637 lines
23 KiB
Go
637 lines
23 KiB
Go
// Package cti provides primitives to interact with the openapi HTTP API.
|
|
//
|
|
// Code generated by github.com/deepmap/oapi-codegen/v2 version v2.1.0 DO NOT EDIT.
|
|
package cti
|
|
|
|
const (
|
|
Api_keyScopes = "api_key.Scopes"
|
|
)
|
|
|
|
// Defines values for CTIObjectBackgroundNoise.
|
|
const (
|
|
CTIObjectBackgroundNoiseHigh CTIObjectBackgroundNoise = "high"
|
|
CTIObjectBackgroundNoiseLow CTIObjectBackgroundNoise = "low"
|
|
CTIObjectBackgroundNoiseMedium CTIObjectBackgroundNoise = "medium"
|
|
CTIObjectBackgroundNoiseNone CTIObjectBackgroundNoise = "none"
|
|
)
|
|
|
|
// Defines values for CTIObjectIpRange24Reputation.
|
|
const (
|
|
CTIObjectIpRange24ReputationKnown CTIObjectIpRange24Reputation = "known"
|
|
CTIObjectIpRange24ReputationMalicious CTIObjectIpRange24Reputation = "malicious"
|
|
CTIObjectIpRange24ReputationSafe CTIObjectIpRange24Reputation = "safe"
|
|
CTIObjectIpRange24ReputationSuspicious CTIObjectIpRange24Reputation = "suspicious"
|
|
CTIObjectIpRange24ReputationUnknown CTIObjectIpRange24Reputation = "unknown"
|
|
)
|
|
|
|
// Defines values for CTIObjectIpRange24Score.
|
|
const (
|
|
CTIObjectIpRange24ScoreN0 CTIObjectIpRange24Score = 0
|
|
CTIObjectIpRange24ScoreN1 CTIObjectIpRange24Score = 1
|
|
CTIObjectIpRange24ScoreN2 CTIObjectIpRange24Score = 2
|
|
CTIObjectIpRange24ScoreN3 CTIObjectIpRange24Score = 3
|
|
CTIObjectIpRange24ScoreN4 CTIObjectIpRange24Score = 4
|
|
CTIObjectIpRange24ScoreN5 CTIObjectIpRange24Score = 5
|
|
)
|
|
|
|
// Defines values for CTIObjectIpRangeScore.
|
|
const (
|
|
CTIObjectIpRangeScoreN0 CTIObjectIpRangeScore = 0
|
|
CTIObjectIpRangeScoreN1 CTIObjectIpRangeScore = 1
|
|
CTIObjectIpRangeScoreN2 CTIObjectIpRangeScore = 2
|
|
CTIObjectIpRangeScoreN3 CTIObjectIpRangeScore = 3
|
|
CTIObjectIpRangeScoreN4 CTIObjectIpRangeScore = 4
|
|
CTIObjectIpRangeScoreN5 CTIObjectIpRangeScore = 5
|
|
)
|
|
|
|
// Defines values for CTIObjectReputation.
|
|
const (
|
|
CTIObjectReputationKnown CTIObjectReputation = "known"
|
|
CTIObjectReputationMalicious CTIObjectReputation = "malicious"
|
|
CTIObjectReputationSafe CTIObjectReputation = "safe"
|
|
CTIObjectReputationSuspicious CTIObjectReputation = "suspicious"
|
|
CTIObjectReputationUnknown CTIObjectReputation = "unknown"
|
|
)
|
|
|
|
// Defines values for FireIPCTIResponseBackgroundNoise.
|
|
const (
|
|
FireIPCTIResponseBackgroundNoiseHigh FireIPCTIResponseBackgroundNoise = "high"
|
|
FireIPCTIResponseBackgroundNoiseLow FireIPCTIResponseBackgroundNoise = "low"
|
|
FireIPCTIResponseBackgroundNoiseMedium FireIPCTIResponseBackgroundNoise = "medium"
|
|
FireIPCTIResponseBackgroundNoiseNone FireIPCTIResponseBackgroundNoise = "none"
|
|
)
|
|
|
|
// Defines values for FireIPCTIResponseIpRange24Reputation.
|
|
const (
|
|
FireIPCTIResponseIpRange24ReputationKnown FireIPCTIResponseIpRange24Reputation = "known"
|
|
FireIPCTIResponseIpRange24ReputationMalicious FireIPCTIResponseIpRange24Reputation = "malicious"
|
|
FireIPCTIResponseIpRange24ReputationSafe FireIPCTIResponseIpRange24Reputation = "safe"
|
|
FireIPCTIResponseIpRange24ReputationSuspicious FireIPCTIResponseIpRange24Reputation = "suspicious"
|
|
FireIPCTIResponseIpRange24ReputationUnknown FireIPCTIResponseIpRange24Reputation = "unknown"
|
|
)
|
|
|
|
// Defines values for FireIPCTIResponseIpRange24Score.
|
|
const (
|
|
FireIPCTIResponseIpRange24ScoreN0 FireIPCTIResponseIpRange24Score = 0
|
|
FireIPCTIResponseIpRange24ScoreN1 FireIPCTIResponseIpRange24Score = 1
|
|
FireIPCTIResponseIpRange24ScoreN2 FireIPCTIResponseIpRange24Score = 2
|
|
FireIPCTIResponseIpRange24ScoreN3 FireIPCTIResponseIpRange24Score = 3
|
|
FireIPCTIResponseIpRange24ScoreN4 FireIPCTIResponseIpRange24Score = 4
|
|
FireIPCTIResponseIpRange24ScoreN5 FireIPCTIResponseIpRange24Score = 5
|
|
)
|
|
|
|
// Defines values for FireIPCTIResponseIpRangeScore.
|
|
const (
|
|
FireIPCTIResponseIpRangeScoreN0 FireIPCTIResponseIpRangeScore = 0
|
|
FireIPCTIResponseIpRangeScoreN1 FireIPCTIResponseIpRangeScore = 1
|
|
FireIPCTIResponseIpRangeScoreN2 FireIPCTIResponseIpRangeScore = 2
|
|
FireIPCTIResponseIpRangeScoreN3 FireIPCTIResponseIpRangeScore = 3
|
|
FireIPCTIResponseIpRangeScoreN4 FireIPCTIResponseIpRangeScore = 4
|
|
FireIPCTIResponseIpRangeScoreN5 FireIPCTIResponseIpRangeScore = 5
|
|
)
|
|
|
|
// Defines values for FireIPCTIResponseReputation.
|
|
const (
|
|
FireIPCTIResponseReputationKnown FireIPCTIResponseReputation = "known"
|
|
FireIPCTIResponseReputationMalicious FireIPCTIResponseReputation = "malicious"
|
|
FireIPCTIResponseReputationSafe FireIPCTIResponseReputation = "safe"
|
|
FireIPCTIResponseReputationSuspicious FireIPCTIResponseReputation = "suspicious"
|
|
FireIPCTIResponseReputationUnknown FireIPCTIResponseReputation = "unknown"
|
|
)
|
|
|
|
// Defines values for FireIPCTIResponseState.
|
|
const (
|
|
Refused FireIPCTIResponseState = "refused"
|
|
Validated FireIPCTIResponseState = "validated"
|
|
)
|
|
|
|
// CTIObject defines model for CTIObject.
|
|
type CTIObject struct {
|
|
// AsName The autonomous system name to which the IP belongs
|
|
AsName *string `json:"as_name"`
|
|
|
|
// AsNum The autonomous system number to which the IP belongs
|
|
AsNum *float32 `json:"as_num"`
|
|
|
|
// AttackDetails A more exhaustive list of the scenarios for which a given IP was reported
|
|
AttackDetails []struct {
|
|
// Description Human-friendly descriptions of scenarios
|
|
Description *string `json:"description,omitempty"`
|
|
|
|
// Label Human-friendly descriptions of scenarios
|
|
Label *string `json:"label,omitempty"`
|
|
|
|
// Name Name of the scenario (see hub.crowdsec.net)
|
|
Name *string `json:"name,omitempty"`
|
|
References *[]string `json:"references,omitempty"`
|
|
} `json:"attack_details"`
|
|
|
|
// BackgroundNoise The background noise level of the IP address
|
|
BackgroundNoise *CTIObjectBackgroundNoise `json:"background_noise"`
|
|
|
|
// BackgroundNoiseScore The background noise score of the IP ranging from 0 to 10 (highly noisy)
|
|
BackgroundNoiseScore *float32 `json:"background_noise_score"`
|
|
|
|
// Behaviors A list of the attack categories for which the IP was reported
|
|
Behaviors []struct {
|
|
// Description Human-friendly description of the category
|
|
Description *string `json:"description,omitempty"`
|
|
|
|
// Label Human-friendly description of the category
|
|
Label *string `json:"label,omitempty"`
|
|
|
|
// Name The category of the attack, often in the form "protocol-or-scope:attack_type"
|
|
Name *string `json:"name,omitempty"`
|
|
} `json:"behaviors"`
|
|
Classifications struct {
|
|
// Classifications A list of categories associated with the IP. Those data can be sourced from 3rd parties (i.e. tor exit nodes list)
|
|
Classifications *[]struct {
|
|
// Description Human-friendly description of the category
|
|
Description *string `json:"description,omitempty"`
|
|
|
|
// Label Human-friendly name of the category
|
|
Label *string `json:"label,omitempty"`
|
|
|
|
// Name The name of the category, often in the form "protocol-or-scope:attack_type"
|
|
Name *string `json:"name,omitempty"`
|
|
} `json:"classifications,omitempty"`
|
|
|
|
// FalsePositives A list of false positives tags associated with the IP. Any IP with `false_positives` tags shouldn't be considered as malicious
|
|
FalsePositives *[]struct {
|
|
// Description Human-friendly description of the category
|
|
Description *string `json:"description,omitempty"`
|
|
|
|
// Label Human-friendly name of the category
|
|
Label *string `json:"label,omitempty"`
|
|
|
|
// Name The name of the false positive, often in the form "protocol-or-scope:attack_type"
|
|
Name *string `json:"name,omitempty"`
|
|
} `json:"false_positives,omitempty"`
|
|
} `json:"classifications"`
|
|
|
|
// Cves A list of CVEs reported for this IP.
|
|
Cves []string `json:"cves"`
|
|
History struct {
|
|
// DaysAge Delta in days between first and last seen timestamps
|
|
DaysAge *float32 `json:"days_age,omitempty"`
|
|
|
|
// FirstSeen Date of the first time this IP was reported. Due to "progressive data degradation", this date might be later than the first time the IP was actually seen
|
|
FirstSeen *string `json:"first_seen,omitempty"`
|
|
|
|
// FullAge Delta in days between first seen and today
|
|
FullAge *float32 `json:"full_age,omitempty"`
|
|
|
|
// LastSeen Date of the last time this IP was reported
|
|
LastSeen *string `json:"last_seen,omitempty"`
|
|
} `json:"history"`
|
|
|
|
// Ip Requested IP
|
|
Ip string `json:"ip"`
|
|
|
|
// IpRange The range to which the IP belongs
|
|
IpRange *string `json:"ip_range"`
|
|
|
|
// IpRange24 The /24 range to which the IP belongs
|
|
IpRange24 *string `json:"ip_range_24"`
|
|
|
|
// IpRange24Reputation The /24 range to which the IP belongs
|
|
IpRange24Reputation *CTIObjectIpRange24Reputation `json:"ip_range_24_reputation"`
|
|
|
|
// IpRange24Score The score of the /24 range (ip_range_24) the IP belongs to. 0 is good/unknown, 5 is worse
|
|
IpRange24Score *CTIObjectIpRange24Score `json:"ip_range_24_score"`
|
|
|
|
// IpRangeScore The score of the range (ip_range) the IP belongs to. 0 is good/unknown, 5 is worse
|
|
IpRangeScore CTIObjectIpRangeScore `json:"ip_range_score"`
|
|
|
|
// Location Location information about the IP address
|
|
Location struct {
|
|
// City The associated City of the IP
|
|
City *string `json:"city"`
|
|
|
|
// Country The two letters country code of the IP
|
|
Country *string `json:"country"`
|
|
|
|
// Latitude Coordinates of the IP
|
|
Latitude *float32 `json:"latitude"`
|
|
|
|
// Longitude Coordinates of the IP
|
|
Longitude *float32 `json:"longitude"`
|
|
} `json:"location"`
|
|
|
|
// MitreTechniques A list of Mitre Enterprise Techniques associated with the IP.
|
|
MitreTechniques []struct {
|
|
// Description Description of the Mitre technique
|
|
Description *string `json:"description,omitempty"`
|
|
|
|
// Label The name of the Mitre technique
|
|
Label *string `json:"label,omitempty"`
|
|
|
|
// Name The ID of the Mitre technique"
|
|
Name *string `json:"name,omitempty"`
|
|
} `json:"mitre_techniques"`
|
|
|
|
// References A list of the references for which the IP was see
|
|
References []struct {
|
|
// Description Human-friendly description of the reference
|
|
Description *string `json:"description,omitempty"`
|
|
|
|
// Label Human-friendly description of the reference
|
|
Label *string `json:"label,omitempty"`
|
|
|
|
// Name The reference, often in the form "list:list_name"
|
|
Name *string `json:"name,omitempty"`
|
|
} `json:"references"`
|
|
|
|
// Reputation The reputation of the IP address
|
|
Reputation CTIObjectReputation `json:"reputation"`
|
|
|
|
// ReverseDns Reverse dns lookup of the IP
|
|
ReverseDns *string `json:"reverse_dns"`
|
|
Scores struct {
|
|
LastDay *struct {
|
|
// Aggressiveness Last day aggressiveness score
|
|
Aggressiveness *float32 `json:"aggressiveness,omitempty"`
|
|
|
|
// Anomaly Last day anomaly score
|
|
Anomaly *float32 `json:"anomaly,omitempty"`
|
|
|
|
// Threat Last day threat score
|
|
Threat *float32 `json:"threat,omitempty"`
|
|
|
|
// Total Last day score
|
|
Total *float32 `json:"total,omitempty"`
|
|
|
|
// Trust Last day trust score
|
|
Trust *float32 `json:"trust,omitempty"`
|
|
} `json:"last_day,omitempty"`
|
|
LastMonth *struct {
|
|
// Aggressiveness Last month aggressiveness score
|
|
Aggressiveness *float32 `json:"aggressiveness,omitempty"`
|
|
|
|
// Anomaly Last month anomaly score
|
|
Anomaly *float32 `json:"anomaly,omitempty"`
|
|
|
|
// Threat Last month threat score
|
|
Threat *float32 `json:"threat,omitempty"`
|
|
|
|
// Total Last month score
|
|
Total *float32 `json:"total,omitempty"`
|
|
|
|
// Trust Last month trust score
|
|
Trust *float32 `json:"trust,omitempty"`
|
|
} `json:"last_month,omitempty"`
|
|
LastWeek *struct {
|
|
// Aggressiveness Last week aggressiveness score
|
|
Aggressiveness *float32 `json:"aggressiveness,omitempty"`
|
|
|
|
// Anomaly Last week anomaly score
|
|
Anomaly *float32 `json:"anomaly,omitempty"`
|
|
|
|
// Threat Last week threat score
|
|
Threat *float32 `json:"threat,omitempty"`
|
|
|
|
// Total Last week score
|
|
Total *float32 `json:"total,omitempty"`
|
|
|
|
// Trust Last week trust score
|
|
Trust *float32 `json:"trust,omitempty"`
|
|
} `json:"last_week,omitempty"`
|
|
Overall *struct {
|
|
// Aggressiveness Overall aggressiveness score
|
|
Aggressiveness *float32 `json:"aggressiveness,omitempty"`
|
|
|
|
// Anomaly Overall anomaly score
|
|
Anomaly *float32 `json:"anomaly,omitempty"`
|
|
|
|
// Threat Overall threat score
|
|
Threat *float32 `json:"threat,omitempty"`
|
|
|
|
// Total Overall score
|
|
Total *float32 `json:"total,omitempty"`
|
|
|
|
// Trust Overall trust score
|
|
Trust *float32 `json:"trust,omitempty"`
|
|
} `json:"overall,omitempty"`
|
|
} `json:"scores"`
|
|
|
|
// TargetCountries The top 10 reports repartition by country about the IP, as a percentage
|
|
TargetCountries map[string]interface{} `json:"target_countries"`
|
|
}
|
|
|
|
// CTIObjectBackgroundNoise The background noise level of the IP address
|
|
type CTIObjectBackgroundNoise string
|
|
|
|
// CTIObjectIpRange24Reputation The /24 range to which the IP belongs
|
|
type CTIObjectIpRange24Reputation string
|
|
|
|
// CTIObjectIpRange24Score The score of the /24 range (ip_range_24) the IP belongs to. 0 is good/unknown, 5 is worse
|
|
type CTIObjectIpRange24Score float32
|
|
|
|
// CTIObjectIpRangeScore The score of the range (ip_range) the IP belongs to. 0 is good/unknown, 5 is worse
|
|
type CTIObjectIpRangeScore float32
|
|
|
|
// CTIObjectReputation The reputation of the IP address
|
|
type CTIObjectReputation string
|
|
|
|
// ErrorResponse Error response return by the API
|
|
type ErrorResponse struct {
|
|
// Errors More details on individual errors
|
|
Errors *string `json:"errors,omitempty"`
|
|
|
|
// Message Error message
|
|
Message string `json:"message"`
|
|
}
|
|
|
|
// FireCTIResponse defines model for FireCTIResponse.
|
|
type FireCTIResponse struct {
|
|
Links struct {
|
|
// First Url of the first page of result set
|
|
First struct {
|
|
Href *string `json:"href"`
|
|
} `json:"first"`
|
|
|
|
// Next Url of the next page of result set
|
|
Next struct {
|
|
Href string `json:"href"`
|
|
} `json:"next"`
|
|
|
|
// Prev Url of the previous page of result set
|
|
Prev *struct {
|
|
Href string `json:"href"`
|
|
} `json:"prev,omitempty"`
|
|
|
|
// Self Url of the current result set
|
|
Self struct {
|
|
Href string `json:"href"`
|
|
} `json:"self"`
|
|
} `json:"_links"`
|
|
Items []FireIPCTIResponse `json:"items"`
|
|
}
|
|
|
|
// FireIPCTIResponse defines model for FireIPCTIResponse.
|
|
type FireIPCTIResponse struct {
|
|
// AsName The autonomous system name to which the IP belongs
|
|
AsName *string `json:"as_name"`
|
|
|
|
// AsNum The autonomous system number to which the IP belongs
|
|
AsNum *float32 `json:"as_num"`
|
|
|
|
// AttackDetails A more exhaustive list of the scenarios for which a given IP was reported
|
|
AttackDetails []struct {
|
|
// Description Human-friendly descriptions of scenarios
|
|
Description *string `json:"description,omitempty"`
|
|
|
|
// Label Human-friendly descriptions of scenarios
|
|
Label *string `json:"label,omitempty"`
|
|
|
|
// Name Name of the scenario (see hub.crowdsec.net)
|
|
Name *string `json:"name,omitempty"`
|
|
References *[]string `json:"references,omitempty"`
|
|
} `json:"attack_details"`
|
|
|
|
// BackgroundNoise The background noise level of the IP address
|
|
BackgroundNoise *FireIPCTIResponseBackgroundNoise `json:"background_noise"`
|
|
|
|
// BackgroundNoiseScore The background noise score of the IP ranging from 0 to 10 (highly noisy)
|
|
BackgroundNoiseScore *float32 `json:"background_noise_score"`
|
|
|
|
// Behaviors A list of the attack categories for which the IP was reported
|
|
Behaviors []struct {
|
|
// Description Human-friendly description of the category
|
|
Description *string `json:"description,omitempty"`
|
|
|
|
// Label Human-friendly description of the category
|
|
Label *string `json:"label,omitempty"`
|
|
|
|
// Name The category of the attack, often in the form "protocol-or-scope:attack_type"
|
|
Name *string `json:"name,omitempty"`
|
|
} `json:"behaviors"`
|
|
Classifications struct {
|
|
// Classifications A list of categories associated with the IP. Those data can be sourced from 3rd parties (i.e. tor exit nodes list)
|
|
Classifications *[]struct {
|
|
// Description Human-friendly description of the category
|
|
Description *string `json:"description,omitempty"`
|
|
|
|
// Label Human-friendly name of the category
|
|
Label *string `json:"label,omitempty"`
|
|
|
|
// Name The name of the category, often in the form "protocol-or-scope:attack_type"
|
|
Name *string `json:"name,omitempty"`
|
|
} `json:"classifications,omitempty"`
|
|
|
|
// FalsePositives A list of false positives tags associated with the IP. Any IP with `false_positives` tags shouldn't be considered as malicious
|
|
FalsePositives *[]struct {
|
|
// Description Human-friendly description of the category
|
|
Description *string `json:"description,omitempty"`
|
|
|
|
// Label Human-friendly name of the category
|
|
Label *string `json:"label,omitempty"`
|
|
|
|
// Name The name of the false positive, often in the form "protocol-or-scope:attack_type"
|
|
Name *string `json:"name,omitempty"`
|
|
} `json:"false_positives,omitempty"`
|
|
} `json:"classifications"`
|
|
|
|
// Cves A list of CVEs reported for this IP.
|
|
Cves []string `json:"cves"`
|
|
|
|
// Expiration Date at which the IP address expire from the community blocklist
|
|
Expiration *string `json:"expiration,omitempty"`
|
|
History struct {
|
|
// DaysAge Delta in days between first and last seen timestamps
|
|
DaysAge *float32 `json:"days_age,omitempty"`
|
|
|
|
// FirstSeen Date of the first time this IP was reported. Due to "progressive data degradation", this date might be later than the first time the IP was actually seen
|
|
FirstSeen *string `json:"first_seen,omitempty"`
|
|
|
|
// FullAge Delta in days between first seen and today
|
|
FullAge *float32 `json:"full_age,omitempty"`
|
|
|
|
// LastSeen Date of the last time this IP was reported
|
|
LastSeen *string `json:"last_seen,omitempty"`
|
|
} `json:"history"`
|
|
|
|
// Ip Requested IP
|
|
Ip string `json:"ip"`
|
|
|
|
// IpRange The range to which the IP belongs
|
|
IpRange *string `json:"ip_range"`
|
|
|
|
// IpRange24 The /24 range to which the IP belongs
|
|
IpRange24 *string `json:"ip_range_24"`
|
|
|
|
// IpRange24Reputation The /24 range to which the IP belongs
|
|
IpRange24Reputation *FireIPCTIResponseIpRange24Reputation `json:"ip_range_24_reputation"`
|
|
|
|
// IpRange24Score The score of the /24 range (ip_range_24) the IP belongs to. 0 is good/unknown, 5 is worse
|
|
IpRange24Score *FireIPCTIResponseIpRange24Score `json:"ip_range_24_score"`
|
|
|
|
// IpRangeScore The score of the range (ip_range) the IP belongs to. 0 is good/unknown, 5 is worse
|
|
IpRangeScore FireIPCTIResponseIpRangeScore `json:"ip_range_score"`
|
|
|
|
// Location Location information about the IP address
|
|
Location struct {
|
|
// City The associated City of the IP
|
|
City *string `json:"city"`
|
|
|
|
// Country The two letters country code of the IP
|
|
Country *string `json:"country"`
|
|
|
|
// Latitude Coordinates of the IP
|
|
Latitude *float32 `json:"latitude"`
|
|
|
|
// Longitude Coordinates of the IP
|
|
Longitude *float32 `json:"longitude"`
|
|
} `json:"location"`
|
|
|
|
// MitreTechniques A list of Mitre Enterprise Techniques associated with the IP.
|
|
MitreTechniques []struct {
|
|
// Description Description of the Mitre technique
|
|
Description *string `json:"description,omitempty"`
|
|
|
|
// Label The name of the Mitre technique
|
|
Label *string `json:"label,omitempty"`
|
|
|
|
// Name The ID of the Mitre technique"
|
|
Name *string `json:"name,omitempty"`
|
|
} `json:"mitre_techniques"`
|
|
|
|
// References A list of the references for which the IP was see
|
|
References []struct {
|
|
// Description Human-friendly description of the reference
|
|
Description *string `json:"description,omitempty"`
|
|
|
|
// Label Human-friendly description of the reference
|
|
Label *string `json:"label,omitempty"`
|
|
|
|
// Name The reference, often in the form "list:list_name"
|
|
Name *string `json:"name,omitempty"`
|
|
} `json:"references"`
|
|
|
|
// Reputation The reputation of the IP address
|
|
Reputation FireIPCTIResponseReputation `json:"reputation"`
|
|
|
|
// ReverseDns Reverse dns lookup of the IP
|
|
ReverseDns *string `json:"reverse_dns"`
|
|
Scores struct {
|
|
LastDay *struct {
|
|
// Aggressiveness Last day aggressiveness score
|
|
Aggressiveness *float32 `json:"aggressiveness,omitempty"`
|
|
|
|
// Anomaly Last day anomaly score
|
|
Anomaly *float32 `json:"anomaly,omitempty"`
|
|
|
|
// Threat Last day threat score
|
|
Threat *float32 `json:"threat,omitempty"`
|
|
|
|
// Total Last day score
|
|
Total *float32 `json:"total,omitempty"`
|
|
|
|
// Trust Last day trust score
|
|
Trust *float32 `json:"trust,omitempty"`
|
|
} `json:"last_day,omitempty"`
|
|
LastMonth *struct {
|
|
// Aggressiveness Last month aggressiveness score
|
|
Aggressiveness *float32 `json:"aggressiveness,omitempty"`
|
|
|
|
// Anomaly Last month anomaly score
|
|
Anomaly *float32 `json:"anomaly,omitempty"`
|
|
|
|
// Threat Last month threat score
|
|
Threat *float32 `json:"threat,omitempty"`
|
|
|
|
// Total Last month score
|
|
Total *float32 `json:"total,omitempty"`
|
|
|
|
// Trust Last month trust score
|
|
Trust *float32 `json:"trust,omitempty"`
|
|
} `json:"last_month,omitempty"`
|
|
LastWeek *struct {
|
|
// Aggressiveness Last week aggressiveness score
|
|
Aggressiveness *float32 `json:"aggressiveness,omitempty"`
|
|
|
|
// Anomaly Last week anomaly score
|
|
Anomaly *float32 `json:"anomaly,omitempty"`
|
|
|
|
// Threat Last week threat score
|
|
Threat *float32 `json:"threat,omitempty"`
|
|
|
|
// Total Last week score
|
|
Total *float32 `json:"total,omitempty"`
|
|
|
|
// Trust Last week trust score
|
|
Trust *float32 `json:"trust,omitempty"`
|
|
} `json:"last_week,omitempty"`
|
|
Overall *struct {
|
|
// Aggressiveness Overall aggressiveness score
|
|
Aggressiveness *float32 `json:"aggressiveness,omitempty"`
|
|
|
|
// Anomaly Overall anomaly score
|
|
Anomaly *float32 `json:"anomaly,omitempty"`
|
|
|
|
// Threat Overall threat score
|
|
Threat *float32 `json:"threat,omitempty"`
|
|
|
|
// Total Overall score
|
|
Total *float32 `json:"total,omitempty"`
|
|
|
|
// Trust Overall trust score
|
|
Trust *float32 `json:"trust,omitempty"`
|
|
} `json:"overall,omitempty"`
|
|
} `json:"scores"`
|
|
|
|
// State state of the IP in the community blocklist: validated means IP is currently part of community blocklist, refused means it was part of the community blocklist, but was manually purged (ie. false positive)
|
|
State *FireIPCTIResponseState `json:"state,omitempty"`
|
|
|
|
// TargetCountries The top 10 reports repartition by country about the IP, as a percentage
|
|
TargetCountries map[string]interface{} `json:"target_countries"`
|
|
}
|
|
|
|
// FireIPCTIResponseBackgroundNoise The background noise level of the IP address
|
|
type FireIPCTIResponseBackgroundNoise string
|
|
|
|
// FireIPCTIResponseIpRange24Reputation The /24 range to which the IP belongs
|
|
type FireIPCTIResponseIpRange24Reputation string
|
|
|
|
// FireIPCTIResponseIpRange24Score The score of the /24 range (ip_range_24) the IP belongs to. 0 is good/unknown, 5 is worse
|
|
type FireIPCTIResponseIpRange24Score float32
|
|
|
|
// FireIPCTIResponseIpRangeScore The score of the range (ip_range) the IP belongs to. 0 is good/unknown, 5 is worse
|
|
type FireIPCTIResponseIpRangeScore float32
|
|
|
|
// FireIPCTIResponseReputation The reputation of the IP address
|
|
type FireIPCTIResponseReputation string
|
|
|
|
// FireIPCTIResponseState state of the IP in the community blocklist: validated means IP is currently part of community blocklist, refused means it was part of the community blocklist, but was manually purged (ie. false positive)
|
|
type FireIPCTIResponseState string
|
|
|
|
// QueryCTIResponse defines model for QueryCTIResponse.
|
|
type QueryCTIResponse = CTIObject
|
|
|
|
// SearchCTIResponse defines model for SearchCTIResponse.
|
|
type SearchCTIResponse struct {
|
|
Items []CTIObject `json:"items"`
|
|
NotFound float32 `json:"not_found"`
|
|
|
|
// Total IP of the request
|
|
Total float32 `json:"total"`
|
|
}
|
|
|
|
// GetFireParams defines parameters for GetFire.
|
|
type GetFireParams struct {
|
|
// Page The page to fetch
|
|
Page *float32 `form:"page,omitempty" json:"page,omitempty"`
|
|
|
|
// Limit The number of items to fetch
|
|
Limit *float32 `form:"limit,omitempty" json:"limit,omitempty"`
|
|
|
|
// Since Filter records updated since - duration in h (hours), d(days), m(minutes) )
|
|
Since *string `form:"since,omitempty" json:"since,omitempty"`
|
|
}
|
|
|
|
// GetSmokeParams defines parameters for GetSmoke.
|
|
type GetSmokeParams struct {
|
|
// Ips List of IPs to query, separated by comma
|
|
Ips string `form:"ips" json:"ips"`
|
|
}
|