diff --git a/docs/api_reference/reference/iris.v2.1.0.yaml b/docs/api_reference/reference/iris.v2.1.0.yaml index 634f76b62..2d2f81e92 100644 --- a/docs/api_reference/reference/iris.v2.1.0.yaml +++ b/docs/api_reference/reference/iris.v2.1.0.yaml @@ -12,31 +12,42 @@ info: ### Changes in v2.1.0 * Added POST /api/v2/cases * Added GET /api/v2/cases - * Added GET /api/v2/cases/{identifier} - * Added DELETE /api/v2/cases/{identifier} - * Added POST /api/v2/cases/{identifier}/iocs - * Added GET /api/v2/cases/{identifier}/iocs + * Added GET /api/v2/cases/{case_identifier} + * Added PUT /api/v2/cases/{case_identifier} + * Added DELETE /api/v2/cases/{case_identifier} + * Added POST /api/v2/cases/{case_identifier}/iocs + * Added GET /api/v2/cases/{case_identifier}/iocs + * Added GET /api/v2/cases/{case_identifier}/iocs/{identifier} + * Added PUT /api/v2/cases/{case_identifier}/iocs/{identifier} + * Added DELETE /api/v2/cases/{case_identifier}/iocs/{identifier} + * Added GET /api/v2/cases/{case_identifier}/assets/{identifier} + * Added DELETE /api/v2/cases/{case_identifier}/assets/{identifier} + * Added GET /api/v2/cases/{case_identifier}/tasks/{identifier} + * Added DELETE /api/v2/cases/{case_identifier}/tasks/{identifier} * Added GET /api/v2/iocs/{identifier} * Added PUT /api/v2/iocs/{identifier} * Added DELETE /api/v2/iocs/{identifier} - * Added POST /api/v2/cases/{identifier}/tasks + * Added POST /api/v2/cases/{case_identifier}/tasks * Added GET /api/v2/tasks/{identifier} * Added DELETE /api/v2/tasks/{identifier} - * Added POST /api/v2/cases/{identifier}/assets + * Added POST /api/v2/cases/{case_identifier}/assets * Added GET /api/v2/assets/{identifier} * Added DELETE /api/v2/assets/{identifier} * Deprecated POST /manage/cases/add in favor of POST /api/v2/cases - * Deprecated POST /manage/cases/delete/{case_id} in favor of DELETE /api/v2/cases/{identifier} - * Deprecated POST /case/ioc/add in favor of POST /api/v2/cases/{identifier}/iocs + * Deprecated POST /manage/cases/update in favor of PUT /api/v2/cases/{case_identifier} + * Deprecated POST /manage/cases/delete/{case_id} in favor of DELETE /api/v2/cases/{case_identifier} + * Deprecated POST /case/ioc/add in favor of POST /api/v2/cases/{case_identifier}/iocs * Deprecated GET /case/ioc/{ioc_id} in favor of GET /api/v2/iocs/{identifier} * Deprecated DELETE /case/ioc/delete/{ioc_id} in favor of DELETE /api/v2/iocs/{identifier} - * Deprecated POST /case/tasks/add in favor of POST /api/v2/cases/{identifier}/tasks + * Deprecated POST /case/tasks/add in favor of POST /api/v2/cases/{case_identifier}/tasks * Deprecated GET /case/tasks/{task_id} in favor of GET /api/v2/tasks/{identifier} * Deprecated DELETE /case/tasks/delete/{task_id} in favor of DELETE /api/v2/tasks/{identifier} - * Deprecated POST /case/assets/add in favor of POST /api/v2/cases/{identifier}/assets + * Deprecated POST /case/assets/add in favor of POST /api/v2/cases/{case_identifier}/assets * Deprecated GET /case/assets/{asset_id} in favor of GET /api/v2/assets/{identifier} * Deprecated DELETE /case/assets/delete/{asset_id} in favor of DELETE /api/v2/assets/{identifier} - + * Added documentation of missing GET /manage/severities/list + * Added documentation of missing GET /manage/tlp/list + * Added documentation of missing GET /manage/event-categories/list ### Changes in v2.0.0 This version introduces access control. Every request now needs to have the `cid=x` parameter in the URI. @@ -60,14 +71,20 @@ servers: paths: /api/v2/cases: $ref: v2.1.0/resources/api_v2_cases.yaml - /api/v2/cases/{identifier}: - $ref: v2.1.0/resources/api_v2_cases_{identifier}.yaml - /api/v2/cases/{identifier}/iocs: - $ref: v2.1.0/resources/api_v2_cases_{identifier}_iocs.yaml - /api/v2/cases/{identifier}/assets: - $ref: v2.1.0/resources/api_v2_cases_{identifier}_assets.yaml - /api/v2/cases/{identifier}/tasks: - $ref: v2.1.0/resources/api_v2_cases_{identifier}_tasks.yaml + /api/v2/cases/{case_identifier}: + $ref: v2.1.0/resources/api_v2_cases_{case_identifier}.yaml + /api/v2/cases/{case_identifier}/iocs: + $ref: v2.1.0/resources/api_v2_cases_{case_identifier}_iocs.yaml + /api/v2/cases/{case_identifier}/iocs/{identifier}: + $ref: v2.1.0/resources/api_v2_cases_{case_identifier}_iocs_{identifier}.yaml + /api/v2/cases/{case_identifier}/assets: + $ref: v2.1.0/resources/api_v2_cases_{case_identifier}_assets.yaml + /api/v2/cases/{case_identifier}/assets/{identifier}: + $ref: v2.1.0/resources/api_v2_cases_{case_identifier}_assets_{identifier}.yaml + /api/v2/cases/{case_identifier}/tasks: + $ref: v2.1.0/resources/api_v2_cases_{case_identifier}_tasks.yaml + /api/v2/cases/{case_identifier}/tasks/{identifier}: + $ref: v2.1.0/resources/api_v2_cases_{case_identifier}_tasks_{identifier}.yaml /manage/cases/update/{case_id}: $ref: v2.1.0/resources/manage_cases_update_{case_id}.yaml /api/v2/iocs/{identifier}: @@ -318,6 +335,8 @@ paths: $ref: v2.1.0/resources/manage_ioc-types_add.yaml /manage/ioc-types/update/{ioc_type_id}: $ref: v2.1.0/resources/manage_ioc-types_update_{ioc_type_id}.yaml + /manage/tlp/list: + $ref: v2.1.0/resources/manage_tlp_list.yaml /manage/case-templates/add: $ref: v2.1.0/resources/manage_case-templates_add.yaml /manage/case-templates/update/{template_id}: @@ -344,6 +363,8 @@ paths: $ref: v2.1.0/resources/manage_case-states_update_{state_id}.yaml /manage/case-states/delete/{state_id}: $ref: v2.1.0/resources/manage_case-states_delete_{state_id}.yaml + /manage/severities/list: + $ref: v2.1.0/resources/manage_severities_list.yaml /manage/evidence-types/list: $ref: v2.1.0/resources/manage_evidence-types_list.yaml /manage/evidence-types/{type_id}: @@ -354,6 +375,8 @@ paths: $ref: v2.1.0/resources/manage_evidence-types_update_{type_id}.yaml /manage/evidence-types/delete/{state_id}: $ref: v2.1.0/resources/manage_evidence-types_delete_{state_id}.yaml + /manage/event-categories/list: + $ref: v2.1.0/resources/manage_event-categories_list.yaml /api/versions: $ref: v2.1.0/resources/api_versions.yaml /api/ping: diff --git a/docs/api_reference/reference/v2.1.0/parameters/path/cases_identifier.yaml b/docs/api_reference/reference/v2.1.0/parameters/path/case_identifier.yaml similarity index 78% rename from docs/api_reference/reference/v2.1.0/parameters/path/cases_identifier.yaml rename to docs/api_reference/reference/v2.1.0/parameters/path/case_identifier.yaml index 4724519f4..398d9cad7 100644 --- a/docs/api_reference/reference/v2.1.0/parameters/path/cases_identifier.yaml +++ b/docs/api_reference/reference/v2.1.0/parameters/path/case_identifier.yaml @@ -1,5 +1,5 @@ in: path -name: identifier +name: case_identifier required: true description: Case identifier schema: diff --git a/docs/api_reference/reference/v2.1.0/parameters/query/case_severity_id.yaml b/docs/api_reference/reference/v2.1.0/parameters/query/case_severity_id.yaml index 543887e9a..23c5745a2 100644 --- a/docs/api_reference/reference/v2.1.0/parameters/query/case_severity_id.yaml +++ b/docs/api_reference/reference/v2.1.0/parameters/query/case_severity_id.yaml @@ -2,5 +2,5 @@ in: query name: case_severity_id description: Severity identifier of the case schema: - type: int + $ref: ../../schemas/case_severity_id.yaml diff --git a/docs/api_reference/reference/v2.1.0/resources/api_v2_cases_{case_identifier}.yaml b/docs/api_reference/reference/v2.1.0/resources/api_v2_cases_{case_identifier}.yaml new file mode 100644 index 000000000..a8ce8ee5d --- /dev/null +++ b/docs/api_reference/reference/v2.1.0/resources/api_v2_cases_{case_identifier}.yaml @@ -0,0 +1,107 @@ +parameters: + - $ref: ../parameters/path/case_identifier.yaml +get: + operationId: api_v2_cases_{identifier}_get + tags: + - Cases + - Beta + summary: Get a case + description: 'Get a case by its identifier' + responses: + '201': + description: Case successfully found + content: + application/json: + schema: + $ref: ../schemas/Case.yaml + '404': + $ref: ../responses/NotFound.yaml +put: + operationId: api_v2_cases_{identifier}_put + tags: + - Cases + - Beta + summary: Update a case + description: 'Update informations of a case' + requestBody: + content: + application/json: + schema: + type: object + properties: + case_name: + type: string + case_soc_id: + type: string + classification_id: + type: integer + owner_id: + type: integer + state_id: + type: integer + severity_id: + $ref: ../schemas/case_severity_id.yaml + status_id: + $ref: ../schemas/case_status_id.yaml + case_customer: + type: integer + reviewer_id: + type: integer + protagonists: + type: array + items: + type: object + properties: + role: + type: string + name: + type: string + contact: + type: string + case_tags: + type: string + custom_attributes: + type: object + examples: + Example 1: + value: + case_name: 'A new case name' + case_soc_id: soc_id_demo + classification_id: 2 + owner_id: 2 + state_id: 3 + severity_id: 4 + status_id: 1 + case_customer: 1 + reviewer_id: 2 + protagonists: + - role: Lead + name: administrator + contact: administrator@iris.local + case_tags: tag1,tag2 + custom_attributes: {} + responses: + '200': + description: Case successfully updated + content: + application/json: + schema: + $ref: ../schemas/Case.yaml + '404': + $ref: ../responses/NotFound.yaml + '400': + $ref: ../responses/GenericError.yaml +delete: + operationId: api_v2_cases_{identifier}_delete + tags: + - Cases + - Beta + summary: Delete a case + description: This implies the deletion of everything linked to the case. + responses: + '204': + $ref: ../responses/Deleted.yaml + '404': + $ref: ../responses/NotFound.yaml + '400': + $ref: ../responses/GenericError.yaml diff --git a/docs/api_reference/reference/v2.1.0/resources/api_v2_cases_{identifier}_assets.yaml b/docs/api_reference/reference/v2.1.0/resources/api_v2_cases_{case_identifier}_assets.yaml similarity index 97% rename from docs/api_reference/reference/v2.1.0/resources/api_v2_cases_{identifier}_assets.yaml rename to docs/api_reference/reference/v2.1.0/resources/api_v2_cases_{case_identifier}_assets.yaml index d71e6618c..e7923f133 100644 --- a/docs/api_reference/reference/v2.1.0/resources/api_v2_cases_{identifier}_assets.yaml +++ b/docs/api_reference/reference/v2.1.0/resources/api_v2_cases_{case_identifier}_assets.yaml @@ -1,5 +1,5 @@ parameters: - - $ref: ../parameters/path/cases_identifier.yaml + - $ref: ../parameters/path/case_identifier.yaml post: operationId: api_v2_cases_{identifier}_assets_post summary: Create an asset diff --git a/docs/api_reference/reference/v2.1.0/resources/api_v2_cases_{case_identifier}_assets_{identifier}.yaml b/docs/api_reference/reference/v2.1.0/resources/api_v2_cases_{case_identifier}_assets_{identifier}.yaml new file mode 100644 index 000000000..a3d6177e4 --- /dev/null +++ b/docs/api_reference/reference/v2.1.0/resources/api_v2_cases_{case_identifier}_assets_{identifier}.yaml @@ -0,0 +1,31 @@ +parameters: + - $ref: ../parameters/path/case_identifier.yaml + - $ref: ../parameters/path/identifier.yaml +get: + operationId: api_v2_cases_{case_identifier}_assets_{identifier}_get + tags: + - Assets + - Beta + summary: Get an asset + description: 'Get an asset by its identifier' + responses: + '201': + description: Asset successfully found + content: + application/json: + schema: + $ref: ../schemas/Asset.yaml + '404': + $ref: ../responses/NotFound.yaml +delete: + operationId: api_v2_cases_{case_identifier}_assets_{identifier}_delete + tags: + - Assets + summary: Delete an asset + responses: + '204': + $ref: ../responses/Deleted.yaml + '404': + $ref: ../responses/NotFound.yaml + '400': + $ref: ../responses/GenericError.yaml diff --git a/docs/api_reference/reference/v2.1.0/resources/api_v2_cases_{identifier}_iocs.yaml b/docs/api_reference/reference/v2.1.0/resources/api_v2_cases_{case_identifier}_iocs.yaml similarity index 97% rename from docs/api_reference/reference/v2.1.0/resources/api_v2_cases_{identifier}_iocs.yaml rename to docs/api_reference/reference/v2.1.0/resources/api_v2_cases_{case_identifier}_iocs.yaml index 5775f6723..84c7c7cc9 100644 --- a/docs/api_reference/reference/v2.1.0/resources/api_v2_cases_{identifier}_iocs.yaml +++ b/docs/api_reference/reference/v2.1.0/resources/api_v2_cases_{case_identifier}_iocs.yaml @@ -1,5 +1,5 @@ parameters: - - $ref: ../parameters/path/cases_identifier.yaml + - $ref: ../parameters/path/case_identifier.yaml post: operationId: api_v2_cases_{identifier}_iocs_post summary: Create an IOC diff --git a/docs/api_reference/reference/v2.1.0/resources/api_v2_cases_{case_identifier}_iocs_{identifier}.yaml b/docs/api_reference/reference/v2.1.0/resources/api_v2_cases_{case_identifier}_iocs_{identifier}.yaml new file mode 100644 index 000000000..642e40497 --- /dev/null +++ b/docs/api_reference/reference/v2.1.0/resources/api_v2_cases_{case_identifier}_iocs_{identifier}.yaml @@ -0,0 +1,84 @@ +parameters: + - $ref: ../parameters/path/case_identifier.yaml + - $ref: ../parameters/path/identifier.yaml +get: + operationId: api_v2_cases_{case_identifier}_iocs_{identifier}_get + tags: + - IOCs + - Beta + summary: Get an IOC + description: '' + responses: + '201': + description: IOC successfully found + content: + application/json: + schema: + $ref: ../schemas/Ioc.yaml + '404': + $ref: ../responses/NotFound.yaml +put: + operationId: api_v2_cases_{case_identifier}_iocs_{identifier}_put + tags: + - IOCs + - Beta + summary: Update an IOC + description: '' + requestBody: + content: + application/json: + schema: + type: object + properties: + ioc_value: + type: string + minLength: 1 + ioc_type_id: + type: number + ioc_tlp_id: + type: number + ioc_description: + type: string + minLength: 1 + description: 'A short description of the ioc. This will be the summary of the ioc.' + ioc_misp: + type: + - string + - 'null' + description: 'Misp of ioc' + ioc_tags: + type: string + description : 'Ioc tags' + examples: + Valid request: + value: + ioc_value: 8.8.8.8 + ioc_type_id: 1 + ioc_tlp_id: 2 + ioc_description: rewrw + ioc_tags: '' + responses: + '200': + description: IOC successfully updated + content: + application/json: + schema: + $ref: ../schemas/Ioc.yaml + '404': + $ref: ../responses/NotFound.yaml + '400': + $ref: ../responses/GenericError.yaml +delete: + operationId: api_v2_cases_{case_identifier}_iocs_{identifier}_delete + tags: + - IOCs + - Beta + summary: Delete an IOC + description: 'Delete an IOC from the case. If the IOC is still reference in other cases than it''s only unlinked from the current case.' + responses: + '204': + $ref: ../responses/Deleted.yaml + '404': + $ref: ../responses/NotFound.yaml + '400': + $ref: ../responses/GenericError.yaml diff --git a/docs/api_reference/reference/v2.1.0/resources/api_v2_cases_{identifier}_tasks.yaml b/docs/api_reference/reference/v2.1.0/resources/api_v2_cases_{case_identifier}_tasks.yaml similarity index 96% rename from docs/api_reference/reference/v2.1.0/resources/api_v2_cases_{identifier}_tasks.yaml rename to docs/api_reference/reference/v2.1.0/resources/api_v2_cases_{case_identifier}_tasks.yaml index e29c7f188..4e84478d5 100644 --- a/docs/api_reference/reference/v2.1.0/resources/api_v2_cases_{identifier}_tasks.yaml +++ b/docs/api_reference/reference/v2.1.0/resources/api_v2_cases_{case_identifier}_tasks.yaml @@ -1,5 +1,5 @@ parameters: - - $ref: ../parameters/path/cases_identifier.yaml + - $ref: ../parameters/path/case_identifier.yaml post: operationId: api_v2_cases_{identifier}_tasks_post summary: Create a task diff --git a/docs/api_reference/reference/v2.1.0/resources/api_v2_cases_{case_identifier}_tasks_{identifier}.yaml b/docs/api_reference/reference/v2.1.0/resources/api_v2_cases_{case_identifier}_tasks_{identifier}.yaml new file mode 100644 index 000000000..9ffb6efc5 --- /dev/null +++ b/docs/api_reference/reference/v2.1.0/resources/api_v2_cases_{case_identifier}_tasks_{identifier}.yaml @@ -0,0 +1,31 @@ +parameters: + - $ref: ../parameters/path/case_identifier.yaml + - $ref: ../parameters/path/identifier.yaml +get: + operationId: api_v2_cases_{case_identifier}_tasks_{identifier}_get + tags: + - Tasks + - Beta + summary: Get a task + description: 'Get an task by its identifier' + responses: + '201': + description: tasks successfully found + content: + application/json: + schema: + $ref: ../schemas/Task.yaml + '404': + $ref: ../responses/NotFound.yaml +delete: + operationId: api_v2_cases_{case_identifier}_tasks_{identifier}_delete + tags: + - Tasks + summary: Delete an task + responses: + '204': + $ref: ../responses/Deleted.yaml + '404': + $ref: ../responses/NotFound.yaml + '400': + $ref: ../responses/GenericError.yaml diff --git a/docs/api_reference/reference/v2.1.0/resources/api_v2_cases_{identifier}.yaml b/docs/api_reference/reference/v2.1.0/resources/api_v2_cases_{identifier}.yaml deleted file mode 100644 index 8243f536b..000000000 --- a/docs/api_reference/reference/v2.1.0/resources/api_v2_cases_{identifier}.yaml +++ /dev/null @@ -1,32 +0,0 @@ -parameters: - - $ref: ../parameters/path/cases_identifier.yaml -get: - operationId: api_v2_cases_{identifier}_get - tags: - - Cases - - Beta - summary: Get a case - description: 'Get a case by its identifier' - responses: - '201': - description: Case successfully found - content: - application/json: - schema: - $ref: ../schemas/Case.yaml - '404': - $ref: ../responses/NotFound.yaml -delete: - operationId: api_v2_cases_{identifier}_delete - tags: - - Cases - - Beta - summary: Delete a case - description: This implies the deletion of everything linked to the case. - responses: - '204': - $ref: ../responses/Deleted.yaml - '404': - $ref: ../responses/NotFound.yaml - '400': - $ref: ../responses/GenericError.yaml diff --git a/docs/api_reference/reference/v2.1.0/resources/case_assets_add.yaml b/docs/api_reference/reference/v2.1.0/resources/case_assets_add.yaml index 13805c0f8..dee489c92 100644 --- a/docs/api_reference/reference/v2.1.0/resources/case_assets_add.yaml +++ b/docs/api_reference/reference/v2.1.0/resources/case_assets_add.yaml @@ -188,7 +188,7 @@ post: message: Data error status: error description: >- - This endpoint is deprecated. Use POST /api/v2/cases/{identifier}/assets + This endpoint is deprecated. Use POST /api/v2/cases/{case_identifier}/assets instead. deprecated: true parameters: diff --git a/docs/api_reference/reference/v2.1.0/resources/case_ioc_add.yaml b/docs/api_reference/reference/v2.1.0/resources/case_ioc_add.yaml index 3b17920c3..b95b3fca9 100644 --- a/docs/api_reference/reference/v2.1.0/resources/case_ioc_add.yaml +++ b/docs/api_reference/reference/v2.1.0/resources/case_ioc_add.yaml @@ -144,7 +144,7 @@ post: - message - status examples: {} - description: This endpoint is deprecated. Use POST /api/v2/cases/{identifier}/iocs. + description: This endpoint is deprecated. Use POST /api/v2/cases/{case_identifier}/iocs. deprecated: true parameters: - schema: diff --git a/docs/api_reference/reference/v2.1.0/resources/case_tasks_add.yaml b/docs/api_reference/reference/v2.1.0/resources/case_tasks_add.yaml index c9a2671ad..2e45c438d 100644 --- a/docs/api_reference/reference/v2.1.0/resources/case_tasks_add.yaml +++ b/docs/api_reference/reference/v2.1.0/resources/case_tasks_add.yaml @@ -135,7 +135,7 @@ post: message: task_assignee_id is not valid anymore since v1.5.0 status: error description: >- - This endpoint is deprecated. Use POST /api/v2/cases/{identifier}/tasks + This endpoint is deprecated. Use POST /api/v2/cases/{case_identifier}/tasks instead. deprecated: true requestBody: diff --git a/docs/api_reference/reference/v2.1.0/resources/manage_cases_delete_{case_id}.yaml b/docs/api_reference/reference/v2.1.0/resources/manage_cases_delete_{case_id}.yaml index fea7159db..778433713 100644 --- a/docs/api_reference/reference/v2.1.0/resources/manage_cases_delete_{case_id}.yaml +++ b/docs/api_reference/reference/v2.1.0/resources/manage_cases_delete_{case_id}.yaml @@ -71,7 +71,7 @@ post: status: error operationId: get-manage-cases-delete description: >- - This endpoint is deprecated. Use `DELETE /api/v2/cases/{identifier}` + This endpoint is deprecated. Use `DELETE /api/v2/cases/{case_identifier}` instead. deprecated: true security: diff --git a/docs/api_reference/reference/v2.1.0/resources/manage_cases_update_{case_id}.yaml b/docs/api_reference/reference/v2.1.0/resources/manage_cases_update_{case_id}.yaml index 03f17a65c..711124829 100644 --- a/docs/api_reference/reference/v2.1.0/resources/manage_cases_update_{case_id}.yaml +++ b/docs/api_reference/reference/v2.1.0/resources/manage_cases_update_{case_id}.yaml @@ -1,5 +1,7 @@ post: summary: Update a case + description: This endpoint is deprecated. Use PUT /api/v2/cases/{case_identifier} instead. + deprecated: true tags: - Cases responses: @@ -174,7 +176,6 @@ post: message: Tried to delete a non-existing case status: error operationId: get-manage-cases-update - description: 'Update informations of a case. ' security: - Bearer : [] parameters: [] diff --git a/docs/api_reference/reference/v2.1.0/resources/manage_event-categories_list.yaml b/docs/api_reference/reference/v2.1.0/resources/manage_event-categories_list.yaml new file mode 100644 index 000000000..7b6715868 --- /dev/null +++ b/docs/api_reference/reference/v2.1.0/resources/manage_event-categories_list.yaml @@ -0,0 +1,65 @@ +get: + summary: List event categories + description: Event categories + tags: + - Manage ioc tlp + operationId: manage_event-categories_list + responses: + '200': + description: OK + headers: {} + content: + application/json: + schema: + type: object + properties: + status: + type: string + message: + type: string + data: + type: array + items: + type: object + properties: + name: + type: string + id: + type: integer + examples: + example-1: + value: + status: success + message: '' + data: + - name: Unspecified + id: 1 + - name: Legitimate + id: 2 + - name: Remediation + id: 3 + - name: Initial Access + id: 4 + - name: Execution + id: 5 + - name: Persistence + id: 6 + - name: Privilege Escalation + id: 7 + - name: Defense Evasion + id: 8 + - name: Credential Access + id: 9 + - name: Discovery + id: 10 + - name: Lateral Movement + id: 11 + - name: Collection + id: 12 + - name: Command and Control + id: 13 + - name: Exfiltration + id: 14 + - name: Impact + id: 15 + diff --git a/docs/api_reference/reference/v2.1.0/resources/manage_severities_list.yaml b/docs/api_reference/reference/v2.1.0/resources/manage_severities_list.yaml new file mode 100644 index 000000000..710b0eeae --- /dev/null +++ b/docs/api_reference/reference/v2.1.0/resources/manage_severities_list.yaml @@ -0,0 +1,55 @@ +get: + summary: List case severities + description: 'List the case severities' + tags: + - Manage cases severities + operationId: get-severities-list + responses: + '200': + description: OK + headers: {} + content: + application/json: + schema: + type: object + properties: + status: + type: string + message: + type: string + data: + type: array + items: + type: object + properties: + severity_id: + $ref: ../schemas/case_severity_id.yaml + severity_name: + type: string + severity_description: + type: string + examples: + example-1: + value: + status: success + message: '' + data: + - severity_name: Medium + severity_description: Medium + severity_id: 1 + - severity_name: Unspecified + severity_description: Unspecified + severity_id: 2 + - severity_name: Informational + severity_description: Informational + severity_id: 3 + - severity_name: Low + severity_description: Low + severity_id: 4 + - severity_name: High + severity_description: High + severity_id: 5 + - severity_name: Critical + severity_description: Critical + severity_id: 6 + diff --git a/docs/api_reference/reference/v2.1.0/resources/manage_tlp_list.yaml b/docs/api_reference/reference/v2.1.0/resources/manage_tlp_list.yaml new file mode 100644 index 000000000..95c3239ca --- /dev/null +++ b/docs/api_reference/reference/v2.1.0/resources/manage_tlp_list.yaml @@ -0,0 +1,52 @@ +get: + summary: List IOC TLP values + description: IOC TPL ([Traffic Light Protocol](https://www.first.org/tlp)) values + tags: + - Manage ioc tlp + operationId: get-tlp-list + responses: + '200': + description: OK + headers: {} + content: + application/json: + schema: + type: object + properties: + status: + type: string + message: + type: string + data: + type: array + items: + type: object + properties: + tlp_name: + type: string + tlp_bscolor: + type: string + tlp_id: + type: integer + examples: + example-1: + value: + status: success + message: '' + data: + - tlp_name: danger + tlp_bscolor: red + tlp_id: 1 + - tlp_name: amber + tlp_bscolor: warning + tlp_id: 2 + - tlp_name: success + tlp_bscolor: green + tlp_id: 3 + - tlp_name: clear + tlp_bscolor: black + tlp_id: 4 + - tlp_name: amber+strict + tlp_bscolor: warning + tlp_id: 5 + diff --git a/docs/api_reference/reference/v2.1.0/schemas/Case.yaml b/docs/api_reference/reference/v2.1.0/schemas/Case.yaml index 31b1b177b..04fe5710b 100644 --- a/docs/api_reference/reference/v2.1.0/schemas/Case.yaml +++ b/docs/api_reference/reference/v2.1.0/schemas/Case.yaml @@ -4,7 +4,7 @@ properties: type: string case_description: type: string - case_customer: + case_customer_id: type: integer case_soc_id: type: string @@ -13,12 +13,9 @@ properties: case_id: type: integer severity_id: - type: integer + $ref: ../schemas/case_severity_id.yaml status_id: - type: integer - description: "The case status identifier. It can be one of the following 0: unknown, 1: false_positive, 2: true_positive_with_impact, 3: not_applicable, 4: true_positive_without_impact, 5: legitimate" - minimum: 0 - maximum: 5 + $ref: ../schemas/case_status_id.yaml state: type: object properties: @@ -51,6 +48,8 @@ properties: type: string user_id: type: integer + case_tags: + type: string open_date: type: string close_date: @@ -58,13 +57,13 @@ properties: closing_note: type: 'null' custom_attributes: - type: 'null' + type: object modification_history: type: object example: case_name: '#1065 - My Case API' case_description: A super nice description - case_customer: 1 + case_customer_id: 1 case_soc_id: SOC_154 case_uuid: 435e3f47-479e-4a3c-98df-8e28b01fd2bc case_id: 1065 @@ -84,10 +83,11 @@ example: user_login: user_std_1 user_email: user_std_1@iris.local user_id: 1 + case_tags: tag1,tag2 open_date: '2024-01-10' close_date: null closing_note: null - custom_attributes: null + custom_attributes: {} modification_history: '1704888196.578914': user: administrator diff --git a/docs/api_reference/reference/v2.1.0/schemas/case_severity_id.yaml b/docs/api_reference/reference/v2.1.0/schemas/case_severity_id.yaml new file mode 100644 index 000000000..f3d1b48bc --- /dev/null +++ b/docs/api_reference/reference/v2.1.0/schemas/case_severity_id.yaml @@ -0,0 +1,3 @@ +type: integer +description: "The case severity identifier. Possible values are listed by endpoint GET /manage/severities/list" + diff --git a/docs/api_reference/reference/v2.1.0/schemas/case_status_id.yaml b/docs/api_reference/reference/v2.1.0/schemas/case_status_id.yaml new file mode 100644 index 000000000..df5ec9a65 --- /dev/null +++ b/docs/api_reference/reference/v2.1.0/schemas/case_status_id.yaml @@ -0,0 +1,5 @@ +type: integer +description: "The case status identifier. It can be one of the following 0: unknown, 1: false_positive, 2: true_positive_with_impact, 3: not_applicable, 4: true_positive_without_impact, 5: legitimate" +minimum: 0 +maximum: 5 +