Class: Falcon::SpotlightVulnerabilityMetadata

Inherits:
Object
  • Object
show all
Defined in:
lib/crimson-falcon/api/spotlight_vulnerability_metadata.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(api_client = ApiClient.default) ⇒ SpotlightVulnerabilityMetadata

Returns a new instance of SpotlightVulnerabilityMetadata.



35
36
37
 
# File 'lib/crimson-falcon/api/spotlight_vulnerability_metadata.rb', line 35

def initialize(api_client = ApiClient.default)
  @api_client = api_client
end

Instance Attribute Details

#api_clientObject

Returns the value of attribute api_client.



33
34
35
 
# File 'lib/crimson-falcon/api/spotlight_vulnerability_metadata.rb', line 33

def api_client
  @api_client
end

Instance Method Details

#combine_vuln_metadata_ext(filter, opts = {}) ⇒ DomainVulnMetadataAPICombineResponseV1

Performs a combined query and get operation for retrieving Risk (vulnerability metadata) entities.

Parameters:

  • filter (String)

    Filter items using a query in Falcon Query Language (FQL). Wildcards * and empty filter values are unsupported. Available filter fields that supports match (~): N/A Available filter fields that supports exact match: id, provider, cve_ids, cwe_ids, impact.cvss_v2.base_metrics.vector, impact.cvss_v2.temporal_metrics.vector, impact.cvss_v3.base_metrics.integrity_impact, impact.cvss_v3.base_metrics.vector, impact.cvss_v3.temporal_metrics.vector Available filter fields that supports wildcard (*): N/A Available filter fields that supports range comparisons (>, <, >=, <=): created_timestamp, impact.cvss_v2.base_metrics.base_score, impact.cvss_v3.base_metrics.base_score, impact.cvss_v2.temporal_metrics.temporal_score, impact.cvss_v3.temporal_metrics.temporal_score, source_created_timestamp, source_updated_timestamp, updated_timestamp

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :after (String)

    A pagination token used with the `limit` parameter to manage pagination of results. On your first request, don't provide an `after` token. On subsequent requests, provide the `after` token from the previous response to continue from that place in the results.

  • :offset (String)

    Starting index of overall result set from which to return ids.

  • :limit (Integer)

    The number of items to return in this response (default: 100, max: 400). Use with the after parameter to manage pagination of results. (default to 100)

  • :sort (String)

    Sort vulnerabilities by their properties. Available sort options: <ul><li>created_timestamp|asc/desc</li><li>updated_timestamp|asc/desc</li></ul>. Can be used in a format <field>|asc for ascending order or <field>|desc for descending order.

  • :risk_provider (Array<String>)

    zero or more risk providers - zero means all. Supported values: &lt;ul&gt;&lt;li&gt;S for Falcon sensor&lt;/li&gt;&lt;li&gt;See RiskProvider for all values.&lt;/li&gt;&lt;/ul&gt;

Returns:



47
48
49
50
 
# File 'lib/crimson-falcon/api/spotlight_vulnerability_metadata.rb', line 47

def combine_vuln_metadata_ext(filter, opts = {})
  data, _status_code, _headers = combine_vuln_metadata_ext_with_http_info(filter, opts)
  data
end

#combine_vuln_metadata_ext_with_http_info(filter, opts = {}) ⇒ Array<(DomainVulnMetadataAPICombineResponseV1, Integer, Hash)>

Performs a combined query and get operation for retrieving Risk (vulnerability metadata) entities.

Parameters:

  • filter (String)

    Filter items using a query in Falcon Query Language (FQL). Wildcards * and empty filter values are unsupported. Available filter fields that supports match (~): N/A Available filter fields that supports exact match: id, provider, cve_ids, cwe_ids, impact.cvss_v2.base_metrics.vector, impact.cvss_v2.temporal_metrics.vector, impact.cvss_v3.base_metrics.integrity_impact, impact.cvss_v3.base_metrics.vector, impact.cvss_v3.temporal_metrics.vector Available filter fields that supports wildcard (*): N/A Available filter fields that supports range comparisons (&gt;, &lt;, &gt;&#x3D;, &lt;&#x3D;): created_timestamp, impact.cvss_v2.base_metrics.base_score, impact.cvss_v3.base_metrics.base_score, impact.cvss_v2.temporal_metrics.temporal_score, impact.cvss_v3.temporal_metrics.temporal_score, source_created_timestamp, source_updated_timestamp, updated_timestamp

  • opts (Hash) (defaults to: {})

    the optional parameters

Options Hash (opts):

  • :after (String)

    A pagination token used with the &#x60;limit&#x60; parameter to manage pagination of results. On your first request, don&#39;t provide an &#x60;after&#x60; token. On subsequent requests, provide the &#x60;after&#x60; token from the previous response to continue from that place in the results.

  • :offset (String)

    Starting index of overall result set from which to return ids.

  • :limit (Integer)

    The number of items to return in this response (default: 100, max: 400). Use with the after parameter to manage pagination of results. (default to 100)

  • :sort (String)

    Sort vulnerabilities by their properties. Available sort options: &lt;ul&gt;&lt;li&gt;created_timestamp|asc/desc&lt;/li&gt;&lt;li&gt;updated_timestamp|asc/desc&lt;/li&gt;&lt;/ul&gt;. Can be used in a format &lt;field&gt;|asc for ascending order or &lt;field&gt;|desc for descending order.

  • :risk_provider (Array<String>)

    zero or more risk providers - zero means all. Supported values: &lt;ul&gt;&lt;li&gt;S for Falcon sensor&lt;/li&gt;&lt;li&gt;See RiskProvider for all values.&lt;/li&gt;&lt;/ul&gt;

Returns:



61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
 
# File 'lib/crimson-falcon/api/spotlight_vulnerability_metadata.rb', line 61

def combine_vuln_metadata_ext_with_http_info(filter, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SpotlightVulnerabilityMetadata.combine_vuln_metadata_ext ...'
  end
  # verify the required parameter 'filter' is set
  if @api_client.config.client_side_validation && filter.nil?
    fail ArgumentError, "Missing the required parameter 'filter' when calling SpotlightVulnerabilityMetadata.combine_vuln_metadata_ext"
  end
  if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] > 400
    fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SpotlightVulnerabilityMetadata.combine_vuln_metadata_ext, must be smaller than or equal to 400.'
  end

  if @api_client.config.client_side_validation && !opts[:'limit'].nil? && opts[:'limit'] < 1
    fail ArgumentError, 'invalid value for "opts[:"limit"]" when calling SpotlightVulnerabilityMetadata.combine_vuln_metadata_ext, must be greater than or equal to 1.'
  end

  # resource path
  local_var_path = '/spotlight/combined/vulnerability-metadata-external/v1'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'filter'] = filter
  query_params[:'after'] = opts[:'after'] if !opts[:'after'].nil?
  query_params[:'offset'] = opts[:'offset'] if !opts[:'offset'].nil?
  query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
  query_params[:'risk_provider'] = @api_client.build_collection_param(opts[:'risk_provider'], :multi) if !opts[:'risk_provider'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'DomainVulnMetadataAPICombineResponseV1'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"SpotlightVulnerabilityMetadata.combine_vuln_metadata_ext",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SpotlightVulnerabilityMetadata#combine_vuln_metadata_ext\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end