || 'InventoryapiUserExternalAssetCreateResponseV1'
+
+      # auth_names
+      auth_names = opts[:debug_auth_names] || ['oauth2']
+
+      new_options = opts.merge(
+        :operation => :"ExposureManagement.post_external_assets_inventory_v1",
+        :header_params => header_params,
+        :query_params => query_params,
+        :form_params => form_params,
+        :body => post_body,
+        :auth_names => auth_names,
+        :return_type => return_type
+      )
+
+      data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
+      if @api_client.config.debugging
+        @api_client.config.logger.debug "API called: ExposureManagement#post_external_assets_inventory_v1\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+      end
+      return data, status_code, headers
+    end
+
     # Retrieves a list of IDs for ecosystem subsidiaries. Use these IDs with the /entities/ecosystem-subsidiaries/v1 endpoints.
     # @param [Hash] opts the optional parameters
     # @option opts [Integer] :offset Starting index of result set from which to return subsidiaries (default to 0)
@@ -718,5 +784,72 @@ module Falcon
       end
       return data, status_code, headers
     end
+
+    # Get a list of external asset IDs that match the provided filter conditions. Use these IDs with the /entities/external-assets/v1 endpoint
+    # @param [Hash] opts the optional parameters
+    # @option opts [String] :after A pagination token used with the &#x60;limit&#x60; parameter to manage pagination of results. On your first request, don&#39;t provide an &#x60;after&#x60; token. On subsequent requests, provide the &#x60;after&#x60; token from the previous response to continue from that place in the results.
+    # @option opts [Integer] :limit number of IDs to return.
+    # @option opts [String] :sort Order by fields.
+    # @option opts [String] :filter Filter assets using an FQL query. Common filter options include:&lt;ul&gt;&lt;li&gt;asset_type:&#39;ip&#39;&lt;/li&gt;&lt;li&gt;last_seen_timestamp:&gt;&#39;now-7d&#39;&lt;/li&gt;&lt;/ul&gt;    &lt;/br&gt;Available filter fields that support exact match: asset_id, asset_type, confidence, connectivity_status, criticality, criticality_description, criticality_timestamp, criticality_username, data_providers, discovered_by, dns_domain.fqdn, dns_domain.isps, dns_domain.parent_domain, dns_domain.resolved_ips, dns_domain.services.applications.category, dns_domain.services.applications.cpe, dns_domain.services.applications.name, dns_domain.services.applications.vendor, dns_domain.services.applications.version, dns_domain.services.cloud_provider, dns_domain.services.cpes, dns_domain.services.hosting_provider, dns_domain.services.last_seen, dns_domain.services.platform_name, dns_domain.services.port, dns_domain.services.protocol, dns_domain.services.protocol_port, dns_domain.services.status, dns_domain.services.status_code, dns_domain.services.transport, dns_domain.type, first_seen, id, internet_exposure, ip.asn, ip.cloud_provider, ip.cloud_vm.description, ip.cloud_vm.instance_id, ip.cloud_vm.lifecycle, ip.cloud_vm.mac_address, ip.cloud_vm.owner_id, ip.cloud_vm.platform, ip.cloud_vm.private_ip, ip.cloud_vm.public_ip, ip.cloud_vm.region, ip.cloud_vm.security_groups, ip.cloud_vm.source, ip.cloud_vm.status, ip.fqdns, ip.ip_address, ip.isp, ip.location.area_code, ip.location.city, ip.location.country_code, ip.location.country_name, ip.location.postal_code, ip.location.region_code, ip.location.region_name, ip.location.timezone, ip.ptr, ip.aid, ip.services.applications.category, ip.services.applications.cpe, ip.services.applications.name, ip.services.applications.vendor, ip.services.applications.version, ip.services.cloud_provider, ip.services.cpes, ip.services.first_seen, ip.services.last_seen, ip.services.platform_name, ip.services.port, ip.services.protocol, ip.services.protocol_port, ip.services.status, ip.services.status_code, ip.services.transport, last_seen, manual, perimeter, subsidiaries.id, subsidiaries.name, triage.action, triage.assigned_to, triage.status, triage.updated_by, triage.updated_timestamp    &lt;/br&gt;Available filter fields that supports wildcard (*): asset_id, asset_type, confidence, connectivity_status, criticality, criticality_username, data_providers, discovered_by, dns_domain.fqdn, dns_domain.isps, dns_domain.parent_domain, dns_domain.resolved_ips, dns_domain.services.applications.category, dns_domain.services.applications.cpe, dns_domain.services.applications.name, dns_domain.services.applications.vendor, dns_domain.services.applications.version, dns_domain.services.cloud_provider, dns_domain.services.cpes, dns_domain.services.hosting_provider, dns_domain.services.id, dns_domain.services.platform_name, dns_domain.services.port, dns_domain.services.protocol, dns_domain.services.protocol_port, dns_domain.services.status, dns_domain.services.status_code, dns_domain.services.transport, dns_domain.type, id, internet_exposure, ip.asn, ip.cloud_vm.instance_id, ip.cloud_vm.lifecycle, ip.cloud_vm.mac_address, ip.cloud_vm.owner_id, ip.cloud_vm.platform, ip.cloud_vm.private_ip, ip.cloud_vm.public_ip, ip.cloud_vm.region, ip.cloud_vm.security_groups, ip.cloud_vm.source, ip.cloud_vm.status, ip.fqdns, ip.ip_address, ip.isp, ip.location.area_code, ip.location.city, ip.location.country_code, ip.location.country_name, ip.location.postal_code, ip.location.region_code, ip.location.region_name, ip.location.timezone, ip.ptr, ip.aid, ip.services.applications.category, ip.services.applications.cpe, ip.services.applications.name, ip.services.applications.vendor, ip.services.applications.version, ip.services.cloud_provider, ip.services.cpes, ip.services.platform_name, ip.services.port, ip.services.protocol, ip.services.protocol_port, ip.services.status, ip.services.status_code, ip.services.transport, manual, perimeter, subsidiaries.id, subsidiaries.name, triage.action, triage.assigned_to, triage.status, triage.updated_by    &lt;/br&gt;Available filter fields that supports in ([v1, v2]): asset_id, asset_type, confidence, connectivity_status, criticality, criticality_username, data_providers, discovered_by, dns_domain.fqdn, dns_domain.isps, dns_domain.parent_domain, dns_domain.services.applications.category, dns_domain.services.applications.cpe, dns_domain.services.applications.name, dns_domain.services.applications.vendor, dns_domain.services.applications.version, dns_domain.services.cloud_provider, dns_domain.services.cpes, dns_domain.services.id, dns_domain.services.platform_name, dns_domain.services.port, dns_domain.services.protocol, dns_domain.services.protocol_port, dns_domain.services.status, dns_domain.services.status_code, dns_domain.services.transport, dns_domain.type, id, internet_exposure, ip.asn, ip.cloud_vm.instance_id, ip.cloud_vm.lifecycle, ip.cloud_vm.mac_address, ip.cloud_vm.owner_id, ip.cloud_vm.platform, ip.cloud_vm.region, ip.cloud_vm.security_groups, ip.cloud_vm.source, ip.cloud_vm.status, ip.fqdns, ip.isp, ip.location.area_code, ip.location.city, ip.location.country_code, ip.location.country_name, ip.location.postal_code, ip.location.region_code, ip.location.region_name, ip.location.timezone, ip.ptr, ip.aid, ip.services.applications.category, ip.services.applications.cpe, ip.services.applications.name, ip.services.applications.vendor, ip.services.applications.version, ip.services.cloud_provider, ip.services.cpes, ip.services.platform_name, ip.services.port, ip.services.protocol, ip.services.protocol_port, ip.services.status, ip.services.status_code, ip.services.transport, manual, perimeter, subsidiaries.id, subsidiaries.name, triage.action, triage.assigned_to, triage.status, triage.updated_by    &lt;/br&gt;Available filter fields that supports range comparisons (&gt;, &lt;, &gt;&#x3D;, &lt;&#x3D;): criticality_timestamp, dns_domain.resolved_ips, dns_domain.services.first_seen, dns_domain.services.last_seen, dns_domain.services.port, dns_domain.services.status_code, first_seen, ip.cloud_vm.private_ip, ip.cloud_vm.public_ip, ip.ip_address, ip.services.first_seen, ip.services.last_seen, ip.services.port, ip.services.status_code, last_seen, triage.updated_timestamp    &lt;/br&gt;All filter fields and operations supports negation (!).
+    # @return [DomainDiscoverAPIResponse]
+    def query_external_assets_v2(opts = {})
+      data, _status_code, _headers = query_external_assets_v2_with_http_info(opts)
+      data
+    end
+
+    # Get a list of external asset IDs that match the provided filter conditions. Use these IDs with the /entities/external-assets/v1 endpoint
+    # @param [Hash] opts the optional parameters
+    # @option opts [String] :after A pagination token used with the &#x60;limit&#x60; parameter to manage pagination of results. On your first request, don&#39;t provide an &#x60;after&#x60; token. On subsequent requests, provide the &#x60;after&#x60; token from the previous response to continue from that place in the results.
+    # @option opts [Integer] :limit number of IDs to return.
+    # @option opts [String] :sort Order by fields.
+    # @option opts [String] :filter Filter assets using an FQL query. Common filter options include:&lt;ul&gt;&lt;li&gt;asset_type:&#39;ip&#39;&lt;/li&gt;&lt;li&gt;last_seen_timestamp:&gt;&#39;now-7d&#39;&lt;/li&gt;&lt;/ul&gt;    &lt;/br&gt;Available filter fields that support exact match: asset_id, asset_type, confidence, connectivity_status, criticality, criticality_description, criticality_timestamp, criticality_username, data_providers, discovered_by, dns_domain.fqdn, dns_domain.isps, dns_domain.parent_domain, dns_domain.resolved_ips, dns_domain.services.applications.category, dns_domain.services.applications.cpe, dns_domain.services.applications.name, dns_domain.services.applications.vendor, dns_domain.services.applications.version, dns_domain.services.cloud_provider, dns_domain.services.cpes, dns_domain.services.hosting_provider, dns_domain.services.last_seen, dns_domain.services.platform_name, dns_domain.services.port, dns_domain.services.protocol, dns_domain.services.protocol_port, dns_domain.services.status, dns_domain.services.status_code, dns_domain.services.transport, dns_domain.type, first_seen, id, internet_exposure, ip.asn, ip.cloud_provider, ip.cloud_vm.description, ip.cloud_vm.instance_id, ip.cloud_vm.lifecycle, ip.cloud_vm.mac_address, ip.cloud_vm.owner_id, ip.cloud_vm.platform, ip.cloud_vm.private_ip, ip.cloud_vm.public_ip, ip.cloud_vm.region, ip.cloud_vm.security_groups, ip.cloud_vm.source, ip.cloud_vm.status, ip.fqdns, ip.ip_address, ip.isp, ip.location.area_code, ip.location.city, ip.location.country_code, ip.location.country_name, ip.location.postal_code, ip.location.region_code, ip.location.region_name, ip.location.timezone, ip.ptr, ip.aid, ip.services.applications.category, ip.services.applications.cpe, ip.services.applications.name, ip.services.applications.vendor, ip.services.applications.version, ip.services.cloud_provider, ip.services.cpes, ip.services.first_seen, ip.services.last_seen, ip.services.platform_name, ip.services.port, ip.services.protocol, ip.services.protocol_port, ip.services.status, ip.services.status_code, ip.services.transport, last_seen, manual, perimeter, subsidiaries.id, subsidiaries.name, triage.action, triage.assigned_to, triage.status, triage.updated_by, triage.updated_timestamp    &lt;/br&gt;Available filter fields that supports wildcard (*): asset_id, asset_type, confidence, connectivity_status, criticality, criticality_username, data_providers, discovered_by, dns_domain.fqdn, dns_domain.isps, dns_domain.parent_domain, dns_domain.resolved_ips, dns_domain.services.applications.category, dns_domain.services.applications.cpe, dns_domain.services.applications.name, dns_domain.services.applications.vendor, dns_domain.services.applications.version, dns_domain.services.cloud_provider, dns_domain.services.cpes, dns_domain.services.hosting_provider, dns_domain.services.id, dns_domain.services.platform_name, dns_domain.services.port, dns_domain.services.protocol, dns_domain.services.protocol_port, dns_domain.services.status, dns_domain.services.status_code, dns_domain.services.transport, dns_domain.type, id, internet_exposure, ip.asn, ip.cloud_vm.instance_id, ip.cloud_vm.lifecycle, ip.cloud_vm.mac_address, ip.cloud_vm.owner_id, ip.cloud_vm.platform, ip.cloud_vm.private_ip, ip.cloud_vm.public_ip, ip.cloud_vm.region, ip.cloud_vm.security_groups, ip.cloud_vm.source, ip.cloud_vm.status, ip.fqdns, ip.ip_address, ip.isp, ip.location.area_code, ip.location.city, ip.location.country_code, ip.location.country_name, ip.location.postal_code, ip.location.region_code, ip.location.region_name, ip.location.timezone, ip.ptr, ip.aid, ip.services.applications.category, ip.services.applications.cpe, ip.services.applications.name, ip.services.applications.vendor, ip.services.applications.version, ip.services.cloud_provider, ip.services.cpes, ip.services.platform_name, ip.services.port, ip.services.protocol, ip.services.protocol_port, ip.services.status, ip.services.status_code, ip.services.transport, manual, perimeter, subsidiaries.id, subsidiaries.name, triage.action, triage.assigned_to, triage.status, triage.updated_by    &lt;/br&gt;Available filter fields that supports in ([v1, v2]): asset_id, asset_type, confidence, connectivity_status, criticality, criticality_username, data_providers, discovered_by, dns_domain.fqdn, dns_domain.isps, dns_domain.parent_domain, dns_domain.services.applications.category, dns_domain.services.applications.cpe, dns_domain.services.applications.name, dns_domain.services.applications.vendor, dns_domain.services.applications.version, dns_domain.services.cloud_provider, dns_domain.services.cpes, dns_domain.services.id, dns_domain.services.platform_name, dns_domain.services.port, dns_domain.services.protocol, dns_domain.services.protocol_port, dns_domain.services.status, dns_domain.services.status_code, dns_domain.services.transport, dns_domain.type, id, internet_exposure, ip.asn, ip.cloud_vm.instance_id, ip.cloud_vm.lifecycle, ip.cloud_vm.mac_address, ip.cloud_vm.owner_id, ip.cloud_vm.platform, ip.cloud_vm.region, ip.cloud_vm.security_groups, ip.cloud_vm.source, ip.cloud_vm.status, ip.fqdns, ip.isp, ip.location.area_code, ip.location.city, ip.location.country_code, ip.location.country_name, ip.location.postal_code, ip.location.region_code, ip.location.region_name, ip.location.timezone, ip.ptr, ip.aid, ip.services.applications.category, ip.services.applications.cpe, ip.services.applications.name, ip.services.applications.vendor, ip.services.applications.version, ip.services.cloud_provider, ip.services.cpes, ip.services.platform_name, ip.services.port, ip.services.protocol, ip.services.protocol_port, ip.services.status, ip.services.status_code, ip.services.transport, manual, perimeter, subsidiaries.id, subsidiaries.name, triage.action, triage.assigned_to, triage.status, triage.updated_by    &lt;/br&gt;Available filter fields that supports range comparisons (&gt;, &lt;, &gt;&#x3D;, &lt;&#x3D;): criticality_timestamp, dns_domain.resolved_ips, dns_domain.services.first_seen, dns_domain.services.last_seen, dns_domain.services.port, dns_domain.services.status_code, first_seen, ip.cloud_vm.private_ip, ip.cloud_vm.public_ip, ip.ip_address, ip.services.first_seen, ip.services.last_seen, ip.services.port, ip.services.status_code, last_seen, triage.updated_timestamp    &lt;/br&gt;All filter fields and operations supports negation (!).
+    # @return [Array<(DomainDiscoverAPIResponse, Integer, Hash)>] DomainDiscoverAPIResponse data, response status code and response headers
+    def query_external_assets_v2_with_http_info(opts = {})
+      if @api_client.config.debugging
+        @api_client.config.logger.debug 'Calling API: ExposureManagement.query_external_assets_v2 ...'
+      end
+      # resource path
+      local_var_path = '/fem/queries/external-assets/v2'
+
+      # query parameters
+      query_params = opts[:query_params] || {}
+      query_params[:'after'] = opts[:'after'] if !opts[:'after'].nil?
+      query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil?
+      query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
+      query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil?
+
+      # header parameters
+      header_params = opts[:header_params] || {}
+      # HTTP header 'Accept' (if needed)
+      header_params['Accept'] = @api_client.select_header_accept(['application/json'])
+
+      # form parameters
+      form_params = opts[:form_params] || {}
+
+      # http body (model)
+      post_body = opts[:debug_body]
+
+      # return_type
+      return_type = opts[:debug_return_type] || 'DomainDiscoverAPIResponse'
+
+      # auth_names
+      auth_names = opts[:debug_auth_names] || ['oauth2']
+
+      new_options = opts.merge(
+        :operation => :"ExposureManagement.query_external_assets_v2",
+        :header_params => header_params,
+        :query_params => query_params,
+        :form_params => form_params,
+        :body => post_body,
+        :auth_names => auth_names,
+        :return_type => return_type
+      )
+
+      data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
+      if @api_client.config.debugging
+        @api_client.config.logger.debug "API called: ExposureManagement#query_external_assets_v2\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+      end
+      return data, status_code, headers
+    end
   end
 end

data/lib/crimson-falcon/api/falcon_complete_dashboard.rb

@@ -36,7 +36,7 @@ module Falcon
     def initialize(api_client = ApiClient.default)
       @api_client = api_client
     end
-    # Retrieve aggregate alerts values based on the matched filter
+    # Retrieve aggregate epp alerts values based on the matched filter
     # @param body [Array<MsaAggregateQueryRequest>]
     # @param [Hash] opts the optional parameters
     # @return [MsaAggregatesResponse]
@@ -45,7 +45,7 @@ module Falcon
       data
     end
 
-    # Retrieve aggregate alerts values based on the matched filter
+    # Retrieve aggregate epp alerts values based on the matched filter
     # @param body [Array<MsaAggregateQueryRequest>]
     # @param [Hash] opts the optional parameters
     # @return [Array<(MsaAggregatesResponse, Integer, Hash)>] MsaAggregatesResponse data, response status code and response headers
@@ -897,7 +897,7 @@ module Falcon
       return data, status_code, headers
     end
 
-    # Retrieve Alerts Ids that match the provided FQL filter criteria with scrolling enabled
+    # Retrieve Alerts Ids for epp that match the provided FQL filter criteria with scrolling enabled
     # @param [Hash] opts the optional parameters
     # @option opts [Integer] :limit The maximum records to return. [1-500]
     # @option opts [String] :sort The property to sort on, followed by a dot (.), followed by the sort direction, either \&quot;asc\&quot; or \&quot;desc\&quot;.
@@ -909,7 +909,7 @@ module Falcon
       data
     end
 
-    # Retrieve Alerts Ids that match the provided FQL filter criteria with scrolling enabled
+    # Retrieve Alerts Ids for epp that match the provided FQL filter criteria with scrolling enabled
     # @param [Hash] opts the optional parameters
     # @option opts [Integer] :limit The maximum records to return. [1-500]
     # @option opts [String] :sort The property to sort on, followed by a dot (.), followed by the sort direction, either \&quot;asc\&quot; or \&quot;desc\&quot;.
@@ -964,6 +964,73 @@ module Falcon
       return data, status_code, headers
     end
 
+    # Retrieve Alerts Ids for epp, idp and ngsiem that match the provided FQL filter criteria with scrolling enabled
+    # @param [Hash] opts the optional parameters
+    # @option opts [Integer] :limit The maximum records to return. [1-500]
+    # @option opts [String] :sort The property to sort on, followed by a dot (.), followed by the sort direction, either \&quot;asc\&quot; or \&quot;desc\&quot;.
+    # @option opts [String] :filter Optional filter and sort criteria in the form of an FQL query. For more information about FQL queries, see [our FQL documentation in Falcon](https://falcon.crowdstrike.com/support/documentation/45/falcon-query-language-feature-guide).
+    # @option opts [String] :offset Starting index of overall result set from which to return ids.
+    # @return [MsaspecQueryResponse]
+    def query_alert_ids_by_filter_v2(opts = {})
+      data, _status_code, _headers = query_alert_ids_by_filter_v2_with_http_info(opts)
+      data
+    end
+
+    # Retrieve Alerts Ids for epp, idp and ngsiem that match the provided FQL filter criteria with scrolling enabled
+    # @param [Hash] opts the optional parameters
+    # @option opts [Integer] :limit The maximum records to return. [1-500]
+    # @option opts [String] :sort The property to sort on, followed by a dot (.), followed by the sort direction, either \&quot;asc\&quot; or \&quot;desc\&quot;.
+    # @option opts [String] :filter Optional filter and sort criteria in the form of an FQL query. For more information about FQL queries, see [our FQL documentation in Falcon](https://falcon.crowdstrike.com/support/documentation/45/falcon-query-language-feature-guide).
+    # @option opts [String] :offset Starting index of overall result set from which to return ids.
+    # @return [Array<(MsaspecQueryResponse, Integer, Hash)>] MsaspecQueryResponse data, response status code and response headers
+    def query_alert_ids_by_filter_v2_with_http_info(opts = {})
+      if @api_client.config.debugging
+        @api_client.config.logger.debug 'Calling API: FalconCompleteDashboard.query_alert_ids_by_filter_v2 ...'
+      end
+      # resource path
+      local_var_path = '/falcon-complete-dashboards/queries/alerts/v2'
+
+      # query parameters
+      query_params = opts[:query_params] || {}
+      query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil?
+      query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
+      query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil?
+      query_params[:'offset'] = opts[:'offset'] if !opts[:'offset'].nil?
+
+      # header parameters
+      header_params = opts[:header_params] || {}
+      # HTTP header 'Accept' (if needed)
+      header_params['Accept'] = @api_client.select_header_accept(['application/json'])
+
+      # form parameters
+      form_params = opts[:form_params] || {}
+
+      # http body (model)
+      post_body = opts[:debug_body]
+
+      # return_type
+      return_type = opts[:debug_return_type] || 'MsaspecQueryResponse'
+
+      # auth_names
+      auth_names = opts[:debug_auth_names] || ['oauth2']
+
+      new_options = opts.merge(
+        :operation => :"FalconCompleteDashboard.query_alert_ids_by_filter_v2",
+        :header_params => header_params,
+        :query_params => query_params,
+        :form_params => form_params,
+        :body => post_body,
+        :auth_names => auth_names,
+        :return_type => return_type
+      )
+
+      data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
+      if @api_client.config.debugging
+        @api_client.config.logger.debug "API called: FalconCompleteDashboard#query_alert_ids_by_filter_v2\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+      end
+      return data, status_code, headers
+    end
+
     # Retrieve allowlist tickets that match the provided filter criteria with scrolling enabled
     # @param [Hash] opts the optional parameters
     # @option opts [Integer] :limit The maximum records to return. [1-500]

data/lib/crimson-falcon/api/falcon_container_image.rb

@@ -226,6 +226,61 @@ module Falcon
       return data, status_code, headers
     end
 
+    # Get headers for POST request for image scan inventory
+    # @param [Hash] opts the optional parameters
+    # @return [nil]
+    def head_image_scan_inventory(opts = {})
+      head_image_scan_inventory_with_http_info(opts)
+      nil
+    end
+
+    # Get headers for POST request for image scan inventory
+    # @param [Hash] opts the optional parameters
+    # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers
+    def head_image_scan_inventory_with_http_info(opts = {})
+      if @api_client.config.debugging
+        @api_client.config.logger.debug 'Calling API: FalconContainerImage.head_image_scan_inventory ...'
+      end
+      # resource path
+      local_var_path = '/image-assessment/entities/image-inventory/v1'
+
+      # query parameters
+      query_params = opts[:query_params] || {}
+
+      # header parameters
+      header_params = opts[:header_params] || {}
+      # HTTP header 'Accept' (if needed)
+      header_params['Accept'] = @api_client.select_header_accept(['application/json'])
+
+      # form parameters
+      form_params = opts[:form_params] || {}
+
+      # http body (model)
+      post_body = opts[:debug_body]
+
+      # return_type
+      return_type = opts[:debug_return_type]
+
+      # auth_names
+      auth_names = opts[:debug_auth_names] || ['oauth2']
+
+      new_options = opts.merge(
+        :operation => :"FalconContainerImage.head_image_scan_inventory",
+        :header_params => header_params,
+        :query_params => query_params,
+        :form_params => form_params,
+        :body => post_body,
+        :auth_names => auth_names,
+        :return_type => return_type
+      )
+
+      data, status_code, headers = @api_client.call_api(:HEAD, local_var_path, new_options)
+      if @api_client.config.debugging
+        @api_client.config.logger.debug "API called: FalconContainerImage#head_image_scan_inventory\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+      end
+      return data, status_code, headers
+    end
+
     # Launch an export job of a Container Security resource. Maximum of 1 job in progress per resource
     # @param body [ExportsLaunchExportRequest] Supported resources: - &#x60;assets.clusters&#x60; - &#x60;assets.containers&#x60; - &#x60;assets.deployments&#x60; - &#x60;assets.images&#x60; - &#x60;assets.namespaces&#x60; - &#x60;assets.nodes&#x60; - &#x60;assets.pods&#x60; - &#x60;images.images-assessment-detections-expanded&#x60; - &#x60;images.images-assessment-expanded&#x60; - &#x60;images.images-assessment-vulnerabilities-expanded&#x60; - &#x60;images.images-assessment&#x60; - &#x60;images.images-detections&#x60; - &#x60;images.packages&#x60; - &#x60;images.vulnerabilities&#x60; - &#x60;investigate.container-alerts&#x60; - &#x60;investigate.drift-indicators&#x60; - &#x60;investigate.kubernetes-ioms&#x60; - &#x60;investigate.runtime-detections&#x60; - &#x60;investigate.unidentified-containers&#x60; - &#x60;network.events&#x60; - &#x60;policies.exclusions&#x60;
     # @param [Hash] opts the optional parameters
@@ -292,6 +347,72 @@ module Falcon
       return data, status_code, headers
     end
 
+    # Post image scan inventory
+    # @param body [ModelsInventoryScanRequestType]
+    # @param [Hash] opts the optional parameters
+    # @return [nil]
+    def post_image_scan_inventory(body, opts = {})
+      post_image_scan_inventory_with_http_info(body, opts)
+      nil
+    end
+
+    # Post image scan inventory
+    # @param body [ModelsInventoryScanRequestType]
+    # @param [Hash] opts the optional parameters
+    # @return [Array<(nil, Integer, Hash)>] nil, response status code and response headers
+    def post_image_scan_inventory_with_http_info(body, opts = {})
+      if @api_client.config.debugging
+        @api_client.config.logger.debug 'Calling API: FalconContainerImage.post_image_scan_inventory ...'
+      end
+      # verify the required parameter 'body' is set
+      if @api_client.config.client_side_validation && body.nil?
+        fail ArgumentError, "Missing the required parameter 'body' when calling FalconContainerImage.post_image_scan_inventory"
+      end
+      # resource path
+      local_var_path = '/image-assessment/entities/image-inventory/v1'
+
+      # query parameters
+      query_params = opts[:query_params] || {}
+
+      # header parameters
+      header_params = opts[:header_params] || {}
+      # HTTP header 'Accept' (if needed)
+      header_params['Accept'] = @api_client.select_header_accept(['application/json'])
+      # HTTP header 'Content-Type'
+      content_type = @api_client.select_header_content_type(['application/json'])
+      if !content_type.nil?
+        header_params['Content-Type'] = content_type
+      end
+
+      # form parameters
+      form_params = opts[:form_params] || {}
+
+      # http body (model)
+      post_body = opts[:debug_body] || @api_client.object_to_http_body(body)
+
+      # return_type
+      return_type = opts[:debug_return_type]
+
+      # auth_names
+      auth_names = opts[:debug_auth_names] || ['oauth2']
+
+      new_options = opts.merge(
+        :operation => :"FalconContainerImage.post_image_scan_inventory",
+        :header_params => header_params,
+        :query_params => query_params,
+        :form_params => form_params,
+        :body => post_body,
+        :auth_names => auth_names,
+        :return_type => return_type
+      )
+
+      data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
+      if @api_client.config.debugging
+        @api_client.config.logger.debug "API called: FalconContainerImage#post_image_scan_inventory\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+      end
+      return data, status_code, headers
+    end
+
     # Query export jobs entities
     # @param [Hash] opts the optional parameters
     # @option opts [String] :filter Filter exports using a query in Falcon Query Language (FQL). Only the last 100 jobs are returned. Supported filter fields: - &#x60;resource&#x60; - &#x60;status&#x60;

data/lib/crimson-falcon/api/falconx_sandbox.rb

@@ -823,8 +823,8 @@ module Falcon
     # @option opts [Integer] :limit Maximum number of submission IDs to return. Max: 5000.
     # @option opts [String] :sort Sort order: `asc` or `desc`.
     # @return [MsaspecQueryResponse]
-    def query_submissions_mixin0(opts = {})
-      data, _status_code, _headers = query_submissions_mixin0_with_http_info(opts)
+    def query_submissions(opts = {})
+      data, _status_code, _headers = query_submissions_with_http_info(opts)
       data
     end
 
@@ -835,9 +835,9 @@ module Falcon
     # @option opts [Integer] :limit Maximum number of submission IDs to return. Max: 5000.
     # @option opts [String] :sort Sort order: `asc` or `desc`.
     # @return [Array<(MsaspecQueryResponse, Integer, Hash)>] MsaspecQueryResponse data, response status code and response headers
-    def query_submissions_mixin0_with_http_info(opts = {})
+    def query_submissions_with_http_info(opts = {})
       if @api_client.config.debugging
-        @api_client.config.logger.debug 'Calling API: FalconxSandbox.query_submissions_mixin0 ...'
+        @api_client.config.logger.debug 'Calling API: FalconxSandbox.query_submissions ...'
       end
       # resource path
       local_var_path = '/falconx/queries/submissions/v1'
@@ -867,7 +867,7 @@ module Falcon
       auth_names = opts[:debug_auth_names] || ['oauth2']
 
       new_options = opts.merge(
-        :operation => :"FalconxSandbox.query_submissions_mixin0",
+        :operation => :"FalconxSandbox.query_submissions",
         :header_params => header_params,
         :query_params => query_params,
         :form_params => form_params,
@@ -878,13 +878,13 @@ module Falcon
 
       data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
       if @api_client.config.debugging
-        @api_client.config.logger.debug "API called: FalconxSandbox#query_submissions_mixin0\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+        @api_client.config.logger.debug "API called: FalconxSandbox#query_submissions\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
       end
       return data, status_code, headers
     end
 
     # Submit an uploaded file or a URL for sandbox analysis. Time required for analysis varies but is usually less than 15 minutes.
-    # @param body [FalconxSubmissionParametersV1] Submit either a URL or a sample SHA256 for sandbox analysis. The sample file must have been previously uploaded through &#x60;/samples/entities/samples/v2&#x60;. You must specify a JSON object that includes the &#x60;falconx.SubmissionParametersV1&#x60; key/value pairs shown below.  **&#x60;environment_id&#x60;**: Specifies the sandbox environment used for analysis. Values:  - &#x60;400&#x60;: MacOS Catalina 10.15 - &#x60;410&#x60;: MacOS Sonoma ARM 64 bit - &#x60;300&#x60;: Linux Ubuntu 16.04, 64-bit - &#x60;200&#x60;: Android (static analysis) - &#x60;160&#x60;: Windows 10, 64-bit - &#x60;140&#x60;: Windows 11, 64-bit - &#x60;110&#x60;: Windows 7, 64-bit - &#x60;100&#x60;: Windows 7, 32-bit  **&#x60;sha256&#x60;** ID of the sample, which is a SHA256 hash value. Find a sample ID from the response when uploading a malware sample or search with &#x60;/falconx/queries/submissions/v1&#x60;.The &#x60;url&#x60; parameter must be unset if &#x60;sha256&#x60; is used.  **&#x60;url&#x60;** A web page or file URL. It can be HTTP(S) or FTP. The &#x60;sha256&#x60; parameter must be unset if &#x60;url&#x60; is used.  **&#x60;action_script&#x60;** (optional): Runtime script for sandbox analysis. Values:  - &#x60;default&#x60; - &#x60;default_maxantievasion&#x60; - &#x60;default_randomfiles&#x60; - &#x60;default_randomtheme&#x60; - &#x60;default_openie&#x60;  **&#x60;command_line&#x60;** (optional): Command line script passed to the submitted file at runtime. Max length: 2048 characters  **&#x60;document_password&#x60;** (optional): Auto-filled for Adobe or Office files that prompt for a password. Max length: 32 characters  **&#x60;enable_tor&#x60;** (optional): Deprecated, please use &#x60;network_settings&#x60; instead. If &#x60;true&#x60;, sandbox analysis routes network traffic via TOR. Default: &#x60;false&#x60;.  **&#x60;network_settings&#x60;** (optional): Specifies the sandbox network_settings used for analysis. Values:  - &#x60;default&#x60;: Fully operating network - &#x60;tor&#x60;: Route network traffic via TOR - &#x60;simulated&#x60;: Simulate network traffic - &#x60;offline&#x60;: No network traffic  **&#x60;submit_name&#x60;** (optional): Name of the malware sample that&#39;s used for file type detection and analysis  **&#x60;system_date&#x60;** (optional): Set a custom date in the format &#x60;yyyy-MM-dd&#x60; for the sandbox environment  **&#x60;system_time&#x60;** (optional): Set a custom time in the format &#x60;HH:mm&#x60; for the sandbox environment.
+    # @param body [FalconxSubmissionParametersV1] Submit either a URL or a sample SHA256 for sandbox analysis. The sample file must have been previously uploaded through &#x60;/samples/entities/samples/v2&#x60;. You must specify a JSON object that includes the &#x60;falconx.SubmissionParametersV1&#x60; key/value pairs shown below.  **&#x60;environment_id&#x60;**: Specifies the sandbox environment used for analysis. Values:  - &#x60;400&#x60;: MacOS Catalina 10.15 - &#x60;300&#x60;: Linux Ubuntu 16.04, 64-bit - deprecated - &#x60;310&#x60;: Linux Ubuntu 20, 64-bit - &#x60;200&#x60;: Android (static analysis) - &#x60;160&#x60;: Windows 10, 64-bit - &#x60;140&#x60;: Windows 11, 64-bit - &#x60;110&#x60;: Windows 7, 64-bit - &#x60;100&#x60;: Windows 7, 32-bit  **&#x60;sha256&#x60;** ID of the sample, which is a SHA256 hash value. Find a sample ID from the response when uploading a malware sample or search with &#x60;/falconx/queries/submissions/v1&#x60;.The &#x60;url&#x60; parameter must be unset if &#x60;sha256&#x60; is used.  **&#x60;url&#x60;** A web page or file URL. It can be HTTP(S) or FTP. The &#x60;sha256&#x60; parameter must be unset if &#x60;url&#x60; is used.  **&#x60;action_script&#x60;** (optional): Runtime script for sandbox analysis. Values:  - &#x60;default&#x60; - &#x60;default_maxantievasion&#x60; - &#x60;default_randomfiles&#x60; - &#x60;default_randomtheme&#x60; - &#x60;default_openie&#x60;  **&#x60;command_line&#x60;** (optional): Command line script passed to the submitted file at runtime. Max length: 2048 characters  **&#x60;document_password&#x60;** (optional): Auto-filled for Adobe or Office files that prompt for a password. Max length: 32 characters  **&#x60;enable_tor&#x60;** (optional): Deprecated, please use &#x60;network_settings&#x60; instead. If &#x60;true&#x60;, sandbox analysis routes network traffic via TOR. Default: &#x60;false&#x60;.  **&#x60;network_settings&#x60;** (optional): Specifies the sandbox network_settings used for analysis. Values:  - &#x60;default&#x60;: Fully operating network - &#x60;tor&#x60;: Route network traffic via TOR - &#x60;simulated&#x60;: Simulate network traffic - &#x60;offline&#x60;: No network traffic  **&#x60;submit_name&#x60;** (optional): Name of the malware sample that&#39;s used for file type detection and analysis  **&#x60;system_date&#x60;** (optional): Set a custom date in the format &#x60;yyyy-MM-dd&#x60; for the sandbox environment  **&#x60;system_time&#x60;** (optional): Set a custom time in the format &#x60;HH:mm&#x60; for the sandbox environment.
     # @param [Hash] opts the optional parameters
     # @option opts [String] :aid Agent ID
     # @return [FalconxSubmissionV1Response]
@@ -894,7 +894,7 @@ module Falcon
     end
 
     # Submit an uploaded file or a URL for sandbox analysis. Time required for analysis varies but is usually less than 15 minutes.
-    # @param body [FalconxSubmissionParametersV1] Submit either a URL or a sample SHA256 for sandbox analysis. The sample file must have been previously uploaded through &#x60;/samples/entities/samples/v2&#x60;. You must specify a JSON object that includes the &#x60;falconx.SubmissionParametersV1&#x60; key/value pairs shown below.  **&#x60;environment_id&#x60;**: Specifies the sandbox environment used for analysis. Values:  - &#x60;400&#x60;: MacOS Catalina 10.15 - &#x60;410&#x60;: MacOS Sonoma ARM 64 bit - &#x60;300&#x60;: Linux Ubuntu 16.04, 64-bit - &#x60;200&#x60;: Android (static analysis) - &#x60;160&#x60;: Windows 10, 64-bit - &#x60;140&#x60;: Windows 11, 64-bit - &#x60;110&#x60;: Windows 7, 64-bit - &#x60;100&#x60;: Windows 7, 32-bit  **&#x60;sha256&#x60;** ID of the sample, which is a SHA256 hash value. Find a sample ID from the response when uploading a malware sample or search with &#x60;/falconx/queries/submissions/v1&#x60;.The &#x60;url&#x60; parameter must be unset if &#x60;sha256&#x60; is used.  **&#x60;url&#x60;** A web page or file URL. It can be HTTP(S) or FTP. The &#x60;sha256&#x60; parameter must be unset if &#x60;url&#x60; is used.  **&#x60;action_script&#x60;** (optional): Runtime script for sandbox analysis. Values:  - &#x60;default&#x60; - &#x60;default_maxantievasion&#x60; - &#x60;default_randomfiles&#x60; - &#x60;default_randomtheme&#x60; - &#x60;default_openie&#x60;  **&#x60;command_line&#x60;** (optional): Command line script passed to the submitted file at runtime. Max length: 2048 characters  **&#x60;document_password&#x60;** (optional): Auto-filled for Adobe or Office files that prompt for a password. Max length: 32 characters  **&#x60;enable_tor&#x60;** (optional): Deprecated, please use &#x60;network_settings&#x60; instead. If &#x60;true&#x60;, sandbox analysis routes network traffic via TOR. Default: &#x60;false&#x60;.  **&#x60;network_settings&#x60;** (optional): Specifies the sandbox network_settings used for analysis. Values:  - &#x60;default&#x60;: Fully operating network - &#x60;tor&#x60;: Route network traffic via TOR - &#x60;simulated&#x60;: Simulate network traffic - &#x60;offline&#x60;: No network traffic  **&#x60;submit_name&#x60;** (optional): Name of the malware sample that&#39;s used for file type detection and analysis  **&#x60;system_date&#x60;** (optional): Set a custom date in the format &#x60;yyyy-MM-dd&#x60; for the sandbox environment  **&#x60;system_time&#x60;** (optional): Set a custom time in the format &#x60;HH:mm&#x60; for the sandbox environment.
+    # @param body [FalconxSubmissionParametersV1] Submit either a URL or a sample SHA256 for sandbox analysis. The sample file must have been previously uploaded through &#x60;/samples/entities/samples/v2&#x60;. You must specify a JSON object that includes the &#x60;falconx.SubmissionParametersV1&#x60; key/value pairs shown below.  **&#x60;environment_id&#x60;**: Specifies the sandbox environment used for analysis. Values:  - &#x60;400&#x60;: MacOS Catalina 10.15 - &#x60;300&#x60;: Linux Ubuntu 16.04, 64-bit - deprecated - &#x60;310&#x60;: Linux Ubuntu 20, 64-bit - &#x60;200&#x60;: Android (static analysis) - &#x60;160&#x60;: Windows 10, 64-bit - &#x60;140&#x60;: Windows 11, 64-bit - &#x60;110&#x60;: Windows 7, 64-bit - &#x60;100&#x60;: Windows 7, 32-bit  **&#x60;sha256&#x60;** ID of the sample, which is a SHA256 hash value. Find a sample ID from the response when uploading a malware sample or search with &#x60;/falconx/queries/submissions/v1&#x60;.The &#x60;url&#x60; parameter must be unset if &#x60;sha256&#x60; is used.  **&#x60;url&#x60;** A web page or file URL. It can be HTTP(S) or FTP. The &#x60;sha256&#x60; parameter must be unset if &#x60;url&#x60; is used.  **&#x60;action_script&#x60;** (optional): Runtime script for sandbox analysis. Values:  - &#x60;default&#x60; - &#x60;default_maxantievasion&#x60; - &#x60;default_randomfiles&#x60; - &#x60;default_randomtheme&#x60; - &#x60;default_openie&#x60;  **&#x60;command_line&#x60;** (optional): Command line script passed to the submitted file at runtime. Max length: 2048 characters  **&#x60;document_password&#x60;** (optional): Auto-filled for Adobe or Office files that prompt for a password. Max length: 32 characters  **&#x60;enable_tor&#x60;** (optional): Deprecated, please use &#x60;network_settings&#x60; instead. If &#x60;true&#x60;, sandbox analysis routes network traffic via TOR. Default: &#x60;false&#x60;.  **&#x60;network_settings&#x60;** (optional): Specifies the sandbox network_settings used for analysis. Values:  - &#x60;default&#x60;: Fully operating network - &#x60;tor&#x60;: Route network traffic via TOR - &#x60;simulated&#x60;: Simulate network traffic - &#x60;offline&#x60;: No network traffic  **&#x60;submit_name&#x60;** (optional): Name of the malware sample that&#39;s used for file type detection and analysis  **&#x60;system_date&#x60;** (optional): Set a custom date in the format &#x60;yyyy-MM-dd&#x60; for the sandbox environment  **&#x60;system_time&#x60;** (optional): Set a custom time in the format &#x60;HH:mm&#x60; for the sandbox environment.
     # @param [Hash] opts the optional parameters
     # @option opts [String] :aid Agent ID
     # @return [Array<(FalconxSubmissionV1Response, Integer, Hash)>] FalconxSubmissionV1Response data, response status code and response headers

data/lib/crimson-falcon/api/foundry_logscale.rb

@@ -41,7 +41,7 @@ module Falcon
     # @param [Hash] opts the optional parameters
     # @option opts [String] :app_id Application ID.
     # @option opts [Boolean] :include_schema_generation Include generated schemas in the response (default to false)
-    # @option opts [Boolean] :include_test_data Include test data when executing searches (default to false)
+    # @option opts [Boolean] :include_test_data Include test data when executing searches
     # @option opts [Boolean] :infer_json_types Whether to try to infer data types in json event response instead of returning map[string]string (default to false)
     # @option opts [Boolean] :match_response_schema Whether to validate search results against their schema (default to false)
     # @option opts [Boolean] :metadata Whether to include metadata in the response (default to false)
@@ -58,7 +58,7 @@ module Falcon
     # @param [Hash] opts the optional parameters
     # @option opts [String] :app_id Application ID.
     # @option opts [Boolean] :include_schema_generation Include generated schemas in the response (default to false)
-    # @option opts [Boolean] :include_test_data Include test data when executing searches (default to false)
+    # @option opts [Boolean] :include_test_data Include test data when executing searches
     # @option opts [Boolean] :infer_json_types Whether to try to infer data types in json event response instead of returning map[string]string (default to false)
     # @option opts [Boolean] :match_response_schema Whether to validate search results against their schema (default to false)
     # @option opts [Boolean] :metadata Whether to include metadata in the response (default to false)
@@ -143,7 +143,7 @@ module Falcon
     # @param [Hash] opts the optional parameters
     # @option opts [String] :app_id Application ID.
     # @option opts [Boolean] :include_schema_generation Include generated schemas in the response (default to false)
-    # @option opts [Boolean] :include_test_data Include test data when executing searches (default to false)
+    # @option opts [Boolean] :include_test_data Include test data when executing searches
     # @option opts [Boolean] :infer_json_types Whether to try to infer data types in json event response instead of returning map[string]string (default to false)
     # @option opts [Boolean] :match_response_schema Whether to validate search results against their schema (default to false)
     # @option opts [Boolean] :metadata Whether to include metadata in the response (default to false)
@@ -160,7 +160,7 @@ module Falcon
     # @param [Hash] opts the optional parameters
     # @option opts [String] :app_id Application ID.
     # @option opts [Boolean] :include_schema_generation Include generated schemas in the response (default to false)
-    # @option opts [Boolean] :include_test_data Include test data when executing searches (default to false)
+    # @option opts [Boolean] :include_test_data Include test data when executing searches
     # @option opts [Boolean] :infer_json_types Whether to try to infer data types in json event response instead of returning map[string]string (default to false)
     # @option opts [Boolean] :match_response_schema Whether to validate search results against their schema (default to false)
     # @option opts [Boolean] :metadata Whether to include metadata in the response (default to false)
@@ -245,7 +245,7 @@ module Falcon
     # @param [Hash] opts the optional parameters
     # @option opts [String] :app_id Application ID.
     # @option opts [Boolean] :detailed Whether to include search field details (default to false)
-    # @option opts [Boolean] :include_test_data Include test data when executing searches (default to false)
+    # @option opts [Boolean] :include_test_data Include test data when executing searches
     # @option opts [Boolean] :infer_json_types Whether to try to infer data types in json event response instead of returning map[string]string (default to false)
     # @option opts [Boolean] :match_response_schema Whether to validate search results against their schema (default to false)
     # @option opts [Boolean] :metadata Whether to include metadata in the response (default to false)
@@ -261,7 +261,7 @@ module Falcon
     # @param [Hash] opts the optional parameters
     # @option opts [String] :app_id Application ID.
     # @option opts [Boolean] :detailed Whether to include search field details (default to false)
-    # @option opts [Boolean] :include_test_data Include test data when executing searches (default to false)
+    # @option opts [Boolean] :include_test_data Include test data when executing searches
     # @option opts [Boolean] :infer_json_types Whether to try to infer data types in json event response instead of returning map[string]string (default to false)
     # @option opts [Boolean] :match_response_schema Whether to validate search results against their schema (default to false)
     # @option opts [Boolean] :metadata Whether to include metadata in the response (default to false)
@@ -340,7 +340,7 @@ module Falcon
     # @param [Hash] opts the optional parameters
     # @option opts [String] :app_id Application ID.
     # @option opts [Boolean] :detailed Whether to include search field details (default to false)
-    # @option opts [Boolean] :include_test_data Include test data when executing searches (default to false)
+    # @option opts [Boolean] :include_test_data Include test data when executing searches
     # @option opts [Boolean] :infer_json_types Whether to try to infer data types in json event response instead of returning map[string]string (default to false)
     # @option opts [Boolean] :match_response_schema Whether to validate search results against their schema (default to false)
     # @option opts [Boolean] :metadata Whether to include metadata in the response (default to false)
@@ -356,7 +356,7 @@ module Falcon
     # @param [Hash] opts the optional parameters
     # @option opts [String] :app_id Application ID.
     # @option opts [Boolean] :detailed Whether to include search field details (default to false)
-    # @option opts [Boolean] :include_test_data Include test data when executing searches (default to false)
+    # @option opts [Boolean] :include_test_data Include test data when executing searches
     # @option opts [Boolean] :infer_json_types Whether to try to infer data types in json event response instead of returning map[string]string (default to false)
     # @option opts [Boolean] :match_response_schema Whether to validate search results against their schema (default to false)
     # @option opts [Boolean] :metadata Whether to include metadata in the response (default to false)

data/lib/crimson-falcon/api/host_migration.rb

@@ -111,7 +111,7 @@ module Falcon
     # @option opts [Integer] :offset The offset to start retrieving records from
     # @option opts [Integer] :limit The maximum records to return. [1-10000]
     # @option opts [String] :sort The property to sort by.
-    # @option opts [String] :filter The filter expression that should be used to limit the results. Valid fields: groups, static_host_groups, status, target_cid, migration_id, created_time, host_migration_id, hostgroups, hostname, source_cid, id
+    # @option opts [String] :filter The filter expression that should be used to limit the results. Valid fields: migration_id, id, created_time, hostgroups, static_host_groups, hostname, status, groups, target_cid, source_cid, host_migration_id
     # @return [MsaspecQueryResponse]
     def get_host_migration_ids_v1(id, opts = {})
       data, _status_code, _headers = get_host_migration_ids_v1_with_http_info(id, opts)
@@ -125,7 +125,7 @@ module Falcon
     # @option opts [Integer] :offset The offset to start retrieving records from
     # @option opts [Integer] :limit The maximum records to return. [1-10000]
     # @option opts [String] :sort The property to sort by.
-    # @option opts [String] :filter The filter expression that should be used to limit the results. Valid fields: groups, static_host_groups, status, target_cid, migration_id, created_time, host_migration_id, hostgroups, hostname, source_cid, id
+    # @option opts [String] :filter The filter expression that should be used to limit the results. Valid fields: migration_id, id, created_time, hostgroups, static_host_groups, hostname, status, groups, target_cid, source_cid, host_migration_id
     # @return [Array<(MsaspecQueryResponse, Integer, Hash)>] MsaspecQueryResponse data, response status code and response headers
     def get_host_migration_ids_v1_with_http_info(id, opts = {})
       if @api_client.config.debugging
@@ -135,7 +135,7 @@ module Falcon
       if @api_client.config.client_side_validation && id.nil?
         fail ArgumentError, "Missing the required parameter 'id' when calling HostMigration.get_host_migration_ids_v1"
       end
-      allowable_values = ["groups|asc", "groups|desc", "groups", "static_host_groups|asc", "static_host_groups|desc", "static_host_groups", "status|asc", "status|desc", "status", "target_cid|asc", "target_cid|desc", "target_cid", "migration_id|asc", "migration_id|desc", "migration_id", "created_time|asc", "created_time|desc", "created_time", "host_migration_id|asc", "host_migration_id|desc", "host_migration_id", "hostgroups|asc", "hostgroups|desc", "hostgroups", "hostname|asc", "hostname|desc", "hostname", "source_cid|asc", "source_cid|desc", "source_cid", "id|asc", "id|desc", "id"]
+      allowable_values = ["target_cid|asc", "target_cid|desc", "target_cid", "source_cid|asc", "source_cid|desc", "source_cid", "host_migration_id|asc", "host_migration_id|desc", "host_migration_id", "groups|asc", "groups|desc", "groups", "static_host_groups|asc", "static_host_groups|desc", "static_host_groups", "hostname|asc", "hostname|desc", "hostname", "status|asc", "status|desc", "status", "migration_id|asc", "migration_id|desc", "migration_id", "id|asc", "id|desc", "id", "created_time|asc", "created_time|desc", "created_time", "hostgroups|asc", "hostgroups|desc", "hostgroups"]
       if @api_client.config.client_side_validation && opts[:'sort'] && !allowable_values.include?(opts[:'sort'])
         fail ArgumentError, "invalid value for \"sort\", must be one of #{allowable_values}"
       end
@@ -325,7 +325,7 @@ module Falcon
     # @option opts [Integer] :offset The offset to start retrieving records from
     # @option opts [Integer] :limit The maximum records to return. [1-10000]
     # @option opts [String] :sort The property to sort by.
-    # @option opts [String] :filter The filter expression that should be used to limit the results. Valid fields: target_cid, status, migration_status, created_by, created_time, name, id, migration_id
+    # @option opts [String] :filter The filter expression that should be used to limit the results. Valid fields: migration_status, created_by, created_time, name, id, migration_id, target_cid, status
     # @return [MsaspecQueryResponse]
     def get_migration_ids_v1(opts = {})
       data, _status_code, _headers = get_migration_ids_v1_with_http_info(opts)
@@ -337,13 +337,13 @@ module Falcon
     # @option opts [Integer] :offset The offset to start retrieving records from
     # @option opts [Integer] :limit The maximum records to return. [1-10000]
     # @option opts [String] :sort The property to sort by.
-    # @option opts [String] :filter The filter expression that should be used to limit the results. Valid fields: target_cid, status, migration_status, created_by, created_time, name, id, migration_id
+    # @option opts [String] :filter The filter expression that should be used to limit the results. Valid fields: migration_status, created_by, created_time, name, id, migration_id, target_cid, status
     # @return [Array<(MsaspecQueryResponse, Integer, Hash)>] MsaspecQueryResponse data, response status code and response headers
     def get_migration_ids_v1_with_http_info(opts = {})
       if @api_client.config.debugging
         @api_client.config.logger.debug 'Calling API: HostMigration.get_migration_ids_v1 ...'
       end
-      allowable_values = ["name|asc", "name|desc", "name", "id|asc", "id|desc", "id", "migration_id|asc", "migration_id|desc", "migration_id", "target_cid|asc", "target_cid|desc", "target_cid", "status|asc", "status|desc", "status", "migration_status|asc", "migration_status|desc", "migration_status", "created_by|asc", "created_by|desc", "created_by", "created_time|asc", "created_time|desc", "created_time"]
+      allowable_values = ["status|asc", "status|desc", "status", "migration_status|asc", "migration_status|desc", "migration_status", "created_by|asc", "created_by|desc", "created_by", "created_time|asc", "created_time|desc", "created_time", "name|asc", "name|desc", "name", "id|asc", "id|desc", "id", "migration_id|asc", "migration_id|desc", "migration_id", "target_cid|asc", "target_cid|desc", "target_cid"]
       if @api_client.config.client_side_validation && opts[:'sort'] && !allowable_values.include?(opts[:'sort'])
         fail ArgumentError, "invalid value for \"sort\", must be one of #{allowable_values}"
       end