Skip to content

Commit 868667d

Browse files
Travis CI UserCI bot
Travis CI User
authored and
CI bot
committed
$MERGE_COMMIT_MESSAGE
2 parents e8115df + afd2c1f commit 868667d

File tree

1 file changed

+93
-5
lines changed

1 file changed

+93
-5
lines changed

alsdkdefs/apis/iris/iris.v3.yaml

Lines changed: 93 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -70,7 +70,6 @@ paths:
7070
incident_attack_class: string
7171
incident_escalated: string
7272
incident_sub_type: string
73-
iris_incident_version: number
7473
iris_notifications: boolean
7574
snooze_status:
7675
period_ms: number
@@ -357,7 +356,6 @@ paths:
357356
incident_attack_class: string
358357
incident_escalated: string
359358
incident_sub_type: string
360-
iris_incident_version: number
361359
iris_notifications: boolean
362360
snooze_status:
363361
period_ms: number
@@ -478,7 +476,6 @@ paths:
478476
incident_attack_class: string
479477
incident_escalated: string
480478
incident_sub_type: string
481-
iris_incident_version: number
482479
iris_notifications: boolean
483480
snooze_status:
484481
period_ms: number
@@ -615,7 +612,6 @@ paths:
615612
incident_attack_class: string
616613
incident_escalated: string
617614
incident_sub_type: string
618-
iris_incident_version: number
619615
iris_notifications: boolean
620616
snooze_status:
621617
period_ms: number
@@ -1002,7 +998,97 @@ paths:
1002998
$ref: '#/components/schemas/IncidentId'
1003999
name: incident_id
10041000
in: path
1005-
required: true
1001+
required: true
1002+
/iris/v3/incident_filters:
1003+
get:
1004+
summary: Get incident filters
1005+
tags:
1006+
- Console
1007+
responses:
1008+
'200':
1009+
description: OK
1010+
content:
1011+
application/json:
1012+
schema:
1013+
title: Incident Filters
1014+
type: object
1015+
properties:
1016+
class:
1017+
type: array
1018+
items:
1019+
type: string
1020+
detection_source:
1021+
type: array
1022+
items:
1023+
type: string
1024+
escalated:
1025+
type: array
1026+
items:
1027+
type: boolean
1028+
threat_level:
1029+
type: array
1030+
items:
1031+
type: string
1032+
required:
1033+
- class
1034+
- detection_source
1035+
- escalated
1036+
- threat_level
1037+
examples:
1038+
200 OK:
1039+
value:
1040+
class:
1041+
- web-log-analytics
1042+
- suspicious-activity
1043+
- brute-force
1044+
- application-attack
1045+
- recon
1046+
- trojan-activity
1047+
- policy-violation
1048+
- info-leak
1049+
- test
1050+
- base
1051+
- worm-activity
1052+
- defensive-action
1053+
- containment-action
1054+
- denial-of-service
1055+
- log-policy
1056+
- pending
1057+
- misconfiguration
1058+
- log-review
1059+
- 'authentication:activity'
1060+
- 'admin:activity'
1061+
detection_source:
1062+
- Network IDS
1063+
- GuardDuty
1064+
- Log Mgmt
1065+
- Web App IDS
1066+
- Web Log Analytics
1067+
- Log Review
1068+
- Correlated Log
1069+
- Firewall
1070+
- Manual
1071+
- N/A
1072+
escalated:
1073+
- true
1074+
- false
1075+
threat_level:
1076+
- Info
1077+
- Low
1078+
- Medium
1079+
- High
1080+
- Critical
1081+
'401':
1082+
description: Unauthorized
1083+
operationId: get_incident_filters
1084+
description: Fetch the fields and values used to filter incidents
1085+
security:
1086+
- X-AIMS-Auth-Token: []
1087+
x-code-samples:
1088+
- lang: Request Sample
1089+
source: |
1090+
curl -H "x-aims-auth-token: ${TOKEN}" -X GET https://api.cloudinsight.alertlogic.com/iris/v3/incident_filters
1091+
parameters: []
10061092
components:
10071093
schemas:
10081094
IncidentId:
@@ -1260,3 +1346,5 @@ tags:
12601346
description: Multiple account operations
12611347
- name: UI operations
12621348
description: IRIS operations available through the console
1349+
- name: Console
1350+
description: IRIS helpers available for console

0 commit comments

Comments
 (0)