crimson-falcon 1.1.0 → 1.2.0

data/lib/crimson-falcon/api/container_image_compliance.rb

@@ -38,7 +38,7 @@ module Falcon
     end
     # get the assessments for each cluster
     # @param [Hash] opts the optional parameters
-    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: cloud_info.namespace: Kubernetes namespace cloud_info.cloud_provider: Cloud provider cid: Customer ID compliance_finding.framework: Compliance finding framework (available values: CIS) cloud_info.cloud_region: Cloud region cloud_info.cloud_account_id: Cloud account ID cloud_info.cluster_name: Kubernetes cluster name
+    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: compliance_finding.framework: Compliance finding framework (available values: CIS) cid: Customer ID cloud_info.cloud_account_id: Cloud account ID cloud_info.cloud_provider: Cloud provider cloud_info.cloud_region: Cloud region cloud_info.cluster_name: Kubernetes cluster name cloud_info.namespace: Kubernetes namespace
     # @return [DomainAggregateClusterAssessmentsResponse]
     def ext_aggregate_cluster_assessments(opts = {})
       data, _status_code, _headers = ext_aggregate_cluster_assessments_with_http_info(opts)
@@ -47,7 +47,7 @@ module Falcon
 
     # get the assessments for each cluster
     # @param [Hash] opts the optional parameters
-    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: cloud_info.namespace: Kubernetes namespace cloud_info.cloud_provider: Cloud provider cid: Customer ID compliance_finding.framework: Compliance finding framework (available values: CIS) cloud_info.cloud_region: Cloud region cloud_info.cloud_account_id: Cloud account ID cloud_info.cluster_name: Kubernetes cluster name
+    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: compliance_finding.framework: Compliance finding framework (available values: CIS) cid: Customer ID cloud_info.cloud_account_id: Cloud account ID cloud_info.cloud_provider: Cloud provider cloud_info.cloud_region: Cloud region cloud_info.cluster_name: Kubernetes cluster name cloud_info.namespace: Kubernetes namespace
     # @return [Array<(DomainAggregateClusterAssessmentsResponse, Integer, Hash)>] DomainAggregateClusterAssessmentsResponse data, response status code and response headers
     def ext_aggregate_cluster_assessments_with_http_info(opts = {})
       if @api_client.config.debugging
@@ -96,7 +96,7 @@ module Falcon
 
     # get the containers grouped into rules on which they failed
     # @param [Hash] opts the optional parameters
-    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: cid: Customer ID compliance_finding.name: Compliance finding Name cloud_info.cloud_provider: Cloud provider image_repository: Image repository image_tag: Image tag compliance_finding.framework: Compliance finding framework (available values: CIS) image_registry: Image registry cloud_info.cloud_region: Cloud region cloud_info.cluster_name: Kubernetes cluster name image_digest: Image digest (sha256 digest) compliance_finding.id: Compliance finding ID cloud_info.namespace: Kubernetes namespace compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) image_id: Image ID cloud_info.cloud_account_id: Cloud account ID
+    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) image_digest: Image digest (sha256 digest) image_id: Image ID image_tag: Image tag cloud_info.cloud_region: Cloud region image_registry: Image registry image_repository: Image repository cloud_info.cloud_account_id: Cloud account ID cloud_info.cloud_provider: Cloud provider compliance_finding.id: Compliance finding ID cloud_info.cluster_name: Kubernetes cluster name cloud_info.namespace: Kubernetes namespace cid: Customer ID compliance_finding.name: Compliance finding Name compliance_finding.framework: Compliance finding framework (available values: CIS)
     # @return [DomainAggregateFailedAssetsByRulesResponse]
     def ext_aggregate_failed_containers_by_rules_path(opts = {})
       data, _status_code, _headers = ext_aggregate_failed_containers_by_rules_path_with_http_info(opts)
@@ -105,7 +105,7 @@ module Falcon
 
     # get the containers grouped into rules on which they failed
     # @param [Hash] opts the optional parameters
-    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: cid: Customer ID compliance_finding.name: Compliance finding Name cloud_info.cloud_provider: Cloud provider image_repository: Image repository image_tag: Image tag compliance_finding.framework: Compliance finding framework (available values: CIS) image_registry: Image registry cloud_info.cloud_region: Cloud region cloud_info.cluster_name: Kubernetes cluster name image_digest: Image digest (sha256 digest) compliance_finding.id: Compliance finding ID cloud_info.namespace: Kubernetes namespace compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) image_id: Image ID cloud_info.cloud_account_id: Cloud account ID
+    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) image_digest: Image digest (sha256 digest) image_id: Image ID image_tag: Image tag cloud_info.cloud_region: Cloud region image_registry: Image registry image_repository: Image repository cloud_info.cloud_account_id: Cloud account ID cloud_info.cloud_provider: Cloud provider compliance_finding.id: Compliance finding ID cloud_info.cluster_name: Kubernetes cluster name cloud_info.namespace: Kubernetes namespace cid: Customer ID compliance_finding.name: Compliance finding Name compliance_finding.framework: Compliance finding framework (available values: CIS)
     # @return [Array<(DomainAggregateFailedAssetsByRulesResponse, Integer, Hash)>] DomainAggregateFailedAssetsByRulesResponse data, response status code and response headers
     def ext_aggregate_failed_containers_by_rules_path_with_http_info(opts = {})
       if @api_client.config.debugging
@@ -154,7 +154,7 @@ module Falcon
 
     # get the failed containers count grouped into severity levels
     # @param [Hash] opts the optional parameters
-    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: image_repository: Image repository compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) image_registry: Image registry cloud_info.cloud_region: Cloud region image_id: Image ID cloud_info.cloud_account_id: Cloud account ID cid: Customer ID cloud_info.cloud_provider: Cloud provider image_digest: Image digest (sha256 digest) cloud_info.namespace: Kubernetes namespace cloud_info.cluster_name: Kubernetes cluster name compliance_finding.id: Compliance finding ID compliance_finding.framework: Compliance finding framework (available values: CIS) image_tag: Image tag compliance_finding.name: Compliance finding Name
+    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: cloud_info.cloud_provider: Cloud provider compliance_finding.id: Compliance finding ID cloud_info.cloud_region: Cloud region image_registry: Image registry image_digest: Image digest (sha256 digest) cloud_info.cluster_name: Kubernetes cluster name compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) compliance_finding.name: Compliance finding Name cloud_info.cloud_account_id: Cloud account ID image_id: Image ID image_repository: Image repository image_tag: Image tag compliance_finding.framework: Compliance finding framework (available values: CIS) cloud_info.namespace: Kubernetes namespace cid: Customer ID
     # @return [DomainAggregateFailedAssetCountBySeverityResponse]
     def ext_aggregate_failed_containers_count_by_severity(opts = {})
       data, _status_code, _headers = ext_aggregate_failed_containers_count_by_severity_with_http_info(opts)
@@ -163,7 +163,7 @@ module Falcon
 
     # get the failed containers count grouped into severity levels
     # @param [Hash] opts the optional parameters
-    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: image_repository: Image repository compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) image_registry: Image registry cloud_info.cloud_region: Cloud region image_id: Image ID cloud_info.cloud_account_id: Cloud account ID cid: Customer ID cloud_info.cloud_provider: Cloud provider image_digest: Image digest (sha256 digest) cloud_info.namespace: Kubernetes namespace cloud_info.cluster_name: Kubernetes cluster name compliance_finding.id: Compliance finding ID compliance_finding.framework: Compliance finding framework (available values: CIS) image_tag: Image tag compliance_finding.name: Compliance finding Name
+    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: cloud_info.cloud_provider: Cloud provider compliance_finding.id: Compliance finding ID cloud_info.cloud_region: Cloud region image_registry: Image registry image_digest: Image digest (sha256 digest) cloud_info.cluster_name: Kubernetes cluster name compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) compliance_finding.name: Compliance finding Name cloud_info.cloud_account_id: Cloud account ID image_id: Image ID image_repository: Image repository image_tag: Image tag compliance_finding.framework: Compliance finding framework (available values: CIS) cloud_info.namespace: Kubernetes namespace cid: Customer ID
     # @return [Array<(DomainAggregateFailedAssetCountBySeverityResponse, Integer, Hash)>] DomainAggregateFailedAssetCountBySeverityResponse data, response status code and response headers
     def ext_aggregate_failed_containers_count_by_severity_with_http_info(opts = {})
       if @api_client.config.debugging
@@ -212,7 +212,7 @@ module Falcon
 
     # get the images grouped into rules on which they failed
     # @param [Hash] opts the optional parameters
-    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: cid: Customer ID cloud_info.cluster_name: Kubernetes cluster name cloud_info.cloud_account_id: Cloud account ID cloud_info.cloud_provider: Cloud provider compliance_finding.id: Compliance finding ID image_digest: Image digest (sha256 digest) image_repository: Image repository compliance_finding.framework: Compliance finding framework (available values: CIS) image_registry: Image registry compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) cloud_info.cloud_region: Cloud region image_id: Image ID image_tag: Image tag compliance_finding.name: Compliance finding Name cloud_info.namespace: Kubernetes namespace
+    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: cloud_info.cloud_account_id: Cloud account ID image_digest: Image digest (sha256 digest) compliance_finding.name: Compliance finding Name compliance_finding.id: Compliance finding ID image_repository: Image repository cloud_info.cloud_region: Cloud region compliance_finding.framework: Compliance finding framework (available values: CIS) cloud_info.namespace: Kubernetes namespace cloud_info.cloud_provider: Cloud provider image_id: Image ID image_registry: Image registry image_tag: Image tag cloud_info.cluster_name: Kubernetes cluster name compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) cid: Customer ID
     # @return [DomainAggregateFailedAssetsByRulesResponse]
     def ext_aggregate_failed_images_by_rules_path(opts = {})
       data, _status_code, _headers = ext_aggregate_failed_images_by_rules_path_with_http_info(opts)
@@ -221,7 +221,7 @@ module Falcon
 
     # get the images grouped into rules on which they failed
     # @param [Hash] opts the optional parameters
-    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: cid: Customer ID cloud_info.cluster_name: Kubernetes cluster name cloud_info.cloud_account_id: Cloud account ID cloud_info.cloud_provider: Cloud provider compliance_finding.id: Compliance finding ID image_digest: Image digest (sha256 digest) image_repository: Image repository compliance_finding.framework: Compliance finding framework (available values: CIS) image_registry: Image registry compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) cloud_info.cloud_region: Cloud region image_id: Image ID image_tag: Image tag compliance_finding.name: Compliance finding Name cloud_info.namespace: Kubernetes namespace
+    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: cloud_info.cloud_account_id: Cloud account ID image_digest: Image digest (sha256 digest) compliance_finding.name: Compliance finding Name compliance_finding.id: Compliance finding ID image_repository: Image repository cloud_info.cloud_region: Cloud region compliance_finding.framework: Compliance finding framework (available values: CIS) cloud_info.namespace: Kubernetes namespace cloud_info.cloud_provider: Cloud provider image_id: Image ID image_registry: Image registry image_tag: Image tag cloud_info.cluster_name: Kubernetes cluster name compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) cid: Customer ID
     # @return [Array<(DomainAggregateFailedAssetsByRulesResponse, Integer, Hash)>] DomainAggregateFailedAssetsByRulesResponse data, response status code and response headers
     def ext_aggregate_failed_images_by_rules_path_with_http_info(opts = {})
       if @api_client.config.debugging
@@ -270,7 +270,7 @@ module Falcon
 
     # get the failed images count grouped into severity levels
     # @param [Hash] opts the optional parameters
-    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: cloud_info.cloud_region: Cloud region image_digest: Image digest (sha256 digest) cid: Customer ID cloud_info.namespace: Kubernetes namespace image_registry: Image registry cloud_info.cluster_name: Kubernetes cluster name compliance_finding.id: Compliance finding ID image_repository: Image repository compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) compliance_finding.framework: Compliance finding framework (available values: CIS) image_id: Image ID cloud_info.cloud_account_id: Cloud account ID cloud_info.cloud_provider: Cloud provider compliance_finding.name: Compliance finding Name image_tag: Image tag
+    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: cloud_info.cluster_name: Kubernetes cluster name cloud_info.cloud_region: Cloud region compliance_finding.name: Compliance finding Name image_tag: Image tag cloud_info.cloud_account_id: Cloud account ID compliance_finding.id: Compliance finding ID image_repository: Image repository image_digest: Image digest (sha256 digest) cloud_info.namespace: Kubernetes namespace cid: Customer ID image_registry: Image registry compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) cloud_info.cloud_provider: Cloud provider image_id: Image ID compliance_finding.framework: Compliance finding framework (available values: CIS)
     # @return [DomainAggregateFailedAssetCountBySeverityResponse]
     def ext_aggregate_failed_images_count_by_severity(opts = {})
       data, _status_code, _headers = ext_aggregate_failed_images_count_by_severity_with_http_info(opts)
@@ -279,7 +279,7 @@ module Falcon
 
     # get the failed images count grouped into severity levels
     # @param [Hash] opts the optional parameters
-    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: cloud_info.cloud_region: Cloud region image_digest: Image digest (sha256 digest) cid: Customer ID cloud_info.namespace: Kubernetes namespace image_registry: Image registry cloud_info.cluster_name: Kubernetes cluster name compliance_finding.id: Compliance finding ID image_repository: Image repository compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) compliance_finding.framework: Compliance finding framework (available values: CIS) image_id: Image ID cloud_info.cloud_account_id: Cloud account ID cloud_info.cloud_provider: Cloud provider compliance_finding.name: Compliance finding Name image_tag: Image tag
+    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: cloud_info.cluster_name: Kubernetes cluster name cloud_info.cloud_region: Cloud region compliance_finding.name: Compliance finding Name image_tag: Image tag cloud_info.cloud_account_id: Cloud account ID compliance_finding.id: Compliance finding ID image_repository: Image repository image_digest: Image digest (sha256 digest) cloud_info.namespace: Kubernetes namespace cid: Customer ID image_registry: Image registry compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) cloud_info.cloud_provider: Cloud provider image_id: Image ID compliance_finding.framework: Compliance finding framework (available values: CIS)
     # @return [Array<(DomainAggregateFailedAssetCountBySeverityResponse, Integer, Hash)>] DomainAggregateFailedAssetCountBySeverityResponse data, response status code and response headers
     def ext_aggregate_failed_images_count_by_severity_with_http_info(opts = {})
       if @api_client.config.debugging
@@ -328,7 +328,7 @@ module Falcon
 
     # get the failed rules for each cluster grouped into severity levels
     # @param [Hash] opts the optional parameters
-    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) cloud_info.cluster_name: Kubernetes cluster name image_id: Image ID image_tag: Image tag compliance_finding.name: Compliance finding Name cloud_info.cloud_region: Cloud region image_digest: Image digest (sha256 digest) cid: Customer ID image_registry: Image registry cloud_info.cloud_provider: Cloud provider compliance_finding.id: Compliance finding ID image_repository: Image repository cloud_info.cloud_account_id: Cloud account ID asset_type: asset type (container, image) compliance_finding.framework: Compliance finding framework (available values: CIS)
+    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: cloud_info.cloud_region: Cloud region image_digest: Image digest (sha256 digest) cid: Customer ID image_id: Image ID compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) cloud_info.cloud_account_id: Cloud account ID compliance_finding.id: Compliance finding ID cloud_info.cloud_provider: Cloud provider image_registry: Image registry cloud_info.cluster_name: Kubernetes cluster name image_tag: Image tag asset_type: asset type (container, image) image_repository: Image repository compliance_finding.framework: Compliance finding framework (available values: CIS) compliance_finding.name: Compliance finding Name
     # @return [DomainAggregateFailedRulesByClustersResponse]
     def ext_aggregate_failed_rules_by_clusters(opts = {})
       data, _status_code, _headers = ext_aggregate_failed_rules_by_clusters_with_http_info(opts)
@@ -337,7 +337,7 @@ module Falcon
 
     # get the failed rules for each cluster grouped into severity levels
     # @param [Hash] opts the optional parameters
-    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) cloud_info.cluster_name: Kubernetes cluster name image_id: Image ID image_tag: Image tag compliance_finding.name: Compliance finding Name cloud_info.cloud_region: Cloud region image_digest: Image digest (sha256 digest) cid: Customer ID image_registry: Image registry cloud_info.cloud_provider: Cloud provider compliance_finding.id: Compliance finding ID image_repository: Image repository cloud_info.cloud_account_id: Cloud account ID asset_type: asset type (container, image) compliance_finding.framework: Compliance finding framework (available values: CIS)
+    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: cloud_info.cloud_region: Cloud region image_digest: Image digest (sha256 digest) cid: Customer ID image_id: Image ID compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) cloud_info.cloud_account_id: Cloud account ID compliance_finding.id: Compliance finding ID cloud_info.cloud_provider: Cloud provider image_registry: Image registry cloud_info.cluster_name: Kubernetes cluster name image_tag: Image tag asset_type: asset type (container, image) image_repository: Image repository compliance_finding.framework: Compliance finding framework (available values: CIS) compliance_finding.name: Compliance finding Name
     # @return [Array<(DomainAggregateFailedRulesByClustersResponse, Integer, Hash)>] DomainAggregateFailedRulesByClustersResponse data, response status code and response headers
     def ext_aggregate_failed_rules_by_clusters_with_http_info(opts = {})
       if @api_client.config.debugging
@@ -386,7 +386,7 @@ module Falcon
 
     # get images with failed rules, rule count grouped by severity for each image
     # @param [Hash] opts the optional parameters
-    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: compliance_finding.id: Compliance finding ID image_digest: Image digest (sha256 digest) cloud_info.cloud_account_id: Cloud account ID cid: Customer ID image_registry: Image registry cloud_info.cloud_region: Cloud region cloud_info.cloud_provider: Cloud provider image_repository: Image repository image_id: Image ID asset_type: asset type (container, image) compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) compliance_finding.framework: Compliance finding framework (available values: CIS) image_tag: Image tag cloud_info.namespace: Kubernetes namespace cloud_info.cluster_name: Kubernetes cluster name compliance_finding.name: Compliance finding Name
+    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: image_registry: Image registry cloud_info.cloud_region: Cloud region compliance_finding.framework: Compliance finding framework (available values: CIS) compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) compliance_finding.name: Compliance finding Name image_id: Image ID cloud_info.cloud_provider: Cloud provider cloud_info.cluster_name: Kubernetes cluster name cid: Customer ID asset_type: asset type (container, image) compliance_finding.id: Compliance finding ID cloud_info.cloud_account_id: Cloud account ID image_digest: Image digest (sha256 digest) cloud_info.namespace: Kubernetes namespace image_repository: Image repository image_tag: Image tag
     # @return [DomainAggregateFailedRulesByImagesResponse]
     def ext_aggregate_failed_rules_by_images(opts = {})
       data, _status_code, _headers = ext_aggregate_failed_rules_by_images_with_http_info(opts)
@@ -395,7 +395,7 @@ module Falcon
 
     # get images with failed rules, rule count grouped by severity for each image
     # @param [Hash] opts the optional parameters
-    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: compliance_finding.id: Compliance finding ID image_digest: Image digest (sha256 digest) cloud_info.cloud_account_id: Cloud account ID cid: Customer ID image_registry: Image registry cloud_info.cloud_region: Cloud region cloud_info.cloud_provider: Cloud provider image_repository: Image repository image_id: Image ID asset_type: asset type (container, image) compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) compliance_finding.framework: Compliance finding framework (available values: CIS) image_tag: Image tag cloud_info.namespace: Kubernetes namespace cloud_info.cluster_name: Kubernetes cluster name compliance_finding.name: Compliance finding Name
+    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: image_registry: Image registry cloud_info.cloud_region: Cloud region compliance_finding.framework: Compliance finding framework (available values: CIS) compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) compliance_finding.name: Compliance finding Name image_id: Image ID cloud_info.cloud_provider: Cloud provider cloud_info.cluster_name: Kubernetes cluster name cid: Customer ID asset_type: asset type (container, image) compliance_finding.id: Compliance finding ID cloud_info.cloud_account_id: Cloud account ID image_digest: Image digest (sha256 digest) cloud_info.namespace: Kubernetes namespace image_repository: Image repository image_tag: Image tag
     # @return [Array<(DomainAggregateFailedRulesByImagesResponse, Integer, Hash)>] DomainAggregateFailedRulesByImagesResponse data, response status code and response headers
     def ext_aggregate_failed_rules_by_images_with_http_info(opts = {})
       if @api_client.config.debugging
@@ -444,7 +444,7 @@ module Falcon
 
     # get the failed rules count grouped into severity levels
     # @param [Hash] opts the optional parameters
-    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) cloud_info.cloud_provider: Cloud provider asset_type: asset type (container, image) cloud_info.cloud_account_id: Cloud account ID cid: Customer ID image_digest: Image digest (sha256 digest) image_repository: Image repository image_tag: Image tag compliance_finding.framework: Compliance finding framework (available values: CIS) image_registry: Image registry cloud_info.cloud_region: Cloud region image_id: Image ID cloud_info.cluster_name: Kubernetes cluster name compliance_finding.name: Compliance finding Name compliance_finding.id: Compliance finding ID
+    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: cloud_info.cloud_region: Cloud region compliance_finding.name: Compliance finding Name image_repository: Image repository image_digest: Image digest (sha256 digest) cloud_info.cluster_name: Kubernetes cluster name compliance_finding.framework: Compliance finding framework (available values: CIS) asset_type: asset type (container, image) image_id: Image ID cloud_info.cloud_account_id: Cloud account ID compliance_finding.id: Compliance finding ID compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) cid: Customer ID image_registry: Image registry image_tag: Image tag cloud_info.cloud_provider: Cloud provider
     # @return [DomainAggregateFailedRulesCountBySeverityResponse]
     def ext_aggregate_failed_rules_count_by_severity(opts = {})
       data, _status_code, _headers = ext_aggregate_failed_rules_count_by_severity_with_http_info(opts)
@@ -453,7 +453,7 @@ module Falcon
 
     # get the failed rules count grouped into severity levels
     # @param [Hash] opts the optional parameters
-    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) cloud_info.cloud_provider: Cloud provider asset_type: asset type (container, image) cloud_info.cloud_account_id: Cloud account ID cid: Customer ID image_digest: Image digest (sha256 digest) image_repository: Image repository image_tag: Image tag compliance_finding.framework: Compliance finding framework (available values: CIS) image_registry: Image registry cloud_info.cloud_region: Cloud region image_id: Image ID cloud_info.cluster_name: Kubernetes cluster name compliance_finding.name: Compliance finding Name compliance_finding.id: Compliance finding ID
+    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: cloud_info.cloud_region: Cloud region compliance_finding.name: Compliance finding Name image_repository: Image repository image_digest: Image digest (sha256 digest) cloud_info.cluster_name: Kubernetes cluster name compliance_finding.framework: Compliance finding framework (available values: CIS) asset_type: asset type (container, image) image_id: Image ID cloud_info.cloud_account_id: Cloud account ID compliance_finding.id: Compliance finding ID compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) cid: Customer ID image_registry: Image registry image_tag: Image tag cloud_info.cloud_provider: Cloud provider
     # @return [Array<(DomainAggregateFailedRulesCountBySeverityResponse, Integer, Hash)>] DomainAggregateFailedRulesCountBySeverityResponse data, response status code and response headers
     def ext_aggregate_failed_rules_count_by_severity_with_http_info(opts = {})
       if @api_client.config.debugging
@@ -502,7 +502,7 @@ module Falcon
 
     # get the assessments for each image
     # @param [Hash] opts the optional parameters
-    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: cid: Customer ID image_repository: Image repository cloud_info.cloud_region: Cloud region compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) asset_type: asset type (container, image) image_digest: Image digest (sha256 digest) cloud_info.cloud_account_id: Cloud account ID compliance_finding.name: Compliance finding Name cloud_info.namespace: Kubernetes namespace image_registry: Image registry compliance_finding.framework: Compliance finding framework (available values: CIS) compliance_finding.id: Compliance finding ID image_tag: Image tag image_id: Image ID cloud_info.cluster_name: Kubernetes cluster name cloud_info.cloud_provider: Cloud provider
+    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: image_digest: Image digest (sha256 digest) image_id: Image ID cloud_info.cloud_region: Cloud region compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) compliance_finding.id: Compliance finding ID cloud_info.cluster_name: Kubernetes cluster name cloud_info.namespace: Kubernetes namespace asset_type: asset type (container, image) image_registry: Image registry cloud_info.cloud_provider: Cloud provider image_tag: Image tag cloud_info.cloud_account_id: Cloud account ID compliance_finding.framework: Compliance finding framework (available values: CIS) compliance_finding.name: Compliance finding Name cid: Customer ID image_repository: Image repository
     # @option opts [String] :after &#39;after&#39; value from the last response. Keep it empty for the first request.
     # @option opts [String] :limit number of images to return in the response after &#39;after&#39; key. Keep it empty for the default number of 10000
     # @return [DomainAggregateImageAssessmentsResponse]
@@ -513,7 +513,7 @@ module Falcon
 
     # get the assessments for each image
     # @param [Hash] opts the optional parameters
-    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: cid: Customer ID image_repository: Image repository cloud_info.cloud_region: Cloud region compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) asset_type: asset type (container, image) image_digest: Image digest (sha256 digest) cloud_info.cloud_account_id: Cloud account ID compliance_finding.name: Compliance finding Name cloud_info.namespace: Kubernetes namespace image_registry: Image registry compliance_finding.framework: Compliance finding framework (available values: CIS) compliance_finding.id: Compliance finding ID image_tag: Image tag image_id: Image ID cloud_info.cluster_name: Kubernetes cluster name cloud_info.cloud_provider: Cloud provider
+    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: image_digest: Image digest (sha256 digest) image_id: Image ID cloud_info.cloud_region: Cloud region compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) compliance_finding.id: Compliance finding ID cloud_info.cluster_name: Kubernetes cluster name cloud_info.namespace: Kubernetes namespace asset_type: asset type (container, image) image_registry: Image registry cloud_info.cloud_provider: Cloud provider image_tag: Image tag cloud_info.cloud_account_id: Cloud account ID compliance_finding.framework: Compliance finding framework (available values: CIS) compliance_finding.name: Compliance finding Name cid: Customer ID image_repository: Image repository
     # @option opts [String] :after &#39;after&#39; value from the last response. Keep it empty for the first request.
     # @option opts [String] :limit number of images to return in the response after &#39;after&#39; key. Keep it empty for the default number of 10000
     # @return [Array<(DomainAggregateImageAssessmentsResponse, Integer, Hash)>] DomainAggregateImageAssessmentsResponse data, response status code and response headers
@@ -566,7 +566,7 @@ module Falcon
 
     # get the assessments for each rule
     # @param [Hash] opts the optional parameters
-    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: compliance_finding.framework: Compliance finding framework (available values: CIS) cloud_info.cloud_region: Cloud region image_id: Image ID compliance_finding.name: Compliance finding Name cid: Customer ID image_digest: Image digest (sha256 digest) cloud_info.cluster_name: Kubernetes cluster name cloud_info.cloud_provider: Cloud provider compliance_finding.id: Compliance finding ID image_tag: Image tag cloud_info.cloud_account_id: Cloud account ID compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) image_registry: Image registry image_repository: Image repository
+    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: cloud_info.cloud_account_id: Cloud account ID compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) compliance_finding.name: Compliance finding Name image_tag: Image tag cloud_info.cloud_region: Cloud region cid: Customer ID image_registry: Image registry image_digest: Image digest (sha256 digest) compliance_finding.id: Compliance finding ID image_repository: Image repository compliance_finding.framework: Compliance finding framework (available values: CIS) cloud_info.cluster_name: Kubernetes cluster name cloud_info.cloud_provider: Cloud provider image_id: Image ID
     # @return [DomainAggregateRulesAssessmentsResponse]
     def ext_aggregate_rules_assessments(opts = {})
       data, _status_code, _headers = ext_aggregate_rules_assessments_with_http_info(opts)
@@ -575,7 +575,7 @@ module Falcon
 
     # get the assessments for each rule
     # @param [Hash] opts the optional parameters
-    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: compliance_finding.framework: Compliance finding framework (available values: CIS) cloud_info.cloud_region: Cloud region image_id: Image ID compliance_finding.name: Compliance finding Name cid: Customer ID image_digest: Image digest (sha256 digest) cloud_info.cluster_name: Kubernetes cluster name cloud_info.cloud_provider: Cloud provider compliance_finding.id: Compliance finding ID image_tag: Image tag cloud_info.cloud_account_id: Cloud account ID compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) image_registry: Image registry image_repository: Image repository
+    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: cloud_info.cloud_account_id: Cloud account ID compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) compliance_finding.name: Compliance finding Name image_tag: Image tag cloud_info.cloud_region: Cloud region cid: Customer ID image_registry: Image registry image_digest: Image digest (sha256 digest) compliance_finding.id: Compliance finding ID image_repository: Image repository compliance_finding.framework: Compliance finding framework (available values: CIS) cloud_info.cluster_name: Kubernetes cluster name cloud_info.cloud_provider: Cloud provider image_id: Image ID
     # @return [Array<(DomainAggregateRulesAssessmentsResponse, Integer, Hash)>] DomainAggregateRulesAssessmentsResponse data, response status code and response headers
     def ext_aggregate_rules_assessments_with_http_info(opts = {})
       if @api_client.config.debugging
@@ -624,7 +624,7 @@ module Falcon
 
     # get the rules grouped by their statuses
     # @param [Hash] opts the optional parameters
-    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: container_id: Container ID container_name: Container name image_digest: Image digest (sha256 digest) cloud_info.cloud_region: Cloud region compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) image_id: Image ID cloud_info.cloud_account_id: Cloud account ID cid: Customer ID image_repository: Image repository image_tag: Image tag compliance_finding.name: Compliance finding Name cloud_info.cluster_name: Kubernetes cluster name compliance_finding.id: Compliance finding ID asset_type: asset type (container, image) cloud_info.cloud_provider: Cloud provider image_registry: Image registry compliance_finding.framework: Compliance finding framework (available values: CIS)
+    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: image_registry: Image registry image_repository: Image repository image_tag: Image tag cloud_info.cloud_provider: Cloud provider compliance_finding.id: Compliance finding ID image_id: Image ID cid: Customer ID compliance_finding.framework: Compliance finding framework (available values: CIS) compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) container_id: Container ID cloud_info.cloud_account_id: Cloud account ID compliance_finding.name: Compliance finding Name cloud_info.cloud_region: Cloud region cloud_info.cluster_name: Kubernetes cluster name image_digest: Image digest (sha256 digest) container_name: Container name asset_type: asset type (container, image)
     # @return [DomainAggregateRulesByStatusResponse]
     def ext_aggregate_rules_by_status(opts = {})
       data, _status_code, _headers = ext_aggregate_rules_by_status_with_http_info(opts)
@@ -633,7 +633,7 @@ module Falcon
 
     # get the rules grouped by their statuses
     # @param [Hash] opts the optional parameters
-    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: container_id: Container ID container_name: Container name image_digest: Image digest (sha256 digest) cloud_info.cloud_region: Cloud region compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) image_id: Image ID cloud_info.cloud_account_id: Cloud account ID cid: Customer ID image_repository: Image repository image_tag: Image tag compliance_finding.name: Compliance finding Name cloud_info.cluster_name: Kubernetes cluster name compliance_finding.id: Compliance finding ID asset_type: asset type (container, image) cloud_info.cloud_provider: Cloud provider image_registry: Image registry compliance_finding.framework: Compliance finding framework (available values: CIS)
+    # @option opts [String] :filter Filter results using a query in Falcon Query Language (FQL). Supported Filters: image_registry: Image registry image_repository: Image repository image_tag: Image tag cloud_info.cloud_provider: Cloud provider compliance_finding.id: Compliance finding ID image_id: Image ID cid: Customer ID compliance_finding.framework: Compliance finding framework (available values: CIS) compliance_finding.severity: Compliance finding severity; available values: 4, 3, 2, 1 (4: critical, 3: high, 2: medium, 1:low) container_id: Container ID cloud_info.cloud_account_id: Cloud account ID compliance_finding.name: Compliance finding Name cloud_info.cloud_region: Cloud region cloud_info.cluster_name: Kubernetes cluster name image_digest: Image digest (sha256 digest) container_name: Container name asset_type: asset type (container, image)
     # @return [Array<(DomainAggregateRulesByStatusResponse, Integer, Hash)>] DomainAggregateRulesByStatusResponse data, response status code and response headers
     def ext_aggregate_rules_by_status_with_http_info(opts = {})
       if @api_client.config.debugging

data/lib/crimson-falcon/api/cspm_registration.rb

@@ -883,6 +883,75 @@ module Falcon
       return data, status_code, headers
     end
 
+    # Get list of related cloud event LogScale IDs for a given IOA
+    # @param x_cs_useruuid [String] Requester User UUID
+    # @param id [String] IOA Aggregate Event ID
+    # @param [Hash] opts the optional parameters
+    # @return [CdrioamanagerGetCloudEventIDsResponse]
+    def get_cloud_event_ids(x_cs_useruuid, id, opts = {})
+      data, _status_code, _headers = get_cloud_event_ids_with_http_info(x_cs_useruuid, id, opts)
+      data
+    end
+
+    # Get list of related cloud event LogScale IDs for a given IOA
+    # @param x_cs_useruuid [String] Requester User UUID
+    # @param id [String] IOA Aggregate Event ID
+    # @param [Hash] opts the optional parameters
+    # @return [Array<(CdrioamanagerGetCloudEventIDsResponse, Integer, Hash)>] CdrioamanagerGetCloudEventIDsResponse data, response status code and response headers
+    def get_cloud_event_ids_with_http_info(x_cs_useruuid, id, opts = {})
+      if @api_client.config.debugging
+        @api_client.config.logger.debug 'Calling API: CspmRegistration.get_cloud_event_ids ...'
+      end
+      # verify the required parameter 'x_cs_useruuid' is set
+      if @api_client.config.client_side_validation && x_cs_useruuid.nil?
+        fail ArgumentError, "Missing the required parameter 'x_cs_useruuid' when calling CspmRegistration.get_cloud_event_ids"
+      end
+      # verify the required parameter 'id' is set
+      if @api_client.config.client_side_validation && id.nil?
+        fail ArgumentError, "Missing the required parameter 'id' when calling CspmRegistration.get_cloud_event_ids"
+      end
+      # resource path
+      local_var_path = '/detects/queries/cloud-events/v1'
+
+      # query parameters
+      query_params = opts[:query_params] || {}
+      query_params[:'id'] = id
+
+      # header parameters
+      header_params = opts[:header_params] || {}
+      # HTTP header 'Accept' (if needed)
+      header_params['Accept'] = @api_client.select_header_accept(['application/json'])
+      header_params[:'X-CS-USERUUID'] = x_cs_useruuid
+
+      # form parameters
+      form_params = opts[:form_params] || {}
+
+      # http body (model)
+      post_body = opts[:debug_body]
+
+      # return_type
+      return_type = opts[:debug_return_type] || 'CdrioamanagerGetCloudEventIDsResponse'
+
+      # auth_names
+      auth_names = opts[:debug_auth_names] || ['oauth2']
+
+      new_options = opts.merge(
+        :operation => :"CspmRegistration.get_cloud_event_ids",
+        :header_params => header_params,
+        :query_params => query_params,
+        :form_params => form_params,
+        :body => post_body,
+        :auth_names => auth_names,
+        :return_type => return_type
+      )
+
+      data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
+      if @api_client.config.debugging
+        @api_client.config.logger.debug "API called: CspmRegistration#get_cloud_event_ids\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+      end
+      return data, status_code, headers
+    end
+
     # Get misconfigurations based on the ID - including custom policy detections in addition to default policy detections.
     # @param ids [Array<String>] detection ids
     # @param [Hash] opts the optional parameters

data/lib/crimson-falcon/api/default.rb

@@ -36,68 +36,6 @@ module Falcon
     def initialize(api_client = ApiClient.default)
       @api_client = api_client
     end
-    # Retrieve detailed compliance rule information including descriptions, remediation steps, and audit procedures by specifying rule identifiers.
-    # @param ids [Array<String>] comma separated list of rule ids
-    # @param [Hash] opts the optional parameters
-    # @return [DomainRuleMetadataResponse]
-    def get_rules_metadata_by_id(ids, opts = {})
-      data, _status_code, _headers = get_rules_metadata_by_id_with_http_info(ids, opts)
-      data
-    end
-
-    # Retrieve detailed compliance rule information including descriptions, remediation steps, and audit procedures by specifying rule identifiers.
-    # @param ids [Array<String>] comma separated list of rule ids
-    # @param [Hash] opts the optional parameters
-    # @return [Array<(DomainRuleMetadataResponse, Integer, Hash)>] DomainRuleMetadataResponse data, response status code and response headers
-    def get_rules_metadata_by_id_with_http_info(ids, opts = {})
-      if @api_client.config.debugging
-        @api_client.config.logger.debug 'Calling API: Default.get_rules_metadata_by_id ...'
-      end
-      # verify the required parameter 'ids' is set
-      if @api_client.config.client_side_validation && ids.nil?
-        fail ArgumentError, "Missing the required parameter 'ids' when calling Default.get_rules_metadata_by_id"
-      end
-      # resource path
-      local_var_path = '/container-compliance/combined/rule-details-by-rule-ids/v1'
-
-      # query parameters
-      query_params = opts[:query_params] || {}
-      query_params[:'ids'] = @api_client.build_collection_param(ids, :multi)
-
-      # header parameters
-      header_params = opts[:header_params] || {}
-      # HTTP header 'Accept' (if needed)
-      header_params['Accept'] = @api_client.select_header_accept(['application/json'])
-
-      # form parameters
-      form_params = opts[:form_params] || {}
-
-      # http body (model)
-      post_body = opts[:debug_body]
-
-      # return_type
-      return_type = opts[:debug_return_type] || 'DomainRuleMetadataResponse'
-
-      # auth_names
-      auth_names = opts[:debug_auth_names] || ['oauth2']
-
-      new_options = opts.merge(
-        :operation => :"Default.get_rules_metadata_by_id",
-        :header_params => header_params,
-        :query_params => query_params,
-        :form_params => form_params,
-        :body => post_body,
-        :auth_names => auth_names,
-        :return_type => return_type
-      )
-
-      data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
-      if @api_client.config.debugging
-        @api_client.config.logger.debug "API called: Default#get_rules_metadata_by_id\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
-      end
-      return data, status_code, headers
-    end
-
     # - request graphql query
     # @param [Hash] opts the optional parameters
     # @return [Hash<String, Object>]

data/lib/crimson-falcon/api/exposure_management.rb

@@ -784,5 +784,72 @@ module Falcon
       end
       return data, status_code, headers
     end
+
+    # Get a list of external asset IDs that match the provided filter conditions. Use these IDs with the /entities/external-assets/v1 endpoint
+    # @param [Hash] opts the optional parameters
+    # @option opts [String] :after A pagination token used with the `limit` parameter to manage pagination of results. On your first request, don't provide an `after` token. On subsequent requests, provide the `after` token from the previous response to continue from that place in the results.
+    # @option opts [Integer] :limit number of IDs to return.
+    # @option opts [String] :sort Order by fields.
+    # @option opts [String] :filter Filter assets using an FQL query. Common filter options include:<ul><li>asset_type:'ip'</li><li>last_seen_timestamp:>'now-7d'</li></ul>    </br>Available filter fields that support exact match: asset_id, asset_type, confidence, connectivity_status, criticality, criticality_description, criticality_timestamp, criticality_username, data_providers, discovered_by, dns_domain.fqdn, dns_domain.isps, dns_domain.parent_domain, dns_domain.resolved_ips, dns_domain.services.applications.category, dns_domain.services.applications.cpe, dns_domain.services.applications.name, dns_domain.services.applications.vendor, dns_domain.services.applications.version, dns_domain.services.cloud_provider, dns_domain.services.cpes, dns_domain.services.hosting_provider, dns_domain.services.last_seen, dns_domain.services.platform_name, dns_domain.services.port, dns_domain.services.protocol, dns_domain.services.protocol_port, dns_domain.services.status, dns_domain.services.status_code, dns_domain.services.transport, dns_domain.type, first_seen, id, internet_exposure, ip.asn, ip.cloud_provider, ip.cloud_vm.description, ip.cloud_vm.instance_id, ip.cloud_vm.lifecycle, ip.cloud_vm.mac_address, ip.cloud_vm.owner_id, ip.cloud_vm.platform, ip.cloud_vm.private_ip, ip.cloud_vm.public_ip, ip.cloud_vm.region, ip.cloud_vm.security_groups, ip.cloud_vm.source, ip.cloud_vm.status, ip.fqdns, ip.ip_address, ip.isp, ip.location.area_code, ip.location.city, ip.location.country_code, ip.location.country_name, ip.location.postal_code, ip.location.region_code, ip.location.region_name, ip.location.timezone, ip.ptr, ip.aid, ip.services.applications.category, ip.services.applications.cpe, ip.services.applications.name, ip.services.applications.vendor, ip.services.applications.version, ip.services.cloud_provider, ip.services.cpes, ip.services.first_seen, ip.services.last_seen, ip.services.platform_name, ip.services.port, ip.services.protocol, ip.services.protocol_port, ip.services.status, ip.services.status_code, ip.services.transport, last_seen, manual, perimeter, subsidiaries.id, subsidiaries.name, triage.action, triage.assigned_to, triage.status, triage.updated_by, triage.updated_timestamp    </br>Available filter fields that supports wildcard (*): asset_id, asset_type, confidence, connectivity_status, criticality, criticality_username, data_providers, discovered_by, dns_domain.fqdn, dns_domain.isps, dns_domain.parent_domain, dns_domain.resolved_ips, dns_domain.services.applications.category, dns_domain.services.applications.cpe, dns_domain.services.applications.name, dns_domain.services.applications.vendor, dns_domain.services.applications.version, dns_domain.services.cloud_provider, dns_domain.services.cpes, dns_domain.services.hosting_provider, dns_domain.services.id, dns_domain.services.platform_name, dns_domain.services.port, dns_domain.services.protocol, dns_domain.services.protocol_port, dns_domain.services.status, dns_domain.services.status_code, dns_domain.services.transport, dns_domain.type, id, internet_exposure, ip.asn, ip.cloud_vm.instance_id, ip.cloud_vm.lifecycle, ip.cloud_vm.mac_address, ip.cloud_vm.owner_id, ip.cloud_vm.platform, ip.cloud_vm.private_ip, ip.cloud_vm.public_ip, ip.cloud_vm.region, ip.cloud_vm.security_groups, ip.cloud_vm.source, ip.cloud_vm.status, ip.fqdns, ip.ip_address, ip.isp, ip.location.area_code, ip.location.city, ip.location.country_code, ip.location.country_name, ip.location.postal_code, ip.location.region_code, ip.location.region_name, ip.location.timezone, ip.ptr, ip.aid, ip.services.applications.category, ip.services.applications.cpe, ip.services.applications.name, ip.services.applications.vendor, ip.services.applications.version, ip.services.cloud_provider, ip.services.cpes, ip.services.platform_name, ip.services.port, ip.services.protocol, ip.services.protocol_port, ip.services.status, ip.services.status_code, ip.services.transport, manual, perimeter, subsidiaries.id, subsidiaries.name, triage.action, triage.assigned_to, triage.status, triage.updated_by    </br>Available filter fields that supports in ([v1, v2]): asset_id, asset_type, confidence, connectivity_status, criticality, criticality_username, data_providers, discovered_by, dns_domain.fqdn, dns_domain.isps, dns_domain.parent_domain, dns_domain.services.applications.category, dns_domain.services.applications.cpe, dns_domain.services.applications.name, dns_domain.services.applications.vendor, dns_domain.services.applications.version, dns_domain.services.cloud_provider, dns_domain.services.cpes, dns_domain.services.id, dns_domain.services.platform_name, dns_domain.services.port, dns_domain.services.protocol, dns_domain.services.protocol_port, dns_domain.services.status, dns_domain.services.status_code, dns_domain.services.transport, dns_domain.type, id, internet_exposure, ip.asn, ip.cloud_vm.instance_id, ip.cloud_vm.lifecycle, ip.cloud_vm.mac_address, ip.cloud_vm.owner_id, ip.cloud_vm.platform, ip.cloud_vm.region, ip.cloud_vm.security_groups, ip.cloud_vm.source, ip.cloud_vm.status, ip.fqdns, ip.isp, ip.location.area_code, ip.location.city, ip.location.country_code, ip.location.country_name, ip.location.postal_code, ip.location.region_code, ip.location.region_name, ip.location.timezone, ip.ptr, ip.aid, ip.services.applications.category, ip.services.applications.cpe, ip.services.applications.name, ip.services.applications.vendor, ip.services.applications.version, ip.services.cloud_provider, ip.services.cpes, ip.services.platform_name, ip.services.port, ip.services.protocol, ip.services.protocol_port, ip.services.status, ip.services.status_code, ip.services.transport, manual, perimeter, subsidiaries.id, subsidiaries.name, triage.action, triage.assigned_to, triage.status, triage.updated_by    </br>Available filter fields that supports range comparisons (>, <, >=, <=): criticality_timestamp, dns_domain.resolved_ips, dns_domain.services.first_seen, dns_domain.services.last_seen, dns_domain.services.port, dns_domain.services.status_code, first_seen, ip.cloud_vm.private_ip, ip.cloud_vm.public_ip, ip.ip_address, ip.services.first_seen, ip.services.last_seen, ip.services.port, ip.services.status_code, last_seen, triage.updated_timestamp    </br>All filter fields and operations supports negation (!).
+    # @return [DomainDiscoverAPIResponse]
+    def query_external_assets_v2(opts = {})
+      data, _status_code, _headers = query_external_assets_v2_with_http_info(opts)
+      data
+    end
+
+    # Get a list of external asset IDs that match the provided filter conditions. Use these IDs with the /entities/external-assets/v1 endpoint
+    # @param [Hash] opts the optional parameters
+    # @option opts [String] :after A pagination token used with the `limit` parameter to manage pagination of results. On your first request, don't provide an `after` token. On subsequent requests, provide the `after` token from the previous response to continue from that place in the results.
+    # @option opts [Integer] :limit number of IDs to return.
+    # @option opts [String] :sort Order by fields.
+    # @option opts [String] :filter Filter assets using an FQL query. Common filter options include:<ul><li>asset_type:'ip'</li><li>last_seen_timestamp:>'now-7d'</li></ul>    </br>Available filter fields that support exact match: asset_id, asset_type, confidence, connectivity_status, criticality, criticality_description, criticality_timestamp, criticality_username, data_providers, discovered_by, dns_domain.fqdn, dns_domain.isps, dns_domain.parent_domain, dns_domain.resolved_ips, dns_domain.services.applications.category, dns_domain.services.applications.cpe, dns_domain.services.applications.name, dns_domain.services.applications.vendor, dns_domain.services.applications.version, dns_domain.services.cloud_provider, dns_domain.services.cpes, dns_domain.services.hosting_provider, dns_domain.services.last_seen, dns_domain.services.platform_name, dns_domain.services.port, dns_domain.services.protocol, dns_domain.services.protocol_port, dns_domain.services.status, dns_domain.services.status_code, dns_domain.services.transport, dns_domain.type, first_seen, id, internet_exposure, ip.asn, ip.cloud_provider, ip.cloud_vm.description, ip.cloud_vm.instance_id, ip.cloud_vm.lifecycle, ip.cloud_vm.mac_address, ip.cloud_vm.owner_id, ip.cloud_vm.platform, ip.cloud_vm.private_ip, ip.cloud_vm.public_ip, ip.cloud_vm.region, ip.cloud_vm.security_groups, ip.cloud_vm.source, ip.cloud_vm.status, ip.fqdns, ip.ip_address, ip.isp, ip.location.area_code, ip.location.city, ip.location.country_code, ip.location.country_name, ip.location.postal_code, ip.location.region_code, ip.location.region_name, ip.location.timezone, ip.ptr, ip.aid, ip.services.applications.category, ip.services.applications.cpe, ip.services.applications.name, ip.services.applications.vendor, ip.services.applications.version, ip.services.cloud_provider, ip.services.cpes, ip.services.first_seen, ip.services.last_seen, ip.services.platform_name, ip.services.port, ip.services.protocol, ip.services.protocol_port, ip.services.status, ip.services.status_code, ip.services.transport, last_seen, manual, perimeter, subsidiaries.id, subsidiaries.name, triage.action, triage.assigned_to, triage.status, triage.updated_by, triage.updated_timestamp    </br>Available filter fields that supports wildcard (*): asset_id, asset_type, confidence, connectivity_status, criticality, criticality_username, data_providers, discovered_by, dns_domain.fqdn, dns_domain.isps, dns_domain.parent_domain, dns_domain.resolved_ips, dns_domain.services.applications.category, dns_domain.services.applications.cpe, dns_domain.services.applications.name, dns_domain.services.applications.vendor, dns_domain.services.applications.version, dns_domain.services.cloud_provider, dns_domain.services.cpes, dns_domain.services.hosting_provider, dns_domain.services.id, dns_domain.services.platform_name, dns_domain.services.port, dns_domain.services.protocol, dns_domain.services.protocol_port, dns_domain.services.status, dns_domain.services.status_code, dns_domain.services.transport, dns_domain.type, id, internet_exposure, ip.asn, ip.cloud_vm.instance_id, ip.cloud_vm.lifecycle, ip.cloud_vm.mac_address, ip.cloud_vm.owner_id, ip.cloud_vm.platform, ip.cloud_vm.private_ip, ip.cloud_vm.public_ip, ip.cloud_vm.region, ip.cloud_vm.security_groups, ip.cloud_vm.source, ip.cloud_vm.status, ip.fqdns, ip.ip_address, ip.isp, ip.location.area_code, ip.location.city, ip.location.country_code, ip.location.country_name, ip.location.postal_code, ip.location.region_code, ip.location.region_name, ip.location.timezone, ip.ptr, ip.aid, ip.services.applications.category, ip.services.applications.cpe, ip.services.applications.name, ip.services.applications.vendor, ip.services.applications.version, ip.services.cloud_provider, ip.services.cpes, ip.services.platform_name, ip.services.port, ip.services.protocol, ip.services.protocol_port, ip.services.status, ip.services.status_code, ip.services.transport, manual, perimeter, subsidiaries.id, subsidiaries.name, triage.action, triage.assigned_to, triage.status, triage.updated_by    </br>Available filter fields that supports in ([v1, v2]): asset_id, asset_type, confidence, connectivity_status, criticality, criticality_username, data_providers, discovered_by, dns_domain.fqdn, dns_domain.isps, dns_domain.parent_domain, dns_domain.services.applications.category, dns_domain.services.applications.cpe, dns_domain.services.applications.name, dns_domain.services.applications.vendor, dns_domain.services.applications.version, dns_domain.services.cloud_provider, dns_domain.services.cpes, dns_domain.services.id, dns_domain.services.platform_name, dns_domain.services.port, dns_domain.services.protocol, dns_domain.services.protocol_port, dns_domain.services.status, dns_domain.services.status_code, dns_domain.services.transport, dns_domain.type, id, internet_exposure, ip.asn, ip.cloud_vm.instance_id, ip.cloud_vm.lifecycle, ip.cloud_vm.mac_address, ip.cloud_vm.owner_id, ip.cloud_vm.platform, ip.cloud_vm.region, ip.cloud_vm.security_groups, ip.cloud_vm.source, ip.cloud_vm.status, ip.fqdns, ip.isp, ip.location.area_code, ip.location.city, ip.location.country_code, ip.location.country_name, ip.location.postal_code, ip.location.region_code, ip.location.region_name, ip.location.timezone, ip.ptr, ip.aid, ip.services.applications.category, ip.services.applications.cpe, ip.services.applications.name, ip.services.applications.vendor, ip.services.applications.version, ip.services.cloud_provider, ip.services.cpes, ip.services.platform_name, ip.services.port, ip.services.protocol, ip.services.protocol_port, ip.services.status, ip.services.status_code, ip.services.transport, manual, perimeter, subsidiaries.id, subsidiaries.name, triage.action, triage.assigned_to, triage.status, triage.updated_by    </br>Available filter fields that supports range comparisons (>, <, >=, <=): criticality_timestamp, dns_domain.resolved_ips, dns_domain.services.first_seen, dns_domain.services.last_seen, dns_domain.services.port, dns_domain.services.status_code, first_seen, ip.cloud_vm.private_ip, ip.cloud_vm.public_ip, ip.ip_address, ip.services.first_seen, ip.services.last_seen, ip.services.port, ip.services.status_code, last_seen, triage.updated_timestamp    </br>All filter fields and operations supports negation (!).
+    # @return [Array<(DomainDiscoverAPIResponse, Integer, Hash)>] DomainDiscoverAPIResponse data, response status code and response headers
+    def query_external_assets_v2_with_http_info(opts = {})
+      if @api_client.config.debugging
+        @api_client.config.logger.debug 'Calling API: ExposureManagement.query_external_assets_v2 ...'
+      end
+      # resource path
+      local_var_path = '/fem/queries/external-assets/v2'
+
+      # query parameters
+      query_params = opts[:query_params] || {}
+      query_params[:'after'] = opts[:'after'] if !opts[:'after'].nil?
+      query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil?
+      query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
+      query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil?
+
+      # header parameters
+      header_params = opts[:header_params] || {}
+      # HTTP header 'Accept' (if needed)
+      header_params['Accept'] = @api_client.select_header_accept(['application/json'])
+
+      # form parameters
+      form_params = opts[:form_params] || {}
+
+      # http body (model)
+      post_body = opts[:debug_body]
+
+      # return_type
+      return_type = opts[:debug_return_type] || 'DomainDiscoverAPIResponse'
+
+      # auth_names
+      auth_names = opts[:debug_auth_names] || ['oauth2']
+
+      new_options = opts.merge(
+        :operation => :"ExposureManagement.query_external_assets_v2",
+        :header_params => header_params,
+        :query_params => query_params,
+        :form_params => form_params,
+        :body => post_body,
+        :auth_names => auth_names,
+        :return_type => return_type
+      )
+
+      data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
+      if @api_client.config.debugging
+        @api_client.config.logger.debug "API called: ExposureManagement#query_external_assets_v2\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+      end
+      return data, status_code, headers
+    end
   end
 end

data/lib/crimson-falcon/api/falcon_complete_dashboard.rb

@@ -36,7 +36,7 @@ module Falcon
     def initialize(api_client = ApiClient.default)
       @api_client = api_client
     end
-    # Retrieve aggregate alerts values based on the matched filter
+    # Retrieve aggregate epp alerts values based on the matched filter
     # @param body [Array<MsaAggregateQueryRequest>]
     # @param [Hash] opts the optional parameters
     # @return [MsaAggregatesResponse]
@@ -45,7 +45,7 @@ module Falcon
       data
     end
 
-    # Retrieve aggregate alerts values based on the matched filter
+    # Retrieve aggregate epp alerts values based on the matched filter
     # @param body [Array<MsaAggregateQueryRequest>]
     # @param [Hash] opts the optional parameters
     # @return [Array<(MsaAggregatesResponse, Integer, Hash)>] MsaAggregatesResponse data, response status code and response headers
@@ -897,7 +897,7 @@ module Falcon
       return data, status_code, headers
     end
 
-    # Retrieve Alerts Ids that match the provided FQL filter criteria with scrolling enabled
+    # Retrieve Alerts Ids for epp that match the provided FQL filter criteria with scrolling enabled
     # @param [Hash] opts the optional parameters
     # @option opts [Integer] :limit The maximum records to return. [1-500]
     # @option opts [String] :sort The property to sort on, followed by a dot (.), followed by the sort direction, either \&quot;asc\&quot; or \&quot;desc\&quot;.
@@ -909,7 +909,7 @@ module Falcon
       data
     end
 
-    # Retrieve Alerts Ids that match the provided FQL filter criteria with scrolling enabled
+    # Retrieve Alerts Ids for epp that match the provided FQL filter criteria with scrolling enabled
     # @param [Hash] opts the optional parameters
     # @option opts [Integer] :limit The maximum records to return. [1-500]
     # @option opts [String] :sort The property to sort on, followed by a dot (.), followed by the sort direction, either \&quot;asc\&quot; or \&quot;desc\&quot;.
@@ -964,6 +964,73 @@ module Falcon
       return data, status_code, headers
     end
 
+    # Retrieve Alerts Ids for epp, idp and ngsiem that match the provided FQL filter criteria with scrolling enabled
+    # @param [Hash] opts the optional parameters
+    # @option opts [Integer] :limit The maximum records to return. [1-500]
+    # @option opts [String] :sort The property to sort on, followed by a dot (.), followed by the sort direction, either \&quot;asc\&quot; or \&quot;desc\&quot;.
+    # @option opts [String] :filter Optional filter and sort criteria in the form of an FQL query. For more information about FQL queries, see [our FQL documentation in Falcon](https://falcon.crowdstrike.com/support/documentation/45/falcon-query-language-feature-guide).
+    # @option opts [String] :offset Starting index of overall result set from which to return ids.
+    # @return [MsaspecQueryResponse]
+    def query_alert_ids_by_filter_v2(opts = {})
+      data, _status_code, _headers = query_alert_ids_by_filter_v2_with_http_info(opts)
+      data
+    end
+
+    # Retrieve Alerts Ids for epp, idp and ngsiem that match the provided FQL filter criteria with scrolling enabled
+    # @param [Hash] opts the optional parameters
+    # @option opts [Integer] :limit The maximum records to return. [1-500]
+    # @option opts [String] :sort The property to sort on, followed by a dot (.), followed by the sort direction, either \&quot;asc\&quot; or \&quot;desc\&quot;.
+    # @option opts [String] :filter Optional filter and sort criteria in the form of an FQL query. For more information about FQL queries, see [our FQL documentation in Falcon](https://falcon.crowdstrike.com/support/documentation/45/falcon-query-language-feature-guide).
+    # @option opts [String] :offset Starting index of overall result set from which to return ids.
+    # @return [Array<(MsaspecQueryResponse, Integer, Hash)>] MsaspecQueryResponse data, response status code and response headers
+    def query_alert_ids_by_filter_v2_with_http_info(opts = {})
+      if @api_client.config.debugging
+        @api_client.config.logger.debug 'Calling API: FalconCompleteDashboard.query_alert_ids_by_filter_v2 ...'
+      end
+      # resource path
+      local_var_path = '/falcon-complete-dashboards/queries/alerts/v2'
+
+      # query parameters
+      query_params = opts[:query_params] || {}
+      query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil?
+      query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
+      query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil?
+      query_params[:'offset'] = opts[:'offset'] if !opts[:'offset'].nil?
+
+      # header parameters
+      header_params = opts[:header_params] || {}
+      # HTTP header 'Accept' (if needed)
+      header_params['Accept'] = @api_client.select_header_accept(['application/json'])
+
+      # form parameters
+      form_params = opts[:form_params] || {}
+
+      # http body (model)
+      post_body = opts[:debug_body]
+
+      # return_type
+      return_type = opts[:debug_return_type] || 'MsaspecQueryResponse'
+
+      # auth_names
+      auth_names = opts[:debug_auth_names] || ['oauth2']
+
+      new_options = opts.merge(
+        :operation => :"FalconCompleteDashboard.query_alert_ids_by_filter_v2",
+        :header_params => header_params,
+        :query_params => query_params,
+        :form_params => form_params,
+        :body => post_body,
+        :auth_names => auth_names,
+        :return_type => return_type
+      )
+
+      data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
+      if @api_client.config.debugging
+        @api_client.config.logger.debug "API called: FalconCompleteDashboard#query_alert_ids_by_filter_v2\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
+      end
+      return data, status_code, headers
+    end
+
     # Retrieve allowlist tickets that match the provided filter criteria with scrolling enabled
     # @param [Hash] opts the optional parameters
     # @option opts [Integer] :limit The maximum records to return. [1-500]