From b7d6bee41f733ed84577ee067146fb1aa3787422 Mon Sep 17 00:00:00 2001 From: nitescuc <1108077+nitescuc@users.noreply.github.com> Date: Wed, 18 Mar 2026 08:48:08 +0000 Subject: [PATCH] Update python SDK 1.116.0 --- crowdsec_tracker_api/__init__.py | 9 +- .../__pycache__/base_model.cpython-311.pyc | Bin 4407 -> 4407 bytes .../__pycache__/http_client.cpython-311.pyc | Bin 7797 -> 7797 bytes crowdsec_tracker_api/models.py | 105 +++++++++++++++--- .../__pycache__/__init__.cpython-311.pyc | Bin 236 -> 236 bytes crowdsec_tracker_api/services/cves.py | 2 +- crowdsec_tracker_api/services/fingerprints.py | 2 +- crowdsec_tracker_api/services/integrations.py | 2 +- crowdsec_tracker_api/services/products.py | 6 +- crowdsec_tracker_api/services/tags.py | 6 +- crowdsec_tracker_api/services/vendors.py | 26 ++++- doc/Models.md | 67 ++++++++--- doc/Products.md | 2 +- doc/README.md | 14 ++- doc/Tags.md | 2 +- doc/Vendors.md | 38 ++++++- let-openapi.json | 2 +- pyproject.toml | 2 +- 18 files changed, 232 insertions(+), 53 deletions(-) diff --git a/crowdsec_tracker_api/__init__.py b/crowdsec_tracker_api/__init__.py index 1fb352c..f2d2900 100644 --- a/crowdsec_tracker_api/__init__.py +++ b/crowdsec_tracker_api/__init__.py @@ -41,7 +41,7 @@ class Server(Enum): 'AllowlistSubscription', 'AttackDetail', 'Behavior', - 'CVEEvent', + 'CVEEventOutput', 'CVEResponseBase', 'CVEsubscription', 'CWE', @@ -49,6 +49,7 @@ class Server(Enum): 'Classifications', 'EntityType', 'ExploitationPhase', + 'FingerprintEventOutput', 'FingerprintRuleResponse', 'FingerprintRuleSummary', 'FingerprintTimelineItem', @@ -70,8 +71,8 @@ class Server(Enum): 'LookupImpactCVEItem', 'LookupImpactFingerprintItem', 'LookupImpactResponsePage', - 'LookupListItem', - 'LookupListResponsePage', + 'LookupListItemWithStats', + 'LookupListWithStatsResponsePage', 'MitreTechnique', 'Reference', 'ScoreBreakdown', @@ -80,6 +81,8 @@ class Server(Enum): 'SubscribeCVEIntegrationRequest', 'SubscribeFingerprintIntegrationRequest', 'TimelineItem', + 'TopProductItem', + 'VendorStatsResponse', 'ApiKeyAuth', 'Server', 'Page' diff --git a/crowdsec_tracker_api/__pycache__/base_model.cpython-311.pyc b/crowdsec_tracker_api/__pycache__/base_model.cpython-311.pyc index a48f15d154982d0e684afc810c60b74f0dc1dd88..837ea4004bf17e0ed7beea1d2f3c0ec34419b5c5 100644 GIT binary patch delta 27 hcmdn4v|WjNIWI340}yOa+qIF~i delta 27 hcmdn4v|WjNIWI340}!y^oV$_Ri -# timestamp: 2026-02-24T17:00:06+00:00 +# timestamp: 2026-03-18T08:48:04+00:00 from __future__ import annotations @@ -142,13 +142,12 @@ class Behavior(BaseModelSdk): ] -class CVEEvent(BaseModelSdk): - date: Annotated[datetime, Field(description='Date of the event', title='Date')] - description: Annotated[ - str, Field(description='Description of the event', title='Description') - ] - label: Annotated[str, Field(description='Label of the event', title='Label')] - name: Annotated[str, Field(description='Name of the event', title='Name')] +class CVEEventOutput(BaseModelSdk): + name: Annotated[str, Field(title='Name')] + date: Annotated[str, Field(title='Date')] + description: Annotated[str, Field(title='Description')] + label: Annotated[str, Field(title='Label')] + sorting_priority: Annotated[int, Field(title='Sorting Priority')] class CvssScore(RootModelSdk[float]): @@ -212,6 +211,13 @@ class ExploitationPhase(BaseModelSdk): ] +class FingerprintEventOutput(BaseModelSdk): + name: Annotated[str, Field(title='Name')] + date: Annotated[str, Field(title='Date')] + description: Annotated[str, Field(title='Description')] + label: Annotated[str, Field(title='Label')] + + class FingerprintRuleResponse(BaseModelSdk): id: Annotated[str, Field(description='Fingerprint rule identifier', title='Id')] name: Annotated[str, Field(description='Fingerprint rule name', title='Name')] @@ -290,7 +296,7 @@ class FingerprintRuleResponse(BaseModelSdk): ), ] = None events: Annotated[ - Optional[List[CVEEvent]], + Optional[List[FingerprintEventOutput]], Field( description='List of events related to the fingerprint rule', title='Events' ), @@ -459,7 +465,7 @@ class GetCVEResponse(BaseModelSdk): Field(description='List of CWEs associated with the CVE', title='Cwes'), ] events: Annotated[ - Optional[List[CVEEvent]], + Optional[List[CVEEventOutput]], Field(description='List of events related to the CVE', title='Events'), ] = None @@ -674,7 +680,7 @@ class LookupImpactCVEItem(BaseModelSdk): Field(description='List of CWEs associated with the CVE', title='Cwes'), ] events: Annotated[ - Optional[List[CVEEvent]], + Optional[List[CVEEventOutput]], Field(description='List of events related to the CVE', title='Events'), ] = None type: Annotated[ @@ -760,7 +766,7 @@ class LookupImpactFingerprintItem(BaseModelSdk): ), ] = None events: Annotated[ - Optional[List[CVEEvent]], + Optional[List[FingerprintEventOutput]], Field( description='List of events related to the fingerprint rule', title='Events' ), @@ -786,12 +792,31 @@ class LookupImpactResponsePage(BaseModelSdk): links: Links -class LookupListItem(BaseModelSdk): +class LookupListItemWithStats(BaseModelSdk): value: Annotated[str, Field(description='Lookup entry value', title='Value')] + nb_cves: Annotated[ + Optional[int], Field(description='Number of CVEs', ge=0, title='Nb Cves') + ] = 0 + nb_fingerprints: Annotated[ + Optional[int], + Field(description='Number of fingerprint rules', ge=0, title='Nb Fingerprints'), + ] = 0 + nb_ips_cves: Annotated[ + Optional[int], + Field(description='Number of IPs across CVEs', ge=0, title='Nb Ips Cves'), + ] = 0 + nb_ips_fingerprints: Annotated[ + Optional[int], + Field( + description='Number of IPs across fingerprint rules', + ge=0, + title='Nb Ips Fingerprints', + ), + ] = 0 -class LookupListResponsePage(BaseModelSdk): - items: Annotated[List[LookupListItem], Field(title='Items')] +class LookupListWithStatsResponsePage(BaseModelSdk): + items: Annotated[List[LookupListItemWithStats], Field(title='Items')] total: Annotated[int, Field(ge=0, title='Total')] page: Annotated[int, Field(ge=1, title='Page')] size: Annotated[int, Field(ge=1, title='Size')] @@ -866,6 +891,52 @@ class TimelineItem(BaseModelSdk): ] +class TopProductItem(BaseModelSdk): + value: Annotated[str, Field(description='Product name', title='Value')] + nb_ips_cves: Annotated[ + Optional[int], + Field(description='Number of IPs across CVEs', ge=0, title='Nb Ips Cves'), + ] = 0 + nb_ips_fingerprints: Annotated[ + Optional[int], + Field( + description='Number of IPs across fingerprint rules', + ge=0, + title='Nb Ips Fingerprints', + ), + ] = 0 + + +class VendorStatsResponse(BaseModelSdk): + value: Annotated[str, Field(description='Vendor name', title='Value')] + nb_cves: Annotated[ + Optional[int], Field(description='Number of CVEs', ge=0, title='Nb Cves') + ] = 0 + nb_fingerprints: Annotated[ + Optional[int], + Field(description='Number of fingerprint rules', ge=0, title='Nb Fingerprints'), + ] = 0 + nb_ips_cves: Annotated[ + Optional[int], + Field(description='Number of IPs across CVEs', ge=0, title='Nb Ips Cves'), + ] = 0 + nb_ips_fingerprints: Annotated[ + Optional[int], + Field( + description='Number of IPs across fingerprint rules', + ge=0, + title='Nb Ips Fingerprints', + ), + ] = 0 + top_products: Annotated[ + Optional[List[TopProductItem]], + Field( + description='Top products for this vendor sorted by total IPs descending', + title='Top Products', + ), + ] = None + + class IntegrationsGetIntegrationsQueryParameters(BaseModelSdk): tag: Annotated[ Optional[List[str]], @@ -1063,6 +1134,10 @@ class VendorsGetVendorsQueryParameters(BaseModelSdk): ] = 50 +class VendorsGetVendorStatsPathParameters(BaseModelSdk): + vendor: Annotated[str, Field(title='Vendor')] + + class VendorsGetVendorImpactQueryParameters(BaseModelSdk): sort_by: Annotated[ Optional[GetCVEsSortBy], Field(description='Field to sort by', title='Sort By') diff --git a/crowdsec_tracker_api/services/__pycache__/__init__.cpython-311.pyc b/crowdsec_tracker_api/services/__pycache__/__init__.cpython-311.pyc index 031bdb7d0eae45a1fed0bcf1318710282ae9beff..7c5d83f844fb7115e73a18da58112a4f66cf8d2a 100644 GIT binary patch delta 24 ecmaFE_=b^tIWI340}yOa+cl9phS79lMhgH}lm{~a delta 24 ecmaFE_=b^tIWI340}!y^oI8;_hS6kVMhgH_c?Q@3 diff --git a/crowdsec_tracker_api/services/cves.py b/crowdsec_tracker_api/services/cves.py index 0ca4437..ca63f3c 100644 --- a/crowdsec_tracker_api/services/cves.py +++ b/crowdsec_tracker_api/services/cves.py @@ -11,7 +11,7 @@ class Cves(Service): def __init__(self, auth: Auth, base_url: str = "https://admin.api.crowdsec.net/v1") -> None: - super().__init__(base_url=base_url, auth=auth, user_agent="crowdsec_tracker_api/1.108.1") + super().__init__(base_url=base_url, auth=auth, user_agent="crowdsec_tracker_api/1.116.0") def get_cves( self, diff --git a/crowdsec_tracker_api/services/fingerprints.py b/crowdsec_tracker_api/services/fingerprints.py index aa7861c..45f5cfa 100644 --- a/crowdsec_tracker_api/services/fingerprints.py +++ b/crowdsec_tracker_api/services/fingerprints.py @@ -11,7 +11,7 @@ class Fingerprints(Service): def __init__(self, auth: Auth, base_url: str = "https://admin.api.crowdsec.net/v1") -> None: - super().__init__(base_url=base_url, auth=auth, user_agent="crowdsec_tracker_api/1.108.1") + super().__init__(base_url=base_url, auth=auth, user_agent="crowdsec_tracker_api/1.116.0") def get_fingerprint_rules( self, diff --git a/crowdsec_tracker_api/services/integrations.py b/crowdsec_tracker_api/services/integrations.py index 46ed4a7..0697b01 100644 --- a/crowdsec_tracker_api/services/integrations.py +++ b/crowdsec_tracker_api/services/integrations.py @@ -11,7 +11,7 @@ class Integrations(Service): def __init__(self, auth: Auth, base_url: str = "https://admin.api.crowdsec.net/v1") -> None: - super().__init__(base_url=base_url, auth=auth, user_agent="crowdsec_tracker_api/1.108.1") + super().__init__(base_url=base_url, auth=auth, user_agent="crowdsec_tracker_api/1.116.0") def get_integrations( self, diff --git a/crowdsec_tracker_api/services/products.py b/crowdsec_tracker_api/services/products.py index 4c18648..c11161e 100644 --- a/crowdsec_tracker_api/services/products.py +++ b/crowdsec_tracker_api/services/products.py @@ -11,14 +11,14 @@ class Products(Service): def __init__(self, auth: Auth, base_url: str = "https://admin.api.crowdsec.net/v1") -> None: - super().__init__(base_url=base_url, auth=auth, user_agent="crowdsec_tracker_api/1.108.1") + super().__init__(base_url=base_url, auth=auth, user_agent="crowdsec_tracker_api/1.116.0") def get_products( self, query: Optional[str] = None, page: int = 1, size: int = 50, - )-> LookupListResponsePage: + )-> LookupListWithStatsResponsePage: endpoint_url = "/products" loc = locals() headers = {} @@ -33,7 +33,7 @@ def get_products( url=endpoint_url, path_params=path_params, params=params, headers=headers ) - return LookupListResponsePage(_client=self, **response.json()) + return LookupListWithStatsResponsePage(_client=self, **response.json()) def get_product_impact( self, diff --git a/crowdsec_tracker_api/services/tags.py b/crowdsec_tracker_api/services/tags.py index 891fba5..5b2e62f 100644 --- a/crowdsec_tracker_api/services/tags.py +++ b/crowdsec_tracker_api/services/tags.py @@ -11,14 +11,14 @@ class Tags(Service): def __init__(self, auth: Auth, base_url: str = "https://admin.api.crowdsec.net/v1") -> None: - super().__init__(base_url=base_url, auth=auth, user_agent="crowdsec_tracker_api/1.108.1") + super().__init__(base_url=base_url, auth=auth, user_agent="crowdsec_tracker_api/1.116.0") def get_tags( self, query: Optional[str] = None, page: int = 1, size: int = 50, - )-> LookupListResponsePage: + )-> LookupListWithStatsResponsePage: endpoint_url = "/tags" loc = locals() headers = {} @@ -33,7 +33,7 @@ def get_tags( url=endpoint_url, path_params=path_params, params=params, headers=headers ) - return LookupListResponsePage(_client=self, **response.json()) + return LookupListWithStatsResponsePage(_client=self, **response.json()) def get_tag_impact( self, diff --git a/crowdsec_tracker_api/services/vendors.py b/crowdsec_tracker_api/services/vendors.py index 6058dc9..922ca1a 100644 --- a/crowdsec_tracker_api/services/vendors.py +++ b/crowdsec_tracker_api/services/vendors.py @@ -11,14 +11,14 @@ class Vendors(Service): def __init__(self, auth: Auth, base_url: str = "https://admin.api.crowdsec.net/v1") -> None: - super().__init__(base_url=base_url, auth=auth, user_agent="crowdsec_tracker_api/1.108.1") + super().__init__(base_url=base_url, auth=auth, user_agent="crowdsec_tracker_api/1.116.0") def get_vendors( self, query: Optional[str] = None, page: int = 1, size: int = 50, - )-> LookupListResponsePage: + )-> LookupListWithStatsResponsePage: endpoint_url = "/vendors" loc = locals() headers = {} @@ -33,7 +33,27 @@ def get_vendors( url=endpoint_url, path_params=path_params, params=params, headers=headers ) - return LookupListResponsePage(_client=self, **response.json()) + return LookupListWithStatsResponsePage(_client=self, **response.json()) + + def get_vendor_stats( + self, + vendor: str, + )-> VendorStatsResponse: + endpoint_url = "/vendors/{vendor}/stats" + loc = locals() + headers = {} + params = {} + path_params = json.loads( + VendorsGetVendorStatsPathParameters(**loc).model_dump_json( + exclude_none=True + ) + ) + + response = self.http_client.get( + url=endpoint_url, path_params=path_params, params=params, headers=headers + ) + + return VendorStatsResponse(**response.json()) def get_vendor_impact( self, diff --git a/doc/Models.md b/doc/Models.md index 9909bfb..ad9d5ef 100644 --- a/doc/Models.md +++ b/doc/Models.md @@ -241,16 +241,17 @@ name, label, description | label | str | Behavior label || | description | str | Behavior description || -# **CVEEvent** +# **CVEEventOutput** ## Required: -date, description, label, name +name, date, description, label, sorting_priority ## Properties | Property | Type | Description | Example | |----------|------|-------------|---------| -| date | str | Date of the event || -| description | str | Description of the event || -| label | str | Label of the event || -| name | str | Name of the event || +| name | str | None || +| date | str | None || +| description | str | None || +| label | str | None || +| sorting_priority | int | None || # **CVEResponseBase** ## Required: @@ -324,6 +325,17 @@ name, label, description | label | str | Label of the exploitation phase || | description | str | Description of the exploitation phase || +# **FingerprintEventOutput** +## Required: +name, date, description, label +## Properties +| Property | Type | Description | Example | +|----------|------|-------------|---------| +| name | str | None || +| date | str | None || +| description | str | None || +| label | str | None || + # **FingerprintRuleResponse** ## Required: id, name, title, affected_components, crowdsec_score, nb_ips, exploitation_phase @@ -348,7 +360,7 @@ id, name, title, affected_components, crowdsec_score, nb_ips, exploitation_phase | description | Optional[str] | Fingerprint rule description || | references | list[str] | Reference links for the fingerprint rule || | crowdsec_analysis | Optional[str] | CrowdSec analysis for this fingerprint rule || -| events | list[CVEEvent] | List of events related to the fingerprint rule || +| events | list[FingerprintEventOutput] | List of events related to the fingerprint rule || # **FingerprintRuleSummary** ## Required: @@ -420,7 +432,7 @@ id, name, title, affected_components, crowdsec_score, nb_ips, published_date, ha | description | str | Description of the CVE || | crowdsec_analysis | Optional[str] | CrowdSec analysis of the CVE || | cwes | list[CWE] | List of CWEs associated with the CVE || -| events | list[CVEEvent] | List of events related to the CVE || +| events | list[CVEEventOutput] | List of events related to the CVE || # **GetCVESubscribedIntegrationsResponsePage** ## Required: @@ -604,7 +616,7 @@ id, name, title, affected_components, crowdsec_score, nb_ips, published_date, ha | description | str | Description of the CVE || | crowdsec_analysis | Optional[str] | CrowdSec analysis of the CVE || | cwes | list[CWE] | List of CWEs associated with the CVE || -| events | list[CVEEvent] | List of events related to the CVE || +| events | list[CVEEventOutput] | List of events related to the CVE || | type | str | Resource type || # **LookupImpactFingerprintItem** @@ -631,7 +643,7 @@ id, name, title, affected_components, crowdsec_score, nb_ips, exploitation_phase | description | Optional[str] | Fingerprint rule description || | references | list[str] | Reference links for the fingerprint rule || | crowdsec_analysis | Optional[str] | CrowdSec analysis for this fingerprint rule || -| events | list[CVEEvent] | List of events related to the fingerprint rule || +| events | list[FingerprintEventOutput] | List of events related to the fingerprint rule || | type | str | Resource type || # **LookupImpactResponsePage** @@ -647,21 +659,25 @@ items, total, page, size, pages, links | pages | int | None || | links | Links | None || -# **LookupListItem** +# **LookupListItemWithStats** ## Required: value ## Properties | Property | Type | Description | Example | |----------|------|-------------|---------| | value | str | Lookup entry value || +| nb_cves | int | Number of CVEs || +| nb_fingerprints | int | Number of fingerprint rules || +| nb_ips_cves | int | Number of IPs across CVEs || +| nb_ips_fingerprints | int | Number of IPs across fingerprint rules || -# **LookupListResponsePage** +# **LookupListWithStatsResponsePage** ## Required: items, total, page, size, pages, links ## Properties | Property | Type | Description | Example | |----------|------|-------------|---------| -| items | list[LookupListItem] | None || +| items | list[LookupListItemWithStats] | None || | total | int | None || | page | int | None || | size | int | None || @@ -736,4 +752,27 @@ timestamp, count | Property | Type | Description | Example | |----------|------|-------------|---------| | timestamp | str | Timestamp of the timeline event || -| count | int | Count of occurrences at the timestamp || \ No newline at end of file +| count | int | Count of occurrences at the timestamp || + +# **TopProductItem** +## Required: +value +## Properties +| Property | Type | Description | Example | +|----------|------|-------------|---------| +| value | str | Product name || +| nb_ips_cves | int | Number of IPs across CVEs || +| nb_ips_fingerprints | int | Number of IPs across fingerprint rules || + +# **VendorStatsResponse** +## Required: +value +## Properties +| Property | Type | Description | Example | +|----------|------|-------------|---------| +| value | str | Vendor name || +| nb_cves | int | Number of CVEs || +| nb_fingerprints | int | Number of fingerprint rules || +| nb_ips_cves | int | Number of IPs across CVEs || +| nb_ips_fingerprints | int | Number of IPs across fingerprint rules || +| top_products | list[TopProductItem] | Top products for this vendor sorted by total IPs descending || \ No newline at end of file diff --git a/doc/Products.md b/doc/Products.md index 945b3e5..90f8cba 100644 --- a/doc/Products.md +++ b/doc/Products.md @@ -18,7 +18,7 @@ | page | int | Page number | False | 1 | | size | int | Page size | False | 50 | ### Returns: -[LookupListResponsePage](./Models.md#lookuplistresponsepage) +[LookupListWithStatsResponsePage](./Models.md#lookuplistwithstatsresponsepage) ### Errors: | Code | Description | | ---- | ----------- | diff --git a/doc/README.md b/doc/README.md index 1127917..c4b7718 100644 --- a/doc/README.md +++ b/doc/README.md @@ -69,7 +69,7 @@ You can find a Quickstart about this SDK, following this [documentation](https:/ [Behavior](./Models.md#behavior) -[CVEEvent](./Models.md#cveevent) +[CVEEventOutput](./Models.md#cveeventoutput) [CVEResponseBase](./Models.md#cveresponsebase) @@ -85,6 +85,8 @@ You can find a Quickstart about this SDK, following this [documentation](https:/ [ExploitationPhase](./Models.md#exploitationphase) +[FingerprintEventOutput](./Models.md#fingerprinteventoutput) + [FingerprintRuleResponse](./Models.md#fingerprintruleresponse) [FingerprintRuleSummary](./Models.md#fingerprintrulesummary) @@ -127,9 +129,9 @@ You can find a Quickstart about this SDK, following this [documentation](https:/ [LookupImpactResponsePage](./Models.md#lookupimpactresponsepage) -[LookupListItem](./Models.md#lookuplistitem) +[LookupListItemWithStats](./Models.md#lookuplistitemwithstats) -[LookupListResponsePage](./Models.md#lookuplistresponsepage) +[LookupListWithStatsResponsePage](./Models.md#lookuplistwithstatsresponsepage) [MitreTechnique](./Models.md#mitretechnique) @@ -145,4 +147,8 @@ You can find a Quickstart about this SDK, following this [documentation](https:/ [SubscribeFingerprintIntegrationRequest](./Models.md#subscribefingerprintintegrationrequest) -[TimelineItem](./Models.md#timelineitem) \ No newline at end of file +[TimelineItem](./Models.md#timelineitem) + +[TopProductItem](./Models.md#topproductitem) + +[VendorStatsResponse](./Models.md#vendorstatsresponse) \ No newline at end of file diff --git a/doc/Tags.md b/doc/Tags.md index afca4ce..9f020c5 100644 --- a/doc/Tags.md +++ b/doc/Tags.md @@ -18,7 +18,7 @@ | page | int | Page number | False | 1 | | size | int | Page size | False | 50 | ### Returns: -[LookupListResponsePage](./Models.md#lookuplistresponsepage) +[LookupListWithStatsResponsePage](./Models.md#lookuplistwithstatsresponsepage) ### Errors: | Code | Description | | ---- | ----------- | diff --git a/doc/Vendors.md b/doc/Vendors.md index 67129ed..4e4ee4c 100644 --- a/doc/Vendors.md +++ b/doc/Vendors.md @@ -4,6 +4,7 @@ | Method | Description | | ------ | ----------- | | [get_vendors](#get_vendors) | Get a paginated list of vendors | +| [get_vendor_stats](#get_vendor_stats) | Get statistics for a vendor including CVE/fingerprint counts, IP counts, and top affected products | | [get_vendor_impact](#get_vendor_impact) | Get CVE and fingerprint rules affecting a vendor | ## **get_vendors** @@ -18,7 +19,7 @@ | page | int | Page number | False | 1 | | size | int | Page size | False | 50 | ### Returns: -[LookupListResponsePage](./Models.md#lookuplistresponsepage) +[LookupListWithStatsResponsePage](./Models.md#lookuplistwithstatsresponsepage) ### Errors: | Code | Description | | ---- | ----------- | @@ -45,6 +46,41 @@ except HTTPStatusError as e: ``` +## **get_vendor_stats** +### Get statistics for a vendor including CVE/fingerprint counts, IP counts, and top affected products +- Endpoint: `/vendors/{vendor}/stats` +- Method: `GET` + +### Parameters: +| Parameter | Type | Description | Required | Default | +| --------- | ---- | ----------- | -------- | ------- | +| vendor | str | | True | | +### Returns: +[VendorStatsResponse](./Models.md#vendorstatsresponse) +### Errors: +| Code | Description | +| ---- | ----------- | +| 422 | Validation Error | +### Usage + +```python +from crowdsec_tracker_api import ( + Vendors, + ApiKeyAuth, +) +from httpx import HTTPStatusError +auth = ApiKeyAuth(api_key='your_api_key') +client = Vendors(auth=auth) +try: + response = client.get_vendor_stats( + vendor='vendor', + ) + print(response) +except HTTPStatusError as e: + print(f"An error occurred: {e.response.status_code} - {e.response.text}") +``` + + ## **get_vendor_impact** ### Get CVE and fingerprint rules affecting a vendor - Endpoint: `/vendors/{vendor}` diff --git a/let-openapi.json b/let-openapi.json index 1fee82c..743cb24 100644 --- a/let-openapi.json +++ b/let-openapi.json @@ -1 +1 @@ -{"openapi": "3.1.0", "info": {"title": "LET API", "description": "This is the API to manage Crowdsec Live Exploit Tracker service", "contact": {"name": "CrowdSec", "url": "https://crowdsec.net/", "email": "info@crowdsec.net"}, "version": "1.108.1"}, "paths": {"/integrations": {"post": {"tags": ["Integrations"], "summary": "Create Integration", "description": "Create an integration to a firewall or remediation component, owned by your organization. The name should be unique within the organization. This operation is submitted to quotas.", "operationId": "createIntegration", "requestBody": {"required": true, "content": {"application/json": {"schema": {"$ref": "#/components/schemas/IntegrationCreateRequest"}}}}, "responses": {"201": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/IntegrationCreateResponse"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}, "get": {"tags": ["Integrations"], "summary": "Get Integrations", "description": "Get integrations owned by your organization", "operationId": "getIntegrations", "parameters": [{"name": "tag", "in": "query", "required": false, "schema": {"anyOf": [{"type": "array", "items": {"type": "string"}}, {"type": "null"}], "description": "List of tags associated with the integrations (any of)", "title": "Tag"}, "description": "List of tags associated with the integrations (any of)"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/IntegrationGetResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/integrations/{integration_id}": {"get": {"tags": ["Integrations"], "summary": "Get Integration", "description": "Get an integration by ID", "operationId": "getIntegration", "parameters": [{"name": "integration_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Integration Id"}}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/IntegrationGetResponse"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}, "patch": {"tags": ["Integrations"], "summary": "Update Integration", "description": "Update the integration details", "operationId": "updateIntegration", "parameters": [{"name": "integration_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Integration Id"}}], "requestBody": {"required": true, "content": {"application/json": {"schema": {"$ref": "#/components/schemas/IntegrationUpdateRequest"}}}}, "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/IntegrationUpdateResponse"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}, "delete": {"tags": ["Integrations"], "summary": "Delete Integration", "description": "Delete the integration by ID", "operationId": "deleteIntegration", "parameters": [{"name": "integration_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Integration Id"}}, {"name": "force", "in": "query", "required": false, "schema": {"type": "boolean", "description": "Force delete the integration even if it has active subscriptions (it will unsubscribe from all lists)", "default": false, "title": "Force"}, "description": "Force delete the integration even if it has active subscriptions (it will unsubscribe from all lists)"}], "responses": {"204": {"description": "Successful Response"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/integrations/{integration_id}/content": {"head": {"tags": ["Integrations"], "summary": "Head Integration Content", "description": "Check if the integration has content", "operationId": "headIntegrationContent", "parameters": [{"name": "integration_id", "in": "path", "required": true, "schema": {"type": "string", "format": "ObjectId", "examples": ["5f9d88b9e5c4f5b9a3d3e8b1"], "title": "Integration Id"}}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {}}}}, "404": {"description": "Integration not found"}, "204": {"description": "Integration has no subscribed blocklists or no content available"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}, "get": {"tags": ["Integrations"], "summary": "Get Integration Content", "description": "Get the ips associated to the integration in plain text format. The content can be paginated to accomodate limits in firewalls.", "operationId": "getIntegrationContent", "parameters": [{"name": "integration_id", "in": "path", "required": true, "schema": {"type": "string", "format": "ObjectId", "examples": ["5f9d88b9e5c4f5b9a3d3e8b1"], "title": "Integration Id"}}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number to return", "default": 1, "title": "Page"}, "description": "Page number to return"}, {"name": "page_size", "in": "query", "required": false, "schema": {"anyOf": [{"type": "integer", "minimum": 10000}, {"type": "null"}], "description": "Maximum number of items to return, 0 means no limit (default), should be greater than 10000", "title": "Page Size"}, "description": "Maximum number of items to return, 0 means no limit (default), should be greater than 10000"}, {"name": "pull_limit", "in": "query", "required": false, "schema": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Pull Limit"}}, {"name": "enable_ip_aggregation", "in": "query", "required": false, "schema": {"type": "boolean", "default": false, "title": "Enable Ip Aggregation"}}], "responses": {"200": {"description": "Successful Response", "content": {"text/plain": {"schema": {"type": "string"}}}}, "404": {"description": "Integration not found"}, "204": {"description": "Integration has no subscribed blocklists or no content available"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/integrations/{integration_id}/v1/decisions/stream": {"get": {"tags": ["Integrations"], "summary": "Get Integration Content Stream", "description": "Get the ips associated to the integration in a format compatible with a remediation component. As for the remediation components, you can fetch the full content with startup=true or only the changes since the last pull", "operationId": "getIntegrationContentStream", "parameters": [{"name": "integration_id", "in": "path", "required": true, "schema": {"type": "string", "format": "ObjectId", "examples": ["5f9d88b9e5c4f5b9a3d3e8b1"], "title": "Integration Id"}}, {"name": "startup", "in": "query", "required": false, "schema": {"type": "boolean", "description": "Set to true if it's the first run to fetch all the content, otherwise only changes since the last pull.", "default": false, "title": "Startup"}, "description": "Set to true if it's the first run to fetch all the content, otherwise only changes since the last pull."}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {}}}}, "404": {"description": "Integration not found"}, "204": {"description": "Integration has no subscribed blocklists or no content available"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/cves": {"get": {"tags": ["Cves"], "summary": "Get list of CVEs CrowdSec is tracking", "description": "Get a paginated list of CVEs that CrowdSec is tracking", "operationId": "getCves", "parameters": [{"name": "query", "in": "query", "required": false, "schema": {"anyOf": [{"type": "string"}, {"type": "null"}], "description": "Search query for CVEs", "title": "Query"}, "description": "Search query for CVEs"}, {"name": "sort_by", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortBy"}, {"type": "null"}], "description": "Field to sort by", "default": "rule_release_date", "title": "Sort By"}, "description": "Field to sort by"}, {"name": "sort_order", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortOrder"}, {"type": "null"}], "description": "Sort order: ascending or descending", "default": "desc", "title": "Sort Order"}, "description": "Sort order: ascending or descending"}, {"name": "filters", "in": "query", "required": false, "schema": {"anyOf": [{"type": "array", "items": {"$ref": "#/components/schemas/GetCVEsFilterBy"}}, {"type": "null"}], "description": "Filters to apply on the CVE list", "title": "Filters"}, "description": "Filters to apply on the CVE list"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/GetCVEsResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/cves/{cve_id}": {"get": {"tags": ["Cves"], "summary": "Get CVE ID informations", "description": "Get information about a specific CVE ID", "operationId": "getCve", "parameters": [{"name": "cve_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Cve Id"}}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/GetCVEResponse"}}}}, "404": {"description": "CVE Not Found"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/cves/{cve_id}/ips-download": {"get": {"tags": ["Cves"], "summary": "Download IPs exploiting a CVE ID (raw)", "description": "Download the list of IPs exploiting a specific CVE ID in raw format", "operationId": "downloadCveIps", "parameters": [{"name": "cve_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Cve Id"}}], "responses": {"200": {"description": "Successful Response", "content": {"text/plain": {"schema": {"type": "string"}}}}, "404": {"description": "CVE Not Found"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/cves/{cve_id}/ips-details": {"get": {"tags": ["Cves"], "summary": "Get IPs details exploiting a CVE ID", "description": "Get detailed information about IPs exploiting a specific CVE ID", "operationId": "getCveIpsDetails", "parameters": [{"name": "cve_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Cve Id"}}, {"name": "since", "in": "query", "required": false, "schema": {"anyOf": [{"type": "string", "pattern": "^\\d+[hd]$"}, {"type": "null"}], "description": "Filter IPs seen since this date, format duration (e.g., 7d, 24h), default to 14d", "default": "14d", "title": "Since"}, "description": "Filter IPs seen since this date, format duration (e.g., 7d, 24h), default to 14d"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/GetCVEIPsResponsePage"}}}}, "404": {"description": "CVE Not Found"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/cves/{cve_id}/integrations": {"post": {"tags": ["Cves"], "summary": "Subscribe an integration to a CVE ID", "description": "Subscribe an integration to receive threats related to a specific CVE ID", "operationId": "subscribeIntegrationToCve", "parameters": [{"name": "cve_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Cve Id"}}], "requestBody": {"required": true, "content": {"application/json": {"schema": {"$ref": "#/components/schemas/SubscribeCVEIntegrationRequest"}}}}, "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {}}}}, "404": {"description": "Integration Not Found"}, "400": {"description": "CVE Already Subscribed"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}, "get": {"tags": ["Cves"], "summary": "Get subscribed integrations for a CVE ID", "description": "Get the list of integrations subscribed to a specific CVE ID", "operationId": "getCveSubscribedIntegrations", "parameters": [{"name": "cve_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Cve Id"}}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/GetCVESubscribedIntegrationsResponsePage"}}}}, "404": {"description": "CVE Not Found"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/cves/{cve_id}/integrations/{integration_name}": {"delete": {"tags": ["Cves"], "summary": "Unsubscribe an integration from a CVE ID", "description": "Unsubscribe an integration from receiving threats related to a specific CVE ID", "operationId": "unsubscribeIntegrationFromCve", "parameters": [{"name": "cve_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Cve Id"}}, {"name": "integration_name", "in": "path", "required": true, "schema": {"type": "string", "title": "Integration Name"}}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {}}}}, "404": {"description": "Integration Not Found"}, "400": {"description": "CVE Already Unsubscribed"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/cves/{cve_id}/timeline": {"get": {"tags": ["Cves"], "summary": "Get timeline data for a CVE ID", "description": "Get timeline data of occurrences for a specific CVE ID", "operationId": "getCveTimeline", "parameters": [{"name": "cve_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Cve Id"}}, {"name": "since_days", "in": "query", "required": false, "schema": {"$ref": "#/components/schemas/SinceOptions", "description": "Time range for the timeline data (in days). Options: 1 (1 day), 7 (1 week), 30 (1 month). Default is 7 days.", "default": 7}, "description": "Time range for the timeline data (in days). Options: 1 (1 day), 7 (1 week), 30 (1 month). Default is 7 days."}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"type": "array", "items": {"$ref": "#/components/schemas/TimelineItem"}, "title": "Response Getcvetimeline"}}}}, "404": {"description": "CVE Not Found"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/vendors": {"get": {"tags": ["Vendors"], "summary": "Get list of vendors", "description": "Get a paginated list of vendors", "operationId": "getVendors", "parameters": [{"name": "query", "in": "query", "required": false, "schema": {"anyOf": [{"type": "string"}, {"type": "null"}], "description": "Search query for vendors", "title": "Query"}, "description": "Search query for vendors"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/LookupListResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/vendors/{vendor}": {"get": {"tags": ["Vendors"], "summary": "Get vendor impact", "description": "Get CVE and fingerprint rules affecting a vendor", "operationId": "getVendorImpact", "parameters": [{"name": "vendor", "in": "path", "required": true, "schema": {"type": "string", "title": "Vendor"}}, {"name": "sort_by", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortBy"}, {"type": "null"}], "description": "Field to sort by", "default": "rule_release_date", "title": "Sort By"}, "description": "Field to sort by"}, {"name": "sort_order", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortOrder"}, {"type": "null"}], "description": "Sort order: ascending or descending", "default": "desc", "title": "Sort Order"}, "description": "Sort order: ascending or descending"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/LookupImpactResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/products": {"get": {"tags": ["Products"], "summary": "Get list of products", "description": "Get a paginated list of products", "operationId": "getProducts", "parameters": [{"name": "query", "in": "query", "required": false, "schema": {"anyOf": [{"type": "string"}, {"type": "null"}], "description": "Search query for products", "title": "Query"}, "description": "Search query for products"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/LookupListResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/products/{product}": {"get": {"tags": ["Products"], "summary": "Get product impact", "description": "Get CVE and fingerprint rules affecting a product", "operationId": "getProductImpact", "parameters": [{"name": "product", "in": "path", "required": true, "schema": {"type": "string", "title": "Product"}}, {"name": "sort_by", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortBy"}, {"type": "null"}], "description": "Field to sort by", "default": "rule_release_date", "title": "Sort By"}, "description": "Field to sort by"}, {"name": "sort_order", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortOrder"}, {"type": "null"}], "description": "Sort order: ascending or descending", "default": "desc", "title": "Sort Order"}, "description": "Sort order: ascending or descending"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/LookupImpactResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/tags": {"get": {"tags": ["Tags"], "summary": "Get list of tags", "description": "Get a paginated list of tags", "operationId": "getTags", "parameters": [{"name": "query", "in": "query", "required": false, "schema": {"anyOf": [{"type": "string"}, {"type": "null"}], "description": "Search query for tags", "title": "Query"}, "description": "Search query for tags"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/LookupListResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/tags/{tag}": {"get": {"tags": ["Tags"], "summary": "Get tag impact", "description": "Get CVE and fingerprint rules affecting a tag", "operationId": "getTagImpact", "parameters": [{"name": "tag", "in": "path", "required": true, "schema": {"type": "string", "title": "Tag"}}, {"name": "sort_by", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortBy"}, {"type": "null"}], "description": "Field to sort by", "default": "rule_release_date", "title": "Sort By"}, "description": "Field to sort by"}, {"name": "sort_order", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortOrder"}, {"type": "null"}], "description": "Sort order: ascending or descending", "default": "desc", "title": "Sort Order"}, "description": "Sort order: ascending or descending"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/LookupImpactResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/fingerprints": {"get": {"tags": ["Fingerprints"], "summary": "Get list of fingerprint rules", "description": "Get a paginated list of fingerprint rules", "operationId": "getFingerprintRules", "parameters": [{"name": "query", "in": "query", "required": false, "schema": {"anyOf": [{"type": "string"}, {"type": "null"}], "description": "Search query for fingerprint rules", "title": "Query"}, "description": "Search query for fingerprint rules"}, {"name": "sort_by", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortBy"}, {"type": "null"}], "description": "Field to sort by", "default": "rule_release_date", "title": "Sort By"}, "description": "Field to sort by"}, {"name": "sort_order", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortOrder"}, {"type": "null"}], "description": "Sort order: ascending or descending", "default": "desc", "title": "Sort Order"}, "description": "Sort order: ascending or descending"}, {"name": "filters", "in": "query", "required": false, "schema": {"anyOf": [{"type": "array", "items": {"$ref": "#/components/schemas/GetCVEsFilterBy"}}, {"type": "null"}], "description": "Filters to apply on the fingerprint rule list", "title": "Filters"}, "description": "Filters to apply on the fingerprint rule list"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/GetFingerprintRulesResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/fingerprints/{fingerprint}/ips-download": {"get": {"tags": ["Fingerprints"], "summary": "Download IPs exploiting a fingerprint rule (raw)", "description": "Download the list of IPs exploiting a specific fingerprint rule in raw format", "operationId": "downloadFingerprintIps", "parameters": [{"name": "fingerprint", "in": "path", "required": true, "schema": {"type": "string", "title": "Fingerprint"}}], "responses": {"200": {"description": "Successful Response", "content": {"text/plain": {"schema": {"type": "string"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/fingerprints/{fingerprint}/ips-details": {"get": {"tags": ["Fingerprints"], "summary": "Get IP details exploiting a fingerprint rule", "description": "Get detailed information about IPs exploiting a specific fingerprint rule", "operationId": "getFingerprintIpsDetails", "parameters": [{"name": "fingerprint", "in": "path", "required": true, "schema": {"type": "string", "title": "Fingerprint"}}, {"name": "since", "in": "query", "required": false, "schema": {"anyOf": [{"type": "string", "pattern": "^\\d+[hd]$"}, {"type": "null"}], "description": "Filter IPs seen since this date, format duration (e.g., 7d, 24h), default to 14d", "default": "14d", "title": "Since"}, "description": "Filter IPs seen since this date, format duration (e.g., 7d, 24h), default to 14d"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/GetFingerprintIPsResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/fingerprints/{fingerprint}/integrations": {"post": {"tags": ["Fingerprints"], "summary": "Subscribe an integration to a fingerprint rule", "description": "Subscribe an integration to receive threats related to a specific fingerprint rule", "operationId": "subscribeIntegrationToFingerprint", "parameters": [{"name": "fingerprint", "in": "path", "required": true, "schema": {"type": "string", "title": "Fingerprint"}}], "requestBody": {"required": true, "content": {"application/json": {"schema": {"$ref": "#/components/schemas/SubscribeFingerprintIntegrationRequest"}}}}, "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}, "get": {"tags": ["Fingerprints"], "summary": "Get subscribed integrations for a fingerprint rule", "description": "Get the list of integrations subscribed to a specific fingerprint rule", "operationId": "getFingerprintSubscribedIntegrations", "parameters": [{"name": "fingerprint", "in": "path", "required": true, "schema": {"type": "string", "title": "Fingerprint"}}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/GetFingerprintSubscribedIntegrationsResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/fingerprints/{fingerprint}/integrations/{integration_name}": {"delete": {"tags": ["Fingerprints"], "summary": "Unsubscribe an integration from a fingerprint rule", "description": "Unsubscribe an integration from receiving threats related to a specific fingerprint rule", "operationId": "unsubscribeIntegrationFromFingerprint", "parameters": [{"name": "fingerprint", "in": "path", "required": true, "schema": {"type": "string", "title": "Fingerprint"}}, {"name": "integration_name", "in": "path", "required": true, "schema": {"type": "string", "title": "Integration Name"}}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/fingerprints/{fingerprint}/timeline": {"get": {"tags": ["Fingerprints"], "summary": "Get timeline data for a fingerprint rule", "description": "Get timeline data of occurrences for a specific fingerprint rule", "operationId": "getFingerprintTimeline", "parameters": [{"name": "fingerprint", "in": "path", "required": true, "schema": {"type": "string", "title": "Fingerprint"}}, {"name": "since_days", "in": "query", "required": false, "schema": {"$ref": "#/components/schemas/SinceOptions", "description": "Time range for the timeline data (in days). Options: 1 (1 day), 7 (1 week), 30 (1 month). Default is 7 days.", "default": 7}, "description": "Time range for the timeline data (in days). Options: 1 (1 day), 7 (1 week), 30 (1 month). Default is 7 days."}, {"name": "interval", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/IntervalOptions"}, {"type": "null"}], "description": "Interval for aggregating timeline data. Options: 'hour', 'day', 'week'. Default is adapted based on 'since' parameter.", "title": "Interval"}, "description": "Interval for aggregating timeline data. Options: 'hour', 'day', 'week'. Default is adapted based on 'since' parameter."}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"type": "array", "items": {"$ref": "#/components/schemas/FingerprintTimelineItem"}, "title": "Response Getfingerprinttimeline"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/fingerprints/{fingerprint}": {"get": {"tags": ["Fingerprints"], "summary": "Get fingerprint rule information", "description": "Get information about a specific fingerprint rule", "operationId": "getFingerprintRule", "parameters": [{"name": "fingerprint", "in": "path", "required": true, "schema": {"type": "string", "title": "Fingerprint"}}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/FingerprintRuleResponse"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}}, "components": {"schemas": {"ApiKeyCredentials": {"properties": {"api_key": {"type": "string", "title": "Api Key", "description": "API key for the integration"}}, "type": "object", "required": ["api_key"], "title": "ApiKeyCredentials"}, "BasicAuthCredentials": {"properties": {"username": {"type": "string", "title": "Username", "description": "Basic auth username for the integration"}, "password": {"type": "string", "title": "Password", "description": "Basic auth password for the integration"}}, "type": "object", "required": ["username", "password"], "title": "BasicAuthCredentials"}, "BlocklistSubscription": {"properties": {"id": {"type": "string", "title": "Id"}, "remediation": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Remediation"}}, "type": "object", "required": ["id"], "title": "BlocklistSubscription"}, "CVESubscription": {"properties": {"id": {"type": "string", "title": "Id", "description": "CVE ID"}}, "type": "object", "required": ["id"], "title": "CVESubscription"}, "FingerprintSubscription": {"properties": {"id": {"type": "string", "title": "Id"}}, "type": "object", "required": ["id"], "title": "FingerprintSubscription"}, "HTTPValidationError": {"properties": {"detail": {"items": {"$ref": "#/components/schemas/ValidationError"}, "type": "array", "title": "Detail"}}, "type": "object", "title": "HTTPValidationError"}, "IntegrationCreateRequest": {"properties": {"name": {"type": "string", "minLength": 1, "title": "Name", "description": "Name of the integration"}, "description": {"type": "string", "minLength": 1, "title": "Description", "description": "Description of the integration"}, "entity_type": {"$ref": "#/components/schemas/IntegrationType", "description": "Type of the integration"}, "output_format": {"$ref": "#/components/schemas/OutputFormat", "description": "Output format of the integration"}, "pull_limit": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Pull Limit", "description": "Maximum number of items to pull"}, "enable_ip_aggregation": {"type": "boolean", "title": "Enable Ip Aggregation", "description": "Whether to enable IP aggregation into ranges", "default": false}}, "additionalProperties": false, "type": "object", "required": ["name", "entity_type", "output_format"], "title": "IntegrationCreateRequest"}, "IntegrationCreateResponse": {"properties": {"id": {"type": "string", "title": "Id", "description": "ID of the integration"}, "name": {"type": "string", "title": "Name", "description": "Name of the integration. Should be unique within the organization"}, "organization_id": {"type": "string", "title": "Organization Id", "description": "ID of the owner organization"}, "description": {"type": "string", "title": "Description", "description": "Description of the integration"}, "created_at": {"type": "string", "format": "date-time", "title": "Created At", "description": "Time the integration was created"}, "updated_at": {"type": "string", "format": "date-time", "title": "Updated At", "description": "Last time the integration was updated"}, "entity_type": {"$ref": "#/components/schemas/IntegrationType", "description": "Type of the integration"}, "output_format": {"$ref": "#/components/schemas/OutputFormat", "description": "Output format of the integration"}, "last_pull": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Pull", "description": "Last time the integration pulled blocklists"}, "blocklists": {"items": {"$ref": "#/components/schemas/BlocklistSubscription"}, "type": "array", "title": "Blocklists", "description": "Blocklists that are subscribed by the integration"}, "cves": {"items": {"$ref": "#/components/schemas/CVESubscription"}, "type": "array", "title": "Cves", "description": "CVEs that are subscribed by the integration"}, "fingerprints": {"items": {"$ref": "#/components/schemas/FingerprintSubscription"}, "type": "array", "title": "Fingerprints", "description": "Fingerprints that are subscribed by the integration"}, "endpoint": {"type": "string", "maxLength": 2083, "minLength": 1, "format": "uri", "title": "Endpoint", "description": "Url that should be used by the firewall or the remediation component to fetch the integration's content"}, "stats": {"$ref": "#/components/schemas/Stats", "description": "Stats of the integration", "default": {"count": 0}}, "tags": {"items": {"type": "string"}, "type": "array", "title": "Tags", "description": "Tags associated with the integration", "default": []}, "pull_limit": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Pull Limit", "description": "Maximum number of items to pull"}, "enable_ip_aggregation": {"type": "boolean", "title": "Enable Ip Aggregation", "description": "Whether to enable IP aggregation into ranges", "default": false}, "credentials": {"anyOf": [{"$ref": "#/components/schemas/ApiKeyCredentials"}, {"$ref": "#/components/schemas/BasicAuthCredentials"}], "title": "Credentials", "description": "Credentials that were generated for the integration"}}, "type": "object", "required": ["id", "name", "organization_id", "created_at", "updated_at", "entity_type", "output_format", "blocklists", "cves", "fingerprints", "endpoint", "credentials"], "title": "IntegrationCreateResponse"}, "IntegrationGetResponse": {"properties": {"id": {"type": "string", "title": "Id", "description": "ID of the integration"}, "name": {"type": "string", "title": "Name", "description": "Name of the integration. Should be unique within the organization"}, "organization_id": {"type": "string", "title": "Organization Id", "description": "ID of the owner organization"}, "description": {"type": "string", "title": "Description", "description": "Description of the integration"}, "created_at": {"type": "string", "format": "date-time", "title": "Created At", "description": "Time the integration was created"}, "updated_at": {"type": "string", "format": "date-time", "title": "Updated At", "description": "Last time the integration was updated"}, "entity_type": {"$ref": "#/components/schemas/IntegrationType", "description": "Type of the integration"}, "output_format": {"$ref": "#/components/schemas/OutputFormat", "description": "Output format of the integration"}, "last_pull": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Pull", "description": "Last time the integration pulled blocklists"}, "blocklists": {"items": {"$ref": "#/components/schemas/BlocklistSubscription"}, "type": "array", "title": "Blocklists", "description": "Blocklists that are subscribed by the integration"}, "cves": {"items": {"$ref": "#/components/schemas/CVESubscription"}, "type": "array", "title": "Cves", "description": "CVEs that are subscribed by the integration"}, "fingerprints": {"items": {"$ref": "#/components/schemas/FingerprintSubscription"}, "type": "array", "title": "Fingerprints", "description": "Fingerprints that are subscribed by the integration"}, "endpoint": {"type": "string", "maxLength": 2083, "minLength": 1, "format": "uri", "title": "Endpoint", "description": "Url that should be used by the firewall or the remediation component to fetch the integration's content"}, "stats": {"$ref": "#/components/schemas/Stats", "description": "Stats of the integration", "default": {"count": 0}}, "tags": {"items": {"type": "string"}, "type": "array", "title": "Tags", "description": "Tags associated with the integration", "default": []}, "pull_limit": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Pull Limit", "description": "Maximum number of items to pull"}, "enable_ip_aggregation": {"type": "boolean", "title": "Enable Ip Aggregation", "description": "Whether to enable IP aggregation into ranges", "default": false}}, "type": "object", "required": ["id", "name", "organization_id", "created_at", "updated_at", "entity_type", "output_format", "blocklists", "cves", "fingerprints", "endpoint"], "title": "IntegrationGetResponse"}, "IntegrationGetResponsePage": {"properties": {"items": {"items": {"$ref": "#/components/schemas/IntegrationGetResponse"}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "IntegrationGetResponsePage"}, "IntegrationType": {"type": "string", "enum": ["firewall_integration", "remediation_component_integration"], "title": "IntegrationType"}, "IntegrationUpdateRequest": {"properties": {"name": {"type": "string", "minLength": 1, "title": "Name", "description": "New name"}, "description": {"type": "string", "minLength": 1, "title": "Description", "description": "New description"}, "output_format": {"$ref": "#/components/schemas/OutputFormat", "description": "New output format"}, "regenerate_credentials": {"type": "boolean", "title": "Regenerate Credentials", "description": "Regenerate credentials for the integration"}, "pull_limit": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Pull Limit", "description": "Maximum number of items to pull"}, "enable_ip_aggregation": {"type": "boolean", "title": "Enable Ip Aggregation", "description": "Whether to enable IP aggregation into ranges", "default": false}}, "additionalProperties": false, "type": "object", "title": "IntegrationUpdateRequest"}, "IntegrationUpdateResponse": {"properties": {"id": {"type": "string", "title": "Id", "description": "ID of the integration"}, "name": {"type": "string", "title": "Name", "description": "Name of the integration. Should be unique within the organization"}, "organization_id": {"type": "string", "title": "Organization Id", "description": "ID of the owner organization"}, "description": {"type": "string", "title": "Description", "description": "Description of the integration"}, "created_at": {"type": "string", "format": "date-time", "title": "Created At", "description": "Time the integration was created"}, "updated_at": {"type": "string", "format": "date-time", "title": "Updated At", "description": "Last time the integration was updated"}, "entity_type": {"$ref": "#/components/schemas/IntegrationType", "description": "Type of the integration"}, "output_format": {"$ref": "#/components/schemas/OutputFormat", "description": "Output format of the integration"}, "last_pull": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Pull", "description": "Last time the integration pulled blocklists"}, "blocklists": {"items": {"$ref": "#/components/schemas/BlocklistSubscription"}, "type": "array", "title": "Blocklists", "description": "Blocklists that are subscribed by the integration"}, "cves": {"items": {"$ref": "#/components/schemas/CVESubscription"}, "type": "array", "title": "Cves", "description": "CVEs that are subscribed by the integration"}, "fingerprints": {"items": {"$ref": "#/components/schemas/FingerprintSubscription"}, "type": "array", "title": "Fingerprints", "description": "Fingerprints that are subscribed by the integration"}, "endpoint": {"type": "string", "maxLength": 2083, "minLength": 1, "format": "uri", "title": "Endpoint", "description": "Url that should be used by the firewall or the remediation component to fetch the integration's content"}, "stats": {"$ref": "#/components/schemas/Stats", "description": "Stats of the integration", "default": {"count": 0}}, "tags": {"items": {"type": "string"}, "type": "array", "title": "Tags", "description": "Tags associated with the integration", "default": []}, "pull_limit": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Pull Limit", "description": "Maximum number of items to pull"}, "enable_ip_aggregation": {"type": "boolean", "title": "Enable Ip Aggregation", "description": "Whether to enable IP aggregation into ranges", "default": false}, "credentials": {"anyOf": [{"$ref": "#/components/schemas/ApiKeyCredentials"}, {"$ref": "#/components/schemas/BasicAuthCredentials"}, {"type": "null"}], "title": "Credentials", "description": "Credentials for the integration"}}, "type": "object", "required": ["id", "name", "organization_id", "created_at", "updated_at", "entity_type", "output_format", "blocklists", "cves", "fingerprints", "endpoint"], "title": "IntegrationUpdateResponse"}, "Links": {"properties": {"first": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "First", "examples": ["/api/v1/users?limit=1&offset1"]}, "last": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Last", "examples": ["/api/v1/users?limit=1&offset1"]}, "self": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Self", "examples": ["/api/v1/users?limit=1&offset1"]}, "next": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Next", "examples": ["/api/v1/users?limit=1&offset1"]}, "prev": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Prev", "examples": ["/api/v1/users?limit=1&offset1"]}}, "type": "object", "title": "Links"}, "OutputFormat": {"type": "string", "enum": ["plain_text", "f5", "remediation_component", "fortigate", "paloalto", "checkpoint", "cisco", "juniper", "mikrotik", "pfsense", "opnsense", "sophos"], "title": "OutputFormat"}, "Stats": {"properties": {"count": {"type": "integer", "title": "Count", "description": "Number of total blocklists items the integration will pull"}}, "type": "object", "required": ["count"], "title": "Stats"}, "ValidationError": {"properties": {"loc": {"items": {"anyOf": [{"type": "string"}, {"type": "integer"}]}, "type": "array", "title": "Location"}, "msg": {"type": "string", "title": "Message"}, "type": {"type": "string", "title": "Error Type"}}, "type": "object", "required": ["loc", "msg", "type"], "title": "ValidationError"}, "AdjustmentScore": {"properties": {"total": {"type": "integer", "title": "Total", "description": "Total score adjustment"}, "recency": {"type": "integer", "title": "Recency", "description": "Recency score adjustment"}, "low_info": {"type": "integer", "title": "Low Info", "description": "Low information score adjustment"}}, "type": "object", "required": ["total", "recency", "low_info"], "title": "AdjustmentScore"}, "AffectedComponent": {"properties": {"vendor": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Vendor", "description": "Vendor of the affected component"}, "product": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Product", "description": "Product name of the affected component"}}, "type": "object", "title": "AffectedComponent", "description": "Affected Component in a CVE"}, "AllowlistSubscription": {"properties": {"id": {"type": "string", "title": "Id"}}, "type": "object", "required": ["id"], "title": "AllowlistSubscription"}, "AttackDetail": {"properties": {"name": {"type": "string", "title": "Name", "description": "Attack detail name"}, "label": {"type": "string", "title": "Label", "description": "Attack detail label"}, "description": {"type": "string", "title": "Description", "description": "Attack detail description"}, "references": {"items": {"type": "string"}, "type": "array", "title": "References", "description": "Attack detail references"}}, "type": "object", "required": ["name", "label", "description"], "title": "AttackDetail"}, "Behavior": {"properties": {"name": {"type": "string", "title": "Name", "description": "Behavior name"}, "label": {"type": "string", "title": "Label", "description": "Behavior label"}, "description": {"type": "string", "title": "Description", "description": "Behavior description"}}, "type": "object", "required": ["name", "label", "description"], "title": "Behavior"}, "CVEEvent": {"properties": {"date": {"type": "string", "format": "date-time", "title": "Date", "description": "Date of the event"}, "description": {"type": "string", "title": "Description", "description": "Description of the event"}, "label": {"type": "string", "title": "Label", "description": "Label of the event"}, "name": {"type": "string", "title": "Name", "description": "Name of the event"}}, "type": "object", "required": ["date", "description", "label", "name"], "title": "CVEEvent", "description": "CVE Event Information"}, "CVEResponseBase": {"properties": {"id": {"type": "string", "title": "Id", "description": "ID of the CVE"}, "name": {"type": "string", "title": "Name", "description": "Name of the CVE"}, "title": {"type": "string", "title": "Title", "description": "Title of the CVE"}, "affected_components": {"items": {"$ref": "#/components/schemas/AffectedComponent"}, "type": "array", "title": "Affected Components", "description": "List of affected components"}, "crowdsec_score": {"type": "integer", "maximum": 10.0, "minimum": 0.0, "title": "Crowdsec Score", "description": "Live Exploit Tracker score of the CVE"}, "opportunity_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Opportunity Score", "description": "Opportunity score indicating if it's an opportunistic(0) or targeted(5) attack (between 0-5)", "default": 0}, "momentum_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Momentum Score", "description": "Momentum score indicating the vulnerability's trendiness based on signal comparison with the previous month. Higher scores (4-5) indicate significantly more signals this month than last month's average, while lower scores (0-1) indicate declining activity (between 0-5)", "default": 0}, "first_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "First Seen", "description": "First seen date"}, "last_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Seen", "description": "Last seen date"}, "nb_ips": {"type": "integer", "minimum": 0.0, "title": "Nb Ips", "description": "Number of unique IPs affected"}, "published_date": {"type": "string", "format": "date-time", "title": "Published Date", "description": "Published date of the CVE"}, "cvss_score": {"anyOf": [{"type": "number", "maximum": 10.0, "minimum": 0.0}, {"type": "null"}], "title": "Cvss Score", "description": "CVSS score of the CVE"}, "has_public_exploit": {"type": "boolean", "title": "Has Public Exploit", "description": "Indicates if there is a public exploit for the CVE"}, "rule_release_date": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Rule Release Date", "description": "Release date of the associated detection rule"}, "exploitation_phase": {"$ref": "#/components/schemas/ExploitationPhase", "description": "Current exploitation phase of the CVE"}, "adjustment_score": {"anyOf": [{"$ref": "#/components/schemas/AdjustmentScore"}, {"type": "null"}], "description": "Score adjustments applied to the CVE score based on various factors"}}, "type": "object", "required": ["id", "name", "title", "affected_components", "crowdsec_score", "nb_ips", "published_date", "has_public_exploit", "exploitation_phase"], "title": "CVEResponseBase", "description": "GET CVE ID Response"}, "CVEsubscription": {"properties": {"id": {"type": "string", "title": "Id"}}, "type": "object", "required": ["id"], "title": "CVEsubscription"}, "CWE": {"properties": {"name": {"type": "string", "title": "Name", "description": "Name of the CWE"}, "label": {"type": "string", "title": "Label", "description": "Label of the CWE"}, "description": {"type": "string", "title": "Description", "description": "Description of the CWE"}}, "type": "object", "required": ["name", "label", "description"], "title": "CWE", "description": "CWE Information"}, "Classification": {"properties": {"name": {"type": "string", "title": "Name", "description": "Classification name"}, "label": {"type": "string", "title": "Label", "description": "Classification label"}, "description": {"type": "string", "title": "Description", "description": "Classification description"}}, "type": "object", "required": ["name", "label", "description"], "title": "Classification"}, "Classifications": {"properties": {"false_positives": {"items": {"$ref": "#/components/schemas/Classification"}, "type": "array", "title": "False Positives", "description": "False positive classifications"}, "classifications": {"items": {"$ref": "#/components/schemas/Classification"}, "type": "array", "title": "Classifications", "description": "Main classifications"}}, "type": "object", "title": "Classifications"}, "EntityType": {"type": "string", "enum": ["org", "tag", "engine", "firewall_integration", "remediation_component_integration", "remediation_component", "log_processor"], "title": "EntityType"}, "ExploitationPhase": {"properties": {"name": {"type": "string", "title": "Name", "description": "Name of the exploitation phase"}, "label": {"type": "string", "title": "Label", "description": "Label of the exploitation phase"}, "description": {"type": "string", "title": "Description", "description": "Description of the exploitation phase"}}, "type": "object", "required": ["name", "label", "description"], "title": "ExploitationPhase"}, "FingerprintRuleResponse": {"properties": {"id": {"type": "string", "title": "Id", "description": "Fingerprint rule identifier"}, "name": {"type": "string", "title": "Name", "description": "Fingerprint rule name"}, "title": {"type": "string", "title": "Title", "description": "Fingerprint rule title"}, "affected_components": {"items": {"$ref": "#/components/schemas/AffectedComponent"}, "type": "array", "title": "Affected Components", "description": "List of affected components"}, "crowdsec_score": {"type": "integer", "maximum": 10.0, "minimum": 0.0, "title": "Crowdsec Score", "description": "Live Exploit Tracker score for the fingerprint rule"}, "opportunity_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Opportunity Score", "description": "Opportunity score", "default": 0}, "momentum_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Momentum Score", "description": "Momentum score", "default": 0}, "first_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "First Seen", "description": "First seen date"}, "last_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Seen", "description": "Last seen date"}, "nb_ips": {"type": "integer", "minimum": 0.0, "title": "Nb Ips", "description": "Number of unique IPs observed"}, "rule_release_date": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Rule Release Date", "description": "Release date of the fingerprint rule"}, "exploitation_phase": {"$ref": "#/components/schemas/ExploitationPhase", "description": "Current exploitation phase"}, "adjustment_score": {"anyOf": [{"$ref": "#/components/schemas/AdjustmentScore"}, {"type": "null"}], "description": "Score adjustment details"}, "hype_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Hype Score", "description": "Hype score (raw momentum component)", "default": 0}, "tags": {"items": {"type": "string"}, "type": "array", "title": "Tags", "description": "Tags associated with the fingerprint rule"}, "description": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Description", "description": "Fingerprint rule description"}, "references": {"items": {"type": "string"}, "type": "array", "title": "References", "description": "Reference links for the fingerprint rule"}, "crowdsec_analysis": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Crowdsec Analysis", "description": "CrowdSec analysis for this fingerprint rule"}, "events": {"items": {"$ref": "#/components/schemas/CVEEvent"}, "type": "array", "title": "Events", "description": "List of events related to the fingerprint rule"}}, "type": "object", "required": ["id", "name", "title", "affected_components", "crowdsec_score", "nb_ips", "exploitation_phase"], "title": "FingerprintRuleResponse"}, "FingerprintRuleSummary": {"properties": {"id": {"type": "string", "title": "Id", "description": "Fingerprint rule identifier"}, "name": {"type": "string", "title": "Name", "description": "Fingerprint rule name"}, "title": {"type": "string", "title": "Title", "description": "Fingerprint rule title"}, "affected_components": {"items": {"$ref": "#/components/schemas/AffectedComponent"}, "type": "array", "title": "Affected Components", "description": "List of affected components"}, "crowdsec_score": {"type": "integer", "maximum": 10.0, "minimum": 0.0, "title": "Crowdsec Score", "description": "Live Exploit Tracker score for the fingerprint rule"}, "opportunity_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Opportunity Score", "description": "Opportunity score", "default": 0}, "momentum_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Momentum Score", "description": "Momentum score", "default": 0}, "first_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "First Seen", "description": "First seen date"}, "last_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Seen", "description": "Last seen date"}, "nb_ips": {"type": "integer", "minimum": 0.0, "title": "Nb Ips", "description": "Number of unique IPs observed"}, "rule_release_date": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Rule Release Date", "description": "Release date of the fingerprint rule"}, "exploitation_phase": {"$ref": "#/components/schemas/ExploitationPhase", "description": "Current exploitation phase"}, "adjustment_score": {"anyOf": [{"$ref": "#/components/schemas/AdjustmentScore"}, {"type": "null"}], "description": "Score adjustment details"}}, "type": "object", "required": ["id", "name", "title", "affected_components", "crowdsec_score", "nb_ips", "exploitation_phase"], "title": "FingerprintRuleSummary"}, "FingerprintTimelineItem": {"properties": {"timestamp": {"type": "string", "format": "date-time", "title": "Timestamp", "description": "Timestamp of the timeline event"}, "count": {"type": "integer", "title": "Count", "description": "Count of occurrences at the timestamp"}}, "type": "object", "required": ["timestamp", "count"], "title": "FingerprintTimelineItem"}, "GetCVEIPsResponsePage": {"properties": {"items": {"items": {"$ref": "#/components/schemas/IPItem"}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "GetCVEIPsResponsePage"}, "GetCVEResponse": {"properties": {"id": {"type": "string", "title": "Id", "description": "ID of the CVE"}, "name": {"type": "string", "title": "Name", "description": "Name of the CVE"}, "title": {"type": "string", "title": "Title", "description": "Title of the CVE"}, "affected_components": {"items": {"$ref": "#/components/schemas/AffectedComponent"}, "type": "array", "title": "Affected Components", "description": "List of affected components"}, "crowdsec_score": {"type": "integer", "maximum": 10.0, "minimum": 0.0, "title": "Crowdsec Score", "description": "Live Exploit Tracker score of the CVE"}, "opportunity_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Opportunity Score", "description": "Opportunity score indicating if it's an opportunistic(0) or targeted(5) attack (between 0-5)", "default": 0}, "momentum_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Momentum Score", "description": "Momentum score indicating the vulnerability's trendiness based on signal comparison with the previous month. Higher scores (4-5) indicate significantly more signals this month than last month's average, while lower scores (0-1) indicate declining activity (between 0-5)", "default": 0}, "first_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "First Seen", "description": "First seen date"}, "last_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Seen", "description": "Last seen date"}, "nb_ips": {"type": "integer", "minimum": 0.0, "title": "Nb Ips", "description": "Number of unique IPs affected"}, "published_date": {"type": "string", "format": "date-time", "title": "Published Date", "description": "Published date of the CVE"}, "cvss_score": {"anyOf": [{"type": "number", "maximum": 10.0, "minimum": 0.0}, {"type": "null"}], "title": "Cvss Score", "description": "CVSS score of the CVE"}, "has_public_exploit": {"type": "boolean", "title": "Has Public Exploit", "description": "Indicates if there is a public exploit for the CVE"}, "rule_release_date": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Rule Release Date", "description": "Release date of the associated detection rule"}, "exploitation_phase": {"$ref": "#/components/schemas/ExploitationPhase", "description": "Current exploitation phase of the CVE"}, "adjustment_score": {"anyOf": [{"$ref": "#/components/schemas/AdjustmentScore"}, {"type": "null"}], "description": "Score adjustments applied to the CVE score based on various factors"}, "hype_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Hype Score", "description": "Hype score (raw momentum component)", "default": 0}, "tags": {"items": {"type": "string"}, "type": "array", "title": "Tags", "description": "Tags associated with the CVE"}, "references": {"items": {"type": "string"}, "type": "array", "title": "References", "description": "List of references for the CVE"}, "description": {"type": "string", "title": "Description", "description": "Description of the CVE"}, "crowdsec_analysis": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Crowdsec Analysis", "description": "CrowdSec analysis of the CVE"}, "cwes": {"items": {"$ref": "#/components/schemas/CWE"}, "type": "array", "title": "Cwes", "description": "List of CWEs associated with the CVE"}, "events": {"items": {"$ref": "#/components/schemas/CVEEvent"}, "type": "array", "title": "Events", "description": "List of events related to the CVE"}}, "type": "object", "required": ["id", "name", "title", "affected_components", "crowdsec_score", "nb_ips", "published_date", "has_public_exploit", "exploitation_phase", "references", "description", "crowdsec_analysis", "cwes"], "title": "GetCVEResponse"}, "GetCVESubscribedIntegrationsResponsePage": {"properties": {"items": {"items": {"$ref": "#/components/schemas/IntegrationResponse"}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "GetCVESubscribedIntegrationsResponsePage"}, "GetCVEsFilterBy": {"type": "string", "enum": ["is_public"], "title": "GetCVEsFilterBy"}, "GetCVEsResponsePage": {"properties": {"items": {"items": {"$ref": "#/components/schemas/CVEResponseBase"}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "GetCVEsResponsePage"}, "GetCVEsSortBy": {"type": "string", "enum": ["rule_release_date", "trending", "nb_ips", "name"], "title": "GetCVEsSortBy"}, "GetCVEsSortOrder": {"type": "string", "enum": ["asc", "desc"], "title": "GetCVEsSortOrder"}, "GetFingerprintIPsResponsePage": {"properties": {"items": {"items": {"$ref": "#/components/schemas/IPItem"}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "GetFingerprintIPsResponsePage"}, "GetFingerprintRulesResponsePage": {"properties": {"items": {"items": {"$ref": "#/components/schemas/FingerprintRuleSummary"}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "GetFingerprintRulesResponsePage"}, "GetFingerprintSubscribedIntegrationsResponsePage": {"properties": {"items": {"items": {"$ref": "#/components/schemas/IntegrationResponse"}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "GetFingerprintSubscribedIntegrationsResponsePage"}, "History": {"properties": {"first_seen": {"type": "string", "format": "date-time", "title": "First Seen", "description": "First seen timestamp"}, "last_seen": {"type": "string", "format": "date-time", "title": "Last Seen", "description": "Last seen timestamp"}, "full_age": {"type": "integer", "title": "Full Age", "description": "Full age in days"}, "days_age": {"type": "integer", "title": "Days Age", "description": "Days age"}}, "type": "object", "required": ["first_seen", "last_seen", "full_age", "days_age"], "title": "History"}, "IPItem": {"properties": {"ip": {"type": "string", "title": "Ip", "description": "IP address"}, "reputation": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Reputation", "description": "Reputation of the IP"}, "ip_range": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Ip Range", "description": "IP range"}, "ip_range_score": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Ip Range Score", "description": "IP range score"}, "ip_range_24": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Ip Range 24", "description": "IP range /24"}, "ip_range_24_reputation": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Ip Range 24 Reputation", "description": "IP range /24 reputation"}, "ip_range_24_score": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Ip Range 24 Score", "description": "IP range /24 score"}, "as_name": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "As Name", "description": "AS name"}, "as_num": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "As Num", "description": "AS number"}, "background_noise_score": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Background Noise Score", "description": "Background noise score"}, "background_noise": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Background Noise", "description": "Background noise level"}, "confidence": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Confidence", "description": "Confidence level"}, "location": {"anyOf": [{"$ref": "#/components/schemas/Location"}, {"type": "null"}], "description": "IP location information"}, "reverse_dns": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Reverse Dns", "description": "Reverse DNS"}, "behaviors": {"items": {"$ref": "#/components/schemas/Behavior"}, "type": "array", "title": "Behaviors", "description": "List of behaviors"}, "references": {"items": {"$ref": "#/components/schemas/Reference"}, "type": "array", "title": "References", "description": "List of references"}, "history": {"anyOf": [{"$ref": "#/components/schemas/History"}, {"type": "null"}], "description": "Historical data"}, "classifications": {"anyOf": [{"$ref": "#/components/schemas/Classifications"}, {"type": "null"}], "description": "Classification data"}, "mitre_techniques": {"items": {"$ref": "#/components/schemas/MitreTechnique"}, "type": "array", "title": "Mitre Techniques", "description": "MITRE techniques"}, "cves": {"items": {"type": "string"}, "type": "array", "title": "Cves", "description": "List of CVEs"}, "attack_details": {"items": {"$ref": "#/components/schemas/AttackDetail"}, "type": "array", "title": "Attack Details", "description": "Attack details"}, "target_countries": {"additionalProperties": {"type": "integer"}, "type": "object", "title": "Target Countries", "description": "Target countries"}, "scores": {"anyOf": [{"$ref": "#/components/schemas/Scores"}, {"type": "null"}], "description": "Scoring information"}}, "type": "object", "required": ["ip"], "title": "IPItem"}, "IntegrationResponse": {"properties": {"tags": {"items": {"type": "string"}, "type": "array", "title": "Tags", "default": []}, "organization_id": {"type": "string", "title": "Organization Id"}, "created_at": {"type": "string", "format": "date-time", "title": "Created At", "description": "Time the integration was created"}, "entity_type": {"$ref": "#/components/schemas/EntityType", "description": "Type of the integration"}, "id": {"type": "string", "title": "Id", "description": "ID of the integration"}, "blocklists": {"items": {"$ref": "#/components/schemas/BlocklistSubscription"}, "type": "array", "title": "Blocklists", "default": []}, "allowlists": {"items": {"$ref": "#/components/schemas/AllowlistSubscription"}, "type": "array", "title": "Allowlists", "default": []}, "cves": {"items": {"$ref": "#/components/schemas/CVEsubscription"}, "type": "array", "title": "Cves", "default": []}, "fingerprints": {"items": {"$ref": "#/components/schemas/FingerprintSubscription"}, "type": "array", "title": "Fingerprints", "default": []}, "name": {"type": "string", "title": "Name", "description": "Name of the integration"}, "updated_at": {"type": "string", "format": "date-time", "title": "Updated At", "description": "Last time the integration was updated"}, "description": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Description", "description": "Description of the integration"}, "output_format": {"$ref": "#/components/schemas/OutputFormat", "description": "Output format of the integration"}, "last_pull": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Pull", "description": "Last time the integration pulled blocklists"}, "pull_limit": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Pull Limit", "description": "Maximum number of items to pull"}, "enable_ip_aggregation": {"type": "boolean", "title": "Enable Ip Aggregation", "description": "Whether to enable IP aggregation into ranges", "default": false}}, "type": "object", "required": ["organization_id", "entity_type", "name", "output_format"], "title": "IntegrationResponse"}, "IntervalOptions": {"type": "string", "enum": ["hour", "day", "week"], "title": "IntervalOptions"}, "Location": {"properties": {"country": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Country", "description": "Country code"}, "city": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "City", "description": "City name"}, "latitude": {"anyOf": [{"type": "number"}, {"type": "null"}], "title": "Latitude", "description": "Latitude coordinate"}, "longitude": {"anyOf": [{"type": "number"}, {"type": "null"}], "title": "Longitude", "description": "Longitude coordinate"}}, "type": "object", "title": "Location"}, "LookupImpactCVEItem": {"properties": {"id": {"type": "string", "title": "Id", "description": "ID of the CVE"}, "name": {"type": "string", "title": "Name", "description": "Name of the CVE"}, "title": {"type": "string", "title": "Title", "description": "Title of the CVE"}, "affected_components": {"items": {"$ref": "#/components/schemas/AffectedComponent"}, "type": "array", "title": "Affected Components", "description": "List of affected components"}, "crowdsec_score": {"type": "integer", "maximum": 10.0, "minimum": 0.0, "title": "Crowdsec Score", "description": "Live Exploit Tracker score of the CVE"}, "opportunity_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Opportunity Score", "description": "Opportunity score indicating if it's an opportunistic(0) or targeted(5) attack (between 0-5)", "default": 0}, "momentum_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Momentum Score", "description": "Momentum score indicating the vulnerability's trendiness based on signal comparison with the previous month. Higher scores (4-5) indicate significantly more signals this month than last month's average, while lower scores (0-1) indicate declining activity (between 0-5)", "default": 0}, "first_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "First Seen", "description": "First seen date"}, "last_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Seen", "description": "Last seen date"}, "nb_ips": {"type": "integer", "minimum": 0.0, "title": "Nb Ips", "description": "Number of unique IPs affected"}, "published_date": {"type": "string", "format": "date-time", "title": "Published Date", "description": "Published date of the CVE"}, "cvss_score": {"anyOf": [{"type": "number", "maximum": 10.0, "minimum": 0.0}, {"type": "null"}], "title": "Cvss Score", "description": "CVSS score of the CVE"}, "has_public_exploit": {"type": "boolean", "title": "Has Public Exploit", "description": "Indicates if there is a public exploit for the CVE"}, "rule_release_date": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Rule Release Date", "description": "Release date of the associated detection rule"}, "exploitation_phase": {"$ref": "#/components/schemas/ExploitationPhase", "description": "Current exploitation phase of the CVE"}, "adjustment_score": {"anyOf": [{"$ref": "#/components/schemas/AdjustmentScore"}, {"type": "null"}], "description": "Score adjustments applied to the CVE score based on various factors"}, "hype_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Hype Score", "description": "Hype score (raw momentum component)", "default": 0}, "tags": {"items": {"type": "string"}, "type": "array", "title": "Tags", "description": "Tags associated with the CVE"}, "references": {"items": {"type": "string"}, "type": "array", "title": "References", "description": "List of references for the CVE"}, "description": {"type": "string", "title": "Description", "description": "Description of the CVE"}, "crowdsec_analysis": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Crowdsec Analysis", "description": "CrowdSec analysis of the CVE"}, "cwes": {"items": {"$ref": "#/components/schemas/CWE"}, "type": "array", "title": "Cwes", "description": "List of CWEs associated with the CVE"}, "events": {"items": {"$ref": "#/components/schemas/CVEEvent"}, "type": "array", "title": "Events", "description": "List of events related to the CVE"}, "type": {"type": "string", "const": "cve", "title": "Type", "description": "Resource type", "default": "cve"}}, "type": "object", "required": ["id", "name", "title", "affected_components", "crowdsec_score", "nb_ips", "published_date", "has_public_exploit", "exploitation_phase", "references", "description", "crowdsec_analysis", "cwes"], "title": "LookupImpactCVEItem"}, "LookupImpactFingerprintItem": {"properties": {"id": {"type": "string", "title": "Id", "description": "Fingerprint rule identifier"}, "name": {"type": "string", "title": "Name", "description": "Fingerprint rule name"}, "title": {"type": "string", "title": "Title", "description": "Fingerprint rule title"}, "affected_components": {"items": {"$ref": "#/components/schemas/AffectedComponent"}, "type": "array", "title": "Affected Components", "description": "List of affected components"}, "crowdsec_score": {"type": "integer", "maximum": 10.0, "minimum": 0.0, "title": "Crowdsec Score", "description": "Live Exploit Tracker score for the fingerprint rule"}, "opportunity_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Opportunity Score", "description": "Opportunity score", "default": 0}, "momentum_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Momentum Score", "description": "Momentum score", "default": 0}, "first_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "First Seen", "description": "First seen date"}, "last_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Seen", "description": "Last seen date"}, "nb_ips": {"type": "integer", "minimum": 0.0, "title": "Nb Ips", "description": "Number of unique IPs observed"}, "rule_release_date": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Rule Release Date", "description": "Release date of the fingerprint rule"}, "exploitation_phase": {"$ref": "#/components/schemas/ExploitationPhase", "description": "Current exploitation phase"}, "adjustment_score": {"anyOf": [{"$ref": "#/components/schemas/AdjustmentScore"}, {"type": "null"}], "description": "Score adjustment details"}, "hype_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Hype Score", "description": "Hype score (raw momentum component)", "default": 0}, "tags": {"items": {"type": "string"}, "type": "array", "title": "Tags", "description": "Tags associated with the fingerprint rule"}, "description": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Description", "description": "Fingerprint rule description"}, "references": {"items": {"type": "string"}, "type": "array", "title": "References", "description": "Reference links for the fingerprint rule"}, "crowdsec_analysis": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Crowdsec Analysis", "description": "CrowdSec analysis for this fingerprint rule"}, "events": {"items": {"$ref": "#/components/schemas/CVEEvent"}, "type": "array", "title": "Events", "description": "List of events related to the fingerprint rule"}, "type": {"type": "string", "const": "fingerprint", "title": "Type", "description": "Resource type", "default": "fingerprint"}}, "type": "object", "required": ["id", "name", "title", "affected_components", "crowdsec_score", "nb_ips", "exploitation_phase"], "title": "LookupImpactFingerprintItem"}, "LookupImpactResponsePage": {"properties": {"items": {"items": {"oneOf": [{"$ref": "#/components/schemas/LookupImpactCVEItem"}, {"$ref": "#/components/schemas/LookupImpactFingerprintItem"}], "discriminator": {"propertyName": "type", "mapping": {"cve": "#/components/schemas/LookupImpactCVEItem", "fingerprint": "#/components/schemas/LookupImpactFingerprintItem"}}}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "LookupImpactResponsePage"}, "LookupListItem": {"properties": {"value": {"type": "string", "title": "Value", "description": "Lookup entry value"}}, "type": "object", "required": ["value"], "title": "LookupListItem"}, "LookupListResponsePage": {"properties": {"items": {"items": {"$ref": "#/components/schemas/LookupListItem"}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "LookupListResponsePage"}, "MitreTechnique": {"properties": {"name": {"type": "string", "title": "Name", "description": "MITRE technique ID"}, "label": {"type": "string", "title": "Label", "description": "MITRE technique label"}, "description": {"type": "string", "title": "Description", "description": "MITRE technique description"}}, "type": "object", "required": ["name", "label", "description"], "title": "MitreTechnique"}, "Reference": {"properties": {"name": {"type": "string", "title": "Name", "description": "Reference name"}, "label": {"type": "string", "title": "Label", "description": "Reference label"}, "description": {"type": "string", "title": "Description", "description": "Reference description"}}, "type": "object", "required": ["name", "label", "description"], "title": "Reference"}, "ScoreBreakdown": {"properties": {"aggressiveness": {"type": "integer", "title": "Aggressiveness", "description": "Aggressiveness score"}, "threat": {"type": "integer", "title": "Threat", "description": "Threat score"}, "trust": {"type": "integer", "title": "Trust", "description": "Trust score"}, "anomaly": {"type": "integer", "title": "Anomaly", "description": "Anomaly score"}, "total": {"type": "integer", "title": "Total", "description": "Total score"}}, "type": "object", "required": ["aggressiveness", "threat", "trust", "anomaly", "total"], "title": "ScoreBreakdown"}, "Scores": {"properties": {"overall": {"$ref": "#/components/schemas/ScoreBreakdown", "description": "Overall scores"}, "last_day": {"$ref": "#/components/schemas/ScoreBreakdown", "description": "Last day scores"}, "last_week": {"$ref": "#/components/schemas/ScoreBreakdown", "description": "Last week scores"}, "last_month": {"$ref": "#/components/schemas/ScoreBreakdown", "description": "Last month scores"}}, "type": "object", "required": ["overall", "last_day", "last_week", "last_month"], "title": "Scores"}, "SinceOptions": {"type": "integer", "enum": [1, 7, 30], "title": "SinceOptions"}, "SubscribeCVEIntegrationRequest": {"properties": {"name": {"type": "string", "title": "Name", "description": "Name of the integration to subscribe"}}, "additionalProperties": false, "type": "object", "required": ["name"], "title": "SubscribeCVEIntegrationRequest"}, "SubscribeFingerprintIntegrationRequest": {"properties": {"name": {"type": "string", "title": "Name", "description": "Name of the integration to subscribe"}}, "additionalProperties": false, "type": "object", "required": ["name"], "title": "SubscribeFingerprintIntegrationRequest"}, "TimelineItem": {"properties": {"timestamp": {"type": "string", "format": "date-time", "title": "Timestamp", "description": "Timestamp of the timeline event"}, "count": {"type": "integer", "title": "Count", "description": "Count of occurrences at the timestamp"}}, "type": "object", "required": ["timestamp", "count"], "title": "TimelineItem"}}, "securitySchemes": {"ApiKeyAuth": {"type": "apiKey", "in": "header", "name": "x-api-key", "description": "If integration key is provided, can also work to get integration content"}, "BasicAuth": {"type": "http", "scheme": "basic", "description": "Basic Auth for integration content endpoint only"}}}, "security": [{"ApiKeyAuth": []}, {"BasicAuth": []}], "servers": [{"url": "https://admin.api.crowdsec.net/v1", "description": "Production server"}]} \ No newline at end of file +{"openapi": "3.1.0", "info": {"title": "LET API", "description": "This is the API to manage Crowdsec Live Exploit Tracker service", "contact": {"name": "CrowdSec", "url": "https://crowdsec.net/", "email": "info@crowdsec.net"}, "version": "1.116.0"}, "paths": {"/integrations": {"post": {"tags": ["Integrations"], "summary": "Create Integration", "description": "Create an integration to a firewall or remediation component, owned by your organization. The name should be unique within the organization. This operation is submitted to quotas.", "operationId": "createIntegration", "requestBody": {"required": true, "content": {"application/json": {"schema": {"$ref": "#/components/schemas/IntegrationCreateRequest"}}}}, "responses": {"201": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/IntegrationCreateResponse"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}, "get": {"tags": ["Integrations"], "summary": "Get Integrations", "description": "Get integrations owned by your organization", "operationId": "getIntegrations", "parameters": [{"name": "tag", "in": "query", "required": false, "schema": {"anyOf": [{"type": "array", "items": {"type": "string"}}, {"type": "null"}], "description": "List of tags associated with the integrations (any of)", "title": "Tag"}, "description": "List of tags associated with the integrations (any of)"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/IntegrationGetResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/integrations/{integration_id}": {"get": {"tags": ["Integrations"], "summary": "Get Integration", "description": "Get an integration by ID", "operationId": "getIntegration", "parameters": [{"name": "integration_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Integration Id"}}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/IntegrationGetResponse"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}, "patch": {"tags": ["Integrations"], "summary": "Update Integration", "description": "Update the integration details", "operationId": "updateIntegration", "parameters": [{"name": "integration_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Integration Id"}}], "requestBody": {"required": true, "content": {"application/json": {"schema": {"$ref": "#/components/schemas/IntegrationUpdateRequest"}}}}, "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/IntegrationUpdateResponse"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}, "delete": {"tags": ["Integrations"], "summary": "Delete Integration", "description": "Delete the integration by ID", "operationId": "deleteIntegration", "parameters": [{"name": "integration_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Integration Id"}}, {"name": "force", "in": "query", "required": false, "schema": {"type": "boolean", "description": "Force delete the integration even if it has active subscriptions (it will unsubscribe from all lists)", "default": false, "title": "Force"}, "description": "Force delete the integration even if it has active subscriptions (it will unsubscribe from all lists)"}], "responses": {"204": {"description": "Successful Response"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/integrations/{integration_id}/content": {"head": {"tags": ["Integrations"], "summary": "Head Integration Content", "description": "Check if the integration has content", "operationId": "headIntegrationContent", "parameters": [{"name": "integration_id", "in": "path", "required": true, "schema": {"type": "string", "format": "ObjectId", "examples": ["5f9d88b9e5c4f5b9a3d3e8b1"], "title": "Integration Id"}}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {}}}}, "404": {"description": "Integration not found"}, "204": {"description": "Integration has no subscribed blocklists or no content available"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}, "get": {"tags": ["Integrations"], "summary": "Get Integration Content", "description": "Get the ips associated to the integration in plain text format. The content can be paginated to accomodate limits in firewalls.", "operationId": "getIntegrationContent", "parameters": [{"name": "integration_id", "in": "path", "required": true, "schema": {"type": "string", "format": "ObjectId", "examples": ["5f9d88b9e5c4f5b9a3d3e8b1"], "title": "Integration Id"}}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number to return", "default": 1, "title": "Page"}, "description": "Page number to return"}, {"name": "page_size", "in": "query", "required": false, "schema": {"anyOf": [{"type": "integer", "minimum": 10000}, {"type": "null"}], "description": "Maximum number of items to return, 0 means no limit (default), should be greater than 10000", "title": "Page Size"}, "description": "Maximum number of items to return, 0 means no limit (default), should be greater than 10000"}, {"name": "pull_limit", "in": "query", "required": false, "schema": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Pull Limit"}}, {"name": "enable_ip_aggregation", "in": "query", "required": false, "schema": {"type": "boolean", "default": false, "title": "Enable Ip Aggregation"}}], "responses": {"200": {"description": "Successful Response", "content": {"text/plain": {"schema": {"type": "string"}}}}, "404": {"description": "Integration not found"}, "204": {"description": "Integration has no subscribed blocklists or no content available"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/integrations/{integration_id}/v1/decisions/stream": {"get": {"tags": ["Integrations"], "summary": "Get Integration Content Stream", "description": "Get the ips associated to the integration in a format compatible with a remediation component. As for the remediation components, you can fetch the full content with startup=true or only the changes since the last pull", "operationId": "getIntegrationContentStream", "parameters": [{"name": "integration_id", "in": "path", "required": true, "schema": {"type": "string", "format": "ObjectId", "examples": ["5f9d88b9e5c4f5b9a3d3e8b1"], "title": "Integration Id"}}, {"name": "startup", "in": "query", "required": false, "schema": {"type": "boolean", "description": "Set to true if it's the first run to fetch all the content, otherwise only changes since the last pull.", "default": false, "title": "Startup"}, "description": "Set to true if it's the first run to fetch all the content, otherwise only changes since the last pull."}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {}}}}, "404": {"description": "Integration not found"}, "204": {"description": "Integration has no subscribed blocklists or no content available"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/cves": {"get": {"tags": ["Cves"], "summary": "Get list of CVEs CrowdSec is tracking", "description": "Get a paginated list of CVEs that CrowdSec is tracking", "operationId": "getCves", "parameters": [{"name": "query", "in": "query", "required": false, "schema": {"anyOf": [{"type": "string"}, {"type": "null"}], "description": "Search query for CVEs", "title": "Query"}, "description": "Search query for CVEs"}, {"name": "sort_by", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortBy"}, {"type": "null"}], "description": "Field to sort by", "default": "rule_release_date", "title": "Sort By"}, "description": "Field to sort by"}, {"name": "sort_order", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortOrder"}, {"type": "null"}], "description": "Sort order: ascending or descending", "default": "desc", "title": "Sort Order"}, "description": "Sort order: ascending or descending"}, {"name": "filters", "in": "query", "required": false, "schema": {"anyOf": [{"type": "array", "items": {"$ref": "#/components/schemas/GetCVEsFilterBy"}}, {"type": "null"}], "description": "Filters to apply on the CVE list", "title": "Filters"}, "description": "Filters to apply on the CVE list"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/GetCVEsResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/cves/{cve_id}": {"get": {"tags": ["Cves"], "summary": "Get CVE ID informations", "description": "Get information about a specific CVE ID", "operationId": "getCve", "parameters": [{"name": "cve_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Cve Id"}}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/GetCVEResponse"}}}}, "404": {"description": "CVE Not Found"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/cves/{cve_id}/ips-download": {"get": {"tags": ["Cves"], "summary": "Download IPs exploiting a CVE ID (raw)", "description": "Download the list of IPs exploiting a specific CVE ID in raw format", "operationId": "downloadCveIps", "parameters": [{"name": "cve_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Cve Id"}}], "responses": {"200": {"description": "Successful Response", "content": {"text/plain": {"schema": {"type": "string"}}}}, "404": {"description": "CVE Not Found"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/cves/{cve_id}/ips-details": {"get": {"tags": ["Cves"], "summary": "Get IPs details exploiting a CVE ID", "description": "Get detailed information about IPs exploiting a specific CVE ID", "operationId": "getCveIpsDetails", "parameters": [{"name": "cve_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Cve Id"}}, {"name": "since", "in": "query", "required": false, "schema": {"anyOf": [{"type": "string", "pattern": "^\\d+[hd]$"}, {"type": "null"}], "description": "Filter IPs seen since this date, format duration (e.g., 7d, 24h), default to 14d", "default": "14d", "title": "Since"}, "description": "Filter IPs seen since this date, format duration (e.g., 7d, 24h), default to 14d"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/GetCVEIPsResponsePage"}}}}, "404": {"description": "CVE Not Found"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/cves/{cve_id}/integrations": {"post": {"tags": ["Cves"], "summary": "Subscribe an integration to a CVE ID", "description": "Subscribe an integration to receive threats related to a specific CVE ID", "operationId": "subscribeIntegrationToCve", "parameters": [{"name": "cve_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Cve Id"}}], "requestBody": {"required": true, "content": {"application/json": {"schema": {"$ref": "#/components/schemas/SubscribeCVEIntegrationRequest"}}}}, "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {}}}}, "404": {"description": "Integration Not Found"}, "400": {"description": "CVE Already Subscribed"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}, "get": {"tags": ["Cves"], "summary": "Get subscribed integrations for a CVE ID", "description": "Get the list of integrations subscribed to a specific CVE ID", "operationId": "getCveSubscribedIntegrations", "parameters": [{"name": "cve_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Cve Id"}}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/GetCVESubscribedIntegrationsResponsePage"}}}}, "404": {"description": "CVE Not Found"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/cves/{cve_id}/integrations/{integration_name}": {"delete": {"tags": ["Cves"], "summary": "Unsubscribe an integration from a CVE ID", "description": "Unsubscribe an integration from receiving threats related to a specific CVE ID", "operationId": "unsubscribeIntegrationFromCve", "parameters": [{"name": "cve_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Cve Id"}}, {"name": "integration_name", "in": "path", "required": true, "schema": {"type": "string", "title": "Integration Name"}}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {}}}}, "404": {"description": "Integration Not Found"}, "400": {"description": "CVE Already Unsubscribed"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/cves/{cve_id}/timeline": {"get": {"tags": ["Cves"], "summary": "Get timeline data for a CVE ID", "description": "Get timeline data of occurrences for a specific CVE ID", "operationId": "getCveTimeline", "parameters": [{"name": "cve_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Cve Id"}}, {"name": "since_days", "in": "query", "required": false, "schema": {"$ref": "#/components/schemas/SinceOptions", "description": "Time range for the timeline data (in days). Options: 1 (1 day), 7 (1 week), 30 (1 month). Default is 7 days.", "default": 7}, "description": "Time range for the timeline data (in days). Options: 1 (1 day), 7 (1 week), 30 (1 month). Default is 7 days."}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"type": "array", "items": {"$ref": "#/components/schemas/TimelineItem"}, "title": "Response Getcvetimeline"}}}}, "404": {"description": "CVE Not Found"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/vendors": {"get": {"tags": ["Vendors"], "summary": "Get list of vendors", "description": "Get a paginated list of vendors", "operationId": "getVendors", "parameters": [{"name": "query", "in": "query", "required": false, "schema": {"anyOf": [{"type": "string"}, {"type": "null"}], "description": "Search query for vendors", "title": "Query"}, "description": "Search query for vendors"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/LookupListWithStatsResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/vendors/{vendor}/stats": {"get": {"tags": ["Vendors"], "summary": "Get vendor statistics", "description": "Get statistics for a vendor including CVE/fingerprint counts, IP counts, and top affected products", "operationId": "getVendorStats", "parameters": [{"name": "vendor", "in": "path", "required": true, "schema": {"type": "string", "title": "Vendor"}}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/VendorStatsResponse"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/vendors/{vendor}": {"get": {"tags": ["Vendors"], "summary": "Get vendor impact", "description": "Get CVE and fingerprint rules affecting a vendor", "operationId": "getVendorImpact", "parameters": [{"name": "vendor", "in": "path", "required": true, "schema": {"type": "string", "title": "Vendor"}}, {"name": "sort_by", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortBy"}, {"type": "null"}], "description": "Field to sort by", "default": "rule_release_date", "title": "Sort By"}, "description": "Field to sort by"}, {"name": "sort_order", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortOrder"}, {"type": "null"}], "description": "Sort order: ascending or descending", "default": "desc", "title": "Sort Order"}, "description": "Sort order: ascending or descending"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/LookupImpactResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/products": {"get": {"tags": ["Products"], "summary": "Get list of products", "description": "Get a paginated list of products", "operationId": "getProducts", "parameters": [{"name": "query", "in": "query", "required": false, "schema": {"anyOf": [{"type": "string"}, {"type": "null"}], "description": "Search query for products", "title": "Query"}, "description": "Search query for products"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/LookupListWithStatsResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/products/{product}": {"get": {"tags": ["Products"], "summary": "Get product impact", "description": "Get CVE and fingerprint rules affecting a product", "operationId": "getProductImpact", "parameters": [{"name": "product", "in": "path", "required": true, "schema": {"type": "string", "title": "Product"}}, {"name": "sort_by", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortBy"}, {"type": "null"}], "description": "Field to sort by", "default": "rule_release_date", "title": "Sort By"}, "description": "Field to sort by"}, {"name": "sort_order", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortOrder"}, {"type": "null"}], "description": "Sort order: ascending or descending", "default": "desc", "title": "Sort Order"}, "description": "Sort order: ascending or descending"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/LookupImpactResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/tags": {"get": {"tags": ["Tags"], "summary": "Get list of tags", "description": "Get a paginated list of tags", "operationId": "getTags", "parameters": [{"name": "query", "in": "query", "required": false, "schema": {"anyOf": [{"type": "string"}, {"type": "null"}], "description": "Search query for tags", "title": "Query"}, "description": "Search query for tags"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/LookupListWithStatsResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/tags/{tag}": {"get": {"tags": ["Tags"], "summary": "Get tag impact", "description": "Get CVE and fingerprint rules affecting a tag", "operationId": "getTagImpact", "parameters": [{"name": "tag", "in": "path", "required": true, "schema": {"type": "string", "title": "Tag"}}, {"name": "sort_by", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortBy"}, {"type": "null"}], "description": "Field to sort by", "default": "rule_release_date", "title": "Sort By"}, "description": "Field to sort by"}, {"name": "sort_order", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortOrder"}, {"type": "null"}], "description": "Sort order: ascending or descending", "default": "desc", "title": "Sort Order"}, "description": "Sort order: ascending or descending"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/LookupImpactResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/fingerprints": {"get": {"tags": ["Fingerprints"], "summary": "Get list of fingerprint rules", "description": "Get a paginated list of fingerprint rules", "operationId": "getFingerprintRules", "parameters": [{"name": "query", "in": "query", "required": false, "schema": {"anyOf": [{"type": "string"}, {"type": "null"}], "description": "Search query for fingerprint rules", "title": "Query"}, "description": "Search query for fingerprint rules"}, {"name": "sort_by", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortBy"}, {"type": "null"}], "description": "Field to sort by", "default": "rule_release_date", "title": "Sort By"}, "description": "Field to sort by"}, {"name": "sort_order", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortOrder"}, {"type": "null"}], "description": "Sort order: ascending or descending", "default": "desc", "title": "Sort Order"}, "description": "Sort order: ascending or descending"}, {"name": "filters", "in": "query", "required": false, "schema": {"anyOf": [{"type": "array", "items": {"$ref": "#/components/schemas/GetCVEsFilterBy"}}, {"type": "null"}], "description": "Filters to apply on the fingerprint rule list", "title": "Filters"}, "description": "Filters to apply on the fingerprint rule list"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/GetFingerprintRulesResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/fingerprints/{fingerprint}/ips-download": {"get": {"tags": ["Fingerprints"], "summary": "Download IPs exploiting a fingerprint rule (raw)", "description": "Download the list of IPs exploiting a specific fingerprint rule in raw format", "operationId": "downloadFingerprintIps", "parameters": [{"name": "fingerprint", "in": "path", "required": true, "schema": {"type": "string", "title": "Fingerprint"}}], "responses": {"200": {"description": "Successful Response", "content": {"text/plain": {"schema": {"type": "string"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/fingerprints/{fingerprint}/ips-details": {"get": {"tags": ["Fingerprints"], "summary": "Get IP details exploiting a fingerprint rule", "description": "Get detailed information about IPs exploiting a specific fingerprint rule", "operationId": "getFingerprintIpsDetails", "parameters": [{"name": "fingerprint", "in": "path", "required": true, "schema": {"type": "string", "title": "Fingerprint"}}, {"name": "since", "in": "query", "required": false, "schema": {"anyOf": [{"type": "string", "pattern": "^\\d+[hd]$"}, {"type": "null"}], "description": "Filter IPs seen since this date, format duration (e.g., 7d, 24h), default to 14d", "default": "14d", "title": "Since"}, "description": "Filter IPs seen since this date, format duration (e.g., 7d, 24h), default to 14d"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/GetFingerprintIPsResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/fingerprints/{fingerprint}/integrations": {"post": {"tags": ["Fingerprints"], "summary": "Subscribe an integration to a fingerprint rule", "description": "Subscribe an integration to receive threats related to a specific fingerprint rule", "operationId": "subscribeIntegrationToFingerprint", "parameters": [{"name": "fingerprint", "in": "path", "required": true, "schema": {"type": "string", "title": "Fingerprint"}}], "requestBody": {"required": true, "content": {"application/json": {"schema": {"$ref": "#/components/schemas/SubscribeFingerprintIntegrationRequest"}}}}, "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}, "get": {"tags": ["Fingerprints"], "summary": "Get subscribed integrations for a fingerprint rule", "description": "Get the list of integrations subscribed to a specific fingerprint rule", "operationId": "getFingerprintSubscribedIntegrations", "parameters": [{"name": "fingerprint", "in": "path", "required": true, "schema": {"type": "string", "title": "Fingerprint"}}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/GetFingerprintSubscribedIntegrationsResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/fingerprints/{fingerprint}/integrations/{integration_name}": {"delete": {"tags": ["Fingerprints"], "summary": "Unsubscribe an integration from a fingerprint rule", "description": "Unsubscribe an integration from receiving threats related to a specific fingerprint rule", "operationId": "unsubscribeIntegrationFromFingerprint", "parameters": [{"name": "fingerprint", "in": "path", "required": true, "schema": {"type": "string", "title": "Fingerprint"}}, {"name": "integration_name", "in": "path", "required": true, "schema": {"type": "string", "title": "Integration Name"}}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/fingerprints/{fingerprint}/timeline": {"get": {"tags": ["Fingerprints"], "summary": "Get timeline data for a fingerprint rule", "description": "Get timeline data of occurrences for a specific fingerprint rule", "operationId": "getFingerprintTimeline", "parameters": [{"name": "fingerprint", "in": "path", "required": true, "schema": {"type": "string", "title": "Fingerprint"}}, {"name": "since_days", "in": "query", "required": false, "schema": {"$ref": "#/components/schemas/SinceOptions", "description": "Time range for the timeline data (in days). Options: 1 (1 day), 7 (1 week), 30 (1 month). Default is 7 days.", "default": 7}, "description": "Time range for the timeline data (in days). Options: 1 (1 day), 7 (1 week), 30 (1 month). Default is 7 days."}, {"name": "interval", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/IntervalOptions"}, {"type": "null"}], "description": "Interval for aggregating timeline data. Options: 'hour', 'day', 'week'. Default is adapted based on 'since' parameter.", "title": "Interval"}, "description": "Interval for aggregating timeline data. Options: 'hour', 'day', 'week'. Default is adapted based on 'since' parameter."}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"type": "array", "items": {"$ref": "#/components/schemas/FingerprintTimelineItem"}, "title": "Response Getfingerprinttimeline"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/fingerprints/{fingerprint}": {"get": {"tags": ["Fingerprints"], "summary": "Get fingerprint rule information", "description": "Get information about a specific fingerprint rule", "operationId": "getFingerprintRule", "parameters": [{"name": "fingerprint", "in": "path", "required": true, "schema": {"type": "string", "title": "Fingerprint"}}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/FingerprintRuleResponse"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}}, "components": {"schemas": {"ApiKeyCredentials": {"properties": {"api_key": {"type": "string", "title": "Api Key", "description": "API key for the integration"}}, "type": "object", "required": ["api_key"], "title": "ApiKeyCredentials"}, "BasicAuthCredentials": {"properties": {"username": {"type": "string", "title": "Username", "description": "Basic auth username for the integration"}, "password": {"type": "string", "title": "Password", "description": "Basic auth password for the integration"}}, "type": "object", "required": ["username", "password"], "title": "BasicAuthCredentials"}, "BlocklistSubscription": {"properties": {"id": {"type": "string", "title": "Id"}, "remediation": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Remediation"}}, "type": "object", "required": ["id"], "title": "BlocklistSubscription"}, "CVESubscription": {"properties": {"id": {"type": "string", "title": "Id", "description": "CVE ID"}}, "type": "object", "required": ["id"], "title": "CVESubscription"}, "FingerprintSubscription": {"properties": {"id": {"type": "string", "title": "Id"}}, "type": "object", "required": ["id"], "title": "FingerprintSubscription"}, "HTTPValidationError": {"properties": {"detail": {"items": {"$ref": "#/components/schemas/ValidationError"}, "type": "array", "title": "Detail"}}, "type": "object", "title": "HTTPValidationError"}, "IntegrationCreateRequest": {"properties": {"name": {"type": "string", "minLength": 1, "title": "Name", "description": "Name of the integration"}, "description": {"type": "string", "minLength": 1, "title": "Description", "description": "Description of the integration"}, "entity_type": {"$ref": "#/components/schemas/IntegrationType", "description": "Type of the integration"}, "output_format": {"$ref": "#/components/schemas/OutputFormat", "description": "Output format of the integration"}, "pull_limit": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Pull Limit", "description": "Maximum number of items to pull"}, "enable_ip_aggregation": {"type": "boolean", "title": "Enable Ip Aggregation", "description": "Whether to enable IP aggregation into ranges", "default": false}}, "additionalProperties": false, "type": "object", "required": ["name", "entity_type", "output_format"], "title": "IntegrationCreateRequest"}, "IntegrationCreateResponse": {"properties": {"id": {"type": "string", "title": "Id", "description": "ID of the integration"}, "name": {"type": "string", "title": "Name", "description": "Name of the integration. Should be unique within the organization"}, "organization_id": {"type": "string", "title": "Organization Id", "description": "ID of the owner organization"}, "description": {"type": "string", "title": "Description", "description": "Description of the integration"}, "created_at": {"type": "string", "format": "date-time", "title": "Created At", "description": "Time the integration was created"}, "updated_at": {"type": "string", "format": "date-time", "title": "Updated At", "description": "Last time the integration was updated"}, "entity_type": {"$ref": "#/components/schemas/IntegrationType", "description": "Type of the integration"}, "output_format": {"$ref": "#/components/schemas/OutputFormat", "description": "Output format of the integration"}, "last_pull": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Pull", "description": "Last time the integration pulled blocklists"}, "blocklists": {"items": {"$ref": "#/components/schemas/BlocklistSubscription"}, "type": "array", "title": "Blocklists", "description": "Blocklists that are subscribed by the integration"}, "cves": {"items": {"$ref": "#/components/schemas/CVESubscription"}, "type": "array", "title": "Cves", "description": "CVEs that are subscribed by the integration"}, "fingerprints": {"items": {"$ref": "#/components/schemas/FingerprintSubscription"}, "type": "array", "title": "Fingerprints", "description": "Fingerprints that are subscribed by the integration"}, "endpoint": {"type": "string", "maxLength": 2083, "minLength": 1, "format": "uri", "title": "Endpoint", "description": "Url that should be used by the firewall or the remediation component to fetch the integration's content"}, "stats": {"$ref": "#/components/schemas/Stats", "description": "Stats of the integration", "default": {"count": 0}}, "tags": {"items": {"type": "string"}, "type": "array", "title": "Tags", "description": "Tags associated with the integration", "default": []}, "pull_limit": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Pull Limit", "description": "Maximum number of items to pull"}, "enable_ip_aggregation": {"type": "boolean", "title": "Enable Ip Aggregation", "description": "Whether to enable IP aggregation into ranges", "default": false}, "credentials": {"anyOf": [{"$ref": "#/components/schemas/ApiKeyCredentials"}, {"$ref": "#/components/schemas/BasicAuthCredentials"}], "title": "Credentials", "description": "Credentials that were generated for the integration"}}, "type": "object", "required": ["id", "name", "organization_id", "created_at", "updated_at", "entity_type", "output_format", "blocklists", "cves", "fingerprints", "endpoint", "credentials"], "title": "IntegrationCreateResponse"}, "IntegrationGetResponse": {"properties": {"id": {"type": "string", "title": "Id", "description": "ID of the integration"}, "name": {"type": "string", "title": "Name", "description": "Name of the integration. Should be unique within the organization"}, "organization_id": {"type": "string", "title": "Organization Id", "description": "ID of the owner organization"}, "description": {"type": "string", "title": "Description", "description": "Description of the integration"}, "created_at": {"type": "string", "format": "date-time", "title": "Created At", "description": "Time the integration was created"}, "updated_at": {"type": "string", "format": "date-time", "title": "Updated At", "description": "Last time the integration was updated"}, "entity_type": {"$ref": "#/components/schemas/IntegrationType", "description": "Type of the integration"}, "output_format": {"$ref": "#/components/schemas/OutputFormat", "description": "Output format of the integration"}, "last_pull": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Pull", "description": "Last time the integration pulled blocklists"}, "blocklists": {"items": {"$ref": "#/components/schemas/BlocklistSubscription"}, "type": "array", "title": "Blocklists", "description": "Blocklists that are subscribed by the integration"}, "cves": {"items": {"$ref": "#/components/schemas/CVESubscription"}, "type": "array", "title": "Cves", "description": "CVEs that are subscribed by the integration"}, "fingerprints": {"items": {"$ref": "#/components/schemas/FingerprintSubscription"}, "type": "array", "title": "Fingerprints", "description": "Fingerprints that are subscribed by the integration"}, "endpoint": {"type": "string", "maxLength": 2083, "minLength": 1, "format": "uri", "title": "Endpoint", "description": "Url that should be used by the firewall or the remediation component to fetch the integration's content"}, "stats": {"$ref": "#/components/schemas/Stats", "description": "Stats of the integration", "default": {"count": 0}}, "tags": {"items": {"type": "string"}, "type": "array", "title": "Tags", "description": "Tags associated with the integration", "default": []}, "pull_limit": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Pull Limit", "description": "Maximum number of items to pull"}, "enable_ip_aggregation": {"type": "boolean", "title": "Enable Ip Aggregation", "description": "Whether to enable IP aggregation into ranges", "default": false}}, "type": "object", "required": ["id", "name", "organization_id", "created_at", "updated_at", "entity_type", "output_format", "blocklists", "cves", "fingerprints", "endpoint"], "title": "IntegrationGetResponse"}, "IntegrationGetResponsePage": {"properties": {"items": {"items": {"$ref": "#/components/schemas/IntegrationGetResponse"}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "IntegrationGetResponsePage"}, "IntegrationType": {"type": "string", "enum": ["firewall_integration", "remediation_component_integration"], "title": "IntegrationType"}, "IntegrationUpdateRequest": {"properties": {"name": {"type": "string", "minLength": 1, "title": "Name", "description": "New name"}, "description": {"type": "string", "minLength": 1, "title": "Description", "description": "New description"}, "output_format": {"$ref": "#/components/schemas/OutputFormat", "description": "New output format"}, "regenerate_credentials": {"type": "boolean", "title": "Regenerate Credentials", "description": "Regenerate credentials for the integration"}, "pull_limit": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Pull Limit", "description": "Maximum number of items to pull"}, "enable_ip_aggregation": {"type": "boolean", "title": "Enable Ip Aggregation", "description": "Whether to enable IP aggregation into ranges", "default": false}}, "additionalProperties": false, "type": "object", "title": "IntegrationUpdateRequest"}, "IntegrationUpdateResponse": {"properties": {"id": {"type": "string", "title": "Id", "description": "ID of the integration"}, "name": {"type": "string", "title": "Name", "description": "Name of the integration. Should be unique within the organization"}, "organization_id": {"type": "string", "title": "Organization Id", "description": "ID of the owner organization"}, "description": {"type": "string", "title": "Description", "description": "Description of the integration"}, "created_at": {"type": "string", "format": "date-time", "title": "Created At", "description": "Time the integration was created"}, "updated_at": {"type": "string", "format": "date-time", "title": "Updated At", "description": "Last time the integration was updated"}, "entity_type": {"$ref": "#/components/schemas/IntegrationType", "description": "Type of the integration"}, "output_format": {"$ref": "#/components/schemas/OutputFormat", "description": "Output format of the integration"}, "last_pull": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Pull", "description": "Last time the integration pulled blocklists"}, "blocklists": {"items": {"$ref": "#/components/schemas/BlocklistSubscription"}, "type": "array", "title": "Blocklists", "description": "Blocklists that are subscribed by the integration"}, "cves": {"items": {"$ref": "#/components/schemas/CVESubscription"}, "type": "array", "title": "Cves", "description": "CVEs that are subscribed by the integration"}, "fingerprints": {"items": {"$ref": "#/components/schemas/FingerprintSubscription"}, "type": "array", "title": "Fingerprints", "description": "Fingerprints that are subscribed by the integration"}, "endpoint": {"type": "string", "maxLength": 2083, "minLength": 1, "format": "uri", "title": "Endpoint", "description": "Url that should be used by the firewall or the remediation component to fetch the integration's content"}, "stats": {"$ref": "#/components/schemas/Stats", "description": "Stats of the integration", "default": {"count": 0}}, "tags": {"items": {"type": "string"}, "type": "array", "title": "Tags", "description": "Tags associated with the integration", "default": []}, "pull_limit": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Pull Limit", "description": "Maximum number of items to pull"}, "enable_ip_aggregation": {"type": "boolean", "title": "Enable Ip Aggregation", "description": "Whether to enable IP aggregation into ranges", "default": false}, "credentials": {"anyOf": [{"$ref": "#/components/schemas/ApiKeyCredentials"}, {"$ref": "#/components/schemas/BasicAuthCredentials"}, {"type": "null"}], "title": "Credentials", "description": "Credentials for the integration"}}, "type": "object", "required": ["id", "name", "organization_id", "created_at", "updated_at", "entity_type", "output_format", "blocklists", "cves", "fingerprints", "endpoint"], "title": "IntegrationUpdateResponse"}, "Links": {"properties": {"first": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "First", "examples": ["/api/v1/users?limit=1&offset1"]}, "last": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Last", "examples": ["/api/v1/users?limit=1&offset1"]}, "self": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Self", "examples": ["/api/v1/users?limit=1&offset1"]}, "next": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Next", "examples": ["/api/v1/users?limit=1&offset1"]}, "prev": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Prev", "examples": ["/api/v1/users?limit=1&offset1"]}}, "type": "object", "title": "Links"}, "OutputFormat": {"type": "string", "enum": ["plain_text", "f5", "remediation_component", "fortigate", "paloalto", "checkpoint", "cisco", "juniper", "mikrotik", "pfsense", "opnsense", "sophos"], "title": "OutputFormat"}, "Stats": {"properties": {"count": {"type": "integer", "title": "Count", "description": "Number of total blocklists items the integration will pull"}}, "type": "object", "required": ["count"], "title": "Stats"}, "ValidationError": {"properties": {"loc": {"items": {"anyOf": [{"type": "string"}, {"type": "integer"}]}, "type": "array", "title": "Location"}, "msg": {"type": "string", "title": "Message"}, "type": {"type": "string", "title": "Error Type"}}, "type": "object", "required": ["loc", "msg", "type"], "title": "ValidationError"}, "AdjustmentScore": {"properties": {"total": {"type": "integer", "title": "Total", "description": "Total score adjustment"}, "recency": {"type": "integer", "title": "Recency", "description": "Recency score adjustment"}, "low_info": {"type": "integer", "title": "Low Info", "description": "Low information score adjustment"}}, "type": "object", "required": ["total", "recency", "low_info"], "title": "AdjustmentScore"}, "AffectedComponent": {"properties": {"vendor": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Vendor", "description": "Vendor of the affected component"}, "product": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Product", "description": "Product name of the affected component"}}, "type": "object", "title": "AffectedComponent", "description": "Affected Component in a CVE"}, "AllowlistSubscription": {"properties": {"id": {"type": "string", "title": "Id"}}, "type": "object", "required": ["id"], "title": "AllowlistSubscription"}, "AttackDetail": {"properties": {"name": {"type": "string", "title": "Name", "description": "Attack detail name"}, "label": {"type": "string", "title": "Label", "description": "Attack detail label"}, "description": {"type": "string", "title": "Description", "description": "Attack detail description"}, "references": {"items": {"type": "string"}, "type": "array", "title": "References", "description": "Attack detail references"}}, "type": "object", "required": ["name", "label", "description"], "title": "AttackDetail"}, "Behavior": {"properties": {"name": {"type": "string", "title": "Name", "description": "Behavior name"}, "label": {"type": "string", "title": "Label", "description": "Behavior label"}, "description": {"type": "string", "title": "Description", "description": "Behavior description"}}, "type": "object", "required": ["name", "label", "description"], "title": "Behavior"}, "CVEEventOutput": {"properties": {"name": {"type": "string", "title": "Name"}, "date": {"type": "string", "title": "Date"}, "description": {"type": "string", "title": "Description"}, "label": {"type": "string", "title": "Label"}, "sorting_priority": {"type": "integer", "title": "Sorting Priority"}}, "type": "object", "required": ["name", "date", "description", "label", "sorting_priority"], "title": "CVEEventOutput"}, "CVEResponseBase": {"properties": {"id": {"type": "string", "title": "Id", "description": "ID of the CVE"}, "name": {"type": "string", "title": "Name", "description": "Name of the CVE"}, "title": {"type": "string", "title": "Title", "description": "Title of the CVE"}, "affected_components": {"items": {"$ref": "#/components/schemas/AffectedComponent"}, "type": "array", "title": "Affected Components", "description": "List of affected components"}, "crowdsec_score": {"type": "integer", "maximum": 10.0, "minimum": 0.0, "title": "Crowdsec Score", "description": "Live Exploit Tracker score of the CVE"}, "opportunity_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Opportunity Score", "description": "Opportunity score indicating if it's an opportunistic(0) or targeted(5) attack (between 0-5)", "default": 0}, "momentum_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Momentum Score", "description": "Momentum score indicating the vulnerability's trendiness based on signal comparison with the previous month. Higher scores (4-5) indicate significantly more signals this month than last month's average, while lower scores (0-1) indicate declining activity (between 0-5)", "default": 0}, "first_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "First Seen", "description": "First seen date"}, "last_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Seen", "description": "Last seen date"}, "nb_ips": {"type": "integer", "minimum": 0.0, "title": "Nb Ips", "description": "Number of unique IPs affected"}, "published_date": {"type": "string", "format": "date-time", "title": "Published Date", "description": "Published date of the CVE"}, "cvss_score": {"anyOf": [{"type": "number", "maximum": 10.0, "minimum": 0.0}, {"type": "null"}], "title": "Cvss Score", "description": "CVSS score of the CVE"}, "has_public_exploit": {"type": "boolean", "title": "Has Public Exploit", "description": "Indicates if there is a public exploit for the CVE"}, "rule_release_date": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Rule Release Date", "description": "Release date of the associated detection rule"}, "exploitation_phase": {"$ref": "#/components/schemas/ExploitationPhase", "description": "Current exploitation phase of the CVE"}, "adjustment_score": {"anyOf": [{"$ref": "#/components/schemas/AdjustmentScore"}, {"type": "null"}], "description": "Score adjustments applied to the CVE score based on various factors"}}, "type": "object", "required": ["id", "name", "title", "affected_components", "crowdsec_score", "nb_ips", "published_date", "has_public_exploit", "exploitation_phase"], "title": "CVEResponseBase", "description": "GET CVE ID Response"}, "CVEsubscription": {"properties": {"id": {"type": "string", "title": "Id"}}, "type": "object", "required": ["id"], "title": "CVEsubscription"}, "CWE": {"properties": {"name": {"type": "string", "title": "Name", "description": "Name of the CWE"}, "label": {"type": "string", "title": "Label", "description": "Label of the CWE"}, "description": {"type": "string", "title": "Description", "description": "Description of the CWE"}}, "type": "object", "required": ["name", "label", "description"], "title": "CWE", "description": "CWE Information"}, "Classification": {"properties": {"name": {"type": "string", "title": "Name", "description": "Classification name"}, "label": {"type": "string", "title": "Label", "description": "Classification label"}, "description": {"type": "string", "title": "Description", "description": "Classification description"}}, "type": "object", "required": ["name", "label", "description"], "title": "Classification"}, "Classifications": {"properties": {"false_positives": {"items": {"$ref": "#/components/schemas/Classification"}, "type": "array", "title": "False Positives", "description": "False positive classifications"}, "classifications": {"items": {"$ref": "#/components/schemas/Classification"}, "type": "array", "title": "Classifications", "description": "Main classifications"}}, "type": "object", "title": "Classifications"}, "EntityType": {"type": "string", "enum": ["org", "tag", "engine", "firewall_integration", "remediation_component_integration", "remediation_component", "log_processor"], "title": "EntityType"}, "ExploitationPhase": {"properties": {"name": {"type": "string", "title": "Name", "description": "Name of the exploitation phase"}, "label": {"type": "string", "title": "Label", "description": "Label of the exploitation phase"}, "description": {"type": "string", "title": "Description", "description": "Description of the exploitation phase"}}, "type": "object", "required": ["name", "label", "description"], "title": "ExploitationPhase"}, "FingerprintEventOutput": {"properties": {"name": {"type": "string", "title": "Name"}, "date": {"type": "string", "title": "Date"}, "description": {"type": "string", "title": "Description"}, "label": {"type": "string", "title": "Label"}}, "type": "object", "required": ["name", "date", "description", "label"], "title": "FingerprintEventOutput"}, "FingerprintRuleResponse": {"properties": {"id": {"type": "string", "title": "Id", "description": "Fingerprint rule identifier"}, "name": {"type": "string", "title": "Name", "description": "Fingerprint rule name"}, "title": {"type": "string", "title": "Title", "description": "Fingerprint rule title"}, "affected_components": {"items": {"$ref": "#/components/schemas/AffectedComponent"}, "type": "array", "title": "Affected Components", "description": "List of affected components"}, "crowdsec_score": {"type": "integer", "maximum": 10.0, "minimum": 0.0, "title": "Crowdsec Score", "description": "Live Exploit Tracker score for the fingerprint rule"}, "opportunity_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Opportunity Score", "description": "Opportunity score", "default": 0}, "momentum_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Momentum Score", "description": "Momentum score", "default": 0}, "first_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "First Seen", "description": "First seen date"}, "last_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Seen", "description": "Last seen date"}, "nb_ips": {"type": "integer", "minimum": 0.0, "title": "Nb Ips", "description": "Number of unique IPs observed"}, "rule_release_date": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Rule Release Date", "description": "Release date of the fingerprint rule"}, "exploitation_phase": {"$ref": "#/components/schemas/ExploitationPhase", "description": "Current exploitation phase"}, "adjustment_score": {"anyOf": [{"$ref": "#/components/schemas/AdjustmentScore"}, {"type": "null"}], "description": "Score adjustment details"}, "hype_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Hype Score", "description": "Hype score (raw momentum component)", "default": 0}, "tags": {"items": {"type": "string"}, "type": "array", "title": "Tags", "description": "Tags associated with the fingerprint rule"}, "description": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Description", "description": "Fingerprint rule description"}, "references": {"items": {"type": "string"}, "type": "array", "title": "References", "description": "Reference links for the fingerprint rule"}, "crowdsec_analysis": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Crowdsec Analysis", "description": "CrowdSec analysis for this fingerprint rule"}, "events": {"items": {"$ref": "#/components/schemas/FingerprintEventOutput"}, "type": "array", "title": "Events", "description": "List of events related to the fingerprint rule"}}, "type": "object", "required": ["id", "name", "title", "affected_components", "crowdsec_score", "nb_ips", "exploitation_phase"], "title": "FingerprintRuleResponse"}, "FingerprintRuleSummary": {"properties": {"id": {"type": "string", "title": "Id", "description": "Fingerprint rule identifier"}, "name": {"type": "string", "title": "Name", "description": "Fingerprint rule name"}, "title": {"type": "string", "title": "Title", "description": "Fingerprint rule title"}, "affected_components": {"items": {"$ref": "#/components/schemas/AffectedComponent"}, "type": "array", "title": "Affected Components", "description": "List of affected components"}, "crowdsec_score": {"type": "integer", "maximum": 10.0, "minimum": 0.0, "title": "Crowdsec Score", "description": "Live Exploit Tracker score for the fingerprint rule"}, "opportunity_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Opportunity Score", "description": "Opportunity score", "default": 0}, "momentum_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Momentum Score", "description": "Momentum score", "default": 0}, "first_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "First Seen", "description": "First seen date"}, "last_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Seen", "description": "Last seen date"}, "nb_ips": {"type": "integer", "minimum": 0.0, "title": "Nb Ips", "description": "Number of unique IPs observed"}, "rule_release_date": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Rule Release Date", "description": "Release date of the fingerprint rule"}, "exploitation_phase": {"$ref": "#/components/schemas/ExploitationPhase", "description": "Current exploitation phase"}, "adjustment_score": {"anyOf": [{"$ref": "#/components/schemas/AdjustmentScore"}, {"type": "null"}], "description": "Score adjustment details"}}, "type": "object", "required": ["id", "name", "title", "affected_components", "crowdsec_score", "nb_ips", "exploitation_phase"], "title": "FingerprintRuleSummary"}, "FingerprintTimelineItem": {"properties": {"timestamp": {"type": "string", "format": "date-time", "title": "Timestamp", "description": "Timestamp of the timeline event"}, "count": {"type": "integer", "title": "Count", "description": "Count of occurrences at the timestamp"}}, "type": "object", "required": ["timestamp", "count"], "title": "FingerprintTimelineItem"}, "GetCVEIPsResponsePage": {"properties": {"items": {"items": {"$ref": "#/components/schemas/IPItem"}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "GetCVEIPsResponsePage"}, "GetCVEResponse": {"properties": {"id": {"type": "string", "title": "Id", "description": "ID of the CVE"}, "name": {"type": "string", "title": "Name", "description": "Name of the CVE"}, "title": {"type": "string", "title": "Title", "description": "Title of the CVE"}, "affected_components": {"items": {"$ref": "#/components/schemas/AffectedComponent"}, "type": "array", "title": "Affected Components", "description": "List of affected components"}, "crowdsec_score": {"type": "integer", "maximum": 10.0, "minimum": 0.0, "title": "Crowdsec Score", "description": "Live Exploit Tracker score of the CVE"}, "opportunity_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Opportunity Score", "description": "Opportunity score indicating if it's an opportunistic(0) or targeted(5) attack (between 0-5)", "default": 0}, "momentum_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Momentum Score", "description": "Momentum score indicating the vulnerability's trendiness based on signal comparison with the previous month. Higher scores (4-5) indicate significantly more signals this month than last month's average, while lower scores (0-1) indicate declining activity (between 0-5)", "default": 0}, "first_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "First Seen", "description": "First seen date"}, "last_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Seen", "description": "Last seen date"}, "nb_ips": {"type": "integer", "minimum": 0.0, "title": "Nb Ips", "description": "Number of unique IPs affected"}, "published_date": {"type": "string", "format": "date-time", "title": "Published Date", "description": "Published date of the CVE"}, "cvss_score": {"anyOf": [{"type": "number", "maximum": 10.0, "minimum": 0.0}, {"type": "null"}], "title": "Cvss Score", "description": "CVSS score of the CVE"}, "has_public_exploit": {"type": "boolean", "title": "Has Public Exploit", "description": "Indicates if there is a public exploit for the CVE"}, "rule_release_date": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Rule Release Date", "description": "Release date of the associated detection rule"}, "exploitation_phase": {"$ref": "#/components/schemas/ExploitationPhase", "description": "Current exploitation phase of the CVE"}, "adjustment_score": {"anyOf": [{"$ref": "#/components/schemas/AdjustmentScore"}, {"type": "null"}], "description": "Score adjustments applied to the CVE score based on various factors"}, "hype_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Hype Score", "description": "Hype score (raw momentum component)", "default": 0}, "tags": {"items": {"type": "string"}, "type": "array", "title": "Tags", "description": "Tags associated with the CVE"}, "references": {"items": {"type": "string"}, "type": "array", "title": "References", "description": "List of references for the CVE"}, "description": {"type": "string", "title": "Description", "description": "Description of the CVE"}, "crowdsec_analysis": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Crowdsec Analysis", "description": "CrowdSec analysis of the CVE"}, "cwes": {"items": {"$ref": "#/components/schemas/CWE"}, "type": "array", "title": "Cwes", "description": "List of CWEs associated with the CVE"}, "events": {"items": {"$ref": "#/components/schemas/CVEEventOutput"}, "type": "array", "title": "Events", "description": "List of events related to the CVE"}}, "type": "object", "required": ["id", "name", "title", "affected_components", "crowdsec_score", "nb_ips", "published_date", "has_public_exploit", "exploitation_phase", "references", "description", "crowdsec_analysis", "cwes"], "title": "GetCVEResponse"}, "GetCVESubscribedIntegrationsResponsePage": {"properties": {"items": {"items": {"$ref": "#/components/schemas/IntegrationResponse"}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "GetCVESubscribedIntegrationsResponsePage"}, "GetCVEsFilterBy": {"type": "string", "enum": ["is_public"], "title": "GetCVEsFilterBy"}, "GetCVEsResponsePage": {"properties": {"items": {"items": {"$ref": "#/components/schemas/CVEResponseBase"}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "GetCVEsResponsePage"}, "GetCVEsSortBy": {"type": "string", "enum": ["rule_release_date", "trending", "nb_ips", "name"], "title": "GetCVEsSortBy"}, "GetCVEsSortOrder": {"type": "string", "enum": ["asc", "desc"], "title": "GetCVEsSortOrder"}, "GetFingerprintIPsResponsePage": {"properties": {"items": {"items": {"$ref": "#/components/schemas/IPItem"}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "GetFingerprintIPsResponsePage"}, "GetFingerprintRulesResponsePage": {"properties": {"items": {"items": {"$ref": "#/components/schemas/FingerprintRuleSummary"}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "GetFingerprintRulesResponsePage"}, "GetFingerprintSubscribedIntegrationsResponsePage": {"properties": {"items": {"items": {"$ref": "#/components/schemas/IntegrationResponse"}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "GetFingerprintSubscribedIntegrationsResponsePage"}, "History": {"properties": {"first_seen": {"type": "string", "format": "date-time", "title": "First Seen", "description": "First seen timestamp"}, "last_seen": {"type": "string", "format": "date-time", "title": "Last Seen", "description": "Last seen timestamp"}, "full_age": {"type": "integer", "title": "Full Age", "description": "Full age in days"}, "days_age": {"type": "integer", "title": "Days Age", "description": "Days age"}}, "type": "object", "required": ["first_seen", "last_seen", "full_age", "days_age"], "title": "History"}, "IPItem": {"properties": {"ip": {"type": "string", "title": "Ip", "description": "IP address"}, "reputation": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Reputation", "description": "Reputation of the IP"}, "ip_range": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Ip Range", "description": "IP range"}, "ip_range_score": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Ip Range Score", "description": "IP range score"}, "ip_range_24": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Ip Range 24", "description": "IP range /24"}, "ip_range_24_reputation": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Ip Range 24 Reputation", "description": "IP range /24 reputation"}, "ip_range_24_score": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Ip Range 24 Score", "description": "IP range /24 score"}, "as_name": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "As Name", "description": "AS name"}, "as_num": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "As Num", "description": "AS number"}, "background_noise_score": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Background Noise Score", "description": "Background noise score"}, "background_noise": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Background Noise", "description": "Background noise level"}, "confidence": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Confidence", "description": "Confidence level"}, "location": {"anyOf": [{"$ref": "#/components/schemas/Location"}, {"type": "null"}], "description": "IP location information"}, "reverse_dns": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Reverse Dns", "description": "Reverse DNS"}, "behaviors": {"items": {"$ref": "#/components/schemas/Behavior"}, "type": "array", "title": "Behaviors", "description": "List of behaviors"}, "references": {"items": {"$ref": "#/components/schemas/Reference"}, "type": "array", "title": "References", "description": "List of references"}, "history": {"anyOf": [{"$ref": "#/components/schemas/History"}, {"type": "null"}], "description": "Historical data"}, "classifications": {"anyOf": [{"$ref": "#/components/schemas/Classifications"}, {"type": "null"}], "description": "Classification data"}, "mitre_techniques": {"items": {"$ref": "#/components/schemas/MitreTechnique"}, "type": "array", "title": "Mitre Techniques", "description": "MITRE techniques"}, "cves": {"items": {"type": "string"}, "type": "array", "title": "Cves", "description": "List of CVEs"}, "attack_details": {"items": {"$ref": "#/components/schemas/AttackDetail"}, "type": "array", "title": "Attack Details", "description": "Attack details"}, "target_countries": {"additionalProperties": {"type": "integer"}, "type": "object", "title": "Target Countries", "description": "Target countries"}, "scores": {"anyOf": [{"$ref": "#/components/schemas/Scores"}, {"type": "null"}], "description": "Scoring information"}}, "type": "object", "required": ["ip"], "title": "IPItem"}, "IntegrationResponse": {"properties": {"tags": {"items": {"type": "string"}, "type": "array", "title": "Tags", "default": []}, "organization_id": {"type": "string", "title": "Organization Id"}, "created_at": {"type": "string", "format": "date-time", "title": "Created At", "description": "Time the integration was created"}, "entity_type": {"$ref": "#/components/schemas/EntityType", "description": "Type of the integration"}, "id": {"type": "string", "title": "Id", "description": "ID of the integration"}, "blocklists": {"items": {"$ref": "#/components/schemas/BlocklistSubscription"}, "type": "array", "title": "Blocklists", "default": []}, "allowlists": {"items": {"$ref": "#/components/schemas/AllowlistSubscription"}, "type": "array", "title": "Allowlists", "default": []}, "cves": {"items": {"$ref": "#/components/schemas/CVEsubscription"}, "type": "array", "title": "Cves", "default": []}, "fingerprints": {"items": {"$ref": "#/components/schemas/FingerprintSubscription"}, "type": "array", "title": "Fingerprints", "default": []}, "name": {"type": "string", "title": "Name", "description": "Name of the integration"}, "updated_at": {"type": "string", "format": "date-time", "title": "Updated At", "description": "Last time the integration was updated"}, "description": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Description", "description": "Description of the integration"}, "output_format": {"$ref": "#/components/schemas/OutputFormat", "description": "Output format of the integration"}, "last_pull": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Pull", "description": "Last time the integration pulled blocklists"}, "pull_limit": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Pull Limit", "description": "Maximum number of items to pull"}, "enable_ip_aggregation": {"type": "boolean", "title": "Enable Ip Aggregation", "description": "Whether to enable IP aggregation into ranges", "default": false}}, "type": "object", "required": ["organization_id", "entity_type", "name", "output_format"], "title": "IntegrationResponse"}, "IntervalOptions": {"type": "string", "enum": ["hour", "day", "week"], "title": "IntervalOptions"}, "Location": {"properties": {"country": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Country", "description": "Country code"}, "city": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "City", "description": "City name"}, "latitude": {"anyOf": [{"type": "number"}, {"type": "null"}], "title": "Latitude", "description": "Latitude coordinate"}, "longitude": {"anyOf": [{"type": "number"}, {"type": "null"}], "title": "Longitude", "description": "Longitude coordinate"}}, "type": "object", "title": "Location"}, "LookupImpactCVEItem": {"properties": {"id": {"type": "string", "title": "Id", "description": "ID of the CVE"}, "name": {"type": "string", "title": "Name", "description": "Name of the CVE"}, "title": {"type": "string", "title": "Title", "description": "Title of the CVE"}, "affected_components": {"items": {"$ref": "#/components/schemas/AffectedComponent"}, "type": "array", "title": "Affected Components", "description": "List of affected components"}, "crowdsec_score": {"type": "integer", "maximum": 10.0, "minimum": 0.0, "title": "Crowdsec Score", "description": "Live Exploit Tracker score of the CVE"}, "opportunity_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Opportunity Score", "description": "Opportunity score indicating if it's an opportunistic(0) or targeted(5) attack (between 0-5)", "default": 0}, "momentum_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Momentum Score", "description": "Momentum score indicating the vulnerability's trendiness based on signal comparison with the previous month. Higher scores (4-5) indicate significantly more signals this month than last month's average, while lower scores (0-1) indicate declining activity (between 0-5)", "default": 0}, "first_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "First Seen", "description": "First seen date"}, "last_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Seen", "description": "Last seen date"}, "nb_ips": {"type": "integer", "minimum": 0.0, "title": "Nb Ips", "description": "Number of unique IPs affected"}, "published_date": {"type": "string", "format": "date-time", "title": "Published Date", "description": "Published date of the CVE"}, "cvss_score": {"anyOf": [{"type": "number", "maximum": 10.0, "minimum": 0.0}, {"type": "null"}], "title": "Cvss Score", "description": "CVSS score of the CVE"}, "has_public_exploit": {"type": "boolean", "title": "Has Public Exploit", "description": "Indicates if there is a public exploit for the CVE"}, "rule_release_date": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Rule Release Date", "description": "Release date of the associated detection rule"}, "exploitation_phase": {"$ref": "#/components/schemas/ExploitationPhase", "description": "Current exploitation phase of the CVE"}, "adjustment_score": {"anyOf": [{"$ref": "#/components/schemas/AdjustmentScore"}, {"type": "null"}], "description": "Score adjustments applied to the CVE score based on various factors"}, "hype_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Hype Score", "description": "Hype score (raw momentum component)", "default": 0}, "tags": {"items": {"type": "string"}, "type": "array", "title": "Tags", "description": "Tags associated with the CVE"}, "references": {"items": {"type": "string"}, "type": "array", "title": "References", "description": "List of references for the CVE"}, "description": {"type": "string", "title": "Description", "description": "Description of the CVE"}, "crowdsec_analysis": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Crowdsec Analysis", "description": "CrowdSec analysis of the CVE"}, "cwes": {"items": {"$ref": "#/components/schemas/CWE"}, "type": "array", "title": "Cwes", "description": "List of CWEs associated with the CVE"}, "events": {"items": {"$ref": "#/components/schemas/CVEEventOutput"}, "type": "array", "title": "Events", "description": "List of events related to the CVE"}, "type": {"type": "string", "const": "cve", "title": "Type", "description": "Resource type", "default": "cve"}}, "type": "object", "required": ["id", "name", "title", "affected_components", "crowdsec_score", "nb_ips", "published_date", "has_public_exploit", "exploitation_phase", "references", "description", "crowdsec_analysis", "cwes"], "title": "LookupImpactCVEItem"}, "LookupImpactFingerprintItem": {"properties": {"id": {"type": "string", "title": "Id", "description": "Fingerprint rule identifier"}, "name": {"type": "string", "title": "Name", "description": "Fingerprint rule name"}, "title": {"type": "string", "title": "Title", "description": "Fingerprint rule title"}, "affected_components": {"items": {"$ref": "#/components/schemas/AffectedComponent"}, "type": "array", "title": "Affected Components", "description": "List of affected components"}, "crowdsec_score": {"type": "integer", "maximum": 10.0, "minimum": 0.0, "title": "Crowdsec Score", "description": "Live Exploit Tracker score for the fingerprint rule"}, "opportunity_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Opportunity Score", "description": "Opportunity score", "default": 0}, "momentum_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Momentum Score", "description": "Momentum score", "default": 0}, "first_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "First Seen", "description": "First seen date"}, "last_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Seen", "description": "Last seen date"}, "nb_ips": {"type": "integer", "minimum": 0.0, "title": "Nb Ips", "description": "Number of unique IPs observed"}, "rule_release_date": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Rule Release Date", "description": "Release date of the fingerprint rule"}, "exploitation_phase": {"$ref": "#/components/schemas/ExploitationPhase", "description": "Current exploitation phase"}, "adjustment_score": {"anyOf": [{"$ref": "#/components/schemas/AdjustmentScore"}, {"type": "null"}], "description": "Score adjustment details"}, "hype_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Hype Score", "description": "Hype score (raw momentum component)", "default": 0}, "tags": {"items": {"type": "string"}, "type": "array", "title": "Tags", "description": "Tags associated with the fingerprint rule"}, "description": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Description", "description": "Fingerprint rule description"}, "references": {"items": {"type": "string"}, "type": "array", "title": "References", "description": "Reference links for the fingerprint rule"}, "crowdsec_analysis": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Crowdsec Analysis", "description": "CrowdSec analysis for this fingerprint rule"}, "events": {"items": {"$ref": "#/components/schemas/FingerprintEventOutput"}, "type": "array", "title": "Events", "description": "List of events related to the fingerprint rule"}, "type": {"type": "string", "const": "fingerprint", "title": "Type", "description": "Resource type", "default": "fingerprint"}}, "type": "object", "required": ["id", "name", "title", "affected_components", "crowdsec_score", "nb_ips", "exploitation_phase"], "title": "LookupImpactFingerprintItem"}, "LookupImpactResponsePage": {"properties": {"items": {"items": {"oneOf": [{"$ref": "#/components/schemas/LookupImpactCVEItem"}, {"$ref": "#/components/schemas/LookupImpactFingerprintItem"}], "discriminator": {"propertyName": "type", "mapping": {"cve": "#/components/schemas/LookupImpactCVEItem", "fingerprint": "#/components/schemas/LookupImpactFingerprintItem"}}}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "LookupImpactResponsePage"}, "LookupListItemWithStats": {"properties": {"value": {"type": "string", "title": "Value", "description": "Lookup entry value"}, "nb_cves": {"type": "integer", "minimum": 0.0, "title": "Nb Cves", "description": "Number of CVEs", "default": 0}, "nb_fingerprints": {"type": "integer", "minimum": 0.0, "title": "Nb Fingerprints", "description": "Number of fingerprint rules", "default": 0}, "nb_ips_cves": {"type": "integer", "minimum": 0.0, "title": "Nb Ips Cves", "description": "Number of IPs across CVEs", "default": 0}, "nb_ips_fingerprints": {"type": "integer", "minimum": 0.0, "title": "Nb Ips Fingerprints", "description": "Number of IPs across fingerprint rules", "default": 0}}, "type": "object", "required": ["value"], "title": "LookupListItemWithStats"}, "LookupListWithStatsResponsePage": {"properties": {"items": {"items": {"$ref": "#/components/schemas/LookupListItemWithStats"}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "LookupListWithStatsResponsePage"}, "MitreTechnique": {"properties": {"name": {"type": "string", "title": "Name", "description": "MITRE technique ID"}, "label": {"type": "string", "title": "Label", "description": "MITRE technique label"}, "description": {"type": "string", "title": "Description", "description": "MITRE technique description"}}, "type": "object", "required": ["name", "label", "description"], "title": "MitreTechnique"}, "Reference": {"properties": {"name": {"type": "string", "title": "Name", "description": "Reference name"}, "label": {"type": "string", "title": "Label", "description": "Reference label"}, "description": {"type": "string", "title": "Description", "description": "Reference description"}}, "type": "object", "required": ["name", "label", "description"], "title": "Reference"}, "ScoreBreakdown": {"properties": {"aggressiveness": {"type": "integer", "title": "Aggressiveness", "description": "Aggressiveness score"}, "threat": {"type": "integer", "title": "Threat", "description": "Threat score"}, "trust": {"type": "integer", "title": "Trust", "description": "Trust score"}, "anomaly": {"type": "integer", "title": "Anomaly", "description": "Anomaly score"}, "total": {"type": "integer", "title": "Total", "description": "Total score"}}, "type": "object", "required": ["aggressiveness", "threat", "trust", "anomaly", "total"], "title": "ScoreBreakdown"}, "Scores": {"properties": {"overall": {"$ref": "#/components/schemas/ScoreBreakdown", "description": "Overall scores"}, "last_day": {"$ref": "#/components/schemas/ScoreBreakdown", "description": "Last day scores"}, "last_week": {"$ref": "#/components/schemas/ScoreBreakdown", "description": "Last week scores"}, "last_month": {"$ref": "#/components/schemas/ScoreBreakdown", "description": "Last month scores"}}, "type": "object", "required": ["overall", "last_day", "last_week", "last_month"], "title": "Scores"}, "SinceOptions": {"type": "integer", "enum": [1, 7, 30], "title": "SinceOptions"}, "SubscribeCVEIntegrationRequest": {"properties": {"name": {"type": "string", "title": "Name", "description": "Name of the integration to subscribe"}}, "additionalProperties": false, "type": "object", "required": ["name"], "title": "SubscribeCVEIntegrationRequest"}, "SubscribeFingerprintIntegrationRequest": {"properties": {"name": {"type": "string", "title": "Name", "description": "Name of the integration to subscribe"}}, "additionalProperties": false, "type": "object", "required": ["name"], "title": "SubscribeFingerprintIntegrationRequest"}, "TimelineItem": {"properties": {"timestamp": {"type": "string", "format": "date-time", "title": "Timestamp", "description": "Timestamp of the timeline event"}, "count": {"type": "integer", "title": "Count", "description": "Count of occurrences at the timestamp"}}, "type": "object", "required": ["timestamp", "count"], "title": "TimelineItem"}, "TopProductItem": {"properties": {"value": {"type": "string", "title": "Value", "description": "Product name"}, "nb_ips_cves": {"type": "integer", "minimum": 0.0, "title": "Nb Ips Cves", "description": "Number of IPs across CVEs", "default": 0}, "nb_ips_fingerprints": {"type": "integer", "minimum": 0.0, "title": "Nb Ips Fingerprints", "description": "Number of IPs across fingerprint rules", "default": 0}}, "type": "object", "required": ["value"], "title": "TopProductItem"}, "VendorStatsResponse": {"properties": {"value": {"type": "string", "title": "Value", "description": "Vendor name"}, "nb_cves": {"type": "integer", "minimum": 0.0, "title": "Nb Cves", "description": "Number of CVEs", "default": 0}, "nb_fingerprints": {"type": "integer", "minimum": 0.0, "title": "Nb Fingerprints", "description": "Number of fingerprint rules", "default": 0}, "nb_ips_cves": {"type": "integer", "minimum": 0.0, "title": "Nb Ips Cves", "description": "Number of IPs across CVEs", "default": 0}, "nb_ips_fingerprints": {"type": "integer", "minimum": 0.0, "title": "Nb Ips Fingerprints", "description": "Number of IPs across fingerprint rules", "default": 0}, "top_products": {"items": {"$ref": "#/components/schemas/TopProductItem"}, "type": "array", "title": "Top Products", "description": "Top products for this vendor sorted by total IPs descending"}}, "type": "object", "required": ["value"], "title": "VendorStatsResponse"}}, "securitySchemes": {"ApiKeyAuth": {"type": "apiKey", "in": "header", "name": "x-api-key", "description": "If integration key is provided, can also work to get integration content"}, "BasicAuth": {"type": "http", "scheme": "basic", "description": "Basic Auth for integration content endpoint only"}}}, "security": [{"ApiKeyAuth": []}, {"BasicAuth": []}], "servers": [{"url": "https://admin.api.crowdsec.net/v1", "description": "Production server"}]} \ No newline at end of file diff --git a/pyproject.toml b/pyproject.toml index f3f7494..96543b0 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta" [project] name = "crowdsec_tracker_api" -version = "1.108.1" +version = "1.116.0" license = { text = "MIT" } authors = [ { name="crowdsec", email="info@crowdsec.net" }