misp_client_rs/models/

search_events_request.rs

//!
//! MISP Automation API
//!
//!  ### Getting Started  MISP API allows you to query, create, modify data models, such as [Events](https://www.circl.lu/doc/misp/GLOSSARY.html#misp-event), [Objects](https://www.circl.lu/doc/misp/misp-objects/), [Attributes](https://www.circl.lu/doc/misp/GLOSSARY.html#misp-attribute). This is extremly useful for interconnecting MISP with external tools and feeding other systems with threat intel data.  It also lets you perform administrative tasks such as creating users, organisations, altering MISP settings, and much more.  To get an API key there are several options: * **[UI]** Go to [My Profile -> Auth Keys](/auth_keys/index) section and click on `+ Add authentication key`  * **[UI]** As an admin go to the the [Administration -> List Users -> View](/admin/users/view/[id]) page of the user you want to create an auth key for and on the `Auth keys` section click on `+ Add authentication key`  * **[CLI]** Use the following command: `./app/Console/cake user change_authkey [e-mail/user_id]`  * **API** Provided you already have an admin level API key, you can create an API key for another user using the `[POST]/auth_keys/add/{{user_id}}` endpoint.  > **NOTE:** The authentication key will only be displayed once, so take note of it or store it properly in your application secrets.  #### Accept and Content-Type headers  When performing your request, depending on the type of request, you might need to explicitly specify in what content  type you want to get your results. This is done by setting one of the below `Accept` headers:      Accept: application/json     Accept: application/xml  When submitting data in a `POST`, `PUT` or `DELETE` operation you also need to specify in what content-type you encoded the payload.  This is done by setting one of the below `Content-Type` headers:      Content-Type: application/json     Content-Type: application/xml  Example: ``` curl  --header \"Authorization: YOUR_API_KEY\" \\       --header \"Accept: application/json\" \\       --header \"Content-Type: application/json\" https://<misp url>/  ```  > **NOTE**: By appending .json or .xml the content type can also be set without the need for a header.  #### Automation using PyMISP  [PyMISP](https://github.com/MISP/PyMISP) is a Python library to access MISP platforms via their REST [API](https://www.circl.lu/doc/misp/GLOSSARY.html#api). It allows you to fetch events, add or update events/attributes, add or update samples or search for attributes.  ### FAQ * [Dev FAQ](https://www.circl.lu/doc/misp/dev-faq/) * [GitHub project FAQ](https://github.com/MISP/MISP/wiki/Frequently-Asked-Questions) 
//!
//! The version of the OpenAPI document: 2.4
//! 
//! Generated by: https://openapi-generator.tech
//! 

use crate::models;
use serde::{Deserialize, Serialize};

#[derive(Clone, Default, Debug, PartialEq, Serialize, Deserialize)]
pub struct SearchEventsRequest {
    #[serde(rename = "page", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub page: Option<Option<i32>>,
    #[serde(rename = "limit", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub limit: Option<Option<i32>>,
    /// Field to be used to sort the result
    #[serde(rename = "sort", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub sort: Option<Option<String>>,
    #[serde(rename = "direction", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub direction: Option<Option<models::DirectionSearchField>>,
    /// Returns a minimal version of the event, only events with `attributeCount` > 0 will be returned
    #[serde(rename = "minimal", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub minimal: Option<Option<bool>>,
    /// Filter events matching the given string with attributes values
    #[serde(rename = "attribute", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub attribute: Option<Option<String>>,
    #[serde(rename = "eventid", skip_serializing_if = "Option::is_none")]
    pub eventid: Option<String>,
    /// Event creation date is greater or equal
    #[serde(rename = "datefrom", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub datefrom: Option<Option<String>>,
    /// Event creation date is less or equal
    #[serde(rename = "dateuntil", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub dateuntil: Option<Option<String>>,
    /// Filter events by matching the creator organisation name
    #[serde(rename = "org", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub org: Option<Option<String>>,
    /// Filter events by matching the event info text
    #[serde(rename = "eventinfo", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub eventinfo: Option<Option<String>>,
    #[serde(rename = "tag", skip_serializing_if = "Option::is_none")]
    pub tag: Option<String>,
    /// Filter events by matching *any* of the event tags of a given list of tag names
    #[serde(rename = "tags", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub tags: Option<Option<Vec<String>>>,
    #[serde(rename = "distribution", skip_serializing_if = "Option::is_none")]
    pub distribution: Option<models::DistributionLevelId>,
    #[serde(rename = "sharinggroup", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub sharinggroup: Option<Option<String>>,
    #[serde(rename = "analysis", skip_serializing_if = "Option::is_none")]
    pub analysis: Option<models::AnalysisLevelId>,
    #[serde(rename = "threatlevel", skip_serializing_if = "Option::is_none")]
    pub threatlevel: Option<models::ThreatLevelId>,
    /// Filter events by matching the event creator user email
    #[serde(rename = "email", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub email: Option<Option<String>>,
    /// Filter events by checking if it has attributes with change proposals. Possible values: `0`, `1`
    #[serde(rename = "hasproposal", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub hasproposal: Option<Option<String>>,
    /// Event timestamp greater or equal
    #[serde(rename = "timestamp", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub timestamp: Option<Option<String>>,
    /// Event publish timestamp greater or equal
    #[serde(rename = "publish_timestamp", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub publish_timestamp: Option<Option<String>>,
    /// Filters on the date, anything newer than the given date in YYYY-MM-DD format is taken - non-negatable
    #[serde(rename = "searchDatefrom", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub search_datefrom: Option<Option<String>>,
    /// Filters on the date, anything older than the given date in YYYY-MM-DD format is taken - non-negatable
    #[serde(rename = "searchDateuntil", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub search_dateuntil: Option<Option<String>>,
}

impl SearchEventsRequest {
    pub fn new() -> SearchEventsRequest {
        SearchEventsRequest {
            page: None,
            limit: None,
            sort: None,
            direction: None,
            minimal: None,
            attribute: None,
            eventid: None,
            datefrom: None,
            dateuntil: None,
            org: None,
            eventinfo: None,
            tag: None,
            tags: None,
            distribution: None,
            sharinggroup: None,
            analysis: None,
            threatlevel: None,
            email: None,
            hasproposal: None,
            timestamp: None,
            publish_timestamp: None,
            search_datefrom: None,
            search_dateuntil: None,
        }
    }
}