Class: Falcon::RealTimeResponseAuditApi

Inherits:

Object

• Object
• Falcon::RealTimeResponseAuditApi

Defined in:

lib/crimson-falcon/api/real_time_response_audit_api.rb

Instance Attribute Summary

• #api_client ⇒ Object

  Returns the value of attribute api_client.

Instance Method Summary

• #initialize(api_client = ApiClient.default) ⇒ RealTimeResponseAuditApi constructor

  A new instance of RealTimeResponseAuditApi.

• #r_tr_audit_sessions(opts = {}) ⇒ DomainSessionResponseWrapper

  Get all the RTR sessions created for a customer in a specified duration.

• #r_tr_audit_sessions_with_http_info(opts = {}) ⇒ Array<(DomainSessionResponseWrapper, Integer, Hash)>

  Get all the RTR sessions created for a customer in a specified duration.

Constructor Details

#initialize(api_client = ApiClient.default) ⇒ RealTimeResponseAuditApi

Returns a new instance of RealTimeResponseAuditApi.

# File 'lib/crimson-falcon/api/real_time_response_audit_api.rb', line 36

def initialize(api_client = ApiClient.default)
  @api_client = api_client
end

Instance Attribute Details

#api_client ⇒ Object

Returns the value of attribute api_client.

# File 'lib/crimson-falcon/api/real_time_response_audit_api.rb', line 34

def api_client
  @api_client
end

Instance Method Details

#r_tr_audit_sessions(opts = {}) ⇒ DomainSessionResponseWrapper

Get all the RTR sessions created for a customer in a specified duration

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :filter (String) —

  Optional filter criteria in the form of an FQL query. For more information about FQL queries, see our [FQL documentation in Falcon](falcon.crowdstrike.com/support/documentation/45/falcon-query-language-feature-guide).

• :sort (String) —

  how to sort the session IDs. e.g. sort&#x3D;created_at|desc will sort the results based on createdAt in descending order

• :limit (String) —

  number of sessions to be returned

• :offset (String) —

  offset value to be used for paginated results

• :with_command_info (Boolean) —

  get sessions with command info included; by default sessions are returned without command info which include cloud_request_ids and logs fields (default to false)

Returns:

• (DomainSessionResponseWrapper)

# File 'lib/crimson-falcon/api/real_time_response_audit_api.rb', line 47

def r_tr_audit_sessions(opts = {})
  data, _status_code, _headers = r_tr_audit_sessions_with_http_info(opts)
  data
end

#r_tr_audit_sessions_with_http_info(opts = {}) ⇒ Array<(DomainSessionResponseWrapper, Integer, Hash)>

Get all the RTR sessions created for a customer in a specified duration

Parameters:

• opts (Hash) (defaults to: {}) —

  the optional parameters

Options Hash (opts):

• :filter (String) —

  Optional filter criteria in the form of an FQL query. For more information about FQL queries, see our [FQL documentation in Falcon](falcon.crowdstrike.com/support/documentation/45/falcon-query-language-feature-guide).

• :sort (String) —

  how to sort the session IDs. e.g. sort&#x3D;created_at|desc will sort the results based on createdAt in descending order

• :limit (String) —

  number of sessions to be returned

• :offset (String) —

  offset value to be used for paginated results

• :with_command_info (Boolean) —

  get sessions with command info included; by default sessions are returned without command info which include cloud_request_ids and logs fields (default to false)

Returns:

• (Array<(DomainSessionResponseWrapper, Integer, Hash)>) —

  DomainSessionResponseWrapper data, response status code and response headers

# File 'lib/crimson-falcon/api/real_time_response_audit_api.rb', line 60

def r_tr_audit_sessions_with_http_info(opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: RealTimeResponseAuditApi.r_tr_audit_sessions ...'
  end
  allowable_values = ["created_at", "updated_at", "deleted_at"]
  if @api_client.config.client_side_validation && opts[:'sort'] && !allowable_values.include?(opts[:'sort'])
    fail ArgumentError, "invalid value for \"sort\", must be one of #{allowable_values}"
  end
  # resource path
  local_var_path = '/real-time-response-audit/combined/sessions/v1'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'filter'] = opts[:'filter'] if !opts[:'filter'].nil?
  query_params[:'sort'] = opts[:'sort'] if !opts[:'sort'].nil?
  query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil?
  query_params[:'offset'] = opts[:'offset'] if !opts[:'offset'].nil?
  query_params[:'with_command_info'] = opts[:'with_command_info'] if !opts[:'with_command_info'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'DomainSessionResponseWrapper'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"RealTimeResponseAuditApi.r_tr_audit_sessions",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: RealTimeResponseAuditApi#r_tr_audit_sessions\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end