mirror of https://github.com/MISP/MISP
8904 lines
258 KiB
YAML
8904 lines
258 KiB
YAML
openapi: 3.0.0
|
||
info:
|
||
version: 2.4.148
|
||
title: MISP Automation API
|
||
description: |
|
||
|
||
### Getting Started
|
||
Automation functionality is designed to automatically generate signatures for intrusion detection systems.
|
||
To enable signature generation for a given attribute, Signature field of this attribute must be set to Yes.
|
||
Note that not all attribute types are applicable for signature generation, currently we only support NIDS signature
|
||
generation for IP, domains, host names, user agents etc., and hash list generation for MD5/SHA1 values of file artefacts.
|
||
Support for more attribute types is planned. To make this functionality available for automated tools an authentication
|
||
key is used. This makes it easier for your tools to access the data without further form-based-authentication.
|
||
The [API](https://www.circl.lu/doc/misp/GLOSSARY.html#api) key can be found and managed under My Profile page (/users/view/me)
|
||
on a MISP instance.
|
||
|
||
#### Accept and Content-Type headers
|
||
When performing your request, depending on the type of request, you might need to explicitly specify in what content
|
||
type you want to get your results. This is done by setting one of the below `Accept` headers:
|
||
|
||
Accept: application/json
|
||
Accept: application/xml
|
||
|
||
When submitting data in a `POST`, `PUT` or `DELETE` operation you also need to specify in what content-type you encoded the payload.
|
||
This is done by setting one of the below `Content-Type` headers:
|
||
|
||
Content-Type: application/json
|
||
Content-Type: application/xml
|
||
|
||
Example:
|
||
```
|
||
curl --header "Authorization: YOUR_API_KEY" \
|
||
--header "Accept: application/json" \
|
||
--header "Content-Type: application/json" https://<misp url>/
|
||
```
|
||
|
||
> **NOTE**: By appending .json or .xml the content type can also be set without the need for a header.
|
||
|
||
#### Automation using PyMISP
|
||
|
||
[PyMISP](https://github.com/MISP/PyMISP) is a Python library to access MISP platforms via their REST [API](https://www.circl.lu/doc/misp/GLOSSARY.html#api).
|
||
It allows you to fetch events, add or update events/attributes, add or update samples or search for attributes.
|
||
|
||
### FAQ
|
||
* [Dev FAQ](https://www.circl.lu/doc/misp/dev-faq/)
|
||
* [GitHub project FAQ](https://github.com/MISP/MISP/wiki/Frequently-Asked-Questions)
|
||
|
||
servers:
|
||
- url: https://misp.local
|
||
tags:
|
||
- name: Attributes
|
||
description: "Attributes in MISP can be network indicators (e.g. IP address), system indicators (e.g. a string in memory) or even bank account details."
|
||
externalDocs:
|
||
url: https://www.circl.lu/doc/misp/GLOSSARY.html#misp-attribute
|
||
- name: Events
|
||
description: "MISP events are encapsulations for contextually related information represented as attributes and objects."
|
||
externalDocs:
|
||
url: https://www.circl.lu/doc/misp/GLOSSARY.html#misp-event
|
||
- name: Galaxies
|
||
description: "Galaxies in MISP are a method used to express a large object called cluster that can be attached to MISP events or attributes."
|
||
externalDocs:
|
||
url: https://www.circl.lu/doc/misp/galaxy/
|
||
- name: Galaxy Clusters
|
||
description: "A galaxy cluster that can be attached to MISP events or attributes."
|
||
externalDocs:
|
||
url: https://www.circl.lu/doc/misp/galaxy/
|
||
- name: Users
|
||
description: "As an admin (not to be confused with Org Admin), you can set up new accounts for users, edit user profiles, delete them, or just have a look at all the viewers' profiles."
|
||
externalDocs:
|
||
url: https://www.circl.lu/doc/misp/administration/#users
|
||
- name: Organisations
|
||
description: "Each users belongs to an organisation. As admin, you can manage these organisations."
|
||
externalDocs:
|
||
url: https://www.circl.lu/doc/misp/administration/#organisations
|
||
- name: Servers
|
||
description: "Servers represent MISP instances we are connected to and from which we can pull/push data from/to."
|
||
externalDocs:
|
||
url: https://www.circl.lu/doc/misp/sharing/
|
||
- name: Sharing Groups
|
||
description: "Sharing groups in MISP are a more granular way to create re-usable distribution lists for events/attributes that allow users to include organisations from their own instance (local organisations) as well as organisations from directly, or indirectly connected instances (external organisations)."
|
||
externalDocs:
|
||
url: https://www.circl.lu/doc/misp/sharing/#sharing-groups
|
||
- name: Feeds
|
||
description: "Feeds are remote or local resources containing indicators that can be automatically imported into MISP at regular intervals. Feeds can be structured in [MISP format](https://www.circl.lu/doc/misp/GLOSSARY.html#misp-format), CSV format or even free-text format."
|
||
externalDocs:
|
||
url: https://www.circl.lu/doc/misp/managing-feeds/#feeds
|
||
- name: Objects
|
||
description: "MISP objects are in addition to MISP attributes to allow advanced combinations and concatenation of attributes. The creation of these objects and their associated attributes are based on real cyber security use-cases and existing practices in information sharing."
|
||
externalDocs:
|
||
url: https://www.circl.lu/doc/misp/misp-objects/
|
||
- name: Tags
|
||
description: ""
|
||
externalDocs:
|
||
url: https://www.circl.lu/doc/misp/quick-start/#tags-and-taglist
|
||
- name: Sightings
|
||
description: "Sightings is a system allowing people to react on attributes on an event. It was originally designed to provide an easy method for user to tell when they see a given attribute, giving it more credibility."
|
||
externalDocs:
|
||
url: https://www.circl.lu/doc/misp/sightings/
|
||
- name: Warninglists
|
||
description: "MISP warninglists are lists of well-known indicators that can be associated to potential false positives, errors or mistakes."
|
||
externalDocs:
|
||
url: https://www.circl.lu/doc/misp/warninglists/
|
||
- name: Noticelists
|
||
description: "Notice lists to inform MISP users of the legal, privacy, policy or even technical implications of using specific attributes, categories or objects."
|
||
externalDocs:
|
||
url: https://www.circl.lu/doc/misp/noticelists/
|
||
- name: Logs
|
||
description: "Users with audit permissions are able to browse or search logs that MISP automatically appends each time certain actions are taken (actions that modify data or if a user logs in and out)."
|
||
externalDocs:
|
||
url: https://www.circl.lu/doc/misp/administration/#using-misp-logs
|
||
- name: AuthKeys
|
||
description: "AuthKeys are used to authenticate MISP API requests. AuthKeys can be set to read-only, a single user can have multiple auth keys."
|
||
externalDocs:
|
||
url: https://www.circl.lu/doc/misp/automation/#automation-key
|
||
- name: UserSettings
|
||
description: "User settings enables users to customize different MISP features, such as UI elements and default API behaviors."
|
||
- name: Taxonomies
|
||
description: "MISP Taxonomies is a set of common classification libraries to tag, classify and organise information. Taxonomy allows to express the same vocabulary among a distributed set of users and organisations."
|
||
externalDocs:
|
||
url: https://www.circl.lu/doc/misp/taxonomy/#taxonomies
|
||
|
||
paths:
|
||
/attributes/restSearch:
|
||
post:
|
||
summary: "[restSearch] Get a filtered and paginated list of attributes"
|
||
description: |
|
||
**This is the recommended endpoint for searching attributes.**
|
||
operationId: restSearchAttributes
|
||
tags:
|
||
- Attributes
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/RestSearchAttributesRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/AttributesRestSearchResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/attributes/add/{eventId}:
|
||
post:
|
||
summary: "Add an attribute"
|
||
operationId: addAttribute
|
||
tags:
|
||
- Attributes
|
||
parameters:
|
||
- $ref: "#/components/parameters/eventIdParameter"
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/AddAttributeRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/AttributeResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/attributes/edit/{attributeId}:
|
||
put:
|
||
summary: "Edit an attribute"
|
||
operationId: editAttribute
|
||
tags:
|
||
- Attributes
|
||
parameters:
|
||
- $ref: "#/components/parameters/attributeIdParameter"
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/EditAttributeRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/AttributeResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/attributes/delete/{attributeId}:
|
||
delete:
|
||
summary: "Delete an attribute"
|
||
operationId: deleteAttribute
|
||
tags:
|
||
- Attributes
|
||
parameters:
|
||
- $ref: "#/components/parameters/attributeIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/DeleteAttributeResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/attributes/restore/{attributeId}:
|
||
post:
|
||
summary: "Restore an attribute"
|
||
operationId: restoreAttribute
|
||
tags:
|
||
- Attributes
|
||
parameters:
|
||
- $ref: "#/components/parameters/attributeIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/AttributeResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/attributes/addTag/{attributeId}/{tagId}:
|
||
post:
|
||
summary: "Add a tag to an attribute"
|
||
operationId: tagAttribute
|
||
tags:
|
||
- Attributes
|
||
parameters:
|
||
- $ref: "#/components/parameters/attributeIdParameter"
|
||
- $ref: "#/components/parameters/tagIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/AddAttributeTagResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/attributes/removeTag/{attributeId}/{tagId}:
|
||
post:
|
||
summary: "Remove a tag from an attribute"
|
||
operationId: untagAttribute
|
||
tags:
|
||
- Attributes
|
||
parameters:
|
||
- $ref: "#/components/parameters/attributeIdParameter"
|
||
- $ref: "#/components/parameters/tagIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/RemoveAttributeTagResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/attributes:
|
||
get:
|
||
summary: "Get a list of attributes"
|
||
operationId: getAttributes
|
||
tags:
|
||
- Attributes
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/AttributeListResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/attributes/view/{attributeId}:
|
||
get:
|
||
summary: "Get an attribute by ID"
|
||
operationId: getAttributeById
|
||
tags:
|
||
- Attributes
|
||
parameters:
|
||
- $ref: "#/components/parameters/attributeIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/AttributeResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/attributes/attributeStatistics/{context}/{percentage}:
|
||
get:
|
||
summary: "Get the count of attributes per category"
|
||
operationId: getAttributeStatistics
|
||
tags:
|
||
- Attributes
|
||
parameters:
|
||
- $ref: "#/components/parameters/attributeStatisticsContextParameter"
|
||
- $ref: "#/components/parameters/attributeStatisticsPercentageParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/AttributeStatisticsResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/attributes/describeTypes:
|
||
get:
|
||
summary: "Get a list of the available attribute types"
|
||
operationId: describeAttributeTypes
|
||
tags:
|
||
- Attributes
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/DescribeAttributeTypesResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/events/restSearch:
|
||
post:
|
||
summary: "[restSearch] Get a filtered and paginated list of events"
|
||
operationId: restSearchEvents
|
||
description: |
|
||
**This is the recommended endpoint for searching events.**
|
||
tags:
|
||
- Events
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/RestSearchEventsRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/EventsRestSearchResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/events/add:
|
||
post:
|
||
summary: "Add event"
|
||
operationId: addEvent
|
||
tags:
|
||
- Events
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/AddEventRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/AddEventResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/events/edit/{eventId}:
|
||
put:
|
||
summary: "Edit event"
|
||
operationId: editEvent
|
||
tags:
|
||
- Events
|
||
parameters:
|
||
- $ref: "#/components/parameters/eventIdParameter"
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/EditEventRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/EditEventResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/events/delete/{eventId}:
|
||
delete:
|
||
summary: "Delete event"
|
||
operationId: deleteEvent
|
||
tags:
|
||
- Events
|
||
parameters:
|
||
- $ref: "#/components/parameters/eventIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/DeleteEventResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/events:
|
||
get:
|
||
summary: "Get a list of events"
|
||
operationId: getEvents
|
||
tags:
|
||
- Events
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/ExtendedEventListResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/events/index:
|
||
post:
|
||
summary: "Search events"
|
||
operationId: searchEvents
|
||
tags:
|
||
- Events
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/SearchEventRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/ExtendedEventListResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/events/view/{eventId}:
|
||
get:
|
||
summary: "Get event by ID"
|
||
operationId: getEventById
|
||
tags:
|
||
- Events
|
||
parameters:
|
||
- $ref: "#/components/parameters/eventIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/ExtendedEventResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/events/publish/{eventId}:
|
||
post:
|
||
summary: "Publish an event"
|
||
operationId: publishEvent
|
||
tags:
|
||
- Events
|
||
parameters:
|
||
- $ref: "#/components/parameters/eventIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/PublishEventResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/events/unpublish/{eventId}:
|
||
post:
|
||
summary: "Unpublish an event"
|
||
operationId: unpublishEvent
|
||
tags:
|
||
- Events
|
||
parameters:
|
||
- $ref: "#/components/parameters/eventIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/UnpublishEventResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/events/addTag/{eventId}/{tagId}:
|
||
post:
|
||
summary: "Add event tag"
|
||
operationId: tagEvent
|
||
tags:
|
||
- Events
|
||
parameters:
|
||
- $ref: "#/components/parameters/eventIdParameter"
|
||
- $ref: "#/components/parameters/tagIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/AddEventTagResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/events/removeTag/{eventId}/{tagId}:
|
||
post:
|
||
summary: "Remove event tag"
|
||
operationId: untagEvent
|
||
tags:
|
||
- Events
|
||
parameters:
|
||
- $ref: "#/components/parameters/eventIdParameter"
|
||
- $ref: "#/components/parameters/tagIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/RemoveEventTagResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/galaxies:
|
||
get:
|
||
summary: "Get galaxies"
|
||
operationId: getGalaxies
|
||
tags:
|
||
- Galaxies
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/GalaxyListResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
post:
|
||
summary: "Search galaxies"
|
||
operationId: searchGalaxies
|
||
tags:
|
||
- Galaxies
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/SearchGalaxyRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/GalaxyListResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/galaxies/view/{galaxyId}:
|
||
get:
|
||
summary: "Get galaxy by ID"
|
||
operationId: getGalaxyById
|
||
tags:
|
||
- Galaxies
|
||
parameters:
|
||
- $ref: "#/components/parameters/galaxyIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/ExtendedGalaxyResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/galaxies/update:
|
||
post:
|
||
summary: "Force update the galaxies with the galaxy json definitions"
|
||
operationId: updateGalaxies
|
||
tags:
|
||
- Galaxies
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/UpdateGalaxiesResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/galaxies/delete/{galaxyId}:
|
||
delete:
|
||
summary: "Delete a galaxy"
|
||
operationId: deleteGalaxy
|
||
tags:
|
||
- Galaxies
|
||
parameters:
|
||
- $ref: "#/components/parameters/galaxyIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/DeleteGalaxyResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/galaxies/import:
|
||
post:
|
||
summary: "Import a galaxy cluster"
|
||
operationId: importGalaxyCluster
|
||
tags:
|
||
- Galaxies
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/ImportGalaxyClusterRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/ImportGalaxyClusterResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/galaxies/export/{galaxyId}:
|
||
post:
|
||
summary: "Export galaxy clusters"
|
||
operationId: exportGalaxyClusters
|
||
tags:
|
||
- Galaxies
|
||
parameters:
|
||
- $ref: "#/components/parameters/galaxyIdParameter"
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/ExportGalaxyClusterRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/ExportGalaxyClustersResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/galaxies/attachCluster/{attachTargetId}/{attachTargetType}:
|
||
post:
|
||
summary: "Attach the galaxy cluster tag a given entity"
|
||
operationId: attachGalaxyCluster
|
||
tags:
|
||
- Galaxies
|
||
parameters:
|
||
- $ref: "#/components/parameters/attachTargetIdParameter"
|
||
- $ref: "#/components/parameters/attachTargetTypeParameter"
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/AttachGalaxyClusterRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/AttachGalaxyClusterResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/galaxy_clusters/add/{galaxyId}:
|
||
post:
|
||
summary: "Add galaxy cluster"
|
||
operationId: addGalaxyCluster
|
||
tags:
|
||
- Galaxy Clusters
|
||
parameters:
|
||
- $ref: "#/components/parameters/galaxyIdParameter"
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/AddGalaxyClusterRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/GalaxyClusterResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/galaxy_clusters/edit/{galaxyClusterId}:
|
||
put:
|
||
summary: "Edit galaxy cluster"
|
||
operationId: editGalaxyCluster
|
||
tags:
|
||
- Galaxy Clusters
|
||
parameters:
|
||
- $ref: "#/components/parameters/galaxyClusterIdParameter"
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/EditGalaxyClusterRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/GalaxyClusterResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/galaxy_clusters/index/{galaxyId}:
|
||
get:
|
||
summary: "Get galaxy clusters"
|
||
operationId: getGalaxyClusters
|
||
tags:
|
||
- Galaxy Clusters
|
||
parameters:
|
||
- $ref: "#/components/parameters/galaxyIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/GalaxyClusterListResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
post:
|
||
summary: "Search galaxy clusters"
|
||
operationId: searchGalaxyClusters
|
||
tags:
|
||
- Galaxy Clusters
|
||
parameters:
|
||
- $ref: "#/components/parameters/galaxyIdParameter"
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/SearchGalaxyClustersRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/GalaxyClusterListResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/galaxy_clusters/view/{galaxyClusterId}:
|
||
get:
|
||
summary: "Get galaxy cluster by ID"
|
||
operationId: getGalaxyClusterById
|
||
tags:
|
||
- Galaxy Clusters
|
||
parameters:
|
||
- $ref: "#/components/parameters/galaxyClusterIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/ExtendedGalaxyClusterResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/galaxy_clusters/publish/{galaxyClusterId}:
|
||
post:
|
||
summary: "Publish galaxy cluster"
|
||
operationId: publishGalaxyCluster
|
||
tags:
|
||
- Galaxy Clusters
|
||
parameters:
|
||
- $ref: "#/components/parameters/galaxyClusterIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/PublishGalaxyClusterResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/galaxy_clusters/unpublish/{galaxyClusterId}:
|
||
post:
|
||
summary: "Unpublish galaxy cluster"
|
||
operationId: unpublishGalaxyCluster
|
||
tags:
|
||
- Galaxy Clusters
|
||
parameters:
|
||
- $ref: "#/components/parameters/galaxyClusterIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/UnpublishGalaxyClusterResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/galaxy_clusters/delete/{galaxyClusterId}:
|
||
post:
|
||
summary: "Delete galaxy cluster"
|
||
operationId: deleteGalaxyCluster
|
||
tags:
|
||
- Galaxy Clusters
|
||
parameters:
|
||
- $ref: "#/components/parameters/galaxyClusterIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/DeleteGalaxyClusterResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/galaxy_clusters/restore/{galaxyClusterId}:
|
||
post:
|
||
summary: "Restore galaxy cluster"
|
||
operationId: restoreGalaxyCluster
|
||
tags:
|
||
- Galaxy Clusters
|
||
parameters:
|
||
- $ref: "#/components/parameters/galaxyClusterIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/RestoreGalaxyClusterResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/users/initiatePasswordReset/{userId}/{firstTimeReset}:
|
||
post:
|
||
summary: "Reset user password"
|
||
operationId: resetUserPassword
|
||
tags:
|
||
- Users
|
||
parameters:
|
||
- $ref: "#/components/parameters/userIdParameter"
|
||
- $ref: "#/components/parameters/firstTimeResetParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/ResetUserPasswordResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/admin/users/add:
|
||
post:
|
||
summary: "Add user"
|
||
operationId: addUser
|
||
tags:
|
||
- Users
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/AddUserRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/UserResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/admin/users/edit/{userId}:
|
||
put:
|
||
summary: "Edit user"
|
||
operationId: editUser
|
||
tags:
|
||
- Users
|
||
parameters:
|
||
- $ref: "#/components/parameters/userIdParameter"
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/EditUserRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/UserResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/admin/users/delete/{userId}:
|
||
delete:
|
||
summary: "Delete user"
|
||
operationId: deleteUser
|
||
tags:
|
||
- Users
|
||
parameters:
|
||
- $ref: "#/components/parameters/userIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/DeleteUserResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/admin/users:
|
||
get:
|
||
summary: "Get users"
|
||
operationId: getUsers
|
||
tags:
|
||
- Users
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/UserListResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/admin/users/view/{userId}:
|
||
get:
|
||
summary: "Get user by ID"
|
||
operationId: getUserById
|
||
tags:
|
||
- Users
|
||
parameters:
|
||
- $ref: "#/components/parameters/userIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/ExtendedUserResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/admin/organisations/add:
|
||
post:
|
||
summary: "Add organisation"
|
||
operationId: addOrganisation
|
||
tags:
|
||
- Organisations
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/AddOrganisationRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/OrganisationResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/admin/organisations/edit/{organisationId}:
|
||
put:
|
||
summary: "Edit organisation"
|
||
operationId: editOrganisation
|
||
tags:
|
||
- Organisations
|
||
parameters:
|
||
- $ref: "#/components/parameters/organisationIdParameter"
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/EditOrganisationRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/OrganisationResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/admin/organisations/delete/{organisationId}:
|
||
delete:
|
||
summary: "Delete organisation"
|
||
operationId: deleteOrganisation
|
||
tags:
|
||
- Organisations
|
||
parameters:
|
||
- $ref: "#/components/parameters/organisationIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/DeleteOrganisationResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/admin/logs:
|
||
post:
|
||
summary: "Get instance logs"
|
||
operationId: getLogs
|
||
tags:
|
||
- Logs
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/GetLogsRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/GetLogsResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/organisations:
|
||
get:
|
||
summary: "Get organisations"
|
||
operationId: getOrganisations
|
||
tags:
|
||
- Organisations
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/OrganisationListResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/organisations/view/{organisationId}:
|
||
get:
|
||
summary: "Get organisation by ID"
|
||
operationId: getOrganisationById
|
||
tags:
|
||
- Organisations
|
||
parameters:
|
||
- $ref: "#/components/parameters/organisationIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/OrganisationResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/servers/add:
|
||
post:
|
||
summary: "Add server"
|
||
operationId: addServer
|
||
tags:
|
||
- Servers
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/AddServerRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/ServerResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/servers/edit/{serverId}:
|
||
put:
|
||
summary: "Edit server"
|
||
operationId: editServer
|
||
tags:
|
||
- Servers
|
||
parameters:
|
||
- $ref: "#/components/parameters/serverIdParameter"
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/EditServerRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/ServerResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/servers/delete/{serverId}:
|
||
post:
|
||
summary: "Delete server"
|
||
operationId: deleteServer
|
||
tags:
|
||
- Servers
|
||
parameters:
|
||
- $ref: "#/components/parameters/serverIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/DeleteServerResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/servers:
|
||
get:
|
||
summary: "Get servers"
|
||
operationId: getServers
|
||
tags:
|
||
- Servers
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/ServerListResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/servers/pull/{serverId}/{pullTechnique}:
|
||
get:
|
||
summary: "Pull server"
|
||
operationId: pullServer
|
||
tags:
|
||
- Servers
|
||
parameters:
|
||
- $ref: "#/components/parameters/serverIdParameter"
|
||
- $ref: "#/components/parameters/pullTechniqueParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/PullServerResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/servers/push/{serverId}/{pushTechnique}:
|
||
get:
|
||
summary: "Push server"
|
||
operationId: pushServer
|
||
tags:
|
||
- Servers
|
||
parameters:
|
||
- $ref: "#/components/parameters/serverIdParameter"
|
||
- $ref: "#/components/parameters/pushTechniqueParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/PushServerResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/servers/getVersion:
|
||
get:
|
||
summary: "Get current instance version"
|
||
operationId: getServerVersion
|
||
tags:
|
||
- Servers
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/ServerVersionResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/servers/getPyMISPVersion:
|
||
get:
|
||
summary: "Get current instance PyMISP version"
|
||
operationId: getPyMISPVersion
|
||
tags:
|
||
- Servers
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/ServerPyMISPVersionResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/servers/serverSettings:
|
||
get:
|
||
summary: "Get current instance settings and diagnostics"
|
||
operationId: getServerSettings
|
||
tags:
|
||
- Servers
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/ServerSettingsResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/servers/getWorkers:
|
||
get:
|
||
summary: "Get workers"
|
||
operationId: getWorkers
|
||
tags:
|
||
- Servers
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/GetWorkersResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/servers/startWorker/{workerType}:
|
||
post:
|
||
summary: "Start worker"
|
||
operationId: startWorker
|
||
tags:
|
||
- Servers
|
||
parameters:
|
||
- $ref: "#/components/parameters/workerTypeParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/StartWorkerResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/servers/stopWorker/{workerPid}:
|
||
post:
|
||
summary: "Stop worker"
|
||
operationId: stopWorker
|
||
tags:
|
||
- Servers
|
||
parameters:
|
||
- $ref: "#/components/parameters/workerPidParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/StopWorkerResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/servers/killAllWorkers:
|
||
post:
|
||
summary: "Kill all workers"
|
||
operationId: killAllWorkers
|
||
tags:
|
||
- Servers
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/KillAllWorkersResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/servers/restartWorkers:
|
||
post:
|
||
summary: "Restart workers"
|
||
operationId: restartWorkers
|
||
tags:
|
||
- Servers
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/RestartWorkersResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/servers/restartDeadWorkers:
|
||
post:
|
||
summary: "Restart dead workers"
|
||
operationId: restartDeadWorkers
|
||
tags:
|
||
- Servers
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/RestartDeadWorkersResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/servers/update:
|
||
post:
|
||
summary: "Update server"
|
||
operationId: updateServer
|
||
tags:
|
||
- Servers
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/UpdateServerResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/servers/cache:
|
||
post:
|
||
summary: "Cache server"
|
||
operationId: cacheServer
|
||
tags:
|
||
- Servers
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/CacheServerResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/servers/createSync:
|
||
post:
|
||
summary: "Create sync"
|
||
operationId: createSync
|
||
tags:
|
||
- Servers
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/CreateSyncResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/servers/getInstanceUUID:
|
||
get:
|
||
summary: "Get instance UUID"
|
||
operationId: getServerUuid
|
||
tags:
|
||
- Servers
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/GetInstanceUUIDResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/servers/getSetting/{settingName}:
|
||
get:
|
||
summary: "Get server setting by name"
|
||
operationId: getServerSetting
|
||
tags:
|
||
- Servers
|
||
parameters:
|
||
- $ref: "#/components/parameters/settingNameParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/GetServerSettingResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/servers/serverSettingsEdit/{settingName}:
|
||
post:
|
||
summary: "Edit server setting"
|
||
operationId: editServerSetting
|
||
tags:
|
||
- Servers
|
||
parameters:
|
||
- $ref: "#/components/parameters/settingNameParameter"
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/EditServerSettingRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/EditServerSettingResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/servers/import:
|
||
post:
|
||
summary: "Import server"
|
||
operationId: importServer
|
||
tags:
|
||
- Servers
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/ImportServerRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/ServerResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/sharing_groups/add:
|
||
post:
|
||
summary: "Add a sharing group"
|
||
operationId: addSharingGroup
|
||
tags:
|
||
- Sharing Groups
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/AddSharingGroupRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/SharingGroupResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/sharing_groups/edit/{sharingGroupId}:
|
||
post:
|
||
summary: "Edit a sharing group"
|
||
operationId: editSharingGroup
|
||
tags:
|
||
- Sharing Groups
|
||
parameters:
|
||
- $ref: "#/components/parameters/sharingGroupIdParameter"
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/EditSharingGroupRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/SharingGroupResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/sharing_groups/delete/{sharingGroupId}:
|
||
delete:
|
||
summary: "Delete a sharing group"
|
||
operationId: deleteSharingGroup
|
||
tags:
|
||
- Sharing Groups
|
||
parameters:
|
||
- $ref: "#/components/parameters/sharingGroupIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/DeleteSharingGroupResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/sharing_groups:
|
||
get:
|
||
summary: "Get a list of sharing groups"
|
||
operationId: getSharingGroup
|
||
tags:
|
||
- Sharing Groups
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/SharingGroupListResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/sharing_groups/view/{sharingGroupId}:
|
||
get:
|
||
summary: "Get a sharing group by ID"
|
||
operationId: getSharingGroupById
|
||
tags:
|
||
- Sharing Groups
|
||
parameters:
|
||
- $ref: "#/components/parameters/sharingGroupIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/SharingGroupResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/sharing_groups/addOrg/{sharingGroupId}/{organisationId}:
|
||
post:
|
||
summary: "Add an organisation to a sharing group"
|
||
operationId: addOrganisationToSharingGroup
|
||
tags:
|
||
- Sharing Groups
|
||
parameters:
|
||
- $ref: "#/components/parameters/sharingGroupIdParameter"
|
||
- $ref: "#/components/parameters/organisationIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/AddOrganisationToSharingGroupResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/sharing_groups/removeOrg/{sharingGroupId}/{organisationId}:
|
||
post:
|
||
summary: "Remove an organisation from a sharing group"
|
||
operationId: removeOrganisationFromSharingGroup
|
||
tags:
|
||
- Sharing Groups
|
||
parameters:
|
||
- $ref: "#/components/parameters/sharingGroupIdParameter"
|
||
- $ref: "#/components/parameters/organisationIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/RemoveOrganisationFromSharingGroupResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/sharing_groups/addServer/{sharingGroupId}/{serverId}:
|
||
post:
|
||
summary: "Add a server to a sharing group"
|
||
operationId: addServerToSharingGroup
|
||
tags:
|
||
- Sharing Groups
|
||
parameters:
|
||
- $ref: "#/components/parameters/sharingGroupIdParameter"
|
||
- $ref: "#/components/parameters/serverIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/AddServerToSharingGroupResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/sharing_groups/removeServer/{sharingGroupServerId}/{serverId}:
|
||
post:
|
||
summary: "Remove a server from a sharing group"
|
||
operationId: removeServerFromSharingGroup
|
||
tags:
|
||
- Sharing Groups
|
||
parameters:
|
||
- $ref: "#/components/parameters/sharingGroupServerIdParameter"
|
||
- $ref: "#/components/parameters/serverIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/RemoveServerFromSharingGroupResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/feeds:
|
||
get:
|
||
summary: "Get a list of feeds"
|
||
operationId: getFeeds
|
||
tags:
|
||
- Feeds
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/FeedListResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/feeds/view/{feedId}:
|
||
get:
|
||
summary: "Get a feed by ID"
|
||
operationId: getFeedById
|
||
tags:
|
||
- Feeds
|
||
parameters:
|
||
- $ref: "#/components/parameters/feedIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/FeedResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/feeds/add:
|
||
post:
|
||
summary: "Add a feed"
|
||
operationId: addFeed
|
||
tags:
|
||
- Feeds
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/AddFeedRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/FeedResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/feeds/edit/{feedId}:
|
||
put:
|
||
summary: "Edit a feed"
|
||
operationId: editFeed
|
||
tags:
|
||
- Feeds
|
||
parameters:
|
||
- $ref: "#/components/parameters/feedIdParameter"
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/EditFeedRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/FeedResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/feeds/enable/{feedId}:
|
||
post:
|
||
summary: "Enable feed"
|
||
operationId: enableFeed
|
||
tags:
|
||
- Feeds
|
||
parameters:
|
||
- $ref: "#/components/parameters/feedIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/EnableFeedResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/feeds/disable/{feedId}:
|
||
post:
|
||
summary: "Disable feed"
|
||
operationId: disableFeed
|
||
tags:
|
||
- Feeds
|
||
parameters:
|
||
- $ref: "#/components/parameters/feedIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/DisableFeedResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/feeds/cacheFeeds/{cacheFeedsScope}:
|
||
post:
|
||
summary: "Cache feeds"
|
||
operationId: cacheFeeds
|
||
tags:
|
||
- Feeds
|
||
parameters:
|
||
- $ref: "#/components/parameters/cacheFeedsScopeParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/CacheFeedsResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/feeds/fetchFromFeed/{feedId}:
|
||
post:
|
||
summary: "Fetch from feed by ID"
|
||
operationId: fetchFromFeed
|
||
tags:
|
||
- Feeds
|
||
parameters:
|
||
- $ref: "#/components/parameters/feedIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/FetchFromFeedResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/feeds/fetchFromAllFeeds:
|
||
post:
|
||
summary: "Fetch from all feeds"
|
||
operationId: fetchFromAllFeeds
|
||
tags:
|
||
- Feeds
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/FetchFromAllFeedsResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/warninglists:
|
||
get:
|
||
summary: "Get a list of warninglists"
|
||
operationId: getWarninglists
|
||
tags:
|
||
- Warninglists
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/WarninglistListResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
post:
|
||
summary: "Search warninglists"
|
||
operationId: searchWarninglists
|
||
tags:
|
||
- Warninglists
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/WarninglistsSearchRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/WarninglistListResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/warninglists/toggleEnable:
|
||
post:
|
||
summary: "Enable/disable warninglists"
|
||
operationId: toggleEnableWarninglist
|
||
tags:
|
||
- Warninglists
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/WarninglistsToggleEnableRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/WarninglistToggleEnabledResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/warninglists/view/{warninglistId}:
|
||
get:
|
||
summary: "Get warninglist by ID"
|
||
operationId: getWarninglistById
|
||
tags:
|
||
- Warninglists
|
||
parameters:
|
||
- $ref: "#/components/parameters/warninglistIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/WarninglistResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/warninglists/checkValue:
|
||
post:
|
||
summary: "Check if a list of values matches any warninglists"
|
||
operationId: checkValueWarninglistsMatches
|
||
tags:
|
||
- Warninglists
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/WarninglistCheckValuesRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/WarninglistMatchListResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/warninglists/update:
|
||
post:
|
||
summary: "Update warninglists"
|
||
operationId: updateWarninglists
|
||
tags:
|
||
- Warninglists
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/UpdateWarninglistsResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/noticelists:
|
||
get:
|
||
summary: "Get a list of noticelists"
|
||
operationId: getNoticelists
|
||
tags:
|
||
- Noticelists
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/NoticelistListResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/noticelists/view/{noticelistId}:
|
||
get:
|
||
summary: "Get a noticelist by ID"
|
||
operationId: getNoticelistById
|
||
tags:
|
||
- Noticelists
|
||
parameters:
|
||
- $ref: "#/components/parameters/noticelistIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/NoticelistResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/noticelists/toggleEnable/{noticelistId}:
|
||
post:
|
||
summary: "Enable/disable noticelist"
|
||
operationId: toggleEnableNoticelist
|
||
tags:
|
||
- Noticelists
|
||
parameters:
|
||
- $ref: "#/components/parameters/noticelistIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/NoticelistToggleEnableResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/noticelists/update:
|
||
post:
|
||
summary: "Update noticelists"
|
||
operationId: updateNoticelists
|
||
tags:
|
||
- Noticelists
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/UpdateNoticelistsResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/objects/add/{eventId}/{objectTemplateId}:
|
||
post:
|
||
summary: "Add an object to an event"
|
||
operationId: addObject
|
||
tags:
|
||
- Objects
|
||
parameters:
|
||
- $ref: "#/components/parameters/eventIdParameter"
|
||
- $ref: "#/components/parameters/objectTemplateIdParameter"
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/AddObjectRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/ObjectResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/objects/view/{objectId}:
|
||
get:
|
||
summary: "Get object by ID"
|
||
operationId: getObjectById
|
||
tags:
|
||
- Objects
|
||
parameters:
|
||
- $ref: "#/components/parameters/objectIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/ExtendedObjectResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/objects/delete/{objectId}/{hardDelete}:
|
||
delete:
|
||
summary: "Delete object"
|
||
operationId: deleteObject
|
||
tags:
|
||
- Objects
|
||
parameters:
|
||
- $ref: "#/components/parameters/objectIdParameter"
|
||
- $ref: "#/components/parameters/hardDeleteParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/DeleteObjectResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/sightings/index/{eventId}:
|
||
get:
|
||
summary: "Get sightings by event ID"
|
||
operationId: getSightingsByEventId
|
||
tags:
|
||
- Sightings
|
||
parameters:
|
||
- $ref: "#/components/parameters/eventIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/SightingListResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/sightings/add:
|
||
post:
|
||
summary: "Add sightings of a list of values"
|
||
operationId: addSightingByValue
|
||
tags:
|
||
- Sightings
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/AddSightingsRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/SightingResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/sightings/add/{attributeId}:
|
||
post:
|
||
summary: "Add sighting of an attribute"
|
||
operationId: addSighting
|
||
tags:
|
||
- Sightings
|
||
parameters:
|
||
- $ref: "#/components/parameters/attributeIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/SightingResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/sightings/delete/{sightingId}:
|
||
post:
|
||
summary: "Delete sighting"
|
||
operationId: deleteSighting
|
||
tags:
|
||
- Sightings
|
||
parameters:
|
||
- $ref: "#/components/parameters/sightingIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/DeleteSightingResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/tags:
|
||
get:
|
||
summary: "Get tags"
|
||
operationId: getTags
|
||
tags:
|
||
- Tags
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/TagListResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/tags/view/{tagId}:
|
||
get:
|
||
summary: "Get tag by ID"
|
||
operationId: getTagById
|
||
tags:
|
||
- Tags
|
||
parameters:
|
||
- $ref: "#/components/parameters/tagIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/TagResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/tags/add:
|
||
post:
|
||
summary: "Add tag"
|
||
operationId: addTag
|
||
tags:
|
||
- Tags
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/AddTagRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/TagResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/tags/delete/{tagId}:
|
||
post:
|
||
summary: "Delete tag"
|
||
operationId: deleteTag
|
||
tags:
|
||
- Tags
|
||
parameters:
|
||
- $ref: "#/components/parameters/tagIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/DeleteTagResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/tags/edit/{tagId}:
|
||
post:
|
||
summary: "Edit tag"
|
||
operationId: editTag
|
||
tags:
|
||
- Tags
|
||
parameters:
|
||
- $ref: "#/components/parameters/tagIdParameter"
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/EditTagRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/EditTagResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/tags/search/{tagSearchTerm}:
|
||
get:
|
||
summary: "Search tag"
|
||
operationId: searchTag
|
||
tags:
|
||
- Tags
|
||
parameters:
|
||
- $ref: "#/components/parameters/tagSearchTermParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/SearchTagResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/auth_keys:
|
||
get:
|
||
summary: "Get auth keys"
|
||
operationId: getAuthKeys
|
||
tags:
|
||
- AuthKeys
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/GetAuthKeysResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
post:
|
||
summary: "Search auth keys"
|
||
operationId: searchAuthKeys
|
||
tags:
|
||
- AuthKeys
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/GetAuthKeyRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/GetAuthKeysResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/auth_keys/add/{userId}:
|
||
post:
|
||
summary: "Add auth keys"
|
||
operationId: addAuthKey
|
||
tags:
|
||
- AuthKeys
|
||
parameters:
|
||
- $ref: "#/components/parameters/userIdParameter"
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/AddAuthKeyRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/AddAuthKeyResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/auth_keys/view/{authKeyId}:
|
||
get:
|
||
summary: "View auth key"
|
||
operationId: getAuthKeyById
|
||
tags:
|
||
- AuthKeys
|
||
parameters:
|
||
- $ref: "#/components/parameters/authKeyIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/AuthKeyResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/auth_keys/edit/{authKeyId}:
|
||
post:
|
||
summary: "Edit auth key"
|
||
operationId: editAuthKey
|
||
tags:
|
||
- AuthKeys
|
||
parameters:
|
||
- $ref: "#/components/parameters/authKeyIdParameter"
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/EditAuthKeyRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/AuthKeyResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/auth_keys/delete/{authKeyId}:
|
||
delete:
|
||
summary: "Delete auth key"
|
||
operationId: deleteAuthKey
|
||
tags:
|
||
- AuthKeys
|
||
parameters:
|
||
- $ref: "#/components/parameters/authKeyIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/DeleteAuthKeyResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/user_settings:
|
||
get:
|
||
summary: "Get user settings"
|
||
operationId: getUserSettings
|
||
tags:
|
||
- UserSettings
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/GetUserSettingsResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
post:
|
||
summary: "Search user settings"
|
||
operationId: searchUserSettings
|
||
tags:
|
||
- UserSettings
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/GetUserSettingRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/GetUserSettingsResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/user_settings/view/{userSettingId}:
|
||
get:
|
||
summary: "Get user setting by id"
|
||
operationId: getUserSettingById
|
||
tags:
|
||
- UserSettings
|
||
parameters:
|
||
- $ref: "#/components/parameters/userSettingIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/UserSettingResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/user_settings/setSetting/{userId}/{userSettingName}:
|
||
post:
|
||
summary: "Set user setting"
|
||
operationId: setUserSetting
|
||
tags:
|
||
- UserSettings
|
||
parameters:
|
||
- $ref: "#/components/parameters/userIdParameter"
|
||
- $ref: "#/components/parameters/userSettingNameParameter"
|
||
requestBody:
|
||
$ref: "#/components/requestBodies/SetUserSettingRequest"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/UserSettingResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/user_settings/getSetting/{userId}/{userSettingName}:
|
||
get:
|
||
summary: "Get user setting by id"
|
||
operationId: getUserSettingByName
|
||
tags:
|
||
- UserSettings
|
||
parameters:
|
||
- $ref: "#/components/parameters/userIdParameter"
|
||
- $ref: "#/components/parameters/userSettingNameParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/UserSettingResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/user_settings/delete/{userSettingId}:
|
||
delete:
|
||
summary: "Delete user setting by id"
|
||
operationId: deleteUserSettingById
|
||
tags:
|
||
- UserSettings
|
||
parameters:
|
||
- $ref: "#/components/parameters/userSettingIdParameter"
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/DeleteUserSettingResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/taxonomies:
|
||
get:
|
||
summary: "Get taxonomies"
|
||
operationId: getTaxonomies
|
||
tags:
|
||
- Taxonomies
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/GetTaxonomiesResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/taxonomies/view/{taxonomyIdParameter}:
|
||
get:
|
||
summary: "Get a taxonomy by ID"
|
||
operationId: getTaxonomyById
|
||
tags:
|
||
- Taxonomies
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/TaxonomiesResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/taxonomies/enable/{taxonomyIdParameter}:
|
||
post:
|
||
summary: "Enable taxonomy"
|
||
operationId: enableTaxonomy
|
||
tags:
|
||
- Taxonomies
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/EnableTaxonomyResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/taxonomies/disable/{taxonomyIdParameter}:
|
||
post:
|
||
summary: "Disable taxonomy"
|
||
operationId: disableTaxonomy
|
||
tags:
|
||
- Taxonomies
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/DisableTaxonomyResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/taxonomies/update:
|
||
post:
|
||
summary: "Update taxonomies"
|
||
operationId: updateTaxonomies
|
||
tags:
|
||
- Taxonomies
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/UpdateTaxonomiesResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/taxonomies/taxonomy_tags/{taxonomyIdParameter}:
|
||
get:
|
||
summary: "Get a taxonomy extended with tags used in events and attributes."
|
||
operationId: getTaxonomyTags
|
||
tags:
|
||
- Taxonomies
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/GetTaxonomyTagsResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
/taxonomies/export/{taxonomyIdParameter}:
|
||
get:
|
||
summary: "Export taxonomy."
|
||
operationId: exportTaxonomy
|
||
tags:
|
||
- Taxonomies
|
||
responses:
|
||
"200":
|
||
$ref: "#/components/responses/ExportTaxonomyTagsResponse"
|
||
"403":
|
||
$ref: "#/components/responses/UnauthorizedApiErrorResponse"
|
||
"404":
|
||
$ref: "#/components/responses/NotFoundApiErrorResponse"
|
||
default:
|
||
$ref: "#/components/responses/ApiErrorResponse"
|
||
|
||
components:
|
||
schemas:
|
||
# Attributes
|
||
AttributeId:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
maxLength: 10
|
||
example: "12345"
|
||
|
||
AttributeType:
|
||
type: string
|
||
maxLength: 100
|
||
enum:
|
||
- "md5"
|
||
- "sha1"
|
||
- "sha256"
|
||
- "filename"
|
||
- "pdb"
|
||
- "filename|md5"
|
||
- "filename|sha1"
|
||
- "filename|sha256"
|
||
- "ip-src"
|
||
- "ip-dst"
|
||
- "hostname"
|
||
- "domain"
|
||
- "domain|ip"
|
||
- "email"
|
||
- "email-src"
|
||
- "eppn"
|
||
- "email-dst"
|
||
- "email-subject"
|
||
- "email-attachment"
|
||
- "email-body"
|
||
- "float"
|
||
- "git-commit-id"
|
||
- "url"
|
||
- "http-method"
|
||
- "user-agent"
|
||
- "ja3-fingerprint-md5"
|
||
- "jarm-fingerprint"
|
||
- "favicon-mmh3"
|
||
- "hassh-md5"
|
||
- "hasshserver-md5"
|
||
- "regkey"
|
||
- "regkey|value"
|
||
- "AS"
|
||
- "snort"
|
||
- "bro"
|
||
- "zeek"
|
||
- "community-id"
|
||
- "pattern-in-file"
|
||
- "pattern-in-traffic"
|
||
- "pattern-in-memory"
|
||
- "pattern-filename"
|
||
- "pgp-public-key"
|
||
- "pgp-private-key"
|
||
- "yara"
|
||
- "stix2-pattern"
|
||
- "sigma"
|
||
- "gene"
|
||
- "kusto-query"
|
||
- "mime-type"
|
||
- "identity-card-number"
|
||
- "cookie"
|
||
- "vulnerability"
|
||
- "cpe"
|
||
- "weakness"
|
||
- "attachment"
|
||
- "malware-sample"
|
||
- "link"
|
||
- "comment"
|
||
- "text"
|
||
- "hex"
|
||
- "other"
|
||
- "named pipe"
|
||
- "mutex"
|
||
- "process-state"
|
||
- "target-user"
|
||
- "target-email"
|
||
- "target-machine"
|
||
- "target-org"
|
||
- "target-location"
|
||
- "target-external"
|
||
- "btc"
|
||
- "dash"
|
||
- "xmr"
|
||
- "iban"
|
||
- "bic"
|
||
- "bank-account-nr"
|
||
- "aba-rtn"
|
||
- "bin"
|
||
- "cc-number"
|
||
- "prtn"
|
||
- "phone-number"
|
||
- "threat-actor"
|
||
- "campaign-name"
|
||
- "campaign-id"
|
||
- "malware-type"
|
||
- "uri"
|
||
- "authentihash"
|
||
- "vhash"
|
||
- "ssdeep"
|
||
- "imphash"
|
||
- "telfhash"
|
||
- "pehash"
|
||
- "impfuzzy"
|
||
- "sha224"
|
||
- "sha384"
|
||
- "sha512"
|
||
- "sha512/224"
|
||
- "sha512/256"
|
||
- "sha3-224"
|
||
- "sha3-256"
|
||
- "sha3-384"
|
||
- "sha3-512"
|
||
- "tlsh"
|
||
- "cdhash"
|
||
- "filename|authentihash"
|
||
- "filename|vhash"
|
||
- "filename|ssdeep"
|
||
- "filename|imphash"
|
||
- "filename|impfuzzy"
|
||
- "filename|pehash"
|
||
- "filename|sha224"
|
||
- "filename|sha384"
|
||
- "filename|sha512"
|
||
- "filename|sha512/224"
|
||
- "filename|sha512/256"
|
||
- "filename|sha3-224"
|
||
- "filename|sha3-256"
|
||
- "filename|sha3-384"
|
||
- "filename|sha3-512"
|
||
- "filename|tlsh"
|
||
- "windows-scheduled-task"
|
||
- "windows-service-name"
|
||
- "windows-service-displayname"
|
||
- "whois-registrant-email"
|
||
- "whois-registrant-phone"
|
||
- "whois-registrant-name"
|
||
- "whois-registrant-org"
|
||
- "whois-registrar"
|
||
- "whois-creation-date"
|
||
- "x509-fingerprint-sha1"
|
||
- "x509-fingerprint-md5"
|
||
- "x509-fingerprint-sha256"
|
||
- "dns-soa-email"
|
||
- "size-in-bytes"
|
||
- "counter"
|
||
- "datetime"
|
||
- "port"
|
||
- "ip-dst|port"
|
||
- "ip-src|port"
|
||
- "hostname|port"
|
||
- "mac-address"
|
||
- "mac-eui-64"
|
||
- "email-dst-display-name"
|
||
- "email-src-display-name"
|
||
- "email-header"
|
||
- "email-reply-to"
|
||
- "email-x-mailer"
|
||
- "email-mime-boundary"
|
||
- "email-thread-index"
|
||
- "email-message-id"
|
||
- "github-username"
|
||
- "github-repository"
|
||
- "github-organisation"
|
||
- "jabber-id"
|
||
- "twitter-id"
|
||
- "dkim"
|
||
- "dkim-signature"
|
||
- "first-name"
|
||
- "middle-name"
|
||
- "last-name"
|
||
- "full-name"
|
||
- "date-of-birth"
|
||
- "place-of-birth"
|
||
- "gender"
|
||
- "passport-number"
|
||
- "passport-country"
|
||
- "passport-expiration"
|
||
- "redress-number"
|
||
- "nationality"
|
||
- "visa-number"
|
||
- "issue-date-of-the-visa"
|
||
- "primary-residence"
|
||
- "country-of-residence"
|
||
- "special-service-request"
|
||
- "frequent-flyer-number"
|
||
- "travel-details"
|
||
- "payment-details"
|
||
- "place-port-of-original-embarkation"
|
||
- "place-port-of-clearance"
|
||
- "place-port-of-onward-foreign-destination"
|
||
- "passenger-name-record-locator-number"
|
||
- "mobile-application-id"
|
||
- "chrome-extension-id"
|
||
- "cortex"
|
||
- "boolean"
|
||
- "anonymised"
|
||
|
||
AttributeValue:
|
||
type: string
|
||
maxLength: 131071
|
||
example: "127.0.0.1"
|
||
|
||
AttributeCategory:
|
||
type: string
|
||
maxLength: 255
|
||
enum:
|
||
- "Internal reference"
|
||
- "Targeting data"
|
||
- "Antivirus detection"
|
||
- "Payload delivery"
|
||
- "Artifacts dropped"
|
||
- "Payload installation"
|
||
- "Persistence mechanism"
|
||
- "Network activity"
|
||
- "Payload type"
|
||
- "Attribution"
|
||
- "External analysis"
|
||
- "Financial fraud"
|
||
- "Support Tool"
|
||
- "Social network"
|
||
- "Person"
|
||
- "Other"
|
||
|
||
AttributeComment:
|
||
type: string
|
||
maxLength: 65535
|
||
example: "logged source ip"
|
||
|
||
AttributeEventUUID:
|
||
$ref: "#/components/schemas/UUID"
|
||
|
||
AttributeAttachment:
|
||
description: "base64 representation of the attachment"
|
||
type: string
|
||
format: byte
|
||
|
||
AttributeNoId:
|
||
type: object
|
||
properties:
|
||
event_id:
|
||
$ref: "#/components/schemas/EventId"
|
||
object_id:
|
||
$ref: "#/components/schemas/ObjectId"
|
||
object_relation:
|
||
$ref: "#/components/schemas/NullableObjectRelation"
|
||
category:
|
||
$ref: "#/components/schemas/AttributeCategory"
|
||
type:
|
||
$ref: "#/components/schemas/AttributeType"
|
||
value:
|
||
$ref: "#/components/schemas/AttributeValue"
|
||
to_ids:
|
||
$ref: "#/components/schemas/ToIDS"
|
||
uuid:
|
||
$ref: "#/components/schemas/UUID"
|
||
timestamp:
|
||
$ref: "#/components/schemas/NullableTimestamp"
|
||
distribution:
|
||
$ref: "#/components/schemas/DistributionLevelId"
|
||
sharing_group_id:
|
||
$ref: "#/components/schemas/SharingGroupId"
|
||
comment:
|
||
$ref: "#/components/schemas/AttributeComment"
|
||
deleted:
|
||
$ref: "#/components/schemas/SoftDeletedFlag"
|
||
disable_correlation:
|
||
$ref: "#/components/schemas/DisableCorrelationFlag"
|
||
first_seen:
|
||
$ref: "#/components/schemas/NullableMicroTimestamp"
|
||
last_seen:
|
||
$ref: "#/components/schemas/NullableMicroTimestamp"
|
||
|
||
Attribute:
|
||
allOf:
|
||
- type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/AttributeId"
|
||
- $ref: "#/components/schemas/AttributeNoId"
|
||
|
||
ExtendedAttribute:
|
||
allOf:
|
||
- $ref: "#/components/schemas/Attribute"
|
||
- type: object
|
||
properties:
|
||
data:
|
||
$ref: "#/components/schemas/AttributeAttachment"
|
||
event_uuid:
|
||
$ref: "#/components/schemas/UUID"
|
||
decay_score:
|
||
$ref: "#/components/schemas/DecayScoreList"
|
||
|
||
AttributeList:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/Attribute"
|
||
|
||
AttributeRestSearchListItem:
|
||
allOf:
|
||
- $ref: "#/components/schemas/ExtendedAttribute"
|
||
- type: object
|
||
properties:
|
||
Event:
|
||
$ref: "#/components/schemas/Event"
|
||
Object:
|
||
$ref: "#/components/schemas/Object"
|
||
Tag:
|
||
$ref: "#/components/schemas/TagList"
|
||
|
||
AttributeRestSearchList:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/AttributeRestSearchListItem"
|
||
|
||
AttributeStatisticsResponse:
|
||
description: Dictionary of attribute types/categories showing the ammount of occurences/percentage.
|
||
type: object
|
||
example:
|
||
- "Antivirus detection": "10"
|
||
- "Artifacts dropped": "20"
|
||
|
||
DescribeAttributeTypesResponse:
|
||
description: "Lists available attribute types, default categories and category-type mappings."
|
||
type: object
|
||
properties:
|
||
sane_defaults:
|
||
type: object
|
||
example:
|
||
md5:
|
||
default_category: "Payload delivery"
|
||
to_ids: 1
|
||
pdb:
|
||
default_category: "Artifacts dropped"
|
||
to_ids: 0
|
||
types:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/AttributeType"
|
||
categories:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/AttributeCategory"
|
||
category_type_mappings:
|
||
type: object
|
||
example:
|
||
"Internal reference":
|
||
- "text"
|
||
- "link"
|
||
- "comment"
|
||
- "other"
|
||
"Antivirus detection":
|
||
- "link"
|
||
- "comment"
|
||
- "text"
|
||
- "hex"
|
||
- "other"
|
||
|
||
AttributeRestSearchFilter:
|
||
type: object
|
||
properties:
|
||
page:
|
||
$ref: "#/components/schemas/PageSearchFilter"
|
||
limit:
|
||
$ref: "#/components/schemas/LimitSearchFilter"
|
||
value:
|
||
$ref: "#/components/schemas/AttributeValue"
|
||
type:
|
||
$ref: "#/components/schemas/AttributeType"
|
||
category:
|
||
$ref: "#/components/schemas/AttributeCategory"
|
||
org:
|
||
oneOf:
|
||
- $ref: "#/components/schemas/OrganisationId"
|
||
- $ref: "#/components/schemas/OrganisationName"
|
||
tags:
|
||
$ref: "#/components/schemas/TagsRestSearchFilter"
|
||
from:
|
||
$ref: "#/components/schemas/DateRestSearchFilter"
|
||
to:
|
||
$ref: "#/components/schemas/DateRestSearchFilter"
|
||
last:
|
||
$ref: "#/components/schemas/LastRestSearchFilter"
|
||
eventid:
|
||
$ref: "#/components/schemas/EventId"
|
||
withAttachments:
|
||
description: "Extends the response with the base64 representation of the attachment, if there is one"
|
||
type: boolean
|
||
default: false
|
||
uuid:
|
||
$ref: "#/components/schemas/UUID"
|
||
publish_timestamp:
|
||
$ref: "#/components/schemas/Timestamp"
|
||
published:
|
||
$ref: "#/components/schemas/PublishedFlag"
|
||
timestamp:
|
||
$ref: "#/components/schemas/Timestamp"
|
||
attribute_timestamp:
|
||
$ref: "#/components/schemas/Timestamp"
|
||
enforceWarninglist:
|
||
$ref: "#/components/schemas/EnforceWarninglistRestSearchFilter"
|
||
to_ids:
|
||
$ref: "#/components/schemas/ToIDS"
|
||
deleted:
|
||
$ref: "#/components/schemas/SoftDeletedFlag"
|
||
event_timestamp:
|
||
$ref: "#/components/schemas/Timestamp"
|
||
threat_level_id:
|
||
$ref: "#/components/schemas/ThreatLevelId"
|
||
eventinfo:
|
||
description: "Quick event description"
|
||
type: string
|
||
decayingModel:
|
||
description: "Specify the decaying model from which the decaying score should be calculated"
|
||
type: string
|
||
score:
|
||
description: "An alias to override on-the-fly the threshold of the decaying model"
|
||
type: string
|
||
first_seen:
|
||
description: "Seen within the last x amount of time, where x can be defined in days, hours, minutes (for example 5d or 12h or 30m)"
|
||
type: string
|
||
last_seen:
|
||
description: "Seen within the last x amount of time, where x can be defined in days, hours, minutes (for example 5d or 12h or 30m)"
|
||
type: string
|
||
includeEventUuid:
|
||
$ref: "#/components/schemas/IncludeEventUUIDRestSearchFlag"
|
||
includeEventTags:
|
||
$ref: "#/components/schemas/IncludeEventTagsRestSearchFlag"
|
||
includeProposals:
|
||
$ref: "#/components/schemas/IncludeProposalsRestSearchFlag"
|
||
requested_attributes:
|
||
$ref: "#/components/schemas/RequestedAttributesRestSearchFilter"
|
||
includeContext:
|
||
$ref: "#/components/schemas/IncludeContextRestSearchFlag"
|
||
headerless:
|
||
$ref: "#/components/schemas/HeaderlessRestSearchFlag"
|
||
includeWarninglistHits:
|
||
$ref: "#/components/schemas/IncludeWarninglistHitsRestSearchFlag"
|
||
attackGalaxy:
|
||
$ref: "#/components/schemas/AttackGalaxyRestSearchFilter"
|
||
object_relation:
|
||
$ref: "#/components/schemas/ObjectRelationRestSearchFilter"
|
||
includeSightings:
|
||
$ref: "#/components/schemas/IncludeSightingDbRestSearchFlag"
|
||
includeCorrelations:
|
||
$ref: "#/components/schemas/IncludeCorrelationsRestSearchFlag"
|
||
modelOverrides:
|
||
$ref: "#/components/schemas/ModelOverridesRestSearchFilter"
|
||
includeDecayScore:
|
||
description: "Include all enabled decaying score"
|
||
type: boolean
|
||
default: false
|
||
includeFullModel:
|
||
description: "Include all model information of matching events in the response"
|
||
type: boolean
|
||
default: false
|
||
excludeDecayed:
|
||
description: "Should the decayed elements by excluded"
|
||
type: boolean
|
||
default: false
|
||
returnFormat:
|
||
$ref: "#/components/schemas/AttributesRestSearchReturnFormat"
|
||
|
||
# Decay Models
|
||
DecayingModelParameters:
|
||
type: object
|
||
properties:
|
||
lifetime:
|
||
type: number
|
||
format: float
|
||
example: 3
|
||
decay_speed:
|
||
type: number
|
||
format: float
|
||
example: 2.3
|
||
threshold:
|
||
type: number
|
||
format: float
|
||
example: 30
|
||
default_base_score:
|
||
type: number
|
||
format: float
|
||
example: 80
|
||
base_score_config:
|
||
type: object
|
||
example:
|
||
estimative-language:confidence-in-analytic-judgment: 0.25
|
||
estimative-language:likelihood-probability: 0.25
|
||
phishing:psychological-acceptability: 0.25
|
||
phishing:state: 0.20
|
||
|
||
DecayingModel:
|
||
type: object
|
||
properties:
|
||
id:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
maxLength: 10
|
||
example: "12345"
|
||
name:
|
||
type: string
|
||
maxLength: 255
|
||
example: "Phishing model"
|
||
|
||
FullDecayingModel:
|
||
description: "Present if the `includeFullModel` flag was set to *true* in the rest search request"
|
||
type: object
|
||
properties:
|
||
id:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
maxLength: 10
|
||
example: "12345"
|
||
uuid:
|
||
$ref: "#/components/schemas/UUID"
|
||
name:
|
||
type: string
|
||
maxLength: 255
|
||
example: "Phishing model"
|
||
description:
|
||
type: string
|
||
maxLength: 65535
|
||
example: "Simple model to rapidly decay phishing website."
|
||
parameters:
|
||
$ref: "#/components/schemas/DecayingModelParameters"
|
||
attribute_types:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/AttributeType"
|
||
org_id:
|
||
$ref: "#/components/schemas/OrganisationId"
|
||
enabled:
|
||
type: boolean
|
||
all_orgs:
|
||
type: boolean
|
||
ref:
|
||
type: array
|
||
items:
|
||
type: string
|
||
example: "https://arxiv.org/abs/1902.03914"
|
||
formula:
|
||
type: string
|
||
enum:
|
||
- Polynomial
|
||
version:
|
||
type: string
|
||
example: "2"
|
||
default:
|
||
type: boolean
|
||
isEditable:
|
||
type: boolean
|
||
|
||
DecayScore:
|
||
type: object
|
||
properties:
|
||
score:
|
||
type: number
|
||
format: float
|
||
example: 10.5
|
||
base_score:
|
||
type: number
|
||
format: float
|
||
example: 80
|
||
decayed:
|
||
type: boolean
|
||
DecayingModel:
|
||
oneOf:
|
||
- $ref: "#/components/schemas/DecayingModel"
|
||
- $ref: "#/components/schemas/FullDecayingModel"
|
||
|
||
DecayScoreList:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/DecayScore"
|
||
|
||
# Events
|
||
EventId:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
maxLength: 10
|
||
example: "12345"
|
||
|
||
EventInfo:
|
||
type: string
|
||
maxLength: 65535
|
||
example: "logged source ip"
|
||
|
||
EventAttributeCount:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
example: "321"
|
||
|
||
EventProposalEmailLock:
|
||
type: boolean
|
||
|
||
EventOrganisation:
|
||
type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/OrganisationId"
|
||
name:
|
||
$ref: "#/components/schemas/OrganisationName"
|
||
uuid:
|
||
$ref: "#/components/schemas/UUID"
|
||
|
||
EventTagId:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
maxLength: 10
|
||
example: "12345"
|
||
|
||
EventTag:
|
||
type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/EventTagId"
|
||
event_id:
|
||
$ref: "#/components/schemas/EventId"
|
||
tag_id:
|
||
$ref: "#/components/schemas/TagId"
|
||
local:
|
||
$ref: "#/components/schemas/IsLocal"
|
||
Tag:
|
||
$ref: "#/components/schemas/Tag"
|
||
|
||
EventTagList:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/EventTag"
|
||
|
||
EventReport: # TODO: describe
|
||
type: object
|
||
|
||
EventNoId:
|
||
type: object
|
||
properties:
|
||
org_id:
|
||
$ref: "#/components/schemas/OrganisationId"
|
||
distribution:
|
||
$ref: "#/components/schemas/DistributionLevelId"
|
||
info:
|
||
$ref: "#/components/schemas/EventInfo"
|
||
orgc_id:
|
||
$ref: "#/components/schemas/OrganisationId"
|
||
uuid:
|
||
$ref: "#/components/schemas/UUID"
|
||
date:
|
||
type: string
|
||
example: "1991-01-15"
|
||
published:
|
||
$ref: "#/components/schemas/PublishedFlag"
|
||
analysis:
|
||
$ref: "#/components/schemas/AnalysisLevelId"
|
||
attribute_count:
|
||
$ref: "#/components/schemas/EventAttributeCount"
|
||
timestamp:
|
||
$ref: "#/components/schemas/NullableTimestamp"
|
||
sharing_group_id:
|
||
$ref: "#/components/schemas/SharingGroupId"
|
||
proposal_email_lock:
|
||
$ref: "#/components/schemas/EventProposalEmailLock"
|
||
locked:
|
||
$ref: "#/components/schemas/IsLocked"
|
||
threat_level_id:
|
||
$ref: "#/components/schemas/ThreatLevelId"
|
||
publish_timestamp:
|
||
$ref: "#/components/schemas/Timestamp"
|
||
sighting_timestamp:
|
||
$ref: "#/components/schemas/Timestamp"
|
||
disable_correlation:
|
||
$ref: "#/components/schemas/DisableCorrelationFlag"
|
||
extends_uuid:
|
||
$ref: "#/components/schemas/ExtendsUUID"
|
||
event_creator_email:
|
||
type: string
|
||
format: email
|
||
|
||
Event:
|
||
allOf:
|
||
- type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/EventId"
|
||
- $ref: "#/components/schemas/EventNoId"
|
||
|
||
ExtendedEvent:
|
||
allOf:
|
||
- $ref: "#/components/schemas/Event"
|
||
- type: object
|
||
properties:
|
||
Feed:
|
||
$ref: "#/components/schemas/Feed"
|
||
Org:
|
||
$ref: "#/components/schemas/EventOrganisation"
|
||
Orgc:
|
||
$ref: "#/components/schemas/EventOrganisation"
|
||
Attribute:
|
||
$ref: "#/components/schemas/AttributeList"
|
||
ShadowAttribute:
|
||
$ref: "#/components/schemas/AttributeList"
|
||
RelatedEvent:
|
||
type: array
|
||
items:
|
||
type: object
|
||
properties:
|
||
Event:
|
||
$ref: "#/components/schemas/ExtendedEvent"
|
||
Galaxy:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/Galaxy"
|
||
Object:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/Object"
|
||
EventReport:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/EventReport"
|
||
Tag:
|
||
$ref: "#/components/schemas/TagList"
|
||
|
||
CreatedEvent:
|
||
type: object
|
||
properties:
|
||
Event:
|
||
allOf:
|
||
- $ref: "#/components/schemas/ExtendedEvent"
|
||
- type: object
|
||
properties:
|
||
event_creator_email:
|
||
type: string
|
||
format: email
|
||
Galaxy:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/Galaxy"
|
||
Object:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/Object"
|
||
EventReport:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/EventReport"
|
||
|
||
UpdatedEvent:
|
||
type: object
|
||
properties:
|
||
Event:
|
||
allOf:
|
||
- $ref: "#/components/schemas/ExtendedEvent"
|
||
- type: object
|
||
properties:
|
||
event_creator_email:
|
||
type: string
|
||
format: email
|
||
Galaxy:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/Galaxy"
|
||
Object:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/Object"
|
||
EventReport:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/EventReport"
|
||
Tag:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/Tag"
|
||
|
||
SlimEvent:
|
||
type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/EventId"
|
||
timestamp:
|
||
$ref: "#/components/schemas/Timestamp"
|
||
sighting_timestamp:
|
||
$ref: "#/components/schemas/Timestamp"
|
||
published:
|
||
$ref: "#/components/schemas/PublishedFlag"
|
||
uuid:
|
||
$ref: "#/components/schemas/UUID"
|
||
orgc_uuid:
|
||
$ref: "#/components/schemas/UUID"
|
||
required:
|
||
- id
|
||
- timestamp
|
||
- sighting_timestamp
|
||
- published
|
||
- uuid
|
||
- orgc_uuid
|
||
|
||
EventList:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/Event"
|
||
|
||
ExtendedEventList:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/ExtendedEvent"
|
||
|
||
SlimEventList:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/SlimEvent"
|
||
|
||
EventRestSearchList:
|
||
type: array
|
||
items:
|
||
type: object
|
||
properties:
|
||
Event:
|
||
type: object
|
||
allOf:
|
||
- $ref: "#/components/schemas/ExtendedEvent"
|
||
- type: object
|
||
properties:
|
||
Event:
|
||
$ref: "#/components/schemas/SlimEvent"
|
||
|
||
# Objects
|
||
ObjectId:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
maxLength: 10
|
||
example: "12345"
|
||
|
||
ObjectName:
|
||
type: string
|
||
maxLength: 131071
|
||
example: "ail-leak"
|
||
|
||
ObjectMetaCategory:
|
||
type: string
|
||
|
||
ObjectDescription:
|
||
type: string
|
||
|
||
ObjectTemplateVersion:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
example: "1"
|
||
|
||
ObjectRelation:
|
||
type: string
|
||
maxLength: 255
|
||
example: "sensor"
|
||
|
||
NullableObjectRelation:
|
||
nullable: true
|
||
type: string
|
||
maxLength: 255
|
||
example: "sensor"
|
||
|
||
Object:
|
||
type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/ObjectId"
|
||
name:
|
||
$ref: "#/components/schemas/ObjectName"
|
||
meta-category:
|
||
$ref: "#/components/schemas/ObjectMetaCategory"
|
||
description:
|
||
$ref: "#/components/schemas/ObjectDescription"
|
||
template_uuid:
|
||
$ref: "#/components/schemas/UUID"
|
||
template_version:
|
||
$ref: "#/components/schemas/ObjectTemplateVersion"
|
||
event_id:
|
||
$ref: "#/components/schemas/EventId"
|
||
uuid:
|
||
$ref: "#/components/schemas/UUID"
|
||
timestamp:
|
||
$ref: "#/components/schemas/Timestamp"
|
||
distribution:
|
||
$ref: "#/components/schemas/DistributionLevelId"
|
||
sharing_group_id:
|
||
$ref: "#/components/schemas/SharingGroupId"
|
||
comment:
|
||
type: string
|
||
deleted:
|
||
type: boolean
|
||
first_seen:
|
||
$ref: "#/components/schemas/NullableMicroTimestamp"
|
||
last_seen:
|
||
$ref: "#/components/schemas/NullableMicroTimestamp"
|
||
Attribute:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/Attribute"
|
||
|
||
ExtendedObject:
|
||
allOf:
|
||
- $ref: "#/components/schemas/Object"
|
||
- type: object
|
||
properties:
|
||
Event:
|
||
type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/EventId"
|
||
info:
|
||
$ref: "#/components/schemas/EventInfo"
|
||
org_id:
|
||
$ref: "#/components/schemas/OrganisationId"
|
||
orgc_id:
|
||
$ref: "#/components/schemas/OrganisationId"
|
||
|
||
ObjectTemplateId:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
maxLength: 10
|
||
example: "12345"
|
||
|
||
# Sightings
|
||
SightingId:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
maxLength: 10
|
||
example: "12345"
|
||
|
||
Sighting:
|
||
type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/SightingId"
|
||
attribute_id:
|
||
$ref: "#/components/schemas/AttributeId"
|
||
event_id:
|
||
$ref: "#/components/schemas/EventId"
|
||
org_id:
|
||
$ref: "#/components/schemas/OrganisationId"
|
||
date_sighting:
|
||
$ref: "#/components/schemas/Timestamp"
|
||
uuid:
|
||
$ref: "#/components/schemas/UUID"
|
||
source:
|
||
type: string
|
||
type:
|
||
type: string
|
||
attribute_uuid:
|
||
$ref: "#/components/schemas/UUID"
|
||
Organisation:
|
||
type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/OrganisationId"
|
||
uuid:
|
||
$ref: "#/components/schemas/UUID"
|
||
name:
|
||
$ref: "#/components/schemas/OrganisationName"
|
||
|
||
# Galaxies
|
||
GalaxyId:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
maxLength: 10
|
||
example: "12345"
|
||
|
||
GalaxyName:
|
||
type: string
|
||
maxLength: 255
|
||
example: "Ransomware"
|
||
|
||
GalaxyType:
|
||
type: string
|
||
maxLength: 255
|
||
example: "ransomware"
|
||
|
||
GalaxyDescription:
|
||
type: string
|
||
maxLength: 65535
|
||
example: "Ransomware galaxy based on ..."
|
||
|
||
GalaxyVersion:
|
||
type: string
|
||
maxLength: 255
|
||
example: "1"
|
||
|
||
GalaxyNamespace:
|
||
type: string
|
||
maxLength: 255
|
||
example: "misp"
|
||
|
||
Galaxy:
|
||
type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/GalaxyId"
|
||
uuid:
|
||
$ref: "#/components/schemas/UUID"
|
||
name:
|
||
$ref: "#/components/schemas/GalaxyName"
|
||
type:
|
||
$ref: "#/components/schemas/GalaxyType"
|
||
description:
|
||
$ref: "#/components/schemas/GalaxyDescription"
|
||
version:
|
||
$ref: "#/components/schemas/GalaxyVersion"
|
||
icon:
|
||
$ref: "#/components/schemas/Icon"
|
||
namespace:
|
||
$ref: "#/components/schemas/GalaxyNamespace"
|
||
kill_chain_order:
|
||
type: object
|
||
nullable: true
|
||
example:
|
||
fraud-tactics:
|
||
- "Initiation"
|
||
- "Target Compromise"
|
||
- "Perform Fraud"
|
||
- "Obtain Fraudulent Assets"
|
||
- "Assets Transfer"
|
||
- "Monetisation"
|
||
|
||
GalaxyClusterId:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
maxLength: 10
|
||
example: "12345"
|
||
|
||
GalaxyClusterValue:
|
||
type: string
|
||
maxLength: 65535
|
||
example: "Brute Force - T1110"
|
||
|
||
GalaxyClusterType:
|
||
type: string
|
||
maxLength: 255
|
||
example: "mitre-enterprise-attack-attack-pattern"
|
||
|
||
GalaxyClusterDescription:
|
||
type: string
|
||
maxLength: 65535
|
||
example: "Adversaries may use brute force techniques to attempt access to accounts when passwords are unknown or when password hashes are obtained..."
|
||
|
||
GalaxyClusterSource:
|
||
type: string
|
||
maxLength: 255
|
||
example: "https://github.com/mitre/cti"
|
||
|
||
GalaxyClusterAuthors:
|
||
type: array
|
||
items:
|
||
type: string
|
||
example: "MITRE"
|
||
|
||
GalaxyClusterVersion:
|
||
type: string
|
||
nullable: true
|
||
maxLength: 255
|
||
example: "1"
|
||
|
||
GalaxyElementId:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
maxLength: 10
|
||
example: "12345"
|
||
|
||
GalaxyElementKey:
|
||
type: string
|
||
maxLength: 255
|
||
example: "categories"
|
||
|
||
GalaxyElementValue:
|
||
type: string
|
||
maxLength: 65535
|
||
example: "Military"
|
||
|
||
GalaxyElement:
|
||
type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/GalaxyElementId"
|
||
galaxy_cluster_id:
|
||
$ref: "#/components/schemas/GalaxyClusterId"
|
||
key:
|
||
$ref: "#/components/schemas/GalaxyElementKey"
|
||
value:
|
||
$ref: "#/components/schemas/GalaxyElementValue"
|
||
|
||
GalaxyElementList:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/GalaxyElement"
|
||
|
||
GalaxyClusterRelationList:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/GalaxyElement"
|
||
|
||
GalaxyClusterNoId:
|
||
type: object
|
||
properties:
|
||
uuid:
|
||
$ref: "#/components/schemas/UUID"
|
||
collection_uuid:
|
||
$ref: "#/components/schemas/UUID"
|
||
type:
|
||
$ref: "#/components/schemas/GalaxyClusterType"
|
||
value:
|
||
$ref: "#/components/schemas/GalaxyClusterValue"
|
||
tag_name:
|
||
$ref: "#/components/schemas/TagName"
|
||
description:
|
||
$ref: "#/components/schemas/GalaxyClusterDescription"
|
||
galaxy_id:
|
||
$ref: "#/components/schemas/GalaxyId"
|
||
source:
|
||
$ref: "#/components/schemas/GalaxyClusterSource"
|
||
authors:
|
||
$ref: "#/components/schemas/GalaxyClusterAuthors"
|
||
version:
|
||
$ref: "#/components/schemas/GalaxyClusterVersion"
|
||
distribution:
|
||
$ref: "#/components/schemas/DistributionLevelId"
|
||
sharing_group_id:
|
||
$ref: "#/components/schemas/SharingGroupId"
|
||
org_id:
|
||
$ref: "#/components/schemas/OrganisationId"
|
||
orgc_id:
|
||
$ref: "#/components/schemas/OrganisationId"
|
||
default:
|
||
$ref: "#/components/schemas/IsDefault"
|
||
locked:
|
||
$ref: "#/components/schemas/IsLocked"
|
||
extends_uuid:
|
||
$ref: "#/components/schemas/ExtendsUUID"
|
||
extends_version:
|
||
$ref: "#/components/schemas/GalaxyClusterVersion"
|
||
published:
|
||
$ref: "#/components/schemas/PublishedFlag"
|
||
deleted:
|
||
$ref: "#/components/schemas/SoftDeletedFlag"
|
||
GalaxyElement:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/GalaxyElement"
|
||
|
||
GalaxyCluster:
|
||
description: "MISP galaxy is a simple method to express a large object called cluster that can be attached to MISP events or attributes."
|
||
allOf:
|
||
- type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/GalaxyClusterId"
|
||
- $ref: "#/components/schemas/GalaxyClusterNoId"
|
||
|
||
ExtendedGalaxyCluster:
|
||
description: "A galaxy cluster with all it's details."
|
||
allOf:
|
||
- $ref: "#/components/schemas/GalaxyCluster"
|
||
- type: object
|
||
properties:
|
||
Galaxy:
|
||
$ref: "#/components/schemas/Galaxy"
|
||
GalaxyClusterRelation:
|
||
$ref: "#/components/schemas/GalaxyClusterRelationList"
|
||
Org:
|
||
$ref: "#/components/schemas/Organisation"
|
||
Orgc:
|
||
$ref: "#/components/schemas/Organisation"
|
||
tag_count:
|
||
type: integer
|
||
format: int32
|
||
tag_id:
|
||
$ref: "#/components/schemas/TagId"
|
||
|
||
ExtendedGalaxy:
|
||
description: "A galaxy with it's galaxy cluster details."
|
||
allOf:
|
||
- type: object
|
||
properties:
|
||
Galaxy:
|
||
$ref: "#/components/schemas/Galaxy"
|
||
GalaxyCluster:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/GalaxyCluster"
|
||
|
||
GalaxyMispFormat:
|
||
description: "Galaxy and clusters representation in misp-galaxy format."
|
||
type: object
|
||
properties:
|
||
name:
|
||
$ref: "#/components/schemas/GalaxyName"
|
||
type:
|
||
$ref: "#/components/schemas/GalaxyType"
|
||
authors:
|
||
$ref: "#/components/schemas/GalaxyClusterAuthors"
|
||
version:
|
||
oneOf:
|
||
- type: boolean
|
||
- $ref: "#/components/schemas/GalaxyClusterVersion"
|
||
uuid:
|
||
$ref: "#/components/schemas/UUID"
|
||
source:
|
||
$ref: "#/components/schemas/GalaxyClusterSource"
|
||
values:
|
||
type: array
|
||
items:
|
||
type: object
|
||
properties:
|
||
description:
|
||
$ref: "#/components/schemas/GalaxyClusterDescription"
|
||
uuid:
|
||
$ref: "#/components/schemas/UUID"
|
||
value:
|
||
$ref: "#/components/schemas/GalaxyClusterValue"
|
||
extends_uuid:
|
||
$ref: "#/components/schemas/ExtendsUUID"
|
||
extends_Version:
|
||
$ref: "#/components/schemas/GalaxyClusterVersion"
|
||
meta:
|
||
description: "Each Galaxy element associated to this cluster represents a key-value property."
|
||
type: object
|
||
example:
|
||
- categories: "botnet"
|
||
- refs: "http://example.com"
|
||
- aliases:
|
||
- "malware"
|
||
- "win32"
|
||
- "windows"
|
||
- topics:
|
||
- "Windows"
|
||
- "Malware"
|
||
|
||
GalaxyValueSearchFilter:
|
||
description: "Text search term to find a matching galaxy name, namespace, description, kill_chain_order or uuid."
|
||
type: string
|
||
example: "botnet"
|
||
|
||
ImportGalaxyClusterItem:
|
||
type: object
|
||
properties:
|
||
GalaxyCluster:
|
||
$ref: "#/components/schemas/GalaxyClusterNoId"
|
||
Galaxy:
|
||
type: object
|
||
properties:
|
||
uuid:
|
||
$ref: "#/components/schemas/UUID"
|
||
|
||
# Tags
|
||
TagId:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
maxLength: 10
|
||
example: "12345"
|
||
|
||
TagName:
|
||
type: string
|
||
example: "tlp:white"
|
||
maxLength: 255
|
||
|
||
TagColour:
|
||
type: string
|
||
example: "#ffffff"
|
||
maxLength: 7
|
||
|
||
TagNumericalValue:
|
||
type: string
|
||
nullable: true
|
||
pattern: '^\d+$'
|
||
example: "12345"
|
||
|
||
HideTagFlag:
|
||
type: boolean
|
||
default: false
|
||
|
||
TagNoId:
|
||
type: object
|
||
properties:
|
||
name:
|
||
$ref: "#/components/schemas/TagName"
|
||
colour:
|
||
$ref: "#/components/schemas/TagColour"
|
||
exportable:
|
||
$ref: "#/components/schemas/IsExportable"
|
||
org_id:
|
||
$ref: "#/components/schemas/OrganisationId"
|
||
user_id:
|
||
$ref: "#/components/schemas/UserId"
|
||
hide_tag:
|
||
$ref: "#/components/schemas/HideTagFlag"
|
||
numerical_value:
|
||
$ref: "#/components/schemas/TagNumericalValue"
|
||
is_galaxy:
|
||
$ref: "#/components/schemas/IsGalaxy"
|
||
is_custom_galaxy:
|
||
$ref: "#/components/schemas/IsCustomGalaxy"
|
||
inherited:
|
||
$ref: "#/components/schemas/IsInherited"
|
||
|
||
Tag:
|
||
description: "A tag is a simple method to classify an event with a simple string. The tag name can be freely chosen. The tag name can be also chosen from a fixed machine-tag vocabulary called MISP taxonomies"
|
||
allOf:
|
||
- type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/TagId"
|
||
- $ref: "#/components/schemas/TagNoId"
|
||
|
||
TagList:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/Tag"
|
||
|
||
TagCollectionId:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
maxLength: 10
|
||
example: "12345"
|
||
|
||
ExtendedTag:
|
||
type: object
|
||
properties:
|
||
Tag:
|
||
$ref: "#/components/schemas/Tag"
|
||
Taxonomy:
|
||
$ref: "#/components/schemas/Taxonomy"
|
||
TaxonomyPredicate:
|
||
$ref: "#/components/schemas/TaxonomyPredicate"
|
||
|
||
# Taxonomies
|
||
TaxonomyId:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
maxLength: 10
|
||
example: "12345"
|
||
|
||
TaxonomyPredicateId:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
maxLength: 10
|
||
example: "12345"
|
||
|
||
TaxonomyNamespace:
|
||
type: string
|
||
example: "tlp"
|
||
|
||
TaxonomyDescription:
|
||
type: string
|
||
example: "Disclosure is not limited. Sources may use TLP:WHITE when information carries minimal or no foreseeable risk of misuse, in accordance with applicable rules and procedures for public release. Subject to standard copyright rules, TLP:WHITE information may be distributed without restriction."
|
||
|
||
TaxonomyVersion:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
example: "5"
|
||
|
||
Taxonomy:
|
||
type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/TaxonomyId"
|
||
namespace:
|
||
$ref: "#/components/schemas/TaxonomyNamespace"
|
||
description:
|
||
$ref: "#/components/schemas/TaxonomyDescription"
|
||
version:
|
||
$ref: "#/components/schemas/TaxonomyVersion"
|
||
|
||
enabled:
|
||
type: boolean
|
||
exclusive:
|
||
type: boolean
|
||
required:
|
||
type: boolean
|
||
|
||
TaxonomyPredicateValue:
|
||
type: string
|
||
example: "white"
|
||
|
||
TaxonomyPredicateExpanded:
|
||
type: string
|
||
example: "(TLP:WHITE) Information can be shared publicly in accordance with the law."
|
||
|
||
TaxonomyPredicateDescription:
|
||
type: string
|
||
example: "Disclosure is not limited. Sources may use TLP:WHITE when information carries minimal or no foreseeable risk of misuse, in accordance with applicable rules and procedures for public release. Subject to standard copyright rules, TLP:WHITE information may be distributed without restriction."
|
||
|
||
TaxonomyPredicate:
|
||
type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/TaxonomyPredicateId"
|
||
taxonomy_id:
|
||
$ref: "#/components/schemas/TaxonomyId"
|
||
value:
|
||
$ref: "#/components/schemas/TaxonomyPredicateValue"
|
||
expanded:
|
||
$ref: "#/components/schemas/TaxonomyPredicateExpanded"
|
||
colour:
|
||
type: string
|
||
example: "#ffffff"
|
||
description:
|
||
$ref: "#/components/schemas/TaxonomyPredicateDescription"
|
||
exclusive:
|
||
type: boolean
|
||
numerical_value:
|
||
type: integer
|
||
nullable: true
|
||
|
||
TaxonomyPredicateExport:
|
||
type: object
|
||
properties:
|
||
value:
|
||
$ref: "#/components/schemas/TaxonomyPredicateValue"
|
||
expanded:
|
||
$ref: "#/components/schemas/TaxonomyPredicateExpanded"
|
||
|
||
TaxonomyEntryExport:
|
||
type: object
|
||
properties:
|
||
value:
|
||
type: string
|
||
example: "spam"
|
||
expanded:
|
||
type: string
|
||
example: "spam"
|
||
description:
|
||
type: string
|
||
example: "Spam or ‘unsolicited bulk e-mail’, meaning that the recipient has not granted verifiable permission for the message to be sent and that the message is sent as part of a larger collection of messages, all having identical content."
|
||
|
||
TaxonomyValueExport:
|
||
type: object
|
||
properties:
|
||
predicate:
|
||
$ref: "#/components/schemas/TaxonomyPredicateValue"
|
||
entry:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/TaxonomyEntryExport"
|
||
|
||
TaxonomyEntry:
|
||
type: object
|
||
properties:
|
||
tag:
|
||
$ref: "#/components/schemas/TagName"
|
||
expanded:
|
||
type: string
|
||
description:
|
||
type: string
|
||
exclusive_predicate:
|
||
type: boolean
|
||
existing_tag:
|
||
type: boolean
|
||
|
||
ExtendedTaxonomyEntry:
|
||
allOf:
|
||
- $ref: "#/components/schemas/UserNoId"
|
||
- type: object
|
||
properties:
|
||
events:
|
||
type: number
|
||
attributes:
|
||
type: number
|
||
|
||
# Users
|
||
UserId:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
maxLength: 10
|
||
example: "12345"
|
||
|
||
DashboardUserSetting:
|
||
type: object
|
||
properties:
|
||
widget:
|
||
type: string
|
||
example: "MispStatusWidget"
|
||
position:
|
||
type: object
|
||
properties:
|
||
x:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
example: "0"
|
||
y:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
example: "0"
|
||
width:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
example: "2"
|
||
height:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
example: "2"
|
||
|
||
PublishAlertFilterUserSetting:
|
||
type: object
|
||
example:
|
||
- "AND":
|
||
- "NOT":
|
||
- "EventTag.name":
|
||
- "%osint%"
|
||
- "OR":
|
||
- "Tag.name":
|
||
- "tlp:green"
|
||
- "tlp:amber"
|
||
- "tlp:red"
|
||
- "%privint%"
|
||
|
||
DashboardAccessUserSetting:
|
||
type: boolean
|
||
|
||
HomepageUserSetting:
|
||
type: object
|
||
properties:
|
||
path:
|
||
type: string
|
||
example: "/events/index"
|
||
|
||
DefaultRestSearchParametersUserSetting:
|
||
type: object
|
||
example:
|
||
- "AND":
|
||
- "NOT":
|
||
- "EventTag.name":
|
||
- "%osint%"
|
||
- "OR":
|
||
- "Tag.name":
|
||
- "tlp:green"
|
||
- "tlp:amber"
|
||
- "tlp:red"
|
||
- "%privint%"
|
||
|
||
TagNumbericalValueOverrideUserSetting:
|
||
type: object
|
||
example:
|
||
- "false-positive:risk='medium'": 99
|
||
|
||
EventIndexHideColumnsUserSetting:
|
||
type: array
|
||
items:
|
||
type: string
|
||
example: "clusters"
|
||
|
||
UserSettingId:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
maxLength: 10
|
||
example: "12345"
|
||
|
||
UserSettingName:
|
||
type: string
|
||
enum:
|
||
- "publish_alert_filter"
|
||
- "dashboard_access"
|
||
- "dashboard"
|
||
- "homepage"
|
||
- "default_restsearch_parameters"
|
||
- "tag_numerical_value_override"
|
||
- "event_index_hide_columns"
|
||
|
||
UserSetting:
|
||
type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/UserSettingId"
|
||
setting:
|
||
$ref: "#/components/schemas/UserSettingName"
|
||
value:
|
||
anyOf:
|
||
- $ref: "#/components/schemas/DashboardUserSetting"
|
||
- $ref: "#/components/schemas/PublishAlertFilterUserSetting"
|
||
- $ref: "#/components/schemas/DashboardAccessUserSetting"
|
||
- $ref: "#/components/schemas/HomepageUserSetting"
|
||
- $ref: "#/components/schemas/DefaultRestSearchParametersUserSetting"
|
||
- $ref: "#/components/schemas/TagNumbericalValueOverrideUserSetting"
|
||
- $ref: "#/components/schemas/EventIndexHideColumnsUserSetting"
|
||
user_id:
|
||
$ref: "#/components/schemas/UserId"
|
||
timestamp:
|
||
$ref: "#/components/schemas/Timestamp"
|
||
|
||
ViewUserSettings:
|
||
type: object
|
||
properties:
|
||
publish_alert_filter:
|
||
$ref: "#/components/schemas/PublishAlertFilterUserSetting"
|
||
dashboard_access:
|
||
$ref: "#/components/schemas/DashboardAccessUserSetting"
|
||
dashboard:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/DashboardUserSetting"
|
||
homepage:
|
||
$ref: "#/components/schemas/HomepageUserSetting"
|
||
default_restsearch_parameters:
|
||
$ref: "#/components/schemas/DefaultRestSearchParametersUserSetting"
|
||
tag_numerical_value_override:
|
||
$ref: "#/components/schemas/TagNumbericalValueOverrideUserSetting"
|
||
event_index_hide_columns:
|
||
$ref: "#/components/schemas/EventIndexHideColumnsUserSetting"
|
||
|
||
UserNoId:
|
||
type: object
|
||
properties:
|
||
org_id:
|
||
$ref: "#/components/schemas/OrganisationId"
|
||
server_id:
|
||
$ref: "#/components/schemas/ServerId"
|
||
email:
|
||
type: string
|
||
format: email
|
||
autoalert:
|
||
type: boolean
|
||
authkey:
|
||
description: "API auth key used for the API, only set if MISP setting `Security.advanced_authkeys` is set to `false`."
|
||
nullable: true
|
||
type: string
|
||
minLength: 40
|
||
maxLength: 40
|
||
example: "894c8d095180c7ea28789092e96ca6424199aa4f"
|
||
invited_by:
|
||
$ref: "#/components/schemas/UserId"
|
||
gpgkey:
|
||
type: string
|
||
nullable: true
|
||
certif_public:
|
||
type: string
|
||
nullable: true
|
||
nids_sid:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
maxLength: 10
|
||
example: "4000000"
|
||
termsaccepted:
|
||
type: boolean
|
||
newsread:
|
||
$ref: "#/components/schemas/Timestamp"
|
||
role_id:
|
||
$ref: "#/components/schemas/RoleId"
|
||
change_pw:
|
||
description: "Password change required."
|
||
type: string
|
||
enum:
|
||
- "0"
|
||
- "1"
|
||
contactalert:
|
||
type: boolean
|
||
disabled:
|
||
type: boolean
|
||
expiration:
|
||
type: string
|
||
format: date-time
|
||
nullable: true
|
||
current_login:
|
||
$ref: "#/components/schemas/Timestamp"
|
||
last_login:
|
||
$ref: "#/components/schemas/Timestamp"
|
||
force_logout:
|
||
type: boolean
|
||
date_created:
|
||
$ref: "#/components/schemas/Timestamp"
|
||
date_modified:
|
||
$ref: "#/components/schemas/Timestamp"
|
||
|
||
User:
|
||
allOf:
|
||
- type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/UserId"
|
||
- $ref: "#/components/schemas/UserNoId"
|
||
|
||
ExtendedUser:
|
||
allOf:
|
||
- $ref: "#/components/schemas/User"
|
||
- type: object
|
||
properties:
|
||
User:
|
||
$ref: "#/components/schemas/User"
|
||
Role:
|
||
$ref: "#/components/schemas/Role"
|
||
UserSetting:
|
||
$ref: "#/components/schemas/ViewUserSettings"
|
||
|
||
UserListItem:
|
||
type: object
|
||
properties:
|
||
User:
|
||
$ref: "#/components/schemas/User"
|
||
Role:
|
||
$ref: "#/components/schemas/Role"
|
||
Organisation:
|
||
type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/OrganisationId"
|
||
name:
|
||
$ref: "#/components/schemas/OrganisationName"
|
||
|
||
UserList:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/UserListItem"
|
||
|
||
# Organisations
|
||
OrganisationId:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
maxLength: 10
|
||
example: "12345"
|
||
|
||
OrganisationName:
|
||
type: string
|
||
maxLength: 255
|
||
example: "ORGNAME"
|
||
|
||
OrganisationType:
|
||
type: string
|
||
nullable: true
|
||
maxLength: 255
|
||
example: "ADMIN"
|
||
|
||
OrganisationNoId:
|
||
type: object
|
||
properties:
|
||
name:
|
||
$ref: "#/components/schemas/OrganisationName"
|
||
date_created:
|
||
type: string
|
||
example: "2021-06-14 14:29:19"
|
||
date_modified:
|
||
type: string
|
||
example: "2021-06-14 14:29:19"
|
||
description:
|
||
type: string
|
||
type:
|
||
$ref: "#/components/schemas/OrganisationType"
|
||
nationality:
|
||
type: string
|
||
sector:
|
||
type: string
|
||
created_by:
|
||
$ref: "#/components/schemas/UserId"
|
||
uuid:
|
||
type: string
|
||
contacts:
|
||
type: string
|
||
nullable: true
|
||
local:
|
||
type: boolean
|
||
restricted_to_domain:
|
||
type: array
|
||
items:
|
||
type: string
|
||
format: hostname
|
||
landingpage:
|
||
type: string
|
||
nullable: true
|
||
user_count:
|
||
type: string
|
||
nullable: true
|
||
pattern: '^\d+$'
|
||
example: "3"
|
||
created_by_email:
|
||
nullable: true
|
||
type: string
|
||
|
||
Organisation:
|
||
allOf:
|
||
- type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/OrganisationId"
|
||
- $ref: "#/components/schemas/OrganisationNoId"
|
||
|
||
OrganisationListItem:
|
||
type: object
|
||
properties:
|
||
Organisation:
|
||
$ref: "#/components/schemas/Organisation"
|
||
|
||
OrganisationList:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/OrganisationListItem"
|
||
|
||
# Servers
|
||
ServerId:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
maxLength: 10
|
||
example: "12345"
|
||
|
||
ServerName:
|
||
type: string
|
||
maxLength: 255
|
||
example: "Phising Server"
|
||
|
||
ServerNoId:
|
||
type: object
|
||
properties:
|
||
name:
|
||
$ref: "#/components/schemas/ServerName"
|
||
url:
|
||
type: string
|
||
example: "https://misppriv.circl.lu"
|
||
authkey:
|
||
$ref: "#/components/schemas/AuthKeyRaw"
|
||
org_id:
|
||
$ref: "#/components/schemas/OrganisationId"
|
||
push:
|
||
type: boolean
|
||
pull:
|
||
type: boolean
|
||
push_sightings:
|
||
type: boolean
|
||
push_galaxy_clusters:
|
||
type: boolean
|
||
pull_galaxy_clusters:
|
||
type: boolean
|
||
lastpulledid:
|
||
type: string
|
||
nullable: true
|
||
pattern: '^\d+$'
|
||
maxLength: 10
|
||
example: "12345"
|
||
lastpushedid:
|
||
type: string
|
||
nullable: true
|
||
pattern: '^\d+$'
|
||
maxLength: 10
|
||
example: "12345"
|
||
organization:
|
||
type: string
|
||
nullable: true
|
||
remote_org_id:
|
||
$ref: "#/components/schemas/OrganisationId"
|
||
publish_without_email:
|
||
type: boolean
|
||
unpublish_event:
|
||
type: boolean
|
||
self_signed:
|
||
type: boolean
|
||
pull_rules:
|
||
description: "Stringified JSON rules for pulling events from this server."
|
||
type: string
|
||
example: '{"tags":{"OR":[],"NOT":[]},"orgs":{"OR":[],"NOT":[]},"url_params":""}'
|
||
push_rules:
|
||
type: string
|
||
description: "Stringified JSON rules for pushing events from this server."
|
||
example: '{"tags":{"OR":[],"NOT":[]},"orgs":{"OR":[],"NOT":[]}}'
|
||
cert_file:
|
||
type: string
|
||
description: "Base64 encoded certificate"
|
||
nullable: true
|
||
format: byte
|
||
client_cert_file:
|
||
type: string
|
||
description: "Base64 encoded client certificate"
|
||
nullable: true
|
||
format: byte
|
||
internal:
|
||
type: boolean
|
||
skip_proxy:
|
||
type: boolean
|
||
caching_enabled:
|
||
type: boolean
|
||
priority:
|
||
type: string
|
||
nullable: true
|
||
pattern: '^\d+$'
|
||
maxLength: 10
|
||
example: "1"
|
||
cache_timestamp:
|
||
type: boolean
|
||
|
||
Server:
|
||
allOf:
|
||
- type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/ServerId"
|
||
- $ref: "#/components/schemas/ServerNoId"
|
||
|
||
ServerListItem:
|
||
type: object
|
||
properties:
|
||
Server:
|
||
$ref: "#/components/schemas/Server"
|
||
Organisation:
|
||
$ref: "#/components/schemas/Organisation"
|
||
RemoteOrg:
|
||
$ref: "#/components/schemas/Organisation"
|
||
User:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/User"
|
||
|
||
ServerList:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/ServerListItem"
|
||
|
||
PhpServerSetting:
|
||
type: object
|
||
properties:
|
||
explanation:
|
||
type: string
|
||
example: "The maximum duration that a script can run (does not affect the background workers). A too low number will break long running scripts like comprehensive API exports"
|
||
recommended:
|
||
anyOf:
|
||
- type: integer
|
||
example: 300
|
||
- type: string
|
||
unit:
|
||
type: string
|
||
example: "seconds"
|
||
value:
|
||
anyOf:
|
||
- type: integer
|
||
format: int32
|
||
example: 300
|
||
- type: string
|
||
|
||
ServerPackageVersion:
|
||
type: object
|
||
properties:
|
||
version:
|
||
type: string
|
||
example: "1.2.0.11"
|
||
expected:
|
||
type: string
|
||
example: ">1.2.0.9"
|
||
status:
|
||
type: integer
|
||
format: int32
|
||
minimum: 0
|
||
example: 1
|
||
|
||
DatabaseTableDiagnostics:
|
||
type: object
|
||
properties:
|
||
used:
|
||
type: string
|
||
example: "207.63MB"
|
||
reclaimable:
|
||
type: string
|
||
example: "5MB"
|
||
table:
|
||
type: string
|
||
example: "attributes"
|
||
|
||
MispSetting:
|
||
type: object
|
||
properties:
|
||
level:
|
||
type: integer
|
||
example: 0
|
||
value:
|
||
anyOf:
|
||
- type: string
|
||
- type: boolean
|
||
- type: number
|
||
|
||
errorMessage:
|
||
type: string
|
||
nullable: true
|
||
example: "The currently set baseurl does not match the URL through which you have accessed the page. Disregard this if you are accessing the page via an alternate URL (for example via IP address)."
|
||
test:
|
||
nullable: true
|
||
anyOf:
|
||
- type: string
|
||
example: "testBaseURL"
|
||
- type: boolean
|
||
type:
|
||
type: string
|
||
example: "string"
|
||
enum:
|
||
- "string"
|
||
- "boolean"
|
||
- "numeric"
|
||
"null":
|
||
type: boolean
|
||
nullable: true
|
||
subGroup:
|
||
type: string
|
||
nullable: true
|
||
example: "Enrichment"
|
||
cli_only:
|
||
type: integer
|
||
nullable: true
|
||
example: 1
|
||
redacted:
|
||
type: boolean
|
||
nullable: true
|
||
optionsSource:
|
||
type: object
|
||
nullable: true
|
||
afterHook:
|
||
type: string
|
||
nullable: true
|
||
example: "cleanCacheFiles"
|
||
error:
|
||
type: integer
|
||
nullable: true
|
||
example: 1
|
||
tab:
|
||
type: string
|
||
example: "MISP"
|
||
setting:
|
||
type: string
|
||
example: "MISP.baseurl"
|
||
options:
|
||
nullable: true
|
||
anyOf:
|
||
- type: object
|
||
- type: string
|
||
- type: array
|
||
items:
|
||
type: string
|
||
- type: array
|
||
items:
|
||
type: object
|
||
|
||
Worker:
|
||
type: object
|
||
properties:
|
||
pid:
|
||
type: integer
|
||
example: 1233
|
||
user:
|
||
type: string
|
||
example: "www-data"
|
||
alive:
|
||
type: boolean
|
||
correct_user:
|
||
type: boolean
|
||
ok:
|
||
type: boolean
|
||
|
||
WorkersStatus:
|
||
type: object
|
||
properties:
|
||
ok:
|
||
type: boolean
|
||
workers:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/Worker"
|
||
jobCount:
|
||
type: integer
|
||
nullable: true
|
||
example: 0
|
||
|
||
UpdateServerResultItem:
|
||
type: object
|
||
properties:
|
||
input:
|
||
type: string
|
||
example: "cd $(git rev-parse --show-toplevel) && git checkout app\/composer.json 2>&1"
|
||
output:
|
||
type: array
|
||
items:
|
||
type: string
|
||
example: "Updated 1 path from the index"
|
||
status:
|
||
type: integer
|
||
example: 0
|
||
|
||
# Feeds
|
||
FeedId:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
maxLength: 10
|
||
example: "3"
|
||
|
||
FeedName:
|
||
type: string
|
||
maxLength: 255
|
||
example: "CIRCL OSINT Feed"
|
||
|
||
FeedSourceFormat:
|
||
type: string
|
||
enum:
|
||
- "1"
|
||
- "csv"
|
||
- "freetext"
|
||
- "misp"
|
||
|
||
FeedInputSource:
|
||
description: "Specify whether the source (url field) is a directory (local) or an genuine url (network)."
|
||
type: string
|
||
enum:
|
||
- "local"
|
||
- "network"
|
||
|
||
FeedHeaders:
|
||
description: "Headers to be passed with the requests. All separated by \n"
|
||
type: string
|
||
nullable: true
|
||
example: |
|
||
X-Custom-Header-A: Foo
|
||
X-Custom-Header-B: Bar
|
||
|
||
FeedSettings:
|
||
type: string
|
||
nullable: true
|
||
example: '{"csv":{"value":"","delimiter":""},"common":{"excluderegex":""}}'
|
||
|
||
FeedRules:
|
||
description: "Stringified JSON filter rules."
|
||
type: string
|
||
nullable: true
|
||
example: '{"tags":{"OR":[],"NOT":[]},"orgs":{"OR":[],"NOT":[]},"url_params":""}'
|
||
|
||
FeedUrl:
|
||
type: string
|
||
example: "https://www.circl.lu/doc/misp/feed-osint"
|
||
|
||
FeedFixedEvent:
|
||
description: "target_event option might be considered"
|
||
type: boolean
|
||
|
||
FeedDeltaMergeFlag:
|
||
description: "Merge attributes (only add new attribute, remove revoked attributes)"
|
||
type: boolean
|
||
|
||
FeedProvider:
|
||
type: string
|
||
example: "CIRCL"
|
||
|
||
FeedOverrideIDSFlag:
|
||
description: "The IDS flags will be set to Off for this feed"
|
||
type: boolean
|
||
|
||
FeedDeleteLocalFileFlag:
|
||
description: "The IDS flags will be set to Off for this feed"
|
||
type: boolean
|
||
|
||
FeedLookupVisibleFlag:
|
||
description: "The lookup will not be visible in the feed correlation"
|
||
type: boolean
|
||
|
||
FeedCachingEnabledFlag:
|
||
description: "The feed is cached"
|
||
type: boolean
|
||
|
||
FeedForceToIDSFlag:
|
||
description: "The IDS flags will be set to On for this feed"
|
||
type: boolean
|
||
|
||
FeedEnabledFlag:
|
||
type: boolean
|
||
|
||
FeedCacheTimestamp:
|
||
nullable: true
|
||
anyOf:
|
||
- $ref: "#/components/schemas/Timestamp"
|
||
- type: boolean
|
||
|
||
FeedNoId:
|
||
type: object
|
||
properties:
|
||
name:
|
||
$ref: "#/components/schemas/FeedName"
|
||
provider:
|
||
$ref: "#/components/schemas/FeedProvider"
|
||
url:
|
||
$ref: "#/components/schemas/FeedUrl"
|
||
rules:
|
||
$ref: "#/components/schemas/FeedRules"
|
||
enabled:
|
||
$ref: "#/components/schemas/FeedEnabledFlag"
|
||
distribution:
|
||
$ref: "#/components/schemas/DistributionLevelId"
|
||
sharing_group_id:
|
||
$ref: "#/components/schemas/SharingGroupId"
|
||
tag_id:
|
||
$ref: "#/components/schemas/TagId"
|
||
default:
|
||
$ref: "#/components/schemas/IsDefault"
|
||
source_format:
|
||
$ref: "#/components/schemas/FeedSourceFormat"
|
||
fixed_event:
|
||
$ref: "#/components/schemas/FeedFixedEvent"
|
||
delta_merge:
|
||
$ref: "#/components/schemas/FeedDeltaMergeFlag"
|
||
event_id:
|
||
$ref: "#/components/schemas/EventId"
|
||
publish:
|
||
$ref: "#/components/schemas/PublishedFlag"
|
||
override_ids:
|
||
$ref: "#/components/schemas/FeedOverrideIDSFlag"
|
||
settings:
|
||
$ref: "#/components/schemas/FeedSettings"
|
||
input_source:
|
||
$ref: "#/components/schemas/FeedInputSource"
|
||
delete_local_file:
|
||
$ref: "#/components/schemas/FeedDeleteLocalFileFlag"
|
||
lookup_visible:
|
||
$ref: "#/components/schemas/FeedLookupVisibleFlag"
|
||
headers:
|
||
$ref: "#/components/schemas/FeedHeaders"
|
||
caching_enabled:
|
||
$ref: "#/components/schemas/FeedCachingEnabledFlag"
|
||
force_to_ids:
|
||
$ref: "#/components/schemas/FeedForceToIDSFlag"
|
||
orgc_id:
|
||
$ref: "#/components/schemas/OrganisationId"
|
||
cache_timestamp:
|
||
$ref: "#/components/schemas/FeedCacheTimestamp"
|
||
|
||
Feed:
|
||
allOf:
|
||
- type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/FeedId"
|
||
- $ref: "#/components/schemas/FeedNoId"
|
||
|
||
# Warninglists
|
||
WarninglistId:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
maxLength: 10
|
||
example: "3"
|
||
|
||
WarninglistEntry:
|
||
type: object
|
||
properties:
|
||
id:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
example: "1234"
|
||
value:
|
||
type: string
|
||
example: "10.128.0.0/24"
|
||
warninglist_id:
|
||
$ref: "#/components/schemas/WarninglistId"
|
||
|
||
Warninglist:
|
||
type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/WarninglistId"
|
||
name:
|
||
type: string
|
||
example: "List of known domains to know external IP"
|
||
type:
|
||
type: string
|
||
enum:
|
||
- "cidr"
|
||
- "hostname"
|
||
- "substring"
|
||
- "string"
|
||
- "regex"
|
||
example: "cidr"
|
||
description:
|
||
type: string
|
||
version:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
example: "10"
|
||
enabled:
|
||
type: boolean
|
||
warninglist_entry_count:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
example: "1234"
|
||
valid_attributes:
|
||
description: "List of comma separated warninglist types."
|
||
type: string
|
||
example: "domain, hostname, domain|ip, uri, url"
|
||
WarninglistEntry:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/WarninglistEntry"
|
||
|
||
WarninglistsIdFilter:
|
||
anyOf:
|
||
- $ref: "#/components/schemas/WarninglistId"
|
||
- type: array
|
||
items:
|
||
$ref: "#/components/schemas/WarninglistId"
|
||
|
||
WarninglistsNameFilter:
|
||
anyOf:
|
||
- type: string
|
||
example: "%search term%"
|
||
- type: array
|
||
items:
|
||
type: string
|
||
example: "%search term%"
|
||
|
||
# Noticelists
|
||
NoticelistId:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
maxLength: 10
|
||
example: "3"
|
||
|
||
NoticelistEntry:
|
||
type: object
|
||
properties:
|
||
id:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
example: "1234"
|
||
noticelist_id:
|
||
$ref: "#/components/schemas/NoticelistId"
|
||
data:
|
||
type: object
|
||
properties:
|
||
scope:
|
||
type: array
|
||
items:
|
||
type: string
|
||
example: "attribute"
|
||
field:
|
||
type: array
|
||
items:
|
||
type: string
|
||
example: "category"
|
||
value:
|
||
type: array
|
||
items:
|
||
type: string
|
||
example: "Person"
|
||
tags:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/TagName"
|
||
message:
|
||
type: object
|
||
properties:
|
||
en:
|
||
type: string
|
||
example: "This attribute is likely to contain personal data and the data subject is likely to be directly identifiable."
|
||
|
||
Noticelist:
|
||
type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/NoticelistId"
|
||
name:
|
||
type: string
|
||
example: "List of known domains to know external IP"
|
||
type:
|
||
type: string
|
||
enum:
|
||
- "cidr"
|
||
- "hostname"
|
||
- "substring"
|
||
- "string"
|
||
- "regex"
|
||
example: "cidr"
|
||
description:
|
||
type: string
|
||
version:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
example: "10"
|
||
enabled:
|
||
type: boolean
|
||
warninglist_entry_count:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
example: "1234"
|
||
valid_attributes:
|
||
description: "List of comma separated warninglist types."
|
||
type: string
|
||
example: "domain, hostname, domain|ip, uri, url"
|
||
NoticelistEntry:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/NoticelistEntry"
|
||
|
||
# Roles
|
||
RoleId:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
maxLength: 10
|
||
example: "3"
|
||
|
||
RoleName:
|
||
type: string
|
||
maxLength: 255
|
||
example: "ORGNAME"
|
||
|
||
Role:
|
||
type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/RoleId"
|
||
name:
|
||
$ref: "#/components/schemas/RoleName"
|
||
perm_add:
|
||
type: boolean
|
||
perm_modify:
|
||
type: boolean
|
||
perm_modify_org:
|
||
type: boolean
|
||
perm_publish:
|
||
type: boolean
|
||
perm_delegate:
|
||
type: boolean
|
||
perm_sync:
|
||
type: boolean
|
||
perm_admin:
|
||
type: boolean
|
||
perm_audit:
|
||
type: boolean
|
||
perm_auth:
|
||
type: boolean
|
||
perm_site_admin:
|
||
type: boolean
|
||
perm_regexp_access:
|
||
type: boolean
|
||
perm_tagger:
|
||
type: boolean
|
||
perm_template:
|
||
type: boolean
|
||
perm_sharing_group:
|
||
type: boolean
|
||
perm_tag_editor:
|
||
type: boolean
|
||
perm_sighting:
|
||
type: boolean
|
||
perm_object_template:
|
||
type: boolean
|
||
perm_publish_zmq:
|
||
type: boolean
|
||
perm_publish_kafka:
|
||
type: boolean
|
||
perm_decaying:
|
||
type: boolean
|
||
perm_galaxy_editor:
|
||
type: boolean
|
||
default_role:
|
||
type: boolean
|
||
memory_limit:
|
||
type: string
|
||
nullable: true
|
||
pattern: '^\d+$|^$'
|
||
max_execution_time:
|
||
type: string
|
||
nullable: true
|
||
pattern: '^\d+$|^$'
|
||
restricted_to_site_admin:
|
||
type: boolean
|
||
enforce_rate_limit:
|
||
type: boolean
|
||
rate_limit_count:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
permission:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
example: "3"
|
||
permission_description:
|
||
type: string
|
||
example: "publish"
|
||
|
||
# Sharing Groups
|
||
SharingGroupId:
|
||
type: string
|
||
nullable: true
|
||
pattern: '^\d+$|^$'
|
||
maxLength: 10
|
||
example: "1"
|
||
|
||
SharingGroupServerId:
|
||
type: string
|
||
nullable: true
|
||
pattern: '^\d+$|^$'
|
||
maxLength: 10
|
||
example: "1"
|
||
|
||
SharingGroupOrganisationId:
|
||
type: string
|
||
nullable: true
|
||
pattern: '^\d+$|^$'
|
||
maxLength: 10
|
||
example: "1"
|
||
|
||
SharingGroupName:
|
||
type: string
|
||
maxLength: 255
|
||
example: "Banking Sharing Group"
|
||
|
||
SharingGroupDescription:
|
||
type: string
|
||
maxLength: 65535
|
||
example: "Banking Institutions of X Sharing Group"
|
||
|
||
SharingGroupReleasability:
|
||
type: string
|
||
maxLength: 65535
|
||
|
||
SlimSharingGroupNoId:
|
||
type: object
|
||
properties:
|
||
uuid:
|
||
$ref: "#/components/schemas/UUID"
|
||
name:
|
||
$ref: "#/components/schemas/SharingGroupName"
|
||
description:
|
||
$ref: "#/components/schemas/SharingGroupDescription"
|
||
releasability:
|
||
$ref: "#/components/schemas/SharingGroupReleasability"
|
||
local:
|
||
type: boolean
|
||
active:
|
||
type: boolean
|
||
org_count:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
example: "6"
|
||
|
||
SlimSharingGroup:
|
||
allOf:
|
||
- type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/SharingGroupId"
|
||
- $ref: "#/components/schemas/SlimSharingGroupNoId"
|
||
|
||
SharingGroupNoId:
|
||
allOf:
|
||
- $ref: "#/components/schemas/SlimSharingGroupNoId"
|
||
- type: object
|
||
properties:
|
||
organisation_uuid:
|
||
$ref: "#/components/schemas/UUID"
|
||
org_id:
|
||
$ref: "#/components/schemas/OrganisationId"
|
||
sync_user_id:
|
||
$ref: "#/components/schemas/UserId"
|
||
created:
|
||
type: string
|
||
format: datetime
|
||
modified:
|
||
type: string
|
||
format: datetime
|
||
roaming:
|
||
type: boolean
|
||
|
||
SharingGroup:
|
||
allOf:
|
||
- type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/SharingGroupId"
|
||
- $ref: "#/components/schemas/SharingGroupNoId"
|
||
|
||
SharingGroupOrganisation:
|
||
type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/SharingGroupOrganisationId"
|
||
sharing_group_id:
|
||
$ref: "#/components/schemas/SharingGroupId"
|
||
org_id:
|
||
$ref: "#/components/schemas/OrganisationId"
|
||
extend:
|
||
type: boolean
|
||
Organisation:
|
||
type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/OrganisationId"
|
||
name:
|
||
$ref: "#/components/schemas/OrganisationName"
|
||
uuid:
|
||
$ref: "#/components/schemas/UUID"
|
||
|
||
SharingGroupServer:
|
||
type: object
|
||
properties:
|
||
all_orgs:
|
||
type: boolean
|
||
server_id:
|
||
$ref: "#/components/schemas/ServerId"
|
||
sharing_group_id:
|
||
$ref: "#/components/schemas/SharingGroupId"
|
||
Server:
|
||
type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/ServerId"
|
||
name:
|
||
$ref: "#/components/schemas/ServerName"
|
||
|
||
SharingGroupListItem:
|
||
type: object
|
||
properties:
|
||
SharingGroup:
|
||
$ref: "#/components/schemas/SlimSharingGroup"
|
||
Organisation:
|
||
type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/OrganisationId"
|
||
name:
|
||
$ref: "#/components/schemas/OrganisationName"
|
||
uuid:
|
||
$ref: "#/components/schemas/UUID"
|
||
SharingGroupOrg:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/SharingGroupOrganisation"
|
||
SharingGroupServer:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/SharingGroupServer"
|
||
editable:
|
||
type: boolean
|
||
deletable:
|
||
type: boolean
|
||
|
||
# Logs
|
||
LogActionType:
|
||
type: string
|
||
enum:
|
||
- "accept"
|
||
- "accept_delegation"
|
||
- "acceptRegistrations"
|
||
- "add"
|
||
- "admin_email"
|
||
- "attachTags"
|
||
- "auth"
|
||
- "auth_fail"
|
||
- "blocklisted"
|
||
- "captureRelations"
|
||
- "change_pw"
|
||
- "delete"
|
||
- "disable"
|
||
- "discard"
|
||
- "discardRegistrations"
|
||
- "edit"
|
||
- "email"
|
||
- "enable"
|
||
- "enrichment"
|
||
- "error"
|
||
- "export"
|
||
- "fetchEvent"
|
||
- "file_upload"
|
||
- "galaxy"
|
||
- "include_formula"
|
||
- "login"
|
||
- "login_fail"
|
||
- "logout"
|
||
- "merge"
|
||
- "pruneUpdateLogs"
|
||
- "publish"
|
||
- "publish_sightings"
|
||
- "publish alert"
|
||
- "pull"
|
||
- "purge_events"
|
||
- "push"
|
||
- "registration"
|
||
- "registration_error"
|
||
- "remove_dead_workers"
|
||
- "request"
|
||
- "request_delegation"
|
||
- "reset_auth_key"
|
||
- "send_mail"
|
||
- "security"
|
||
- "serverSettingsEdit"
|
||
- "tag"
|
||
- "undelete"
|
||
- "update"
|
||
- "update_database"
|
||
- "update_db_worker"
|
||
- "upgrade_24"
|
||
- "upload_sample"
|
||
- "version_warning"
|
||
- "warning"
|
||
- "wipe_default"
|
||
LogId:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
maxLength: 10
|
||
example: "12345"
|
||
|
||
LogTitle:
|
||
type: string
|
||
example: "Attribute (448272) from Event (1): Other/text foo"
|
||
|
||
LogChange:
|
||
type: string
|
||
example: "name () => (ORGNAME)"
|
||
|
||
LogDescription:
|
||
type: string
|
||
example: 'Organisation "ORGNAME" (1) added by User "SYSTEM" (0).'
|
||
|
||
Log:
|
||
type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/LogId"
|
||
title:
|
||
$ref: "#/components/schemas/LogTitle"
|
||
created:
|
||
type: string
|
||
format: datetime
|
||
model:
|
||
$ref: "#/components/schemas/ModelName"
|
||
model_id:
|
||
$ref: "#/components/schemas/ModelId"
|
||
action:
|
||
$ref: "#/components/schemas/LogActionType"
|
||
user_id:
|
||
$ref: "#/components/schemas/UserId"
|
||
change:
|
||
$ref: "#/components/schemas/LogChange"
|
||
email:
|
||
type: string
|
||
format: email
|
||
org:
|
||
$ref: "#/components/schemas/OrganisationName"
|
||
description:
|
||
$ref: "#/components/schemas/LogDescription"
|
||
ip:
|
||
type: string
|
||
example: "10.0.0.10"
|
||
|
||
# General
|
||
AuthKeyRaw:
|
||
type: string
|
||
minLength: 40
|
||
maxLength: 40
|
||
example: "894c8d095180c7ea28789092e96ca6424199aa4f"
|
||
|
||
DistributionLevelId:
|
||
type: string
|
||
enum: ["0", "1", "2", "3", "4", "5"]
|
||
description: >
|
||
Who will be able to see this event once it becomes published and eventually when it becomes pulled:
|
||
* `0` - Your organization only
|
||
* `1` - This community only
|
||
* `2` - Connected communities
|
||
* `3` - All communities
|
||
* `4` - Sharing group
|
||
* `5` - Inherit Event
|
||
|
||
ThreatLevelId:
|
||
type: string
|
||
enum: ["1", "2", "3", "4"]
|
||
description: >
|
||
Represents the threat level.
|
||
* `1` - High
|
||
* `2` - Medium
|
||
* `3` - Low
|
||
* `4` - Undefined
|
||
|
||
AnalysisLevelId:
|
||
type: string
|
||
enum: ["0", "1", "2"]
|
||
description: >
|
||
Represents the analysis maturity level.
|
||
* `0` - Initial
|
||
* `1` - Ongoing
|
||
* `2` - Complete
|
||
|
||
ToIDS:
|
||
type: boolean
|
||
default: true
|
||
|
||
UUID:
|
||
type: string
|
||
format: uuid
|
||
maxLength: 36
|
||
example: "c99506a6-1255-4b71-afa5-7b8ba48c3b1b"
|
||
|
||
ExtendsUUID:
|
||
type: string
|
||
nullable: true
|
||
maxLength: 36
|
||
example: "c99506a6-1255-4b71-afa5-7b8ba48c3b1b"
|
||
|
||
Timestamp:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
default: "0"
|
||
example: "1617875568"
|
||
|
||
NullableTimestamp:
|
||
nullable: true
|
||
type: string
|
||
pattern: '^\d+$|^$'
|
||
default: "0"
|
||
example: "1617875568"
|
||
|
||
MicroTimestamp:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
example: "1581984000000000"
|
||
|
||
NullableMicroTimestamp:
|
||
nullable: true
|
||
type: string
|
||
pattern: '^\d+$|^$'
|
||
default: null
|
||
example: "1581984000000000"
|
||
|
||
SoftDeletedFlag:
|
||
type: boolean
|
||
default: false
|
||
|
||
PublishedFlag:
|
||
type: boolean
|
||
default: false
|
||
|
||
DisableCorrelationFlag:
|
||
type: boolean
|
||
default: false
|
||
|
||
IsExportable:
|
||
type: boolean
|
||
default: true
|
||
|
||
IsGalaxy:
|
||
type: boolean
|
||
default: true
|
||
|
||
IsCustomGalaxy:
|
||
type: boolean
|
||
default: true
|
||
|
||
IsInherited:
|
||
type: integer
|
||
format: int32
|
||
default: 1
|
||
|
||
IsLocked:
|
||
type: boolean
|
||
|
||
IsDefault:
|
||
type: boolean
|
||
|
||
IsLocal:
|
||
type: boolean
|
||
|
||
IsReadOnly:
|
||
type: boolean
|
||
|
||
Icon:
|
||
type: string
|
||
maxLength: 255
|
||
example: "globe"
|
||
|
||
PageSearchFilter:
|
||
type: integer
|
||
format: int32
|
||
nullable: true
|
||
minimum: 0
|
||
|
||
LimitSearchFilter:
|
||
type: integer
|
||
format: int32
|
||
nullable: true
|
||
minimum: 1
|
||
|
||
SortSearchField:
|
||
description: Field to be used to sort the result
|
||
type: string
|
||
nullable: true
|
||
example: "timestamp"
|
||
|
||
DirectionSearchField:
|
||
description: Sort direction of the result
|
||
type: string
|
||
nullable: true
|
||
default: "asc"
|
||
enum:
|
||
- "asc"
|
||
- "desc"
|
||
|
||
DateRestSearchFilter:
|
||
description: "You can use any of the valid time related filters (examples: 7d, timestamps, [14d, 7d] for ranges, etc.)"
|
||
type: string
|
||
nullable: true
|
||
|
||
DateIntervalRestSearchFilter:
|
||
description: "Interval described by two dates"
|
||
type: array
|
||
minimum: 2
|
||
maximum: 2
|
||
items:
|
||
$ref: "#/components/schemas/DateRestSearchFilter"
|
||
|
||
LastRestSearchFilter:
|
||
description: "Published within the last x amount of time, where x can be defined in days, hours, minutes (for example 5d or 12h or 30m)"
|
||
type: integer
|
||
nullable: true
|
||
|
||
TagsRestSearchFilter:
|
||
nullable: true
|
||
type: array
|
||
items:
|
||
type: string
|
||
example: "tlp:amber"
|
||
|
||
MetadataRestSearchFilter:
|
||
description: "Will only return the metadata of the given query scope, contained data is omitted."
|
||
nullable: true
|
||
type: boolean
|
||
|
||
IncludeEventUUIDRestSearchFlag:
|
||
description: "Include matching eventUuids in the response"
|
||
type: boolean
|
||
default: false
|
||
|
||
IncludeEventTagsRestSearchFlag:
|
||
description: "Include tags of matching events in the response"
|
||
type: boolean
|
||
default: false
|
||
|
||
IncludeProposalsRestSearchFlag:
|
||
description: "Include proposals of matching events in the response"
|
||
type: boolean
|
||
default: false
|
||
|
||
EnforceWarninglistRestSearchFilter:
|
||
description: "Should the warning list be enforced. Adds blocked field for matching attributes"
|
||
nullable: true
|
||
type: boolean
|
||
|
||
RequestedAttributesRestSearchFilter:
|
||
description: "List of properties that will be selected in the CSV export"
|
||
type: array
|
||
items:
|
||
type: string
|
||
example: "id"
|
||
|
||
IncludeContextRestSearchFlag:
|
||
description: "Adds events context fields in the CSV export"
|
||
nullable: true
|
||
type: boolean
|
||
|
||
HeaderlessRestSearchFlag:
|
||
description: "Removes header in the CSV export"
|
||
nullable: true
|
||
type: boolean
|
||
|
||
IncludeWarninglistHitsRestSearchFlag:
|
||
nullable: true
|
||
type: boolean
|
||
|
||
AttackGalaxyRestSearchFilter:
|
||
nullable: true
|
||
type: string
|
||
example: "mitre-attack"
|
||
|
||
ExcludeLocalTagsRestSearchFilter:
|
||
description: "Exclude local tags from the export"
|
||
nullable: true
|
||
type: boolean
|
||
|
||
IncludeSightingDbRestSearchFlag:
|
||
description: "Extend response with Sightings DB results if the module is enabled"
|
||
nullable: true
|
||
type: boolean
|
||
|
||
IncludeCorrelationsRestSearchFlag:
|
||
nullable: true
|
||
type: boolean
|
||
|
||
ModelOverridesRestSearchFilter:
|
||
$ref: "#/components/schemas/DecayingModelParameters"
|
||
|
||
ModelId:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
maxLength: 10
|
||
example: "12345"
|
||
|
||
ModelName:
|
||
type: string
|
||
enum:
|
||
- "AdminSetting"
|
||
- "Allowedlist"
|
||
- "AttachmentScan"
|
||
- "Attribute"
|
||
- "AttributeTag"
|
||
- "AuditLog"
|
||
- "AuthKey"
|
||
- "Bruteforce"
|
||
- "Cerebrate"
|
||
- "Community"
|
||
- "CorrelationExclusion"
|
||
- "Correlation"
|
||
- "Dashboard"
|
||
- "DecayingModelMapping"
|
||
- "DecayingModel"
|
||
- "EventBlocklist"
|
||
- "EventDelegation"
|
||
- "EventGraph"
|
||
- "EventLock"
|
||
- "Event"
|
||
- "EventReport"
|
||
- "EventTag"
|
||
- "FavouriteTag"
|
||
- "Feed"
|
||
- "FuzzyCorrelateSsdeep"
|
||
- "GalaxyClusterBlocklist"
|
||
- "GalaxyCluster"
|
||
- "GalaxyClusterRelation"
|
||
- "GalaxyClusterRelationTag"
|
||
- "GalaxyElement"
|
||
- "Galaxy"
|
||
- "Inbox"
|
||
- "Job"
|
||
- "Log"
|
||
- "MispObject"
|
||
- "Module"
|
||
- "News"
|
||
- "NoticelistEntry"
|
||
- "Noticelist"
|
||
- "NotificationLog"
|
||
- "ObjectReference"
|
||
- "ObjectRelationship"
|
||
- "ObjectTemplateElement"
|
||
- "ObjectTemplate"
|
||
- "Organisation"
|
||
- "OrgBlocklist"
|
||
- "Post"
|
||
- "Regexp"
|
||
- "RestClientHistory"
|
||
- "Role"
|
||
- "Server"
|
||
- "ShadowAttribute"
|
||
- "SharingGroupElement"
|
||
- "SharingGroupOrg"
|
||
- "SharingGroup"
|
||
- "SharingGroupServer"
|
||
- "SightingdbOrg"
|
||
- "Sightingdb"
|
||
- "Sighting"
|
||
- "TagCollection"
|
||
- "TagCollectionTag"
|
||
- "Tag"
|
||
- "Task"
|
||
- "TaxonomyEntry"
|
||
- "Taxonomy"
|
||
- "TaxonomyPredicate"
|
||
- "TemplateElementAttribute"
|
||
- "TemplateElementFile"
|
||
- "TemplateElement"
|
||
- "TemplateElementText"
|
||
- "Template"
|
||
- "TemplateTag"
|
||
- "Thread"
|
||
- "ThreatLevel"
|
||
- "User"
|
||
- "UserSetting"
|
||
- "WarninglistEntry"
|
||
- "Warninglist"
|
||
- "WarninglistType"
|
||
|
||
EventsRestSearchReturnFormat:
|
||
description: "Format of the response payload"
|
||
type: string
|
||
enum:
|
||
- json
|
||
- xml
|
||
- csv
|
||
- text
|
||
- stix
|
||
- stix2
|
||
- stix-json
|
||
- attack
|
||
- attack-sightings
|
||
- cache
|
||
- count
|
||
- hashes
|
||
- netfilter
|
||
- opendata
|
||
- openioc
|
||
- rpz
|
||
- snort
|
||
- suricata
|
||
- yara
|
||
- yara-json
|
||
|
||
AttributesRestSearchReturnFormat:
|
||
description: "Format of the response payload"
|
||
type: string
|
||
enum:
|
||
- json
|
||
- xml
|
||
- csv
|
||
- text
|
||
- hashes
|
||
- cache
|
||
- count
|
||
- netfilter
|
||
- opendata
|
||
- openioc
|
||
- rpz
|
||
- snort
|
||
- suricata
|
||
- text
|
||
- yara
|
||
- yara-json
|
||
|
||
ObjectRelationRestSearchFilter:
|
||
description: "Filter by the attribute object relation value"
|
||
nullable: true
|
||
type: string
|
||
example: "filepath"
|
||
|
||
# AuthKeys
|
||
AuthKeyId:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
maxLength: 10
|
||
example: "12345"
|
||
|
||
AuthKey:
|
||
type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/AuthKeyId"
|
||
uuid:
|
||
$ref: "#/components/schemas/UUID"
|
||
authkey_start:
|
||
type: string
|
||
maxLength: 4
|
||
authkey_end:
|
||
type: string
|
||
maxLength: 4
|
||
created:
|
||
$ref: "#/components/schemas/Timestamp"
|
||
expiration:
|
||
type: string
|
||
format: datetime
|
||
example: "1970-01-01 00:00:00"
|
||
nullable: true
|
||
read_only:
|
||
$ref: "#/components/schemas/IsReadOnly"
|
||
user_id:
|
||
$ref: "#/components/schemas/UserId"
|
||
comment:
|
||
type: string
|
||
allowed_ips:
|
||
type: array
|
||
items:
|
||
description: IP address
|
||
type: string
|
||
example: "127.0.0.1"
|
||
nullable: true
|
||
last_used:
|
||
$ref: "#/components/schemas/NullableTimestamp"
|
||
|
||
ApiError:
|
||
type: object
|
||
required:
|
||
- name
|
||
- message
|
||
- url
|
||
properties:
|
||
name:
|
||
type: string
|
||
message:
|
||
type: string
|
||
url:
|
||
type: string
|
||
example: "/attributes"
|
||
|
||
UnauthorizedApiError:
|
||
type: object
|
||
required:
|
||
- name
|
||
- message
|
||
- url
|
||
properties:
|
||
name:
|
||
type: string
|
||
example: "Authentication failed. Please make sure you pass the API key of an API enabled user along in the Authorization header."
|
||
message:
|
||
type: string
|
||
example: "Authentication failed. Please make sure you pass the API key of an API enabled user along in the Authorization header."
|
||
url:
|
||
type: string
|
||
example: "/attributes"
|
||
|
||
NotFoundApiError:
|
||
type: object
|
||
required:
|
||
- name
|
||
- message
|
||
- url
|
||
properties:
|
||
name:
|
||
type: string
|
||
example: "Invalid attribute"
|
||
message:
|
||
type: string
|
||
example: "Invalid attribute"
|
||
url:
|
||
type: string
|
||
example: "/attributes/1234"
|
||
|
||
parameters:
|
||
eventIdParameter:
|
||
name: eventId
|
||
in: path
|
||
description: "UUID or numeric ID of the event"
|
||
required: true
|
||
schema:
|
||
oneOf:
|
||
- $ref: "#/components/schemas/EventId"
|
||
- $ref: "#/components/schemas/UUID"
|
||
|
||
attributeIdParameter:
|
||
name: attributeId
|
||
in: path
|
||
description: "UUID or numeric ID of the attribute"
|
||
required: true
|
||
schema:
|
||
oneOf:
|
||
- $ref: "#/components/schemas/AttributeId"
|
||
- $ref: "#/components/schemas/UUID"
|
||
|
||
tagIdParameter:
|
||
name: tagId
|
||
in: path
|
||
description: Numeric ID of the attribute
|
||
required: true
|
||
schema:
|
||
$ref: "#/components/schemas/TagId"
|
||
|
||
tagSearchTermParameter:
|
||
name: tagSearchTerm
|
||
in: path
|
||
description: Tag search term
|
||
required: true
|
||
schema:
|
||
type: string
|
||
example: "%tlp%"
|
||
|
||
galaxyIdParameter:
|
||
name: galaxyId
|
||
in: path
|
||
description: "UUID or numeric ID of the galaxy"
|
||
required: true
|
||
schema:
|
||
oneOf:
|
||
- $ref: "#/components/schemas/GalaxyId"
|
||
- $ref: "#/components/schemas/UUID"
|
||
|
||
galaxyClusterIdParameter:
|
||
name: galaxyClusterId
|
||
in: path
|
||
description: "UUID or numeric ID of the galaxy cluster"
|
||
required: true
|
||
schema:
|
||
oneOf:
|
||
- $ref: "#/components/schemas/GalaxyClusterId"
|
||
- $ref: "#/components/schemas/UUID"
|
||
|
||
userIdParameter:
|
||
name: userId
|
||
in: path
|
||
description: "Numeric ID of the user"
|
||
required: true
|
||
schema:
|
||
$ref: "#/components/schemas/UserId"
|
||
|
||
firstTimeResetParameter:
|
||
name: firstTimeReset
|
||
in: path
|
||
description: "First time reset is set to `1` only for new user registrations."
|
||
required: true
|
||
schema:
|
||
type: string
|
||
enum:
|
||
- "0"
|
||
- "1"
|
||
|
||
organisationIdParameter:
|
||
name: organisationId
|
||
in: path
|
||
description: "UUID or numeric ID of the organisation"
|
||
required: true
|
||
schema:
|
||
oneOf:
|
||
- $ref: "#/components/schemas/OrganisationId"
|
||
- $ref: "#/components/schemas/UUID"
|
||
|
||
serverIdParameter:
|
||
name: serverId
|
||
in: path
|
||
description: "UUID or numeric ID of the server"
|
||
required: true
|
||
schema:
|
||
oneOf:
|
||
- $ref: "#/components/schemas/ServerId"
|
||
- $ref: "#/components/schemas/UUID"
|
||
|
||
pullTechniqueParameter:
|
||
name: pullTechnique
|
||
in: path
|
||
description: "Pull technique to be used for pulling events from this instance."
|
||
required: true
|
||
schema:
|
||
type: string
|
||
enum:
|
||
- "full"
|
||
- "incremental"
|
||
- "pull_relevant_clusters"
|
||
|
||
pushTechniqueParameter:
|
||
name: pushTechnique
|
||
in: path
|
||
description: "Push technique to be used for pushing events to this instance."
|
||
required: true
|
||
schema:
|
||
type: string
|
||
enum:
|
||
- "full"
|
||
- "incremental"
|
||
|
||
workerTypeParameter:
|
||
name: workerType
|
||
in: path
|
||
description: "Worker type."
|
||
required: true
|
||
schema:
|
||
type: string
|
||
enum:
|
||
- "default"
|
||
- "email"
|
||
- "scheduler"
|
||
- "cache"
|
||
- "prio"
|
||
- "update"
|
||
|
||
workerPidParameter:
|
||
name: workerPid
|
||
in: path
|
||
description: "Worker PID."
|
||
required: true
|
||
schema:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
|
||
settingNameParameter:
|
||
name: settingName
|
||
in: path
|
||
description: "Setting name."
|
||
required: true
|
||
schema:
|
||
type: string
|
||
example: "MISP.background_jobs"
|
||
|
||
sharingGroupIdParameter:
|
||
name: sharingGroupId
|
||
in: path
|
||
description: "UUID or numeric ID of the sharing group"
|
||
required: true
|
||
schema:
|
||
oneOf:
|
||
- $ref: "#/components/schemas/SharingGroupId"
|
||
- $ref: "#/components/schemas/UUID"
|
||
|
||
sharingGroupServerIdParameter:
|
||
name: sharingGroupServerId
|
||
in: path
|
||
description: "UUID or numeric ID of the sharing group server"
|
||
required: true
|
||
schema:
|
||
$ref: "#/components/schemas/SharingGroupServerId"
|
||
|
||
feedIdParameter:
|
||
name: feedId
|
||
in: path
|
||
description: "UUID or numeric ID of the feed"
|
||
required: true
|
||
schema:
|
||
oneOf:
|
||
- $ref: "#/components/schemas/FeedId"
|
||
- $ref: "#/components/schemas/UUID"
|
||
|
||
warninglistIdParameter:
|
||
name: warninglistId
|
||
in: path
|
||
description: "Numeric ID of the warninglist"
|
||
required: true
|
||
schema:
|
||
$ref: "#/components/schemas/WarninglistId"
|
||
|
||
noticelistIdParameter:
|
||
name: noticelistId
|
||
in: path
|
||
description: "Numeric ID of the noticelist"
|
||
required: true
|
||
schema:
|
||
$ref: "#/components/schemas/NoticelistId"
|
||
|
||
sightingIdParameter:
|
||
name: sightingId
|
||
in: path
|
||
description: "UUID or numeric ID of the sighting"
|
||
required: true
|
||
schema:
|
||
$ref: "#/components/schemas/SightingId"
|
||
|
||
cacheFeedsScopeParameter:
|
||
name: cacheFeedsScope
|
||
in: path
|
||
description: "Cache feeds strategy"
|
||
required: true
|
||
schema:
|
||
type: string
|
||
enum:
|
||
- "all"
|
||
- "csv"
|
||
- "freetext"
|
||
|
||
attachTargetIdParameter:
|
||
name: attachTargetId
|
||
in: path
|
||
description: "UUID or numeric ID of the target entity (Event, Attribute or TagCollection)"
|
||
required: true
|
||
schema:
|
||
anyOf:
|
||
- $ref: "#/components/schemas/EventId"
|
||
- $ref: "#/components/schemas/AttributeId"
|
||
- $ref: "#/components/schemas/TagCollectionId"
|
||
|
||
attachTargetTypeParameter:
|
||
name: attachTargetType
|
||
in: path
|
||
description: "Type of the target entity to attach to the galaxy cluster."
|
||
required: true
|
||
schema:
|
||
type: string
|
||
enum:
|
||
- "event"
|
||
- "attribute"
|
||
- "tag_collection"
|
||
|
||
attributeStatisticsContextParameter:
|
||
name: context
|
||
in: path
|
||
required: true
|
||
description: Context of the statistics.
|
||
schema:
|
||
type: string
|
||
default: "type"
|
||
enum:
|
||
- type
|
||
- category
|
||
|
||
attributeStatisticsPercentageParameter:
|
||
name: percentage
|
||
in: path
|
||
required: true
|
||
description: "`0` to show attribute count, `1` for showing percentages"
|
||
schema:
|
||
type: integer
|
||
|
||
objectIdParameter:
|
||
name: objectId
|
||
in: path
|
||
description: "UUID or numeric ID of the object"
|
||
required: true
|
||
schema:
|
||
oneOf:
|
||
- $ref: "#/components/schemas/ObjectId"
|
||
- $ref: "#/components/schemas/UUID"
|
||
|
||
hardDeleteParameter:
|
||
name: hardDelete
|
||
in: path
|
||
description: "`1` for hard delete the entity, `0` for soft deletion."
|
||
required: true
|
||
schema:
|
||
type: string
|
||
enum:
|
||
- "0"
|
||
- "1"
|
||
|
||
objectTemplateIdParameter:
|
||
name: objectTemplateId
|
||
in: path
|
||
description: "UUID or numeric ID of the object template"
|
||
required: true
|
||
schema:
|
||
oneOf:
|
||
- $ref: "#/components/schemas/ObjectTemplateId"
|
||
- $ref: "#/components/schemas/UUID"
|
||
|
||
authKeyIdParameter:
|
||
name: authKeyId
|
||
in: path
|
||
description: "UUID or numeric ID of the auth key"
|
||
required: true
|
||
schema:
|
||
oneOf:
|
||
- $ref: "#/components/schemas/AuthKeyId"
|
||
- $ref: "#/components/schemas/UUID"
|
||
|
||
userSettingIdParameter:
|
||
name: userSettingId
|
||
in: path
|
||
description: "UUID or numeric ID of the user setting"
|
||
required: true
|
||
schema:
|
||
$ref: "#/components/schemas/UserSettingId"
|
||
|
||
userSettingNameParameter:
|
||
name: userSettingName
|
||
in: path
|
||
description: "Name of the user setting"
|
||
required: true
|
||
schema:
|
||
$ref: "#/components/schemas/UserSettingName"
|
||
|
||
taxonomyIdParameter:
|
||
name: taxonomyId
|
||
in: path
|
||
description: "Numeric ID of the taxonomy"
|
||
required: true
|
||
schema:
|
||
$ref: "#/components/schemas/TaxonomyId"
|
||
|
||
securitySchemes:
|
||
ApiKeyAuth:
|
||
type: apiKey
|
||
in: header
|
||
name: Authorization
|
||
description: |
|
||
The authentication of the automation is performed via a secure key available in the MISP UI interface.
|
||
Make sure you keep that key secret as it gives access to the entire database! The [API](https://www.circl.lu/doc/misp/GLOSSARY.html#api)
|
||
key is available in the event actions menu under automation.
|
||
|
||
The authorization is performed by using the following header in the API requests:
|
||
|
||
Authorization: YOUR_API_KEY
|
||
|
||
> **NOTE**: Since version 2.2 the usage of the authentication key in the URL is deprecated.
|
||
Instead, pass the auth key in an Authorization header in the request. The legacy option of having the auth key
|
||
in the URL is temporarily still supported but not recommended.
|
||
|
||
requestBodies:
|
||
AddAttributeRequest:
|
||
required: true
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/AttributeNoId"
|
||
|
||
EditAttributeRequest:
|
||
required: true
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/Attribute"
|
||
|
||
RestSearchAttributesRequest:
|
||
required: true
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/AttributeRestSearchFilter"
|
||
|
||
AddEventRequest:
|
||
required: true
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/EventNoId"
|
||
|
||
EditEventRequest:
|
||
required: true
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/EventNoId"
|
||
|
||
SearchEventRequest:
|
||
required: true
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
page:
|
||
$ref: "#/components/schemas/PageSearchFilter"
|
||
limit:
|
||
$ref: "#/components/schemas/LimitSearchFilter"
|
||
sort:
|
||
$ref: "#/components/schemas/SortSearchField"
|
||
direction:
|
||
$ref: "#/components/schemas/DirectionSearchField"
|
||
minimal:
|
||
description: "Returns a minimal version of the event, only events with `attributeCount` > 0 will be returned"
|
||
type: boolean
|
||
nullable: true
|
||
default: false
|
||
attribute:
|
||
description: "Filter events matching the given string with attributes values"
|
||
type: string
|
||
nullable: true
|
||
example: "covert channel"
|
||
eventid:
|
||
$ref: "#/components/schemas/EventId"
|
||
datefrom:
|
||
description: "Event creation date is greater or equal"
|
||
type: string
|
||
nullable: true
|
||
format: date
|
||
example: "2021-03-05"
|
||
dateuntil:
|
||
description: "Event creation date is less or equal"
|
||
type: string
|
||
nullable: true
|
||
format: date
|
||
example: "2021-03-05"
|
||
org:
|
||
description: "Filter events by matching the creator organisation name"
|
||
type: string
|
||
nullable: true
|
||
example: "CIRCL"
|
||
eventinfo:
|
||
description: "Filter events by matching the event info text"
|
||
type: string
|
||
nullable: true
|
||
example: "Phishing campaing"
|
||
tag:
|
||
$ref: "#/components/schemas/TagName"
|
||
tags:
|
||
description: "Filter events by matching *any* of the event tags of a given list of tag names"
|
||
type: array
|
||
nullable: true
|
||
items:
|
||
$ref: "#/components/schemas/TagName"
|
||
example:
|
||
- "tlp:amber"
|
||
- 'cycat:scope="exploit"'
|
||
distribution:
|
||
$ref: "#/components/schemas/DistributionLevelId"
|
||
sharinggroup:
|
||
$ref: "#/components/schemas/SharingGroupId"
|
||
analysis:
|
||
$ref: "#/components/schemas/AnalysisLevelId"
|
||
threatlevel:
|
||
$ref: "#/components/schemas/ThreatLevelId"
|
||
email:
|
||
description: "Filter events by matching the event creator user email"
|
||
type: string
|
||
nullable: true
|
||
format: email
|
||
example: "admin@admin.test"
|
||
hasproposal:
|
||
description: "Filter events by checking if it has attributes with change proposals. Possible values: `0`, `1`"
|
||
type: string
|
||
nullable: true
|
||
example: "1"
|
||
timestamp:
|
||
description: "Event timestamp greater or equal"
|
||
type: string
|
||
nullable: true
|
||
example: "1"
|
||
publish_timestamp:
|
||
description: "Event publish timestamp greater or equal"
|
||
type: string
|
||
nullable: true
|
||
example: "1"
|
||
searchDatefrom:
|
||
description: "Filters on the date, anything newer than the given date in YYYY-MM-DD format is taken - non-negatable"
|
||
type: string
|
||
nullable: true
|
||
example: "2020-01-20"
|
||
searchDateuntil:
|
||
description: "Filters on the date, anything older than the given date in YYYY-MM-DD format is taken - non-negatable"
|
||
type: string
|
||
nullable: true
|
||
example: "2020-01-20"
|
||
|
||
RestSearchEventsRequest:
|
||
required: true
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
page:
|
||
$ref: "#/components/schemas/PageSearchFilter"
|
||
limit:
|
||
$ref: "#/components/schemas/LimitSearchFilter"
|
||
value:
|
||
$ref: "#/components/schemas/AttributeValue"
|
||
type:
|
||
$ref: "#/components/schemas/AttributeType"
|
||
category:
|
||
$ref: "#/components/schemas/AttributeCategory"
|
||
org:
|
||
oneOf:
|
||
- $ref: "#/components/schemas/OrganisationId"
|
||
- $ref: "#/components/schemas/OrganisationName"
|
||
tags:
|
||
$ref: "#/components/schemas/TagsRestSearchFilter"
|
||
searchall:
|
||
description: "Search events by matching any tag names, event descriptions, attribute values or attribute comments"
|
||
type: string
|
||
example: malware
|
||
from:
|
||
$ref: "#/components/schemas/DateRestSearchFilter"
|
||
to:
|
||
$ref: "#/components/schemas/DateRestSearchFilter"
|
||
last:
|
||
$ref: "#/components/schemas/LastRestSearchFilter"
|
||
eventid:
|
||
$ref: "#/components/schemas/EventId"
|
||
withAttachments:
|
||
description: "Extends the response with the base64 representation of the attachment, if there is one"
|
||
type: boolean
|
||
default: false
|
||
metadata:
|
||
$ref: "#/components/schemas/MetadataRestSearchFilter"
|
||
uuid:
|
||
$ref: "#/components/schemas/UUID"
|
||
publish_timestamp:
|
||
$ref: "#/components/schemas/Timestamp"
|
||
timestamp:
|
||
$ref: "#/components/schemas/Timestamp"
|
||
published:
|
||
$ref: "#/components/schemas/PublishedFlag"
|
||
enforceWarninglist:
|
||
$ref: "#/components/schemas/EnforceWarninglistRestSearchFilter"
|
||
sgReferenceOnly:
|
||
description: "Will only return the sharing group ID"
|
||
type: boolean
|
||
requested_attributes:
|
||
$ref: "#/components/schemas/RequestedAttributesRestSearchFilter"
|
||
includeContext:
|
||
$ref: "#/components/schemas/IncludeContextRestSearchFlag"
|
||
headerless:
|
||
$ref: "#/components/schemas/HeaderlessRestSearchFlag"
|
||
includeWarninglistHits:
|
||
$ref: "#/components/schemas/IncludeWarninglistHitsRestSearchFlag"
|
||
attackGalaxy:
|
||
$ref: "#/components/schemas/AttackGalaxyRestSearchFilter"
|
||
to_ids:
|
||
$ref: "#/components/schemas/ToIDS"
|
||
deleted:
|
||
$ref: "#/components/schemas/SoftDeletedFlag"
|
||
excludeLocalTags:
|
||
$ref: "#/components/schemas/ExcludeLocalTagsRestSearchFilter"
|
||
date:
|
||
$ref: "#/components/schemas/DateRestSearchFilter"
|
||
includeSightingdb:
|
||
$ref: "#/components/schemas/IncludeSightingDbRestSearchFlag"
|
||
tag:
|
||
$ref: "#/components/schemas/TagName"
|
||
object_relation:
|
||
$ref: "#/components/schemas/ObjectRelationRestSearchFilter"
|
||
threat_level_id:
|
||
$ref: "#/components/schemas/ThreatLevelId"
|
||
returnFormat:
|
||
$ref: "#/components/schemas/EventsRestSearchReturnFormat"
|
||
|
||
SearchGalaxyRequest:
|
||
required: true
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
value:
|
||
$ref: "#/components/schemas/GalaxyValueSearchFilter"
|
||
|
||
ImportGalaxyClusterRequest:
|
||
required: true
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/ImportGalaxyClusterItem"
|
||
|
||
ExportGalaxyClusterRequest:
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
Galaxy:
|
||
type: object
|
||
properties:
|
||
default:
|
||
description: "`true` to filter out galaxy clusters with `default=true` set."
|
||
type: boolean
|
||
custom:
|
||
description: "`true` to filter out galaxy clusters with `default=false` set"
|
||
type: boolean
|
||
distribution:
|
||
$ref: "#/components/schemas/DistributionLevelId"
|
||
format:
|
||
description: "If set to `misp-galaxy` result set is in the misp-galaxy format."
|
||
type: string
|
||
enum:
|
||
- "default"
|
||
- "misp-galaxy"
|
||
download:
|
||
description: "`true` returns the response as a json file attachment, `false` returns the response in the response body."
|
||
type: boolean
|
||
|
||
AttachGalaxyClusterRequest:
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
Galaxy:
|
||
type: object
|
||
properties:
|
||
target_id:
|
||
description: "Target galaxy cluster to attach."
|
||
type: integer
|
||
format: int32
|
||
example: 1235
|
||
|
||
SearchGalaxyClustersRequest:
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
context:
|
||
type: string
|
||
enum:
|
||
- "all"
|
||
- "default"
|
||
- "org"
|
||
- "deleted"
|
||
searchall:
|
||
description: "Search galaxy clusters by matching any value, description, uuid or galaxy elements values."
|
||
type: string
|
||
example: "botnet"
|
||
|
||
AddGalaxyClusterRequest:
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/GalaxyCluster"
|
||
|
||
EditGalaxyClusterRequest:
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/GalaxyCluster"
|
||
|
||
AddUserRequest:
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/UserNoId"
|
||
|
||
EditUserRequest:
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/User"
|
||
|
||
AddOrganisationRequest:
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/OrganisationNoId"
|
||
|
||
EditOrganisationRequest:
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
name:
|
||
$ref: "#/components/schemas/OrganisationName"
|
||
type:
|
||
$ref: "#/components/schemas/OrganisationType"
|
||
nationality:
|
||
type: string
|
||
nullable: true
|
||
sector:
|
||
type: string
|
||
nullable: true
|
||
contacts:
|
||
type: string
|
||
nullable: true
|
||
description:
|
||
type: string
|
||
nullable: true
|
||
local:
|
||
type: boolean
|
||
nullable: true
|
||
uuid:
|
||
type: string
|
||
nullable: true
|
||
format: uuid
|
||
restricted_to_domain:
|
||
nullable: true
|
||
type: array
|
||
items:
|
||
type: string
|
||
format: hostname
|
||
|
||
AddServerRequest:
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/ServerNoId"
|
||
|
||
EditServerRequest:
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/Server"
|
||
|
||
EditServerSettingRequest:
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
value:
|
||
anyOf:
|
||
- type: string
|
||
- type: boolean
|
||
- type: number
|
||
- type: object
|
||
|
||
ImportServerRequest:
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
name:
|
||
$ref: "#/components/schemas/ServerName"
|
||
url:
|
||
type: string
|
||
example: "https://misppriv.circl.lu"
|
||
uuid:
|
||
$ref: "#/components/schemas/UUID"
|
||
authkey:
|
||
$ref: "#/components/schemas/AuthKeyRaw"
|
||
Organisation:
|
||
type: object
|
||
properties:
|
||
name:
|
||
$ref: "#/components/schemas/OrganisationName"
|
||
|
||
AddSharingGroupRequest:
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/SharingGroupNoId"
|
||
|
||
EditSharingGroupRequest:
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/SharingGroup"
|
||
|
||
AddFeedRequest:
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
name:
|
||
$ref: "#/components/schemas/FeedName"
|
||
provider:
|
||
$ref: "#/components/schemas/FeedProvider"
|
||
url:
|
||
$ref: "#/components/schemas/FeedUrl"
|
||
rules:
|
||
$ref: "#/components/schemas/FeedRules"
|
||
enabled:
|
||
$ref: "#/components/schemas/FeedEnabledFlag"
|
||
distribution:
|
||
$ref: "#/components/schemas/DistributionLevelId"
|
||
sharing_group_id:
|
||
$ref: "#/components/schemas/SharingGroupId"
|
||
tag_id:
|
||
$ref: "#/components/schemas/TagId"
|
||
source_format:
|
||
$ref: "#/components/schemas/FeedSourceFormat"
|
||
fixed_event:
|
||
$ref: "#/components/schemas/FeedFixedEvent"
|
||
delta_merge:
|
||
$ref: "#/components/schemas/FeedDeltaMergeFlag"
|
||
event_id:
|
||
$ref: "#/components/schemas/EventId"
|
||
publish:
|
||
$ref: "#/components/schemas/PublishedFlag"
|
||
override_ids:
|
||
$ref: "#/components/schemas/FeedOverrideIDSFlag"
|
||
input_source:
|
||
$ref: "#/components/schemas/FeedInputSource"
|
||
delete_local_file:
|
||
$ref: "#/components/schemas/FeedDeleteLocalFileFlag"
|
||
lookup_visible:
|
||
$ref: "#/components/schemas/FeedLookupVisibleFlag"
|
||
headers:
|
||
$ref: "#/components/schemas/FeedHeaders"
|
||
caching_enabled:
|
||
$ref: "#/components/schemas/FeedCachingEnabledFlag"
|
||
force_to_ids:
|
||
$ref: "#/components/schemas/FeedForceToIDSFlag"
|
||
orgc_id:
|
||
$ref: "#/components/schemas/OrganisationId"
|
||
|
||
EditFeedRequest:
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/FeedId"
|
||
name:
|
||
$ref: "#/components/schemas/FeedName"
|
||
provider:
|
||
$ref: "#/components/schemas/FeedProvider"
|
||
url:
|
||
$ref: "#/components/schemas/FeedUrl"
|
||
rules:
|
||
$ref: "#/components/schemas/FeedRules"
|
||
enabled:
|
||
$ref: "#/components/schemas/FeedEnabledFlag"
|
||
distribution:
|
||
$ref: "#/components/schemas/DistributionLevelId"
|
||
sharing_group_id:
|
||
$ref: "#/components/schemas/SharingGroupId"
|
||
tag_id:
|
||
$ref: "#/components/schemas/TagId"
|
||
source_format:
|
||
$ref: "#/components/schemas/FeedSourceFormat"
|
||
fixed_event:
|
||
$ref: "#/components/schemas/FeedFixedEvent"
|
||
delta_merge:
|
||
$ref: "#/components/schemas/FeedDeltaMergeFlag"
|
||
event_id:
|
||
$ref: "#/components/schemas/EventId"
|
||
publish:
|
||
$ref: "#/components/schemas/PublishedFlag"
|
||
override_ids:
|
||
$ref: "#/components/schemas/FeedOverrideIDSFlag"
|
||
input_source:
|
||
$ref: "#/components/schemas/FeedInputSource"
|
||
delete_local_file:
|
||
$ref: "#/components/schemas/FeedDeleteLocalFileFlag"
|
||
lookup_visible:
|
||
$ref: "#/components/schemas/FeedLookupVisibleFlag"
|
||
headers:
|
||
$ref: "#/components/schemas/FeedHeaders"
|
||
caching_enabled:
|
||
$ref: "#/components/schemas/FeedCachingEnabledFlag"
|
||
force_to_ids:
|
||
$ref: "#/components/schemas/FeedForceToIDSFlag"
|
||
orgc_id:
|
||
$ref: "#/components/schemas/OrganisationId"
|
||
|
||
WarninglistsSearchRequest:
|
||
content:
|
||
application/x-www-form-urlencoded:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
value:
|
||
description: "Search term to be used to match warninglists name, description or type."
|
||
type: string
|
||
nullable: true
|
||
enabled:
|
||
type: boolean
|
||
nullable: true
|
||
|
||
WarninglistsToggleEnableRequest:
|
||
content:
|
||
application/x-www-form-urlencoded:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/WarninglistsIdFilter"
|
||
name:
|
||
$ref: "#/components/schemas/WarninglistsNameFilter"
|
||
enabled:
|
||
type: boolean
|
||
nullable: false
|
||
|
||
WarninglistCheckValuesRequest:
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: array
|
||
items:
|
||
type: string
|
||
example: "10.128.0.2"
|
||
|
||
ToggleEnableNoticelistRequest:
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
Noticelist:
|
||
type: object
|
||
properties:
|
||
data:
|
||
description: "Id of the noticelist to enable/disable."
|
||
type: integer
|
||
example: 1
|
||
|
||
AddObjectRequest:
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
Attribute:
|
||
type: array
|
||
items:
|
||
type: object
|
||
properties:
|
||
category:
|
||
$ref: "#/components/schemas/AttributeCategory"
|
||
value:
|
||
$ref: "#/components/schemas/AttributeValue"
|
||
to_ids:
|
||
$ref: "#/components/schemas/ToIDS"
|
||
disable_correlation:
|
||
$ref: "#/components/schemas/DisableCorrelationFlag"
|
||
distribution:
|
||
$ref: "#/components/schemas/DistributionLevelId"
|
||
comment:
|
||
$ref: "#/components/schemas/AttributeComment"
|
||
object_relation:
|
||
$ref: "#/components/schemas/ObjectRelation"
|
||
|
||
AddSightingsRequest:
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
values:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/AttributeValue"
|
||
timestamp:
|
||
$ref: "#/components/schemas/NullableTimestamp"
|
||
filters:
|
||
$ref: "#/components/schemas/AttributeRestSearchFilter"
|
||
|
||
AddTagRequest:
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/TagNoId"
|
||
|
||
EditTagRequest:
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/TagNoId"
|
||
|
||
GetLogsRequest:
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
page:
|
||
$ref: "#/components/schemas/PageSearchFilter"
|
||
limit:
|
||
$ref: "#/components/schemas/LimitSearchFilter"
|
||
id:
|
||
$ref: "#/components/schemas/LogId"
|
||
title:
|
||
$ref: "#/components/schemas/LogTitle"
|
||
created:
|
||
oneOf:
|
||
- $ref: "#/components/schemas/DateRestSearchFilter"
|
||
- $ref: "#/components/schemas/DateIntervalRestSearchFilter"
|
||
model:
|
||
$ref: "#/components/schemas/ModelName"
|
||
model_id:
|
||
$ref: "#/components/schemas/ModelId"
|
||
action:
|
||
$ref: "#/components/schemas/LogActionType"
|
||
user_id:
|
||
$ref: "#/components/schemas/UserId"
|
||
change:
|
||
type: string
|
||
description: "Text search for log change property"
|
||
example: "%name () => (ORGNAME)%"
|
||
email:
|
||
type: string
|
||
format: email
|
||
org:
|
||
type: string
|
||
description: "Text search for log organisation name property"
|
||
example: "ORG_%"
|
||
description:
|
||
type: string
|
||
description: "Text search for log change property"
|
||
example: "%updated by User%"
|
||
ip:
|
||
type: string
|
||
description: "Text search for log ip property"
|
||
|
||
GetAuthKeyRequest:
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
page:
|
||
$ref: "#/components/schemas/PageSearchFilter"
|
||
limit:
|
||
$ref: "#/components/schemas/LimitSearchFilter"
|
||
id:
|
||
$ref: "#/components/schemas/AuthKeyId"
|
||
uuid:
|
||
$ref: "#/components/schemas/UUID"
|
||
authkey_start:
|
||
description: "Search term matching the first 4 characers of the authkey"
|
||
type: string
|
||
authkey_end:
|
||
description: "Search term matching the last 4 characers of the authkey"
|
||
type: string
|
||
created:
|
||
$ref: "#/components/schemas/DateRestSearchFilter"
|
||
expiration:
|
||
$ref: "#/components/schemas/DateRestSearchFilter"
|
||
read_only:
|
||
$ref: "#/components/schemas/IsReadOnly"
|
||
user_id:
|
||
$ref: "#/components/schemas/UserId"
|
||
comment:
|
||
type: string
|
||
allowed_ips:
|
||
description: "Stringified JSON array of the IP addresses."
|
||
type: string
|
||
example: '["127.0.0.1","127.0.0.2"]'
|
||
last_used:
|
||
$ref: "#/components/schemas/DateRestSearchFilter"
|
||
|
||
AddAuthKeyRequest:
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
uuid:
|
||
$ref: "#/components/schemas/UUID"
|
||
read_only:
|
||
$ref: "#/components/schemas/IsReadOnly"
|
||
user_id:
|
||
$ref: "#/components/schemas/UserId"
|
||
comment:
|
||
type: string
|
||
allowed_ips:
|
||
type: array
|
||
items:
|
||
description: IP address
|
||
type: string
|
||
example: "127.0.0.1"
|
||
nullable: true
|
||
|
||
EditAuthKeyRequest:
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
read_only:
|
||
$ref: "#/components/schemas/IsReadOnly"
|
||
comment:
|
||
type: string
|
||
allowed_ips:
|
||
type: array
|
||
items:
|
||
description: IP address
|
||
type: string
|
||
example: "127.0.0.1"
|
||
nullable: true
|
||
|
||
GetUserSettingRequest:
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/UserSettingId"
|
||
setting:
|
||
$ref: "#/components/schemas/UserSettingName"
|
||
user_id:
|
||
$ref: "#/components/schemas/UserId"
|
||
|
||
SetUserSettingRequest:
|
||
content:
|
||
application/json:
|
||
schema:
|
||
anyOf:
|
||
- $ref: "#/components/schemas/DashboardUserSetting"
|
||
- $ref: "#/components/schemas/PublishAlertFilterUserSetting"
|
||
- $ref: "#/components/schemas/DashboardAccessUserSetting"
|
||
- $ref: "#/components/schemas/HomepageUserSetting"
|
||
- $ref: "#/components/schemas/DefaultRestSearchParametersUserSetting"
|
||
- $ref: "#/components/schemas/TagNumbericalValueOverrideUserSetting"
|
||
- $ref: "#/components/schemas/EventIndexHideColumnsUserSetting"
|
||
|
||
responses:
|
||
AttributeResponse:
|
||
description: "An attribute"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
Attribute:
|
||
$ref: "#/components/schemas/Attribute"
|
||
|
||
AttributeListResponse:
|
||
description: "A list of attributes"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/AttributeList"
|
||
|
||
DeleteAttributeResponse:
|
||
description: "Delete attribute response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
message:
|
||
type: string
|
||
example: Attribute deleted.
|
||
|
||
AddAttributeTagResponse:
|
||
description: "Add attribute tag response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
description: "`true` if the tag was succesfully added, `false` if it failed"
|
||
type: boolean
|
||
nullable: false
|
||
success:
|
||
description: "Present if the tag was succesfully added"
|
||
type: string
|
||
nullable: true
|
||
example: "Tag added."
|
||
check_publish:
|
||
type: boolean
|
||
nullable: true
|
||
errors:
|
||
type: string
|
||
nullable: true
|
||
example: Tag could not be added.
|
||
|
||
RemoveAttributeTagResponse:
|
||
description: "Remove attribute tag response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
description: "`true` if the tag was succesfully removed, `false` if it failed"
|
||
type: boolean
|
||
nullable: false
|
||
success:
|
||
description: "Present if the tag was succesfully added"
|
||
type: string
|
||
nullable: true
|
||
example: "Tag removed."
|
||
check_publish:
|
||
type: boolean
|
||
nullable: true
|
||
errors:
|
||
type: string
|
||
nullable: true
|
||
example: Tag could not be added.
|
||
|
||
AttributesRestSearchResponse:
|
||
description: "Rest search attributes response"
|
||
headers:
|
||
X-Result-Count:
|
||
$ref: "#/components/headers/X-Result-Count"
|
||
X-Export-Module-Used:
|
||
$ref: "#/components/headers/X-Export-Module-Used"
|
||
X-Response-Format:
|
||
$ref: "#/components/headers/X-Response-Format"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
response:
|
||
type: object
|
||
properties:
|
||
Attribute:
|
||
$ref: "#/components/schemas/AttributeRestSearchList"
|
||
|
||
AttributeStatisticsResponse:
|
||
description: "Attribute statistics response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/AttributeStatisticsResponse"
|
||
|
||
DescribeAttributeTypesResponse:
|
||
description: "Describe attribute categories and types response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/DescribeAttributeTypesResponse"
|
||
|
||
AddEventResponse:
|
||
description: "A freshly created event"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/CreatedEvent"
|
||
|
||
EditEventResponse:
|
||
description: "A freshly updated event"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/UpdatedEvent"
|
||
|
||
DeleteEventResponse:
|
||
description: "Delete event response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
description: "`true` if the event was succesfully deleted, `false` if it failed"
|
||
type: boolean
|
||
success:
|
||
description: "`true` if the event was succesfully deleted, `false` if it failed"
|
||
nullable: true
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "Event deleted."
|
||
message:
|
||
type: string
|
||
example: "Could not delete Event"
|
||
url:
|
||
type: string
|
||
example: "/events/delete/1"
|
||
errors:
|
||
description: "Only present if an error occurred when deleting the event"
|
||
type: string
|
||
nullable: true
|
||
example: "Event was not deleted."
|
||
|
||
AddEventTagResponse:
|
||
description: "Add event tag response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
description: "`true` if the tag was succesfully added, `false` if it failed"
|
||
type: boolean
|
||
nullable: false
|
||
success:
|
||
description: "Present if the tag was succesfully added"
|
||
type: string
|
||
nullable: true
|
||
example: "Tag added."
|
||
check_publish:
|
||
type: boolean
|
||
nullable: true
|
||
errors:
|
||
type: string
|
||
nullable: true
|
||
example: Tag could not be added.
|
||
|
||
RemoveEventTagResponse:
|
||
description: "Remove event tag response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
description: "`true` if the tag was succesfully removed, `false` if it failed"
|
||
type: boolean
|
||
nullable: false
|
||
success:
|
||
description: "Present if the tag was succesfully added"
|
||
type: string
|
||
nullable: true
|
||
example: "Tag removed."
|
||
check_publish:
|
||
type: boolean
|
||
nullable: true
|
||
errors:
|
||
type: string
|
||
nullable: true
|
||
example: Tag could not be added.
|
||
|
||
ExtendedEventListResponse:
|
||
description: "A list of events with extended properties"
|
||
headers:
|
||
X-Result-Count:
|
||
$ref: "#/components/headers/X-Result-Count"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/ExtendedEventList"
|
||
|
||
ExtendedEventResponse:
|
||
description: "An event with extended properties"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
Event:
|
||
$ref: "#/components/schemas/ExtendedEvent"
|
||
|
||
EventsRestSearchResponse:
|
||
description: "Rest search events response"
|
||
headers:
|
||
X-Result-Count:
|
||
$ref: "#/components/headers/X-Result-Count"
|
||
X-Export-Module-Used:
|
||
$ref: "#/components/headers/X-Export-Module-Used"
|
||
X-Response-Format:
|
||
$ref: "#/components/headers/X-Response-Format"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
response:
|
||
$ref: "#/components/schemas/EventRestSearchList"
|
||
|
||
PublishEventResponse:
|
||
description: "Publish event response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
name:
|
||
type: string
|
||
example: "Publish"
|
||
message:
|
||
type: string
|
||
example: "Job queued"
|
||
url:
|
||
type: string
|
||
example: "https://misp.local/events/alert/1"
|
||
id:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
|
||
UnpublishEventResponse:
|
||
description: "Unpublish event response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
type: boolean
|
||
success:
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "Event unpublished."
|
||
message:
|
||
type: string
|
||
example: "Event unpublished."
|
||
url:
|
||
type: string
|
||
example: "/events/unpublish/1"
|
||
|
||
GalaxyListResponse:
|
||
description: "A list of galaxies"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: array
|
||
items:
|
||
type: object
|
||
properties:
|
||
Galaxy:
|
||
$ref: "#/components/schemas/Galaxy"
|
||
|
||
ExtendedGalaxyResponse:
|
||
description: "A extended galaxy response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/ExtendedGalaxy"
|
||
|
||
UpdateGalaxiesResponse:
|
||
description: "Update galaxies response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
description: "Present and `true` if the galaxies were succesfully updated."
|
||
nullable: true
|
||
type: boolean
|
||
success:
|
||
description: "Present and `true` if the galaxies were succesfully updated."
|
||
nullable: true
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "Galaxies updated."
|
||
message:
|
||
type: string
|
||
example: "Galaxies updated."
|
||
url:
|
||
type: string
|
||
example: "/galaxies/update"
|
||
|
||
DeleteGalaxyResponse:
|
||
description: "Delete galaxy response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
description: "Present and `true` if the galaxy was succesfully removed."
|
||
nullable: true
|
||
type: boolean
|
||
success:
|
||
description: "Present and `true` if the galaxy was succesfully removed."
|
||
nullable: true
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "Galaxy deleted"
|
||
message:
|
||
type: string
|
||
example: "Galaxy deleted"
|
||
url:
|
||
type: string
|
||
example: "/galaxies/delete"
|
||
|
||
ImportGalaxyClusterResponse:
|
||
description: "Import galaxy cluster response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
description: "Present and `true` if the galaxy was succesfully imported."
|
||
nullable: true
|
||
type: boolean
|
||
success:
|
||
description: "Present and `true` if the galaxy was succesfully imported."
|
||
nullable: true
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "'Galaxy clusters imported. 1 imported, 0 ignored, 0 failed."
|
||
message:
|
||
type: string
|
||
example: "'Galaxy clusters imported. 1 imported, 0 ignored, 0 failed."
|
||
url:
|
||
type: string
|
||
example: "/galaxies/import"
|
||
|
||
ExportGalaxyClustersResponse:
|
||
description: "Export galaxy clusters response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
oneOf:
|
||
- type: array
|
||
items:
|
||
$ref: "#/components/schemas/GalaxyCluster"
|
||
- $ref: "#/components/schemas/GalaxyMispFormat"
|
||
|
||
AttachGalaxyClusterResponse:
|
||
description: "Attach galaxy cluster response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
description: "Present and `true` if the galaxy cluster was succesfully attached."
|
||
type: boolean
|
||
success:
|
||
description: "Status message of the operation."
|
||
type: string
|
||
example: "Cluster attached."
|
||
check_publish:
|
||
type: boolean
|
||
|
||
GalaxyClusterResponse:
|
||
description: "Galaxy cluster by ID response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
GalaxyCluster:
|
||
$ref: "#/components/schemas/GalaxyCluster"
|
||
|
||
ExtendedGalaxyClusterResponse:
|
||
description: "Extended galaxy cluster by ID response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
GalaxyCluster:
|
||
$ref: "#/components/schemas/ExtendedGalaxyCluster"
|
||
|
||
GalaxyClusterListResponse:
|
||
description: "Get galaxy clusters response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: array
|
||
items:
|
||
type: object
|
||
properties:
|
||
GalaxyCluster:
|
||
$ref: "#/components/schemas/GalaxyCluster"
|
||
|
||
PublishGalaxyClusterResponse:
|
||
description: "Publish galaxy cluster response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
message:
|
||
type: string
|
||
example: "Publish job queued. Job ID: 4e9d26c275a7b190fcab10029df8c6b6"
|
||
|
||
UnpublishGalaxyClusterResponse:
|
||
description: "Unpublish galaxy cluster response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
type: boolean
|
||
success:
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "GalaxyCluster unpublished"
|
||
message:
|
||
type: string
|
||
example: "GalaxyCluster unpublished"
|
||
url:
|
||
type: string
|
||
example: "/galaxy_clusters/publish/1"
|
||
|
||
DeleteGalaxyClusterResponse:
|
||
description: "Delete galaxy cluster response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
type: boolean
|
||
success:
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "Galaxy cluster successfuly soft deleted."
|
||
message:
|
||
type: string
|
||
example: "Galaxy cluster successfuly soft deleted."
|
||
url:
|
||
type: string
|
||
example: "/galaxy_clusters/delete/1"
|
||
|
||
RestoreGalaxyClusterResponse:
|
||
description: "Restore galaxy cluster response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
type: boolean
|
||
success:
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "GalaxyCluster restored"
|
||
message:
|
||
type: string
|
||
example: "GalaxyCluster restored"
|
||
url:
|
||
type: string
|
||
example: "/galaxy_clusters/restore/1"
|
||
|
||
ResetUserPasswordResponse:
|
||
description: "Reset user password response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
type: boolean
|
||
success:
|
||
type: string
|
||
example: "New credentials sent."
|
||
|
||
UserResponse:
|
||
description: "User response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/User"
|
||
|
||
UserListResponse:
|
||
description: "User list response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/UserList"
|
||
|
||
ExtendedUserResponse:
|
||
description: "Extended user response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/ExtendedUser"
|
||
|
||
DeleteUserResponse:
|
||
description: "Delete user response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
type: boolean
|
||
success:
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "User deleted."
|
||
message:
|
||
type: string
|
||
example: "User deleted."
|
||
url:
|
||
type: string
|
||
example: "/admin/users/delete/1"
|
||
|
||
OrganisationResponse:
|
||
description: "Organisation list response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/Organisation"
|
||
|
||
OrganisationListResponse:
|
||
description: "Organisation list response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/OrganisationList"
|
||
|
||
DeleteOrganisationResponse:
|
||
description: "Delete organisation response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
type: boolean
|
||
success:
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "Organisation deleted"
|
||
message:
|
||
type: string
|
||
example: "Organisation deleted"
|
||
url:
|
||
type: string
|
||
example: "/admin/organisations/delete/1"
|
||
|
||
ServerResponse:
|
||
description: "Server response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
Server:
|
||
$ref: "#/components/schemas/Server"
|
||
|
||
ServerListResponse:
|
||
description: "Server list response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/ServerList"
|
||
|
||
DeleteServerResponse:
|
||
description: "Delete server response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
type: boolean
|
||
success:
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "Server deleted"
|
||
message:
|
||
type: string
|
||
example: "Server deleted"
|
||
url:
|
||
type: string
|
||
example: "/servers/delete/1"
|
||
|
||
PullServerResponse:
|
||
description: "Pull server response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
type: boolean
|
||
success:
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "Pull queued for background execution. Job ID: 1"
|
||
message:
|
||
type: string
|
||
example: "Pull queued for background execution. Job ID: 1"
|
||
url:
|
||
type: string
|
||
example: "/servers/pull/1"
|
||
|
||
PushServerResponse:
|
||
description: "Push server response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
type: boolean
|
||
success:
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "Push queued for background execution. Job ID: 1"
|
||
message:
|
||
type: string
|
||
example: "Push queued for background execution. Job ID: 1"
|
||
url:
|
||
type: string
|
||
example: "/servers/push/1"
|
||
|
||
ServerVersionResponse:
|
||
description: "Server version"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
version:
|
||
type: string
|
||
example: "2.4.142"
|
||
perm_sync:
|
||
nullable: true
|
||
type: boolean
|
||
perm_sighting:
|
||
nullable: true
|
||
type: boolean
|
||
perm_galaxy_editor:
|
||
nullable: true
|
||
type: boolean
|
||
request_encoding:
|
||
type: array
|
||
items:
|
||
type: string
|
||
enum:
|
||
- "gzip"
|
||
- "br"
|
||
|
||
ServerPyMISPVersionResponse:
|
||
description: "Server PyMISP version"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
version:
|
||
type: string
|
||
example: "2.4.142"
|
||
|
||
ServerSettingsResponse:
|
||
description: "Server settings and diagnostics"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
version:
|
||
type: object
|
||
properties:
|
||
current:
|
||
type: string
|
||
example: "v2.4.142"
|
||
newest:
|
||
type: string
|
||
example: "v2.4.142"
|
||
upToDate:
|
||
type: string
|
||
example: "same"
|
||
phpSettings:
|
||
type: object
|
||
properties:
|
||
max_execution_time:
|
||
$ref: "#/components/schemas/PhpServerSetting"
|
||
memory_limit:
|
||
$ref: "#/components/schemas/PhpServerSetting"
|
||
upload_max_filesize:
|
||
$ref: "#/components/schemas/PhpServerSetting"
|
||
post_max_size:
|
||
$ref: "#/components/schemas/PhpServerSetting"
|
||
gpgStatus:
|
||
type: string
|
||
example: "FAIL: Failed to load GnuPG"
|
||
proxyStatus:
|
||
type: string
|
||
example: "not configured (so not tested)"
|
||
zmqStatus:
|
||
type: integer
|
||
example: 1
|
||
stix:
|
||
type: object
|
||
properties:
|
||
operational:
|
||
type: integer
|
||
example: 1
|
||
stix:
|
||
$ref: "#/components/schemas/ServerPackageVersion"
|
||
cybox:
|
||
$ref: "#/components/schemas/ServerPackageVersion"
|
||
mixbox:
|
||
$ref: "#/components/schemas/ServerPackageVersion"
|
||
maec:
|
||
$ref: "#/components/schemas/ServerPackageVersion"
|
||
stix2:
|
||
$ref: "#/components/schemas/ServerPackageVersion"
|
||
pymisp:
|
||
$ref: "#/components/schemas/ServerPackageVersion"
|
||
moduleStatus:
|
||
type: object
|
||
properties:
|
||
Enrichment:
|
||
type: integer
|
||
example: 1
|
||
Import:
|
||
type: integer
|
||
example: 1
|
||
Export:
|
||
type: integer
|
||
example: 1
|
||
Cortex:
|
||
type: integer
|
||
example: 1
|
||
writeableDirs:
|
||
type: object
|
||
example:
|
||
"/tmp": 0
|
||
"/var/www/MISP/app/tmp": 0
|
||
"/var/www/MISP/app/files": 0
|
||
"/var/www/MISP/app/files/scripts/tmp": 0
|
||
writeableFiles:
|
||
type: object
|
||
example:
|
||
"/var/www/MISP/app/Config/config.php": 0
|
||
"/var/www/MISP/.git/ORIG_HEAD": 2
|
||
readableFiles:
|
||
type: object
|
||
example:
|
||
"/var/www/MISP/app/files/scripts/stixtest.py": 0
|
||
dbDiagnostics:
|
||
type: object
|
||
example:
|
||
"admin_settings":
|
||
"table": "admin_settings"
|
||
"used": "0.03 MB"
|
||
"reclaimable": "0 MB"
|
||
"data_in_bytes": 16384
|
||
"index_in_bytes": 16384
|
||
"reclaimable_in_bytes": 0
|
||
"allowedlist":
|
||
"table": "allowedlist"
|
||
"used": "0.02 MB"
|
||
"reclaimable": "0 MB"
|
||
"data_in_bytes": 16384
|
||
"index_in_bytes": 0
|
||
"reclaimable_in_bytes": 0
|
||
dbSchemaDiagnostics:
|
||
type: object
|
||
properties:
|
||
dataSource:
|
||
type: string
|
||
example: "Database/Mysql"
|
||
actual_db_version:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
example: "68"
|
||
checked_table_column:
|
||
type: array
|
||
items:
|
||
type: string
|
||
example: "column_name"
|
||
diagnostic:
|
||
type: object
|
||
diagnostic_index:
|
||
anyOf:
|
||
- type: object
|
||
example:
|
||
"event_reports":
|
||
"event_id":
|
||
"message": "Column `event_id` is indexed but should not"
|
||
"sql": "DROP INDEX `event_id` ON event_reports;"
|
||
- type: array
|
||
items:
|
||
type: object
|
||
example: []
|
||
expected_db_version:
|
||
type: string
|
||
pattern: '^\d+$'
|
||
example: "70"
|
||
error:
|
||
type: string
|
||
update_locked:
|
||
type: boolean
|
||
remaining_lock_time:
|
||
type: number
|
||
example: 0
|
||
update_fail_number_reached:
|
||
type: boolean
|
||
indexes:
|
||
type: object
|
||
example:
|
||
"admin_settings":
|
||
"id": true
|
||
"setting": false
|
||
columnPerTable:
|
||
type: object
|
||
example:
|
||
"admin_settings":
|
||
- "id"
|
||
- "setting"
|
||
- "value"
|
||
redisInfo:
|
||
type: object
|
||
example:
|
||
"extensionVersion": "5.1.1"
|
||
"connection": true
|
||
"redis_version": "5.0.7"
|
||
"redis_git_sha1": 0
|
||
"redis_git_dirty": 0
|
||
"redis_build_id": "636cde3b5c7a3923"
|
||
"redis_mode": "standalone"
|
||
"os": "Linux 5.8.0-50-generic x86_64"
|
||
"arch_bits": 64
|
||
"multiplexing_api": "epoll"
|
||
"atomicvar_api": "atomic-builtin"
|
||
"gcc_version": "9.2.1"
|
||
"process_id": 1051
|
||
"run_id": "f894944d92c978df93a18821fb5ebe30dfd0b257"
|
||
"tcp_port": 6379
|
||
"uptime_in_seconds": 327116
|
||
"uptime_in_days": 3
|
||
"hz": 10
|
||
"configured_hz": 10
|
||
"lru_clock": 10365184
|
||
"executable": "/usr/bin/redis-server"
|
||
"config_file": "/etc/redis/redis.conf"
|
||
"connected_clients": 18
|
||
"client_recent_max_input_buffer": 2
|
||
"client_recent_max_output_buffer": 0
|
||
"blocked_clients": 0
|
||
"used_memory": 1309488
|
||
"used_memory_human": "1.25M"
|
||
"used_memory_rss": 5541888
|
||
"used_memory_rss_human": "5.29M"
|
||
"used_memory_peak": 1410464
|
||
"used_memory_peak_human": "1.35M"
|
||
"used_memory_peak_perc": "92.84%"
|
||
"used_memory_overhead": 1200800
|
||
"used_memory_startup": 796232
|
||
"used_memory_dataset": 108688
|
||
"used_memory_dataset_perc": "21.18%"
|
||
"allocator_allocated": 1480176
|
||
"allocator_active": 1896448
|
||
"allocator_resident": 5890048
|
||
"total_system_memory": 33406590976
|
||
"total_system_memory_human": "31.11G"
|
||
"used_memory_lua": 41984
|
||
"used_memory_lua_human": "41.00K"
|
||
"used_memory_scripts": 0
|
||
"used_memory_scripts_human": "0B"
|
||
"number_of_cached_scripts": 0
|
||
"maxmemory": 0
|
||
"maxmemory_human": "0B"
|
||
"maxmemory_policy": "noeviction"
|
||
"allocator_frag_ratio": 1.28
|
||
"allocator_frag_bytes": 416272
|
||
"allocator_rss_ratio": 3.11
|
||
"allocator_rss_bytes": 3993600
|
||
"rss_overhead_ratio": 0.94
|
||
"rss_overhead_bytes": -348160
|
||
"mem_fragmentation_ratio": 4.24
|
||
"mem_fragmentation_bytes": 4233432
|
||
"mem_not_counted_for_evict": 0
|
||
"mem_replication_backlog": 0
|
||
"mem_clients_slaves": 0
|
||
"mem_clients_normal": 402912
|
||
"mem_aof_buffer": 0
|
||
"mem_allocator": "jemalloc-5.2.1"
|
||
"active_defrag_running": 0
|
||
"lazyfree_pending_objects": 0
|
||
"loading": 0
|
||
"rdb_changes_since_last_save": 0
|
||
"rdb_bgsave_in_progress": 0
|
||
"rdb_last_save_time": 1620977919
|
||
"rdb_last_bgsave_status": "ok"
|
||
"rdb_last_bgsave_time_sec": 0
|
||
"rdb_current_bgsave_time_sec": -1
|
||
"rdb_last_cow_size": 446464
|
||
"aof_enabled": 0
|
||
"aof_rewrite_in_progress": 0
|
||
"aof_rewrite_scheduled": 0
|
||
"aof_last_rewrite_time_sec": -1
|
||
"aof_current_rewrite_time_sec": -1
|
||
"aof_last_bgrewrite_status": "ok"
|
||
"aof_last_write_status": "ok"
|
||
"aof_last_cow_size": 0
|
||
"total_connections_received": 289
|
||
"total_commands_processed": 252747
|
||
"instantaneous_ops_per_sec": 7
|
||
"total_net_input_bytes": 12111506
|
||
"total_net_output_bytes": 1232466
|
||
"instantaneous_input_kbps": 0.36
|
||
"instantaneous_output_kbps": 0.03
|
||
"rejected_connections": 0
|
||
"sync_full": 0
|
||
"sync_partial_ok": 0
|
||
"sync_partial_err": 0
|
||
"expired_keys": 17
|
||
"expired_stale_perc": 0
|
||
"expired_time_cap_reached_count": 0
|
||
"evicted_keys": 0
|
||
"keyspace_hits": 70
|
||
"keyspace_misses": 62805
|
||
"pubsub_channels": 0
|
||
"pubsub_patterns": 0
|
||
"latest_fork_usec": 168
|
||
"migrate_cached_sockets": 0
|
||
"slave_expires_tracked_keys": 0
|
||
"active_defrag_hits": 0
|
||
"active_defrag_misses": 0
|
||
"active_defrag_key_hits": 0
|
||
"active_defrag_key_misses": 0
|
||
"role": "master"
|
||
"connected_slaves": 0
|
||
"master_replid": "d5e7afcf4fd1a31e539a4eadd5caf2a7da6d121c"
|
||
"master_replid2": 0
|
||
"master_repl_offset": 0
|
||
"second_repl_offset": -1
|
||
"repl_backlog_active": 0
|
||
"repl_backlog_size": 1048576
|
||
"repl_backlog_first_byte_offset": 0
|
||
"repl_backlog_histlen": 0
|
||
"used_cpu_sys": 195.014281
|
||
"used_cpu_user": 217.352183
|
||
"used_cpu_sys_children": 0.050885
|
||
"used_cpu_user_children": 0.076436
|
||
"cluster_enabled": 0
|
||
"db0": "keys=15,expires=0,avg_ttl=0"
|
||
"db13": "keys=12,expires=4,avg_ttl=21265731140"
|
||
finalSettings:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/MispSetting"
|
||
extensions:
|
||
type: object
|
||
properties:
|
||
cli:
|
||
type: object
|
||
properties:
|
||
phpversion:
|
||
type: string
|
||
example: "7.4.3"
|
||
extensions:
|
||
type: object
|
||
example:
|
||
"json":
|
||
"web_version": "7.4.3"
|
||
"web_version_outdated": false
|
||
"cli_version": "7.4.3"
|
||
"cli_version_outdated": false
|
||
"required": true
|
||
"info": null
|
||
workers:
|
||
type: object
|
||
properties:
|
||
cache:
|
||
$ref: "#/components/schemas/WorkersStatus"
|
||
default:
|
||
$ref: "#/components/schemas/WorkersStatus"
|
||
email:
|
||
$ref: "#/components/schemas/WorkersStatus"
|
||
prio:
|
||
$ref: "#/components/schemas/WorkersStatus"
|
||
update:
|
||
$ref: "#/components/schemas/WorkersStatus"
|
||
scheduler:
|
||
$ref: "#/components/schemas/WorkersStatus"
|
||
proc_accessible:
|
||
type: boolean
|
||
controls:
|
||
type: boolean
|
||
|
||
StartWorkerResponse:
|
||
description: "Start worker response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
type: boolean
|
||
success:
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "Worker start signal sent"
|
||
message:
|
||
type: string
|
||
example: "Worker start signal sent"
|
||
url:
|
||
type: string
|
||
example: "/servers/startWorker/email"
|
||
|
||
StopWorkerResponse:
|
||
description: "Stop worker response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
type: boolean
|
||
success:
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "Worker stop signal sent"
|
||
message:
|
||
type: string
|
||
example: "Worker stop signal sent"
|
||
url:
|
||
type: string
|
||
example: "/servers/startWorker/1234"
|
||
|
||
KillAllWorkersResponse:
|
||
description: "Kill all workers response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
type: boolean
|
||
success:
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "Killing workers."
|
||
message:
|
||
type: string
|
||
example: "Killing workers."
|
||
url:
|
||
type: string
|
||
example: "/servers/killAllWorkers"
|
||
|
||
RestartWorkersResponse:
|
||
description: "Restart workers response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
type: boolean
|
||
success:
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "Restarting workers."
|
||
message:
|
||
type: string
|
||
example: "Restarting workers."
|
||
url:
|
||
type: string
|
||
example: "/servers/restartWorkers"
|
||
|
||
RestartDeadWorkersResponse:
|
||
description: "Restart dead workers response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
type: boolean
|
||
success:
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "Restarting workers."
|
||
message:
|
||
type: string
|
||
example: "Restarting workers."
|
||
url:
|
||
type: string
|
||
example: "/servers/restartDeadWorkers"
|
||
|
||
GetWorkersResponse:
|
||
description: "Stop worker response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
cache:
|
||
$ref: "#/components/schemas/WorkersStatus"
|
||
default:
|
||
$ref: "#/components/schemas/WorkersStatus"
|
||
email:
|
||
$ref: "#/components/schemas/WorkersStatus"
|
||
prio:
|
||
$ref: "#/components/schemas/WorkersStatus"
|
||
update:
|
||
$ref: "#/components/schemas/WorkersStatus"
|
||
scheduler:
|
||
$ref: "#/components/schemas/WorkersStatus"
|
||
proc_accessible:
|
||
type: boolean
|
||
controls:
|
||
type: boolean
|
||
|
||
UpdateServerResponse:
|
||
description: "Update server response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
results:
|
||
type: array
|
||
items:
|
||
anyOf:
|
||
- $ref: "#/components/schemas/UpdateServerResultItem"
|
||
- type: string
|
||
example: "Update failed, you are not on branch"
|
||
|
||
CacheServerResponse:
|
||
description: "Cache server response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
type: boolean
|
||
success:
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "Server caching job initiated."
|
||
message:
|
||
type: string
|
||
example: "Server caching job initiated."
|
||
url:
|
||
type: string
|
||
example: "/servers/cache"
|
||
|
||
CreateSyncResponse:
|
||
description: "Create server sync"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
Server:
|
||
type: object
|
||
properties:
|
||
url:
|
||
type: string
|
||
example: "https://misppriv.circl.lu"
|
||
uuid:
|
||
$ref: "#/components/schemas/UUID"
|
||
authkey:
|
||
$ref: "#/components/schemas/AuthKeyRaw"
|
||
Organisation:
|
||
type: object
|
||
properties:
|
||
name:
|
||
$ref: "#/components/schemas/OrganisationName"
|
||
uuid:
|
||
$ref: "#/components/schemas/UUID"
|
||
|
||
GetInstanceUUIDResponse:
|
||
description: "Get instance UUID response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
uuid:
|
||
$ref: "#/components/schemas/UUID"
|
||
|
||
GetServerSettingResponse:
|
||
description: "Get setting response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/MispSetting"
|
||
|
||
EditServerSettingResponse:
|
||
description: "Edit setting response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
type: boolean
|
||
success:
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "Field updated"
|
||
message:
|
||
type: string
|
||
example: "Field updated"
|
||
url:
|
||
type: string
|
||
example: "/servers/serverSettingsEdit"
|
||
|
||
SharingGroupResponse:
|
||
description: "Get sharing group response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
SharingGroup:
|
||
$ref: "#/components/schemas/SharingGroup"
|
||
Organisation:
|
||
$ref: "#/components/schemas/Organisation"
|
||
SharingGroupOrg:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/SharingGroupOrganisation"
|
||
SharingGroupServer:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/SharingGroupServer"
|
||
editable:
|
||
type: boolean
|
||
deletable:
|
||
type: boolean
|
||
|
||
SharingGroupListResponse:
|
||
description: "Get sharing groups response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
response:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/SharingGroupListItem"
|
||
|
||
DeleteSharingGroupResponse:
|
||
description: "Delete sharing group response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
type: boolean
|
||
success:
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "SharingGroup deleted"
|
||
message:
|
||
type: string
|
||
example: "SharingGroup deleted"
|
||
url:
|
||
type: string
|
||
example: "/sharing_groups/delete/1"
|
||
|
||
AddOrganisationToSharingGroupResponse:
|
||
description: "Add organisation to a sharing group response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
type: boolean
|
||
success:
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "Organisation added to the sharing group."
|
||
message:
|
||
type: string
|
||
example: "Organisation added to the sharing group."
|
||
url:
|
||
type: string
|
||
example: "/sharing_groups/addOrg"
|
||
|
||
RemoveOrganisationFromSharingGroupResponse:
|
||
description: "Remove organisation from a sharing group response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
type: boolean
|
||
success:
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "Organisation removed from the sharing group."
|
||
message:
|
||
type: string
|
||
example: "Organisation removed from the sharing group."
|
||
url:
|
||
type: string
|
||
example: "/sharing_groups/removeOrg"
|
||
|
||
AddServerToSharingGroupResponse:
|
||
description: "Add server to a sharing group response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
type: boolean
|
||
success:
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "Server added to the sharing group."
|
||
message:
|
||
type: string
|
||
example: "Server added to the sharing group."
|
||
url:
|
||
type: string
|
||
example: "/sharing_groups/addServer"
|
||
|
||
RemoveServerFromSharingGroupResponse:
|
||
description: "Remove server from a sharing group response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
type: boolean
|
||
success:
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "Server removed from the sharing group."
|
||
message:
|
||
type: string
|
||
example: "Server removed from the sharing group."
|
||
url:
|
||
type: string
|
||
example: "/sharing_groups/removeServer"
|
||
|
||
FeedListResponse:
|
||
description: "Get feeds response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: array
|
||
items:
|
||
type: object
|
||
properties:
|
||
Feed:
|
||
$ref: "#/components/schemas/Feed"
|
||
|
||
FeedResponse:
|
||
description: "Get feed response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
Feed:
|
||
$ref: "#/components/schemas/Feed"
|
||
|
||
EnableFeedResponse:
|
||
description: "Enable feed response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
name:
|
||
type: string
|
||
example: "Feed enabled."
|
||
message:
|
||
type: string
|
||
example: "Feed enabled."
|
||
url:
|
||
type: string
|
||
example: "/feeds/enable/1"
|
||
|
||
DisableFeedResponse:
|
||
description: "Disable feed response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
name:
|
||
type: string
|
||
example: "Feed disabled."
|
||
message:
|
||
type: string
|
||
example: "Feed disabled."
|
||
url:
|
||
type: string
|
||
example: "/feeds/disable/1"
|
||
|
||
CacheFeedsResponse:
|
||
description: "Cache feeds response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
name:
|
||
type: string
|
||
example: "Feed caching job initiated."
|
||
message:
|
||
type: string
|
||
example: "Feed caching job initiated."
|
||
url:
|
||
type: string
|
||
example: "/feeds/cacheFeed"
|
||
|
||
FetchFromFeedResponse:
|
||
description: "Fetch feed response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
result:
|
||
type: string
|
||
example: "Pull queued for background execution."
|
||
|
||
FetchFromAllFeedsResponse:
|
||
description: "Fetch all feeds response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
result:
|
||
type: string
|
||
example: "Pull queued for background execution."
|
||
|
||
WarninglistListResponse:
|
||
description: "Get warninglists response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
Warninglists:
|
||
type: array
|
||
items:
|
||
type: object
|
||
properties:
|
||
Warninglist:
|
||
$ref: "#/components/schemas/Warninglist"
|
||
|
||
WarninglistToggleEnabledResponse:
|
||
description: "Toggle enable warninglists response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
type: boolean
|
||
success:
|
||
type: string
|
||
example: "1 warninglist(s) disabled"
|
||
|
||
WarninglistResponse:
|
||
description: "Get warninglists response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
Warninglist:
|
||
$ref: "#/components/schemas/Warninglist"
|
||
|
||
WarninglistMatchListResponse:
|
||
description: "List of values matching warninglists response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
example:
|
||
"10.128.0.2":
|
||
- "id": "10"
|
||
"name": "List of known Wikimedia address ranges"
|
||
|
||
UpdateWarninglistsResponse:
|
||
description: "List of values matching warninglists response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
type: boolean
|
||
success:
|
||
nullable: true
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "Successfully updated 1 warninglists."
|
||
message:
|
||
type: string
|
||
example: "Successfully updated 1 warninglists."
|
||
url:
|
||
type: string
|
||
example: "/warninglists/update"
|
||
|
||
NoticelistListResponse:
|
||
description: "Get noticelists response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: array
|
||
items:
|
||
type: object
|
||
properties:
|
||
Noticelist:
|
||
$ref: "#/components/schemas/Noticelist"
|
||
|
||
NoticelistResponse:
|
||
description: "Get noticelist response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
Noticelist:
|
||
$ref: "#/components/schemas/Noticelist"
|
||
|
||
NoticelistToggleEnableResponse:
|
||
description: "Toggle enable noticelist response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
type: boolean
|
||
success:
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "Noticelist enabled."
|
||
message:
|
||
type: string
|
||
example: "Noticelist enabled."
|
||
url:
|
||
type: string
|
||
example: "/noticelists/toggleEnable/1"
|
||
|
||
UpdateNoticelistsResponse:
|
||
description: "Toggle enable noticelist response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
type: boolean
|
||
success:
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "Successfully updated 1 noticelists."
|
||
message:
|
||
type: string
|
||
example: "Successfully updated 1 noticelists."
|
||
url:
|
||
type: string
|
||
example: "/noticelists/update"
|
||
|
||
ObjectResponse:
|
||
description: "Object response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
Object:
|
||
$ref: "#/components/schemas/Object"
|
||
|
||
ExtendedObjectResponse:
|
||
description: "Extended object response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
Object:
|
||
$ref: "#/components/schemas/ExtendedObject"
|
||
|
||
DeleteObjectResponse:
|
||
description: "Delete object response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
type: boolean
|
||
success:
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "Object deleted"
|
||
message:
|
||
type: string
|
||
example: "Object deleted"
|
||
url:
|
||
type: string
|
||
example: "/objects/delete/1"
|
||
|
||
SightingListResponse:
|
||
description: "Get sightings response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/Sighting"
|
||
|
||
SightingResponse:
|
||
description: "Add sighting response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/Sighting"
|
||
|
||
DeleteSightingResponse:
|
||
description: "Delete sighting response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
type: boolean
|
||
success:
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "Sighting successfully deleted."
|
||
message:
|
||
type: string
|
||
example: "Sighting successfully deleted."
|
||
url:
|
||
type: string
|
||
example: "/sightings/delete/1"
|
||
|
||
TagListResponse:
|
||
description: "Tag list response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
Tag:
|
||
$ref: "#/components/schemas/TagList"
|
||
|
||
TagResponse:
|
||
description: "Tag response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/Tag"
|
||
|
||
DeleteTagResponse:
|
||
description: "Delete tag response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
name:
|
||
type: string
|
||
example: "Tag deleted."
|
||
message:
|
||
type: string
|
||
example: "Tag deleted."
|
||
url:
|
||
type: string
|
||
example: "https://misppriv.circl.lu/tags/delete/1"
|
||
|
||
EditTagResponse:
|
||
description: "Tag response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
Tag:
|
||
$ref: "#/components/schemas/Tag"
|
||
|
||
SearchTagResponse:
|
||
description: "Search tag response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/ExtendedTag"
|
||
|
||
GetLogsResponse:
|
||
description: "Get logs response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: array
|
||
items:
|
||
type: object
|
||
properties:
|
||
Log:
|
||
$ref: "#/components/schemas/Log"
|
||
|
||
GetAuthKeysResponse:
|
||
description: "Get auth keys response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: array
|
||
items:
|
||
type: object
|
||
properties:
|
||
AuthKey:
|
||
$ref: "#/components/schemas/AuthKey"
|
||
User:
|
||
type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/UserId"
|
||
email:
|
||
type: string
|
||
format: email
|
||
|
||
AddAuthKeyResponse:
|
||
description: "Auth key response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
AuthKey:
|
||
$ref: "#/components/schemas/AuthKey"
|
||
|
||
AuthKeyResponse:
|
||
description: "Auth key response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
AuthKey:
|
||
$ref: "#/components/schemas/AuthKey"
|
||
User:
|
||
type: object
|
||
properties:
|
||
id:
|
||
$ref: "#/components/schemas/UserId"
|
||
org_id:
|
||
$ref: "#/components/schemas/OrganisationId"
|
||
nullable: true
|
||
email:
|
||
type: string
|
||
format: email
|
||
nullable: true
|
||
|
||
DeleteAuthKeyResponse:
|
||
description: "Delete auth key response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
type: boolean
|
||
success:
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "AuthKey deleted."
|
||
message:
|
||
type: string
|
||
example: "AuthKey deleted."
|
||
url:
|
||
type: string
|
||
example: "/auth_keys/delete/1234"
|
||
|
||
GetUserSettingsResponse:
|
||
description: "Get user settings response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: array
|
||
items:
|
||
type: object
|
||
properties:
|
||
UserSetting:
|
||
$ref: "#/components/schemas/UserSetting"
|
||
|
||
UserSettingResponse:
|
||
description: "Get user setting response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
UserSetting:
|
||
$ref: "#/components/schemas/UserSetting"
|
||
|
||
DeleteUserSettingResponse:
|
||
description: "Delete user setting response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
type: boolean
|
||
success:
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "Setting deleted."
|
||
message:
|
||
type: string
|
||
example: "Setting deleted."
|
||
url:
|
||
type: string
|
||
example: "/user_settings/delete/1234"
|
||
|
||
GetTaxonomiesResponse:
|
||
description: "Get taxonomies response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: array
|
||
items:
|
||
type: object
|
||
properties:
|
||
Taxonomy:
|
||
$ref: "#/components/schemas/Taxonomy"
|
||
total_count:
|
||
type: integer
|
||
description: "Amount of related tags to this taxonomy."
|
||
current_count:
|
||
type: integer
|
||
description: "Amount of active related tags to this taxonomy."
|
||
|
||
TaxonomiesResponse:
|
||
description: "Get taxonomy response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
Taxonomy:
|
||
$ref: "#/components/schemas/Taxonomy"
|
||
entries:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/TaxonomyEntry"
|
||
|
||
EnableTaxonomyResponse:
|
||
description: "Enable taxonomy response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
type: boolean
|
||
success:
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "Taxonomy enabled"
|
||
message:
|
||
type: string
|
||
example: "Taxonomy enabled"
|
||
url:
|
||
type: string
|
||
example: "/taxonomies/enable/1234"
|
||
|
||
DisableTaxonomyResponse:
|
||
description: "Disable taxonomy response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
type: boolean
|
||
success:
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "Taxonomy disabled"
|
||
message:
|
||
type: string
|
||
example: "Taxonomy disabled"
|
||
url:
|
||
type: string
|
||
example: "/taxonomies/disabled/1234"
|
||
|
||
UpdateTaxonomiesResponse:
|
||
description: "Update taxonomies response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
saved:
|
||
type: boolean
|
||
success:
|
||
type: boolean
|
||
name:
|
||
type: string
|
||
example: "Successfully updated 120 taxonomy libraries."
|
||
message:
|
||
type: string
|
||
example: "Successfully updated 120 taxonomy libraries."
|
||
url:
|
||
type: string
|
||
example: "/taxonomies/update"
|
||
|
||
GetTaxonomyTagsResponse:
|
||
description: "Get taxonomy tags response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
Taxonomy:
|
||
$ref: "#/components/schemas/Taxonomy"
|
||
entries:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/ExtendedTaxonomyEntry"
|
||
|
||
ExportTaxonomyTagsResponse:
|
||
description: "Export taxonomy response"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
type: object
|
||
properties:
|
||
namespace:
|
||
$ref: "#/components/schemas/TaxonomyNamespace"
|
||
description:
|
||
$ref: "#/components/schemas/TaxonomyDescription"
|
||
version:
|
||
type: integer
|
||
exclusive:
|
||
type: boolean
|
||
predicates:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/TaxonomyPredicateExport"
|
||
values:
|
||
type: array
|
||
items:
|
||
$ref: "#/components/schemas/TaxonomyValueExport"
|
||
|
||
ApiErrorResponse:
|
||
description: "Unexpected API error"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/ApiError"
|
||
|
||
NotFoundApiErrorResponse:
|
||
description: "The specified resource was not found"
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/NotFoundApiError"
|
||
|
||
UnauthorizedApiErrorResponse:
|
||
description: "Authentication failed. Please make sure you pass the API key of an API enabled user along in the Authorization header."
|
||
content:
|
||
application/json:
|
||
schema:
|
||
$ref: "#/components/schemas/UnauthorizedApiError"
|
||
|
||
headers:
|
||
X-Result-Count:
|
||
description: Result set count
|
||
schema:
|
||
type: integer
|
||
|
||
X-Export-Module-Used:
|
||
description: Export module used
|
||
schema:
|
||
type: string
|
||
enum:
|
||
- json
|
||
- xml
|
||
- csv
|
||
- text
|
||
- download
|
||
- stix
|
||
- stix2
|
||
- stix-json
|
||
- attack
|
||
- attack-sightings
|
||
- cache
|
||
- count
|
||
- hashes
|
||
- netfilter
|
||
- opendata
|
||
- openioc
|
||
- rpz
|
||
- snort
|
||
- suricata
|
||
- yara
|
||
- yara-json
|
||
|
||
X-Response-Format:
|
||
description: Response format
|
||
schema:
|
||
type: string
|
||
enum:
|
||
- json
|
||
- xml
|
||
- csv
|
||
- text
|
||
- download
|
||
- stix
|
||
- stix2
|
||
- stix-json
|
||
- attack
|
||
- attack-sightings
|
||
- cache
|
||
- count
|
||
- hashes
|
||
- netfilter
|
||
- opendata
|
||
- openioc
|
||
- rpz
|
||
- snort
|
||
- suricata
|
||
- yara
|
||
- yara-json
|
||
|
||
security:
|
||
- ApiKeyAuth: []
|