catocli 1.0.19__py3-none-any.whl → 1.0.21__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of catocli might be problematic. Click here for more details.
- catocli/Utils/clidriver.py +6 -0
- catocli/__init__.py +1 -1
- catocli/parsers/custom/__init__.py +1 -1
- catocli/parsers/mutation_admin_addAdmin/README.md +1 -1
- catocli/parsers/mutation_admin_updateAdmin/README.md +1 -1
- catocli/parsers/mutation_policy/__init__.py +522 -0
- catocli/parsers/mutation_policy_dynamicIpAllocation/README.md +7 -0
- catocli/parsers/mutation_policy_dynamicIpAllocation_addRule/README.md +18 -0
- catocli/parsers/mutation_policy_dynamicIpAllocation_addSection/README.md +18 -0
- catocli/parsers/mutation_policy_dynamicIpAllocation_createPolicyRevision/README.md +18 -0
- catocli/parsers/mutation_policy_dynamicIpAllocation_discardPolicyRevision/README.md +18 -0
- catocli/parsers/mutation_policy_dynamicIpAllocation_moveRule/README.md +18 -0
- catocli/parsers/mutation_policy_dynamicIpAllocation_moveSection/README.md +18 -0
- catocli/parsers/mutation_policy_dynamicIpAllocation_publishPolicyRevision/README.md +18 -0
- catocli/parsers/mutation_policy_dynamicIpAllocation_removeRule/README.md +18 -0
- catocli/parsers/mutation_policy_dynamicIpAllocation_removeSection/README.md +18 -0
- catocli/parsers/mutation_policy_dynamicIpAllocation_updatePolicy/README.md +18 -0
- catocli/parsers/mutation_policy_dynamicIpAllocation_updateRule/README.md +18 -0
- catocli/parsers/mutation_policy_dynamicIpAllocation_updateSection/README.md +18 -0
- catocli/parsers/mutation_policy_internetFirewall_addRule/README.md +1 -1
- catocli/parsers/mutation_policy_internetFirewall_updateRule/README.md +1 -1
- catocli/parsers/mutation_policy_socketLan/README.md +7 -0
- catocli/parsers/mutation_policy_socketLan_addRule/README.md +18 -0
- catocli/parsers/mutation_policy_socketLan_addSection/README.md +18 -0
- catocli/parsers/mutation_policy_socketLan_createPolicyRevision/README.md +18 -0
- catocli/parsers/mutation_policy_socketLan_discardPolicyRevision/README.md +18 -0
- catocli/parsers/mutation_policy_socketLan_moveRule/README.md +18 -0
- catocli/parsers/mutation_policy_socketLan_moveSection/README.md +18 -0
- catocli/parsers/mutation_policy_socketLan_publishPolicyRevision/README.md +18 -0
- catocli/parsers/mutation_policy_socketLan_removeRule/README.md +18 -0
- catocli/parsers/mutation_policy_socketLan_removeSection/README.md +18 -0
- catocli/parsers/mutation_policy_socketLan_updatePolicy/README.md +18 -0
- catocli/parsers/mutation_policy_socketLan_updateRule/README.md +18 -0
- catocli/parsers/mutation_policy_socketLan_updateSection/README.md +18 -0
- catocli/parsers/mutation_policy_wanNetwork/README.md +7 -0
- catocli/parsers/mutation_policy_wanNetwork_addRule/README.md +18 -0
- catocli/parsers/mutation_policy_wanNetwork_addSection/README.md +18 -0
- catocli/parsers/mutation_policy_wanNetwork_createPolicyRevision/README.md +18 -0
- catocli/parsers/mutation_policy_wanNetwork_discardPolicyRevision/README.md +18 -0
- catocli/parsers/mutation_policy_wanNetwork_moveRule/README.md +18 -0
- catocli/parsers/mutation_policy_wanNetwork_moveSection/README.md +18 -0
- catocli/parsers/mutation_policy_wanNetwork_publishPolicyRevision/README.md +18 -0
- catocli/parsers/mutation_policy_wanNetwork_removeRule/README.md +18 -0
- catocli/parsers/mutation_policy_wanNetwork_removeSection/README.md +18 -0
- catocli/parsers/mutation_policy_wanNetwork_updatePolicy/README.md +18 -0
- catocli/parsers/mutation_policy_wanNetwork_updateRule/README.md +18 -0
- catocli/parsers/mutation_policy_wanNetwork_updateSection/README.md +18 -0
- catocli/parsers/mutation_sandbox/README.md +7 -0
- catocli/parsers/mutation_sandbox/__init__.py +37 -0
- catocli/parsers/mutation_sandbox_deleteReport/README.md +17 -0
- catocli/parsers/mutation_sandbox_uploadFile/README.md +17 -0
- catocli/parsers/mutation_site/__init__.py +28 -0
- catocli/parsers/mutation_site_addIpsecIkeV2Site/README.md +1 -1
- catocli/parsers/mutation_site_addIpsecIkeV2SiteTunnels/README.md +1 -1
- catocli/parsers/mutation_site_addSecondaryAwsVSocket/README.md +17 -0
- catocli/parsers/mutation_site_addSecondaryAzureVSocket/README.md +17 -0
- catocli/parsers/mutation_site_addSocketSite/README.md +1 -1
- catocli/parsers/mutation_site_updateIpsecIkeV2SiteTunnels/README.md +1 -1
- catocli/parsers/mutation_site_updateSocketInterface/README.md +1 -1
- catocli/parsers/mutation_sites/__init__.py +28 -0
- catocli/parsers/mutation_sites_addIpsecIkeV2Site/README.md +1 -1
- catocli/parsers/mutation_sites_addIpsecIkeV2SiteTunnels/README.md +1 -1
- catocli/parsers/mutation_sites_addSecondaryAwsVSocket/README.md +17 -0
- catocli/parsers/mutation_sites_addSecondaryAzureVSocket/README.md +17 -0
- catocli/parsers/mutation_sites_addSocketSite/README.md +1 -1
- catocli/parsers/mutation_sites_updateIpsecIkeV2SiteTunnels/README.md +1 -1
- catocli/parsers/mutation_sites_updateSocketInterface/README.md +1 -1
- catocli/parsers/mutation_xdr/README.md +7 -0
- catocli/parsers/mutation_xdr/__init__.py +51 -0
- catocli/parsers/mutation_xdr_addStoryComment/README.md +17 -0
- catocli/parsers/mutation_xdr_analystFeedback/README.md +18 -0
- catocli/parsers/mutation_xdr_deleteStoryComment/README.md +17 -0
- catocli/parsers/query_accountMetrics/README.md +2 -1
- catocli/parsers/query_appStatsTimeSeries/README.md +2 -1
- catocli/parsers/query_eventsFeed/README.md +1 -1
- catocli/parsers/query_eventsTimeSeries/README.md +2 -1
- catocli/parsers/query_policy/README.md +4 -1
- catocli/parsers/query_sandbox/README.md +17 -0
- catocli/parsers/query_sandbox/__init__.py +17 -0
- catocli/parsers/query_siteLocation/README.md +1 -1
- catocli/parsers/query_xdr_story/README.md +1 -1
- {catocli-1.0.19.dist-info → catocli-1.0.21.dist-info}/METADATA +1 -1
- {catocli-1.0.19.dist-info → catocli-1.0.21.dist-info}/RECORD +166 -66
- models/mutation.admin.addAdmin.json +0 -60
- models/mutation.admin.updateAdmin.json +0 -57
- models/mutation.policy.dynamicIpAllocation.addRule.json +3696 -0
- models/mutation.policy.dynamicIpAllocation.addSection.json +1358 -0
- models/mutation.policy.dynamicIpAllocation.createPolicyRevision.json +2175 -0
- models/mutation.policy.dynamicIpAllocation.discardPolicyRevision.json +2109 -0
- models/mutation.policy.dynamicIpAllocation.moveRule.json +1907 -0
- models/mutation.policy.dynamicIpAllocation.moveSection.json +1259 -0
- models/mutation.policy.dynamicIpAllocation.publishPolicyRevision.json +2166 -0
- models/mutation.policy.dynamicIpAllocation.removeRule.json +1555 -0
- models/mutation.policy.dynamicIpAllocation.removeSection.json +958 -0
- models/mutation.policy.dynamicIpAllocation.updatePolicy.json +2185 -0
- models/mutation.policy.dynamicIpAllocation.updateRule.json +3374 -0
- models/mutation.policy.dynamicIpAllocation.updateSection.json +1111 -0
- models/mutation.policy.internetFirewall.addRule.json +18 -18
- models/mutation.policy.internetFirewall.createPolicyRevision.json +4 -4
- models/mutation.policy.internetFirewall.discardPolicyRevision.json +4 -4
- models/mutation.policy.internetFirewall.moveRule.json +4 -4
- models/mutation.policy.internetFirewall.publishPolicyRevision.json +4 -4
- models/mutation.policy.internetFirewall.removeRule.json +4 -4
- models/mutation.policy.internetFirewall.updatePolicy.json +4 -4
- models/mutation.policy.internetFirewall.updateRule.json +18 -18
- models/mutation.policy.socketLan.addRule.json +11266 -0
- models/mutation.policy.socketLan.addSection.json +1358 -0
- models/mutation.policy.socketLan.createPolicyRevision.json +3926 -0
- models/mutation.policy.socketLan.discardPolicyRevision.json +3860 -0
- models/mutation.policy.socketLan.moveRule.json +3658 -0
- models/mutation.policy.socketLan.moveSection.json +1259 -0
- models/mutation.policy.socketLan.publishPolicyRevision.json +3917 -0
- models/mutation.policy.socketLan.removeRule.json +3306 -0
- models/mutation.policy.socketLan.removeSection.json +958 -0
- models/mutation.policy.socketLan.updatePolicy.json +3936 -0
- models/mutation.policy.socketLan.updateRule.json +10860 -0
- models/mutation.policy.socketLan.updateSection.json +1111 -0
- models/mutation.policy.wanNetwork.addRule.json +30614 -0
- models/mutation.policy.wanNetwork.addSection.json +1358 -0
- models/mutation.policy.wanNetwork.createPolicyRevision.json +8251 -0
- models/mutation.policy.wanNetwork.discardPolicyRevision.json +8185 -0
- models/mutation.policy.wanNetwork.moveRule.json +7983 -0
- models/mutation.policy.wanNetwork.moveSection.json +1259 -0
- models/mutation.policy.wanNetwork.publishPolicyRevision.json +8242 -0
- models/mutation.policy.wanNetwork.removeRule.json +7631 -0
- models/mutation.policy.wanNetwork.removeSection.json +958 -0
- models/mutation.policy.wanNetwork.updatePolicy.json +8261 -0
- models/mutation.policy.wanNetwork.updateRule.json +30145 -0
- models/mutation.policy.wanNetwork.updateSection.json +1111 -0
- models/mutation.sandbox.deleteReport.json +302 -0
- models/mutation.sandbox.uploadFile.json +301 -0
- models/mutation.site.addIpsecIkeV2Site.json +57 -0
- models/mutation.site.addIpsecIkeV2SiteTunnels.json +222 -0
- models/mutation.site.addSecondaryAwsVSocket.json +707 -0
- models/mutation.site.addSecondaryAzureVSocket.json +647 -0
- models/mutation.site.addSocketSite.json +72 -15
- models/mutation.site.updateIpsecIkeV2SiteTunnels.json +222 -0
- models/mutation.site.updateNetworkRange.json +3 -3
- models/mutation.site.updateSocketInterface.json +126 -18
- models/mutation.sites.addIpsecIkeV2Site.json +57 -0
- models/mutation.sites.addIpsecIkeV2SiteTunnels.json +222 -0
- models/mutation.sites.addSecondaryAwsVSocket.json +707 -0
- models/mutation.sites.addSecondaryAzureVSocket.json +647 -0
- models/mutation.sites.addSocketSite.json +72 -15
- models/mutation.sites.updateIpsecIkeV2SiteTunnels.json +222 -0
- models/mutation.sites.updateNetworkRange.json +3 -3
- models/mutation.sites.updateSocketInterface.json +126 -18
- models/mutation.xdr.addStoryComment.json +622 -0
- models/mutation.xdr.analystFeedback.json +28820 -0
- models/mutation.xdr.deleteStoryComment.json +622 -0
- models/query.accountMetrics.json +592 -0
- models/query.accountSnapshot.json +308 -0
- models/query.appStatsTimeSeries.json +37 -0
- models/query.auditFeed.json +352 -52
- models/query.events.json +1434 -234
- models/query.eventsFeed.json +352 -52
- models/query.eventsTimeSeries.json +1113 -176
- models/query.policy.json +22867 -9389
- models/query.sandbox.json +2111 -0
- models/query.xdr.stories.json +134 -4
- models/query.xdr.story.json +116 -4
- schema/catolib.py +4 -5
- {catocli-1.0.19.dist-info → catocli-1.0.21.dist-info}/LICENSE +0 -0
- {catocli-1.0.19.dist-info → catocli-1.0.21.dist-info}/WHEEL +0 -0
- {catocli-1.0.19.dist-info → catocli-1.0.21.dist-info}/entry_points.txt +0 -0
- {catocli-1.0.19.dist-info → catocli-1.0.21.dist-info}/top_level.txt +0 -0
models/query.auditFeed.json
CHANGED
|
@@ -166,7 +166,7 @@
|
|
|
166
166
|
"description": null,
|
|
167
167
|
"enumValues": [
|
|
168
168
|
{
|
|
169
|
-
"deprecationReason": "use src_site_id/src_site_name instead",
|
|
169
|
+
"deprecationReason": "use src_site_id/src_site_name instead. Planned end-of-life (EoL) date: May 1, 2025.",
|
|
170
170
|
"description": "Name of site or user initiating the connection",
|
|
171
171
|
"isDeprecated": true,
|
|
172
172
|
"name": "src_site"
|
|
@@ -190,7 +190,7 @@
|
|
|
190
190
|
"name": "user_id"
|
|
191
191
|
},
|
|
192
192
|
{
|
|
193
|
-
"deprecationReason": "use dest_site_id/dest_site_name instead",
|
|
193
|
+
"deprecationReason": "use dest_site_id/dest_site_name instead. Planned end-of-life (EoL) date: May 1, 2025.",
|
|
194
194
|
"description": "For WAN traffic, name of destination site or SDP user",
|
|
195
195
|
"isDeprecated": true,
|
|
196
196
|
"name": "dest_site"
|
|
@@ -202,13 +202,13 @@
|
|
|
202
202
|
"name": "dest_site_id"
|
|
203
203
|
},
|
|
204
204
|
{
|
|
205
|
-
"deprecationReason":
|
|
205
|
+
"deprecationReason": "please use src_site_id and dest_site_id instead. Planned end-of-life (EoL) date: June 30, 2025.",
|
|
206
206
|
"description": "Source or destination site or remote user ID.\nThis field can only be used in filter.",
|
|
207
|
-
"isDeprecated":
|
|
207
|
+
"isDeprecated": true,
|
|
208
208
|
"name": "src_or_dest_site_id"
|
|
209
209
|
},
|
|
210
210
|
{
|
|
211
|
-
"deprecationReason": "use rule_name instead",
|
|
211
|
+
"deprecationReason": "use rule_name instead. Planned end-of-life (EoL) date: May 1, 2025.",
|
|
212
212
|
"description": "Name of security rule related to the event",
|
|
213
213
|
"isDeprecated": true,
|
|
214
214
|
"name": "rule"
|
|
@@ -226,7 +226,7 @@
|
|
|
226
226
|
"name": "socket_interface"
|
|
227
227
|
},
|
|
228
228
|
{
|
|
229
|
-
"deprecationReason": "use custom_category_id/custom_category_name instead",
|
|
229
|
+
"deprecationReason": "use custom_category_id/custom_category_name instead. Planned end-of-life (EoL) date: May 1, 2025.",
|
|
230
230
|
"description": "Name for the custom category defined in the Cato Management Application",
|
|
231
231
|
"isDeprecated": true,
|
|
232
232
|
"name": "custom_category"
|
|
@@ -239,7 +239,7 @@
|
|
|
239
239
|
},
|
|
240
240
|
{
|
|
241
241
|
"deprecationReason": null,
|
|
242
|
-
"description": "
|
|
242
|
+
"description": "Destination port",
|
|
243
243
|
"isDeprecated": false,
|
|
244
244
|
"name": "dest_port"
|
|
245
245
|
},
|
|
@@ -299,7 +299,7 @@
|
|
|
299
299
|
},
|
|
300
300
|
{
|
|
301
301
|
"deprecationReason": null,
|
|
302
|
-
"description": "
|
|
302
|
+
"description": "Destination IP address",
|
|
303
303
|
"isDeprecated": false,
|
|
304
304
|
"name": "dest_ip"
|
|
305
305
|
},
|
|
@@ -376,7 +376,7 @@
|
|
|
376
376
|
"name": "configured_host_name"
|
|
377
377
|
},
|
|
378
378
|
{
|
|
379
|
-
"deprecationReason": "use event_id instead",
|
|
379
|
+
"deprecationReason": "use event_id instead. Planned end-of-life (EoL) date: May 1, 2025.",
|
|
380
380
|
"description": "Cato Internal-use only",
|
|
381
381
|
"isDeprecated": true,
|
|
382
382
|
"name": "internalId"
|
|
@@ -448,9 +448,9 @@
|
|
|
448
448
|
"name": "bgp_error_code"
|
|
449
449
|
},
|
|
450
450
|
{
|
|
451
|
-
"deprecationReason":
|
|
451
|
+
"deprecationReason": "Planned end-of-life (EoL) date: April 15, 2025.",
|
|
452
452
|
"description": "Description from Cato Management Application for BGP peer",
|
|
453
|
-
"isDeprecated":
|
|
453
|
+
"isDeprecated": true,
|
|
454
454
|
"name": "bgp_peer_description"
|
|
455
455
|
},
|
|
456
456
|
{
|
|
@@ -515,7 +515,7 @@
|
|
|
515
515
|
},
|
|
516
516
|
{
|
|
517
517
|
"deprecationReason": null,
|
|
518
|
-
"description": "
|
|
518
|
+
"description": "Round Trip Delay in Milliseconds that it takes a packet to travel between the source and the PoP",
|
|
519
519
|
"isDeprecated": false,
|
|
520
520
|
"name": "link_health_latency"
|
|
521
521
|
},
|
|
@@ -670,14 +670,14 @@
|
|
|
670
670
|
"name": "incident_id"
|
|
671
671
|
},
|
|
672
672
|
{
|
|
673
|
-
"deprecationReason": "use application_id/application_name instead",
|
|
673
|
+
"deprecationReason": "use application_id/application_name instead. Planned end-of-life (EoL) date: May 1, 2025.",
|
|
674
674
|
"description": "For Internet firewall, app for this event",
|
|
675
675
|
"isDeprecated": true,
|
|
676
676
|
"name": "application"
|
|
677
677
|
},
|
|
678
678
|
{
|
|
679
679
|
"deprecationReason": null,
|
|
680
|
-
"description": "
|
|
680
|
+
"description": "The name of the application associated with the flow",
|
|
681
681
|
"isDeprecated": false,
|
|
682
682
|
"name": "application_name"
|
|
683
683
|
},
|
|
@@ -700,7 +700,7 @@
|
|
|
700
700
|
"name": "socket_interface_id"
|
|
701
701
|
},
|
|
702
702
|
{
|
|
703
|
-
"deprecationReason": "use custom_category_id/custom_category_name instead",
|
|
703
|
+
"deprecationReason": "use custom_category_id/custom_category_name instead. Planned end-of-life (EoL) date: May 1, 2025.",
|
|
704
704
|
"description": "Unique Cato ID for the custom category",
|
|
705
705
|
"isDeprecated": true,
|
|
706
706
|
"name": "custom_categories"
|
|
@@ -779,7 +779,7 @@
|
|
|
779
779
|
},
|
|
780
780
|
{
|
|
781
781
|
"deprecationReason": null,
|
|
782
|
-
"description": "
|
|
782
|
+
"description": "The name of the destination site",
|
|
783
783
|
"isDeprecated": false,
|
|
784
784
|
"name": "dest_site_name"
|
|
785
785
|
},
|
|
@@ -838,7 +838,7 @@
|
|
|
838
838
|
"name": "device_posture_profile"
|
|
839
839
|
},
|
|
840
840
|
{
|
|
841
|
-
"deprecationReason": "use device_posture_profile instead",
|
|
841
|
+
"deprecationReason": "use device_posture_profile instead. Planned end-of-life (EoL) date: May 1, 2025.",
|
|
842
842
|
"description": "Device posture profiles",
|
|
843
843
|
"isDeprecated": true,
|
|
844
844
|
"name": "device_posture_profiles"
|
|
@@ -911,7 +911,7 @@
|
|
|
911
911
|
},
|
|
912
912
|
{
|
|
913
913
|
"deprecationReason": null,
|
|
914
|
-
"description": "DLP
|
|
914
|
+
"description": "Describes the behavior when the DLP system encounters a failure",
|
|
915
915
|
"isDeprecated": false,
|
|
916
916
|
"name": "dlp_fail_mode"
|
|
917
917
|
},
|
|
@@ -969,6 +969,24 @@
|
|
|
969
969
|
"isDeprecated": false,
|
|
970
970
|
"name": "is_sinkhole"
|
|
971
971
|
},
|
|
972
|
+
{
|
|
973
|
+
"deprecationReason": null,
|
|
974
|
+
"description": "The ID for the endpoint",
|
|
975
|
+
"isDeprecated": false,
|
|
976
|
+
"name": "endpoint_id"
|
|
977
|
+
},
|
|
978
|
+
{
|
|
979
|
+
"deprecationReason": null,
|
|
980
|
+
"description": "The Endpoint Protection Engine that detected the malware",
|
|
981
|
+
"isDeprecated": false,
|
|
982
|
+
"name": "epp_engine_type"
|
|
983
|
+
},
|
|
984
|
+
{
|
|
985
|
+
"deprecationReason": null,
|
|
986
|
+
"description": "The file operation when this event occurred",
|
|
987
|
+
"isDeprecated": false,
|
|
988
|
+
"name": "file_operation"
|
|
989
|
+
},
|
|
972
990
|
{
|
|
973
991
|
"deprecationReason": null,
|
|
974
992
|
"description": null,
|
|
@@ -1001,7 +1019,7 @@
|
|
|
1001
1019
|
},
|
|
1002
1020
|
{
|
|
1003
1021
|
"deprecationReason": null,
|
|
1004
|
-
"description":
|
|
1022
|
+
"description": "The vendor that identified the incident, such as Cato or Microsoft",
|
|
1005
1023
|
"isDeprecated": false,
|
|
1006
1024
|
"name": "vendor"
|
|
1007
1025
|
},
|
|
@@ -1042,19 +1060,19 @@
|
|
|
1042
1060
|
"name": "recommended_actions"
|
|
1043
1061
|
},
|
|
1044
1062
|
{
|
|
1045
|
-
"deprecationReason": "use src_pid instead",
|
|
1063
|
+
"deprecationReason": "use src_pid instead. Planned end-of-life (EoL) date: March 1, 2025.",
|
|
1046
1064
|
"description": null,
|
|
1047
1065
|
"isDeprecated": true,
|
|
1048
1066
|
"name": "pid"
|
|
1049
1067
|
},
|
|
1050
1068
|
{
|
|
1051
|
-
"deprecationReason": "use src_process_parent_pid instead",
|
|
1069
|
+
"deprecationReason": "use src_process_parent_pid instead. Planned end-of-life (EoL) date: March 1, 2025.",
|
|
1052
1070
|
"description": null,
|
|
1053
1071
|
"isDeprecated": true,
|
|
1054
1072
|
"name": "parent_pid"
|
|
1055
1073
|
},
|
|
1056
1074
|
{
|
|
1057
|
-
"deprecationReason": "use src_process_path instead",
|
|
1075
|
+
"deprecationReason": "use src_process_path instead. Planned end-of-life (EoL) date: March 1, 2025.",
|
|
1058
1076
|
"description": null,
|
|
1059
1077
|
"isDeprecated": true,
|
|
1060
1078
|
"name": "process_path"
|
|
@@ -1071,12 +1089,96 @@
|
|
|
1071
1089
|
"isDeprecated": false,
|
|
1072
1090
|
"name": "out_of_band_access"
|
|
1073
1091
|
},
|
|
1092
|
+
{
|
|
1093
|
+
"deprecationReason": null,
|
|
1094
|
+
"description": "A Unique ID for the quarantined file",
|
|
1095
|
+
"isDeprecated": false,
|
|
1096
|
+
"name": "quarantine_uuid"
|
|
1097
|
+
},
|
|
1074
1098
|
{
|
|
1075
1099
|
"deprecationReason": null,
|
|
1076
1100
|
"description": null,
|
|
1077
1101
|
"isDeprecated": false,
|
|
1078
1102
|
"name": "logged_in_user"
|
|
1079
1103
|
},
|
|
1104
|
+
{
|
|
1105
|
+
"deprecationReason": null,
|
|
1106
|
+
"description": "The profile assigned to the endpoint upon detection of the malware",
|
|
1107
|
+
"isDeprecated": false,
|
|
1108
|
+
"name": "epp_profile"
|
|
1109
|
+
},
|
|
1110
|
+
{
|
|
1111
|
+
"deprecationReason": null,
|
|
1112
|
+
"description": "Source process ID",
|
|
1113
|
+
"isDeprecated": false,
|
|
1114
|
+
"name": "src_pid"
|
|
1115
|
+
},
|
|
1116
|
+
{
|
|
1117
|
+
"deprecationReason": null,
|
|
1118
|
+
"description": "Source process file path",
|
|
1119
|
+
"isDeprecated": false,
|
|
1120
|
+
"name": "src_process_path"
|
|
1121
|
+
},
|
|
1122
|
+
{
|
|
1123
|
+
"deprecationReason": null,
|
|
1124
|
+
"description": "Source process command line",
|
|
1125
|
+
"isDeprecated": false,
|
|
1126
|
+
"name": "src_process_cmdline"
|
|
1127
|
+
},
|
|
1128
|
+
{
|
|
1129
|
+
"deprecationReason": null,
|
|
1130
|
+
"description": "Source process parent process ID",
|
|
1131
|
+
"isDeprecated": false,
|
|
1132
|
+
"name": "src_process_parent_pid"
|
|
1133
|
+
},
|
|
1134
|
+
{
|
|
1135
|
+
"deprecationReason": null,
|
|
1136
|
+
"description": "Source process parent file path",
|
|
1137
|
+
"isDeprecated": false,
|
|
1138
|
+
"name": "src_process_parent_path"
|
|
1139
|
+
},
|
|
1140
|
+
{
|
|
1141
|
+
"deprecationReason": null,
|
|
1142
|
+
"description": "The destination process ID",
|
|
1143
|
+
"isDeprecated": false,
|
|
1144
|
+
"name": "dest_pid"
|
|
1145
|
+
},
|
|
1146
|
+
{
|
|
1147
|
+
"deprecationReason": null,
|
|
1148
|
+
"description": "Destination process file path",
|
|
1149
|
+
"isDeprecated": false,
|
|
1150
|
+
"name": "dest_process_path"
|
|
1151
|
+
},
|
|
1152
|
+
{
|
|
1153
|
+
"deprecationReason": null,
|
|
1154
|
+
"description": "Destination process command line",
|
|
1155
|
+
"isDeprecated": false,
|
|
1156
|
+
"name": "dest_process_cmdline"
|
|
1157
|
+
},
|
|
1158
|
+
{
|
|
1159
|
+
"deprecationReason": null,
|
|
1160
|
+
"description": "Destination process parent process ID",
|
|
1161
|
+
"isDeprecated": false,
|
|
1162
|
+
"name": "dest_process_parent_pid"
|
|
1163
|
+
},
|
|
1164
|
+
{
|
|
1165
|
+
"deprecationReason": null,
|
|
1166
|
+
"description": "Destination process parent file path",
|
|
1167
|
+
"isDeprecated": false,
|
|
1168
|
+
"name": "dest_process_parent_path"
|
|
1169
|
+
},
|
|
1170
|
+
{
|
|
1171
|
+
"deprecationReason": null,
|
|
1172
|
+
"description": "If policy is set to disinfect, return the result of this action",
|
|
1173
|
+
"isDeprecated": false,
|
|
1174
|
+
"name": "disinfect_result"
|
|
1175
|
+
},
|
|
1176
|
+
{
|
|
1177
|
+
"deprecationReason": null,
|
|
1178
|
+
"description": "Indicate how many processes are part of this event",
|
|
1179
|
+
"isDeprecated": false,
|
|
1180
|
+
"name": "processes_count"
|
|
1181
|
+
},
|
|
1080
1182
|
{
|
|
1081
1183
|
"deprecationReason": null,
|
|
1082
1184
|
"description": "HTTP request method (ie. Get, Post)",
|
|
@@ -1151,7 +1253,7 @@
|
|
|
1151
1253
|
},
|
|
1152
1254
|
{
|
|
1153
1255
|
"deprecationReason": null,
|
|
1154
|
-
"description": "Cato
|
|
1256
|
+
"description": "Cato application name",
|
|
1155
1257
|
"isDeprecated": false,
|
|
1156
1258
|
"name": "cato_app"
|
|
1157
1259
|
},
|
|
@@ -1205,7 +1307,7 @@
|
|
|
1205
1307
|
},
|
|
1206
1308
|
{
|
|
1207
1309
|
"deprecationReason": null,
|
|
1208
|
-
"description": "
|
|
1310
|
+
"description": "Unique identifier for the tenant within a multi-tenant environment",
|
|
1209
1311
|
"isDeprecated": false,
|
|
1210
1312
|
"name": "tenant_id"
|
|
1211
1313
|
},
|
|
@@ -1265,7 +1367,7 @@
|
|
|
1265
1367
|
},
|
|
1266
1368
|
{
|
|
1267
1369
|
"deprecationReason": null,
|
|
1268
|
-
"description": "
|
|
1370
|
+
"description": "Defines the scanning methods used by the DLP system",
|
|
1269
1371
|
"isDeprecated": false,
|
|
1270
1372
|
"name": "dlp_scan_types"
|
|
1271
1373
|
},
|
|
@@ -1343,7 +1445,7 @@
|
|
|
1343
1445
|
},
|
|
1344
1446
|
{
|
|
1345
1447
|
"deprecationReason": null,
|
|
1346
|
-
"description": "
|
|
1448
|
+
"description": "Public source IP",
|
|
1347
1449
|
"isDeprecated": false,
|
|
1348
1450
|
"name": "public_ip"
|
|
1349
1451
|
},
|
|
@@ -1514,6 +1616,54 @@
|
|
|
1514
1616
|
"description": "Device Type",
|
|
1515
1617
|
"isDeprecated": false,
|
|
1516
1618
|
"name": "device_type"
|
|
1619
|
+
},
|
|
1620
|
+
{
|
|
1621
|
+
"deprecationReason": null,
|
|
1622
|
+
"description": "Tenant Restriction Rule Name",
|
|
1623
|
+
"isDeprecated": false,
|
|
1624
|
+
"name": "tenant_restriction_rule_name"
|
|
1625
|
+
},
|
|
1626
|
+
{
|
|
1627
|
+
"deprecationReason": null,
|
|
1628
|
+
"description": "Connection Origin",
|
|
1629
|
+
"isDeprecated": false,
|
|
1630
|
+
"name": "connection_origin"
|
|
1631
|
+
},
|
|
1632
|
+
{
|
|
1633
|
+
"deprecationReason": null,
|
|
1634
|
+
"description": "Translated Server IP",
|
|
1635
|
+
"isDeprecated": false,
|
|
1636
|
+
"name": "translated_server_ip"
|
|
1637
|
+
},
|
|
1638
|
+
{
|
|
1639
|
+
"deprecationReason": null,
|
|
1640
|
+
"description": "Translated Client IP",
|
|
1641
|
+
"isDeprecated": false,
|
|
1642
|
+
"name": "translated_client_ip"
|
|
1643
|
+
},
|
|
1644
|
+
{
|
|
1645
|
+
"deprecationReason": null,
|
|
1646
|
+
"description": "IoC Container Name",
|
|
1647
|
+
"isDeprecated": false,
|
|
1648
|
+
"name": "container_name"
|
|
1649
|
+
},
|
|
1650
|
+
{
|
|
1651
|
+
"deprecationReason": null,
|
|
1652
|
+
"description": "An external system identifier used for correlation between related Cato entities. Example: external ticket id that correlates Cato XDR stories.",
|
|
1653
|
+
"isDeprecated": false,
|
|
1654
|
+
"name": "correlation_id"
|
|
1655
|
+
},
|
|
1656
|
+
{
|
|
1657
|
+
"deprecationReason": null,
|
|
1658
|
+
"description": "Precedence",
|
|
1659
|
+
"isDeprecated": false,
|
|
1660
|
+
"name": "precedence"
|
|
1661
|
+
},
|
|
1662
|
+
{
|
|
1663
|
+
"deprecationReason": null,
|
|
1664
|
+
"description": "A list of labels providing additional context for the event",
|
|
1665
|
+
"isDeprecated": false,
|
|
1666
|
+
"name": "labels"
|
|
1517
1667
|
}
|
|
1518
1668
|
],
|
|
1519
1669
|
"fields": null,
|
|
@@ -1880,7 +2030,7 @@
|
|
|
1880
2030
|
"description": null,
|
|
1881
2031
|
"enumValues": [
|
|
1882
2032
|
{
|
|
1883
|
-
"deprecationReason": "use src_site_id/src_site_name instead",
|
|
2033
|
+
"deprecationReason": "use src_site_id/src_site_name instead. Planned end-of-life (EoL) date: May 1, 2025.",
|
|
1884
2034
|
"description": "Name of site or user initiating the connection",
|
|
1885
2035
|
"isDeprecated": true,
|
|
1886
2036
|
"name": "src_site"
|
|
@@ -1904,7 +2054,7 @@
|
|
|
1904
2054
|
"name": "user_id"
|
|
1905
2055
|
},
|
|
1906
2056
|
{
|
|
1907
|
-
"deprecationReason": "use dest_site_id/dest_site_name instead",
|
|
2057
|
+
"deprecationReason": "use dest_site_id/dest_site_name instead. Planned end-of-life (EoL) date: May 1, 2025.",
|
|
1908
2058
|
"description": "For WAN traffic, name of destination site or SDP user",
|
|
1909
2059
|
"isDeprecated": true,
|
|
1910
2060
|
"name": "dest_site"
|
|
@@ -1916,13 +2066,13 @@
|
|
|
1916
2066
|
"name": "dest_site_id"
|
|
1917
2067
|
},
|
|
1918
2068
|
{
|
|
1919
|
-
"deprecationReason":
|
|
2069
|
+
"deprecationReason": "please use src_site_id and dest_site_id instead. Planned end-of-life (EoL) date: June 30, 2025.",
|
|
1920
2070
|
"description": "Source or destination site or remote user ID.\nThis field can only be used in filter.",
|
|
1921
|
-
"isDeprecated":
|
|
2071
|
+
"isDeprecated": true,
|
|
1922
2072
|
"name": "src_or_dest_site_id"
|
|
1923
2073
|
},
|
|
1924
2074
|
{
|
|
1925
|
-
"deprecationReason": "use rule_name instead",
|
|
2075
|
+
"deprecationReason": "use rule_name instead. Planned end-of-life (EoL) date: May 1, 2025.",
|
|
1926
2076
|
"description": "Name of security rule related to the event",
|
|
1927
2077
|
"isDeprecated": true,
|
|
1928
2078
|
"name": "rule"
|
|
@@ -1940,7 +2090,7 @@
|
|
|
1940
2090
|
"name": "socket_interface"
|
|
1941
2091
|
},
|
|
1942
2092
|
{
|
|
1943
|
-
"deprecationReason": "use custom_category_id/custom_category_name instead",
|
|
2093
|
+
"deprecationReason": "use custom_category_id/custom_category_name instead. Planned end-of-life (EoL) date: May 1, 2025.",
|
|
1944
2094
|
"description": "Name for the custom category defined in the Cato Management Application",
|
|
1945
2095
|
"isDeprecated": true,
|
|
1946
2096
|
"name": "custom_category"
|
|
@@ -1953,7 +2103,7 @@
|
|
|
1953
2103
|
},
|
|
1954
2104
|
{
|
|
1955
2105
|
"deprecationReason": null,
|
|
1956
|
-
"description": "
|
|
2106
|
+
"description": "Destination port",
|
|
1957
2107
|
"isDeprecated": false,
|
|
1958
2108
|
"name": "dest_port"
|
|
1959
2109
|
},
|
|
@@ -2013,7 +2163,7 @@
|
|
|
2013
2163
|
},
|
|
2014
2164
|
{
|
|
2015
2165
|
"deprecationReason": null,
|
|
2016
|
-
"description": "
|
|
2166
|
+
"description": "Destination IP address",
|
|
2017
2167
|
"isDeprecated": false,
|
|
2018
2168
|
"name": "dest_ip"
|
|
2019
2169
|
},
|
|
@@ -2090,7 +2240,7 @@
|
|
|
2090
2240
|
"name": "configured_host_name"
|
|
2091
2241
|
},
|
|
2092
2242
|
{
|
|
2093
|
-
"deprecationReason": "use event_id instead",
|
|
2243
|
+
"deprecationReason": "use event_id instead. Planned end-of-life (EoL) date: May 1, 2025.",
|
|
2094
2244
|
"description": "Cato Internal-use only",
|
|
2095
2245
|
"isDeprecated": true,
|
|
2096
2246
|
"name": "internalId"
|
|
@@ -2162,9 +2312,9 @@
|
|
|
2162
2312
|
"name": "bgp_error_code"
|
|
2163
2313
|
},
|
|
2164
2314
|
{
|
|
2165
|
-
"deprecationReason":
|
|
2315
|
+
"deprecationReason": "Planned end-of-life (EoL) date: April 15, 2025.",
|
|
2166
2316
|
"description": "Description from Cato Management Application for BGP peer",
|
|
2167
|
-
"isDeprecated":
|
|
2317
|
+
"isDeprecated": true,
|
|
2168
2318
|
"name": "bgp_peer_description"
|
|
2169
2319
|
},
|
|
2170
2320
|
{
|
|
@@ -2229,7 +2379,7 @@
|
|
|
2229
2379
|
},
|
|
2230
2380
|
{
|
|
2231
2381
|
"deprecationReason": null,
|
|
2232
|
-
"description": "
|
|
2382
|
+
"description": "Round Trip Delay in Milliseconds that it takes a packet to travel between the source and the PoP",
|
|
2233
2383
|
"isDeprecated": false,
|
|
2234
2384
|
"name": "link_health_latency"
|
|
2235
2385
|
},
|
|
@@ -2384,14 +2534,14 @@
|
|
|
2384
2534
|
"name": "incident_id"
|
|
2385
2535
|
},
|
|
2386
2536
|
{
|
|
2387
|
-
"deprecationReason": "use application_id/application_name instead",
|
|
2537
|
+
"deprecationReason": "use application_id/application_name instead. Planned end-of-life (EoL) date: May 1, 2025.",
|
|
2388
2538
|
"description": "For Internet firewall, app for this event",
|
|
2389
2539
|
"isDeprecated": true,
|
|
2390
2540
|
"name": "application"
|
|
2391
2541
|
},
|
|
2392
2542
|
{
|
|
2393
2543
|
"deprecationReason": null,
|
|
2394
|
-
"description": "
|
|
2544
|
+
"description": "The name of the application associated with the flow",
|
|
2395
2545
|
"isDeprecated": false,
|
|
2396
2546
|
"name": "application_name"
|
|
2397
2547
|
},
|
|
@@ -2414,7 +2564,7 @@
|
|
|
2414
2564
|
"name": "socket_interface_id"
|
|
2415
2565
|
},
|
|
2416
2566
|
{
|
|
2417
|
-
"deprecationReason": "use custom_category_id/custom_category_name instead",
|
|
2567
|
+
"deprecationReason": "use custom_category_id/custom_category_name instead. Planned end-of-life (EoL) date: May 1, 2025.",
|
|
2418
2568
|
"description": "Unique Cato ID for the custom category",
|
|
2419
2569
|
"isDeprecated": true,
|
|
2420
2570
|
"name": "custom_categories"
|
|
@@ -2493,7 +2643,7 @@
|
|
|
2493
2643
|
},
|
|
2494
2644
|
{
|
|
2495
2645
|
"deprecationReason": null,
|
|
2496
|
-
"description": "
|
|
2646
|
+
"description": "The name of the destination site",
|
|
2497
2647
|
"isDeprecated": false,
|
|
2498
2648
|
"name": "dest_site_name"
|
|
2499
2649
|
},
|
|
@@ -2552,7 +2702,7 @@
|
|
|
2552
2702
|
"name": "device_posture_profile"
|
|
2553
2703
|
},
|
|
2554
2704
|
{
|
|
2555
|
-
"deprecationReason": "use device_posture_profile instead",
|
|
2705
|
+
"deprecationReason": "use device_posture_profile instead. Planned end-of-life (EoL) date: May 1, 2025.",
|
|
2556
2706
|
"description": "Device posture profiles",
|
|
2557
2707
|
"isDeprecated": true,
|
|
2558
2708
|
"name": "device_posture_profiles"
|
|
@@ -2625,7 +2775,7 @@
|
|
|
2625
2775
|
},
|
|
2626
2776
|
{
|
|
2627
2777
|
"deprecationReason": null,
|
|
2628
|
-
"description": "DLP
|
|
2778
|
+
"description": "Describes the behavior when the DLP system encounters a failure",
|
|
2629
2779
|
"isDeprecated": false,
|
|
2630
2780
|
"name": "dlp_fail_mode"
|
|
2631
2781
|
},
|
|
@@ -2683,6 +2833,24 @@
|
|
|
2683
2833
|
"isDeprecated": false,
|
|
2684
2834
|
"name": "is_sinkhole"
|
|
2685
2835
|
},
|
|
2836
|
+
{
|
|
2837
|
+
"deprecationReason": null,
|
|
2838
|
+
"description": "The ID for the endpoint",
|
|
2839
|
+
"isDeprecated": false,
|
|
2840
|
+
"name": "endpoint_id"
|
|
2841
|
+
},
|
|
2842
|
+
{
|
|
2843
|
+
"deprecationReason": null,
|
|
2844
|
+
"description": "The Endpoint Protection Engine that detected the malware",
|
|
2845
|
+
"isDeprecated": false,
|
|
2846
|
+
"name": "epp_engine_type"
|
|
2847
|
+
},
|
|
2848
|
+
{
|
|
2849
|
+
"deprecationReason": null,
|
|
2850
|
+
"description": "The file operation when this event occurred",
|
|
2851
|
+
"isDeprecated": false,
|
|
2852
|
+
"name": "file_operation"
|
|
2853
|
+
},
|
|
2686
2854
|
{
|
|
2687
2855
|
"deprecationReason": null,
|
|
2688
2856
|
"description": null,
|
|
@@ -2715,7 +2883,7 @@
|
|
|
2715
2883
|
},
|
|
2716
2884
|
{
|
|
2717
2885
|
"deprecationReason": null,
|
|
2718
|
-
"description":
|
|
2886
|
+
"description": "The vendor that identified the incident, such as Cato or Microsoft",
|
|
2719
2887
|
"isDeprecated": false,
|
|
2720
2888
|
"name": "vendor"
|
|
2721
2889
|
},
|
|
@@ -2756,19 +2924,19 @@
|
|
|
2756
2924
|
"name": "recommended_actions"
|
|
2757
2925
|
},
|
|
2758
2926
|
{
|
|
2759
|
-
"deprecationReason": "use src_pid instead",
|
|
2927
|
+
"deprecationReason": "use src_pid instead. Planned end-of-life (EoL) date: March 1, 2025.",
|
|
2760
2928
|
"description": null,
|
|
2761
2929
|
"isDeprecated": true,
|
|
2762
2930
|
"name": "pid"
|
|
2763
2931
|
},
|
|
2764
2932
|
{
|
|
2765
|
-
"deprecationReason": "use src_process_parent_pid instead",
|
|
2933
|
+
"deprecationReason": "use src_process_parent_pid instead. Planned end-of-life (EoL) date: March 1, 2025.",
|
|
2766
2934
|
"description": null,
|
|
2767
2935
|
"isDeprecated": true,
|
|
2768
2936
|
"name": "parent_pid"
|
|
2769
2937
|
},
|
|
2770
2938
|
{
|
|
2771
|
-
"deprecationReason": "use src_process_path instead",
|
|
2939
|
+
"deprecationReason": "use src_process_path instead. Planned end-of-life (EoL) date: March 1, 2025.",
|
|
2772
2940
|
"description": null,
|
|
2773
2941
|
"isDeprecated": true,
|
|
2774
2942
|
"name": "process_path"
|
|
@@ -2785,12 +2953,96 @@
|
|
|
2785
2953
|
"isDeprecated": false,
|
|
2786
2954
|
"name": "out_of_band_access"
|
|
2787
2955
|
},
|
|
2956
|
+
{
|
|
2957
|
+
"deprecationReason": null,
|
|
2958
|
+
"description": "A Unique ID for the quarantined file",
|
|
2959
|
+
"isDeprecated": false,
|
|
2960
|
+
"name": "quarantine_uuid"
|
|
2961
|
+
},
|
|
2788
2962
|
{
|
|
2789
2963
|
"deprecationReason": null,
|
|
2790
2964
|
"description": null,
|
|
2791
2965
|
"isDeprecated": false,
|
|
2792
2966
|
"name": "logged_in_user"
|
|
2793
2967
|
},
|
|
2968
|
+
{
|
|
2969
|
+
"deprecationReason": null,
|
|
2970
|
+
"description": "The profile assigned to the endpoint upon detection of the malware",
|
|
2971
|
+
"isDeprecated": false,
|
|
2972
|
+
"name": "epp_profile"
|
|
2973
|
+
},
|
|
2974
|
+
{
|
|
2975
|
+
"deprecationReason": null,
|
|
2976
|
+
"description": "Source process ID",
|
|
2977
|
+
"isDeprecated": false,
|
|
2978
|
+
"name": "src_pid"
|
|
2979
|
+
},
|
|
2980
|
+
{
|
|
2981
|
+
"deprecationReason": null,
|
|
2982
|
+
"description": "Source process file path",
|
|
2983
|
+
"isDeprecated": false,
|
|
2984
|
+
"name": "src_process_path"
|
|
2985
|
+
},
|
|
2986
|
+
{
|
|
2987
|
+
"deprecationReason": null,
|
|
2988
|
+
"description": "Source process command line",
|
|
2989
|
+
"isDeprecated": false,
|
|
2990
|
+
"name": "src_process_cmdline"
|
|
2991
|
+
},
|
|
2992
|
+
{
|
|
2993
|
+
"deprecationReason": null,
|
|
2994
|
+
"description": "Source process parent process ID",
|
|
2995
|
+
"isDeprecated": false,
|
|
2996
|
+
"name": "src_process_parent_pid"
|
|
2997
|
+
},
|
|
2998
|
+
{
|
|
2999
|
+
"deprecationReason": null,
|
|
3000
|
+
"description": "Source process parent file path",
|
|
3001
|
+
"isDeprecated": false,
|
|
3002
|
+
"name": "src_process_parent_path"
|
|
3003
|
+
},
|
|
3004
|
+
{
|
|
3005
|
+
"deprecationReason": null,
|
|
3006
|
+
"description": "The destination process ID",
|
|
3007
|
+
"isDeprecated": false,
|
|
3008
|
+
"name": "dest_pid"
|
|
3009
|
+
},
|
|
3010
|
+
{
|
|
3011
|
+
"deprecationReason": null,
|
|
3012
|
+
"description": "Destination process file path",
|
|
3013
|
+
"isDeprecated": false,
|
|
3014
|
+
"name": "dest_process_path"
|
|
3015
|
+
},
|
|
3016
|
+
{
|
|
3017
|
+
"deprecationReason": null,
|
|
3018
|
+
"description": "Destination process command line",
|
|
3019
|
+
"isDeprecated": false,
|
|
3020
|
+
"name": "dest_process_cmdline"
|
|
3021
|
+
},
|
|
3022
|
+
{
|
|
3023
|
+
"deprecationReason": null,
|
|
3024
|
+
"description": "Destination process parent process ID",
|
|
3025
|
+
"isDeprecated": false,
|
|
3026
|
+
"name": "dest_process_parent_pid"
|
|
3027
|
+
},
|
|
3028
|
+
{
|
|
3029
|
+
"deprecationReason": null,
|
|
3030
|
+
"description": "Destination process parent file path",
|
|
3031
|
+
"isDeprecated": false,
|
|
3032
|
+
"name": "dest_process_parent_path"
|
|
3033
|
+
},
|
|
3034
|
+
{
|
|
3035
|
+
"deprecationReason": null,
|
|
3036
|
+
"description": "If policy is set to disinfect, return the result of this action",
|
|
3037
|
+
"isDeprecated": false,
|
|
3038
|
+
"name": "disinfect_result"
|
|
3039
|
+
},
|
|
3040
|
+
{
|
|
3041
|
+
"deprecationReason": null,
|
|
3042
|
+
"description": "Indicate how many processes are part of this event",
|
|
3043
|
+
"isDeprecated": false,
|
|
3044
|
+
"name": "processes_count"
|
|
3045
|
+
},
|
|
2794
3046
|
{
|
|
2795
3047
|
"deprecationReason": null,
|
|
2796
3048
|
"description": "HTTP request method (ie. Get, Post)",
|
|
@@ -2865,7 +3117,7 @@
|
|
|
2865
3117
|
},
|
|
2866
3118
|
{
|
|
2867
3119
|
"deprecationReason": null,
|
|
2868
|
-
"description": "Cato
|
|
3120
|
+
"description": "Cato application name",
|
|
2869
3121
|
"isDeprecated": false,
|
|
2870
3122
|
"name": "cato_app"
|
|
2871
3123
|
},
|
|
@@ -2919,7 +3171,7 @@
|
|
|
2919
3171
|
},
|
|
2920
3172
|
{
|
|
2921
3173
|
"deprecationReason": null,
|
|
2922
|
-
"description": "
|
|
3174
|
+
"description": "Unique identifier for the tenant within a multi-tenant environment",
|
|
2923
3175
|
"isDeprecated": false,
|
|
2924
3176
|
"name": "tenant_id"
|
|
2925
3177
|
},
|
|
@@ -2979,7 +3231,7 @@
|
|
|
2979
3231
|
},
|
|
2980
3232
|
{
|
|
2981
3233
|
"deprecationReason": null,
|
|
2982
|
-
"description": "
|
|
3234
|
+
"description": "Defines the scanning methods used by the DLP system",
|
|
2983
3235
|
"isDeprecated": false,
|
|
2984
3236
|
"name": "dlp_scan_types"
|
|
2985
3237
|
},
|
|
@@ -3057,7 +3309,7 @@
|
|
|
3057
3309
|
},
|
|
3058
3310
|
{
|
|
3059
3311
|
"deprecationReason": null,
|
|
3060
|
-
"description": "
|
|
3312
|
+
"description": "Public source IP",
|
|
3061
3313
|
"isDeprecated": false,
|
|
3062
3314
|
"name": "public_ip"
|
|
3063
3315
|
},
|
|
@@ -3228,6 +3480,54 @@
|
|
|
3228
3480
|
"description": "Device Type",
|
|
3229
3481
|
"isDeprecated": false,
|
|
3230
3482
|
"name": "device_type"
|
|
3483
|
+
},
|
|
3484
|
+
{
|
|
3485
|
+
"deprecationReason": null,
|
|
3486
|
+
"description": "Tenant Restriction Rule Name",
|
|
3487
|
+
"isDeprecated": false,
|
|
3488
|
+
"name": "tenant_restriction_rule_name"
|
|
3489
|
+
},
|
|
3490
|
+
{
|
|
3491
|
+
"deprecationReason": null,
|
|
3492
|
+
"description": "Connection Origin",
|
|
3493
|
+
"isDeprecated": false,
|
|
3494
|
+
"name": "connection_origin"
|
|
3495
|
+
},
|
|
3496
|
+
{
|
|
3497
|
+
"deprecationReason": null,
|
|
3498
|
+
"description": "Translated Server IP",
|
|
3499
|
+
"isDeprecated": false,
|
|
3500
|
+
"name": "translated_server_ip"
|
|
3501
|
+
},
|
|
3502
|
+
{
|
|
3503
|
+
"deprecationReason": null,
|
|
3504
|
+
"description": "Translated Client IP",
|
|
3505
|
+
"isDeprecated": false,
|
|
3506
|
+
"name": "translated_client_ip"
|
|
3507
|
+
},
|
|
3508
|
+
{
|
|
3509
|
+
"deprecationReason": null,
|
|
3510
|
+
"description": "IoC Container Name",
|
|
3511
|
+
"isDeprecated": false,
|
|
3512
|
+
"name": "container_name"
|
|
3513
|
+
},
|
|
3514
|
+
{
|
|
3515
|
+
"deprecationReason": null,
|
|
3516
|
+
"description": "An external system identifier used for correlation between related Cato entities. Example: external ticket id that correlates Cato XDR stories.",
|
|
3517
|
+
"isDeprecated": false,
|
|
3518
|
+
"name": "correlation_id"
|
|
3519
|
+
},
|
|
3520
|
+
{
|
|
3521
|
+
"deprecationReason": null,
|
|
3522
|
+
"description": "Precedence",
|
|
3523
|
+
"isDeprecated": false,
|
|
3524
|
+
"name": "precedence"
|
|
3525
|
+
},
|
|
3526
|
+
{
|
|
3527
|
+
"deprecationReason": null,
|
|
3528
|
+
"description": "A list of labels providing additional context for the event",
|
|
3529
|
+
"isDeprecated": false,
|
|
3530
|
+
"name": "labels"
|
|
3231
3531
|
}
|
|
3232
3532
|
],
|
|
3233
3533
|
"fields": null,
|