catocli 1.0.19__py3-none-any.whl → 1.0.21__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of catocli might be problematic. Click here for more details.
- catocli/Utils/clidriver.py +6 -0
- catocli/__init__.py +1 -1
- catocli/parsers/custom/__init__.py +1 -1
- catocli/parsers/mutation_admin_addAdmin/README.md +1 -1
- catocli/parsers/mutation_admin_updateAdmin/README.md +1 -1
- catocli/parsers/mutation_policy/__init__.py +522 -0
- catocli/parsers/mutation_policy_dynamicIpAllocation/README.md +7 -0
- catocli/parsers/mutation_policy_dynamicIpAllocation_addRule/README.md +18 -0
- catocli/parsers/mutation_policy_dynamicIpAllocation_addSection/README.md +18 -0
- catocli/parsers/mutation_policy_dynamicIpAllocation_createPolicyRevision/README.md +18 -0
- catocli/parsers/mutation_policy_dynamicIpAllocation_discardPolicyRevision/README.md +18 -0
- catocli/parsers/mutation_policy_dynamicIpAllocation_moveRule/README.md +18 -0
- catocli/parsers/mutation_policy_dynamicIpAllocation_moveSection/README.md +18 -0
- catocli/parsers/mutation_policy_dynamicIpAllocation_publishPolicyRevision/README.md +18 -0
- catocli/parsers/mutation_policy_dynamicIpAllocation_removeRule/README.md +18 -0
- catocli/parsers/mutation_policy_dynamicIpAllocation_removeSection/README.md +18 -0
- catocli/parsers/mutation_policy_dynamicIpAllocation_updatePolicy/README.md +18 -0
- catocli/parsers/mutation_policy_dynamicIpAllocation_updateRule/README.md +18 -0
- catocli/parsers/mutation_policy_dynamicIpAllocation_updateSection/README.md +18 -0
- catocli/parsers/mutation_policy_internetFirewall_addRule/README.md +1 -1
- catocli/parsers/mutation_policy_internetFirewall_updateRule/README.md +1 -1
- catocli/parsers/mutation_policy_socketLan/README.md +7 -0
- catocli/parsers/mutation_policy_socketLan_addRule/README.md +18 -0
- catocli/parsers/mutation_policy_socketLan_addSection/README.md +18 -0
- catocli/parsers/mutation_policy_socketLan_createPolicyRevision/README.md +18 -0
- catocli/parsers/mutation_policy_socketLan_discardPolicyRevision/README.md +18 -0
- catocli/parsers/mutation_policy_socketLan_moveRule/README.md +18 -0
- catocli/parsers/mutation_policy_socketLan_moveSection/README.md +18 -0
- catocli/parsers/mutation_policy_socketLan_publishPolicyRevision/README.md +18 -0
- catocli/parsers/mutation_policy_socketLan_removeRule/README.md +18 -0
- catocli/parsers/mutation_policy_socketLan_removeSection/README.md +18 -0
- catocli/parsers/mutation_policy_socketLan_updatePolicy/README.md +18 -0
- catocli/parsers/mutation_policy_socketLan_updateRule/README.md +18 -0
- catocli/parsers/mutation_policy_socketLan_updateSection/README.md +18 -0
- catocli/parsers/mutation_policy_wanNetwork/README.md +7 -0
- catocli/parsers/mutation_policy_wanNetwork_addRule/README.md +18 -0
- catocli/parsers/mutation_policy_wanNetwork_addSection/README.md +18 -0
- catocli/parsers/mutation_policy_wanNetwork_createPolicyRevision/README.md +18 -0
- catocli/parsers/mutation_policy_wanNetwork_discardPolicyRevision/README.md +18 -0
- catocli/parsers/mutation_policy_wanNetwork_moveRule/README.md +18 -0
- catocli/parsers/mutation_policy_wanNetwork_moveSection/README.md +18 -0
- catocli/parsers/mutation_policy_wanNetwork_publishPolicyRevision/README.md +18 -0
- catocli/parsers/mutation_policy_wanNetwork_removeRule/README.md +18 -0
- catocli/parsers/mutation_policy_wanNetwork_removeSection/README.md +18 -0
- catocli/parsers/mutation_policy_wanNetwork_updatePolicy/README.md +18 -0
- catocli/parsers/mutation_policy_wanNetwork_updateRule/README.md +18 -0
- catocli/parsers/mutation_policy_wanNetwork_updateSection/README.md +18 -0
- catocli/parsers/mutation_sandbox/README.md +7 -0
- catocli/parsers/mutation_sandbox/__init__.py +37 -0
- catocli/parsers/mutation_sandbox_deleteReport/README.md +17 -0
- catocli/parsers/mutation_sandbox_uploadFile/README.md +17 -0
- catocli/parsers/mutation_site/__init__.py +28 -0
- catocli/parsers/mutation_site_addIpsecIkeV2Site/README.md +1 -1
- catocli/parsers/mutation_site_addIpsecIkeV2SiteTunnels/README.md +1 -1
- catocli/parsers/mutation_site_addSecondaryAwsVSocket/README.md +17 -0
- catocli/parsers/mutation_site_addSecondaryAzureVSocket/README.md +17 -0
- catocli/parsers/mutation_site_addSocketSite/README.md +1 -1
- catocli/parsers/mutation_site_updateIpsecIkeV2SiteTunnels/README.md +1 -1
- catocli/parsers/mutation_site_updateSocketInterface/README.md +1 -1
- catocli/parsers/mutation_sites/__init__.py +28 -0
- catocli/parsers/mutation_sites_addIpsecIkeV2Site/README.md +1 -1
- catocli/parsers/mutation_sites_addIpsecIkeV2SiteTunnels/README.md +1 -1
- catocli/parsers/mutation_sites_addSecondaryAwsVSocket/README.md +17 -0
- catocli/parsers/mutation_sites_addSecondaryAzureVSocket/README.md +17 -0
- catocli/parsers/mutation_sites_addSocketSite/README.md +1 -1
- catocli/parsers/mutation_sites_updateIpsecIkeV2SiteTunnels/README.md +1 -1
- catocli/parsers/mutation_sites_updateSocketInterface/README.md +1 -1
- catocli/parsers/mutation_xdr/README.md +7 -0
- catocli/parsers/mutation_xdr/__init__.py +51 -0
- catocli/parsers/mutation_xdr_addStoryComment/README.md +17 -0
- catocli/parsers/mutation_xdr_analystFeedback/README.md +18 -0
- catocli/parsers/mutation_xdr_deleteStoryComment/README.md +17 -0
- catocli/parsers/query_accountMetrics/README.md +2 -1
- catocli/parsers/query_appStatsTimeSeries/README.md +2 -1
- catocli/parsers/query_eventsFeed/README.md +1 -1
- catocli/parsers/query_eventsTimeSeries/README.md +2 -1
- catocli/parsers/query_policy/README.md +4 -1
- catocli/parsers/query_sandbox/README.md +17 -0
- catocli/parsers/query_sandbox/__init__.py +17 -0
- catocli/parsers/query_siteLocation/README.md +1 -1
- catocli/parsers/query_xdr_story/README.md +1 -1
- {catocli-1.0.19.dist-info → catocli-1.0.21.dist-info}/METADATA +1 -1
- {catocli-1.0.19.dist-info → catocli-1.0.21.dist-info}/RECORD +166 -66
- models/mutation.admin.addAdmin.json +0 -60
- models/mutation.admin.updateAdmin.json +0 -57
- models/mutation.policy.dynamicIpAllocation.addRule.json +3696 -0
- models/mutation.policy.dynamicIpAllocation.addSection.json +1358 -0
- models/mutation.policy.dynamicIpAllocation.createPolicyRevision.json +2175 -0
- models/mutation.policy.dynamicIpAllocation.discardPolicyRevision.json +2109 -0
- models/mutation.policy.dynamicIpAllocation.moveRule.json +1907 -0
- models/mutation.policy.dynamicIpAllocation.moveSection.json +1259 -0
- models/mutation.policy.dynamicIpAllocation.publishPolicyRevision.json +2166 -0
- models/mutation.policy.dynamicIpAllocation.removeRule.json +1555 -0
- models/mutation.policy.dynamicIpAllocation.removeSection.json +958 -0
- models/mutation.policy.dynamicIpAllocation.updatePolicy.json +2185 -0
- models/mutation.policy.dynamicIpAllocation.updateRule.json +3374 -0
- models/mutation.policy.dynamicIpAllocation.updateSection.json +1111 -0
- models/mutation.policy.internetFirewall.addRule.json +18 -18
- models/mutation.policy.internetFirewall.createPolicyRevision.json +4 -4
- models/mutation.policy.internetFirewall.discardPolicyRevision.json +4 -4
- models/mutation.policy.internetFirewall.moveRule.json +4 -4
- models/mutation.policy.internetFirewall.publishPolicyRevision.json +4 -4
- models/mutation.policy.internetFirewall.removeRule.json +4 -4
- models/mutation.policy.internetFirewall.updatePolicy.json +4 -4
- models/mutation.policy.internetFirewall.updateRule.json +18 -18
- models/mutation.policy.socketLan.addRule.json +11266 -0
- models/mutation.policy.socketLan.addSection.json +1358 -0
- models/mutation.policy.socketLan.createPolicyRevision.json +3926 -0
- models/mutation.policy.socketLan.discardPolicyRevision.json +3860 -0
- models/mutation.policy.socketLan.moveRule.json +3658 -0
- models/mutation.policy.socketLan.moveSection.json +1259 -0
- models/mutation.policy.socketLan.publishPolicyRevision.json +3917 -0
- models/mutation.policy.socketLan.removeRule.json +3306 -0
- models/mutation.policy.socketLan.removeSection.json +958 -0
- models/mutation.policy.socketLan.updatePolicy.json +3936 -0
- models/mutation.policy.socketLan.updateRule.json +10860 -0
- models/mutation.policy.socketLan.updateSection.json +1111 -0
- models/mutation.policy.wanNetwork.addRule.json +30614 -0
- models/mutation.policy.wanNetwork.addSection.json +1358 -0
- models/mutation.policy.wanNetwork.createPolicyRevision.json +8251 -0
- models/mutation.policy.wanNetwork.discardPolicyRevision.json +8185 -0
- models/mutation.policy.wanNetwork.moveRule.json +7983 -0
- models/mutation.policy.wanNetwork.moveSection.json +1259 -0
- models/mutation.policy.wanNetwork.publishPolicyRevision.json +8242 -0
- models/mutation.policy.wanNetwork.removeRule.json +7631 -0
- models/mutation.policy.wanNetwork.removeSection.json +958 -0
- models/mutation.policy.wanNetwork.updatePolicy.json +8261 -0
- models/mutation.policy.wanNetwork.updateRule.json +30145 -0
- models/mutation.policy.wanNetwork.updateSection.json +1111 -0
- models/mutation.sandbox.deleteReport.json +302 -0
- models/mutation.sandbox.uploadFile.json +301 -0
- models/mutation.site.addIpsecIkeV2Site.json +57 -0
- models/mutation.site.addIpsecIkeV2SiteTunnels.json +222 -0
- models/mutation.site.addSecondaryAwsVSocket.json +707 -0
- models/mutation.site.addSecondaryAzureVSocket.json +647 -0
- models/mutation.site.addSocketSite.json +72 -15
- models/mutation.site.updateIpsecIkeV2SiteTunnels.json +222 -0
- models/mutation.site.updateNetworkRange.json +3 -3
- models/mutation.site.updateSocketInterface.json +126 -18
- models/mutation.sites.addIpsecIkeV2Site.json +57 -0
- models/mutation.sites.addIpsecIkeV2SiteTunnels.json +222 -0
- models/mutation.sites.addSecondaryAwsVSocket.json +707 -0
- models/mutation.sites.addSecondaryAzureVSocket.json +647 -0
- models/mutation.sites.addSocketSite.json +72 -15
- models/mutation.sites.updateIpsecIkeV2SiteTunnels.json +222 -0
- models/mutation.sites.updateNetworkRange.json +3 -3
- models/mutation.sites.updateSocketInterface.json +126 -18
- models/mutation.xdr.addStoryComment.json +622 -0
- models/mutation.xdr.analystFeedback.json +28820 -0
- models/mutation.xdr.deleteStoryComment.json +622 -0
- models/query.accountMetrics.json +592 -0
- models/query.accountSnapshot.json +308 -0
- models/query.appStatsTimeSeries.json +37 -0
- models/query.auditFeed.json +352 -52
- models/query.events.json +1434 -234
- models/query.eventsFeed.json +352 -52
- models/query.eventsTimeSeries.json +1113 -176
- models/query.policy.json +22867 -9389
- models/query.sandbox.json +2111 -0
- models/query.xdr.stories.json +134 -4
- models/query.xdr.story.json +116 -4
- schema/catolib.py +4 -5
- {catocli-1.0.19.dist-info → catocli-1.0.21.dist-info}/LICENSE +0 -0
- {catocli-1.0.19.dist-info → catocli-1.0.21.dist-info}/WHEEL +0 -0
- {catocli-1.0.19.dist-info → catocli-1.0.21.dist-info}/entry_points.txt +0 -0
- {catocli-1.0.19.dist-info → catocli-1.0.21.dist-info}/top_level.txt +0 -0
models/query.eventsFeed.json
CHANGED
|
@@ -382,7 +382,7 @@
|
|
|
382
382
|
"description": null,
|
|
383
383
|
"enumValues": [
|
|
384
384
|
{
|
|
385
|
-
"deprecationReason": "use src_site_id/src_site_name instead",
|
|
385
|
+
"deprecationReason": "use src_site_id/src_site_name instead. Planned end-of-life (EoL) date: May 1, 2025.",
|
|
386
386
|
"description": "Name of site or user initiating the connection",
|
|
387
387
|
"isDeprecated": true,
|
|
388
388
|
"name": "src_site"
|
|
@@ -406,7 +406,7 @@
|
|
|
406
406
|
"name": "user_id"
|
|
407
407
|
},
|
|
408
408
|
{
|
|
409
|
-
"deprecationReason": "use dest_site_id/dest_site_name instead",
|
|
409
|
+
"deprecationReason": "use dest_site_id/dest_site_name instead. Planned end-of-life (EoL) date: May 1, 2025.",
|
|
410
410
|
"description": "For WAN traffic, name of destination site or SDP user",
|
|
411
411
|
"isDeprecated": true,
|
|
412
412
|
"name": "dest_site"
|
|
@@ -418,13 +418,13 @@
|
|
|
418
418
|
"name": "dest_site_id"
|
|
419
419
|
},
|
|
420
420
|
{
|
|
421
|
-
"deprecationReason":
|
|
421
|
+
"deprecationReason": "please use src_site_id and dest_site_id instead. Planned end-of-life (EoL) date: June 30, 2025.",
|
|
422
422
|
"description": "Source or destination site or remote user ID.\nThis field can only be used in filter.",
|
|
423
|
-
"isDeprecated":
|
|
423
|
+
"isDeprecated": true,
|
|
424
424
|
"name": "src_or_dest_site_id"
|
|
425
425
|
},
|
|
426
426
|
{
|
|
427
|
-
"deprecationReason": "use rule_name instead",
|
|
427
|
+
"deprecationReason": "use rule_name instead. Planned end-of-life (EoL) date: May 1, 2025.",
|
|
428
428
|
"description": "Name of security rule related to the event",
|
|
429
429
|
"isDeprecated": true,
|
|
430
430
|
"name": "rule"
|
|
@@ -442,7 +442,7 @@
|
|
|
442
442
|
"name": "socket_interface"
|
|
443
443
|
},
|
|
444
444
|
{
|
|
445
|
-
"deprecationReason": "use custom_category_id/custom_category_name instead",
|
|
445
|
+
"deprecationReason": "use custom_category_id/custom_category_name instead. Planned end-of-life (EoL) date: May 1, 2025.",
|
|
446
446
|
"description": "Name for the custom category defined in the Cato Management Application",
|
|
447
447
|
"isDeprecated": true,
|
|
448
448
|
"name": "custom_category"
|
|
@@ -455,7 +455,7 @@
|
|
|
455
455
|
},
|
|
456
456
|
{
|
|
457
457
|
"deprecationReason": null,
|
|
458
|
-
"description": "
|
|
458
|
+
"description": "Destination port",
|
|
459
459
|
"isDeprecated": false,
|
|
460
460
|
"name": "dest_port"
|
|
461
461
|
},
|
|
@@ -515,7 +515,7 @@
|
|
|
515
515
|
},
|
|
516
516
|
{
|
|
517
517
|
"deprecationReason": null,
|
|
518
|
-
"description": "
|
|
518
|
+
"description": "Destination IP address",
|
|
519
519
|
"isDeprecated": false,
|
|
520
520
|
"name": "dest_ip"
|
|
521
521
|
},
|
|
@@ -592,7 +592,7 @@
|
|
|
592
592
|
"name": "configured_host_name"
|
|
593
593
|
},
|
|
594
594
|
{
|
|
595
|
-
"deprecationReason": "use event_id instead",
|
|
595
|
+
"deprecationReason": "use event_id instead. Planned end-of-life (EoL) date: May 1, 2025.",
|
|
596
596
|
"description": "Cato Internal-use only",
|
|
597
597
|
"isDeprecated": true,
|
|
598
598
|
"name": "internalId"
|
|
@@ -664,9 +664,9 @@
|
|
|
664
664
|
"name": "bgp_error_code"
|
|
665
665
|
},
|
|
666
666
|
{
|
|
667
|
-
"deprecationReason":
|
|
667
|
+
"deprecationReason": "Planned end-of-life (EoL) date: April 15, 2025.",
|
|
668
668
|
"description": "Description from Cato Management Application for BGP peer",
|
|
669
|
-
"isDeprecated":
|
|
669
|
+
"isDeprecated": true,
|
|
670
670
|
"name": "bgp_peer_description"
|
|
671
671
|
},
|
|
672
672
|
{
|
|
@@ -731,7 +731,7 @@
|
|
|
731
731
|
},
|
|
732
732
|
{
|
|
733
733
|
"deprecationReason": null,
|
|
734
|
-
"description": "
|
|
734
|
+
"description": "Round Trip Delay in Milliseconds that it takes a packet to travel between the source and the PoP",
|
|
735
735
|
"isDeprecated": false,
|
|
736
736
|
"name": "link_health_latency"
|
|
737
737
|
},
|
|
@@ -886,14 +886,14 @@
|
|
|
886
886
|
"name": "incident_id"
|
|
887
887
|
},
|
|
888
888
|
{
|
|
889
|
-
"deprecationReason": "use application_id/application_name instead",
|
|
889
|
+
"deprecationReason": "use application_id/application_name instead. Planned end-of-life (EoL) date: May 1, 2025.",
|
|
890
890
|
"description": "For Internet firewall, app for this event",
|
|
891
891
|
"isDeprecated": true,
|
|
892
892
|
"name": "application"
|
|
893
893
|
},
|
|
894
894
|
{
|
|
895
895
|
"deprecationReason": null,
|
|
896
|
-
"description": "
|
|
896
|
+
"description": "The name of the application associated with the flow",
|
|
897
897
|
"isDeprecated": false,
|
|
898
898
|
"name": "application_name"
|
|
899
899
|
},
|
|
@@ -916,7 +916,7 @@
|
|
|
916
916
|
"name": "socket_interface_id"
|
|
917
917
|
},
|
|
918
918
|
{
|
|
919
|
-
"deprecationReason": "use custom_category_id/custom_category_name instead",
|
|
919
|
+
"deprecationReason": "use custom_category_id/custom_category_name instead. Planned end-of-life (EoL) date: May 1, 2025.",
|
|
920
920
|
"description": "Unique Cato ID for the custom category",
|
|
921
921
|
"isDeprecated": true,
|
|
922
922
|
"name": "custom_categories"
|
|
@@ -995,7 +995,7 @@
|
|
|
995
995
|
},
|
|
996
996
|
{
|
|
997
997
|
"deprecationReason": null,
|
|
998
|
-
"description": "
|
|
998
|
+
"description": "The name of the destination site",
|
|
999
999
|
"isDeprecated": false,
|
|
1000
1000
|
"name": "dest_site_name"
|
|
1001
1001
|
},
|
|
@@ -1054,7 +1054,7 @@
|
|
|
1054
1054
|
"name": "device_posture_profile"
|
|
1055
1055
|
},
|
|
1056
1056
|
{
|
|
1057
|
-
"deprecationReason": "use device_posture_profile instead",
|
|
1057
|
+
"deprecationReason": "use device_posture_profile instead. Planned end-of-life (EoL) date: May 1, 2025.",
|
|
1058
1058
|
"description": "Device posture profiles",
|
|
1059
1059
|
"isDeprecated": true,
|
|
1060
1060
|
"name": "device_posture_profiles"
|
|
@@ -1127,7 +1127,7 @@
|
|
|
1127
1127
|
},
|
|
1128
1128
|
{
|
|
1129
1129
|
"deprecationReason": null,
|
|
1130
|
-
"description": "DLP
|
|
1130
|
+
"description": "Describes the behavior when the DLP system encounters a failure",
|
|
1131
1131
|
"isDeprecated": false,
|
|
1132
1132
|
"name": "dlp_fail_mode"
|
|
1133
1133
|
},
|
|
@@ -1185,6 +1185,24 @@
|
|
|
1185
1185
|
"isDeprecated": false,
|
|
1186
1186
|
"name": "is_sinkhole"
|
|
1187
1187
|
},
|
|
1188
|
+
{
|
|
1189
|
+
"deprecationReason": null,
|
|
1190
|
+
"description": "The ID for the endpoint",
|
|
1191
|
+
"isDeprecated": false,
|
|
1192
|
+
"name": "endpoint_id"
|
|
1193
|
+
},
|
|
1194
|
+
{
|
|
1195
|
+
"deprecationReason": null,
|
|
1196
|
+
"description": "The Endpoint Protection Engine that detected the malware",
|
|
1197
|
+
"isDeprecated": false,
|
|
1198
|
+
"name": "epp_engine_type"
|
|
1199
|
+
},
|
|
1200
|
+
{
|
|
1201
|
+
"deprecationReason": null,
|
|
1202
|
+
"description": "The file operation when this event occurred",
|
|
1203
|
+
"isDeprecated": false,
|
|
1204
|
+
"name": "file_operation"
|
|
1205
|
+
},
|
|
1188
1206
|
{
|
|
1189
1207
|
"deprecationReason": null,
|
|
1190
1208
|
"description": null,
|
|
@@ -1217,7 +1235,7 @@
|
|
|
1217
1235
|
},
|
|
1218
1236
|
{
|
|
1219
1237
|
"deprecationReason": null,
|
|
1220
|
-
"description":
|
|
1238
|
+
"description": "The vendor that identified the incident, such as Cato or Microsoft",
|
|
1221
1239
|
"isDeprecated": false,
|
|
1222
1240
|
"name": "vendor"
|
|
1223
1241
|
},
|
|
@@ -1258,19 +1276,19 @@
|
|
|
1258
1276
|
"name": "recommended_actions"
|
|
1259
1277
|
},
|
|
1260
1278
|
{
|
|
1261
|
-
"deprecationReason": "use src_pid instead",
|
|
1279
|
+
"deprecationReason": "use src_pid instead. Planned end-of-life (EoL) date: March 1, 2025.",
|
|
1262
1280
|
"description": null,
|
|
1263
1281
|
"isDeprecated": true,
|
|
1264
1282
|
"name": "pid"
|
|
1265
1283
|
},
|
|
1266
1284
|
{
|
|
1267
|
-
"deprecationReason": "use src_process_parent_pid instead",
|
|
1285
|
+
"deprecationReason": "use src_process_parent_pid instead. Planned end-of-life (EoL) date: March 1, 2025.",
|
|
1268
1286
|
"description": null,
|
|
1269
1287
|
"isDeprecated": true,
|
|
1270
1288
|
"name": "parent_pid"
|
|
1271
1289
|
},
|
|
1272
1290
|
{
|
|
1273
|
-
"deprecationReason": "use src_process_path instead",
|
|
1291
|
+
"deprecationReason": "use src_process_path instead. Planned end-of-life (EoL) date: March 1, 2025.",
|
|
1274
1292
|
"description": null,
|
|
1275
1293
|
"isDeprecated": true,
|
|
1276
1294
|
"name": "process_path"
|
|
@@ -1287,12 +1305,96 @@
|
|
|
1287
1305
|
"isDeprecated": false,
|
|
1288
1306
|
"name": "out_of_band_access"
|
|
1289
1307
|
},
|
|
1308
|
+
{
|
|
1309
|
+
"deprecationReason": null,
|
|
1310
|
+
"description": "A Unique ID for the quarantined file",
|
|
1311
|
+
"isDeprecated": false,
|
|
1312
|
+
"name": "quarantine_uuid"
|
|
1313
|
+
},
|
|
1290
1314
|
{
|
|
1291
1315
|
"deprecationReason": null,
|
|
1292
1316
|
"description": null,
|
|
1293
1317
|
"isDeprecated": false,
|
|
1294
1318
|
"name": "logged_in_user"
|
|
1295
1319
|
},
|
|
1320
|
+
{
|
|
1321
|
+
"deprecationReason": null,
|
|
1322
|
+
"description": "The profile assigned to the endpoint upon detection of the malware",
|
|
1323
|
+
"isDeprecated": false,
|
|
1324
|
+
"name": "epp_profile"
|
|
1325
|
+
},
|
|
1326
|
+
{
|
|
1327
|
+
"deprecationReason": null,
|
|
1328
|
+
"description": "Source process ID",
|
|
1329
|
+
"isDeprecated": false,
|
|
1330
|
+
"name": "src_pid"
|
|
1331
|
+
},
|
|
1332
|
+
{
|
|
1333
|
+
"deprecationReason": null,
|
|
1334
|
+
"description": "Source process file path",
|
|
1335
|
+
"isDeprecated": false,
|
|
1336
|
+
"name": "src_process_path"
|
|
1337
|
+
},
|
|
1338
|
+
{
|
|
1339
|
+
"deprecationReason": null,
|
|
1340
|
+
"description": "Source process command line",
|
|
1341
|
+
"isDeprecated": false,
|
|
1342
|
+
"name": "src_process_cmdline"
|
|
1343
|
+
},
|
|
1344
|
+
{
|
|
1345
|
+
"deprecationReason": null,
|
|
1346
|
+
"description": "Source process parent process ID",
|
|
1347
|
+
"isDeprecated": false,
|
|
1348
|
+
"name": "src_process_parent_pid"
|
|
1349
|
+
},
|
|
1350
|
+
{
|
|
1351
|
+
"deprecationReason": null,
|
|
1352
|
+
"description": "Source process parent file path",
|
|
1353
|
+
"isDeprecated": false,
|
|
1354
|
+
"name": "src_process_parent_path"
|
|
1355
|
+
},
|
|
1356
|
+
{
|
|
1357
|
+
"deprecationReason": null,
|
|
1358
|
+
"description": "The destination process ID",
|
|
1359
|
+
"isDeprecated": false,
|
|
1360
|
+
"name": "dest_pid"
|
|
1361
|
+
},
|
|
1362
|
+
{
|
|
1363
|
+
"deprecationReason": null,
|
|
1364
|
+
"description": "Destination process file path",
|
|
1365
|
+
"isDeprecated": false,
|
|
1366
|
+
"name": "dest_process_path"
|
|
1367
|
+
},
|
|
1368
|
+
{
|
|
1369
|
+
"deprecationReason": null,
|
|
1370
|
+
"description": "Destination process command line",
|
|
1371
|
+
"isDeprecated": false,
|
|
1372
|
+
"name": "dest_process_cmdline"
|
|
1373
|
+
},
|
|
1374
|
+
{
|
|
1375
|
+
"deprecationReason": null,
|
|
1376
|
+
"description": "Destination process parent process ID",
|
|
1377
|
+
"isDeprecated": false,
|
|
1378
|
+
"name": "dest_process_parent_pid"
|
|
1379
|
+
},
|
|
1380
|
+
{
|
|
1381
|
+
"deprecationReason": null,
|
|
1382
|
+
"description": "Destination process parent file path",
|
|
1383
|
+
"isDeprecated": false,
|
|
1384
|
+
"name": "dest_process_parent_path"
|
|
1385
|
+
},
|
|
1386
|
+
{
|
|
1387
|
+
"deprecationReason": null,
|
|
1388
|
+
"description": "If policy is set to disinfect, return the result of this action",
|
|
1389
|
+
"isDeprecated": false,
|
|
1390
|
+
"name": "disinfect_result"
|
|
1391
|
+
},
|
|
1392
|
+
{
|
|
1393
|
+
"deprecationReason": null,
|
|
1394
|
+
"description": "Indicate how many processes are part of this event",
|
|
1395
|
+
"isDeprecated": false,
|
|
1396
|
+
"name": "processes_count"
|
|
1397
|
+
},
|
|
1296
1398
|
{
|
|
1297
1399
|
"deprecationReason": null,
|
|
1298
1400
|
"description": "HTTP request method (ie. Get, Post)",
|
|
@@ -1367,7 +1469,7 @@
|
|
|
1367
1469
|
},
|
|
1368
1470
|
{
|
|
1369
1471
|
"deprecationReason": null,
|
|
1370
|
-
"description": "Cato
|
|
1472
|
+
"description": "Cato application name",
|
|
1371
1473
|
"isDeprecated": false,
|
|
1372
1474
|
"name": "cato_app"
|
|
1373
1475
|
},
|
|
@@ -1421,7 +1523,7 @@
|
|
|
1421
1523
|
},
|
|
1422
1524
|
{
|
|
1423
1525
|
"deprecationReason": null,
|
|
1424
|
-
"description": "
|
|
1526
|
+
"description": "Unique identifier for the tenant within a multi-tenant environment",
|
|
1425
1527
|
"isDeprecated": false,
|
|
1426
1528
|
"name": "tenant_id"
|
|
1427
1529
|
},
|
|
@@ -1481,7 +1583,7 @@
|
|
|
1481
1583
|
},
|
|
1482
1584
|
{
|
|
1483
1585
|
"deprecationReason": null,
|
|
1484
|
-
"description": "
|
|
1586
|
+
"description": "Defines the scanning methods used by the DLP system",
|
|
1485
1587
|
"isDeprecated": false,
|
|
1486
1588
|
"name": "dlp_scan_types"
|
|
1487
1589
|
},
|
|
@@ -1559,7 +1661,7 @@
|
|
|
1559
1661
|
},
|
|
1560
1662
|
{
|
|
1561
1663
|
"deprecationReason": null,
|
|
1562
|
-
"description": "
|
|
1664
|
+
"description": "Public source IP",
|
|
1563
1665
|
"isDeprecated": false,
|
|
1564
1666
|
"name": "public_ip"
|
|
1565
1667
|
},
|
|
@@ -1730,6 +1832,54 @@
|
|
|
1730
1832
|
"description": "Device Type",
|
|
1731
1833
|
"isDeprecated": false,
|
|
1732
1834
|
"name": "device_type"
|
|
1835
|
+
},
|
|
1836
|
+
{
|
|
1837
|
+
"deprecationReason": null,
|
|
1838
|
+
"description": "Tenant Restriction Rule Name",
|
|
1839
|
+
"isDeprecated": false,
|
|
1840
|
+
"name": "tenant_restriction_rule_name"
|
|
1841
|
+
},
|
|
1842
|
+
{
|
|
1843
|
+
"deprecationReason": null,
|
|
1844
|
+
"description": "Connection Origin",
|
|
1845
|
+
"isDeprecated": false,
|
|
1846
|
+
"name": "connection_origin"
|
|
1847
|
+
},
|
|
1848
|
+
{
|
|
1849
|
+
"deprecationReason": null,
|
|
1850
|
+
"description": "Translated Server IP",
|
|
1851
|
+
"isDeprecated": false,
|
|
1852
|
+
"name": "translated_server_ip"
|
|
1853
|
+
},
|
|
1854
|
+
{
|
|
1855
|
+
"deprecationReason": null,
|
|
1856
|
+
"description": "Translated Client IP",
|
|
1857
|
+
"isDeprecated": false,
|
|
1858
|
+
"name": "translated_client_ip"
|
|
1859
|
+
},
|
|
1860
|
+
{
|
|
1861
|
+
"deprecationReason": null,
|
|
1862
|
+
"description": "IoC Container Name",
|
|
1863
|
+
"isDeprecated": false,
|
|
1864
|
+
"name": "container_name"
|
|
1865
|
+
},
|
|
1866
|
+
{
|
|
1867
|
+
"deprecationReason": null,
|
|
1868
|
+
"description": "An external system identifier used for correlation between related Cato entities. Example: external ticket id that correlates Cato XDR stories.",
|
|
1869
|
+
"isDeprecated": false,
|
|
1870
|
+
"name": "correlation_id"
|
|
1871
|
+
},
|
|
1872
|
+
{
|
|
1873
|
+
"deprecationReason": null,
|
|
1874
|
+
"description": "Precedence",
|
|
1875
|
+
"isDeprecated": false,
|
|
1876
|
+
"name": "precedence"
|
|
1877
|
+
},
|
|
1878
|
+
{
|
|
1879
|
+
"deprecationReason": null,
|
|
1880
|
+
"description": "A list of labels providing additional context for the event",
|
|
1881
|
+
"isDeprecated": false,
|
|
1882
|
+
"name": "labels"
|
|
1733
1883
|
}
|
|
1734
1884
|
],
|
|
1735
1885
|
"fields": null,
|
|
@@ -1848,7 +1998,7 @@
|
|
|
1848
1998
|
"description": null,
|
|
1849
1999
|
"enumValues": [
|
|
1850
2000
|
{
|
|
1851
|
-
"deprecationReason": "use src_site_id/src_site_name instead",
|
|
2001
|
+
"deprecationReason": "use src_site_id/src_site_name instead. Planned end-of-life (EoL) date: May 1, 2025.",
|
|
1852
2002
|
"description": "Name of site or user initiating the connection",
|
|
1853
2003
|
"isDeprecated": true,
|
|
1854
2004
|
"name": "src_site"
|
|
@@ -1872,7 +2022,7 @@
|
|
|
1872
2022
|
"name": "user_id"
|
|
1873
2023
|
},
|
|
1874
2024
|
{
|
|
1875
|
-
"deprecationReason": "use dest_site_id/dest_site_name instead",
|
|
2025
|
+
"deprecationReason": "use dest_site_id/dest_site_name instead. Planned end-of-life (EoL) date: May 1, 2025.",
|
|
1876
2026
|
"description": "For WAN traffic, name of destination site or SDP user",
|
|
1877
2027
|
"isDeprecated": true,
|
|
1878
2028
|
"name": "dest_site"
|
|
@@ -1884,13 +2034,13 @@
|
|
|
1884
2034
|
"name": "dest_site_id"
|
|
1885
2035
|
},
|
|
1886
2036
|
{
|
|
1887
|
-
"deprecationReason":
|
|
2037
|
+
"deprecationReason": "please use src_site_id and dest_site_id instead. Planned end-of-life (EoL) date: June 30, 2025.",
|
|
1888
2038
|
"description": "Source or destination site or remote user ID.\nThis field can only be used in filter.",
|
|
1889
|
-
"isDeprecated":
|
|
2039
|
+
"isDeprecated": true,
|
|
1890
2040
|
"name": "src_or_dest_site_id"
|
|
1891
2041
|
},
|
|
1892
2042
|
{
|
|
1893
|
-
"deprecationReason": "use rule_name instead",
|
|
2043
|
+
"deprecationReason": "use rule_name instead. Planned end-of-life (EoL) date: May 1, 2025.",
|
|
1894
2044
|
"description": "Name of security rule related to the event",
|
|
1895
2045
|
"isDeprecated": true,
|
|
1896
2046
|
"name": "rule"
|
|
@@ -1908,7 +2058,7 @@
|
|
|
1908
2058
|
"name": "socket_interface"
|
|
1909
2059
|
},
|
|
1910
2060
|
{
|
|
1911
|
-
"deprecationReason": "use custom_category_id/custom_category_name instead",
|
|
2061
|
+
"deprecationReason": "use custom_category_id/custom_category_name instead. Planned end-of-life (EoL) date: May 1, 2025.",
|
|
1912
2062
|
"description": "Name for the custom category defined in the Cato Management Application",
|
|
1913
2063
|
"isDeprecated": true,
|
|
1914
2064
|
"name": "custom_category"
|
|
@@ -1921,7 +2071,7 @@
|
|
|
1921
2071
|
},
|
|
1922
2072
|
{
|
|
1923
2073
|
"deprecationReason": null,
|
|
1924
|
-
"description": "
|
|
2074
|
+
"description": "Destination port",
|
|
1925
2075
|
"isDeprecated": false,
|
|
1926
2076
|
"name": "dest_port"
|
|
1927
2077
|
},
|
|
@@ -1981,7 +2131,7 @@
|
|
|
1981
2131
|
},
|
|
1982
2132
|
{
|
|
1983
2133
|
"deprecationReason": null,
|
|
1984
|
-
"description": "
|
|
2134
|
+
"description": "Destination IP address",
|
|
1985
2135
|
"isDeprecated": false,
|
|
1986
2136
|
"name": "dest_ip"
|
|
1987
2137
|
},
|
|
@@ -2058,7 +2208,7 @@
|
|
|
2058
2208
|
"name": "configured_host_name"
|
|
2059
2209
|
},
|
|
2060
2210
|
{
|
|
2061
|
-
"deprecationReason": "use event_id instead",
|
|
2211
|
+
"deprecationReason": "use event_id instead. Planned end-of-life (EoL) date: May 1, 2025.",
|
|
2062
2212
|
"description": "Cato Internal-use only",
|
|
2063
2213
|
"isDeprecated": true,
|
|
2064
2214
|
"name": "internalId"
|
|
@@ -2130,9 +2280,9 @@
|
|
|
2130
2280
|
"name": "bgp_error_code"
|
|
2131
2281
|
},
|
|
2132
2282
|
{
|
|
2133
|
-
"deprecationReason":
|
|
2283
|
+
"deprecationReason": "Planned end-of-life (EoL) date: April 15, 2025.",
|
|
2134
2284
|
"description": "Description from Cato Management Application for BGP peer",
|
|
2135
|
-
"isDeprecated":
|
|
2285
|
+
"isDeprecated": true,
|
|
2136
2286
|
"name": "bgp_peer_description"
|
|
2137
2287
|
},
|
|
2138
2288
|
{
|
|
@@ -2197,7 +2347,7 @@
|
|
|
2197
2347
|
},
|
|
2198
2348
|
{
|
|
2199
2349
|
"deprecationReason": null,
|
|
2200
|
-
"description": "
|
|
2350
|
+
"description": "Round Trip Delay in Milliseconds that it takes a packet to travel between the source and the PoP",
|
|
2201
2351
|
"isDeprecated": false,
|
|
2202
2352
|
"name": "link_health_latency"
|
|
2203
2353
|
},
|
|
@@ -2352,14 +2502,14 @@
|
|
|
2352
2502
|
"name": "incident_id"
|
|
2353
2503
|
},
|
|
2354
2504
|
{
|
|
2355
|
-
"deprecationReason": "use application_id/application_name instead",
|
|
2505
|
+
"deprecationReason": "use application_id/application_name instead. Planned end-of-life (EoL) date: May 1, 2025.",
|
|
2356
2506
|
"description": "For Internet firewall, app for this event",
|
|
2357
2507
|
"isDeprecated": true,
|
|
2358
2508
|
"name": "application"
|
|
2359
2509
|
},
|
|
2360
2510
|
{
|
|
2361
2511
|
"deprecationReason": null,
|
|
2362
|
-
"description": "
|
|
2512
|
+
"description": "The name of the application associated with the flow",
|
|
2363
2513
|
"isDeprecated": false,
|
|
2364
2514
|
"name": "application_name"
|
|
2365
2515
|
},
|
|
@@ -2382,7 +2532,7 @@
|
|
|
2382
2532
|
"name": "socket_interface_id"
|
|
2383
2533
|
},
|
|
2384
2534
|
{
|
|
2385
|
-
"deprecationReason": "use custom_category_id/custom_category_name instead",
|
|
2535
|
+
"deprecationReason": "use custom_category_id/custom_category_name instead. Planned end-of-life (EoL) date: May 1, 2025.",
|
|
2386
2536
|
"description": "Unique Cato ID for the custom category",
|
|
2387
2537
|
"isDeprecated": true,
|
|
2388
2538
|
"name": "custom_categories"
|
|
@@ -2461,7 +2611,7 @@
|
|
|
2461
2611
|
},
|
|
2462
2612
|
{
|
|
2463
2613
|
"deprecationReason": null,
|
|
2464
|
-
"description": "
|
|
2614
|
+
"description": "The name of the destination site",
|
|
2465
2615
|
"isDeprecated": false,
|
|
2466
2616
|
"name": "dest_site_name"
|
|
2467
2617
|
},
|
|
@@ -2520,7 +2670,7 @@
|
|
|
2520
2670
|
"name": "device_posture_profile"
|
|
2521
2671
|
},
|
|
2522
2672
|
{
|
|
2523
|
-
"deprecationReason": "use device_posture_profile instead",
|
|
2673
|
+
"deprecationReason": "use device_posture_profile instead. Planned end-of-life (EoL) date: May 1, 2025.",
|
|
2524
2674
|
"description": "Device posture profiles",
|
|
2525
2675
|
"isDeprecated": true,
|
|
2526
2676
|
"name": "device_posture_profiles"
|
|
@@ -2593,7 +2743,7 @@
|
|
|
2593
2743
|
},
|
|
2594
2744
|
{
|
|
2595
2745
|
"deprecationReason": null,
|
|
2596
|
-
"description": "DLP
|
|
2746
|
+
"description": "Describes the behavior when the DLP system encounters a failure",
|
|
2597
2747
|
"isDeprecated": false,
|
|
2598
2748
|
"name": "dlp_fail_mode"
|
|
2599
2749
|
},
|
|
@@ -2651,6 +2801,24 @@
|
|
|
2651
2801
|
"isDeprecated": false,
|
|
2652
2802
|
"name": "is_sinkhole"
|
|
2653
2803
|
},
|
|
2804
|
+
{
|
|
2805
|
+
"deprecationReason": null,
|
|
2806
|
+
"description": "The ID for the endpoint",
|
|
2807
|
+
"isDeprecated": false,
|
|
2808
|
+
"name": "endpoint_id"
|
|
2809
|
+
},
|
|
2810
|
+
{
|
|
2811
|
+
"deprecationReason": null,
|
|
2812
|
+
"description": "The Endpoint Protection Engine that detected the malware",
|
|
2813
|
+
"isDeprecated": false,
|
|
2814
|
+
"name": "epp_engine_type"
|
|
2815
|
+
},
|
|
2816
|
+
{
|
|
2817
|
+
"deprecationReason": null,
|
|
2818
|
+
"description": "The file operation when this event occurred",
|
|
2819
|
+
"isDeprecated": false,
|
|
2820
|
+
"name": "file_operation"
|
|
2821
|
+
},
|
|
2654
2822
|
{
|
|
2655
2823
|
"deprecationReason": null,
|
|
2656
2824
|
"description": null,
|
|
@@ -2683,7 +2851,7 @@
|
|
|
2683
2851
|
},
|
|
2684
2852
|
{
|
|
2685
2853
|
"deprecationReason": null,
|
|
2686
|
-
"description":
|
|
2854
|
+
"description": "The vendor that identified the incident, such as Cato or Microsoft",
|
|
2687
2855
|
"isDeprecated": false,
|
|
2688
2856
|
"name": "vendor"
|
|
2689
2857
|
},
|
|
@@ -2724,19 +2892,19 @@
|
|
|
2724
2892
|
"name": "recommended_actions"
|
|
2725
2893
|
},
|
|
2726
2894
|
{
|
|
2727
|
-
"deprecationReason": "use src_pid instead",
|
|
2895
|
+
"deprecationReason": "use src_pid instead. Planned end-of-life (EoL) date: March 1, 2025.",
|
|
2728
2896
|
"description": null,
|
|
2729
2897
|
"isDeprecated": true,
|
|
2730
2898
|
"name": "pid"
|
|
2731
2899
|
},
|
|
2732
2900
|
{
|
|
2733
|
-
"deprecationReason": "use src_process_parent_pid instead",
|
|
2901
|
+
"deprecationReason": "use src_process_parent_pid instead. Planned end-of-life (EoL) date: March 1, 2025.",
|
|
2734
2902
|
"description": null,
|
|
2735
2903
|
"isDeprecated": true,
|
|
2736
2904
|
"name": "parent_pid"
|
|
2737
2905
|
},
|
|
2738
2906
|
{
|
|
2739
|
-
"deprecationReason": "use src_process_path instead",
|
|
2907
|
+
"deprecationReason": "use src_process_path instead. Planned end-of-life (EoL) date: March 1, 2025.",
|
|
2740
2908
|
"description": null,
|
|
2741
2909
|
"isDeprecated": true,
|
|
2742
2910
|
"name": "process_path"
|
|
@@ -2753,12 +2921,96 @@
|
|
|
2753
2921
|
"isDeprecated": false,
|
|
2754
2922
|
"name": "out_of_band_access"
|
|
2755
2923
|
},
|
|
2924
|
+
{
|
|
2925
|
+
"deprecationReason": null,
|
|
2926
|
+
"description": "A Unique ID for the quarantined file",
|
|
2927
|
+
"isDeprecated": false,
|
|
2928
|
+
"name": "quarantine_uuid"
|
|
2929
|
+
},
|
|
2756
2930
|
{
|
|
2757
2931
|
"deprecationReason": null,
|
|
2758
2932
|
"description": null,
|
|
2759
2933
|
"isDeprecated": false,
|
|
2760
2934
|
"name": "logged_in_user"
|
|
2761
2935
|
},
|
|
2936
|
+
{
|
|
2937
|
+
"deprecationReason": null,
|
|
2938
|
+
"description": "The profile assigned to the endpoint upon detection of the malware",
|
|
2939
|
+
"isDeprecated": false,
|
|
2940
|
+
"name": "epp_profile"
|
|
2941
|
+
},
|
|
2942
|
+
{
|
|
2943
|
+
"deprecationReason": null,
|
|
2944
|
+
"description": "Source process ID",
|
|
2945
|
+
"isDeprecated": false,
|
|
2946
|
+
"name": "src_pid"
|
|
2947
|
+
},
|
|
2948
|
+
{
|
|
2949
|
+
"deprecationReason": null,
|
|
2950
|
+
"description": "Source process file path",
|
|
2951
|
+
"isDeprecated": false,
|
|
2952
|
+
"name": "src_process_path"
|
|
2953
|
+
},
|
|
2954
|
+
{
|
|
2955
|
+
"deprecationReason": null,
|
|
2956
|
+
"description": "Source process command line",
|
|
2957
|
+
"isDeprecated": false,
|
|
2958
|
+
"name": "src_process_cmdline"
|
|
2959
|
+
},
|
|
2960
|
+
{
|
|
2961
|
+
"deprecationReason": null,
|
|
2962
|
+
"description": "Source process parent process ID",
|
|
2963
|
+
"isDeprecated": false,
|
|
2964
|
+
"name": "src_process_parent_pid"
|
|
2965
|
+
},
|
|
2966
|
+
{
|
|
2967
|
+
"deprecationReason": null,
|
|
2968
|
+
"description": "Source process parent file path",
|
|
2969
|
+
"isDeprecated": false,
|
|
2970
|
+
"name": "src_process_parent_path"
|
|
2971
|
+
},
|
|
2972
|
+
{
|
|
2973
|
+
"deprecationReason": null,
|
|
2974
|
+
"description": "The destination process ID",
|
|
2975
|
+
"isDeprecated": false,
|
|
2976
|
+
"name": "dest_pid"
|
|
2977
|
+
},
|
|
2978
|
+
{
|
|
2979
|
+
"deprecationReason": null,
|
|
2980
|
+
"description": "Destination process file path",
|
|
2981
|
+
"isDeprecated": false,
|
|
2982
|
+
"name": "dest_process_path"
|
|
2983
|
+
},
|
|
2984
|
+
{
|
|
2985
|
+
"deprecationReason": null,
|
|
2986
|
+
"description": "Destination process command line",
|
|
2987
|
+
"isDeprecated": false,
|
|
2988
|
+
"name": "dest_process_cmdline"
|
|
2989
|
+
},
|
|
2990
|
+
{
|
|
2991
|
+
"deprecationReason": null,
|
|
2992
|
+
"description": "Destination process parent process ID",
|
|
2993
|
+
"isDeprecated": false,
|
|
2994
|
+
"name": "dest_process_parent_pid"
|
|
2995
|
+
},
|
|
2996
|
+
{
|
|
2997
|
+
"deprecationReason": null,
|
|
2998
|
+
"description": "Destination process parent file path",
|
|
2999
|
+
"isDeprecated": false,
|
|
3000
|
+
"name": "dest_process_parent_path"
|
|
3001
|
+
},
|
|
3002
|
+
{
|
|
3003
|
+
"deprecationReason": null,
|
|
3004
|
+
"description": "If policy is set to disinfect, return the result of this action",
|
|
3005
|
+
"isDeprecated": false,
|
|
3006
|
+
"name": "disinfect_result"
|
|
3007
|
+
},
|
|
3008
|
+
{
|
|
3009
|
+
"deprecationReason": null,
|
|
3010
|
+
"description": "Indicate how many processes are part of this event",
|
|
3011
|
+
"isDeprecated": false,
|
|
3012
|
+
"name": "processes_count"
|
|
3013
|
+
},
|
|
2762
3014
|
{
|
|
2763
3015
|
"deprecationReason": null,
|
|
2764
3016
|
"description": "HTTP request method (ie. Get, Post)",
|
|
@@ -2833,7 +3085,7 @@
|
|
|
2833
3085
|
},
|
|
2834
3086
|
{
|
|
2835
3087
|
"deprecationReason": null,
|
|
2836
|
-
"description": "Cato
|
|
3088
|
+
"description": "Cato application name",
|
|
2837
3089
|
"isDeprecated": false,
|
|
2838
3090
|
"name": "cato_app"
|
|
2839
3091
|
},
|
|
@@ -2887,7 +3139,7 @@
|
|
|
2887
3139
|
},
|
|
2888
3140
|
{
|
|
2889
3141
|
"deprecationReason": null,
|
|
2890
|
-
"description": "
|
|
3142
|
+
"description": "Unique identifier for the tenant within a multi-tenant environment",
|
|
2891
3143
|
"isDeprecated": false,
|
|
2892
3144
|
"name": "tenant_id"
|
|
2893
3145
|
},
|
|
@@ -2947,7 +3199,7 @@
|
|
|
2947
3199
|
},
|
|
2948
3200
|
{
|
|
2949
3201
|
"deprecationReason": null,
|
|
2950
|
-
"description": "
|
|
3202
|
+
"description": "Defines the scanning methods used by the DLP system",
|
|
2951
3203
|
"isDeprecated": false,
|
|
2952
3204
|
"name": "dlp_scan_types"
|
|
2953
3205
|
},
|
|
@@ -3025,7 +3277,7 @@
|
|
|
3025
3277
|
},
|
|
3026
3278
|
{
|
|
3027
3279
|
"deprecationReason": null,
|
|
3028
|
-
"description": "
|
|
3280
|
+
"description": "Public source IP",
|
|
3029
3281
|
"isDeprecated": false,
|
|
3030
3282
|
"name": "public_ip"
|
|
3031
3283
|
},
|
|
@@ -3196,6 +3448,54 @@
|
|
|
3196
3448
|
"description": "Device Type",
|
|
3197
3449
|
"isDeprecated": false,
|
|
3198
3450
|
"name": "device_type"
|
|
3451
|
+
},
|
|
3452
|
+
{
|
|
3453
|
+
"deprecationReason": null,
|
|
3454
|
+
"description": "Tenant Restriction Rule Name",
|
|
3455
|
+
"isDeprecated": false,
|
|
3456
|
+
"name": "tenant_restriction_rule_name"
|
|
3457
|
+
},
|
|
3458
|
+
{
|
|
3459
|
+
"deprecationReason": null,
|
|
3460
|
+
"description": "Connection Origin",
|
|
3461
|
+
"isDeprecated": false,
|
|
3462
|
+
"name": "connection_origin"
|
|
3463
|
+
},
|
|
3464
|
+
{
|
|
3465
|
+
"deprecationReason": null,
|
|
3466
|
+
"description": "Translated Server IP",
|
|
3467
|
+
"isDeprecated": false,
|
|
3468
|
+
"name": "translated_server_ip"
|
|
3469
|
+
},
|
|
3470
|
+
{
|
|
3471
|
+
"deprecationReason": null,
|
|
3472
|
+
"description": "Translated Client IP",
|
|
3473
|
+
"isDeprecated": false,
|
|
3474
|
+
"name": "translated_client_ip"
|
|
3475
|
+
},
|
|
3476
|
+
{
|
|
3477
|
+
"deprecationReason": null,
|
|
3478
|
+
"description": "IoC Container Name",
|
|
3479
|
+
"isDeprecated": false,
|
|
3480
|
+
"name": "container_name"
|
|
3481
|
+
},
|
|
3482
|
+
{
|
|
3483
|
+
"deprecationReason": null,
|
|
3484
|
+
"description": "An external system identifier used for correlation between related Cato entities. Example: external ticket id that correlates Cato XDR stories.",
|
|
3485
|
+
"isDeprecated": false,
|
|
3486
|
+
"name": "correlation_id"
|
|
3487
|
+
},
|
|
3488
|
+
{
|
|
3489
|
+
"deprecationReason": null,
|
|
3490
|
+
"description": "Precedence",
|
|
3491
|
+
"isDeprecated": false,
|
|
3492
|
+
"name": "precedence"
|
|
3493
|
+
},
|
|
3494
|
+
{
|
|
3495
|
+
"deprecationReason": null,
|
|
3496
|
+
"description": "A list of labels providing additional context for the event",
|
|
3497
|
+
"isDeprecated": false,
|
|
3498
|
+
"name": "labels"
|
|
3199
3499
|
}
|
|
3200
3500
|
],
|
|
3201
3501
|
"fields": null,
|