Class: Falcon::RealTimeResponseApi

Inherits:

Object

Object
Falcon::RealTimeResponseApi

show all

Defined in:: lib/crimson-falcon/api/real_time_response_api.rb

Instance Attribute Summary collapse

#api_client ⇒ Object

Returns the value of attribute api_client.

Instance Method Summary collapse

#batch_active_responder_cmd(body, opts = {}) ⇒ DomainMultiCommandExecuteResponseWrapper

Batch executes a RTR active-responder command across the hosts mapped to the given batch ID.
#batch_active_responder_cmd_with_http_info(body, opts = {}) ⇒ Array<(DomainMultiCommandExecuteResponseWrapper, Integer, Hash)>

Batch executes a RTR active-responder command across the hosts mapped to the given batch ID.
#batch_cmd(body, opts = {}) ⇒ DomainMultiCommandExecuteResponseWrapper

Batch executes a RTR read-only command across the hosts mapped to the given batch ID.
#batch_cmd_with_http_info(body, opts = {}) ⇒ Array<(DomainMultiCommandExecuteResponseWrapper, Integer, Hash)>

Batch executes a RTR read-only command across the hosts mapped to the given batch ID.
#batch_get_cmd(body, opts = {}) ⇒ DomainBatchGetCommandResponse

Batch executes ‘get` command across hosts to retrieve files.
#batch_get_cmd_status(batch_get_cmd_req_id, opts = {}) ⇒ DomainBatchGetCmdStatusResponse

Retrieves the status of the specified batch get command.
#batch_get_cmd_status_with_http_info(batch_get_cmd_req_id, opts = {}) ⇒ Array<(DomainBatchGetCmdStatusResponse, Integer, Hash)>

Retrieves the status of the specified batch get command.
#batch_get_cmd_with_http_info(body, opts = {}) ⇒ Array<(DomainBatchGetCommandResponse, Integer, Hash)>

Batch executes `get` command across hosts to retrieve files.
#batch_init_sessions(body, opts = {}) ⇒ DomainBatchInitSessionResponse

Batch initialize a RTR session on multiple hosts.
#batch_init_sessions_with_http_info(body, opts = {}) ⇒ Array<(DomainBatchInitSessionResponse, Integer, Hash)>

Batch initialize a RTR session on multiple hosts.
#batch_refresh_sessions(body, opts = {}) ⇒ DomainBatchRefreshSessionResponse

Batch refresh a RTR session on multiple hosts.
#batch_refresh_sessions_with_http_info(body, opts = {}) ⇒ Array<(DomainBatchRefreshSessionResponse, Integer, Hash)>

Batch refresh a RTR session on multiple hosts.
#initialize(api_client = ApiClient.default) ⇒ RealTimeResponseApi constructor

A new instance of RealTimeResponseApi.
#r_tr_aggregate_sessions(body, opts = {}) ⇒ MsaAggregatesResponse

Get aggregates on session data.
#r_tr_aggregate_sessions_with_http_info(body, opts = {}) ⇒ Array<(MsaAggregatesResponse, Integer, Hash)>

Get aggregates on session data.
#r_tr_check_active_responder_command_status(cloud_request_id, sequence_id, opts = {}) ⇒ DomainStatusResponseWrapper

Get status of an executed active-responder command on a single host.
#r_tr_check_active_responder_command_status_with_http_info(cloud_request_id, sequence_id, opts = {}) ⇒ Array<(DomainStatusResponseWrapper, Integer, Hash)>

Get status of an executed active-responder command on a single host.
#r_tr_check_command_status(cloud_request_id, sequence_id, opts = {}) ⇒ DomainStatusResponseWrapper

Get status of an executed command on a single host.
#r_tr_check_command_status_with_http_info(cloud_request_id, sequence_id, opts = {}) ⇒ Array<(DomainStatusResponseWrapper, Integer, Hash)>

Get status of an executed command on a single host.
#r_tr_delete_file(ids, session_id, opts = {}) ⇒ MsaReplyMetaOnly

Delete a RTR session file.
#r_tr_delete_file_v2(ids, session_id, opts = {}) ⇒ MsaReplyMetaOnly

Delete a RTR session file.
#r_tr_delete_file_v2_with_http_info(ids, session_id, opts = {}) ⇒ Array<(MsaReplyMetaOnly, Integer, Hash)>

Delete a RTR session file.
#r_tr_delete_file_with_http_info(ids, session_id, opts = {}) ⇒ Array<(MsaReplyMetaOnly, Integer, Hash)>

Delete a RTR session file.
#r_tr_delete_queued_session(session_id, cloud_request_id, opts = {}) ⇒ MsaReplyMetaOnly

Delete a queued session command.
#r_tr_delete_queued_session_with_http_info(session_id, cloud_request_id, opts = {}) ⇒ Array<(MsaReplyMetaOnly, Integer, Hash)>

Delete a queued session command.
#r_tr_delete_session(session_id, opts = {}) ⇒ MsaReplyMetaOnly

Delete a session.
#r_tr_delete_session_with_http_info(session_id, opts = {}) ⇒ Array<(MsaReplyMetaOnly, Integer, Hash)>

Delete a session.
#r_tr_execute_active_responder_command(body, opts = {}) ⇒ DomainCommandExecuteResponseWrapper

Execute an active responder command on a single host.
#r_tr_execute_active_responder_command_with_http_info(body, opts = {}) ⇒ Array<(DomainCommandExecuteResponseWrapper, Integer, Hash)>

Execute an active responder command on a single host.
#r_tr_execute_command(body, opts = {}) ⇒ DomainCommandExecuteResponseWrapper

Execute a command on a single host.
#r_tr_execute_command_with_http_info(body, opts = {}) ⇒ Array<(DomainCommandExecuteResponseWrapper, Integer, Hash)>

Execute a command on a single host.
#r_tr_get_extracted_file_contents(session_id, sha256, opts = {}) ⇒ Array<Integer>

Get RTR extracted file contents for specified session and sha256.
#r_tr_get_extracted_file_contents_with_http_info(session_id, sha256, opts = {}) ⇒ Array<(Array<Integer>, Integer, Hash)>

Get RTR extracted file contents for specified session and sha256.
#r_tr_init_session(body, opts = {}) ⇒ DomainInitResponseWrapper

Initialize a new session with the RTR cloud.
#r_tr_init_session_with_http_info(body, opts = {}) ⇒ Array<(DomainInitResponseWrapper, Integer, Hash)>

Initialize a new session with the RTR cloud.
#r_tr_list_all_sessions(opts = {}) ⇒ DomainListSessionsResponseMsa

Get a list of session_ids.
#r_tr_list_all_sessions_with_http_info(opts = {}) ⇒ Array<(DomainListSessionsResponseMsa, Integer, Hash)>

Get a list of session_ids.
#r_tr_list_files(session_id, opts = {}) ⇒ DomainListFilesResponseWrapper

Get a list of files for the specified RTR session.
#r_tr_list_files_v2(session_id, opts = {}) ⇒ DomainListFilesV2ResponseWrapper

Get a list of files for the specified RTR session.
#r_tr_list_files_v2_with_http_info(session_id, opts = {}) ⇒ Array<(DomainListFilesV2ResponseWrapper, Integer, Hash)>

Get a list of files for the specified RTR session.
#r_tr_list_files_with_http_info(session_id, opts = {}) ⇒ Array<(DomainListFilesResponseWrapper, Integer, Hash)>

Get a list of files for the specified RTR session.
#r_tr_list_queued_sessions(body, opts = {}) ⇒ DomainQueuedSessionResponseWrapper

Get queued session metadata by session ID.
#r_tr_list_queued_sessions_with_http_info(body, opts = {}) ⇒ Array<(DomainQueuedSessionResponseWrapper, Integer, Hash)>

Get queued session metadata by session ID.
#r_tr_list_sessions(body, opts = {}) ⇒ DomainSessionResponseWrapper

Get session metadata by session id.
#r_tr_list_sessions_with_http_info(body, opts = {}) ⇒ Array<(DomainSessionResponseWrapper, Integer, Hash)>

Get session metadata by session id.
#r_tr_pulse_session(body, opts = {}) ⇒ DomainInitResponseWrapper

Refresh a session timeout on a single host.
#r_tr_pulse_session_with_http_info(body, opts = {}) ⇒ Array<(DomainInitResponseWrapper, Integer, Hash)>

Refresh a session timeout on a single host.

Constructor Details

permalink #initialize(api_client = ApiClient.default) ⇒ `RealTimeResponseApi`

Returns a new instance of RealTimeResponseApi.

[View source]


36
37
38

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 36

def initialize(api_client = ApiClient.default)
  @api_client = api_client
end

Instance Attribute Details

permalink #api_client ⇒ `Object`

Returns the value of attribute api_client.


34
35
36

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 34

def api_client
  @api_client
end

Instance Method Details

permalink #batch_active_responder_cmd(body, opts = {}) ⇒ `DomainMultiCommandExecuteResponseWrapper`

Batch executes a RTR active-responder command across the hosts mapped to the given batch ID.

Parameters:

body (DomainBatchExecuteCommandRequest) —

Use this endpoint to run these [real time response commands](falcon.crowdstrike.com/support/documentation/11/getting-started-guide#rtr_commands): - `cat` - `cd` - `clear` - `cp` - `encrypt` - `env` - `eventlog` - `filehash` - `get` - `getsid` - `help` - `history` - `ipconfig` - `kill` - `ls` - `map` - `memdump` - `mkdir` - `mount` - `mv` - `netstat` - `ps` - `reg query` - `reg set` - `reg delete` - `reg load` - `reg unload` - `restart` - `rm` - `runscript` - `shutdown` - `unmap` - `update history` - `update install` - `update list` - `update query` - `xmemdump` - `zip` **`base_command`** Active-Responder command type we are going to execute, for example: `get` or `cp`. Refer to the RTR documentation for the full list of commands. **`batch_id`** Batch ID to execute the command on. Received from `/real-time-response/combined/batch-init-session/v1`. **`command_string`** Full command string for the command. For example `get some_file.txt` **`optional_hosts`** List of a subset of hosts we want to run the command on. If this list is supplied, only these hosts will receive the command.
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:timeout (Integer) —

Timeout for how long to wait for the request in seconds, default timeout is 30 seconds. Maximum is 5 minutes. (default to 30)
:timeout_duration (String) —

Timeout duration for how long to wait for the request in duration syntax. Example, `10s`. Valid units: `ns, us, ms, s, m, h`. Maximum is 5 minutes. (default to ‘30s’)
:host_timeout_duration (String) —

Timeout duration for how long a host has time to complete processing. Default value is a bit less than the overall timeout value. It cannot be greater than the overall request timeout. Maximum is < 5 minutes. Example, `10s`. Valid units: `ns, us, ms, s, m, h`. (default to ‘tiny bit less than overall request timeout’)

Returns:

(DomainMultiCommandExecuteResponseWrapper)

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 46

def batch_active_responder_cmd(body, opts = {})
  data, _status_code, _headers = batch_active_responder_cmd_with_http_info(body, opts)
  data
end

permalink #batch_active_responder_cmd_with_http_info(body, opts = {}) ⇒ `Array<(DomainMultiCommandExecuteResponseWrapper, Integer, Hash)>`

Batch executes a RTR active-responder command across the hosts mapped to the given batch ID.

Parameters:

body (DomainBatchExecuteCommandRequest) —

Use this endpoint to run these [real time response commands](falcon.crowdstrike.com/support/documentation/11/getting-started-guide#rtr_commands): - `cat` - `cd` - `clear` - `cp` - `encrypt` - `env` - `eventlog` - `filehash` - `get` - `getsid` - `help` - `history` - `ipconfig` - `kill` - `ls` - `map` - `memdump` - `mkdir` - `mount` - `mv` - `netstat` - `ps` - `reg query` - `reg set` - `reg delete` - `reg load` - `reg unload` - `restart` - `rm` - `runscript` - `shutdown` - `unmap` - `update history` - `update install` - `update list` - `update query` - `xmemdump` - `zip` **`base_command`** Active-Responder command type we are going to execute, for example: `get` or `cp`. Refer to the RTR documentation for the full list of commands. **`batch_id`** Batch ID to execute the command on. Received from `/real-time-response/combined/batch-init-session/v1`. **`command_string`** Full command string for the command. For example `get some_file.txt` **`optional_hosts`** List of a subset of hosts we want to run the command on. If this list is supplied, only these hosts will receive the command.
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:timeout (Integer) —

Timeout for how long to wait for the request in seconds, default timeout is 30 seconds. Maximum is 5 minutes. (default to 30)
:timeout_duration (String) —

Timeout duration for how long to wait for the request in duration syntax. Example, `10s`. Valid units: `ns, us, ms, s, m, h`. Maximum is 5 minutes. (default to ‘30s’)
:host_timeout_duration (String) —

Timeout duration for how long a host has time to complete processing. Default value is a bit less than the overall timeout value. It cannot be greater than the overall request timeout. Maximum is < 5 minutes. Example, `10s`. Valid units: `ns, us, ms, s, m, h`. (default to ‘tiny bit less than overall request timeout’)

Returns:

(Array<(DomainMultiCommandExecuteResponseWrapper, Integer, Hash)>) —

DomainMultiCommandExecuteResponseWrapper data, response status code and response headers

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 58

def batch_active_responder_cmd_with_http_info(body, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: RealTimeResponseApi.batch_active_responder_cmd ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling RealTimeResponseApi.batch_active_responder_cmd"
  end
  # resource path
  local_var_path = '/real-time-response/combined/batch-active-responder-command/v1'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'timeout'] = opts[:'timeout'] if !opts[:'timeout'].nil?
  query_params[:'timeout_duration'] = opts[:'timeout_duration'] if !opts[:'timeout_duration'].nil?
  query_params[:'host_timeout_duration'] = opts[:'host_timeout_duration'] if !opts[:'host_timeout_duration'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['application/json'])
  if !content_type.nil?
    header_params['Content-Type'] = content_type
  end

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'DomainMultiCommandExecuteResponseWrapper'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"RealTimeResponseApi.batch_active_responder_cmd",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: RealTimeResponseApi#batch_active_responder_cmd\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

permalink #batch_cmd(body, opts = {}) ⇒ `DomainMultiCommandExecuteResponseWrapper`

Batch executes a RTR read-only command across the hosts mapped to the given batch ID.

Parameters:

body (DomainBatchExecuteCommandRequest) —

Use this endpoint to run these [real time response commands](falcon.crowdstrike.com/support/documentation/11/getting-started-guide#rtr_commands): - `cat` - `cd` - `clear` - `env` - `eventlog` - `filehash` - `getsid` - `help` - `history` - `ipconfig` - `ls` - `mount` - `netstat` - `ps` - `reg query` **`base_command`** read-only command type we are going to execute, for example: `ls` or `cd`. Refer to the RTR documentation for the full list of commands. **`batch_id`** Batch ID to execute the command on. Received from `/real-time-response/combined/batch-init-session/v1`. **`command_string`** Full command string for the command. For example `cd C:\some_directory` **`optional_hosts`** List of a subset of hosts we want to run the command on. If this list is supplied, only these hosts will receive the command.
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:timeout (Integer) —

Timeout for how long to wait for the request in seconds, default timeout is 30 seconds. Maximum is 5 minutes. (default to 30)
:timeout_duration (String) —

Timeout duration for how long to wait for the request in duration syntax. Example, `10s`. Valid units: `ns, us, ms, s, m, h`. Maximum is 5 minutes. (default to ‘30s’)
:host_timeout_duration (String) —

Timeout duration for how long a host has time to complete processing. Default value is a bit less than the overall timeout value. It cannot be greater than the overall request timeout. Maximum is < 5 minutes. Example, `10s`. Valid units: `ns, us, ms, s, m, h`. (default to ‘tiny bit less than overall request timeout’)

Returns:

(DomainMultiCommandExecuteResponseWrapper)

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 121

def batch_cmd(body, opts = {})
  data, _status_code, _headers = batch_cmd_with_http_info(body, opts)
  data
end

permalink #batch_cmd_with_http_info(body, opts = {}) ⇒ `Array<(DomainMultiCommandExecuteResponseWrapper, Integer, Hash)>`

Batch executes a RTR read-only command across the hosts mapped to the given batch ID.

Parameters:

body (DomainBatchExecuteCommandRequest) —

Use this endpoint to run these [real time response commands](falcon.crowdstrike.com/support/documentation/11/getting-started-guide#rtr_commands): - `cat` - `cd` - `clear` - `env` - `eventlog` - `filehash` - `getsid` - `help` - `history` - `ipconfig` - `ls` - `mount` - `netstat` - `ps` - `reg query` **`base_command`** read-only command type we are going to execute, for example: `ls` or `cd`. Refer to the RTR documentation for the full list of commands. **`batch_id`** Batch ID to execute the command on. Received from `/real-time-response/combined/batch-init-session/v1`. **`command_string`** Full command string for the command. For example `cd C:\some_directory` **`optional_hosts`** List of a subset of hosts we want to run the command on. If this list is supplied, only these hosts will receive the command.
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:timeout (Integer) —

Timeout for how long to wait for the request in seconds, default timeout is 30 seconds. Maximum is 5 minutes. (default to 30)
:timeout_duration (String) —

Timeout duration for how long to wait for the request in duration syntax. Example, `10s`. Valid units: `ns, us, ms, s, m, h`. Maximum is 5 minutes. (default to ‘30s’)
:host_timeout_duration (String) —

Timeout duration for how long a host has time to complete processing. Default value is a bit less than the overall timeout value. It cannot be greater than the overall request timeout. Maximum is < 5 minutes. Example, `10s`. Valid units: `ns, us, ms, s, m, h`. (default to ‘tiny bit less than overall request timeout’)

Returns:

(Array<(DomainMultiCommandExecuteResponseWrapper, Integer, Hash)>) —

DomainMultiCommandExecuteResponseWrapper data, response status code and response headers

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 133

def batch_cmd_with_http_info(body, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: RealTimeResponseApi.batch_cmd ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling RealTimeResponseApi.batch_cmd"
  end
  # resource path
  local_var_path = '/real-time-response/combined/batch-command/v1'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'timeout'] = opts[:'timeout'] if !opts[:'timeout'].nil?
  query_params[:'timeout_duration'] = opts[:'timeout_duration'] if !opts[:'timeout_duration'].nil?
  query_params[:'host_timeout_duration'] = opts[:'host_timeout_duration'] if !opts[:'host_timeout_duration'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['application/json'])
  if !content_type.nil?
    header_params['Content-Type'] = content_type
  end

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'DomainMultiCommandExecuteResponseWrapper'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"RealTimeResponseApi.batch_cmd",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: RealTimeResponseApi#batch_cmd\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

permalink #batch_get_cmd(body, opts = {}) ⇒ `DomainBatchGetCommandResponse`

Batch executes ‘get` command across hosts to retrieve files. After this call is made `GET /real-time-response/combined/batch-get-command/v1` is used to query for the results.

Parameters:

body (DomainBatchGetCommandRequest) —

**`batch_id`** Batch ID to execute the command on. Received from `/real-time-response/combined/batch-init-session/v1`. **`file_path`** Full path to the file that is to be retrieved from each host in the batch. **`optional_hosts`** List of a subset of hosts we want to run the command on. If this list is supplied, only these hosts will receive the command.
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:timeout (Integer) —

Timeout for how long to wait for the request in seconds, default timeout is 30 seconds. Maximum is 5 minutes. (default to 30)
:timeout_duration (String) —

Timeout duration for how long to wait for the request in duration syntax. Example, `10s`. Valid units: `ns, us, ms, s, m, h`. Maximum is 5 minutes. (default to ‘30s’)
:host_timeout_duration (String) —

Timeout duration for how long a host has time to complete processing. Default value is a bit less than the overall timeout value. It cannot be greater than the overall request timeout. Maximum is < 5 minutes. Example, `10s`. Valid units: `ns, us, ms, s, m, h`. (default to ‘tiny bit less than overall request timeout’)

Returns:

(DomainBatchGetCommandResponse)

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 196

def batch_get_cmd(body, opts = {})
  data, _status_code, _headers = batch_get_cmd_with_http_info(body, opts)
  data
end

permalink #batch_get_cmd_status(batch_get_cmd_req_id, opts = {}) ⇒ `DomainBatchGetCmdStatusResponse`

Retrieves the status of the specified batch get command. Will return successful files when they are finished processing.

Parameters:

batch_get_cmd_req_id (String) —

Batch Get Command Request ID received from `/real-time-response/combined/get-command/v1`
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:timeout (Integer) —

Timeout for how long to wait for the request in seconds, default timeout is 30 seconds. Maximum is 5 minutes. (default to 30)
:timeout_duration (String) —

Timeout duration for how long to wait for the request in duration syntax. Example, `10s`. Valid units: `ns, us, ms, s, m, h`. Maximum is 5 minutes. (default to ‘30s’)

Returns:

(DomainBatchGetCmdStatusResponse)

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 270

def batch_get_cmd_status(batch_get_cmd_req_id, opts = {})
  data, _status_code, _headers = batch_get_cmd_status_with_http_info(batch_get_cmd_req_id, opts)
  data
end

permalink #batch_get_cmd_status_with_http_info(batch_get_cmd_req_id, opts = {}) ⇒ `Array<(DomainBatchGetCmdStatusResponse, Integer, Hash)>`

Retrieves the status of the specified batch get command. Will return successful files when they are finished processing.

Parameters:

batch_get_cmd_req_id (String) —

Batch Get Command Request ID received from `/real-time-response/combined/get-command/v1`
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:timeout (Integer) —

Timeout for how long to wait for the request in seconds, default timeout is 30 seconds. Maximum is 5 minutes. (default to 30)
:timeout_duration (String) —

Timeout duration for how long to wait for the request in duration syntax. Example, `10s`. Valid units: `ns, us, ms, s, m, h`. Maximum is 5 minutes. (default to ‘30s’)

Returns:

(Array<(DomainBatchGetCmdStatusResponse, Integer, Hash)>) —

DomainBatchGetCmdStatusResponse data, response status code and response headers

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 281

def batch_get_cmd_status_with_http_info(batch_get_cmd_req_id, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: RealTimeResponseApi.batch_get_cmd_status ...'
  end
  # verify the required parameter 'batch_get_cmd_req_id' is set
  if @api_client.config.client_side_validation && batch_get_cmd_req_id.nil?
    fail ArgumentError, "Missing the required parameter 'batch_get_cmd_req_id' when calling RealTimeResponseApi.batch_get_cmd_status"
  end
  # resource path
  local_var_path = '/real-time-response/combined/batch-get-command/v1'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'batch_get_cmd_req_id'] = batch_get_cmd_req_id
  query_params[:'timeout'] = opts[:'timeout'] if !opts[:'timeout'].nil?
  query_params[:'timeout_duration'] = opts[:'timeout_duration'] if !opts[:'timeout_duration'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'DomainBatchGetCmdStatusResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"RealTimeResponseApi.batch_get_cmd_status",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: RealTimeResponseApi#batch_get_cmd_status\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

permalink #batch_get_cmd_with_http_info(body, opts = {}) ⇒ `Array<(DomainBatchGetCommandResponse, Integer, Hash)>`

Batch executes `get` command across hosts to retrieve files. After this call is made `GET /real-time-response/combined/batch-get-command/v1` is used to query for the results.

Parameters:

body (DomainBatchGetCommandRequest) —

**`batch_id`** Batch ID to execute the command on. Received from `/real-time-response/combined/batch-init-session/v1`. **`file_path`** Full path to the file that is to be retrieved from each host in the batch. **`optional_hosts`** List of a subset of hosts we want to run the command on. If this list is supplied, only these hosts will receive the command.
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:timeout (Integer) —

Timeout for how long to wait for the request in seconds, default timeout is 30 seconds. Maximum is 5 minutes. (default to 30)
:timeout_duration (String) —

Timeout duration for how long to wait for the request in duration syntax. Example, `10s`. Valid units: `ns, us, ms, s, m, h`. Maximum is 5 minutes. (default to ‘30s’)
:host_timeout_duration (String) —

Timeout duration for how long a host has time to complete processing. Default value is a bit less than the overall timeout value. It cannot be greater than the overall request timeout. Maximum is < 5 minutes. Example, `10s`. Valid units: `ns, us, ms, s, m, h`. (default to ‘tiny bit less than overall request timeout’)

Returns:

(Array<(DomainBatchGetCommandResponse, Integer, Hash)>) —

DomainBatchGetCommandResponse data, response status code and response headers

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 208

def batch_get_cmd_with_http_info(body, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: RealTimeResponseApi.batch_get_cmd ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling RealTimeResponseApi.batch_get_cmd"
  end
  # resource path
  local_var_path = '/real-time-response/combined/batch-get-command/v1'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'timeout'] = opts[:'timeout'] if !opts[:'timeout'].nil?
  query_params[:'timeout_duration'] = opts[:'timeout_duration'] if !opts[:'timeout_duration'].nil?
  query_params[:'host_timeout_duration'] = opts[:'host_timeout_duration'] if !opts[:'host_timeout_duration'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['application/json'])
  if !content_type.nil?
    header_params['Content-Type'] = content_type
  end

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'DomainBatchGetCommandResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"RealTimeResponseApi.batch_get_cmd",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: RealTimeResponseApi#batch_get_cmd\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

permalink #batch_init_sessions(body, opts = {}) ⇒ `DomainBatchInitSessionResponse`

Batch initialize a RTR session on multiple hosts. Before any RTR commands can be used, an active session is needed on the host.

Parameters:

body (DomainBatchInitSessionRequest) —

**`host_ids`** List of host agent ID's to initialize a RTR session on. A maximum of 10000 hosts can be in a single batch session. **`existing_batch_id`** Optional batch ID. Use an existing batch ID if you want to initialize new hosts and add them to the existing batch **`queue_offline`** If we should queue this session if the host is offline. Any commands run against an offline-queued session will be queued up and executed when the host comes online.
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:timeout (Integer) —

Timeout for how long to wait for the request in seconds, default timeout is 30 seconds. Maximum is 5 minutes. (default to 30)
:timeout_duration (String) —

Timeout duration for how long to wait for the request in duration syntax. Example, `10s`. Valid units: `ns, us, ms, s, m, h`. Maximum is 5 minutes. (default to ‘30s’)
:host_timeout_duration (String) —

Timeout duration for how long a host has time to complete processing. Default value is a bit less than the overall timeout value. It cannot be greater than the overall request timeout. Maximum is < 5 minutes. Example, `10s`. Valid units: `ns, us, ms, s, m, h`. (default to ‘tiny bit less than overall request timeout’)

Returns:

(DomainBatchInitSessionResponse)

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 339

def batch_init_sessions(body, opts = {})
  data, _status_code, _headers = batch_init_sessions_with_http_info(body, opts)
  data
end

permalink #batch_init_sessions_with_http_info(body, opts = {}) ⇒ `Array<(DomainBatchInitSessionResponse, Integer, Hash)>`

Batch initialize a RTR session on multiple hosts. Before any RTR commands can be used, an active session is needed on the host.

Parameters:

body (DomainBatchInitSessionRequest) —

**`host_ids`** List of host agent ID's to initialize a RTR session on. A maximum of 10000 hosts can be in a single batch session. **`existing_batch_id`** Optional batch ID. Use an existing batch ID if you want to initialize new hosts and add them to the existing batch **`queue_offline`** If we should queue this session if the host is offline. Any commands run against an offline-queued session will be queued up and executed when the host comes online.
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:timeout (Integer) —

Timeout for how long to wait for the request in seconds, default timeout is 30 seconds. Maximum is 5 minutes. (default to 30)
:timeout_duration (String) —

Timeout duration for how long to wait for the request in duration syntax. Example, `10s`. Valid units: `ns, us, ms, s, m, h`. Maximum is 5 minutes. (default to ‘30s’)
:host_timeout_duration (String) —

Timeout duration for how long a host has time to complete processing. Default value is a bit less than the overall timeout value. It cannot be greater than the overall request timeout. Maximum is < 5 minutes. Example, `10s`. Valid units: `ns, us, ms, s, m, h`. (default to ‘tiny bit less than overall request timeout’)

Returns:

(Array<(DomainBatchInitSessionResponse, Integer, Hash)>) —

DomainBatchInitSessionResponse data, response status code and response headers

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 351

def batch_init_sessions_with_http_info(body, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: RealTimeResponseApi.batch_init_sessions ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling RealTimeResponseApi.batch_init_sessions"
  end
  # resource path
  local_var_path = '/real-time-response/combined/batch-init-session/v1'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'timeout'] = opts[:'timeout'] if !opts[:'timeout'].nil?
  query_params[:'timeout_duration'] = opts[:'timeout_duration'] if !opts[:'timeout_duration'].nil?
  query_params[:'host_timeout_duration'] = opts[:'host_timeout_duration'] if !opts[:'host_timeout_duration'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['application/json'])
  if !content_type.nil?
    header_params['Content-Type'] = content_type
  end

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'DomainBatchInitSessionResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"RealTimeResponseApi.batch_init_sessions",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: RealTimeResponseApi#batch_init_sessions\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

permalink #batch_refresh_sessions(body, opts = {}) ⇒ `DomainBatchRefreshSessionResponse`

Batch refresh a RTR session on multiple hosts. RTR sessions will expire after 10 minutes unless refreshed.

Parameters:

body (DomainBatchRefreshSessionRequest) —

**`batch_id`** Batch ID to execute the command on. Received from `/real-time-response/combined/batch-init-session/v1`. **`hosts_to_remove`** Hosts to remove from the batch session. Heartbeats will no longer happen on these hosts and the sessions will expire.
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:timeout (Integer) —

Timeout for how long to wait for the request in seconds, default timeout is 30 seconds. Maximum is 5 minutes. (default to 30)
:timeout_duration (String) —

Timeout duration for how long to wait for the request in duration syntax. Example, `10s`. Valid units: `ns, us, ms, s, m, h`. Maximum is 5 minutes. (default to ‘30s’)

Returns:

(DomainBatchRefreshSessionResponse)

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 413

def batch_refresh_sessions(body, opts = {})
  data, _status_code, _headers = batch_refresh_sessions_with_http_info(body, opts)
  data
end

permalink #batch_refresh_sessions_with_http_info(body, opts = {}) ⇒ `Array<(DomainBatchRefreshSessionResponse, Integer, Hash)>`

Batch refresh a RTR session on multiple hosts. RTR sessions will expire after 10 minutes unless refreshed.

Parameters:

body (DomainBatchRefreshSessionRequest) —

**`batch_id`** Batch ID to execute the command on. Received from `/real-time-response/combined/batch-init-session/v1`. **`hosts_to_remove`** Hosts to remove from the batch session. Heartbeats will no longer happen on these hosts and the sessions will expire.
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:timeout (Integer) —

Timeout for how long to wait for the request in seconds, default timeout is 30 seconds. Maximum is 5 minutes. (default to 30)
:timeout_duration (String) —

Timeout duration for how long to wait for the request in duration syntax. Example, `10s`. Valid units: `ns, us, ms, s, m, h`. Maximum is 5 minutes. (default to ‘30s’)

Returns:

(Array<(DomainBatchRefreshSessionResponse, Integer, Hash)>) —

DomainBatchRefreshSessionResponse data, response status code and response headers

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 424

def batch_refresh_sessions_with_http_info(body, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: RealTimeResponseApi.batch_refresh_sessions ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling RealTimeResponseApi.batch_refresh_sessions"
  end
  # resource path
  local_var_path = '/real-time-response/combined/batch-refresh-session/v1'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'timeout'] = opts[:'timeout'] if !opts[:'timeout'].nil?
  query_params[:'timeout_duration'] = opts[:'timeout_duration'] if !opts[:'timeout_duration'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['application/json'])
  if !content_type.nil?
    header_params['Content-Type'] = content_type
  end

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'DomainBatchRefreshSessionResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"RealTimeResponseApi.batch_refresh_sessions",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: RealTimeResponseApi#batch_refresh_sessions\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

permalink #r_tr_aggregate_sessions(body, opts = {}) ⇒ `MsaAggregatesResponse`

Get aggregates on session data.

Parameters:

body (Array<MsaAggregateQueryRequest>) —

Supported aggregations: - `term` - `date_range` Supported aggregation members: **`date_ranges`** If peforming a date range query specify the **`from`** and **`to`** date ranges. These can be in common date formats like `2019-07-18` or `now` **`field`** Term you want to aggregate on. If doing a `date_range` query, this is the date field you want to apply the date ranges to **`filter`** Optional filter criteria in the form of an FQL query. For more information about FQL queries, see our [FQL documentation in Falcon](falcon.crowdstrike.com/support/documentation/45/falcon-query-language-feature-guide). **`name`** Name of the aggregation **`size`** Size limit to apply to the queries.
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(MsaAggregatesResponse)

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 483

def r_tr_aggregate_sessions(body, opts = {})
  data, _status_code, _headers = r_tr_aggregate_sessions_with_http_info(body, opts)
  data
end

permalink #r_tr_aggregate_sessions_with_http_info(body, opts = {}) ⇒ `Array<(MsaAggregatesResponse, Integer, Hash)>`

Get aggregates on session data.

Parameters:

body (Array<MsaAggregateQueryRequest>) —

Supported aggregations: - `term` - `date_range` Supported aggregation members: **`date_ranges`** If peforming a date range query specify the **`from`** and **`to`** date ranges. These can be in common date formats like `2019-07-18` or `now` **`field`** Term you want to aggregate on. If doing a `date_range` query, this is the date field you want to apply the date ranges to **`filter`** Optional filter criteria in the form of an FQL query. For more information about FQL queries, see our [FQL documentation in Falcon](falcon.crowdstrike.com/support/documentation/45/falcon-query-language-feature-guide). **`name`** Name of the aggregation **`size`** Size limit to apply to the queries.
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(Array<(MsaAggregatesResponse, Integer, Hash)>) —

MsaAggregatesResponse data, response status code and response headers

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 492

def r_tr_aggregate_sessions_with_http_info(body, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: RealTimeResponseApi.r_tr_aggregate_sessions ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling RealTimeResponseApi.r_tr_aggregate_sessions"
  end
  # resource path
  local_var_path = '/real-time-response/aggregates/sessions/GET/v1'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['application/json'])
  if !content_type.nil?
    header_params['Content-Type'] = content_type
  end

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'MsaAggregatesResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"RealTimeResponseApi.r_tr_aggregate_sessions",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: RealTimeResponseApi#r_tr_aggregate_sessions\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

permalink #r_tr_check_active_responder_command_status(cloud_request_id, sequence_id, opts = {}) ⇒ `DomainStatusResponseWrapper`

Get status of an executed active-responder command on a single host.

Parameters:

cloud_request_id (String) —

Cloud Request ID of the executed command to query
sequence_id (Integer) —

Sequence ID that we want to retrieve. Command responses are chunked across sequences
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(DomainStatusResponseWrapper)

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 550

def r_tr_check_active_responder_command_status(cloud_request_id, sequence_id, opts = {})
  data, _status_code, _headers = r_tr_check_active_responder_command_status_with_http_info(cloud_request_id, sequence_id, opts)
  data
end

permalink #r_tr_check_active_responder_command_status_with_http_info(cloud_request_id, sequence_id, opts = {}) ⇒ `Array<(DomainStatusResponseWrapper, Integer, Hash)>`

Get status of an executed active-responder command on a single host.

Parameters:

cloud_request_id (String) —

Cloud Request ID of the executed command to query
sequence_id (Integer) —

Sequence ID that we want to retrieve. Command responses are chunked across sequences
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(Array<(DomainStatusResponseWrapper, Integer, Hash)>) —

DomainStatusResponseWrapper data, response status code and response headers

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 560

def r_tr_check_active_responder_command_status_with_http_info(cloud_request_id, sequence_id, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: RealTimeResponseApi.r_tr_check_active_responder_command_status ...'
  end
  # verify the required parameter 'cloud_request_id' is set
  if @api_client.config.client_side_validation && cloud_request_id.nil?
    fail ArgumentError, "Missing the required parameter 'cloud_request_id' when calling RealTimeResponseApi.r_tr_check_active_responder_command_status"
  end
  # verify the required parameter 'sequence_id' is set
  if @api_client.config.client_side_validation && sequence_id.nil?
    fail ArgumentError, "Missing the required parameter 'sequence_id' when calling RealTimeResponseApi.r_tr_check_active_responder_command_status"
  end
  # resource path
  local_var_path = '/real-time-response/entities/active-responder-command/v1'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'cloud_request_id'] = cloud_request_id
  query_params[:'sequence_id'] = sequence_id

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'DomainStatusResponseWrapper'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"RealTimeResponseApi.r_tr_check_active_responder_command_status",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: RealTimeResponseApi#r_tr_check_active_responder_command_status\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

permalink #r_tr_check_command_status(cloud_request_id, sequence_id, opts = {}) ⇒ `DomainStatusResponseWrapper`

Get status of an executed command on a single host.

Parameters:

cloud_request_id (String) —

Cloud Request ID of the executed command to query
sequence_id (Integer) —

Sequence ID that we want to retrieve. Command responses are chunked across sequences
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(DomainStatusResponseWrapper)

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 619

def r_tr_check_command_status(cloud_request_id, sequence_id, opts = {})
  data, _status_code, _headers = r_tr_check_command_status_with_http_info(cloud_request_id, sequence_id, opts)
  data
end

permalink #r_tr_check_command_status_with_http_info(cloud_request_id, sequence_id, opts = {}) ⇒ `Array<(DomainStatusResponseWrapper, Integer, Hash)>`

Get status of an executed command on a single host.

Parameters:

cloud_request_id (String) —

Cloud Request ID of the executed command to query
sequence_id (Integer) —

Sequence ID that we want to retrieve. Command responses are chunked across sequences
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(Array<(DomainStatusResponseWrapper, Integer, Hash)>) —

DomainStatusResponseWrapper data, response status code and response headers

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 629

def r_tr_check_command_status_with_http_info(cloud_request_id, sequence_id, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: RealTimeResponseApi.r_tr_check_command_status ...'
  end
  # verify the required parameter 'cloud_request_id' is set
  if @api_client.config.client_side_validation && cloud_request_id.nil?
    fail ArgumentError, "Missing the required parameter 'cloud_request_id' when calling RealTimeResponseApi.r_tr_check_command_status"
  end
  # verify the required parameter 'sequence_id' is set
  if @api_client.config.client_side_validation && sequence_id.nil?
    fail ArgumentError, "Missing the required parameter 'sequence_id' when calling RealTimeResponseApi.r_tr_check_command_status"
  end
  # resource path
  local_var_path = '/real-time-response/entities/command/v1'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'cloud_request_id'] = cloud_request_id
  query_params[:'sequence_id'] = sequence_id

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'DomainStatusResponseWrapper'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"RealTimeResponseApi.r_tr_check_command_status",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: RealTimeResponseApi#r_tr_check_command_status\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

permalink #r_tr_delete_file(ids, session_id, opts = {}) ⇒ `MsaReplyMetaOnly`

Delete a RTR session file.

Parameters:

ids (String) —

RTR Session file id
session_id (String) —

RTR Session id
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(MsaReplyMetaOnly)

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 688

def r_tr_delete_file(ids, session_id, opts = {})
  data, _status_code, _headers = r_tr_delete_file_with_http_info(ids, session_id, opts)
  data
end

permalink #r_tr_delete_file_v2(ids, session_id, opts = {}) ⇒ `MsaReplyMetaOnly`

Delete a RTR session file.

Parameters:

ids (String) —

RTR Session file id
session_id (String) —

RTR Session id
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(MsaReplyMetaOnly)

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 757

def r_tr_delete_file_v2(ids, session_id, opts = {})
  data, _status_code, _headers = r_tr_delete_file_v2_with_http_info(ids, session_id, opts)
  data
end

permalink #r_tr_delete_file_v2_with_http_info(ids, session_id, opts = {}) ⇒ `Array<(MsaReplyMetaOnly, Integer, Hash)>`

Delete a RTR session file.

Parameters:

ids (String) —

RTR Session file id
session_id (String) —

RTR Session id
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(Array<(MsaReplyMetaOnly, Integer, Hash)>) —

MsaReplyMetaOnly data, response status code and response headers

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 767

def r_tr_delete_file_v2_with_http_info(ids, session_id, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: RealTimeResponseApi.r_tr_delete_file_v2 ...'
  end
  # verify the required parameter 'ids' is set
  if @api_client.config.client_side_validation && ids.nil?
    fail ArgumentError, "Missing the required parameter 'ids' when calling RealTimeResponseApi.r_tr_delete_file_v2"
  end
  # verify the required parameter 'session_id' is set
  if @api_client.config.client_side_validation && session_id.nil?
    fail ArgumentError, "Missing the required parameter 'session_id' when calling RealTimeResponseApi.r_tr_delete_file_v2"
  end
  # resource path
  local_var_path = '/real-time-response/entities/file/v2'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'ids'] = ids
  query_params[:'session_id'] = session_id

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'MsaReplyMetaOnly'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"RealTimeResponseApi.r_tr_delete_file_v2",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: RealTimeResponseApi#r_tr_delete_file_v2\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

permalink #r_tr_delete_file_with_http_info(ids, session_id, opts = {}) ⇒ `Array<(MsaReplyMetaOnly, Integer, Hash)>`

Delete a RTR session file.

Parameters:

ids (String) —

RTR Session file id
session_id (String) —

RTR Session id
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(Array<(MsaReplyMetaOnly, Integer, Hash)>) —

MsaReplyMetaOnly data, response status code and response headers

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 698

def r_tr_delete_file_with_http_info(ids, session_id, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: RealTimeResponseApi.r_tr_delete_file ...'
  end
  # verify the required parameter 'ids' is set
  if @api_client.config.client_side_validation && ids.nil?
    fail ArgumentError, "Missing the required parameter 'ids' when calling RealTimeResponseApi.r_tr_delete_file"
  end
  # verify the required parameter 'session_id' is set
  if @api_client.config.client_side_validation && session_id.nil?
    fail ArgumentError, "Missing the required parameter 'session_id' when calling RealTimeResponseApi.r_tr_delete_file"
  end
  # resource path
  local_var_path = '/real-time-response/entities/file/v1'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'ids'] = ids
  query_params[:'session_id'] = session_id

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'MsaReplyMetaOnly'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"RealTimeResponseApi.r_tr_delete_file",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: RealTimeResponseApi#r_tr_delete_file\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

permalink #r_tr_delete_queued_session(session_id, cloud_request_id, opts = {}) ⇒ `MsaReplyMetaOnly`

Delete a queued session command

Parameters:

session_id (String) —

RTR Session id
cloud_request_id (String) —

Cloud Request ID of the executed command to query
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(MsaReplyMetaOnly)

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 826

def r_tr_delete_queued_session(session_id, cloud_request_id, opts = {})
  data, _status_code, _headers = r_tr_delete_queued_session_with_http_info(session_id, cloud_request_id, opts)
  data
end

permalink #r_tr_delete_queued_session_with_http_info(session_id, cloud_request_id, opts = {}) ⇒ `Array<(MsaReplyMetaOnly, Integer, Hash)>`

Delete a queued session command

Parameters:

session_id (String) —

RTR Session id
cloud_request_id (String) —

Cloud Request ID of the executed command to query
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(Array<(MsaReplyMetaOnly, Integer, Hash)>) —

MsaReplyMetaOnly data, response status code and response headers

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 836

def r_tr_delete_queued_session_with_http_info(session_id, cloud_request_id, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: RealTimeResponseApi.r_tr_delete_queued_session ...'
  end
  # verify the required parameter 'session_id' is set
  if @api_client.config.client_side_validation && session_id.nil?
    fail ArgumentError, "Missing the required parameter 'session_id' when calling RealTimeResponseApi.r_tr_delete_queued_session"
  end
  # verify the required parameter 'cloud_request_id' is set
  if @api_client.config.client_side_validation && cloud_request_id.nil?
    fail ArgumentError, "Missing the required parameter 'cloud_request_id' when calling RealTimeResponseApi.r_tr_delete_queued_session"
  end
  # resource path
  local_var_path = '/real-time-response/entities/queued-sessions/command/v1'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'session_id'] = session_id
  query_params[:'cloud_request_id'] = cloud_request_id

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'MsaReplyMetaOnly'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"RealTimeResponseApi.r_tr_delete_queued_session",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: RealTimeResponseApi#r_tr_delete_queued_session\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

permalink #r_tr_delete_session(session_id, opts = {}) ⇒ `MsaReplyMetaOnly`

Delete a session.

Parameters:

session_id (String) —

RTR Session id
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(MsaReplyMetaOnly)

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 894

def r_tr_delete_session(session_id, opts = {})
  data, _status_code, _headers = r_tr_delete_session_with_http_info(session_id, opts)
  data
end

permalink #r_tr_delete_session_with_http_info(session_id, opts = {}) ⇒ `Array<(MsaReplyMetaOnly, Integer, Hash)>`

Delete a session.

Parameters:

session_id (String) —

RTR Session id
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(Array<(MsaReplyMetaOnly, Integer, Hash)>) —

MsaReplyMetaOnly data, response status code and response headers

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 903

def r_tr_delete_session_with_http_info(session_id, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: RealTimeResponseApi.r_tr_delete_session ...'
  end
  # verify the required parameter 'session_id' is set
  if @api_client.config.client_side_validation && session_id.nil?
    fail ArgumentError, "Missing the required parameter 'session_id' when calling RealTimeResponseApi.r_tr_delete_session"
  end
  # resource path
  local_var_path = '/real-time-response/entities/sessions/v1'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'session_id'] = session_id

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'MsaReplyMetaOnly'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"RealTimeResponseApi.r_tr_delete_session",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: RealTimeResponseApi#r_tr_delete_session\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

permalink #r_tr_execute_active_responder_command(body, opts = {}) ⇒ `DomainCommandExecuteResponseWrapper`

Execute an active responder command on a single host.

Parameters:

body (DomainCommandExecuteRequest) —

Use this endpoint to run these [real time response commands](falcon.crowdstrike.com/support/documentation/11/getting-started-guide#rtr_commands): - `cat` - `cd` - `clear` - `cp` - `encrypt` - `env` - `eventlog` - `filehash` - `get` - `getsid` - `help` - `history` - `ipconfig` - `kill` - `ls` - `map` - `memdump` - `mkdir` - `mount` - `mv` - `netstat` - `ps` - `reg query` - `reg set` - `reg delete` - `reg load` - `reg unload` - `restart` - `rm` - `runscript` - `shutdown` - `unmap` - `update history` - `update install` - `update list` - `update query` - `xmemdump` - `zip` Required values. The rest of the fields are unused. **`base_command`** Active-Responder command type we are going to execute, for example: `get` or `cp`. Refer to the RTR documentation for the full list of commands. **`command_string`** Full command string for the command. For example `get some_file.txt` **`session_id`** RTR session ID to run the command on
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(DomainCommandExecuteResponseWrapper)

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 956

def r_tr_execute_active_responder_command(body, opts = {})
  data, _status_code, _headers = r_tr_execute_active_responder_command_with_http_info(body, opts)
  data
end

permalink #r_tr_execute_active_responder_command_with_http_info(body, opts = {}) ⇒ `Array<(DomainCommandExecuteResponseWrapper, Integer, Hash)>`

Execute an active responder command on a single host.

Parameters:

body (DomainCommandExecuteRequest) —

Use this endpoint to run these [real time response commands](falcon.crowdstrike.com/support/documentation/11/getting-started-guide#rtr_commands): - `cat` - `cd` - `clear` - `cp` - `encrypt` - `env` - `eventlog` - `filehash` - `get` - `getsid` - `help` - `history` - `ipconfig` - `kill` - `ls` - `map` - `memdump` - `mkdir` - `mount` - `mv` - `netstat` - `ps` - `reg query` - `reg set` - `reg delete` - `reg load` - `reg unload` - `restart` - `rm` - `runscript` - `shutdown` - `unmap` - `update history` - `update install` - `update list` - `update query` - `xmemdump` - `zip` Required values. The rest of the fields are unused. **`base_command`** Active-Responder command type we are going to execute, for example: `get` or `cp`. Refer to the RTR documentation for the full list of commands. **`command_string`** Full command string for the command. For example `get some_file.txt` **`session_id`** RTR session ID to run the command on
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(Array<(DomainCommandExecuteResponseWrapper, Integer, Hash)>) —

DomainCommandExecuteResponseWrapper data, response status code and response headers

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 965

def r_tr_execute_active_responder_command_with_http_info(body, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: RealTimeResponseApi.r_tr_execute_active_responder_command ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling RealTimeResponseApi.r_tr_execute_active_responder_command"
  end
  # resource path
  local_var_path = '/real-time-response/entities/active-responder-command/v1'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['application/json'])
  if !content_type.nil?
    header_params['Content-Type'] = content_type
  end

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'DomainCommandExecuteResponseWrapper'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"RealTimeResponseApi.r_tr_execute_active_responder_command",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: RealTimeResponseApi#r_tr_execute_active_responder_command\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

permalink #r_tr_execute_command(body, opts = {}) ⇒ `DomainCommandExecuteResponseWrapper`

Execute a command on a single host.

Parameters:

body (DomainCommandExecuteRequest) —

Use this endpoint to run these [real time response commands](falcon.crowdstrike.com/support/documentation/11/getting-started-guide#rtr_commands): - `cat` - `cd` - `clear` - `env` - `eventlog` - `filehash` - `getsid` - `help` - `history` - `ipconfig` - `ls` - `mount` - `netstat` - `ps` - `reg query` Required values. The rest of the fields are unused. **`base_command`** read-only command type we are going to execute, for example: `ls` or `cd`. Refer to the RTR documentation for the full list of commands. **`command_string`** Full command string for the command. For example `cd C:\some_directory` **`session_id`** RTR session ID to run the command on
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(DomainCommandExecuteResponseWrapper)

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 1022

def r_tr_execute_command(body, opts = {})
  data, _status_code, _headers = r_tr_execute_command_with_http_info(body, opts)
  data
end

permalink #r_tr_execute_command_with_http_info(body, opts = {}) ⇒ `Array<(DomainCommandExecuteResponseWrapper, Integer, Hash)>`

Execute a command on a single host.

Parameters:

body (DomainCommandExecuteRequest) —

Use this endpoint to run these [real time response commands](falcon.crowdstrike.com/support/documentation/11/getting-started-guide#rtr_commands): - `cat` - `cd` - `clear` - `env` - `eventlog` - `filehash` - `getsid` - `help` - `history` - `ipconfig` - `ls` - `mount` - `netstat` - `ps` - `reg query` Required values. The rest of the fields are unused. **`base_command`** read-only command type we are going to execute, for example: `ls` or `cd`. Refer to the RTR documentation for the full list of commands. **`command_string`** Full command string for the command. For example `cd C:\some_directory` **`session_id`** RTR session ID to run the command on
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(Array<(DomainCommandExecuteResponseWrapper, Integer, Hash)>) —

DomainCommandExecuteResponseWrapper data, response status code and response headers

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 1031

def r_tr_execute_command_with_http_info(body, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: RealTimeResponseApi.r_tr_execute_command ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling RealTimeResponseApi.r_tr_execute_command"
  end
  # resource path
  local_var_path = '/real-time-response/entities/command/v1'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['application/json'])
  if !content_type.nil?
    header_params['Content-Type'] = content_type
  end

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'DomainCommandExecuteResponseWrapper'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"RealTimeResponseApi.r_tr_execute_command",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: RealTimeResponseApi#r_tr_execute_command\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

permalink #r_tr_get_extracted_file_contents(session_id, sha256, opts = {}) ⇒ `Array<Integer>`

Get RTR extracted file contents for specified session and sha256.

Parameters:

session_id (String) —

RTR Session id
sha256 (String) —

Extracted SHA256 (e.g. 'efa256a96af3b556cd3fc9d8b1cf587d72807d7805ced441e8149fc279db422b')
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:filename (String) —

Filename to use for the archive name and the file within the archive.

Returns:

(Array<Integer>)

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 1090

def r_tr_get_extracted_file_contents(session_id, sha256, opts = {})
  data, _status_code, _headers = r_tr_get_extracted_file_contents_with_http_info(session_id, sha256, opts)
  data
end

permalink #r_tr_get_extracted_file_contents_with_http_info(session_id, sha256, opts = {}) ⇒ `Array<(Array<Integer>, Integer, Hash)>`

Get RTR extracted file contents for specified session and sha256.

Parameters:

session_id (String) —

RTR Session id
sha256 (String) —

Extracted SHA256 (e.g. 'efa256a96af3b556cd3fc9d8b1cf587d72807d7805ced441e8149fc279db422b')
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:filename (String) —

Filename to use for the archive name and the file within the archive.

Returns:

(Array<(Array<Integer>, Integer, Hash)>) —

Array<Integer> data, response status code and response headers

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 1101

def r_tr_get_extracted_file_contents_with_http_info(session_id, sha256, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: RealTimeResponseApi.r_tr_get_extracted_file_contents ...'
  end
  # verify the required parameter 'session_id' is set
  if @api_client.config.client_side_validation && session_id.nil?
    fail ArgumentError, "Missing the required parameter 'session_id' when calling RealTimeResponseApi.r_tr_get_extracted_file_contents"
  end
  # verify the required parameter 'sha256' is set
  if @api_client.config.client_side_validation && sha256.nil?
    fail ArgumentError, "Missing the required parameter 'sha256' when calling RealTimeResponseApi.r_tr_get_extracted_file_contents"
  end
  # resource path
  local_var_path = '/real-time-response/entities/extracted-file-contents/v1'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'session_id'] = session_id
  query_params[:'sha256'] = sha256
  query_params[:'filename'] = opts[:'filename'] if !opts[:'filename'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/x-7z-compressed', 'application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'Array<Integer>'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"RealTimeResponseApi.r_tr_get_extracted_file_contents",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: RealTimeResponseApi#r_tr_get_extracted_file_contents\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

permalink #r_tr_init_session(body, opts = {}) ⇒ `DomainInitResponseWrapper`

Initialize a new session with the RTR cloud.

Parameters:

body (DomainInitRequest) —

**`device_id`** The host agent ID to initialize the RTR session on. RTR will retrieve an existing session for the calling user on this host **`queue_offline`** If we should queue this session if the host is offline. Any commands run against an offline-queued session will be queued up and executed when the host comes online.
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:timeout (Integer) —

Timeout for how long to wait for the request in seconds, default timeout is 30 seconds. Maximum is 5 minutes. (default to 30)
:timeout_duration (String) —

Timeout duration for how long to wait for the request in duration syntax. Example, `10s`. Valid units: `ns, us, ms, s, m, h`. Maximum is 5 minutes. (default to ‘30s’)

Returns:

(DomainInitResponseWrapper)

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 1162

def r_tr_init_session(body, opts = {})
  data, _status_code, _headers = r_tr_init_session_with_http_info(body, opts)
  data
end

permalink #r_tr_init_session_with_http_info(body, opts = {}) ⇒ `Array<(DomainInitResponseWrapper, Integer, Hash)>`

Initialize a new session with the RTR cloud.

Parameters:

body (DomainInitRequest) —

**`device_id`** The host agent ID to initialize the RTR session on. RTR will retrieve an existing session for the calling user on this host **`queue_offline`** If we should queue this session if the host is offline. Any commands run against an offline-queued session will be queued up and executed when the host comes online.
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:timeout (Integer) —

Timeout for how long to wait for the request in seconds, default timeout is 30 seconds. Maximum is 5 minutes. (default to 30)
:timeout_duration (String) —

Timeout duration for how long to wait for the request in duration syntax. Example, `10s`. Valid units: `ns, us, ms, s, m, h`. Maximum is 5 minutes. (default to ‘30s’)

Returns:

(Array<(DomainInitResponseWrapper, Integer, Hash)>) —

DomainInitResponseWrapper data, response status code and response headers

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 1173

def r_tr_init_session_with_http_info(body, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: RealTimeResponseApi.r_tr_init_session ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling RealTimeResponseApi.r_tr_init_session"
  end
  # resource path
  local_var_path = '/real-time-response/entities/sessions/v1'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'timeout'] = opts[:'timeout'] if !opts[:'timeout'].nil?
  query_params[:'timeout_duration'] = opts[:'timeout_duration'] if !opts[:'timeout_duration'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['application/json'])
  if !content_type.nil?
    header_params['Content-Type'] = content_type
  end

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'DomainInitResponseWrapper'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"RealTimeResponseApi.r_tr_init_session",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: RealTimeResponseApi#r_tr_init_session\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

permalink #r_tr_list_all_sessions(opts = {}) ⇒ `DomainListSessionsResponseMsa`

Get a list of session_ids.

Parameters:

opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:offset (String) —

Starting index of overall result set from which to return ids.
:limit (Integer) —

Number of ids to return.
:sort (String) —

Sort by spec. Ex: 'date_created|asc'.
:filter (String) —

Optional filter criteria in the form of an FQL query. For more information about FQL queries, see our [FQL documentation in Falcon](falcon.crowdstrike.com/support/documentation/45/falcon-query-language-feature-guide). “user_id” can accept a special value ‘@me’ which will restrict results to records with current user’s ID.

Returns:

(DomainListSessionsResponseMsa)

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 1235

def r_tr_list_all_sessions(opts = {})
  data, _status_code, _headers = r_tr_list_all_sessions_with_http_info(opts)
  data
end

permalink #r_tr_list_all_sessions_with_http_info(opts = {}) ⇒ `Array<(DomainListSessionsResponseMsa, Integer, Hash)>`

Get a list of session_ids.

Parameters:

opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:offset (String) —

Starting index of overall result set from which to return ids.
:limit (Integer) —

Number of ids to return.
:sort (String) —

Sort by spec. Ex: 'date_created|asc'.
:filter (String) —

Optional filter criteria in the form of an FQL query. For more information about FQL queries, see our [FQL documentation in Falcon](falcon.crowdstrike.com/support/documentation/45/falcon-query-language-feature-guide). “user_id” can accept a special value ‘@me’ which will restrict results to records with current user’s ID.

Returns:

(Array<(DomainListSessionsResponseMsa, Integer, Hash)>) —

DomainListSessionsResponseMsa data, response status code and response headers

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 1247

def r_tr_list_all_sessions_with_http_info(opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: RealTimeResponseApi.r_tr_list_all_sessions ...'
  end
  # resource path
  local_var_path = '/real-time-response/queries/sessions/v1'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'offset'] = opts[:'offset'] if !opts[:'offset'].nil?
  query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
  query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'DomainListSessionsResponseMsa'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"RealTimeResponseApi.r_tr_list_all_sessions",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: RealTimeResponseApi#r_tr_list_all_sessions\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

permalink #r_tr_list_files(session_id, opts = {}) ⇒ `DomainListFilesResponseWrapper`

Get a list of files for the specified RTR session.

Parameters:

session_id (String) —

RTR Session id
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(DomainListFilesResponseWrapper)

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 1299

def r_tr_list_files(session_id, opts = {})
  data, _status_code, _headers = r_tr_list_files_with_http_info(session_id, opts)
  data
end

permalink #r_tr_list_files_v2(session_id, opts = {}) ⇒ `DomainListFilesV2ResponseWrapper`

Get a list of files for the specified RTR session.

Parameters:

session_id (String) —

RTR Session id
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(DomainListFilesV2ResponseWrapper)

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 1361

def r_tr_list_files_v2(session_id, opts = {})
  data, _status_code, _headers = r_tr_list_files_v2_with_http_info(session_id, opts)
  data
end

permalink #r_tr_list_files_v2_with_http_info(session_id, opts = {}) ⇒ `Array<(DomainListFilesV2ResponseWrapper, Integer, Hash)>`

Get a list of files for the specified RTR session.

Parameters:

session_id (String) —

RTR Session id
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(Array<(DomainListFilesV2ResponseWrapper, Integer, Hash)>) —

DomainListFilesV2ResponseWrapper data, response status code and response headers

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 1370

def r_tr_list_files_v2_with_http_info(session_id, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: RealTimeResponseApi.r_tr_list_files_v2 ...'
  end
  # verify the required parameter 'session_id' is set
  if @api_client.config.client_side_validation && session_id.nil?
    fail ArgumentError, "Missing the required parameter 'session_id' when calling RealTimeResponseApi.r_tr_list_files_v2"
  end
  # resource path
  local_var_path = '/real-time-response/entities/file/v2'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'session_id'] = session_id

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'DomainListFilesV2ResponseWrapper'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"RealTimeResponseApi.r_tr_list_files_v2",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: RealTimeResponseApi#r_tr_list_files_v2\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

permalink #r_tr_list_files_with_http_info(session_id, opts = {}) ⇒ `Array<(DomainListFilesResponseWrapper, Integer, Hash)>`

Get a list of files for the specified RTR session.

Parameters:

session_id (String) —

RTR Session id
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(Array<(DomainListFilesResponseWrapper, Integer, Hash)>) —

DomainListFilesResponseWrapper data, response status code and response headers

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 1308

def r_tr_list_files_with_http_info(session_id, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: RealTimeResponseApi.r_tr_list_files ...'
  end
  # verify the required parameter 'session_id' is set
  if @api_client.config.client_side_validation && session_id.nil?
    fail ArgumentError, "Missing the required parameter 'session_id' when calling RealTimeResponseApi.r_tr_list_files"
  end
  # resource path
  local_var_path = '/real-time-response/entities/file/v1'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'session_id'] = session_id

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'DomainListFilesResponseWrapper'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"RealTimeResponseApi.r_tr_list_files",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: RealTimeResponseApi#r_tr_list_files\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

permalink #r_tr_list_queued_sessions(body, opts = {}) ⇒ `DomainQueuedSessionResponseWrapper`

Get queued session metadata by session ID.

Parameters:

body (MsaIdsRequest) —

**`ids`** List of RTR sessions to retrieve. RTR will only return the sessions that were created by the calling user
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(DomainQueuedSessionResponseWrapper)

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 1423

def r_tr_list_queued_sessions(body, opts = {})
  data, _status_code, _headers = r_tr_list_queued_sessions_with_http_info(body, opts)
  data
end

permalink #r_tr_list_queued_sessions_with_http_info(body, opts = {}) ⇒ `Array<(DomainQueuedSessionResponseWrapper, Integer, Hash)>`

Get queued session metadata by session ID.

Parameters:

body (MsaIdsRequest) —

**`ids`** List of RTR sessions to retrieve. RTR will only return the sessions that were created by the calling user
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(Array<(DomainQueuedSessionResponseWrapper, Integer, Hash)>) —

DomainQueuedSessionResponseWrapper data, response status code and response headers

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 1432

def r_tr_list_queued_sessions_with_http_info(body, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: RealTimeResponseApi.r_tr_list_queued_sessions ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling RealTimeResponseApi.r_tr_list_queued_sessions"
  end
  # resource path
  local_var_path = '/real-time-response/entities/queued-sessions/GET/v1'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['application/json'])
  if !content_type.nil?
    header_params['Content-Type'] = content_type
  end

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'DomainQueuedSessionResponseWrapper'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"RealTimeResponseApi.r_tr_list_queued_sessions",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: RealTimeResponseApi#r_tr_list_queued_sessions\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

permalink #r_tr_list_sessions(body, opts = {}) ⇒ `DomainSessionResponseWrapper`

Get session metadata by session id.

Parameters:

body (MsaIdsRequest) —

**`ids`** List of RTR sessions to retrieve. RTR will only return the sessions that were created by the calling user
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(DomainSessionResponseWrapper)

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 1489

def r_tr_list_sessions(body, opts = {})
  data, _status_code, _headers = r_tr_list_sessions_with_http_info(body, opts)
  data
end

permalink #r_tr_list_sessions_with_http_info(body, opts = {}) ⇒ `Array<(DomainSessionResponseWrapper, Integer, Hash)>`

Get session metadata by session id.

Parameters:

body (MsaIdsRequest) —

**`ids`** List of RTR sessions to retrieve. RTR will only return the sessions that were created by the calling user
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(Array<(DomainSessionResponseWrapper, Integer, Hash)>) —

DomainSessionResponseWrapper data, response status code and response headers

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 1498

def r_tr_list_sessions_with_http_info(body, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: RealTimeResponseApi.r_tr_list_sessions ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling RealTimeResponseApi.r_tr_list_sessions"
  end
  # resource path
  local_var_path = '/real-time-response/entities/sessions/GET/v1'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['application/json'])
  if !content_type.nil?
    header_params['Content-Type'] = content_type
  end

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'DomainSessionResponseWrapper'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"RealTimeResponseApi.r_tr_list_sessions",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: RealTimeResponseApi#r_tr_list_sessions\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

permalink #r_tr_pulse_session(body, opts = {}) ⇒ `DomainInitResponseWrapper`

Refresh a session timeout on a single host.

Parameters:

body (DomainInitRequest) —

**`device_id`** The host agent ID to refresh the RTR session on. RTR will retrieve an existing session for the calling user on this host
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(DomainInitResponseWrapper)

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 1555

def r_tr_pulse_session(body, opts = {})
  data, _status_code, _headers = r_tr_pulse_session_with_http_info(body, opts)
  data
end

permalink #r_tr_pulse_session_with_http_info(body, opts = {}) ⇒ `Array<(DomainInitResponseWrapper, Integer, Hash)>`

Refresh a session timeout on a single host.

Parameters:

body (DomainInitRequest) —

**`device_id`** The host agent ID to refresh the RTR session on. RTR will retrieve an existing session for the calling user on this host
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(Array<(DomainInitResponseWrapper, Integer, Hash)>) —

DomainInitResponseWrapper data, response status code and response headers

[View source]

# File 'lib/crimson-falcon/api/real_time_response_api.rb', line 1564

def r_tr_pulse_session_with_http_info(body, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: RealTimeResponseApi.r_tr_pulse_session ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling RealTimeResponseApi.r_tr_pulse_session"
  end
  # resource path
  local_var_path = '/real-time-response/entities/refresh-session/v1'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['application/json'])
  if !content_type.nil?
    header_params['Content-Type'] = content_type
  end

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'DomainInitResponseWrapper'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"RealTimeResponseApi.r_tr_pulse_session",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: RealTimeResponseApi#r_tr_pulse_session\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

Class: Falcon::RealTimeResponseApi

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

permalink #initialize(api_client = ApiClient.default) ⇒ RealTimeResponseApi

Instance Attribute Details

permalink #api_client ⇒ Object

Instance Method Details

permalink #batch_active_responder_cmd(body, opts = {}) ⇒ DomainMultiCommandExecuteResponseWrapper

permalink #batch_active_responder_cmd_with_http_info(body, opts = {}) ⇒ Array<(DomainMultiCommandExecuteResponseWrapper, Integer, Hash)>

permalink #batch_cmd(body, opts = {}) ⇒ DomainMultiCommandExecuteResponseWrapper

permalink #batch_cmd_with_http_info(body, opts = {}) ⇒ Array<(DomainMultiCommandExecuteResponseWrapper, Integer, Hash)>

permalink #batch_get_cmd(body, opts = {}) ⇒ DomainBatchGetCommandResponse

permalink #batch_get_cmd_status(batch_get_cmd_req_id, opts = {}) ⇒ DomainBatchGetCmdStatusResponse

permalink #batch_get_cmd_status_with_http_info(batch_get_cmd_req_id, opts = {}) ⇒ Array<(DomainBatchGetCmdStatusResponse, Integer, Hash)>

permalink #batch_get_cmd_with_http_info(body, opts = {}) ⇒ Array<(DomainBatchGetCommandResponse, Integer, Hash)>

permalink #batch_init_sessions(body, opts = {}) ⇒ DomainBatchInitSessionResponse

permalink #batch_init_sessions_with_http_info(body, opts = {}) ⇒ Array<(DomainBatchInitSessionResponse, Integer, Hash)>

permalink #batch_refresh_sessions(body, opts = {}) ⇒ DomainBatchRefreshSessionResponse

permalink #batch_refresh_sessions_with_http_info(body, opts = {}) ⇒ Array<(DomainBatchRefreshSessionResponse, Integer, Hash)>

permalink #r_tr_aggregate_sessions(body, opts = {}) ⇒ MsaAggregatesResponse

permalink #r_tr_aggregate_sessions_with_http_info(body, opts = {}) ⇒ Array<(MsaAggregatesResponse, Integer, Hash)>

permalink #r_tr_check_active_responder_command_status(cloud_request_id, sequence_id, opts = {}) ⇒ DomainStatusResponseWrapper

permalink #r_tr_check_active_responder_command_status_with_http_info(cloud_request_id, sequence_id, opts = {}) ⇒ Array<(DomainStatusResponseWrapper, Integer, Hash)>

permalink #r_tr_check_command_status(cloud_request_id, sequence_id, opts = {}) ⇒ DomainStatusResponseWrapper

permalink #r_tr_check_command_status_with_http_info(cloud_request_id, sequence_id, opts = {}) ⇒ Array<(DomainStatusResponseWrapper, Integer, Hash)>

permalink #r_tr_delete_file(ids, session_id, opts = {}) ⇒ MsaReplyMetaOnly

permalink #r_tr_delete_file_v2(ids, session_id, opts = {}) ⇒ MsaReplyMetaOnly

permalink #r_tr_delete_file_v2_with_http_info(ids, session_id, opts = {}) ⇒ Array<(MsaReplyMetaOnly, Integer, Hash)>

permalink #r_tr_delete_file_with_http_info(ids, session_id, opts = {}) ⇒ Array<(MsaReplyMetaOnly, Integer, Hash)>

permalink #r_tr_delete_queued_session(session_id, cloud_request_id, opts = {}) ⇒ MsaReplyMetaOnly

permalink #r_tr_delete_queued_session_with_http_info(session_id, cloud_request_id, opts = {}) ⇒ Array<(MsaReplyMetaOnly, Integer, Hash)>

permalink #r_tr_delete_session(session_id, opts = {}) ⇒ MsaReplyMetaOnly

permalink #r_tr_delete_session_with_http_info(session_id, opts = {}) ⇒ Array<(MsaReplyMetaOnly, Integer, Hash)>

permalink #r_tr_execute_active_responder_command(body, opts = {}) ⇒ DomainCommandExecuteResponseWrapper

permalink #r_tr_execute_active_responder_command_with_http_info(body, opts = {}) ⇒ Array<(DomainCommandExecuteResponseWrapper, Integer, Hash)>

permalink #r_tr_execute_command(body, opts = {}) ⇒ DomainCommandExecuteResponseWrapper

permalink #r_tr_execute_command_with_http_info(body, opts = {}) ⇒ Array<(DomainCommandExecuteResponseWrapper, Integer, Hash)>

permalink #r_tr_get_extracted_file_contents(session_id, sha256, opts = {}) ⇒ Array<Integer>

permalink #r_tr_get_extracted_file_contents_with_http_info(session_id, sha256, opts = {}) ⇒ Array<(Array<Integer>, Integer, Hash)>

permalink #r_tr_init_session(body, opts = {}) ⇒ DomainInitResponseWrapper

permalink #r_tr_init_session_with_http_info(body, opts = {}) ⇒ Array<(DomainInitResponseWrapper, Integer, Hash)>

permalink #r_tr_list_all_sessions(opts = {}) ⇒ DomainListSessionsResponseMsa

permalink #r_tr_list_all_sessions_with_http_info(opts = {}) ⇒ Array<(DomainListSessionsResponseMsa, Integer, Hash)>

permalink #r_tr_list_files(session_id, opts = {}) ⇒ DomainListFilesResponseWrapper

permalink #r_tr_list_files_v2(session_id, opts = {}) ⇒ DomainListFilesV2ResponseWrapper

permalink #r_tr_list_files_v2_with_http_info(session_id, opts = {}) ⇒ Array<(DomainListFilesV2ResponseWrapper, Integer, Hash)>

permalink #r_tr_list_files_with_http_info(session_id, opts = {}) ⇒ Array<(DomainListFilesResponseWrapper, Integer, Hash)>

permalink #r_tr_list_queued_sessions(body, opts = {}) ⇒ DomainQueuedSessionResponseWrapper

permalink #r_tr_list_queued_sessions_with_http_info(body, opts = {}) ⇒ Array<(DomainQueuedSessionResponseWrapper, Integer, Hash)>

permalink #r_tr_list_sessions(body, opts = {}) ⇒ DomainSessionResponseWrapper

permalink #r_tr_list_sessions_with_http_info(body, opts = {}) ⇒ Array<(DomainSessionResponseWrapper, Integer, Hash)>

permalink #r_tr_pulse_session(body, opts = {}) ⇒ DomainInitResponseWrapper

permalink #r_tr_pulse_session_with_http_info(body, opts = {}) ⇒ Array<(DomainInitResponseWrapper, Integer, Hash)>

permalink #initialize(api_client = ApiClient.default) ⇒ `RealTimeResponseApi`

permalink #api_client ⇒ `Object`

permalink #batch_active_responder_cmd(body, opts = {}) ⇒ `DomainMultiCommandExecuteResponseWrapper`

permalink #batch_active_responder_cmd_with_http_info(body, opts = {}) ⇒ `Array<(DomainMultiCommandExecuteResponseWrapper, Integer, Hash)>`

permalink #batch_cmd(body, opts = {}) ⇒ `DomainMultiCommandExecuteResponseWrapper`

permalink #batch_cmd_with_http_info(body, opts = {}) ⇒ `Array<(DomainMultiCommandExecuteResponseWrapper, Integer, Hash)>`

permalink #batch_get_cmd(body, opts = {}) ⇒ `DomainBatchGetCommandResponse`

permalink #batch_get_cmd_status(batch_get_cmd_req_id, opts = {}) ⇒ `DomainBatchGetCmdStatusResponse`

permalink #batch_get_cmd_status_with_http_info(batch_get_cmd_req_id, opts = {}) ⇒ `Array<(DomainBatchGetCmdStatusResponse, Integer, Hash)>`

permalink #batch_get_cmd_with_http_info(body, opts = {}) ⇒ `Array<(DomainBatchGetCommandResponse, Integer, Hash)>`

permalink #batch_init_sessions(body, opts = {}) ⇒ `DomainBatchInitSessionResponse`

permalink #batch_init_sessions_with_http_info(body, opts = {}) ⇒ `Array<(DomainBatchInitSessionResponse, Integer, Hash)>`

permalink #batch_refresh_sessions(body, opts = {}) ⇒ `DomainBatchRefreshSessionResponse`

permalink #batch_refresh_sessions_with_http_info(body, opts = {}) ⇒ `Array<(DomainBatchRefreshSessionResponse, Integer, Hash)>`

permalink #r_tr_aggregate_sessions(body, opts = {}) ⇒ `MsaAggregatesResponse`

permalink #r_tr_aggregate_sessions_with_http_info(body, opts = {}) ⇒ `Array<(MsaAggregatesResponse, Integer, Hash)>`

permalink #r_tr_check_active_responder_command_status(cloud_request_id, sequence_id, opts = {}) ⇒ `DomainStatusResponseWrapper`

permalink #r_tr_check_active_responder_command_status_with_http_info(cloud_request_id, sequence_id, opts = {}) ⇒ `Array<(DomainStatusResponseWrapper, Integer, Hash)>`

permalink #r_tr_check_command_status(cloud_request_id, sequence_id, opts = {}) ⇒ `DomainStatusResponseWrapper`

permalink #r_tr_check_command_status_with_http_info(cloud_request_id, sequence_id, opts = {}) ⇒ `Array<(DomainStatusResponseWrapper, Integer, Hash)>`

permalink #r_tr_delete_file(ids, session_id, opts = {}) ⇒ `MsaReplyMetaOnly`

permalink #r_tr_delete_file_v2(ids, session_id, opts = {}) ⇒ `MsaReplyMetaOnly`

permalink #r_tr_delete_file_v2_with_http_info(ids, session_id, opts = {}) ⇒ `Array<(MsaReplyMetaOnly, Integer, Hash)>`

permalink #r_tr_delete_file_with_http_info(ids, session_id, opts = {}) ⇒ `Array<(MsaReplyMetaOnly, Integer, Hash)>`

permalink #r_tr_delete_queued_session(session_id, cloud_request_id, opts = {}) ⇒ `MsaReplyMetaOnly`

permalink #r_tr_delete_queued_session_with_http_info(session_id, cloud_request_id, opts = {}) ⇒ `Array<(MsaReplyMetaOnly, Integer, Hash)>`

permalink #r_tr_delete_session(session_id, opts = {}) ⇒ `MsaReplyMetaOnly`

permalink #r_tr_delete_session_with_http_info(session_id, opts = {}) ⇒ `Array<(MsaReplyMetaOnly, Integer, Hash)>`

permalink #r_tr_execute_active_responder_command(body, opts = {}) ⇒ `DomainCommandExecuteResponseWrapper`

permalink #r_tr_execute_active_responder_command_with_http_info(body, opts = {}) ⇒ `Array<(DomainCommandExecuteResponseWrapper, Integer, Hash)>`

permalink #r_tr_execute_command(body, opts = {}) ⇒ `DomainCommandExecuteResponseWrapper`

permalink #r_tr_execute_command_with_http_info(body, opts = {}) ⇒ `Array<(DomainCommandExecuteResponseWrapper, Integer, Hash)>`

permalink #r_tr_get_extracted_file_contents(session_id, sha256, opts = {}) ⇒ `Array<Integer>`

permalink #r_tr_get_extracted_file_contents_with_http_info(session_id, sha256, opts = {}) ⇒ `Array<(Array<Integer>, Integer, Hash)>`

permalink #r_tr_init_session(body, opts = {}) ⇒ `DomainInitResponseWrapper`

permalink #r_tr_init_session_with_http_info(body, opts = {}) ⇒ `Array<(DomainInitResponseWrapper, Integer, Hash)>`

permalink #r_tr_list_all_sessions(opts = {}) ⇒ `DomainListSessionsResponseMsa`

permalink #r_tr_list_all_sessions_with_http_info(opts = {}) ⇒ `Array<(DomainListSessionsResponseMsa, Integer, Hash)>`

permalink #r_tr_list_files(session_id, opts = {}) ⇒ `DomainListFilesResponseWrapper`

permalink #r_tr_list_files_v2(session_id, opts = {}) ⇒ `DomainListFilesV2ResponseWrapper`

permalink #r_tr_list_files_v2_with_http_info(session_id, opts = {}) ⇒ `Array<(DomainListFilesV2ResponseWrapper, Integer, Hash)>`

permalink #r_tr_list_files_with_http_info(session_id, opts = {}) ⇒ `Array<(DomainListFilesResponseWrapper, Integer, Hash)>`

permalink #r_tr_list_queued_sessions(body, opts = {}) ⇒ `DomainQueuedSessionResponseWrapper`

permalink #r_tr_list_queued_sessions_with_http_info(body, opts = {}) ⇒ `Array<(DomainQueuedSessionResponseWrapper, Integer, Hash)>`

permalink #r_tr_list_sessions(body, opts = {}) ⇒ `DomainSessionResponseWrapper`

permalink #r_tr_list_sessions_with_http_info(body, opts = {}) ⇒ `Array<(DomainSessionResponseWrapper, Integer, Hash)>`

permalink #r_tr_pulse_session(body, opts = {}) ⇒ `DomainInitResponseWrapper`

permalink #r_tr_pulse_session_with_http_info(body, opts = {}) ⇒ `Array<(DomainInitResponseWrapper, Integer, Hash)>`