Class: Falcon::Incidents

Inherits:

Object

• Object
• Falcon::Incidents

Defined in:

lib/crimson-falcon/api/incidents.rb

Instance Attribute Summary

• #api_client ⇒ Object

  Returns the value of attribute api_client.

Instance Method Summary

• #crowd_score(opts = {}) ⇒ DomainMsaEnvironmentScoreResponse

  DEPRECATED: the incidentapi will be removed in March 2026.

• #crowd_score_with_http_info(opts = {}) ⇒ Array<(DomainMsaEnvironmentScoreResponse, Integer, Hash)>

  DEPRECATED: the incidentapi will be removed in March 2026.

• #get_behaviors(body, opts = {}) ⇒ DomainMsaExternalBehaviorResponse

  DEPRECATED: the incidentapi will be removed in March 2026.

• #get_behaviors_with_http_info(body, opts = {}) ⇒ Array<(DomainMsaExternalBehaviorResponse, Integer, Hash)>

  DEPRECATED: the incidentapi will be removed in March 2026.

• #get_incidents(body, opts = {}) ⇒ DomainMsaExternalIncidentResponse

  DEPRECATED: the incidentapi will be removed in March 2026.

• #get_incidents_with_http_info(body, opts = {}) ⇒ Array<(DomainMsaExternalIncidentResponse, Integer, Hash)>

  DEPRECATED: the incidentapi will be removed in March 2026.

• #initialize(api_client = ApiClient.default) ⇒ Incidents constructor

  A new instance of Incidents.

• #perform_incident_action(body, opts = {}) ⇒ DomainMsaIncidentPerformActionResponse

  DEPRECATED: the incidentapi will be removed in March 2026.

• #perform_incident_action_with_http_info(body, opts = {}) ⇒ Array<(DomainMsaIncidentPerformActionResponse, Integer, Hash)>

  DEPRECATED: the incidentapi will be removed in March 2026.

• #query_behaviors(opts = {}) ⇒ MsaQueryResponse

  DEPRECATED: the incidentapi will be removed in March 2026.

• #query_behaviors_with_http_info(opts = {}) ⇒ Array<(MsaQueryResponse, Integer, Hash)>

  DEPRECATED: the incidentapi will be removed in March 2026.

• #query_incidents(opts = {}) ⇒ DomainMsaIncidentQueryResponse

  DEPRECATED: the incidentapi will be removed in March 2026.

• #query_incidents_with_http_info(opts = {}) ⇒ Array<(DomainMsaIncidentQueryResponse, Integer, Hash)>

  DEPRECATED: the incidentapi will be removed in March 2026.

Constructor Details

#initialize(api_client = ApiClient.default) ⇒ Incidents

Returns a new instance of Incidents.

# File 'lib/crimson-falcon/api/incidents.rb', line 35

def initialize(api_client = ApiClient.default)
  @api_client = api_client
end

Instance Attribute Details

#api_client ⇒ Object

Returns the value of attribute api_client.

# File 'lib/crimson-falcon/api/incidents.rb', line 33

def api_client
  @api_client
end

Instance Method Details

#crowd_score(opts = {}) ⇒ DomainMsaEnvironmentScoreResponse

DEPRECATED: the incidentapi will be removed in March 2026. Query environment wide CrowdScore and return the entity data

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :filter (String) —

  Optional filter and sort criteria in the form of an FQL query. For more information about FQL queries, see [our FQL documentation in Falcon](falcon.crowdstrike.com/support/documentation/45/falcon-query-language-feature-guide).

• :offset (Integer) —

  Starting index of overall result set from which to return ids.

• :limit (Integer) —

  The maximum records to return. [1-2500]

• :sort (String) —

  The property to sort on, followed by a dot (.), followed by the sort direction, either &quot;asc&quot; or &quot;desc&quot;.

Returns:

• (DomainMsaEnvironmentScoreResponse)

# File 'lib/crimson-falcon/api/incidents.rb', line 45

def crowd_score(opts = {})
  data, _status_code, _headers = crowd_score_with_http_info(opts)
  data
end

#crowd_score_with_http_info(opts = {}) ⇒ Array<(DomainMsaEnvironmentScoreResponse, Integer, Hash)>

DEPRECATED: the incidentapi will be removed in March 2026. Query environment wide CrowdScore and return the entity data

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :filter (String) —

  Optional filter and sort criteria in the form of an FQL query. For more information about FQL queries, see [our FQL documentation in Falcon](falcon.crowdstrike.com/support/documentation/45/falcon-query-language-feature-guide).

• :offset (Integer) —

  Starting index of overall result set from which to return ids.

• :limit (Integer) —

  The maximum records to return. [1-2500]

• :sort (String) —

  The property to sort on, followed by a dot (.), followed by the sort direction, either &quot;asc&quot; or &quot;desc&quot;.

Returns:

• (Array<(DomainMsaEnvironmentScoreResponse, Integer, Hash)>) —

  DomainMsaEnvironmentScoreResponse data, response status code and response headers

# File 'lib/crimson-falcon/api/incidents.rb', line 57

def crowd_score_with_http_info(opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: Incidents.crowd_score ...'
  end
  allowable_values = ["adjusted_score.asc", "adjusted_score.desc", "score.asc", "score.desc", "timestamp.asc", "timestamp.desc"]
  if @api_client.config.client_side_validation && opts[:'sort'] && !allowable_values.include?(opts[:'sort'])
    fail ArgumentError, "invalid value for \"sort\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/incidents/combined/crowdscores/v1'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil?
  query_params[:'offset'] = opts[:'offset'] if !opts[:'offset'].nil?
  query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'DomainMsaEnvironmentScoreResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"Incidents.crowd_score",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: Incidents#crowd_score\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_behaviors(body, opts = {}) ⇒ DomainMsaExternalBehaviorResponse

DEPRECATED: the incidentapi will be removed in March 2026. Get details on behaviors by providing behavior IDs

Parameters:

• body (MsaIdsRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (DomainMsaExternalBehaviorResponse)

# File 'lib/crimson-falcon/api/incidents.rb', line 113

def get_behaviors(body, opts = {})
  data, _status_code, _headers = get_behaviors_with_http_info(body, opts)
  data
end

#get_behaviors_with_http_info(body, opts = {}) ⇒ Array<(DomainMsaExternalBehaviorResponse, Integer, Hash)>

DEPRECATED: the incidentapi will be removed in March 2026. Get details on behaviors by providing behavior IDs

Parameters:

• body (MsaIdsRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(DomainMsaExternalBehaviorResponse, Integer, Hash)>) —

  DomainMsaExternalBehaviorResponse data, response status code and response headers

# File 'lib/crimson-falcon/api/incidents.rb', line 122

def get_behaviors_with_http_info(body, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: Incidents.get_behaviors ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling Incidents.get_behaviors"
  end
  # resource path
  local_var_path = '/incidents/entities/behaviors/GET/v1'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['application/json'])
  if !content_type.nil?
    header_params['Content-Type'] = content_type
  end

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'DomainMsaExternalBehaviorResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"Incidents.get_behaviors",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: Incidents#get_behaviors\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_incidents(body, opts = {}) ⇒ DomainMsaExternalIncidentResponse

DEPRECATED: the incidentapi will be removed in March 2026. Get details on incidents by providing incident IDs

Parameters:

• body (MsaIdsRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (DomainMsaExternalIncidentResponse)

# File 'lib/crimson-falcon/api/incidents.rb', line 179

def get_incidents(body, opts = {})
  data, _status_code, _headers = get_incidents_with_http_info(body, opts)
  data
end

#get_incidents_with_http_info(body, opts = {}) ⇒ Array<(DomainMsaExternalIncidentResponse, Integer, Hash)>

DEPRECATED: the incidentapi will be removed in March 2026. Get details on incidents by providing incident IDs

Parameters:

• body (MsaIdsRequest)
• opts (Hash) (defaults to: {}) —

  the optional parameters

Returns:

• (Array<(DomainMsaExternalIncidentResponse, Integer, Hash)>) —

  DomainMsaExternalIncidentResponse data, response status code and response headers

# File 'lib/crimson-falcon/api/incidents.rb', line 188

def get_incidents_with_http_info(body, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: Incidents.get_incidents ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling Incidents.get_incidents"
  end
  # resource path
  local_var_path = '/incidents/entities/incidents/GET/v1'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['application/json'])
  if !content_type.nil?
    header_params['Content-Type'] = content_type
  end

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'DomainMsaExternalIncidentResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"Incidents.get_incidents",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: Incidents#get_incidents\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#perform_incident_action(body, opts = {}) ⇒ DomainMsaIncidentPerformActionResponse

DEPRECATED: the incidentapi will be removed in March 2026. Perform a set of actions on one or more incidents, such as adding tags or comments or updating the incident name or description

Parameters:

• body (DomainEntityActionRequest) —

  Incident Update request body containing minimum 1 and maximum 5000 Incident ID(s) and action param(s) to be performed action against.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :update_detects (Boolean) —

  If true, update assigned-to-uuid and or status of detections associated with the incident(s). Defaults to false (default to false)

• :overwrite_detects (Boolean) —

  If true and update-detects is true, the assigned-to-uuid or status for ALL detections associated with the incident(s) will be overwritten. If false, only detects that have default values for assigned-to-uuid and/or status will be updated. Defaults to false. Ignored if &#39;update-detects&#39; is missing or false. (default to false)

Returns:

• (DomainMsaIncidentPerformActionResponse)

# File 'lib/crimson-falcon/api/incidents.rb', line 247

def perform_incident_action(body, opts = {})
  data, _status_code, _headers = perform_incident_action_with_http_info(body, opts)
  data
end

#perform_incident_action_with_http_info(body, opts = {}) ⇒ Array<(DomainMsaIncidentPerformActionResponse, Integer, Hash)>

DEPRECATED: the incidentapi will be removed in March 2026. Perform a set of actions on one or more incidents, such as adding tags or comments or updating the incident name or description

Parameters:

• body (DomainEntityActionRequest) —

  Incident Update request body containing minimum 1 and maximum 5000 Incident ID(s) and action param(s) to be performed action against.

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :update_detects (Boolean) —

  If true, update assigned-to-uuid and or status of detections associated with the incident(s). Defaults to false (default to false)

• :overwrite_detects (Boolean) —

  If true and update-detects is true, the assigned-to-uuid or status for ALL detections associated with the incident(s) will be overwritten. If false, only detects that have default values for assigned-to-uuid and/or status will be updated. Defaults to false. Ignored if &#39;update-detects&#39; is missing or false. (default to false)

Returns:

• (Array<(DomainMsaIncidentPerformActionResponse, Integer, Hash)>) —

  DomainMsaIncidentPerformActionResponse data, response status code and response headers

# File 'lib/crimson-falcon/api/incidents.rb', line 258

def perform_incident_action_with_http_info(body, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: Incidents.perform_incident_action ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling Incidents.perform_incident_action"
  end
  # resource path
  local_var_path = '/incidents/entities/incident-actions/v1'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'update_detects'] = opts[:'update_detects'] if !opts[:'update_detects'].nil?
  query_params[:'overwrite_detects'] = opts[:'overwrite_detects'] if !opts[:'overwrite_detects'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['application/json'])
  if !content_type.nil?
    header_params['Content-Type'] = content_type
  end

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'DomainMsaIncidentPerformActionResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"Incidents.perform_incident_action",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: Incidents#perform_incident_action\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#query_behaviors(opts = {}) ⇒ MsaQueryResponse

DEPRECATED: the incidentapi will be removed in March 2026. Search for behaviors by providing an FQL filter, sorting, and paging details

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :filter (String) —

  Optional filter and sort criteria in the form of an FQL query. For more information about FQL queries, see [our FQL documentation in Falcon](falcon.crowdstrike.com/support/documentation/45/falcon-query-language-feature-guide).

• :offset (Integer) —

  Starting index of overall result set from which to return ids.

• :limit (Integer) —

  The maximum records to return. [1-500]

• :sort (String) —

  The property to sort on, followed by a dot (.), followed by the sort direction, either &quot;asc&quot; or &quot;desc&quot;.

Returns:

• (MsaQueryResponse)

# File 'lib/crimson-falcon/api/incidents.rb', line 320

def query_behaviors(opts = {})
  data, _status_code, _headers = query_behaviors_with_http_info(opts)
  data
end

#query_behaviors_with_http_info(opts = {}) ⇒ Array<(MsaQueryResponse, Integer, Hash)>

DEPRECATED: the incidentapi will be removed in March 2026. Search for behaviors by providing an FQL filter, sorting, and paging details

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :filter (String) —

  Optional filter and sort criteria in the form of an FQL query. For more information about FQL queries, see [our FQL documentation in Falcon](falcon.crowdstrike.com/support/documentation/45/falcon-query-language-feature-guide).

• :offset (Integer) —

  Starting index of overall result set from which to return ids.

• :limit (Integer) —

  The maximum records to return. [1-500]

• :sort (String) —

  The property to sort on, followed by a dot (.), followed by the sort direction, either &quot;asc&quot; or &quot;desc&quot;.

Returns:

• (Array<(MsaQueryResponse, Integer, Hash)>) —

  MsaQueryResponse data, response status code and response headers

# File 'lib/crimson-falcon/api/incidents.rb', line 332

def query_behaviors_with_http_info(opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: Incidents.query_behaviors ...'
  end
  allowable_values = ["alert_ids.asc", "alert_ids.desc", "cmdline.asc", "cmdline.desc", "detection_ids.asc", "detection_ids.desc", "display_name.asc", "display_name.desc", "domain.asc", "domain.desc", "filepath.asc", "filepath.desc", "timestamp.asc", "timestamp.desc"]
  if @api_client.config.client_side_validation && opts[:'sort'] && !allowable_values.include?(opts[:'sort'])
    fail ArgumentError, "invalid value for \"sort\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/incidents/queries/behaviors/v1'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil?
  query_params[:'offset'] = opts[:'offset'] if !opts[:'offset'].nil?
  query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'MsaQueryResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"Incidents.query_behaviors",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: Incidents#query_behaviors\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#query_incidents(opts = {}) ⇒ DomainMsaIncidentQueryResponse

DEPRECATED: the incidentapi will be removed in March 2026. Search for incidents by providing an FQL filter, sorting, and paging details

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :sort (String) —

  The property to sort on, followed by a dot (.), followed by the sort direction, either &quot;asc&quot; or &quot;desc&quot;.

• :filter (String) —

  Optional filter and sort criteria in the form of an FQL query. For more information about FQL queries, see [our FQL documentation in Falcon](falcon.crowdstrike.com/support/documentation/45/falcon-query-language-feature-guide).

• :offset (Integer) —

  Starting index of overall result set from which to return ids.

• :limit (Integer) —

  The maximum records to return. [1-500]

Returns:

• (DomainMsaIncidentQueryResponse)

# File 'lib/crimson-falcon/api/incidents.rb', line 391

def query_incidents(opts = {})
  data, _status_code, _headers = query_incidents_with_http_info(opts)
  data
end

#query_incidents_with_http_info(opts = {}) ⇒ Array<(DomainMsaIncidentQueryResponse, Integer, Hash)>

DEPRECATED: the incidentapi will be removed in March 2026. Search for incidents by providing an FQL filter, sorting, and paging details

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :sort (String) —

  The property to sort on, followed by a dot (.), followed by the sort direction, either &quot;asc&quot; or &quot;desc&quot;.

• :filter (String) —

  Optional filter and sort criteria in the form of an FQL query. For more information about FQL queries, see [our FQL documentation in Falcon](falcon.crowdstrike.com/support/documentation/45/falcon-query-language-feature-guide).

• :offset (Integer) —

  Starting index of overall result set from which to return ids.

• :limit (Integer) —

  The maximum records to return. [1-500]

Returns:

• (Array<(DomainMsaIncidentQueryResponse, Integer, Hash)>) —

  DomainMsaIncidentQueryResponse data, response status code and response headers

# File 'lib/crimson-falcon/api/incidents.rb', line 403

def query_incidents_with_http_info(opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: Incidents.query_incidents ...'
  end
  allowable_values = ["assigned_to.asc", "assigned_to.desc", "assigned_to_name.asc", "assigned_to_name.desc", "end.asc", "end.desc", "modified_timestamp.asc", "modified_timestamp.desc", "name.asc", "name.desc", "sort_score.asc", "sort_score.desc", "start.asc", "start.desc", "state.asc", "state.desc", "status.asc", "status.desc"]
  if @api_client.config.client_side_validation && opts[:'sort'] && !allowable_values.include?(opts[:'sort'])
    fail ArgumentError, "invalid value for \"sort\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/incidents/queries/incidents/v1'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
  query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil?
  query_params[:'offset'] = opts[:'offset'] if !opts[:'offset'].nil?
  query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'DomainMsaIncidentQueryResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"Incidents.query_incidents",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: Incidents#query_incidents\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end