crimson-falcon 1.1.0 → 1.2.0

data/lib/crimson-falcon/api/activity_monitor.rb

@@ -0,0 +1,120 @@
+=begin
+Crimson Falcon - Ruby Client SDK
+
+Code auto-generated by OpenAPI Generator; DO NOT EDIT.
+
+MIT License
+
+Copyright (c) 2023 Crowdstrike
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+
+=end
+
+require 'cgi'
+
+module Falcon
+  class ActivityMonitor
+    attr_accessor :api_client
+
+    def initialize(api_client = ApiClient.default)
+      @api_client = api_client
+    end
+    # GET Activity Monitor
+    # Get a list of all events in monitor
+    # @param [Hash] opts the optional parameters
+    # @option opts [String] :integration_id Integration ID
+    # @option opts [String] :actor Actor
+    # @option opts [String] :category Comma separated list of categories
+    # @option opts [String] :projection Comma separated list of projections
+    # @option opts [Time] :from_date From Date
+    # @option opts [Time] :to_date To Date
+    # @option opts [Integer] :limit Max number of logs to fetch
+    # @option opts [Integer] :skip Number of logs to skip
+    # @return [GetActivityMonitor]
+    def get_activity_monitor_v3(opts = {})
+      data, _status_code, _headers = get_activity_monitor_v3_with_http_info(opts)
+      data
+    end
+
+    # GET Activity Monitor
+    # Get a list of all events in monitor
+    # @param [Hash] opts the optional parameters
+    # @option opts [String] :integration_id Integration ID
+    # @option opts [String] :actor Actor
+    # @option opts [String] :category Comma separated list of categories
+    # @option opts [String] :projection Comma separated list of projections
+    # @option opts [Time] :from_date From Date
+    # @option opts [Time] :to_date To Date
+    # @option opts [Integer] :limit Max number of logs to fetch
+    # @option opts [Integer] :skip Number of logs to skip
+    # @return [Array<(GetActivityMonitor, Integer, Hash)>] GetActivityMonitor data, response status code and response headers
+    def get_activity_monitor_v3_with_http_info(opts = {})
+      if @api_client.config.debugging
+        @api_client.config.logger.debug 'Calling API: ActivityMonitor.get_activity_monitor_v3 ...'
+      end
+      # resource path
+      local_var_path = '/saas-security/entities/monitor/v3'
+
+      # query parameters
+      query_params = opts[:query_params] || {}
+      query_params[:'integration_id'] = opts[:'integration_id'] if !opts[:'integration_id'].nil?
+      query_params[:'actor'] = opts[:'actor'] if !opts[:'actor'].nil?
+      query_params[:'category'] = opts[:'category'] if !opts[:'category'].nil?
+      query_params[:'projection'] = opts[:'projection'] if !opts[:'projection'].nil?
+      query_params[:'from_date'] = opts[:'from_date'] if !opts[:'from_date'].nil?
+      query_params[:'to_date'] = opts[:'to_date'] if !opts[:'to_date'].nil?
+      query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil?
+      query_params[:'skip'] = opts[:'skip'] if !opts[:'skip'].nil?
+
+      # header parameters
+      header_params = opts[:header_params] || {}
+      # HTTP header 'Accept' (if needed)
+      header_params['Accept'] = @api_client.select_header_accept(['application/json'])
+
+      # form parameters
+      form_params = opts[:form_params] || {}
+
+      # http body (model)
+      post_body = opts[:debug_body]
+
+      # return_type
+      return_type = opts[:debug_return_type] || 'GetActivityMonitor'
+
+      # auth_names
+      auth_names = opts[:debug_auth_names] || ['oauth2']
+
+      new_options = opts.merge(
+        :operation => :"ActivityMonitor.get_activity_monitor_v3",
+        :header_params => header_params,
+        :query_params => query_params,
+        :form_params => form_params,
+        :body => post_body,
+        :auth_names => auth_names,
+        :return_type => return_type
+      )
+
+      data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
+      if @api_client.config.debugging
+        @api_client.config.logger.debug "API called: ActivityMonitor#get_activity_monitor_v3\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+      end
+      return data, status_code, headers
+    end
+  end
+end

data/lib/crimson-falcon/api/alerts.rb

@@ -36,6 +36,94 @@ module Falcon
     def initialize(api_client = ApiClient.default)
       @api_client = api_client
     end
+    # GET Alert by ID or GET Alerts
+    # Get a data on a specific alert or get a list of all alerts
+    # @param [Hash] opts the optional parameters
+    # @option opts [String] :id Alert ID
+    # @option opts [Integer] :limit The maximum number of objects to return
+    # @option opts [Integer] :offset The starting index of the results
+    # @option opts [String] :last_id The last id of the alert you want to get
+    # @option opts [String] :type The type of alert you want to get
+    # @option opts [String] :integration_id Comma separated list of integration ID's of the alert you want to get
+    # @option opts [Time] :from_date The start date of the alert you want to get (in YYYY-MM-DD format)
+    # @option opts [Time] :to_date The end date of the alert you want to get (in YYYY-MM-DD format)
+    # @option opts [Boolean] :ascending
+    # @return [GetAlertsResponse]
+    def get_alerts_v3(opts = {})
+      data, _status_code, _headers = get_alerts_v3_with_http_info(opts)
+      data
+    end
+
+    # GET Alert by ID or GET Alerts
+    # Get a data on a specific alert or get a list of all alerts
+    # @param [Hash] opts the optional parameters
+    # @option opts [String] :id Alert ID
+    # @option opts [Integer] :limit The maximum number of objects to return
+    # @option opts [Integer] :offset The starting index of the results
+    # @option opts [String] :last_id The last id of the alert you want to get
+    # @option opts [String] :type The type of alert you want to get
+    # @option opts [String] :integration_id Comma separated list of integration ID's of the alert you want to get
+    # @option opts [Time] :from_date The start date of the alert you want to get (in YYYY-MM-DD format)
+    # @option opts [Time] :to_date The end date of the alert you want to get (in YYYY-MM-DD format)
+    # @option opts [Boolean] :ascending
+    # @return [Array<(GetAlertsResponse, Integer, Hash)>] GetAlertsResponse data, response status code and response headers
+    def get_alerts_v3_with_http_info(opts = {})
+      if @api_client.config.debugging
+        @api_client.config.logger.debug 'Calling API: Alerts.get_alerts_v3 ...'
+      end
+      allowable_values = ["Unknown", "Configuration Drift", "Security Check Degraded", "Integration Failure", "Threat/IoC detected"]
+      if @api_client.config.client_side_validation && opts[:'type'] && !allowable_values.include?(opts[:'type'])
+        fail ArgumentError, "invalid value for \"type\", must be one of #{allowable_values}"
+      end
+      # resource path
+      local_var_path = '/saas-security/entities/alerts/v3'
+
+      # query parameters
+      query_params = opts[:query_params] || {}
+      query_params[:'id'] = opts[:'id'] if !opts[:'id'].nil?
+      query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil?
+      query_params[:'offset'] = opts[:'offset'] if !opts[:'offset'].nil?
+      query_params[:'last_id'] = opts[:'last_id'] if !opts[:'last_id'].nil?
+      query_params[:'type'] = opts[:'type'] if !opts[:'type'].nil?
+      query_params[:'integration_id'] = opts[:'integration_id'] if !opts[:'integration_id'].nil?
+      query_params[:'from_date'] = opts[:'from_date'] if !opts[:'from_date'].nil?
+      query_params[:'to_date'] = opts[:'to_date'] if !opts[:'to_date'].nil?
+      query_params[:'ascending'] = opts[:'ascending'] if !opts[:'ascending'].nil?
+
+      # header parameters
+      header_params = opts[:header_params] || {}
+      # HTTP header 'Accept' (if needed)
+      header_params['Accept'] = @api_client.select_header_accept(['application/json'])
+
+      # form parameters
+      form_params = opts[:form_params] || {}
+
+      # http body (model)
+      post_body = opts[:debug_body]
+
+      # return_type
+      return_type = opts[:debug_return_type] || 'GetAlertsResponse'
+
+      # auth_names
+      auth_names = opts[:debug_auth_names] || ['oauth2']
+
+      new_options = opts.merge(
+        :operation => :"Alerts.get_alerts_v3",
+        :header_params => header_params,
+        :query_params => query_params,
+        :form_params => form_params,
+        :body => post_body,
+        :auth_names => auth_names,
+        :return_type => return_type
+      )
+
+      data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
+      if @api_client.config.debugging
+        @api_client.config.logger.debug "API called: Alerts#get_alerts_v3\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+      end
+      return data, status_code, headers
+    end
+
     # Deprecated: please use version v2 of this endpoint. Retrieves all Alerts ids that match a given query.
     # @param [Hash] opts the optional parameters
     # @option opts [Integer] :offset The first detection to return, where &#x60;0&#x60; is the latest detection. Use with the &#x60;offset&#x60; parameter to manage pagination of results.

data/lib/crimson-falcon/api/aspm.rb

@@ -1238,7 +1238,7 @@ module Falcon
     # Execute a query. The syntax used is identical to that of the query page.
     # @param body [TypesQueryRequest]  **params details:** - selectFields: - **fields** - For filtering relevant fields only. - **withoutServices** - Default is set to **true**, you will not receive information about the services. If you want to get the relevant service, set to **false**. - **serviceFields**-  For filtering relevant fields of the service (if you chose to get it)
     # @param [Hash] opts the optional parameters
-    # @return [TypesQueryResult]
+    # @return [TypesQueryResponse]
     def execute_query(body, opts = {})
       data, _status_code, _headers = execute_query_with_http_info(body, opts)
       data
@@ -1247,7 +1247,7 @@ module Falcon
     # Execute a query. The syntax used is identical to that of the query page.
     # @param body [TypesQueryRequest]  **params details:** - selectFields: - **fields** - For filtering relevant fields only. - **withoutServices** - Default is set to **true**, you will not receive information about the services. If you want to get the relevant service, set to **false**. - **serviceFields**-  For filtering relevant fields of the service (if you chose to get it)
     # @param [Hash] opts the optional parameters
-    # @return [Array<(TypesQueryResult, Integer, Hash)>] TypesQueryResult data, response status code and response headers
+    # @return [Array<(TypesQueryResponse, Integer, Hash)>] TypesQueryResponse data, response status code and response headers
     def execute_query_with_http_info(body, opts = {})
       if @api_client.config.debugging
         @api_client.config.logger.debug 'Calling API: ASPM.execute_query ...'
@@ -1279,7 +1279,7 @@ module Falcon
       post_body = opts[:debug_body] || @api_client.object_to_http_body(body)
 
       # return_type
-      return_type = opts[:debug_return_type] || 'TypesQueryResult'
+      return_type = opts[:debug_return_type] || 'TypesQueryResponse'
 
       # auth_names
       auth_names = opts[:debug_auth_names] || ['oauth2']
@@ -1356,6 +1356,136 @@ module Falcon
       return data, status_code, headers
     end
 
+    # Gets services ordered by risk score for given BA
+    # @param business_application_name [String] Business application name
+    # @param [Hash] opts the optional parameters
+    # @option opts [Integer] :offset Pagination offset
+    # @option opts [Integer] :limit Pagination limit
+    # @return [TypesGeneralQueryResponse]
+    def get_cspm_inventory_ba_services(business_application_name, opts = {})
+      data, _status_code, _headers = get_cspm_inventory_ba_services_with_http_info(business_application_name, opts)
+      data
+    end
+
+    # Gets services ordered by risk score for given BA
+    # @param business_application_name [String] Business application name
+    # @param [Hash] opts the optional parameters
+    # @option opts [Integer] :offset Pagination offset
+    # @option opts [Integer] :limit Pagination limit
+    # @return [Array<(TypesGeneralQueryResponse, Integer, Hash)>] TypesGeneralQueryResponse data, response status code and response headers
+    def get_cspm_inventory_ba_services_with_http_info(business_application_name, opts = {})
+      if @api_client.config.debugging
+        @api_client.config.logger.debug 'Calling API: ASPM.get_cspm_inventory_ba_services ...'
+      end
+      # verify the required parameter 'business_application_name' is set
+      if @api_client.config.client_side_validation && business_application_name.nil?
+        fail ArgumentError, "Missing the required parameter 'business_application_name' when calling ASPM.get_cspm_inventory_ba_services"
+      end
+      # resource path
+      local_var_path = '/application-security/combined/cspm-inventory-ba-services/v1'
+
+      # query parameters
+      query_params = opts[:query_params] || {}
+      query_params[:'business_application_name'] = business_application_name
+      query_params[:'offset'] = opts[:'offset'] if !opts[:'offset'].nil?
+      query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil?
+
+      # header parameters
+      header_params = opts[:header_params] || {}
+      # HTTP header 'Accept' (if needed)
+      header_params['Accept'] = @api_client.select_header_accept(['application/json'])
+
+      # form parameters
+      form_params = opts[:form_params] || {}
+
+      # http body (model)
+      post_body = opts[:debug_body]
+
+      # return_type
+      return_type = opts[:debug_return_type] || 'TypesGeneralQueryResponse'
+
+      # auth_names
+      auth_names = opts[:debug_auth_names] || ['oauth2']
+
+      new_options = opts.merge(
+        :operation => :"ASPM.get_cspm_inventory_ba_services",
+        :header_params => header_params,
+        :query_params => query_params,
+        :form_params => form_params,
+        :body => post_body,
+        :auth_names => auth_names,
+        :return_type => return_type
+      )
+
+      data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
+      if @api_client.config.debugging
+        @api_client.config.logger.debug "API called: ASPM#get_cspm_inventory_ba_services\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+      end
+      return data, status_code, headers
+    end
+
+    # Gets all service details for CSPM Inventory.
+    # @param persistent_signature [String] Service signature
+    # @param [Hash] opts the optional parameters
+    # @return [TypesGeneralQueryResponse]
+    def get_cspm_inventory_service_details(persistent_signature, opts = {})
+      data, _status_code, _headers = get_cspm_inventory_service_details_with_http_info(persistent_signature, opts)
+      data
+    end
+
+    # Gets all service details for CSPM Inventory.
+    # @param persistent_signature [String] Service signature
+    # @param [Hash] opts the optional parameters
+    # @return [Array<(TypesGeneralQueryResponse, Integer, Hash)>] TypesGeneralQueryResponse data, response status code and response headers
+    def get_cspm_inventory_service_details_with_http_info(persistent_signature, opts = {})
+      if @api_client.config.debugging
+        @api_client.config.logger.debug 'Calling API: ASPM.get_cspm_inventory_service_details ...'
+      end
+      # verify the required parameter 'persistent_signature' is set
+      if @api_client.config.client_side_validation && persistent_signature.nil?
+        fail ArgumentError, "Missing the required parameter 'persistent_signature' when calling ASPM.get_cspm_inventory_service_details"
+      end
+      # resource path
+      local_var_path = '/application-security/combined/cspm-inventory-service-data/v1'
+
+      # query parameters
+      query_params = opts[:query_params] || {}
+      query_params[:'persistent_signature'] = persistent_signature
+
+      # header parameters
+      header_params = opts[:header_params] || {}
+      # HTTP header 'Accept' (if needed)
+      header_params['Accept'] = @api_client.select_header_accept(['application/json'])
+
+      # form parameters
+      form_params = opts[:form_params] || {}
+
+      # http body (model)
+      post_body = opts[:debug_body]
+
+      # return_type
+      return_type = opts[:debug_return_type] || 'TypesGeneralQueryResponse'
+
+      # auth_names
+      auth_names = opts[:debug_auth_names] || ['oauth2']
+
+      new_options = opts.merge(
+        :operation => :"ASPM.get_cspm_inventory_service_details",
+        :header_params => header_params,
+        :query_params => query_params,
+        :form_params => form_params,
+        :body => post_body,
+        :auth_names => auth_names,
+        :return_type => return_type
+      )
+
+      data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
+      if @api_client.config.debugging
+        @api_client.config.logger.debug "API called: ASPM#get_cspm_inventory_service_details\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+      end
+      return data, status_code, headers
+    end
+
     # Get all the relay nodes
     # @param node_type [String]
     # @param [Hash] opts the optional parameters