catocli 3.0.18__py3-none-any.whl → 3.0.22__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of catocli might be problematic. Click here for more details.
- catocli/Utils/clidriver.py +16 -8
- catocli/Utils/formatter_account_metrics.py +544 -0
- catocli/Utils/formatter_app_stats.py +184 -0
- catocli/Utils/formatter_app_stats_timeseries.py +377 -0
- catocli/Utils/formatter_events_timeseries.py +459 -0
- catocli/Utils/formatter_socket_port_metrics.py +189 -0
- catocli/Utils/formatter_socket_port_metrics_timeseries.py +339 -0
- catocli/Utils/formatter_utils.py +251 -0
- catocli/__init__.py +1 -1
- catocli/clisettings.json +37 -5
- catocli/parsers/customParserApiClient.py +206 -65
- catocli/parsers/mutation_policy/__init__.py +405 -405
- catocli/parsers/mutation_site/__init__.py +15 -15
- catocli/parsers/mutation_sites/__init__.py +15 -15
- catocli/parsers/query_accountMetrics/README.md +90 -0
- catocli/parsers/query_accountMetrics/__init__.py +6 -0
- catocli/parsers/query_appStats/README.md +2 -2
- catocli/parsers/query_appStats/__init__.py +4 -2
- catocli/parsers/query_appStatsTimeSeries/__init__.py +4 -2
- catocli/parsers/query_eventsTimeSeries/README.md +280 -0
- catocli/parsers/query_eventsTimeSeries/__init__.py +6 -0
- catocli/parsers/query_policy/__init__.py +42 -42
- catocli/parsers/query_socketPortMetrics/README.md +44 -0
- catocli/parsers/query_socketPortMetrics/__init__.py +6 -0
- catocli/parsers/query_socketPortMetricsTimeSeries/README.md +83 -0
- catocli/parsers/query_socketPortMetricsTimeSeries/__init__.py +4 -2
- {catocli-3.0.18.dist-info → catocli-3.0.22.dist-info}/METADATA +1 -1
- {catocli-3.0.18.dist-info → catocli-3.0.22.dist-info}/RECORD +179 -177
- {catocli-3.0.18.dist-info → catocli-3.0.22.dist-info}/top_level.txt +0 -1
- models/mutation.policy.antiMalwareFileHash.addRule.json +20 -0
- models/mutation.policy.antiMalwareFileHash.addSection.json +103 -0
- models/mutation.policy.antiMalwareFileHash.createPolicyRevision.json +123 -0
- models/mutation.policy.antiMalwareFileHash.discardPolicyRevision.json +123 -0
- models/mutation.policy.antiMalwareFileHash.moveRule.json +20 -0
- models/mutation.policy.antiMalwareFileHash.moveSection.json +103 -0
- models/mutation.policy.antiMalwareFileHash.publishPolicyRevision.json +123 -0
- models/mutation.policy.antiMalwareFileHash.removeRule.json +20 -0
- models/mutation.policy.antiMalwareFileHash.removeSection.json +103 -0
- models/mutation.policy.antiMalwareFileHash.updatePolicy.json +123 -0
- models/mutation.policy.antiMalwareFileHash.updateRule.json +20 -0
- models/mutation.policy.antiMalwareFileHash.updateSection.json +103 -0
- models/mutation.policy.appTenantRestriction.addRule.json +20 -0
- models/mutation.policy.appTenantRestriction.addSection.json +103 -0
- models/mutation.policy.appTenantRestriction.createPolicyRevision.json +123 -0
- models/mutation.policy.appTenantRestriction.discardPolicyRevision.json +123 -0
- models/mutation.policy.appTenantRestriction.moveRule.json +20 -0
- models/mutation.policy.appTenantRestriction.moveSection.json +103 -0
- models/mutation.policy.appTenantRestriction.publishPolicyRevision.json +123 -0
- models/mutation.policy.appTenantRestriction.removeRule.json +20 -0
- models/mutation.policy.appTenantRestriction.removeSection.json +103 -0
- models/mutation.policy.appTenantRestriction.updatePolicy.json +123 -0
- models/mutation.policy.appTenantRestriction.updateRule.json +20 -0
- models/mutation.policy.appTenantRestriction.updateSection.json +103 -0
- models/mutation.policy.applicationControl.addRule.json +20 -0
- models/mutation.policy.applicationControl.addSection.json +103 -0
- models/mutation.policy.applicationControl.createPolicyRevision.json +123 -0
- models/mutation.policy.applicationControl.discardPolicyRevision.json +123 -0
- models/mutation.policy.applicationControl.moveRule.json +20 -0
- models/mutation.policy.applicationControl.moveSection.json +103 -0
- models/mutation.policy.applicationControl.publishPolicyRevision.json +123 -0
- models/mutation.policy.applicationControl.removeRule.json +20 -0
- models/mutation.policy.applicationControl.removeSection.json +103 -0
- models/mutation.policy.applicationControl.updatePolicy.json +123 -0
- models/mutation.policy.applicationControl.updateRule.json +20 -0
- models/mutation.policy.applicationControl.updateSection.json +103 -0
- models/mutation.policy.dynamicIpAllocation.addRule.json +20 -0
- models/mutation.policy.dynamicIpAllocation.addSection.json +103 -0
- models/mutation.policy.dynamicIpAllocation.createPolicyRevision.json +123 -0
- models/mutation.policy.dynamicIpAllocation.discardPolicyRevision.json +123 -0
- models/mutation.policy.dynamicIpAllocation.moveRule.json +20 -0
- models/mutation.policy.dynamicIpAllocation.moveSection.json +103 -0
- models/mutation.policy.dynamicIpAllocation.publishPolicyRevision.json +123 -0
- models/mutation.policy.dynamicIpAllocation.removeRule.json +20 -0
- models/mutation.policy.dynamicIpAllocation.removeSection.json +103 -0
- models/mutation.policy.dynamicIpAllocation.updatePolicy.json +123 -0
- models/mutation.policy.dynamicIpAllocation.updateRule.json +20 -0
- models/mutation.policy.dynamicIpAllocation.updateSection.json +103 -0
- models/mutation.policy.internetFirewall.addRule.json +20 -0
- models/mutation.policy.internetFirewall.addSection.json +103 -0
- models/mutation.policy.internetFirewall.createPolicyRevision.json +123 -0
- models/mutation.policy.internetFirewall.discardPolicyRevision.json +123 -0
- models/mutation.policy.internetFirewall.moveRule.json +20 -0
- models/mutation.policy.internetFirewall.moveSection.json +103 -0
- models/mutation.policy.internetFirewall.publishPolicyRevision.json +123 -0
- models/mutation.policy.internetFirewall.removeRule.json +20 -0
- models/mutation.policy.internetFirewall.removeSection.json +103 -0
- models/mutation.policy.internetFirewall.updatePolicy.json +123 -0
- models/mutation.policy.internetFirewall.updateRule.json +20 -0
- models/mutation.policy.internetFirewall.updateSection.json +103 -0
- models/mutation.policy.remotePortFwd.addRule.json +20 -0
- models/mutation.policy.remotePortFwd.addSection.json +103 -0
- models/mutation.policy.remotePortFwd.createPolicyRevision.json +123 -0
- models/mutation.policy.remotePortFwd.discardPolicyRevision.json +123 -0
- models/mutation.policy.remotePortFwd.moveRule.json +20 -0
- models/mutation.policy.remotePortFwd.moveSection.json +103 -0
- models/mutation.policy.remotePortFwd.publishPolicyRevision.json +123 -0
- models/mutation.policy.remotePortFwd.removeRule.json +20 -0
- models/mutation.policy.remotePortFwd.removeSection.json +103 -0
- models/mutation.policy.remotePortFwd.updatePolicy.json +123 -0
- models/mutation.policy.remotePortFwd.updateRule.json +20 -0
- models/mutation.policy.remotePortFwd.updateSection.json +103 -0
- models/mutation.policy.socketLan.addRule.json +40 -0
- models/mutation.policy.socketLan.addSection.json +103 -0
- models/mutation.policy.socketLan.createPolicyRevision.json +143 -0
- models/mutation.policy.socketLan.discardPolicyRevision.json +143 -0
- models/mutation.policy.socketLan.moveRule.json +40 -0
- models/mutation.policy.socketLan.moveSection.json +103 -0
- models/mutation.policy.socketLan.publishPolicyRevision.json +143 -0
- models/mutation.policy.socketLan.removeRule.json +40 -0
- models/mutation.policy.socketLan.removeSection.json +103 -0
- models/mutation.policy.socketLan.updatePolicy.json +143 -0
- models/mutation.policy.socketLan.updateRule.json +40 -0
- models/mutation.policy.socketLan.updateSection.json +103 -0
- models/mutation.policy.terminalServer.addRule.json +20 -0
- models/mutation.policy.terminalServer.addSection.json +103 -0
- models/mutation.policy.terminalServer.createPolicyRevision.json +123 -0
- models/mutation.policy.terminalServer.discardPolicyRevision.json +123 -0
- models/mutation.policy.terminalServer.moveRule.json +20 -0
- models/mutation.policy.terminalServer.moveSection.json +103 -0
- models/mutation.policy.terminalServer.publishPolicyRevision.json +123 -0
- models/mutation.policy.terminalServer.removeRule.json +20 -0
- models/mutation.policy.terminalServer.removeSection.json +103 -0
- models/mutation.policy.terminalServer.updatePolicy.json +123 -0
- models/mutation.policy.terminalServer.updateRule.json +20 -0
- models/mutation.policy.terminalServer.updateSection.json +103 -0
- models/mutation.policy.tlsInspect.addRule.json +20 -0
- models/mutation.policy.tlsInspect.addSection.json +103 -0
- models/mutation.policy.tlsInspect.createPolicyRevision.json +123 -0
- models/mutation.policy.tlsInspect.discardPolicyRevision.json +123 -0
- models/mutation.policy.tlsInspect.moveRule.json +20 -0
- models/mutation.policy.tlsInspect.moveSection.json +103 -0
- models/mutation.policy.tlsInspect.publishPolicyRevision.json +123 -0
- models/mutation.policy.tlsInspect.removeRule.json +20 -0
- models/mutation.policy.tlsInspect.removeSection.json +103 -0
- models/mutation.policy.tlsInspect.updatePolicy.json +123 -0
- models/mutation.policy.tlsInspect.updateRule.json +20 -0
- models/mutation.policy.tlsInspect.updateSection.json +103 -0
- models/mutation.policy.wanFirewall.addRule.json +20 -0
- models/mutation.policy.wanFirewall.addSection.json +103 -0
- models/mutation.policy.wanFirewall.createPolicyRevision.json +123 -0
- models/mutation.policy.wanFirewall.discardPolicyRevision.json +123 -0
- models/mutation.policy.wanFirewall.moveRule.json +20 -0
- models/mutation.policy.wanFirewall.moveSection.json +103 -0
- models/mutation.policy.wanFirewall.publishPolicyRevision.json +123 -0
- models/mutation.policy.wanFirewall.removeRule.json +20 -0
- models/mutation.policy.wanFirewall.removeSection.json +103 -0
- models/mutation.policy.wanFirewall.updatePolicy.json +123 -0
- models/mutation.policy.wanFirewall.updateRule.json +20 -0
- models/mutation.policy.wanFirewall.updateSection.json +103 -0
- models/mutation.policy.wanNetwork.addRule.json +20 -0
- models/mutation.policy.wanNetwork.addSection.json +103 -0
- models/mutation.policy.wanNetwork.createPolicyRevision.json +123 -0
- models/mutation.policy.wanNetwork.discardPolicyRevision.json +123 -0
- models/mutation.policy.wanNetwork.moveRule.json +20 -0
- models/mutation.policy.wanNetwork.moveSection.json +103 -0
- models/mutation.policy.wanNetwork.publishPolicyRevision.json +123 -0
- models/mutation.policy.wanNetwork.removeRule.json +20 -0
- models/mutation.policy.wanNetwork.removeSection.json +103 -0
- models/mutation.policy.wanNetwork.updatePolicy.json +123 -0
- models/mutation.policy.wanNetwork.updateRule.json +20 -0
- models/mutation.policy.wanNetwork.updateSection.json +103 -0
- models/mutation.xdr.analystFeedback.json +822 -87
- models/query.policy.antiMalwareFileHash.policy.json +123 -0
- models/query.policy.appTenantRestriction.policy.json +123 -0
- models/query.policy.applicationControl.policy.json +123 -0
- models/query.policy.dynamicIpAllocation.policy.json +123 -0
- models/query.policy.internetFirewall.policy.json +123 -0
- models/query.policy.remotePortFwd.policy.json +123 -0
- models/query.policy.socketLan.policy.json +143 -0
- models/query.policy.terminalServer.policy.json +123 -0
- models/query.policy.tlsInspect.policy.json +123 -0
- models/query.policy.wanFirewall.policy.json +123 -0
- models/query.policy.wanNetwork.policy.json +123 -0
- models/query.xdr.stories.json +822 -87
- models/query.xdr.story.json +822 -87
- schema/catolib.py +25 -8
- catocli/Utils/csv_formatter.py +0 -663
- scripts/catolib.py +0 -62
- scripts/export_if_rules_to_json.py +0 -188
- scripts/export_wf_rules_to_json.py +0 -111
- scripts/import_wf_rules_to_tfstate.py +0 -331
- {catocli-3.0.18.dist-info → catocli-3.0.22.dist-info}/WHEEL +0 -0
- {catocli-3.0.18.dist-info → catocli-3.0.22.dist-info}/entry_points.txt +0 -0
- {catocli-3.0.18.dist-info → catocli-3.0.22.dist-info}/licenses/LICENSE +0 -0
models/query.xdr.stories.json
CHANGED
|
@@ -9139,6 +9139,26 @@
|
|
|
9139
9139
|
"description": "The `MicrosoftProcessResource` object represents a process resource in a Microsoft environment, containing fields such as creation date, process ID, command line details, remediation status, roles, tags, user account information, and a verdict on the process's nature.",
|
|
9140
9140
|
"enumValues": null,
|
|
9141
9141
|
"fields": {
|
|
9142
|
+
"action": {
|
|
9143
|
+
"args": {},
|
|
9144
|
+
"deprecationReason": null,
|
|
9145
|
+
"description": null,
|
|
9146
|
+
"id_str": "stories___items___incident___alerts___resources___action",
|
|
9147
|
+
"isDeprecated": false,
|
|
9148
|
+
"name": "action",
|
|
9149
|
+
"path": "stories.items.incident.alerts.resources.action",
|
|
9150
|
+
"requestStr": "$action:String ",
|
|
9151
|
+
"required": false,
|
|
9152
|
+
"responseStr": "action:$action ",
|
|
9153
|
+
"type": {
|
|
9154
|
+
"kind": [
|
|
9155
|
+
"SCALAR"
|
|
9156
|
+
],
|
|
9157
|
+
"name": "String",
|
|
9158
|
+
"non_null": false
|
|
9159
|
+
},
|
|
9160
|
+
"varName": "action"
|
|
9161
|
+
},
|
|
9142
9162
|
"createdDateTime": {
|
|
9143
9163
|
"args": {},
|
|
9144
9164
|
"deprecationReason": null,
|
|
@@ -10721,7 +10741,546 @@
|
|
|
10721
10741
|
"name": "String",
|
|
10722
10742
|
"non_null": false
|
|
10723
10743
|
},
|
|
10724
|
-
"varName": "tags"
|
|
10744
|
+
"varName": "tags"
|
|
10745
|
+
},
|
|
10746
|
+
"verdict": {
|
|
10747
|
+
"args": {},
|
|
10748
|
+
"deprecationReason": null,
|
|
10749
|
+
"description": null,
|
|
10750
|
+
"id_str": "stories___items___incident___alerts___resources___verdict",
|
|
10751
|
+
"isDeprecated": false,
|
|
10752
|
+
"name": "verdict",
|
|
10753
|
+
"path": "stories.items.incident.alerts.resources.verdict",
|
|
10754
|
+
"requestStr": "$verdict:MsResourceVerdictEnum ",
|
|
10755
|
+
"required": false,
|
|
10756
|
+
"responseStr": "verdict:$verdict ",
|
|
10757
|
+
"type": {
|
|
10758
|
+
"definition": {
|
|
10759
|
+
"description": null,
|
|
10760
|
+
"enumValues": [
|
|
10761
|
+
{
|
|
10762
|
+
"deprecationReason": null,
|
|
10763
|
+
"description": null,
|
|
10764
|
+
"isDeprecated": false,
|
|
10765
|
+
"name": "Suspicious"
|
|
10766
|
+
},
|
|
10767
|
+
{
|
|
10768
|
+
"deprecationReason": null,
|
|
10769
|
+
"description": null,
|
|
10770
|
+
"isDeprecated": false,
|
|
10771
|
+
"name": "Malicious"
|
|
10772
|
+
},
|
|
10773
|
+
{
|
|
10774
|
+
"deprecationReason": null,
|
|
10775
|
+
"description": null,
|
|
10776
|
+
"isDeprecated": false,
|
|
10777
|
+
"name": "Informational"
|
|
10778
|
+
},
|
|
10779
|
+
{
|
|
10780
|
+
"deprecationReason": null,
|
|
10781
|
+
"description": null,
|
|
10782
|
+
"isDeprecated": false,
|
|
10783
|
+
"name": "Benign"
|
|
10784
|
+
}
|
|
10785
|
+
],
|
|
10786
|
+
"fields": null,
|
|
10787
|
+
"inputFields": null,
|
|
10788
|
+
"interfaces": null,
|
|
10789
|
+
"kind": "ENUM",
|
|
10790
|
+
"name": "MsResourceVerdictEnum",
|
|
10791
|
+
"possibleTypes": null
|
|
10792
|
+
},
|
|
10793
|
+
"indexType": "enum",
|
|
10794
|
+
"kind": [
|
|
10795
|
+
"ENUM"
|
|
10796
|
+
],
|
|
10797
|
+
"name": "MsResourceVerdictEnum",
|
|
10798
|
+
"non_null": false
|
|
10799
|
+
},
|
|
10800
|
+
"varName": "verdict"
|
|
10801
|
+
}
|
|
10802
|
+
},
|
|
10803
|
+
"inputFields": null,
|
|
10804
|
+
"interfaces": [
|
|
10805
|
+
{
|
|
10806
|
+
"kind": "INTERFACE",
|
|
10807
|
+
"name": "FileResource",
|
|
10808
|
+
"ofType": null
|
|
10809
|
+
},
|
|
10810
|
+
{
|
|
10811
|
+
"kind": "INTERFACE",
|
|
10812
|
+
"name": "MicrosoftEndpointResource",
|
|
10813
|
+
"ofType": null
|
|
10814
|
+
},
|
|
10815
|
+
{
|
|
10816
|
+
"kind": "INTERFACE",
|
|
10817
|
+
"name": "EndpointResource",
|
|
10818
|
+
"ofType": null
|
|
10819
|
+
}
|
|
10820
|
+
],
|
|
10821
|
+
"kind": "OBJECT",
|
|
10822
|
+
"name": "MicrosoftFileResource",
|
|
10823
|
+
"ofType": null,
|
|
10824
|
+
"possibleTypes": null
|
|
10825
|
+
},
|
|
10826
|
+
{
|
|
10827
|
+
"description": "The `MicrosoftRegistryResource` object represents a registry resource in a Microsoft environment, containing fields such as creation date, hive, key, remediation status, roles, tags, and verdict, which are used to manage and assess the resource's status and attributes.",
|
|
10828
|
+
"enumValues": null,
|
|
10829
|
+
"fields": {
|
|
10830
|
+
"createdDateTime": {
|
|
10831
|
+
"args": {},
|
|
10832
|
+
"deprecationReason": null,
|
|
10833
|
+
"description": null,
|
|
10834
|
+
"id_str": "stories___items___incident___alerts___resources___createdDateTime",
|
|
10835
|
+
"isDeprecated": false,
|
|
10836
|
+
"name": "createdDateTime",
|
|
10837
|
+
"path": "stories.items.incident.alerts.resources.createdDateTime",
|
|
10838
|
+
"requestStr": "$createdDateTime:DateTime ",
|
|
10839
|
+
"required": false,
|
|
10840
|
+
"responseStr": "createdDateTime:$createdDateTime ",
|
|
10841
|
+
"type": {
|
|
10842
|
+
"kind": [
|
|
10843
|
+
"SCALAR"
|
|
10844
|
+
],
|
|
10845
|
+
"name": "DateTime",
|
|
10846
|
+
"non_null": false
|
|
10847
|
+
},
|
|
10848
|
+
"varName": "createdDateTime"
|
|
10849
|
+
},
|
|
10850
|
+
"hive": {
|
|
10851
|
+
"args": {},
|
|
10852
|
+
"deprecationReason": null,
|
|
10853
|
+
"description": null,
|
|
10854
|
+
"id_str": "stories___items___incident___alerts___resources___hive",
|
|
10855
|
+
"isDeprecated": false,
|
|
10856
|
+
"name": "hive",
|
|
10857
|
+
"path": "stories.items.incident.alerts.resources.hive",
|
|
10858
|
+
"requestStr": "$hive:String ",
|
|
10859
|
+
"required": false,
|
|
10860
|
+
"responseStr": "hive:$hive ",
|
|
10861
|
+
"type": {
|
|
10862
|
+
"kind": [
|
|
10863
|
+
"SCALAR"
|
|
10864
|
+
],
|
|
10865
|
+
"name": "String",
|
|
10866
|
+
"non_null": false
|
|
10867
|
+
},
|
|
10868
|
+
"varName": "hive"
|
|
10869
|
+
},
|
|
10870
|
+
"id": {
|
|
10871
|
+
"args": {},
|
|
10872
|
+
"deprecationReason": null,
|
|
10873
|
+
"description": null,
|
|
10874
|
+
"id_str": "stories___items___incident___alerts___resources___id",
|
|
10875
|
+
"isDeprecated": false,
|
|
10876
|
+
"name": "id",
|
|
10877
|
+
"path": "stories.items.incident.alerts.resources.id",
|
|
10878
|
+
"requestStr": "$id:ID! ",
|
|
10879
|
+
"required": true,
|
|
10880
|
+
"responseStr": "id:$id ",
|
|
10881
|
+
"type": {
|
|
10882
|
+
"kind": [
|
|
10883
|
+
"NON_NULL",
|
|
10884
|
+
"SCALAR"
|
|
10885
|
+
],
|
|
10886
|
+
"name": "ID",
|
|
10887
|
+
"non_null": false
|
|
10888
|
+
},
|
|
10889
|
+
"varName": "id"
|
|
10890
|
+
},
|
|
10891
|
+
"key": {
|
|
10892
|
+
"args": {},
|
|
10893
|
+
"deprecationReason": null,
|
|
10894
|
+
"description": null,
|
|
10895
|
+
"id_str": "stories___items___incident___alerts___resources___key",
|
|
10896
|
+
"isDeprecated": false,
|
|
10897
|
+
"name": "key",
|
|
10898
|
+
"path": "stories.items.incident.alerts.resources.key",
|
|
10899
|
+
"requestStr": "$key:String ",
|
|
10900
|
+
"required": false,
|
|
10901
|
+
"responseStr": "key:$key ",
|
|
10902
|
+
"type": {
|
|
10903
|
+
"kind": [
|
|
10904
|
+
"SCALAR"
|
|
10905
|
+
],
|
|
10906
|
+
"name": "String",
|
|
10907
|
+
"non_null": false
|
|
10908
|
+
},
|
|
10909
|
+
"varName": "key"
|
|
10910
|
+
},
|
|
10911
|
+
"remediationStatus": {
|
|
10912
|
+
"args": {},
|
|
10913
|
+
"deprecationReason": null,
|
|
10914
|
+
"description": null,
|
|
10915
|
+
"id_str": "stories___items___incident___alerts___resources___remediationStatus",
|
|
10916
|
+
"isDeprecated": false,
|
|
10917
|
+
"name": "remediationStatus",
|
|
10918
|
+
"path": "stories.items.incident.alerts.resources.remediationStatus",
|
|
10919
|
+
"requestStr": "$remediationStatus:RemediationStatusEnum ",
|
|
10920
|
+
"required": false,
|
|
10921
|
+
"responseStr": "remediationStatus:$remediationStatus ",
|
|
10922
|
+
"type": {
|
|
10923
|
+
"definition": {
|
|
10924
|
+
"description": null,
|
|
10925
|
+
"enumValues": [
|
|
10926
|
+
{
|
|
10927
|
+
"deprecationReason": null,
|
|
10928
|
+
"description": null,
|
|
10929
|
+
"isDeprecated": false,
|
|
10930
|
+
"name": "REMEDIATED"
|
|
10931
|
+
},
|
|
10932
|
+
{
|
|
10933
|
+
"deprecationReason": null,
|
|
10934
|
+
"description": null,
|
|
10935
|
+
"isDeprecated": false,
|
|
10936
|
+
"name": "PREVENTED"
|
|
10937
|
+
},
|
|
10938
|
+
{
|
|
10939
|
+
"deprecationReason": null,
|
|
10940
|
+
"description": null,
|
|
10941
|
+
"isDeprecated": false,
|
|
10942
|
+
"name": "BLOCKED"
|
|
10943
|
+
},
|
|
10944
|
+
{
|
|
10945
|
+
"deprecationReason": null,
|
|
10946
|
+
"description": null,
|
|
10947
|
+
"isDeprecated": false,
|
|
10948
|
+
"name": "NOT_FOUND"
|
|
10949
|
+
},
|
|
10950
|
+
{
|
|
10951
|
+
"deprecationReason": null,
|
|
10952
|
+
"description": null,
|
|
10953
|
+
"isDeprecated": false,
|
|
10954
|
+
"name": "SCAN_FAILED"
|
|
10955
|
+
},
|
|
10956
|
+
{
|
|
10957
|
+
"deprecationReason": null,
|
|
10958
|
+
"description": null,
|
|
10959
|
+
"isDeprecated": false,
|
|
10960
|
+
"name": "CLEAN"
|
|
10961
|
+
},
|
|
10962
|
+
{
|
|
10963
|
+
"deprecationReason": null,
|
|
10964
|
+
"description": null,
|
|
10965
|
+
"isDeprecated": false,
|
|
10966
|
+
"name": "DISINFECTED"
|
|
10967
|
+
},
|
|
10968
|
+
{
|
|
10969
|
+
"deprecationReason": null,
|
|
10970
|
+
"description": null,
|
|
10971
|
+
"isDeprecated": false,
|
|
10972
|
+
"name": "INFECTED"
|
|
10973
|
+
},
|
|
10974
|
+
{
|
|
10975
|
+
"deprecationReason": null,
|
|
10976
|
+
"description": null,
|
|
10977
|
+
"isDeprecated": false,
|
|
10978
|
+
"name": "SUSPICIOUS"
|
|
10979
|
+
},
|
|
10980
|
+
{
|
|
10981
|
+
"deprecationReason": null,
|
|
10982
|
+
"description": null,
|
|
10983
|
+
"isDeprecated": false,
|
|
10984
|
+
"name": "DELETED"
|
|
10985
|
+
},
|
|
10986
|
+
{
|
|
10987
|
+
"deprecationReason": null,
|
|
10988
|
+
"description": null,
|
|
10989
|
+
"isDeprecated": false,
|
|
10990
|
+
"name": "MOVED"
|
|
10991
|
+
},
|
|
10992
|
+
{
|
|
10993
|
+
"deprecationReason": null,
|
|
10994
|
+
"description": null,
|
|
10995
|
+
"isDeprecated": false,
|
|
10996
|
+
"name": "UNKNOWN"
|
|
10997
|
+
},
|
|
10998
|
+
{
|
|
10999
|
+
"deprecationReason": null,
|
|
11000
|
+
"description": null,
|
|
11001
|
+
"isDeprecated": false,
|
|
11002
|
+
"name": "DELETED_REBOOT"
|
|
11003
|
+
},
|
|
11004
|
+
{
|
|
11005
|
+
"deprecationReason": null,
|
|
11006
|
+
"description": null,
|
|
11007
|
+
"isDeprecated": false,
|
|
11008
|
+
"name": "PASSWORD_PROTECTED"
|
|
11009
|
+
},
|
|
11010
|
+
{
|
|
11011
|
+
"deprecationReason": null,
|
|
11012
|
+
"description": null,
|
|
11013
|
+
"isDeprecated": false,
|
|
11014
|
+
"name": "MOVED_REBOOT"
|
|
11015
|
+
},
|
|
11016
|
+
{
|
|
11017
|
+
"deprecationReason": null,
|
|
11018
|
+
"description": null,
|
|
11019
|
+
"isDeprecated": false,
|
|
11020
|
+
"name": "NOT_STARTED"
|
|
11021
|
+
},
|
|
11022
|
+
{
|
|
11023
|
+
"deprecationReason": null,
|
|
11024
|
+
"description": null,
|
|
11025
|
+
"isDeprecated": false,
|
|
11026
|
+
"name": "SUCCESS"
|
|
11027
|
+
},
|
|
11028
|
+
{
|
|
11029
|
+
"deprecationReason": null,
|
|
11030
|
+
"description": null,
|
|
11031
|
+
"isDeprecated": false,
|
|
11032
|
+
"name": "REBOOT_REQUIRED"
|
|
11033
|
+
},
|
|
11034
|
+
{
|
|
11035
|
+
"deprecationReason": null,
|
|
11036
|
+
"description": null,
|
|
11037
|
+
"isDeprecated": false,
|
|
11038
|
+
"name": "DISABLED"
|
|
11039
|
+
},
|
|
11040
|
+
{
|
|
11041
|
+
"deprecationReason": null,
|
|
11042
|
+
"description": null,
|
|
11043
|
+
"isDeprecated": false,
|
|
11044
|
+
"name": "DISINFECT_FAILED"
|
|
11045
|
+
}
|
|
11046
|
+
],
|
|
11047
|
+
"fields": null,
|
|
11048
|
+
"inputFields": null,
|
|
11049
|
+
"interfaces": null,
|
|
11050
|
+
"kind": "ENUM",
|
|
11051
|
+
"name": "RemediationStatusEnum",
|
|
11052
|
+
"possibleTypes": null
|
|
11053
|
+
},
|
|
11054
|
+
"indexType": "enum",
|
|
11055
|
+
"kind": [
|
|
11056
|
+
"ENUM"
|
|
11057
|
+
],
|
|
11058
|
+
"name": "RemediationStatusEnum",
|
|
11059
|
+
"non_null": false
|
|
11060
|
+
},
|
|
11061
|
+
"varName": "remediationStatus"
|
|
11062
|
+
},
|
|
11063
|
+
"remediationStatusDetails": {
|
|
11064
|
+
"args": {},
|
|
11065
|
+
"deprecationReason": null,
|
|
11066
|
+
"description": null,
|
|
11067
|
+
"id_str": "stories___items___incident___alerts___resources___remediationStatusDetails",
|
|
11068
|
+
"isDeprecated": false,
|
|
11069
|
+
"name": "remediationStatusDetails",
|
|
11070
|
+
"path": "stories.items.incident.alerts.resources.remediationStatusDetails",
|
|
11071
|
+
"requestStr": "$remediationStatusDetails:String ",
|
|
11072
|
+
"required": false,
|
|
11073
|
+
"responseStr": "remediationStatusDetails:$remediationStatusDetails ",
|
|
11074
|
+
"type": {
|
|
11075
|
+
"kind": [
|
|
11076
|
+
"SCALAR"
|
|
11077
|
+
],
|
|
11078
|
+
"name": "String",
|
|
11079
|
+
"non_null": false
|
|
11080
|
+
},
|
|
11081
|
+
"varName": "remediationStatusDetails"
|
|
11082
|
+
},
|
|
11083
|
+
"roles": {
|
|
11084
|
+
"args": {},
|
|
11085
|
+
"deprecationReason": null,
|
|
11086
|
+
"description": null,
|
|
11087
|
+
"id_str": "stories___items___incident___alerts___resources___roles",
|
|
11088
|
+
"isDeprecated": false,
|
|
11089
|
+
"name": "roles",
|
|
11090
|
+
"path": "stories.items.incident.alerts.resources.roles",
|
|
11091
|
+
"requestStr": "$roles:[ResourceRoleEnum]! ",
|
|
11092
|
+
"required": true,
|
|
11093
|
+
"responseStr": "roles:$roles ",
|
|
11094
|
+
"type": {
|
|
11095
|
+
"definition": {
|
|
11096
|
+
"description": null,
|
|
11097
|
+
"enumValues": [
|
|
11098
|
+
{
|
|
11099
|
+
"deprecationReason": null,
|
|
11100
|
+
"description": null,
|
|
11101
|
+
"isDeprecated": false,
|
|
11102
|
+
"name": "CONTEXTUAL"
|
|
11103
|
+
},
|
|
11104
|
+
{
|
|
11105
|
+
"deprecationReason": null,
|
|
11106
|
+
"description": null,
|
|
11107
|
+
"isDeprecated": false,
|
|
11108
|
+
"name": "SCANNED"
|
|
11109
|
+
},
|
|
11110
|
+
{
|
|
11111
|
+
"deprecationReason": null,
|
|
11112
|
+
"description": null,
|
|
11113
|
+
"isDeprecated": false,
|
|
11114
|
+
"name": "SOURCE"
|
|
11115
|
+
},
|
|
11116
|
+
{
|
|
11117
|
+
"deprecationReason": null,
|
|
11118
|
+
"description": null,
|
|
11119
|
+
"isDeprecated": false,
|
|
11120
|
+
"name": "DESTINATION"
|
|
11121
|
+
},
|
|
11122
|
+
{
|
|
11123
|
+
"deprecationReason": null,
|
|
11124
|
+
"description": null,
|
|
11125
|
+
"isDeprecated": false,
|
|
11126
|
+
"name": "CREATED"
|
|
11127
|
+
},
|
|
11128
|
+
{
|
|
11129
|
+
"deprecationReason": null,
|
|
11130
|
+
"description": null,
|
|
11131
|
+
"isDeprecated": false,
|
|
11132
|
+
"name": "ADDED"
|
|
11133
|
+
},
|
|
11134
|
+
{
|
|
11135
|
+
"deprecationReason": null,
|
|
11136
|
+
"description": null,
|
|
11137
|
+
"isDeprecated": false,
|
|
11138
|
+
"name": "COMPROMISED"
|
|
11139
|
+
},
|
|
11140
|
+
{
|
|
11141
|
+
"deprecationReason": null,
|
|
11142
|
+
"description": null,
|
|
11143
|
+
"isDeprecated": false,
|
|
11144
|
+
"name": "EDITED"
|
|
11145
|
+
},
|
|
11146
|
+
{
|
|
11147
|
+
"deprecationReason": null,
|
|
11148
|
+
"description": null,
|
|
11149
|
+
"isDeprecated": false,
|
|
11150
|
+
"name": "ATTACKED"
|
|
11151
|
+
},
|
|
11152
|
+
{
|
|
11153
|
+
"deprecationReason": null,
|
|
11154
|
+
"description": null,
|
|
11155
|
+
"isDeprecated": false,
|
|
11156
|
+
"name": "ATTACKER"
|
|
11157
|
+
},
|
|
11158
|
+
{
|
|
11159
|
+
"deprecationReason": null,
|
|
11160
|
+
"description": null,
|
|
11161
|
+
"isDeprecated": false,
|
|
11162
|
+
"name": "COMMAND_AND_CONTROL"
|
|
11163
|
+
},
|
|
11164
|
+
{
|
|
11165
|
+
"deprecationReason": null,
|
|
11166
|
+
"description": null,
|
|
11167
|
+
"isDeprecated": false,
|
|
11168
|
+
"name": "LOADED"
|
|
11169
|
+
},
|
|
11170
|
+
{
|
|
11171
|
+
"deprecationReason": null,
|
|
11172
|
+
"description": null,
|
|
11173
|
+
"isDeprecated": false,
|
|
11174
|
+
"name": "SUSPICIOUS"
|
|
11175
|
+
},
|
|
11176
|
+
{
|
|
11177
|
+
"deprecationReason": null,
|
|
11178
|
+
"description": null,
|
|
11179
|
+
"isDeprecated": false,
|
|
11180
|
+
"name": "POLICY_VIOLATOR"
|
|
11181
|
+
}
|
|
11182
|
+
],
|
|
11183
|
+
"fields": null,
|
|
11184
|
+
"inputFields": null,
|
|
11185
|
+
"interfaces": null,
|
|
11186
|
+
"kind": "ENUM",
|
|
11187
|
+
"name": "ResourceRoleEnum",
|
|
11188
|
+
"possibleTypes": null
|
|
11189
|
+
},
|
|
11190
|
+
"indexType": "enum",
|
|
11191
|
+
"kind": [
|
|
11192
|
+
"NON_NULL",
|
|
11193
|
+
"LIST",
|
|
11194
|
+
"NON_NULL",
|
|
11195
|
+
"ENUM"
|
|
11196
|
+
],
|
|
11197
|
+
"name": "ResourceRoleEnum",
|
|
11198
|
+
"non_null": false
|
|
11199
|
+
},
|
|
11200
|
+
"varName": "roles"
|
|
11201
|
+
},
|
|
11202
|
+
"tags": {
|
|
11203
|
+
"args": {},
|
|
11204
|
+
"deprecationReason": null,
|
|
11205
|
+
"description": null,
|
|
11206
|
+
"id_str": "stories___items___incident___alerts___resources___tags",
|
|
11207
|
+
"isDeprecated": false,
|
|
11208
|
+
"name": "tags",
|
|
11209
|
+
"path": "stories.items.incident.alerts.resources.tags",
|
|
11210
|
+
"requestStr": "$tags:[String]! ",
|
|
11211
|
+
"required": true,
|
|
11212
|
+
"responseStr": "tags:$tags ",
|
|
11213
|
+
"type": {
|
|
11214
|
+
"kind": [
|
|
11215
|
+
"NON_NULL",
|
|
11216
|
+
"LIST",
|
|
11217
|
+
"NON_NULL",
|
|
11218
|
+
"SCALAR"
|
|
11219
|
+
],
|
|
11220
|
+
"name": "String",
|
|
11221
|
+
"non_null": false
|
|
11222
|
+
},
|
|
11223
|
+
"varName": "tags"
|
|
11224
|
+
},
|
|
11225
|
+
"value": {
|
|
11226
|
+
"args": {},
|
|
11227
|
+
"deprecationReason": null,
|
|
11228
|
+
"description": null,
|
|
11229
|
+
"id_str": "stories___items___incident___alerts___resources___value",
|
|
11230
|
+
"isDeprecated": false,
|
|
11231
|
+
"name": "value",
|
|
11232
|
+
"path": "stories.items.incident.alerts.resources.value",
|
|
11233
|
+
"requestStr": "$value:String ",
|
|
11234
|
+
"required": false,
|
|
11235
|
+
"responseStr": "value:$value ",
|
|
11236
|
+
"type": {
|
|
11237
|
+
"kind": [
|
|
11238
|
+
"SCALAR"
|
|
11239
|
+
],
|
|
11240
|
+
"name": "String",
|
|
11241
|
+
"non_null": false
|
|
11242
|
+
},
|
|
11243
|
+
"varName": "value"
|
|
11244
|
+
},
|
|
11245
|
+
"valueName": {
|
|
11246
|
+
"args": {},
|
|
11247
|
+
"deprecationReason": null,
|
|
11248
|
+
"description": null,
|
|
11249
|
+
"id_str": "stories___items___incident___alerts___resources___valueName",
|
|
11250
|
+
"isDeprecated": false,
|
|
11251
|
+
"name": "valueName",
|
|
11252
|
+
"path": "stories.items.incident.alerts.resources.valueName",
|
|
11253
|
+
"requestStr": "$valueName:String ",
|
|
11254
|
+
"required": false,
|
|
11255
|
+
"responseStr": "valueName:$valueName ",
|
|
11256
|
+
"type": {
|
|
11257
|
+
"kind": [
|
|
11258
|
+
"SCALAR"
|
|
11259
|
+
],
|
|
11260
|
+
"name": "String",
|
|
11261
|
+
"non_null": false
|
|
11262
|
+
},
|
|
11263
|
+
"varName": "valueName"
|
|
11264
|
+
},
|
|
11265
|
+
"valueType": {
|
|
11266
|
+
"args": {},
|
|
11267
|
+
"deprecationReason": null,
|
|
11268
|
+
"description": null,
|
|
11269
|
+
"id_str": "stories___items___incident___alerts___resources___valueType",
|
|
11270
|
+
"isDeprecated": false,
|
|
11271
|
+
"name": "valueType",
|
|
11272
|
+
"path": "stories.items.incident.alerts.resources.valueType",
|
|
11273
|
+
"requestStr": "$valueType:String ",
|
|
11274
|
+
"required": false,
|
|
11275
|
+
"responseStr": "valueType:$valueType ",
|
|
11276
|
+
"type": {
|
|
11277
|
+
"kind": [
|
|
11278
|
+
"SCALAR"
|
|
11279
|
+
],
|
|
11280
|
+
"name": "String",
|
|
11281
|
+
"non_null": false
|
|
11282
|
+
},
|
|
11283
|
+
"varName": "valueType"
|
|
10725
11284
|
},
|
|
10726
11285
|
"verdict": {
|
|
10727
11286
|
"args": {},
|
|
@@ -10784,7 +11343,7 @@
|
|
|
10784
11343
|
"interfaces": [
|
|
10785
11344
|
{
|
|
10786
11345
|
"kind": "INTERFACE",
|
|
10787
|
-
"name": "
|
|
11346
|
+
"name": "RegistryResource",
|
|
10788
11347
|
"ofType": null
|
|
10789
11348
|
},
|
|
10790
11349
|
{
|
|
@@ -10799,14 +11358,34 @@
|
|
|
10799
11358
|
}
|
|
10800
11359
|
],
|
|
10801
11360
|
"kind": "OBJECT",
|
|
10802
|
-
"name": "
|
|
11361
|
+
"name": "MicrosoftRegistryResource",
|
|
10803
11362
|
"ofType": null,
|
|
10804
11363
|
"possibleTypes": null
|
|
10805
11364
|
},
|
|
10806
11365
|
{
|
|
10807
|
-
"description": "The `
|
|
11366
|
+
"description": "The `MicrosoftNetworkResource` object represents a registry resource in a Microsoft environment, containing fields such as creation date, remediation status, roles, tags, and verdict, which are used to manage and assess the resource's status and attributes.",
|
|
10808
11367
|
"enumValues": null,
|
|
10809
11368
|
"fields": {
|
|
11369
|
+
"action": {
|
|
11370
|
+
"args": {},
|
|
11371
|
+
"deprecationReason": null,
|
|
11372
|
+
"description": null,
|
|
11373
|
+
"id_str": "stories___items___incident___alerts___resources___action",
|
|
11374
|
+
"isDeprecated": false,
|
|
11375
|
+
"name": "action",
|
|
11376
|
+
"path": "stories.items.incident.alerts.resources.action",
|
|
11377
|
+
"requestStr": "$action:String ",
|
|
11378
|
+
"required": false,
|
|
11379
|
+
"responseStr": "action:$action ",
|
|
11380
|
+
"type": {
|
|
11381
|
+
"kind": [
|
|
11382
|
+
"SCALAR"
|
|
11383
|
+
],
|
|
11384
|
+
"name": "String",
|
|
11385
|
+
"non_null": false
|
|
11386
|
+
},
|
|
11387
|
+
"varName": "action"
|
|
11388
|
+
},
|
|
10810
11389
|
"createdDateTime": {
|
|
10811
11390
|
"args": {},
|
|
10812
11391
|
"deprecationReason": null,
|
|
@@ -10827,17 +11406,17 @@
|
|
|
10827
11406
|
},
|
|
10828
11407
|
"varName": "createdDateTime"
|
|
10829
11408
|
},
|
|
10830
|
-
"
|
|
11409
|
+
"destinationIp": {
|
|
10831
11410
|
"args": {},
|
|
10832
11411
|
"deprecationReason": null,
|
|
10833
11412
|
"description": null,
|
|
10834
|
-
"id_str": "
|
|
11413
|
+
"id_str": "stories___items___incident___alerts___resources___destinationIp",
|
|
10835
11414
|
"isDeprecated": false,
|
|
10836
|
-
"name": "
|
|
10837
|
-
"path": "stories.items.incident.alerts.resources.
|
|
10838
|
-
"requestStr": "$
|
|
11415
|
+
"name": "destinationIp",
|
|
11416
|
+
"path": "stories.items.incident.alerts.resources.destinationIp",
|
|
11417
|
+
"requestStr": "$destinationIp:String ",
|
|
10839
11418
|
"required": false,
|
|
10840
|
-
"responseStr": "
|
|
11419
|
+
"responseStr": "destinationIp:$destinationIp ",
|
|
10841
11420
|
"type": {
|
|
10842
11421
|
"kind": [
|
|
10843
11422
|
"SCALAR"
|
|
@@ -10845,7 +11424,67 @@
|
|
|
10845
11424
|
"name": "String",
|
|
10846
11425
|
"non_null": false
|
|
10847
11426
|
},
|
|
10848
|
-
"varName": "
|
|
11427
|
+
"varName": "destinationIp"
|
|
11428
|
+
},
|
|
11429
|
+
"destinationPort": {
|
|
11430
|
+
"args": {},
|
|
11431
|
+
"deprecationReason": null,
|
|
11432
|
+
"description": null,
|
|
11433
|
+
"id_str": "stories___items___incident___alerts___resources___destinationPort",
|
|
11434
|
+
"isDeprecated": false,
|
|
11435
|
+
"name": "destinationPort",
|
|
11436
|
+
"path": "stories.items.incident.alerts.resources.destinationPort",
|
|
11437
|
+
"requestStr": "$destinationPort:Int ",
|
|
11438
|
+
"required": false,
|
|
11439
|
+
"responseStr": "destinationPort:$destinationPort ",
|
|
11440
|
+
"type": {
|
|
11441
|
+
"kind": [
|
|
11442
|
+
"SCALAR"
|
|
11443
|
+
],
|
|
11444
|
+
"name": "Int",
|
|
11445
|
+
"non_null": false
|
|
11446
|
+
},
|
|
11447
|
+
"varName": "destinationPort"
|
|
11448
|
+
},
|
|
11449
|
+
"dnsRequest": {
|
|
11450
|
+
"args": {},
|
|
11451
|
+
"deprecationReason": null,
|
|
11452
|
+
"description": null,
|
|
11453
|
+
"id_str": "stories___items___incident___alerts___resources___dnsRequest",
|
|
11454
|
+
"isDeprecated": false,
|
|
11455
|
+
"name": "dnsRequest",
|
|
11456
|
+
"path": "stories.items.incident.alerts.resources.dnsRequest",
|
|
11457
|
+
"requestStr": "$dnsRequest:String ",
|
|
11458
|
+
"required": false,
|
|
11459
|
+
"responseStr": "dnsRequest:$dnsRequest ",
|
|
11460
|
+
"type": {
|
|
11461
|
+
"kind": [
|
|
11462
|
+
"SCALAR"
|
|
11463
|
+
],
|
|
11464
|
+
"name": "String",
|
|
11465
|
+
"non_null": false
|
|
11466
|
+
},
|
|
11467
|
+
"varName": "dnsRequest"
|
|
11468
|
+
},
|
|
11469
|
+
"dnsResponse": {
|
|
11470
|
+
"args": {},
|
|
11471
|
+
"deprecationReason": null,
|
|
11472
|
+
"description": null,
|
|
11473
|
+
"id_str": "stories___items___incident___alerts___resources___dnsResponse",
|
|
11474
|
+
"isDeprecated": false,
|
|
11475
|
+
"name": "dnsResponse",
|
|
11476
|
+
"path": "stories.items.incident.alerts.resources.dnsResponse",
|
|
11477
|
+
"requestStr": "$dnsResponse:String ",
|
|
11478
|
+
"required": false,
|
|
11479
|
+
"responseStr": "dnsResponse:$dnsResponse ",
|
|
11480
|
+
"type": {
|
|
11481
|
+
"kind": [
|
|
11482
|
+
"SCALAR"
|
|
11483
|
+
],
|
|
11484
|
+
"name": "String",
|
|
11485
|
+
"non_null": false
|
|
11486
|
+
},
|
|
11487
|
+
"varName": "dnsResponse"
|
|
10849
11488
|
},
|
|
10850
11489
|
"id": {
|
|
10851
11490
|
"args": {},
|
|
@@ -10868,17 +11507,17 @@
|
|
|
10868
11507
|
},
|
|
10869
11508
|
"varName": "id"
|
|
10870
11509
|
},
|
|
10871
|
-
"
|
|
11510
|
+
"method": {
|
|
10872
11511
|
"args": {},
|
|
10873
11512
|
"deprecationReason": null,
|
|
10874
11513
|
"description": null,
|
|
10875
|
-
"id_str": "
|
|
11514
|
+
"id_str": "stories___items___incident___alerts___resources___method",
|
|
10876
11515
|
"isDeprecated": false,
|
|
10877
|
-
"name": "
|
|
10878
|
-
"path": "stories.items.incident.alerts.resources.
|
|
10879
|
-
"requestStr": "$
|
|
11516
|
+
"name": "method",
|
|
11517
|
+
"path": "stories.items.incident.alerts.resources.method",
|
|
11518
|
+
"requestStr": "$method:String ",
|
|
10880
11519
|
"required": false,
|
|
10881
|
-
"responseStr": "
|
|
11520
|
+
"responseStr": "method:$method ",
|
|
10882
11521
|
"type": {
|
|
10883
11522
|
"kind": [
|
|
10884
11523
|
"SCALAR"
|
|
@@ -10886,7 +11525,7 @@
|
|
|
10886
11525
|
"name": "String",
|
|
10887
11526
|
"non_null": false
|
|
10888
11527
|
},
|
|
10889
|
-
"varName": "
|
|
11528
|
+
"varName": "method"
|
|
10890
11529
|
},
|
|
10891
11530
|
"remediationStatus": {
|
|
10892
11531
|
"args": {},
|
|
@@ -11179,80 +11818,60 @@
|
|
|
11179
11818
|
},
|
|
11180
11819
|
"varName": "roles"
|
|
11181
11820
|
},
|
|
11182
|
-
"
|
|
11183
|
-
"args": {},
|
|
11184
|
-
"deprecationReason": null,
|
|
11185
|
-
"description": null,
|
|
11186
|
-
"id_str": "stories___items___incident___alerts___resources___tags",
|
|
11187
|
-
"isDeprecated": false,
|
|
11188
|
-
"name": "tags",
|
|
11189
|
-
"path": "stories.items.incident.alerts.resources.tags",
|
|
11190
|
-
"requestStr": "$tags:[String]! ",
|
|
11191
|
-
"required": true,
|
|
11192
|
-
"responseStr": "tags:$tags ",
|
|
11193
|
-
"type": {
|
|
11194
|
-
"kind": [
|
|
11195
|
-
"NON_NULL",
|
|
11196
|
-
"LIST",
|
|
11197
|
-
"NON_NULL",
|
|
11198
|
-
"SCALAR"
|
|
11199
|
-
],
|
|
11200
|
-
"name": "String",
|
|
11201
|
-
"non_null": false
|
|
11202
|
-
},
|
|
11203
|
-
"varName": "tags"
|
|
11204
|
-
},
|
|
11205
|
-
"value": {
|
|
11821
|
+
"sourcePort": {
|
|
11206
11822
|
"args": {},
|
|
11207
11823
|
"deprecationReason": null,
|
|
11208
11824
|
"description": null,
|
|
11209
|
-
"id_str": "
|
|
11825
|
+
"id_str": "stories___items___incident___alerts___resources___sourcePort",
|
|
11210
11826
|
"isDeprecated": false,
|
|
11211
|
-
"name": "
|
|
11212
|
-
"path": "stories.items.incident.alerts.resources.
|
|
11213
|
-
"requestStr": "$
|
|
11827
|
+
"name": "sourcePort",
|
|
11828
|
+
"path": "stories.items.incident.alerts.resources.sourcePort",
|
|
11829
|
+
"requestStr": "$sourcePort:Int ",
|
|
11214
11830
|
"required": false,
|
|
11215
|
-
"responseStr": "
|
|
11831
|
+
"responseStr": "sourcePort:$sourcePort ",
|
|
11216
11832
|
"type": {
|
|
11217
11833
|
"kind": [
|
|
11218
11834
|
"SCALAR"
|
|
11219
11835
|
],
|
|
11220
|
-
"name": "
|
|
11836
|
+
"name": "Int",
|
|
11221
11837
|
"non_null": false
|
|
11222
11838
|
},
|
|
11223
|
-
"varName": "
|
|
11839
|
+
"varName": "sourcePort"
|
|
11224
11840
|
},
|
|
11225
|
-
"
|
|
11841
|
+
"tags": {
|
|
11226
11842
|
"args": {},
|
|
11227
11843
|
"deprecationReason": null,
|
|
11228
11844
|
"description": null,
|
|
11229
|
-
"id_str": "
|
|
11845
|
+
"id_str": "stories___items___incident___alerts___resources___tags",
|
|
11230
11846
|
"isDeprecated": false,
|
|
11231
|
-
"name": "
|
|
11232
|
-
"path": "stories.items.incident.alerts.resources.
|
|
11233
|
-
"requestStr": "$
|
|
11234
|
-
"required":
|
|
11235
|
-
"responseStr": "
|
|
11847
|
+
"name": "tags",
|
|
11848
|
+
"path": "stories.items.incident.alerts.resources.tags",
|
|
11849
|
+
"requestStr": "$tags:[String]! ",
|
|
11850
|
+
"required": true,
|
|
11851
|
+
"responseStr": "tags:$tags ",
|
|
11236
11852
|
"type": {
|
|
11237
11853
|
"kind": [
|
|
11854
|
+
"NON_NULL",
|
|
11855
|
+
"LIST",
|
|
11856
|
+
"NON_NULL",
|
|
11238
11857
|
"SCALAR"
|
|
11239
11858
|
],
|
|
11240
11859
|
"name": "String",
|
|
11241
11860
|
"non_null": false
|
|
11242
11861
|
},
|
|
11243
|
-
"varName": "
|
|
11862
|
+
"varName": "tags"
|
|
11244
11863
|
},
|
|
11245
|
-
"
|
|
11864
|
+
"url": {
|
|
11246
11865
|
"args": {},
|
|
11247
11866
|
"deprecationReason": null,
|
|
11248
11867
|
"description": null,
|
|
11249
|
-
"id_str": "
|
|
11868
|
+
"id_str": "stories___items___incident___alerts___resources___url",
|
|
11250
11869
|
"isDeprecated": false,
|
|
11251
|
-
"name": "
|
|
11252
|
-
"path": "stories.items.incident.alerts.resources.
|
|
11253
|
-
"requestStr": "$
|
|
11870
|
+
"name": "url",
|
|
11871
|
+
"path": "stories.items.incident.alerts.resources.url",
|
|
11872
|
+
"requestStr": "$url:String ",
|
|
11254
11873
|
"required": false,
|
|
11255
|
-
"responseStr": "
|
|
11874
|
+
"responseStr": "url:$url ",
|
|
11256
11875
|
"type": {
|
|
11257
11876
|
"kind": [
|
|
11258
11877
|
"SCALAR"
|
|
@@ -11260,7 +11879,7 @@
|
|
|
11260
11879
|
"name": "String",
|
|
11261
11880
|
"non_null": false
|
|
11262
11881
|
},
|
|
11263
|
-
"varName": "
|
|
11882
|
+
"varName": "url"
|
|
11264
11883
|
},
|
|
11265
11884
|
"verdict": {
|
|
11266
11885
|
"args": {},
|
|
@@ -11323,12 +11942,12 @@
|
|
|
11323
11942
|
"interfaces": [
|
|
11324
11943
|
{
|
|
11325
11944
|
"kind": "INTERFACE",
|
|
11326
|
-
"name": "
|
|
11945
|
+
"name": "MicrosoftEndpointResource",
|
|
11327
11946
|
"ofType": null
|
|
11328
11947
|
},
|
|
11329
11948
|
{
|
|
11330
11949
|
"kind": "INTERFACE",
|
|
11331
|
-
"name": "
|
|
11950
|
+
"name": "NetworkResource",
|
|
11332
11951
|
"ofType": null
|
|
11333
11952
|
},
|
|
11334
11953
|
{
|
|
@@ -11338,7 +11957,7 @@
|
|
|
11338
11957
|
}
|
|
11339
11958
|
],
|
|
11340
11959
|
"kind": "OBJECT",
|
|
11341
|
-
"name": "
|
|
11960
|
+
"name": "MicrosoftNetworkResource",
|
|
11342
11961
|
"ofType": null,
|
|
11343
11962
|
"possibleTypes": null
|
|
11344
11963
|
}
|
|
@@ -29974,26 +30593,6 @@
|
|
|
29974
30593
|
"description": null,
|
|
29975
30594
|
"enumValues": null,
|
|
29976
30595
|
"fields": {
|
|
29977
|
-
"impact": {
|
|
29978
|
-
"args": {},
|
|
29979
|
-
"deprecationReason": null,
|
|
29980
|
-
"description": null,
|
|
29981
|
-
"id_str": "stories___items___incident___accountOperationIncident___impact",
|
|
29982
|
-
"isDeprecated": false,
|
|
29983
|
-
"name": "impact",
|
|
29984
|
-
"path": "stories.items.incident.accountOperationIncident.impact",
|
|
29985
|
-
"requestStr": "$impact:String ",
|
|
29986
|
-
"required": false,
|
|
29987
|
-
"responseStr": "impact:$impact ",
|
|
29988
|
-
"type": {
|
|
29989
|
-
"kind": [
|
|
29990
|
-
"SCALAR"
|
|
29991
|
-
],
|
|
29992
|
-
"name": "String",
|
|
29993
|
-
"non_null": false
|
|
29994
|
-
},
|
|
29995
|
-
"varName": "impact"
|
|
29996
|
-
},
|
|
29997
30596
|
"incidentTimeline": {
|
|
29998
30597
|
"args": {},
|
|
29999
30598
|
"deprecationReason": null,
|
|
@@ -30349,6 +30948,122 @@
|
|
|
30349
30948
|
"non_null": false
|
|
30350
30949
|
},
|
|
30351
30950
|
"varName": "accountOperationsTimelineBase"
|
|
30951
|
+
},
|
|
30952
|
+
"metadata": {
|
|
30953
|
+
"args": {},
|
|
30954
|
+
"deprecationReason": null,
|
|
30955
|
+
"description": null,
|
|
30956
|
+
"id_str": "stories___items___incident___accountOperationIncident___metadata",
|
|
30957
|
+
"isDeprecated": false,
|
|
30958
|
+
"name": "metadata",
|
|
30959
|
+
"path": "stories.items.incident.accountOperationIncident.metadata",
|
|
30960
|
+
"requestStr": "$accountOperationsMetadata:[AccountOperationsMetadata]! ",
|
|
30961
|
+
"required": true,
|
|
30962
|
+
"responseStr": "metadata:$accountOperationsMetadata ",
|
|
30963
|
+
"type": {
|
|
30964
|
+
"definition": {
|
|
30965
|
+
"description": null,
|
|
30966
|
+
"enumValues": null,
|
|
30967
|
+
"fields": {
|
|
30968
|
+
"key": {
|
|
30969
|
+
"args": {},
|
|
30970
|
+
"deprecationReason": null,
|
|
30971
|
+
"description": null,
|
|
30972
|
+
"id_str": "stories___items___incident___accountOperationIncident___metadata___key",
|
|
30973
|
+
"isDeprecated": false,
|
|
30974
|
+
"name": "key",
|
|
30975
|
+
"path": "stories.items.incident.accountOperationIncident.metadata.key",
|
|
30976
|
+
"requestStr": "$key:String! ",
|
|
30977
|
+
"required": true,
|
|
30978
|
+
"responseStr": "key:$key ",
|
|
30979
|
+
"type": {
|
|
30980
|
+
"kind": [
|
|
30981
|
+
"NON_NULL",
|
|
30982
|
+
"SCALAR"
|
|
30983
|
+
],
|
|
30984
|
+
"name": "String",
|
|
30985
|
+
"non_null": false
|
|
30986
|
+
},
|
|
30987
|
+
"varName": "key"
|
|
30988
|
+
},
|
|
30989
|
+
"type": {
|
|
30990
|
+
"args": {},
|
|
30991
|
+
"deprecationReason": null,
|
|
30992
|
+
"description": null,
|
|
30993
|
+
"id_str": "stories___items___incident___accountOperationIncident___metadata___type",
|
|
30994
|
+
"isDeprecated": false,
|
|
30995
|
+
"name": "type",
|
|
30996
|
+
"path": "stories.items.incident.accountOperationIncident.metadata.type",
|
|
30997
|
+
"requestStr": "$type:MetadataType! ",
|
|
30998
|
+
"required": true,
|
|
30999
|
+
"responseStr": "type:$type ",
|
|
31000
|
+
"type": {
|
|
31001
|
+
"definition": {
|
|
31002
|
+
"description": null,
|
|
31003
|
+
"enumValues": [
|
|
31004
|
+
{
|
|
31005
|
+
"deprecationReason": null,
|
|
31006
|
+
"description": null,
|
|
31007
|
+
"isDeprecated": false,
|
|
31008
|
+
"name": "TXT"
|
|
31009
|
+
}
|
|
31010
|
+
],
|
|
31011
|
+
"fields": null,
|
|
31012
|
+
"inputFields": null,
|
|
31013
|
+
"interfaces": null,
|
|
31014
|
+
"kind": "ENUM",
|
|
31015
|
+
"name": "MetadataType",
|
|
31016
|
+
"possibleTypes": null
|
|
31017
|
+
},
|
|
31018
|
+
"indexType": "enum",
|
|
31019
|
+
"kind": [
|
|
31020
|
+
"NON_NULL",
|
|
31021
|
+
"ENUM"
|
|
31022
|
+
],
|
|
31023
|
+
"name": "MetadataType",
|
|
31024
|
+
"non_null": false
|
|
31025
|
+
},
|
|
31026
|
+
"varName": "type"
|
|
31027
|
+
},
|
|
31028
|
+
"value": {
|
|
31029
|
+
"args": {},
|
|
31030
|
+
"deprecationReason": null,
|
|
31031
|
+
"description": null,
|
|
31032
|
+
"id_str": "stories___items___incident___accountOperationIncident___metadata___value",
|
|
31033
|
+
"isDeprecated": false,
|
|
31034
|
+
"name": "value",
|
|
31035
|
+
"path": "stories.items.incident.accountOperationIncident.metadata.value",
|
|
31036
|
+
"requestStr": "$value:String! ",
|
|
31037
|
+
"required": true,
|
|
31038
|
+
"responseStr": "value:$value ",
|
|
31039
|
+
"type": {
|
|
31040
|
+
"kind": [
|
|
31041
|
+
"NON_NULL",
|
|
31042
|
+
"SCALAR"
|
|
31043
|
+
],
|
|
31044
|
+
"name": "String",
|
|
31045
|
+
"non_null": false
|
|
31046
|
+
},
|
|
31047
|
+
"varName": "value"
|
|
31048
|
+
}
|
|
31049
|
+
},
|
|
31050
|
+
"inputFields": null,
|
|
31051
|
+
"interfaces": [],
|
|
31052
|
+
"kind": "OBJECT",
|
|
31053
|
+
"name": "AccountOperationsMetadata",
|
|
31054
|
+
"possibleTypes": null
|
|
31055
|
+
},
|
|
31056
|
+
"indexType": "object",
|
|
31057
|
+
"kind": [
|
|
31058
|
+
"NON_NULL",
|
|
31059
|
+
"LIST",
|
|
31060
|
+
"NON_NULL",
|
|
31061
|
+
"OBJECT"
|
|
31062
|
+
],
|
|
31063
|
+
"name": "AccountOperationsMetadata",
|
|
31064
|
+
"non_null": false
|
|
31065
|
+
},
|
|
31066
|
+
"varName": "accountOperationsMetadata"
|
|
30352
31067
|
}
|
|
30353
31068
|
},
|
|
30354
31069
|
"inputFields": null,
|
|
@@ -30935,6 +31650,26 @@
|
|
|
30935
31650
|
},
|
|
30936
31651
|
"varName": "lastSignal"
|
|
30937
31652
|
},
|
|
31653
|
+
"occurrences": {
|
|
31654
|
+
"args": {},
|
|
31655
|
+
"deprecationReason": null,
|
|
31656
|
+
"description": null,
|
|
31657
|
+
"id_str": "stories___items___incident___occurrences",
|
|
31658
|
+
"isDeprecated": false,
|
|
31659
|
+
"name": "occurrences",
|
|
31660
|
+
"path": "stories.items.incident.occurrences",
|
|
31661
|
+
"requestStr": "$occurrences:Int ",
|
|
31662
|
+
"required": false,
|
|
31663
|
+
"responseStr": "occurrences:$occurrences ",
|
|
31664
|
+
"type": {
|
|
31665
|
+
"kind": [
|
|
31666
|
+
"SCALAR"
|
|
31667
|
+
],
|
|
31668
|
+
"name": "Int",
|
|
31669
|
+
"non_null": false
|
|
31670
|
+
},
|
|
31671
|
+
"varName": "occurrences"
|
|
31672
|
+
},
|
|
30938
31673
|
"predictedThreatType": {
|
|
30939
31674
|
"args": {},
|
|
30940
31675
|
"deprecationReason": null,
|