misp_client_rs/models/

rest_search_events_request.rs

//!
//! MISP Automation API
//!
//!  ### Getting Started  MISP API allows you to query, create, modify data models, such as [Events](https://www.circl.lu/doc/misp/GLOSSARY.html#misp-event), [Objects](https://www.circl.lu/doc/misp/misp-objects/), [Attributes](https://www.circl.lu/doc/misp/GLOSSARY.html#misp-attribute). This is extremly useful for interconnecting MISP with external tools and feeding other systems with threat intel data.  It also lets you perform administrative tasks such as creating users, organisations, altering MISP settings, and much more.  To get an API key there are several options: * **[UI]** Go to [My Profile -> Auth Keys](/auth_keys/index) section and click on `+ Add authentication key`  * **[UI]** As an admin go to the the [Administration -> List Users -> View](/admin/users/view/[id]) page of the user you want to create an auth key for and on the `Auth keys` section click on `+ Add authentication key`  * **[CLI]** Use the following command: `./app/Console/cake user change_authkey [e-mail/user_id]`  * **API** Provided you already have an admin level API key, you can create an API key for another user using the `[POST]/auth_keys/add/{{user_id}}` endpoint.  > **NOTE:** The authentication key will only be displayed once, so take note of it or store it properly in your application secrets.  #### Accept and Content-Type headers  When performing your request, depending on the type of request, you might need to explicitly specify in what content  type you want to get your results. This is done by setting one of the below `Accept` headers:      Accept: application/json     Accept: application/xml  When submitting data in a `POST`, `PUT` or `DELETE` operation you also need to specify in what content-type you encoded the payload.  This is done by setting one of the below `Content-Type` headers:      Content-Type: application/json     Content-Type: application/xml  Example: ``` curl  --header \"Authorization: YOUR_API_KEY\" \\       --header \"Accept: application/json\" \\       --header \"Content-Type: application/json\" https://<misp url>/  ```  > **NOTE**: By appending .json or .xml the content type can also be set without the need for a header.  #### Automation using PyMISP  [PyMISP](https://github.com/MISP/PyMISP) is a Python library to access MISP platforms via their REST [API](https://www.circl.lu/doc/misp/GLOSSARY.html#api). It allows you to fetch events, add or update events/attributes, add or update samples or search for attributes.  ### FAQ * [Dev FAQ](https://www.circl.lu/doc/misp/dev-faq/) * [GitHub project FAQ](https://github.com/MISP/MISP/wiki/Frequently-Asked-Questions) 
//!
//! The version of the OpenAPI document: 2.4
//! 
//! Generated by: https://openapi-generator.tech
//! 

use crate::models;
use serde::{Deserialize, Serialize};

#[derive(Clone, Default, Debug, PartialEq, Serialize, Deserialize)]
pub struct RestSearchEventsRequest {
    #[serde(rename = "page", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub page: Option<Option<i32>>,
    #[serde(rename = "limit", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub limit: Option<Option<i32>>,
    #[serde(rename = "value", skip_serializing_if = "Option::is_none")]
    pub value: Option<String>,
    #[serde(rename = "type", skip_serializing_if = "Option::is_none")]
    pub r#type: Option<models::AttributeType>,
    #[serde(rename = "category", skip_serializing_if = "Option::is_none")]
    pub category: Option<models::AttributeCategory>,
    #[serde(rename = "org", skip_serializing_if = "Option::is_none")]
    pub org: Option<Box<models::RestSearchEventsRequestOrg>>,
    #[serde(rename = "tags", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub tags: Option<Option<Vec<String>>>,
    #[serde(rename = "event_tags", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub event_tags: Option<Option<Vec<String>>>,
    /// Search events by matching any tag names, event descriptions, attribute values or attribute comments
    #[serde(rename = "searchall", skip_serializing_if = "Option::is_none")]
    pub searchall: Option<String>,
    /// You can use any of the valid time related filters (examples: 7d, timestamps, [14d, 7d] for ranges, etc.)
    #[serde(rename = "from", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub from: Option<Option<String>>,
    /// You can use any of the valid time related filters (examples: 7d, timestamps, [14d, 7d] for ranges, etc.)
    #[serde(rename = "to", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub to: Option<Option<String>>,
    #[serde(rename = "last", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub last: Option<Option<Box<models::LastRestSearchFilter>>>,
    #[serde(rename = "eventid", skip_serializing_if = "Option::is_none")]
    pub eventid: Option<String>,
    /// Extends the response with the base64 representation of the attachment, if there is one
    #[serde(rename = "withAttachments", skip_serializing_if = "Option::is_none")]
    pub with_attachments: Option<bool>,
    /// Sharing group ID(s), either as single string or list of IDs
    #[serde(rename = "sharinggroup", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub sharinggroup: Option<Option<Vec<String>>>,
    /// Will only return the metadata of the given query scope, contained data is omitted.
    #[serde(rename = "metadata", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub metadata: Option<Option<bool>>,
    #[serde(rename = "uuid", skip_serializing_if = "Option::is_none")]
    pub uuid: Option<uuid::Uuid>,
    #[serde(rename = "publish_timestamp", skip_serializing_if = "Option::is_none")]
    pub publish_timestamp: Option<String>,
    #[serde(rename = "timestamp", skip_serializing_if = "Option::is_none")]
    pub timestamp: Option<String>,
    #[serde(rename = "published", skip_serializing_if = "Option::is_none")]
    pub published: Option<bool>,
    /// Should the warning list be enforced. Adds blocked field for matching attributes
    #[serde(rename = "enforceWarninglist", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub enforce_warninglist: Option<Option<bool>>,
    /// Will only return the sharing group ID
    #[serde(rename = "sgReferenceOnly", skip_serializing_if = "Option::is_none")]
    pub sg_reference_only: Option<bool>,
    /// List of properties that will be selected in the CSV export
    #[serde(rename = "requested_attributes", skip_serializing_if = "Option::is_none")]
    pub requested_attributes: Option<Vec<String>>,
    /// Adds events context fields in the CSV export
    #[serde(rename = "includeContext", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub include_context: Option<Option<bool>>,
    /// Removes header in the CSV export
    #[serde(rename = "headerless", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub headerless: Option<Option<bool>>,
    #[serde(rename = "includeWarninglistHits", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub include_warninglist_hits: Option<Option<bool>>,
    #[serde(rename = "attackGalaxy", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub attack_galaxy: Option<Option<String>>,
    #[serde(rename = "to_ids", skip_serializing_if = "Option::is_none")]
    pub to_ids: Option<bool>,
    /// Whether to include soft-deleted attributes. Default value 0. If set to 1, only deleted attributes will be returned. If set to [0,1], both deleted and non-deleted attributes wil be returned.
    #[serde(rename = "deleted", skip_serializing_if = "Option::is_none")]
    pub deleted: Option<bool>,
    /// Exclude local tags from the export
    #[serde(rename = "excludeLocalTags", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub exclude_local_tags: Option<Option<bool>>,
    /// You can use any of the valid time related filters (examples: 7d, timestamps, [14d, 7d] for ranges, etc.)
    #[serde(rename = "date", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub date: Option<Option<String>>,
    /// Extend response with Sightings DB results if the module is enabled
    #[serde(rename = "includeSightingdb", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub include_sightingdb: Option<Option<bool>>,
    #[serde(rename = "tag", skip_serializing_if = "Option::is_none")]
    pub tag: Option<String>,
    /// Filter by the attribute object relation value
    #[serde(rename = "object_relation", default, with = "::serde_with::rust::double_option", skip_serializing_if = "Option::is_none")]
    pub object_relation: Option<Option<String>>,
    #[serde(rename = "threat_level_id", skip_serializing_if = "Option::is_none")]
    pub threat_level_id: Option<models::ThreatLevelId>,
    #[serde(rename = "returnFormat", skip_serializing_if = "Option::is_none")]
    pub return_format: Option<models::EventsRestSearchReturnFormat>,
}

impl RestSearchEventsRequest {
    pub fn new() -> RestSearchEventsRequest {
        RestSearchEventsRequest {
            page: None,
            limit: None,
            value: None,
            r#type: None,
            category: None,
            org: None,
            tags: None,
            event_tags: None,
            searchall: None,
            from: None,
            to: None,
            last: None,
            eventid: None,
            with_attachments: None,
            sharinggroup: None,
            metadata: None,
            uuid: None,
            publish_timestamp: None,
            timestamp: None,
            published: None,
            enforce_warninglist: None,
            sg_reference_only: None,
            requested_attributes: None,
            include_context: None,
            headerless: None,
            include_warninglist_hits: None,
            attack_galaxy: None,
            to_ids: None,
            deleted: None,
            exclude_local_tags: None,
            date: None,
            include_sightingdb: None,
            tag: None,
            object_relation: None,
            threat_level_id: None,
            return_format: None,
        }
    }
}