-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathapi_threats.go
203 lines (170 loc) · 11 KB
/
api_threats.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
/*
Kandji API
<html><head></head><body><h1 id="welcome-to-the-kandji-api-documentation">Welcome to the Kandji API Documentation</h1> <p>You can find your API URL in Settings > Access. The API URL will follow the below formats.</p> <ul> <li><p>US - <code>https://SubDomain.api.kandji.io</code></p> </li> <li><p>EU - <code>https://SubDomain.api.eu.kandji.io</code></p> </li> </ul> <p>For information on how to obtain an API token, please refer to the following support article.</p> <p><a href="https://support.kandji.io/api">https://support.kandji.io/api</a></p> <h4 id="rate-limit">Rate Limit</h4> <p>The Kandji API currently has an API rate limit of 10,000 requests per hour per customer.</p> <h4 id="request-methods">Request Methods</h4> <p>HTTP request methods supported by the Kandji API.</p> <div class="click-to-expand-wrapper is-table-wrapper"><table> <thead> <tr> <th>Method</th> <th>Definition</th> </tr> </thead> <tbody> <tr> <td>GET</td> <td>The <code>GET</code> method requests a representation of the specified resource.</td> </tr> <tr> <td>POST</td> <td>The <code>POST</code> method submits an entity to the specified resource.</td> </tr> <tr> <td>PATCH</td> <td>The <code>PATCH</code> method applies partial modifications to a resource.</td> </tr> <tr> <td>DELETE</td> <td>The <code>DELETE</code> method deletes the specified resource.</td> </tr> </tbody> </table> </div><h4 id="response-codes">Response codes</h4> <p>Not all response codes apply to every endpoint.</p> <div class="click-to-expand-wrapper is-table-wrapper"><table> <thead> <tr> <th>Code</th> <th>Response</th> </tr> </thead> <tbody> <tr> <td>200</td> <td>OK</td> </tr> <tr> <td>201</td> <td>Created</td> </tr> <tr> <td>204</td> <td>No content</td> </tr> <tr> <td></td> <td>Typical response when sending the DELETE method.</td> </tr> <tr> <td>400</td> <td>Bad Request</td> </tr> <tr> <td></td> <td>"Command already running" - The command may already be running in a <em>Pending</em> state waiting on the device.</td> </tr> <tr> <td></td> <td>"Command is not allowed for current device" - The command may not be compatible with the target device.</td> </tr> <tr> <td></td> <td>"JSON parse error - Expecting ',' delimiter: line 3 column 2 (char 65)"</td> </tr> <tr> <td>401</td> <td>Unauthorized</td> </tr> <tr> <td></td> <td>This error can occur if the token is incorrect, was revoked, or the token has expired.</td> </tr> <tr> <td>403</td> <td>Forbidden</td> </tr> <tr> <td></td> <td>The request was understood but cannot be authorized.</td> </tr> <tr> <td>404</td> <td>Not found</td> </tr> <tr> <td></td> <td>Unable to locate the resource in the Kandji tenant.</td> </tr> <tr> <td>415</td> <td>Unsupported Media Type</td> </tr> <tr> <td></td> <td>The request contains a media type which the server or resource does not support.</td> </tr> <tr> <td>500</td> <td>Internal server error</td> </tr> <tr> <td>503</td> <td>Service unavailable</td> </tr> <tr> <td></td> <td>This error can occur if a file upload is still being processed via the custom apps API.</td> </tr> </tbody> </table> </div><h4 id="data-structure">Data structure</h4> <p>The API returns all structured responses in JSON schema format.</p> <h4 id="examples">Examples</h4> <p>Code examples using the API can be found in the Kandji support <a href="https://github.com/kandji-inc/support/tree/main/api-tools">GitHub</a>.</p> </body></html>
API version: 1.0.0
Contact: [email protected]
*/
// Code generated by OpenAPI Generator (https://openapi-generator.tech); DO NOT EDIT.
package kandji_sdk
import (
"bytes"
"context"
"io"
"net/http"
"net/url"
)
// ThreatsAPIService ThreatsAPI service
type ThreatsAPIService service
type ApiGetThreatDetailsRequest struct {
ctx context.Context
ApiService *ThreatsAPIService
classification *string
dateRange *string
deviceId *string
status *string
sortBy *string
term *string
limit *string
offset *string
}
// Return all records matching a specified classification. The following classification options are available: <code>malware</code> and <code>pup</code>. Leave this parameter empty to return all classification types.
func (r ApiGetThreatDetailsRequest) Classification(classification string) ApiGetThreatDetailsRequest {
r.classification = &classification
return r
}
// Return all records within a specified number of days. Any positive number of days may be specified. Examples: <code>7</code>, <code>30</code>, <code>60</code>, <code>90</code>, <code>180</code>, or <code>365</code>.
func (r ApiGetThreatDetailsRequest) DateRange(dateRange string) ApiGetThreatDetailsRequest {
r.dateRange = &dateRange
return r
}
//
func (r ApiGetThreatDetailsRequest) DeviceId(deviceId string) ApiGetThreatDetailsRequest {
r.deviceId = &deviceId
return r
}
// Return all records matching a specified status. The following status options are available: <code>quarantined</code>, <code>not_quarantined</code>, or <code>released</code>. Leave this parameter empty to return all status types.
func (r ApiGetThreatDetailsRequest) Status(status string) ApiGetThreatDetailsRequest {
r.status = &status
return r
}
// <p>Results can be sorted with the following options: </p> <ul> <li>threat_name</li> <li>classification</li> <li>device_name</li> <li>process_name</li> <li>process_owner</li> <li>detection_date</li> <li>status</li> </ul> <p>Prepending a dash (-) to the parameter value will reverse the order of the returned results.</p> <p><code>?sort_by=-device_name</code> will order the response by device_name in descending order.</p>
func (r ApiGetThreatDetailsRequest) SortBy(sortBy string) ApiGetThreatDetailsRequest {
r.sortBy = &sortBy
return r
}
// <p>Search term to filter threat results.</p> <p>The response will include anything matching the following fields: <code>device_name</code>, <code>file_hash</code>, and <code>file_path</code>.</p> <p>So if you search for <code>bad file</code>, the results will include anywhere <code>bad file</code> exists in the three fields above.</p>
func (r ApiGetThreatDetailsRequest) Term(term string) ApiGetThreatDetailsRequest {
r.term = &term
return r
}
// <p>A hard upper <code>limit</code> is set at 1000 records returned per request. If more records are expected, pagination should be used using the <code>limit</code> and <code>offset</code> parameters. </p> <p>Additionally, parameter queries can be added to a request to limit the results.</p>
func (r ApiGetThreatDetailsRequest) Limit(limit string) ApiGetThreatDetailsRequest {
r.limit = &limit
return r
}
// Specify the starting record to return
func (r ApiGetThreatDetailsRequest) Offset(offset string) ApiGetThreatDetailsRequest {
r.offset = &offset
return r
}
func (r ApiGetThreatDetailsRequest) Execute() (map[string]interface{}, *http.Response, error) {
return r.ApiService.GetThreatDetailsExecute(r)
}
/*
GetThreatDetails Get Threat Details
Get threat details.
@param ctx context.Context - for authentication, logging, cancellation, deadlines, tracing, etc. Passed from http.Request or context.Background().
@return ApiGetThreatDetailsRequest
*/
func (a *ThreatsAPIService) GetThreatDetails(ctx context.Context) ApiGetThreatDetailsRequest {
return ApiGetThreatDetailsRequest{
ApiService: a,
ctx: ctx,
}
}
// Execute executes the request
// @return map[string]interface{}
func (a *ThreatsAPIService) GetThreatDetailsExecute(r ApiGetThreatDetailsRequest) (map[string]interface{}, *http.Response, error) {
var (
localVarHTTPMethod = http.MethodGet
localVarPostBody interface{}
formFiles []formFile
localVarReturnValue map[string]interface{}
)
localBasePath, err := a.client.cfg.ServerURLWithContext(r.ctx, "ThreatsAPIService.GetThreatDetails")
if err != nil {
return localVarReturnValue, nil, &GenericOpenAPIError{error: err.Error()}
}
localVarPath := localBasePath + "/api/v1/threat-details"
localVarHeaderParams := make(map[string]string)
localVarQueryParams := url.Values{}
localVarFormParams := url.Values{}
if r.classification != nil {
parameterAddToHeaderOrQuery(localVarQueryParams, "classification", r.classification, "form", "")
}
if r.dateRange != nil {
parameterAddToHeaderOrQuery(localVarQueryParams, "date_range", r.dateRange, "form", "")
}
if r.deviceId != nil {
parameterAddToHeaderOrQuery(localVarQueryParams, "device_id", r.deviceId, "form", "")
}
if r.status != nil {
parameterAddToHeaderOrQuery(localVarQueryParams, "status", r.status, "form", "")
}
if r.sortBy != nil {
parameterAddToHeaderOrQuery(localVarQueryParams, "sort_by", r.sortBy, "form", "")
}
if r.term != nil {
parameterAddToHeaderOrQuery(localVarQueryParams, "term", r.term, "form", "")
}
if r.limit != nil {
parameterAddToHeaderOrQuery(localVarQueryParams, "limit", r.limit, "form", "")
}
if r.offset != nil {
parameterAddToHeaderOrQuery(localVarQueryParams, "offset", r.offset, "form", "")
}
// to determine the Content-Type header
localVarHTTPContentTypes := []string{}
// set Content-Type header
localVarHTTPContentType := selectHeaderContentType(localVarHTTPContentTypes)
if localVarHTTPContentType != "" {
localVarHeaderParams["Content-Type"] = localVarHTTPContentType
}
// to determine the Accept header
localVarHTTPHeaderAccepts := []string{"application/json"}
// set Accept header
localVarHTTPHeaderAccept := selectHeaderAccept(localVarHTTPHeaderAccepts)
if localVarHTTPHeaderAccept != "" {
localVarHeaderParams["Accept"] = localVarHTTPHeaderAccept
}
req, err := a.client.prepareRequest(r.ctx, localVarPath, localVarHTTPMethod, localVarPostBody, localVarHeaderParams, localVarQueryParams, localVarFormParams, formFiles)
if err != nil {
return localVarReturnValue, nil, err
}
localVarHTTPResponse, err := a.client.callAPI(req)
if err != nil || localVarHTTPResponse == nil {
return localVarReturnValue, localVarHTTPResponse, err
}
localVarBody, err := io.ReadAll(localVarHTTPResponse.Body)
localVarHTTPResponse.Body.Close()
localVarHTTPResponse.Body = io.NopCloser(bytes.NewBuffer(localVarBody))
if err != nil {
return localVarReturnValue, localVarHTTPResponse, err
}
if localVarHTTPResponse.StatusCode >= 300 {
newErr := &GenericOpenAPIError{
body: localVarBody,
error: localVarHTTPResponse.Status,
}
return localVarReturnValue, localVarHTTPResponse, newErr
}
err = a.client.decode(&localVarReturnValue, localVarBody, localVarHTTPResponse.Header.Get("Content-Type"))
if err != nil {
newErr := &GenericOpenAPIError{
body: localVarBody,
error: err.Error(),
}
return localVarReturnValue, localVarHTTPResponse, newErr
}
return localVarReturnValue, localVarHTTPResponse, nil
}