mirror of https://github.com/MISP/MISP
chg: add openapi docs for [POST]/admin/logs
parent
b86c69ee32
commit
020f96b2e1
|
@ -104,6 +104,10 @@ tags:
|
|||
description: "Notice lists to inform MISP users of the legal, privacy, policy or even technical implications of using specific attributes, categories or objects."
|
||||
externalDocs:
|
||||
url: https://www.circl.lu/doc/misp/noticelists/
|
||||
- name: Logs
|
||||
description: "Users with audit permissions are able to browse or search logs that MISP automatically appends each time certain actions are taken (actions that modify data or if a user logs in and out)."
|
||||
externalDocs:
|
||||
url: https://www.circl.lu/doc/misp/administration/#using-misp-logs
|
||||
|
||||
paths:
|
||||
/attributes/restSearch:
|
||||
|
@ -945,6 +949,24 @@ paths:
|
|||
default:
|
||||
$ref: "#/components/responses/ApiErrorResponse"
|
||||
|
||||
/admin/logs:
|
||||
post:
|
||||
summary: "Get instance logs"
|
||||
operationId: getLogs
|
||||
tags:
|
||||
- Logs
|
||||
requestBody:
|
||||
$ref: "#/components/requestBodies/GetLogsRequest"
|
||||
responses:
|
||||
"200":
|
||||
$ref: "#/components/responses/GetLogsResponse"
|
||||
"403":
|
||||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||||
"404":
|
||||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||||
default:
|
||||
$ref: "#/components/responses/ApiErrorResponse"
|
||||
|
||||
/organisations:
|
||||
get:
|
||||
summary: "Get organisations"
|
||||
|
@ -4194,6 +4216,114 @@ components:
|
|||
deletable:
|
||||
type: boolean
|
||||
|
||||
# Logs
|
||||
LogActionType:
|
||||
type: string
|
||||
enum:
|
||||
- "accept"
|
||||
- "accept_delegation"
|
||||
- "acceptRegistrations"
|
||||
- "add"
|
||||
- "admin_email"
|
||||
- "attachTags"
|
||||
- "auth"
|
||||
- "auth_fail"
|
||||
- "blocklisted"
|
||||
- "captureRelations"
|
||||
- "change_pw"
|
||||
- "delete"
|
||||
- "disable"
|
||||
- "discard"
|
||||
- "discardRegistrations"
|
||||
- "edit"
|
||||
- "email"
|
||||
- "enable"
|
||||
- "enrichment"
|
||||
- "error"
|
||||
- "export"
|
||||
- "fetchEvent"
|
||||
- "file_upload"
|
||||
- "galaxy"
|
||||
- "include_formula"
|
||||
- "login"
|
||||
- "login_fail"
|
||||
- "logout"
|
||||
- "merge"
|
||||
- "pruneUpdateLogs"
|
||||
- "publish"
|
||||
- "publish_sightings"
|
||||
- "publish alert"
|
||||
- "pull"
|
||||
- "purge_events"
|
||||
- "push"
|
||||
- "registration"
|
||||
- "registration_error"
|
||||
- "remove_dead_workers"
|
||||
- "request"
|
||||
- "request_delegation"
|
||||
- "reset_auth_key"
|
||||
- "send_mail"
|
||||
- "security"
|
||||
- "serverSettingsEdit"
|
||||
- "tag"
|
||||
- "undelete"
|
||||
- "update"
|
||||
- "update_database"
|
||||
- "update_db_worker"
|
||||
- "upgrade_24"
|
||||
- "upload_sample"
|
||||
- "version_warning"
|
||||
- "warning"
|
||||
- "wipe_default"
|
||||
LogId:
|
||||
type: string
|
||||
pattern: '^\d+$'
|
||||
maxLength: 10
|
||||
example: "12345"
|
||||
|
||||
LogTitle:
|
||||
type: string
|
||||
example: "Attribute (448272) from Event (1): Other/text foo"
|
||||
|
||||
LogChange:
|
||||
type: string
|
||||
example: "name () => (ORGNAME)"
|
||||
|
||||
LogDescription:
|
||||
type: string
|
||||
example: 'Organisation "ORGNAME" (1) added by User "SYSTEM" (0).'
|
||||
|
||||
Log:
|
||||
type: object
|
||||
properties:
|
||||
id:
|
||||
$ref: "#/components/schemas/LogId"
|
||||
title:
|
||||
$ref: "#/components/schemas/LogTitle"
|
||||
created:
|
||||
type: string
|
||||
format: datetime
|
||||
model:
|
||||
$ref: "#/components/schemas/ModelName"
|
||||
model_id:
|
||||
$ref: "#/components/schemas/ModelId"
|
||||
action:
|
||||
$ref: "#/components/schemas/LogActionType"
|
||||
user_id:
|
||||
$ref: "#/components/schemas/UserId"
|
||||
change:
|
||||
$ref: "#/components/schemas/LogChange"
|
||||
email:
|
||||
type: string
|
||||
format: email
|
||||
org:
|
||||
$ref: "#/components/schemas/OrganisationName"
|
||||
description:
|
||||
$ref: "#/components/schemas/LogDescription"
|
||||
ip:
|
||||
type: string
|
||||
example: "10.0.0.10"
|
||||
|
||||
# General
|
||||
AuthKey:
|
||||
type: string
|
||||
|
@ -4352,6 +4482,14 @@ components:
|
|||
type: string
|
||||
nullable: true
|
||||
|
||||
DateIntervalRestSearchFilter:
|
||||
description: "Interval described by two dates"
|
||||
type: array
|
||||
minimum: 2
|
||||
maximum: 2
|
||||
items:
|
||||
$ref: "#/components/schemas/DateRestSearchFilter"
|
||||
|
||||
LastRestSearchFilter:
|
||||
description: "Published within the last x amount of time, where x can be defined in days, hours, minutes (for example 5d or 12h or 30m)"
|
||||
type: integer
|
||||
|
@ -4432,6 +4570,95 @@ components:
|
|||
ModelOverridesRestSearchFilter:
|
||||
$ref: "#/components/schemas/DecayingModelParameters"
|
||||
|
||||
ModelId:
|
||||
type: string
|
||||
pattern: '^\d+$'
|
||||
maxLength: 10
|
||||
example: "12345"
|
||||
|
||||
ModelName:
|
||||
type: string
|
||||
enum:
|
||||
- "AdminSetting"
|
||||
- "Allowedlist"
|
||||
- "AttachmentScan"
|
||||
- "Attribute"
|
||||
- "AttributeTag"
|
||||
- "AuditLog"
|
||||
- "AuthKey"
|
||||
- "Bruteforce"
|
||||
- "Cerebrate"
|
||||
- "Community"
|
||||
- "CorrelationExclusion"
|
||||
- "Correlation"
|
||||
- "Dashboard"
|
||||
- "DecayingModelMapping"
|
||||
- "DecayingModel"
|
||||
- "EventBlocklist"
|
||||
- "EventDelegation"
|
||||
- "EventGraph"
|
||||
- "EventLock"
|
||||
- "Event"
|
||||
- "EventReport"
|
||||
- "EventTag"
|
||||
- "FavouriteTag"
|
||||
- "Feed"
|
||||
- "FuzzyCorrelateSsdeep"
|
||||
- "GalaxyClusterBlocklist"
|
||||
- "GalaxyCluster"
|
||||
- "GalaxyClusterRelation"
|
||||
- "GalaxyClusterRelationTag"
|
||||
- "GalaxyElement"
|
||||
- "Galaxy"
|
||||
- "Inbox"
|
||||
- "Job"
|
||||
- "Log"
|
||||
- "MispObject"
|
||||
- "Module"
|
||||
- "News"
|
||||
- "NoticelistEntry"
|
||||
- "Noticelist"
|
||||
- "NotificationLog"
|
||||
- "ObjectReference"
|
||||
- "ObjectRelationship"
|
||||
- "ObjectTemplateElement"
|
||||
- "ObjectTemplate"
|
||||
- "Organisation"
|
||||
- "OrgBlocklist"
|
||||
- "Post"
|
||||
- "Regexp"
|
||||
- "RestClientHistory"
|
||||
- "Role"
|
||||
- "Server"
|
||||
- "ShadowAttribute"
|
||||
- "SharingGroupElement"
|
||||
- "SharingGroupOrg"
|
||||
- "SharingGroup"
|
||||
- "SharingGroupServer"
|
||||
- "SightingdbOrg"
|
||||
- "Sightingdb"
|
||||
- "Sighting"
|
||||
- "TagCollection"
|
||||
- "TagCollectionTag"
|
||||
- "Tag"
|
||||
- "Task"
|
||||
- "TaxonomyEntry"
|
||||
- "Taxonomy"
|
||||
- "TaxonomyPredicate"
|
||||
- "TemplateElementAttribute"
|
||||
- "TemplateElementFile"
|
||||
- "TemplateElement"
|
||||
- "TemplateElementText"
|
||||
- "Template"
|
||||
- "TemplateTag"
|
||||
- "Thread"
|
||||
- "ThreatLevel"
|
||||
- "User"
|
||||
- "UserSetting"
|
||||
- "WarninglistEntry"
|
||||
- "Warninglist"
|
||||
- "WarninglistType"
|
||||
|
||||
EventsRestSearchReturnFormat:
|
||||
description: "Format of the response payload"
|
||||
type: string
|
||||
|
@ -5542,6 +5769,51 @@ components:
|
|||
schema:
|
||||
$ref: "#/components/schemas/TagNoId"
|
||||
|
||||
GetLogsRequest:
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
type: object
|
||||
properties:
|
||||
page:
|
||||
$ref: "#/components/schemas/PageSearchFilter"
|
||||
limit:
|
||||
$ref: "#/components/schemas/LimitSearchFilter"
|
||||
id:
|
||||
$ref: "#/components/schemas/LogId"
|
||||
title:
|
||||
$ref: "#/components/schemas/LogTitle"
|
||||
created:
|
||||
oneOf:
|
||||
- $ref: "#/components/schemas/DateRestSearchFilter"
|
||||
- $ref: "#/components/schemas/DateIntervalRestSearchFilter"
|
||||
model:
|
||||
$ref: "#/components/schemas/ModelName"
|
||||
model_id:
|
||||
$ref: "#/components/schemas/ModelId"
|
||||
action:
|
||||
$ref: "#/components/schemas/LogActionType"
|
||||
user_id:
|
||||
$ref: "#/components/schemas/UserId"
|
||||
change:
|
||||
type: string
|
||||
description: "Text search for log change property"
|
||||
example: "%name () => (ORGNAME)%"
|
||||
email:
|
||||
type: string
|
||||
format: email
|
||||
org:
|
||||
type: string
|
||||
description: "Text search for log organisation name property"
|
||||
example: "ORG_%"
|
||||
description:
|
||||
type: string
|
||||
description: "Text search for log change property"
|
||||
example: "%updated by User%"
|
||||
ip:
|
||||
type: string
|
||||
description: "Text search for log ip property"
|
||||
|
||||
responses:
|
||||
AttributeResponse:
|
||||
description: "An attribute"
|
||||
|
@ -7299,6 +7571,18 @@ components:
|
|||
items:
|
||||
$ref: "#/components/schemas/ExtendedTag"
|
||||
|
||||
GetLogsResponse:
|
||||
description: "Get logs response"
|
||||
content:
|
||||
application/json:
|
||||
schema:
|
||||
type: array
|
||||
items:
|
||||
type: object
|
||||
properties:
|
||||
Log:
|
||||
$ref: "#/components/schemas/Log"
|
||||
|
||||
ApiErrorResponse:
|
||||
description: "Unexpected API error"
|
||||
content:
|
||||
|
|
Loading…
Reference in New Issue