/*
* CrowdStrike API Specification
*
* Use this API specification as a reference for the API endpoints you can use to interact with your Falcon environment. These endpoints support authentication via OAuth2 and interact with detections and network containment. For detailed usage guides and examples, see our [documentation inside the Falcon console](https://falcon.crowdstrike.com/support/documentation). To use the APIs described below, combine the base URL with the path shown for each API endpoint. For commercial cloud customers, your base URL is `https://api.crowdstrike.com`. Each API endpoint requires authorization via an OAuth2 token. Your first API request should retrieve an OAuth2 token using the `oauth2/token` endpoint, such as `https://api.crowdstrike.com/oauth2/token`. For subsequent requests, include the OAuth2 token in an HTTP authorization header. Tokens expire after 30 minutes, after which you should make a new token request to continue making API requests.
*
* The version of the OpenAPI document: rolling
*
* Generated by: https://openapi-generator.tech
*/
use super::{ContentType, Error, configuration};
use crate::{apis::ResponseContent, models};
use reqwest;
use serde::de::Error as _;
/// struct for typed errors of method [`action_get_v1`]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum ActionGetV1Error {
Status403(models::MsaReplyMetaOnly),
Status429(models::MsaReplyMetaOnly),
Status500(models::MsaReplyMetaOnly),
UnknownValue(serde_json::Value),
}
/// struct for typed errors of method [`action_query_v1`]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum ActionQueryV1Error {
Status403(models::MsaReplyMetaOnly),
Status429(models::MsaReplyMetaOnly),
Status500(models::MsaReplyMetaOnly),
UnknownValue(serde_json::Value),
}
/// struct for typed errors of method [`get_indicators_report`]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum GetIndicatorsReportError {
Status403(models::MsaReplyMetaOnly),
Status429(models::MsaReplyMetaOnly),
Status500(models::MsaReplyMetaOnly),
UnknownValue(serde_json::Value),
}
/// struct for typed errors of method [`indicator_aggregate_v1`]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum IndicatorAggregateV1Error {
Status400(models::MsaspecResponseFields),
Status403(models::MsaReplyMetaOnly),
Status429(models::MsaReplyMetaOnly),
Status500(models::MsaReplyMetaOnly),
UnknownValue(serde_json::Value),
}
/// struct for typed errors of method [`indicator_combined_v1`]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum IndicatorCombinedV1Error {
Status400(models::MsaspecResponseFields),
Status403(models::MsaReplyMetaOnly),
Status429(models::MsaReplyMetaOnly),
Status500(models::MsaReplyMetaOnly),
UnknownValue(serde_json::Value),
}
/// struct for typed errors of method [`indicator_create_v1`]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum IndicatorCreateV1Error {
Status400(models::MsaspecResponseFields),
Status403(models::MsaReplyMetaOnly),
Status429(models::MsaReplyMetaOnly),
Status500(models::MsaReplyMetaOnly),
UnknownValue(serde_json::Value),
}
/// struct for typed errors of method [`indicator_delete_v1`]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum IndicatorDeleteV1Error {
Status403(models::MsaReplyMetaOnly),
Status429(models::MsaReplyMetaOnly),
Status500(models::MsaReplyMetaOnly),
UnknownValue(serde_json::Value),
}
/// struct for typed errors of method [`indicator_get_device_count_v1`]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum IndicatorGetDeviceCountV1Error {
Status400(models::MsaspecResponseFields),
Status403(models::MsaReplyMetaOnly),
Status429(models::MsaReplyMetaOnly),
Status500(models::MsaReplyMetaOnly),
UnknownValue(serde_json::Value),
}
/// struct for typed errors of method [`indicator_get_devices_ran_on_v1`]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum IndicatorGetDevicesRanOnV1Error {
Status400(models::MsaspecResponseFields),
Status403(models::MsaReplyMetaOnly),
Status429(models::MsaReplyMetaOnly),
Status500(models::MsaReplyMetaOnly),
UnknownValue(serde_json::Value),
}
/// struct for typed errors of method [`indicator_get_processes_ran_on_v1`]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum IndicatorGetProcessesRanOnV1Error {
Status400(models::MsaspecResponseFields),
Status403(models::MsaReplyMetaOnly),
Status429(models::MsaReplyMetaOnly),
Status500(models::MsaReplyMetaOnly),
UnknownValue(serde_json::Value),
}
/// struct for typed errors of method [`indicator_get_v1`]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum IndicatorGetV1Error {
Status403(models::MsaReplyMetaOnly),
Status429(models::MsaReplyMetaOnly),
Status500(models::MsaReplyMetaOnly),
UnknownValue(serde_json::Value),
}
/// struct for typed errors of method [`indicator_search_v1`]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum IndicatorSearchV1Error {
Status400(models::MsaspecResponseFields),
Status403(models::MsaReplyMetaOnly),
Status429(models::MsaReplyMetaOnly),
Status500(models::MsaReplyMetaOnly),
UnknownValue(serde_json::Value),
}
/// struct for typed errors of method [`indicator_update_v1`]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum IndicatorUpdateV1Error {
Status403(models::MsaReplyMetaOnly),
Status429(models::MsaReplyMetaOnly),
Status500(models::MsaReplyMetaOnly),
UnknownValue(serde_json::Value),
}
/// struct for typed errors of method [`ioc_type_query_v1`]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum IocTypeQueryV1Error {
Status403(models::MsaReplyMetaOnly),
Status429(models::MsaReplyMetaOnly),
Status500(models::MsaReplyMetaOnly),
UnknownValue(serde_json::Value),
}
/// struct for typed errors of method [`platform_query_v1`]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum PlatformQueryV1Error {
Status403(models::MsaReplyMetaOnly),
Status429(models::MsaReplyMetaOnly),
Status500(models::MsaReplyMetaOnly),
UnknownValue(serde_json::Value),
}
/// struct for typed errors of method [`severity_query_v1`]
#[derive(Debug, Clone, Serialize, Deserialize)]
#[serde(untagged)]
pub enum SeverityQueryV1Error {
Status403(models::MsaReplyMetaOnly),
Status429(models::MsaReplyMetaOnly),
Status500(models::MsaReplyMetaOnly),
UnknownValue(serde_json::Value),
}
pub async fn action_get_v1(
configuration: &configuration::Configuration,
ids: Option<Vec<String>>,
) -> Result<models::ApiActionRespV1, Error<ActionGetV1Error>> {
// add a prefix to parameters to efficiently prevent name collisions
let p_query_ids = ids;
let uri_str = format!("{}/iocs/entities/actions/v1", configuration.base_path);
let mut req_builder = configuration.client.request(reqwest::Method::GET, &uri_str);
if let Some(ref param_value) = p_query_ids {
req_builder = match "multi" {
"multi" => req_builder.query(
¶m_value
.into_iter()
.map(|p| ("ids".to_owned(), p.to_string()))
.collect::<Vec<(std::string::String, std::string::String)>>(),
),
_ => req_builder.query(&[(
"ids",
¶m_value
.into_iter()
.map(|p| p.to_string())
.collect::<Vec<String>>()
.join(",")
.to_string(),
)]),
};
}
if let Some(ref user_agent) = configuration.user_agent {
req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
}
if let Some(ref token) = configuration.oauth_access_token {
req_builder = req_builder.bearer_auth(token.to_owned());
};
let req = req_builder.build()?;
let resp = configuration.client.execute(req).await?;
let status = resp.status();
let content_type = resp
.headers()
.get("content-type")
.and_then(|v| v.to_str().ok())
.unwrap_or("application/octet-stream");
let content_type = super::ContentType::from(content_type);
if !status.is_client_error() && !status.is_server_error() {
let content = resp.text().await?;
match content_type {
ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
ContentType::Text => {
return Err(Error::from(serde_json::Error::custom(
"Received `text/plain` content type response that cannot be converted to `models::ApiActionRespV1`",
)));
}
ContentType::Unsupported(unknown_type) => {
return Err(Error::from(serde_json::Error::custom(format!(
"Received `{unknown_type}` content type response that cannot be converted to `models::ApiActionRespV1`"
))));
}
}
} else {
let content = resp.text().await?;
let entity: Option<ActionGetV1Error> = serde_json::from_str(&content).ok();
Err(Error::ResponseError(ResponseContent {
status,
content,
entity,
}))
}
}
pub async fn action_query_v1(
configuration: &configuration::Configuration,
offset: Option<&str>,
limit: Option<i32>,
) -> Result<models::ApiIndicatorQueryRespV1, Error<ActionQueryV1Error>> {
// add a prefix to parameters to efficiently prevent name collisions
let p_query_offset = offset;
let p_query_limit = limit;
let uri_str = format!("{}/iocs/queries/actions/v1", configuration.base_path);
let mut req_builder = configuration.client.request(reqwest::Method::GET, &uri_str);
if let Some(ref param_value) = p_query_offset {
req_builder = req_builder.query(&[("offset", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_limit {
req_builder = req_builder.query(&[("limit", ¶m_value.to_string())]);
}
if let Some(ref user_agent) = configuration.user_agent {
req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
}
if let Some(ref token) = configuration.oauth_access_token {
req_builder = req_builder.bearer_auth(token.to_owned());
};
let req = req_builder.build()?;
let resp = configuration.client.execute(req).await?;
let status = resp.status();
let content_type = resp
.headers()
.get("content-type")
.and_then(|v| v.to_str().ok())
.unwrap_or("application/octet-stream");
let content_type = super::ContentType::from(content_type);
if !status.is_client_error() && !status.is_server_error() {
let content = resp.text().await?;
match content_type {
ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
ContentType::Text => {
return Err(Error::from(serde_json::Error::custom(
"Received `text/plain` content type response that cannot be converted to `models::ApiIndicatorQueryRespV1`",
)));
}
ContentType::Unsupported(unknown_type) => {
return Err(Error::from(serde_json::Error::custom(format!(
"Received `{unknown_type}` content type response that cannot be converted to `models::ApiIndicatorQueryRespV1`"
))));
}
}
} else {
let content = resp.text().await?;
let entity: Option<ActionQueryV1Error> = serde_json::from_str(&content).ok();
Err(Error::ResponseError(ResponseContent {
status,
content,
entity,
}))
}
}
pub async fn get_indicators_report(
configuration: &configuration::Configuration,
body: models::ApiIndicatorsReportRequest,
) -> Result<models::MsaEntitiesResponse, Error<GetIndicatorsReportError>> {
// add a prefix to parameters to efficiently prevent name collisions
let p_body_body = body;
let uri_str = format!(
"{}/iocs/entities/indicators-reports/v1",
configuration.base_path
);
let mut req_builder = configuration
.client
.request(reqwest::Method::POST, &uri_str);
if let Some(ref user_agent) = configuration.user_agent {
req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
}
if let Some(ref token) = configuration.oauth_access_token {
req_builder = req_builder.bearer_auth(token.to_owned());
};
req_builder = req_builder.json(&p_body_body);
let req = req_builder.build()?;
let resp = configuration.client.execute(req).await?;
let status = resp.status();
let content_type = resp
.headers()
.get("content-type")
.and_then(|v| v.to_str().ok())
.unwrap_or("application/octet-stream");
let content_type = super::ContentType::from(content_type);
if !status.is_client_error() && !status.is_server_error() {
let content = resp.text().await?;
match content_type {
ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
ContentType::Text => {
return Err(Error::from(serde_json::Error::custom(
"Received `text/plain` content type response that cannot be converted to `models::MsaEntitiesResponse`",
)));
}
ContentType::Unsupported(unknown_type) => {
return Err(Error::from(serde_json::Error::custom(format!(
"Received `{unknown_type}` content type response that cannot be converted to `models::MsaEntitiesResponse`"
))));
}
}
} else {
let content = resp.text().await?;
let entity: Option<GetIndicatorsReportError> = serde_json::from_str(&content).ok();
Err(Error::ResponseError(ResponseContent {
status,
content,
entity,
}))
}
}
pub async fn indicator_aggregate_v1(
configuration: &configuration::Configuration,
body: models::MsaAggregateQueryRequest,
filter: Option<&str>,
from_parent: Option<bool>,
) -> Result<models::MsaAggregatesResponse, Error<IndicatorAggregateV1Error>> {
// add a prefix to parameters to efficiently prevent name collisions
let p_body_body = body;
let p_query_filter = filter;
let p_query_from_parent = from_parent;
let uri_str = format!("{}/iocs/aggregates/indicators/v1", configuration.base_path);
let mut req_builder = configuration
.client
.request(reqwest::Method::POST, &uri_str);
if let Some(ref param_value) = p_query_filter {
req_builder = req_builder.query(&[("filter", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_from_parent {
req_builder = req_builder.query(&[("from_parent", ¶m_value.to_string())]);
}
if let Some(ref user_agent) = configuration.user_agent {
req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
}
if let Some(ref token) = configuration.oauth_access_token {
req_builder = req_builder.bearer_auth(token.to_owned());
};
req_builder = req_builder.json(&p_body_body);
let req = req_builder.build()?;
let resp = configuration.client.execute(req).await?;
let status = resp.status();
let content_type = resp
.headers()
.get("content-type")
.and_then(|v| v.to_str().ok())
.unwrap_or("application/octet-stream");
let content_type = super::ContentType::from(content_type);
if !status.is_client_error() && !status.is_server_error() {
let content = resp.text().await?;
match content_type {
ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
ContentType::Text => {
return Err(Error::from(serde_json::Error::custom(
"Received `text/plain` content type response that cannot be converted to `models::MsaAggregatesResponse`",
)));
}
ContentType::Unsupported(unknown_type) => {
return Err(Error::from(serde_json::Error::custom(format!(
"Received `{unknown_type}` content type response that cannot be converted to `models::MsaAggregatesResponse`"
))));
}
}
} else {
let content = resp.text().await?;
let entity: Option<IndicatorAggregateV1Error> = serde_json::from_str(&content).ok();
Err(Error::ResponseError(ResponseContent {
status,
content,
entity,
}))
}
}
pub async fn indicator_combined_v1(
configuration: &configuration::Configuration,
filter: Option<&str>,
offset: Option<i32>,
limit: Option<i32>,
sort: Option<&str>,
after: Option<&str>,
from_parent: Option<bool>,
) -> Result<models::ApiIndicatorRespV1, Error<IndicatorCombinedV1Error>> {
// add a prefix to parameters to efficiently prevent name collisions
let p_query_filter = filter;
let p_query_offset = offset;
let p_query_limit = limit;
let p_query_sort = sort;
let p_query_after = after;
let p_query_from_parent = from_parent;
let uri_str = format!("{}/iocs/combined/indicator/v1", configuration.base_path);
let mut req_builder = configuration.client.request(reqwest::Method::GET, &uri_str);
if let Some(ref param_value) = p_query_filter {
req_builder = req_builder.query(&[("filter", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_offset {
req_builder = req_builder.query(&[("offset", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_limit {
req_builder = req_builder.query(&[("limit", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_sort {
req_builder = req_builder.query(&[("sort", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_after {
req_builder = req_builder.query(&[("after", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_from_parent {
req_builder = req_builder.query(&[("from_parent", ¶m_value.to_string())]);
}
if let Some(ref user_agent) = configuration.user_agent {
req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
}
if let Some(ref token) = configuration.oauth_access_token {
req_builder = req_builder.bearer_auth(token.to_owned());
};
let req = req_builder.build()?;
let resp = configuration.client.execute(req).await?;
let status = resp.status();
let content_type = resp
.headers()
.get("content-type")
.and_then(|v| v.to_str().ok())
.unwrap_or("application/octet-stream");
let content_type = super::ContentType::from(content_type);
if !status.is_client_error() && !status.is_server_error() {
let content = resp.text().await?;
match content_type {
ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
ContentType::Text => {
return Err(Error::from(serde_json::Error::custom(
"Received `text/plain` content type response that cannot be converted to `models::ApiIndicatorRespV1`",
)));
}
ContentType::Unsupported(unknown_type) => {
return Err(Error::from(serde_json::Error::custom(format!(
"Received `{unknown_type}` content type response that cannot be converted to `models::ApiIndicatorRespV1`"
))));
}
}
} else {
let content = resp.text().await?;
let entity: Option<IndicatorCombinedV1Error> = serde_json::from_str(&content).ok();
Err(Error::ResponseError(ResponseContent {
status,
content,
entity,
}))
}
}
pub async fn indicator_create_v1(
configuration: &configuration::Configuration,
body: models::ApiIndicatorCreateReqsV1,
retrodetects: Option<bool>,
ignore_warnings: Option<bool>,
) -> Result<models::ApiIndicatorRespV1, Error<IndicatorCreateV1Error>> {
// add a prefix to parameters to efficiently prevent name collisions
let p_body_body = body;
let p_query_retrodetects = retrodetects;
let p_query_ignore_warnings = ignore_warnings;
let uri_str = format!("{}/iocs/entities/indicators/v1", configuration.base_path);
let mut req_builder = configuration
.client
.request(reqwest::Method::POST, &uri_str);
if let Some(ref param_value) = p_query_retrodetects {
req_builder = req_builder.query(&[("retrodetects", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_ignore_warnings {
req_builder = req_builder.query(&[("ignore_warnings", ¶m_value.to_string())]);
}
if let Some(ref user_agent) = configuration.user_agent {
req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
}
if let Some(ref token) = configuration.oauth_access_token {
req_builder = req_builder.bearer_auth(token.to_owned());
};
req_builder = req_builder.json(&p_body_body);
let req = req_builder.build()?;
let resp = configuration.client.execute(req).await?;
let status = resp.status();
let content_type = resp
.headers()
.get("content-type")
.and_then(|v| v.to_str().ok())
.unwrap_or("application/octet-stream");
let content_type = super::ContentType::from(content_type);
if !status.is_client_error() && !status.is_server_error() {
let content = resp.text().await?;
match content_type {
ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
ContentType::Text => {
return Err(Error::from(serde_json::Error::custom(
"Received `text/plain` content type response that cannot be converted to `models::ApiIndicatorRespV1`",
)));
}
ContentType::Unsupported(unknown_type) => {
return Err(Error::from(serde_json::Error::custom(format!(
"Received `{unknown_type}` content type response that cannot be converted to `models::ApiIndicatorRespV1`"
))));
}
}
} else {
let content = resp.text().await?;
let entity: Option<IndicatorCreateV1Error> = serde_json::from_str(&content).ok();
Err(Error::ResponseError(ResponseContent {
status,
content,
entity,
}))
}
}
pub async fn indicator_delete_v1(
configuration: &configuration::Configuration,
filter: Option<&str>,
ids: Option<Vec<String>>,
comment: Option<&str>,
from_parent: Option<bool>,
) -> Result<models::ApiIndicatorQueryRespV1, Error<IndicatorDeleteV1Error>> {
// add a prefix to parameters to efficiently prevent name collisions
let p_query_filter = filter;
let p_query_ids = ids;
let p_query_comment = comment;
let p_query_from_parent = from_parent;
let uri_str = format!("{}/iocs/entities/indicators/v1", configuration.base_path);
let mut req_builder = configuration
.client
.request(reqwest::Method::DELETE, &uri_str);
if let Some(ref param_value) = p_query_filter {
req_builder = req_builder.query(&[("filter", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_ids {
req_builder = match "multi" {
"multi" => req_builder.query(
¶m_value
.into_iter()
.map(|p| ("ids".to_owned(), p.to_string()))
.collect::<Vec<(std::string::String, std::string::String)>>(),
),
_ => req_builder.query(&[(
"ids",
¶m_value
.into_iter()
.map(|p| p.to_string())
.collect::<Vec<String>>()
.join(",")
.to_string(),
)]),
};
}
if let Some(ref param_value) = p_query_comment {
req_builder = req_builder.query(&[("comment", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_from_parent {
req_builder = req_builder.query(&[("from_parent", ¶m_value.to_string())]);
}
if let Some(ref user_agent) = configuration.user_agent {
req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
}
if let Some(ref token) = configuration.oauth_access_token {
req_builder = req_builder.bearer_auth(token.to_owned());
};
let req = req_builder.build()?;
let resp = configuration.client.execute(req).await?;
let status = resp.status();
let content_type = resp
.headers()
.get("content-type")
.and_then(|v| v.to_str().ok())
.unwrap_or("application/octet-stream");
let content_type = super::ContentType::from(content_type);
if !status.is_client_error() && !status.is_server_error() {
let content = resp.text().await?;
match content_type {
ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
ContentType::Text => {
return Err(Error::from(serde_json::Error::custom(
"Received `text/plain` content type response that cannot be converted to `models::ApiIndicatorQueryRespV1`",
)));
}
ContentType::Unsupported(unknown_type) => {
return Err(Error::from(serde_json::Error::custom(format!(
"Received `{unknown_type}` content type response that cannot be converted to `models::ApiIndicatorQueryRespV1`"
))));
}
}
} else {
let content = resp.text().await?;
let entity: Option<IndicatorDeleteV1Error> = serde_json::from_str(&content).ok();
Err(Error::ResponseError(ResponseContent {
status,
content,
entity,
}))
}
}
pub async fn indicator_get_device_count_v1(
configuration: &configuration::Configuration,
r#type: &str,
value: &str,
) -> Result<models::ApiDeviceCountRespV1, Error<IndicatorGetDeviceCountV1Error>> {
// add a prefix to parameters to efficiently prevent name collisions
let p_query_type = r#type;
let p_query_value = value;
let uri_str = format!(
"{}/iocs/aggregates/indicators/device-count/v1",
configuration.base_path
);
let mut req_builder = configuration.client.request(reqwest::Method::GET, &uri_str);
req_builder = req_builder.query(&[("type", &p_query_type.to_string())]);
req_builder = req_builder.query(&[("value", &p_query_value.to_string())]);
if let Some(ref user_agent) = configuration.user_agent {
req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
}
if let Some(ref token) = configuration.oauth_access_token {
req_builder = req_builder.bearer_auth(token.to_owned());
};
let req = req_builder.build()?;
let resp = configuration.client.execute(req).await?;
let status = resp.status();
let content_type = resp
.headers()
.get("content-type")
.and_then(|v| v.to_str().ok())
.unwrap_or("application/octet-stream");
let content_type = super::ContentType::from(content_type);
if !status.is_client_error() && !status.is_server_error() {
let content = resp.text().await?;
match content_type {
ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
ContentType::Text => {
return Err(Error::from(serde_json::Error::custom(
"Received `text/plain` content type response that cannot be converted to `models::ApiDeviceCountRespV1`",
)));
}
ContentType::Unsupported(unknown_type) => {
return Err(Error::from(serde_json::Error::custom(format!(
"Received `{unknown_type}` content type response that cannot be converted to `models::ApiDeviceCountRespV1`"
))));
}
}
} else {
let content = resp.text().await?;
let entity: Option<IndicatorGetDeviceCountV1Error> = serde_json::from_str(&content).ok();
Err(Error::ResponseError(ResponseContent {
status,
content,
entity,
}))
}
}
pub async fn indicator_get_devices_ran_on_v1(
configuration: &configuration::Configuration,
r#type: &str,
value: &str,
limit: Option<&str>,
offset: Option<&str>,
) -> Result<models::ApiDevicesRanOnRespV1, Error<IndicatorGetDevicesRanOnV1Error>> {
// add a prefix to parameters to efficiently prevent name collisions
let p_query_type = r#type;
let p_query_value = value;
let p_query_limit = limit;
let p_query_offset = offset;
let uri_str = format!(
"{}/iocs/queries/indicators/devices/v1",
configuration.base_path
);
let mut req_builder = configuration.client.request(reqwest::Method::GET, &uri_str);
req_builder = req_builder.query(&[("type", &p_query_type.to_string())]);
req_builder = req_builder.query(&[("value", &p_query_value.to_string())]);
if let Some(ref param_value) = p_query_limit {
req_builder = req_builder.query(&[("limit", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_offset {
req_builder = req_builder.query(&[("offset", ¶m_value.to_string())]);
}
if let Some(ref user_agent) = configuration.user_agent {
req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
}
if let Some(ref token) = configuration.oauth_access_token {
req_builder = req_builder.bearer_auth(token.to_owned());
};
let req = req_builder.build()?;
let resp = configuration.client.execute(req).await?;
let status = resp.status();
let content_type = resp
.headers()
.get("content-type")
.and_then(|v| v.to_str().ok())
.unwrap_or("application/octet-stream");
let content_type = super::ContentType::from(content_type);
if !status.is_client_error() && !status.is_server_error() {
let content = resp.text().await?;
match content_type {
ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
ContentType::Text => {
return Err(Error::from(serde_json::Error::custom(
"Received `text/plain` content type response that cannot be converted to `models::ApiDevicesRanOnRespV1`",
)));
}
ContentType::Unsupported(unknown_type) => {
return Err(Error::from(serde_json::Error::custom(format!(
"Received `{unknown_type}` content type response that cannot be converted to `models::ApiDevicesRanOnRespV1`"
))));
}
}
} else {
let content = resp.text().await?;
let entity: Option<IndicatorGetDevicesRanOnV1Error> = serde_json::from_str(&content).ok();
Err(Error::ResponseError(ResponseContent {
status,
content,
entity,
}))
}
}
pub async fn indicator_get_processes_ran_on_v1(
configuration: &configuration::Configuration,
r#type: &str,
value: &str,
device_id: &str,
limit: Option<&str>,
offset: Option<&str>,
) -> Result<models::ApiProcessesRanOnRespV1, Error<IndicatorGetProcessesRanOnV1Error>> {
// add a prefix to parameters to efficiently prevent name collisions
let p_query_type = r#type;
let p_query_value = value;
let p_query_device_id = device_id;
let p_query_limit = limit;
let p_query_offset = offset;
let uri_str = format!(
"{}/iocs/queries/indicators/processes/v1",
configuration.base_path
);
let mut req_builder = configuration.client.request(reqwest::Method::GET, &uri_str);
req_builder = req_builder.query(&[("type", &p_query_type.to_string())]);
req_builder = req_builder.query(&[("value", &p_query_value.to_string())]);
req_builder = req_builder.query(&[("device_id", &p_query_device_id.to_string())]);
if let Some(ref param_value) = p_query_limit {
req_builder = req_builder.query(&[("limit", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_offset {
req_builder = req_builder.query(&[("offset", ¶m_value.to_string())]);
}
if let Some(ref user_agent) = configuration.user_agent {
req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
}
if let Some(ref token) = configuration.oauth_access_token {
req_builder = req_builder.bearer_auth(token.to_owned());
};
let req = req_builder.build()?;
let resp = configuration.client.execute(req).await?;
let status = resp.status();
let content_type = resp
.headers()
.get("content-type")
.and_then(|v| v.to_str().ok())
.unwrap_or("application/octet-stream");
let content_type = super::ContentType::from(content_type);
if !status.is_client_error() && !status.is_server_error() {
let content = resp.text().await?;
match content_type {
ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
ContentType::Text => {
return Err(Error::from(serde_json::Error::custom(
"Received `text/plain` content type response that cannot be converted to `models::ApiProcessesRanOnRespV1`",
)));
}
ContentType::Unsupported(unknown_type) => {
return Err(Error::from(serde_json::Error::custom(format!(
"Received `{unknown_type}` content type response that cannot be converted to `models::ApiProcessesRanOnRespV1`"
))));
}
}
} else {
let content = resp.text().await?;
let entity: Option<IndicatorGetProcessesRanOnV1Error> = serde_json::from_str(&content).ok();
Err(Error::ResponseError(ResponseContent {
status,
content,
entity,
}))
}
}
pub async fn indicator_get_v1(
configuration: &configuration::Configuration,
ids: Vec<String>,
) -> Result<models::ApiIndicatorRespV1, Error<IndicatorGetV1Error>> {
// add a prefix to parameters to efficiently prevent name collisions
let p_query_ids = ids;
let uri_str = format!("{}/iocs/entities/indicators/v1", configuration.base_path);
let mut req_builder = configuration.client.request(reqwest::Method::GET, &uri_str);
req_builder = match "multi" {
"multi" => req_builder.query(
&p_query_ids
.into_iter()
.map(|p| ("ids".to_owned(), p.to_string()))
.collect::<Vec<(std::string::String, std::string::String)>>(),
),
_ => req_builder.query(&[(
"ids",
&p_query_ids
.into_iter()
.map(|p| p.to_string())
.collect::<Vec<String>>()
.join(",")
.to_string(),
)]),
};
if let Some(ref user_agent) = configuration.user_agent {
req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
}
if let Some(ref token) = configuration.oauth_access_token {
req_builder = req_builder.bearer_auth(token.to_owned());
};
let req = req_builder.build()?;
let resp = configuration.client.execute(req).await?;
let status = resp.status();
let content_type = resp
.headers()
.get("content-type")
.and_then(|v| v.to_str().ok())
.unwrap_or("application/octet-stream");
let content_type = super::ContentType::from(content_type);
if !status.is_client_error() && !status.is_server_error() {
let content = resp.text().await?;
match content_type {
ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
ContentType::Text => {
return Err(Error::from(serde_json::Error::custom(
"Received `text/plain` content type response that cannot be converted to `models::ApiIndicatorRespV1`",
)));
}
ContentType::Unsupported(unknown_type) => {
return Err(Error::from(serde_json::Error::custom(format!(
"Received `{unknown_type}` content type response that cannot be converted to `models::ApiIndicatorRespV1`"
))));
}
}
} else {
let content = resp.text().await?;
let entity: Option<IndicatorGetV1Error> = serde_json::from_str(&content).ok();
Err(Error::ResponseError(ResponseContent {
status,
content,
entity,
}))
}
}
pub async fn indicator_search_v1(
configuration: &configuration::Configuration,
filter: Option<&str>,
offset: Option<i32>,
limit: Option<i32>,
sort: Option<&str>,
after: Option<&str>,
from_parent: Option<bool>,
) -> Result<models::ApiIndicatorQueryRespV1, Error<IndicatorSearchV1Error>> {
// add a prefix to parameters to efficiently prevent name collisions
let p_query_filter = filter;
let p_query_offset = offset;
let p_query_limit = limit;
let p_query_sort = sort;
let p_query_after = after;
let p_query_from_parent = from_parent;
let uri_str = format!("{}/iocs/queries/indicators/v1", configuration.base_path);
let mut req_builder = configuration.client.request(reqwest::Method::GET, &uri_str);
if let Some(ref param_value) = p_query_filter {
req_builder = req_builder.query(&[("filter", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_offset {
req_builder = req_builder.query(&[("offset", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_limit {
req_builder = req_builder.query(&[("limit", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_sort {
req_builder = req_builder.query(&[("sort", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_after {
req_builder = req_builder.query(&[("after", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_from_parent {
req_builder = req_builder.query(&[("from_parent", ¶m_value.to_string())]);
}
if let Some(ref user_agent) = configuration.user_agent {
req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
}
if let Some(ref token) = configuration.oauth_access_token {
req_builder = req_builder.bearer_auth(token.to_owned());
};
let req = req_builder.build()?;
let resp = configuration.client.execute(req).await?;
let status = resp.status();
let content_type = resp
.headers()
.get("content-type")
.and_then(|v| v.to_str().ok())
.unwrap_or("application/octet-stream");
let content_type = super::ContentType::from(content_type);
if !status.is_client_error() && !status.is_server_error() {
let content = resp.text().await?;
match content_type {
ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
ContentType::Text => {
return Err(Error::from(serde_json::Error::custom(
"Received `text/plain` content type response that cannot be converted to `models::ApiIndicatorQueryRespV1`",
)));
}
ContentType::Unsupported(unknown_type) => {
return Err(Error::from(serde_json::Error::custom(format!(
"Received `{unknown_type}` content type response that cannot be converted to `models::ApiIndicatorQueryRespV1`"
))));
}
}
} else {
let content = resp.text().await?;
let entity: Option<IndicatorSearchV1Error> = serde_json::from_str(&content).ok();
Err(Error::ResponseError(ResponseContent {
status,
content,
entity,
}))
}
}
pub async fn indicator_update_v1(
configuration: &configuration::Configuration,
body: models::ApiIndicatorUpdateReqsV1,
retrodetects: Option<bool>,
ignore_warnings: Option<bool>,
) -> Result<models::ApiIndicatorRespV1, Error<IndicatorUpdateV1Error>> {
// add a prefix to parameters to efficiently prevent name collisions
let p_body_body = body;
let p_query_retrodetects = retrodetects;
let p_query_ignore_warnings = ignore_warnings;
let uri_str = format!("{}/iocs/entities/indicators/v1", configuration.base_path);
let mut req_builder = configuration
.client
.request(reqwest::Method::PATCH, &uri_str);
if let Some(ref param_value) = p_query_retrodetects {
req_builder = req_builder.query(&[("retrodetects", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_ignore_warnings {
req_builder = req_builder.query(&[("ignore_warnings", ¶m_value.to_string())]);
}
if let Some(ref user_agent) = configuration.user_agent {
req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
}
if let Some(ref token) = configuration.oauth_access_token {
req_builder = req_builder.bearer_auth(token.to_owned());
};
req_builder = req_builder.json(&p_body_body);
let req = req_builder.build()?;
let resp = configuration.client.execute(req).await?;
let status = resp.status();
let content_type = resp
.headers()
.get("content-type")
.and_then(|v| v.to_str().ok())
.unwrap_or("application/octet-stream");
let content_type = super::ContentType::from(content_type);
if !status.is_client_error() && !status.is_server_error() {
let content = resp.text().await?;
match content_type {
ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
ContentType::Text => {
return Err(Error::from(serde_json::Error::custom(
"Received `text/plain` content type response that cannot be converted to `models::ApiIndicatorRespV1`",
)));
}
ContentType::Unsupported(unknown_type) => {
return Err(Error::from(serde_json::Error::custom(format!(
"Received `{unknown_type}` content type response that cannot be converted to `models::ApiIndicatorRespV1`"
))));
}
}
} else {
let content = resp.text().await?;
let entity: Option<IndicatorUpdateV1Error> = serde_json::from_str(&content).ok();
Err(Error::ResponseError(ResponseContent {
status,
content,
entity,
}))
}
}
pub async fn ioc_type_query_v1(
configuration: &configuration::Configuration,
offset: Option<&str>,
limit: Option<i32>,
) -> Result<models::ApiIndicatorQueryRespV1, Error<IocTypeQueryV1Error>> {
// add a prefix to parameters to efficiently prevent name collisions
let p_query_offset = offset;
let p_query_limit = limit;
let uri_str = format!("{}/iocs/queries/ioc-types/v1", configuration.base_path);
let mut req_builder = configuration.client.request(reqwest::Method::GET, &uri_str);
if let Some(ref param_value) = p_query_offset {
req_builder = req_builder.query(&[("offset", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_limit {
req_builder = req_builder.query(&[("limit", ¶m_value.to_string())]);
}
if let Some(ref user_agent) = configuration.user_agent {
req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
}
if let Some(ref token) = configuration.oauth_access_token {
req_builder = req_builder.bearer_auth(token.to_owned());
};
let req = req_builder.build()?;
let resp = configuration.client.execute(req).await?;
let status = resp.status();
let content_type = resp
.headers()
.get("content-type")
.and_then(|v| v.to_str().ok())
.unwrap_or("application/octet-stream");
let content_type = super::ContentType::from(content_type);
if !status.is_client_error() && !status.is_server_error() {
let content = resp.text().await?;
match content_type {
ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
ContentType::Text => {
return Err(Error::from(serde_json::Error::custom(
"Received `text/plain` content type response that cannot be converted to `models::ApiIndicatorQueryRespV1`",
)));
}
ContentType::Unsupported(unknown_type) => {
return Err(Error::from(serde_json::Error::custom(format!(
"Received `{unknown_type}` content type response that cannot be converted to `models::ApiIndicatorQueryRespV1`"
))));
}
}
} else {
let content = resp.text().await?;
let entity: Option<IocTypeQueryV1Error> = serde_json::from_str(&content).ok();
Err(Error::ResponseError(ResponseContent {
status,
content,
entity,
}))
}
}
pub async fn platform_query_v1(
configuration: &configuration::Configuration,
offset: Option<&str>,
limit: Option<i32>,
) -> Result<models::ApiIndicatorQueryRespV1, Error<PlatformQueryV1Error>> {
// add a prefix to parameters to efficiently prevent name collisions
let p_query_offset = offset;
let p_query_limit = limit;
let uri_str = format!("{}/iocs/queries/platforms/v1", configuration.base_path);
let mut req_builder = configuration.client.request(reqwest::Method::GET, &uri_str);
if let Some(ref param_value) = p_query_offset {
req_builder = req_builder.query(&[("offset", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_limit {
req_builder = req_builder.query(&[("limit", ¶m_value.to_string())]);
}
if let Some(ref user_agent) = configuration.user_agent {
req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
}
if let Some(ref token) = configuration.oauth_access_token {
req_builder = req_builder.bearer_auth(token.to_owned());
};
let req = req_builder.build()?;
let resp = configuration.client.execute(req).await?;
let status = resp.status();
let content_type = resp
.headers()
.get("content-type")
.and_then(|v| v.to_str().ok())
.unwrap_or("application/octet-stream");
let content_type = super::ContentType::from(content_type);
if !status.is_client_error() && !status.is_server_error() {
let content = resp.text().await?;
match content_type {
ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
ContentType::Text => {
return Err(Error::from(serde_json::Error::custom(
"Received `text/plain` content type response that cannot be converted to `models::ApiIndicatorQueryRespV1`",
)));
}
ContentType::Unsupported(unknown_type) => {
return Err(Error::from(serde_json::Error::custom(format!(
"Received `{unknown_type}` content type response that cannot be converted to `models::ApiIndicatorQueryRespV1`"
))));
}
}
} else {
let content = resp.text().await?;
let entity: Option<PlatformQueryV1Error> = serde_json::from_str(&content).ok();
Err(Error::ResponseError(ResponseContent {
status,
content,
entity,
}))
}
}
pub async fn severity_query_v1(
configuration: &configuration::Configuration,
offset: Option<&str>,
limit: Option<i32>,
) -> Result<models::ApiIndicatorQueryRespV1, Error<SeverityQueryV1Error>> {
// add a prefix to parameters to efficiently prevent name collisions
let p_query_offset = offset;
let p_query_limit = limit;
let uri_str = format!("{}/iocs/queries/severities/v1", configuration.base_path);
let mut req_builder = configuration.client.request(reqwest::Method::GET, &uri_str);
if let Some(ref param_value) = p_query_offset {
req_builder = req_builder.query(&[("offset", ¶m_value.to_string())]);
}
if let Some(ref param_value) = p_query_limit {
req_builder = req_builder.query(&[("limit", ¶m_value.to_string())]);
}
if let Some(ref user_agent) = configuration.user_agent {
req_builder = req_builder.header(reqwest::header::USER_AGENT, user_agent.clone());
}
if let Some(ref token) = configuration.oauth_access_token {
req_builder = req_builder.bearer_auth(token.to_owned());
};
let req = req_builder.build()?;
let resp = configuration.client.execute(req).await?;
let status = resp.status();
let content_type = resp
.headers()
.get("content-type")
.and_then(|v| v.to_str().ok())
.unwrap_or("application/octet-stream");
let content_type = super::ContentType::from(content_type);
if !status.is_client_error() && !status.is_server_error() {
let content = resp.text().await?;
match content_type {
ContentType::Json => serde_json::from_str(&content).map_err(Error::from),
ContentType::Text => {
return Err(Error::from(serde_json::Error::custom(
"Received `text/plain` content type response that cannot be converted to `models::ApiIndicatorQueryRespV1`",
)));
}
ContentType::Unsupported(unknown_type) => {
return Err(Error::from(serde_json::Error::custom(format!(
"Received `{unknown_type}` content type response that cannot be converted to `models::ApiIndicatorQueryRespV1`"
))));
}
}
} else {
let content = resp.text().await?;
let entity: Option<SeverityQueryV1Error> = serde_json::from_str(&content).ok();
Err(Error::ResponseError(ResponseContent {
status,
content,
entity,
}))
}
}