diff --git a/crowdsec_tracker_api/__pycache__/base_model.cpython-311.pyc b/crowdsec_tracker_api/__pycache__/base_model.cpython-311.pyc index a48f15d..cacb1f7 100644 Binary files a/crowdsec_tracker_api/__pycache__/base_model.cpython-311.pyc and b/crowdsec_tracker_api/__pycache__/base_model.cpython-311.pyc differ diff --git a/crowdsec_tracker_api/__pycache__/http_client.cpython-311.pyc b/crowdsec_tracker_api/__pycache__/http_client.cpython-311.pyc index 3bfd3aa..0f7e7b2 100644 Binary files a/crowdsec_tracker_api/__pycache__/http_client.cpython-311.pyc and b/crowdsec_tracker_api/__pycache__/http_client.cpython-311.pyc differ diff --git a/crowdsec_tracker_api/models.py b/crowdsec_tracker_api/models.py index 94c0744..737f300 100644 --- a/crowdsec_tracker_api/models.py +++ b/crowdsec_tracker_api/models.py @@ -1,6 +1,6 @@ # generated by datamodel-codegen: # filename: -# timestamp: 2026-02-24T17:00:06+00:00 +# timestamp: 2026-03-03T15:51:55+00:00 from __future__ import annotations diff --git a/crowdsec_tracker_api/services/__pycache__/__init__.cpython-311.pyc b/crowdsec_tracker_api/services/__pycache__/__init__.cpython-311.pyc index 031bdb7..b752b75 100644 Binary files a/crowdsec_tracker_api/services/__pycache__/__init__.cpython-311.pyc and b/crowdsec_tracker_api/services/__pycache__/__init__.cpython-311.pyc differ diff --git a/crowdsec_tracker_api/services/cves.py b/crowdsec_tracker_api/services/cves.py index 0ca4437..918f851 100644 --- a/crowdsec_tracker_api/services/cves.py +++ b/crowdsec_tracker_api/services/cves.py @@ -11,7 +11,7 @@ class Cves(Service): def __init__(self, auth: Auth, base_url: str = "https://admin.api.crowdsec.net/v1") -> None: - super().__init__(base_url=base_url, auth=auth, user_agent="crowdsec_tracker_api/1.108.1") + super().__init__(base_url=base_url, auth=auth, user_agent="crowdsec_tracker_api/1.110.1") def get_cves( self, diff --git a/crowdsec_tracker_api/services/fingerprints.py b/crowdsec_tracker_api/services/fingerprints.py index aa7861c..3393fdf 100644 --- a/crowdsec_tracker_api/services/fingerprints.py +++ b/crowdsec_tracker_api/services/fingerprints.py @@ -11,7 +11,7 @@ class Fingerprints(Service): def __init__(self, auth: Auth, base_url: str = "https://admin.api.crowdsec.net/v1") -> None: - super().__init__(base_url=base_url, auth=auth, user_agent="crowdsec_tracker_api/1.108.1") + super().__init__(base_url=base_url, auth=auth, user_agent="crowdsec_tracker_api/1.110.1") def get_fingerprint_rules( self, diff --git a/crowdsec_tracker_api/services/integrations.py b/crowdsec_tracker_api/services/integrations.py index 46ed4a7..035f67a 100644 --- a/crowdsec_tracker_api/services/integrations.py +++ b/crowdsec_tracker_api/services/integrations.py @@ -11,7 +11,7 @@ class Integrations(Service): def __init__(self, auth: Auth, base_url: str = "https://admin.api.crowdsec.net/v1") -> None: - super().__init__(base_url=base_url, auth=auth, user_agent="crowdsec_tracker_api/1.108.1") + super().__init__(base_url=base_url, auth=auth, user_agent="crowdsec_tracker_api/1.110.1") def get_integrations( self, diff --git a/crowdsec_tracker_api/services/products.py b/crowdsec_tracker_api/services/products.py index 4c18648..5325cd7 100644 --- a/crowdsec_tracker_api/services/products.py +++ b/crowdsec_tracker_api/services/products.py @@ -11,7 +11,7 @@ class Products(Service): def __init__(self, auth: Auth, base_url: str = "https://admin.api.crowdsec.net/v1") -> None: - super().__init__(base_url=base_url, auth=auth, user_agent="crowdsec_tracker_api/1.108.1") + super().__init__(base_url=base_url, auth=auth, user_agent="crowdsec_tracker_api/1.110.1") def get_products( self, diff --git a/crowdsec_tracker_api/services/tags.py b/crowdsec_tracker_api/services/tags.py index 891fba5..e674ff7 100644 --- a/crowdsec_tracker_api/services/tags.py +++ b/crowdsec_tracker_api/services/tags.py @@ -11,7 +11,7 @@ class Tags(Service): def __init__(self, auth: Auth, base_url: str = "https://admin.api.crowdsec.net/v1") -> None: - super().__init__(base_url=base_url, auth=auth, user_agent="crowdsec_tracker_api/1.108.1") + super().__init__(base_url=base_url, auth=auth, user_agent="crowdsec_tracker_api/1.110.1") def get_tags( self, diff --git a/crowdsec_tracker_api/services/vendors.py b/crowdsec_tracker_api/services/vendors.py index 6058dc9..e508947 100644 --- a/crowdsec_tracker_api/services/vendors.py +++ b/crowdsec_tracker_api/services/vendors.py @@ -11,7 +11,7 @@ class Vendors(Service): def __init__(self, auth: Auth, base_url: str = "https://admin.api.crowdsec.net/v1") -> None: - super().__init__(base_url=base_url, auth=auth, user_agent="crowdsec_tracker_api/1.108.1") + super().__init__(base_url=base_url, auth=auth, user_agent="crowdsec_tracker_api/1.110.1") def get_vendors( self, diff --git a/let-openapi.json b/let-openapi.json index 1fee82c..734e4c4 100644 --- a/let-openapi.json +++ b/let-openapi.json @@ -1 +1 @@ -{"openapi": "3.1.0", "info": {"title": "LET API", "description": "This is the API to manage Crowdsec Live Exploit Tracker service", "contact": {"name": "CrowdSec", "url": "https://crowdsec.net/", "email": "info@crowdsec.net"}, "version": "1.108.1"}, "paths": {"/integrations": {"post": {"tags": ["Integrations"], "summary": "Create Integration", "description": "Create an integration to a firewall or remediation component, owned by your organization. The name should be unique within the organization. This operation is submitted to quotas.", "operationId": "createIntegration", "requestBody": {"required": true, "content": {"application/json": {"schema": {"$ref": "#/components/schemas/IntegrationCreateRequest"}}}}, "responses": {"201": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/IntegrationCreateResponse"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}, "get": {"tags": ["Integrations"], "summary": "Get Integrations", "description": "Get integrations owned by your organization", "operationId": "getIntegrations", "parameters": [{"name": "tag", "in": "query", "required": false, "schema": {"anyOf": [{"type": "array", "items": {"type": "string"}}, {"type": "null"}], "description": "List of tags associated with the integrations (any of)", "title": "Tag"}, "description": "List of tags associated with the integrations (any of)"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/IntegrationGetResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/integrations/{integration_id}": {"get": {"tags": ["Integrations"], "summary": "Get Integration", "description": "Get an integration by ID", "operationId": "getIntegration", "parameters": [{"name": "integration_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Integration Id"}}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/IntegrationGetResponse"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}, "patch": {"tags": ["Integrations"], "summary": "Update Integration", "description": "Update the integration details", "operationId": "updateIntegration", "parameters": [{"name": "integration_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Integration Id"}}], "requestBody": {"required": true, "content": {"application/json": {"schema": {"$ref": "#/components/schemas/IntegrationUpdateRequest"}}}}, "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/IntegrationUpdateResponse"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}, "delete": {"tags": ["Integrations"], "summary": "Delete Integration", "description": "Delete the integration by ID", "operationId": "deleteIntegration", "parameters": [{"name": "integration_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Integration Id"}}, {"name": "force", "in": "query", "required": false, "schema": {"type": "boolean", "description": "Force delete the integration even if it has active subscriptions (it will unsubscribe from all lists)", "default": false, "title": "Force"}, "description": "Force delete the integration even if it has active subscriptions (it will unsubscribe from all lists)"}], "responses": {"204": {"description": "Successful Response"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/integrations/{integration_id}/content": {"head": {"tags": ["Integrations"], "summary": "Head Integration Content", "description": "Check if the integration has content", "operationId": "headIntegrationContent", "parameters": [{"name": "integration_id", "in": "path", "required": true, "schema": {"type": "string", "format": "ObjectId", "examples": ["5f9d88b9e5c4f5b9a3d3e8b1"], "title": "Integration Id"}}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {}}}}, "404": {"description": "Integration not found"}, "204": {"description": "Integration has no subscribed blocklists or no content available"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}, "get": {"tags": ["Integrations"], "summary": "Get Integration Content", "description": "Get the ips associated to the integration in plain text format. The content can be paginated to accomodate limits in firewalls.", "operationId": "getIntegrationContent", "parameters": [{"name": "integration_id", "in": "path", "required": true, "schema": {"type": "string", "format": "ObjectId", "examples": ["5f9d88b9e5c4f5b9a3d3e8b1"], "title": "Integration Id"}}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number to return", "default": 1, "title": "Page"}, "description": "Page number to return"}, {"name": "page_size", "in": "query", "required": false, "schema": {"anyOf": [{"type": "integer", "minimum": 10000}, {"type": "null"}], "description": "Maximum number of items to return, 0 means no limit (default), should be greater than 10000", "title": "Page Size"}, "description": "Maximum number of items to return, 0 means no limit (default), should be greater than 10000"}, {"name": "pull_limit", "in": "query", "required": false, "schema": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Pull Limit"}}, {"name": "enable_ip_aggregation", "in": "query", "required": false, "schema": {"type": "boolean", "default": false, "title": "Enable Ip Aggregation"}}], "responses": {"200": {"description": "Successful Response", "content": {"text/plain": {"schema": {"type": "string"}}}}, "404": {"description": "Integration not found"}, "204": {"description": "Integration has no subscribed blocklists or no content available"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/integrations/{integration_id}/v1/decisions/stream": {"get": {"tags": ["Integrations"], "summary": "Get Integration Content Stream", "description": "Get the ips associated to the integration in a format compatible with a remediation component. As for the remediation components, you can fetch the full content with startup=true or only the changes since the last pull", "operationId": "getIntegrationContentStream", "parameters": [{"name": "integration_id", "in": "path", "required": true, "schema": {"type": "string", "format": "ObjectId", "examples": ["5f9d88b9e5c4f5b9a3d3e8b1"], "title": "Integration Id"}}, {"name": "startup", "in": "query", "required": false, "schema": {"type": "boolean", "description": "Set to true if it's the first run to fetch all the content, otherwise only changes since the last pull.", "default": false, "title": "Startup"}, "description": "Set to true if it's the first run to fetch all the content, otherwise only changes since the last pull."}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {}}}}, "404": {"description": "Integration not found"}, "204": {"description": "Integration has no subscribed blocklists or no content available"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/cves": {"get": {"tags": ["Cves"], "summary": "Get list of CVEs CrowdSec is tracking", "description": "Get a paginated list of CVEs that CrowdSec is tracking", "operationId": "getCves", "parameters": [{"name": "query", "in": "query", "required": false, "schema": {"anyOf": [{"type": "string"}, {"type": "null"}], "description": "Search query for CVEs", "title": "Query"}, "description": "Search query for CVEs"}, {"name": "sort_by", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortBy"}, {"type": "null"}], "description": "Field to sort by", "default": "rule_release_date", "title": "Sort By"}, "description": "Field to sort by"}, {"name": "sort_order", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortOrder"}, {"type": "null"}], "description": "Sort order: ascending or descending", "default": "desc", "title": "Sort Order"}, "description": "Sort order: ascending or descending"}, {"name": "filters", "in": "query", "required": false, "schema": {"anyOf": [{"type": "array", "items": {"$ref": "#/components/schemas/GetCVEsFilterBy"}}, {"type": "null"}], "description": "Filters to apply on the CVE list", "title": "Filters"}, "description": "Filters to apply on the CVE list"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/GetCVEsResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/cves/{cve_id}": {"get": {"tags": ["Cves"], "summary": "Get CVE ID informations", "description": "Get information about a specific CVE ID", "operationId": "getCve", "parameters": [{"name": "cve_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Cve Id"}}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/GetCVEResponse"}}}}, "404": {"description": "CVE Not Found"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/cves/{cve_id}/ips-download": {"get": {"tags": ["Cves"], "summary": "Download IPs exploiting a CVE ID (raw)", "description": "Download the list of IPs exploiting a specific CVE ID in raw format", "operationId": "downloadCveIps", "parameters": [{"name": "cve_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Cve Id"}}], "responses": {"200": {"description": "Successful Response", "content": {"text/plain": {"schema": {"type": "string"}}}}, "404": {"description": "CVE Not Found"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/cves/{cve_id}/ips-details": {"get": {"tags": ["Cves"], "summary": "Get IPs details exploiting a CVE ID", "description": "Get detailed information about IPs exploiting a specific CVE ID", "operationId": "getCveIpsDetails", "parameters": [{"name": "cve_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Cve Id"}}, {"name": "since", "in": "query", "required": false, "schema": {"anyOf": [{"type": "string", "pattern": "^\\d+[hd]$"}, {"type": "null"}], "description": "Filter IPs seen since this date, format duration (e.g., 7d, 24h), default to 14d", "default": "14d", "title": "Since"}, "description": "Filter IPs seen since this date, format duration (e.g., 7d, 24h), default to 14d"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/GetCVEIPsResponsePage"}}}}, "404": {"description": "CVE Not Found"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/cves/{cve_id}/integrations": {"post": {"tags": ["Cves"], "summary": "Subscribe an integration to a CVE ID", "description": "Subscribe an integration to receive threats related to a specific CVE ID", "operationId": "subscribeIntegrationToCve", "parameters": [{"name": "cve_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Cve Id"}}], "requestBody": {"required": true, "content": {"application/json": {"schema": {"$ref": "#/components/schemas/SubscribeCVEIntegrationRequest"}}}}, "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {}}}}, "404": {"description": "Integration Not Found"}, "400": {"description": "CVE Already Subscribed"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}, "get": {"tags": ["Cves"], "summary": "Get subscribed integrations for a CVE ID", "description": "Get the list of integrations subscribed to a specific CVE ID", "operationId": "getCveSubscribedIntegrations", "parameters": [{"name": "cve_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Cve Id"}}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/GetCVESubscribedIntegrationsResponsePage"}}}}, "404": {"description": "CVE Not Found"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/cves/{cve_id}/integrations/{integration_name}": {"delete": {"tags": ["Cves"], "summary": "Unsubscribe an integration from a CVE ID", "description": "Unsubscribe an integration from receiving threats related to a specific CVE ID", "operationId": "unsubscribeIntegrationFromCve", "parameters": [{"name": "cve_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Cve Id"}}, {"name": "integration_name", "in": "path", "required": true, "schema": {"type": "string", "title": "Integration Name"}}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {}}}}, "404": {"description": "Integration Not Found"}, "400": {"description": "CVE Already Unsubscribed"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/cves/{cve_id}/timeline": {"get": {"tags": ["Cves"], "summary": "Get timeline data for a CVE ID", "description": "Get timeline data of occurrences for a specific CVE ID", "operationId": "getCveTimeline", "parameters": [{"name": "cve_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Cve Id"}}, {"name": "since_days", "in": "query", "required": false, "schema": {"$ref": "#/components/schemas/SinceOptions", "description": "Time range for the timeline data (in days). Options: 1 (1 day), 7 (1 week), 30 (1 month). Default is 7 days.", "default": 7}, "description": "Time range for the timeline data (in days). Options: 1 (1 day), 7 (1 week), 30 (1 month). Default is 7 days."}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"type": "array", "items": {"$ref": "#/components/schemas/TimelineItem"}, "title": "Response Getcvetimeline"}}}}, "404": {"description": "CVE Not Found"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/vendors": {"get": {"tags": ["Vendors"], "summary": "Get list of vendors", "description": "Get a paginated list of vendors", "operationId": "getVendors", "parameters": [{"name": "query", "in": "query", "required": false, "schema": {"anyOf": [{"type": "string"}, {"type": "null"}], "description": "Search query for vendors", "title": "Query"}, "description": "Search query for vendors"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/LookupListResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/vendors/{vendor}": {"get": {"tags": ["Vendors"], "summary": "Get vendor impact", "description": "Get CVE and fingerprint rules affecting a vendor", "operationId": "getVendorImpact", "parameters": [{"name": "vendor", "in": "path", "required": true, "schema": {"type": "string", "title": "Vendor"}}, {"name": "sort_by", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortBy"}, {"type": "null"}], "description": "Field to sort by", "default": "rule_release_date", "title": "Sort By"}, "description": "Field to sort by"}, {"name": "sort_order", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortOrder"}, {"type": "null"}], "description": "Sort order: ascending or descending", "default": "desc", "title": "Sort Order"}, "description": "Sort order: ascending or descending"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/LookupImpactResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/products": {"get": {"tags": ["Products"], "summary": "Get list of products", "description": "Get a paginated list of products", "operationId": "getProducts", "parameters": [{"name": "query", "in": "query", "required": false, "schema": {"anyOf": [{"type": "string"}, {"type": "null"}], "description": "Search query for products", "title": "Query"}, "description": "Search query for products"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/LookupListResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/products/{product}": {"get": {"tags": ["Products"], "summary": "Get product impact", "description": "Get CVE and fingerprint rules affecting a product", "operationId": "getProductImpact", "parameters": [{"name": "product", "in": "path", "required": true, "schema": {"type": "string", "title": "Product"}}, {"name": "sort_by", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortBy"}, {"type": "null"}], "description": "Field to sort by", "default": "rule_release_date", "title": "Sort By"}, "description": "Field to sort by"}, {"name": "sort_order", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortOrder"}, {"type": "null"}], "description": "Sort order: ascending or descending", "default": "desc", "title": "Sort Order"}, "description": "Sort order: ascending or descending"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/LookupImpactResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/tags": {"get": {"tags": ["Tags"], "summary": "Get list of tags", "description": "Get a paginated list of tags", "operationId": "getTags", "parameters": [{"name": "query", "in": "query", "required": false, "schema": {"anyOf": [{"type": "string"}, {"type": "null"}], "description": "Search query for tags", "title": "Query"}, "description": "Search query for tags"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/LookupListResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/tags/{tag}": {"get": {"tags": ["Tags"], "summary": "Get tag impact", "description": "Get CVE and fingerprint rules affecting a tag", "operationId": "getTagImpact", "parameters": [{"name": "tag", "in": "path", "required": true, "schema": {"type": "string", "title": "Tag"}}, {"name": "sort_by", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortBy"}, {"type": "null"}], "description": "Field to sort by", "default": "rule_release_date", "title": "Sort By"}, "description": "Field to sort by"}, {"name": "sort_order", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortOrder"}, {"type": "null"}], "description": "Sort order: ascending or descending", "default": "desc", "title": "Sort Order"}, "description": "Sort order: ascending or descending"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/LookupImpactResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/fingerprints": {"get": {"tags": ["Fingerprints"], "summary": "Get list of fingerprint rules", "description": "Get a paginated list of fingerprint rules", "operationId": "getFingerprintRules", "parameters": [{"name": "query", "in": "query", "required": false, "schema": {"anyOf": [{"type": "string"}, {"type": "null"}], "description": "Search query for fingerprint rules", "title": "Query"}, "description": "Search query for fingerprint rules"}, {"name": "sort_by", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortBy"}, {"type": "null"}], "description": "Field to sort by", "default": "rule_release_date", "title": "Sort By"}, "description": "Field to sort by"}, {"name": "sort_order", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortOrder"}, {"type": "null"}], "description": "Sort order: ascending or descending", "default": "desc", "title": "Sort Order"}, "description": "Sort order: ascending or descending"}, {"name": "filters", "in": "query", "required": false, "schema": {"anyOf": [{"type": "array", "items": {"$ref": "#/components/schemas/GetCVEsFilterBy"}}, {"type": "null"}], "description": "Filters to apply on the fingerprint rule list", "title": "Filters"}, "description": "Filters to apply on the fingerprint rule list"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/GetFingerprintRulesResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/fingerprints/{fingerprint}/ips-download": {"get": {"tags": ["Fingerprints"], "summary": "Download IPs exploiting a fingerprint rule (raw)", "description": "Download the list of IPs exploiting a specific fingerprint rule in raw format", "operationId": "downloadFingerprintIps", "parameters": [{"name": "fingerprint", "in": "path", "required": true, "schema": {"type": "string", "title": "Fingerprint"}}], "responses": {"200": {"description": "Successful Response", "content": {"text/plain": {"schema": {"type": "string"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/fingerprints/{fingerprint}/ips-details": {"get": {"tags": ["Fingerprints"], "summary": "Get IP details exploiting a fingerprint rule", "description": "Get detailed information about IPs exploiting a specific fingerprint rule", "operationId": "getFingerprintIpsDetails", "parameters": [{"name": "fingerprint", "in": "path", "required": true, "schema": {"type": "string", "title": "Fingerprint"}}, {"name": "since", "in": "query", "required": false, "schema": {"anyOf": [{"type": "string", "pattern": "^\\d+[hd]$"}, {"type": "null"}], "description": "Filter IPs seen since this date, format duration (e.g., 7d, 24h), default to 14d", "default": "14d", "title": "Since"}, "description": "Filter IPs seen since this date, format duration (e.g., 7d, 24h), default to 14d"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/GetFingerprintIPsResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/fingerprints/{fingerprint}/integrations": {"post": {"tags": ["Fingerprints"], "summary": "Subscribe an integration to a fingerprint rule", "description": "Subscribe an integration to receive threats related to a specific fingerprint rule", "operationId": "subscribeIntegrationToFingerprint", "parameters": [{"name": "fingerprint", "in": "path", "required": true, "schema": {"type": "string", "title": "Fingerprint"}}], "requestBody": {"required": true, "content": {"application/json": {"schema": {"$ref": "#/components/schemas/SubscribeFingerprintIntegrationRequest"}}}}, "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}, "get": {"tags": ["Fingerprints"], "summary": "Get subscribed integrations for a fingerprint rule", "description": "Get the list of integrations subscribed to a specific fingerprint rule", "operationId": "getFingerprintSubscribedIntegrations", "parameters": [{"name": "fingerprint", "in": "path", "required": true, "schema": {"type": "string", "title": "Fingerprint"}}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/GetFingerprintSubscribedIntegrationsResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/fingerprints/{fingerprint}/integrations/{integration_name}": {"delete": {"tags": ["Fingerprints"], "summary": "Unsubscribe an integration from a fingerprint rule", "description": "Unsubscribe an integration from receiving threats related to a specific fingerprint rule", "operationId": "unsubscribeIntegrationFromFingerprint", "parameters": [{"name": "fingerprint", "in": "path", "required": true, "schema": {"type": "string", "title": "Fingerprint"}}, {"name": "integration_name", "in": "path", "required": true, "schema": {"type": "string", "title": "Integration Name"}}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/fingerprints/{fingerprint}/timeline": {"get": {"tags": ["Fingerprints"], "summary": "Get timeline data for a fingerprint rule", "description": "Get timeline data of occurrences for a specific fingerprint rule", "operationId": "getFingerprintTimeline", "parameters": [{"name": "fingerprint", "in": "path", "required": true, "schema": {"type": "string", "title": "Fingerprint"}}, {"name": "since_days", "in": "query", "required": false, "schema": {"$ref": "#/components/schemas/SinceOptions", "description": "Time range for the timeline data (in days). Options: 1 (1 day), 7 (1 week), 30 (1 month). Default is 7 days.", "default": 7}, "description": "Time range for the timeline data (in days). Options: 1 (1 day), 7 (1 week), 30 (1 month). Default is 7 days."}, {"name": "interval", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/IntervalOptions"}, {"type": "null"}], "description": "Interval for aggregating timeline data. Options: 'hour', 'day', 'week'. Default is adapted based on 'since' parameter.", "title": "Interval"}, "description": "Interval for aggregating timeline data. Options: 'hour', 'day', 'week'. Default is adapted based on 'since' parameter."}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"type": "array", "items": {"$ref": "#/components/schemas/FingerprintTimelineItem"}, "title": "Response Getfingerprinttimeline"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/fingerprints/{fingerprint}": {"get": {"tags": ["Fingerprints"], "summary": "Get fingerprint rule information", "description": "Get information about a specific fingerprint rule", "operationId": "getFingerprintRule", "parameters": [{"name": "fingerprint", "in": "path", "required": true, "schema": {"type": "string", "title": "Fingerprint"}}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/FingerprintRuleResponse"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}}, "components": {"schemas": {"ApiKeyCredentials": {"properties": {"api_key": {"type": "string", "title": "Api Key", "description": "API key for the integration"}}, "type": "object", "required": ["api_key"], "title": "ApiKeyCredentials"}, "BasicAuthCredentials": {"properties": {"username": {"type": "string", "title": "Username", "description": "Basic auth username for the integration"}, "password": {"type": "string", "title": "Password", "description": "Basic auth password for the integration"}}, "type": "object", "required": ["username", "password"], "title": "BasicAuthCredentials"}, "BlocklistSubscription": {"properties": {"id": {"type": "string", "title": "Id"}, "remediation": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Remediation"}}, "type": "object", "required": ["id"], "title": "BlocklistSubscription"}, "CVESubscription": {"properties": {"id": {"type": "string", "title": "Id", "description": "CVE ID"}}, "type": "object", "required": ["id"], "title": "CVESubscription"}, "FingerprintSubscription": {"properties": {"id": {"type": "string", "title": "Id"}}, "type": "object", "required": ["id"], "title": "FingerprintSubscription"}, "HTTPValidationError": {"properties": {"detail": {"items": {"$ref": "#/components/schemas/ValidationError"}, "type": "array", "title": "Detail"}}, "type": "object", "title": "HTTPValidationError"}, "IntegrationCreateRequest": {"properties": {"name": {"type": "string", "minLength": 1, "title": "Name", "description": "Name of the integration"}, "description": {"type": "string", "minLength": 1, "title": "Description", "description": "Description of the integration"}, "entity_type": {"$ref": "#/components/schemas/IntegrationType", "description": "Type of the integration"}, "output_format": {"$ref": "#/components/schemas/OutputFormat", "description": "Output format of the integration"}, "pull_limit": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Pull Limit", "description": "Maximum number of items to pull"}, "enable_ip_aggregation": {"type": "boolean", "title": "Enable Ip Aggregation", "description": "Whether to enable IP aggregation into ranges", "default": false}}, "additionalProperties": false, "type": "object", "required": ["name", "entity_type", "output_format"], "title": "IntegrationCreateRequest"}, "IntegrationCreateResponse": {"properties": {"id": {"type": "string", "title": "Id", "description": "ID of the integration"}, "name": {"type": "string", "title": "Name", "description": "Name of the integration. Should be unique within the organization"}, "organization_id": {"type": "string", "title": "Organization Id", "description": "ID of the owner organization"}, "description": {"type": "string", "title": "Description", "description": "Description of the integration"}, "created_at": {"type": "string", "format": "date-time", "title": "Created At", "description": "Time the integration was created"}, "updated_at": {"type": "string", "format": "date-time", "title": "Updated At", "description": "Last time the integration was updated"}, "entity_type": {"$ref": "#/components/schemas/IntegrationType", "description": "Type of the integration"}, "output_format": {"$ref": "#/components/schemas/OutputFormat", "description": "Output format of the integration"}, "last_pull": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Pull", "description": "Last time the integration pulled blocklists"}, "blocklists": {"items": {"$ref": "#/components/schemas/BlocklistSubscription"}, "type": "array", "title": "Blocklists", "description": "Blocklists that are subscribed by the integration"}, "cves": {"items": {"$ref": "#/components/schemas/CVESubscription"}, "type": "array", "title": "Cves", "description": "CVEs that are subscribed by the integration"}, "fingerprints": {"items": {"$ref": "#/components/schemas/FingerprintSubscription"}, "type": "array", "title": "Fingerprints", "description": "Fingerprints that are subscribed by the integration"}, "endpoint": {"type": "string", "maxLength": 2083, "minLength": 1, "format": "uri", "title": "Endpoint", "description": "Url that should be used by the firewall or the remediation component to fetch the integration's content"}, "stats": {"$ref": "#/components/schemas/Stats", "description": "Stats of the integration", "default": {"count": 0}}, "tags": {"items": {"type": "string"}, "type": "array", "title": "Tags", "description": "Tags associated with the integration", "default": []}, "pull_limit": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Pull Limit", "description": "Maximum number of items to pull"}, "enable_ip_aggregation": {"type": "boolean", "title": "Enable Ip Aggregation", "description": "Whether to enable IP aggregation into ranges", "default": false}, "credentials": {"anyOf": [{"$ref": "#/components/schemas/ApiKeyCredentials"}, {"$ref": "#/components/schemas/BasicAuthCredentials"}], "title": "Credentials", "description": "Credentials that were generated for the integration"}}, "type": "object", "required": ["id", "name", "organization_id", "created_at", "updated_at", "entity_type", "output_format", "blocklists", "cves", "fingerprints", "endpoint", "credentials"], "title": "IntegrationCreateResponse"}, "IntegrationGetResponse": {"properties": {"id": {"type": "string", "title": "Id", "description": "ID of the integration"}, "name": {"type": "string", "title": "Name", "description": "Name of the integration. Should be unique within the organization"}, "organization_id": {"type": "string", "title": "Organization Id", "description": "ID of the owner organization"}, "description": {"type": "string", "title": "Description", "description": "Description of the integration"}, "created_at": {"type": "string", "format": "date-time", "title": "Created At", "description": "Time the integration was created"}, "updated_at": {"type": "string", "format": "date-time", "title": "Updated At", "description": "Last time the integration was updated"}, "entity_type": {"$ref": "#/components/schemas/IntegrationType", "description": "Type of the integration"}, "output_format": {"$ref": "#/components/schemas/OutputFormat", "description": "Output format of the integration"}, "last_pull": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Pull", "description": "Last time the integration pulled blocklists"}, "blocklists": {"items": {"$ref": "#/components/schemas/BlocklistSubscription"}, "type": "array", "title": "Blocklists", "description": "Blocklists that are subscribed by the integration"}, "cves": {"items": {"$ref": "#/components/schemas/CVESubscription"}, "type": "array", "title": "Cves", "description": "CVEs that are subscribed by the integration"}, "fingerprints": {"items": {"$ref": "#/components/schemas/FingerprintSubscription"}, "type": "array", "title": "Fingerprints", "description": "Fingerprints that are subscribed by the integration"}, "endpoint": {"type": "string", "maxLength": 2083, "minLength": 1, "format": "uri", "title": "Endpoint", "description": "Url that should be used by the firewall or the remediation component to fetch the integration's content"}, "stats": {"$ref": "#/components/schemas/Stats", "description": "Stats of the integration", "default": {"count": 0}}, "tags": {"items": {"type": "string"}, "type": "array", "title": "Tags", "description": "Tags associated with the integration", "default": []}, "pull_limit": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Pull Limit", "description": "Maximum number of items to pull"}, "enable_ip_aggregation": {"type": "boolean", "title": "Enable Ip Aggregation", "description": "Whether to enable IP aggregation into ranges", "default": false}}, "type": "object", "required": ["id", "name", "organization_id", "created_at", "updated_at", "entity_type", "output_format", "blocklists", "cves", "fingerprints", "endpoint"], "title": "IntegrationGetResponse"}, "IntegrationGetResponsePage": {"properties": {"items": {"items": {"$ref": "#/components/schemas/IntegrationGetResponse"}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "IntegrationGetResponsePage"}, "IntegrationType": {"type": "string", "enum": ["firewall_integration", "remediation_component_integration"], "title": "IntegrationType"}, "IntegrationUpdateRequest": {"properties": {"name": {"type": "string", "minLength": 1, "title": "Name", "description": "New name"}, "description": {"type": "string", "minLength": 1, "title": "Description", "description": "New description"}, "output_format": {"$ref": "#/components/schemas/OutputFormat", "description": "New output format"}, "regenerate_credentials": {"type": "boolean", "title": "Regenerate Credentials", "description": "Regenerate credentials for the integration"}, "pull_limit": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Pull Limit", "description": "Maximum number of items to pull"}, "enable_ip_aggregation": {"type": "boolean", "title": "Enable Ip Aggregation", "description": "Whether to enable IP aggregation into ranges", "default": false}}, "additionalProperties": false, "type": "object", "title": "IntegrationUpdateRequest"}, "IntegrationUpdateResponse": {"properties": {"id": {"type": "string", "title": "Id", "description": "ID of the integration"}, "name": {"type": "string", "title": "Name", "description": "Name of the integration. Should be unique within the organization"}, "organization_id": {"type": "string", "title": "Organization Id", "description": "ID of the owner organization"}, "description": {"type": "string", "title": "Description", "description": "Description of the integration"}, "created_at": {"type": "string", "format": "date-time", "title": "Created At", "description": "Time the integration was created"}, "updated_at": {"type": "string", "format": "date-time", "title": "Updated At", "description": "Last time the integration was updated"}, "entity_type": {"$ref": "#/components/schemas/IntegrationType", "description": "Type of the integration"}, "output_format": {"$ref": "#/components/schemas/OutputFormat", "description": "Output format of the integration"}, "last_pull": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Pull", "description": "Last time the integration pulled blocklists"}, "blocklists": {"items": {"$ref": "#/components/schemas/BlocklistSubscription"}, "type": "array", "title": "Blocklists", "description": "Blocklists that are subscribed by the integration"}, "cves": {"items": {"$ref": "#/components/schemas/CVESubscription"}, "type": "array", "title": "Cves", "description": "CVEs that are subscribed by the integration"}, "fingerprints": {"items": {"$ref": "#/components/schemas/FingerprintSubscription"}, "type": "array", "title": "Fingerprints", "description": "Fingerprints that are subscribed by the integration"}, "endpoint": {"type": "string", "maxLength": 2083, "minLength": 1, "format": "uri", "title": "Endpoint", "description": "Url that should be used by the firewall or the remediation component to fetch the integration's content"}, "stats": {"$ref": "#/components/schemas/Stats", "description": "Stats of the integration", "default": {"count": 0}}, "tags": {"items": {"type": "string"}, "type": "array", "title": "Tags", "description": "Tags associated with the integration", "default": []}, "pull_limit": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Pull Limit", "description": "Maximum number of items to pull"}, "enable_ip_aggregation": {"type": "boolean", "title": "Enable Ip Aggregation", "description": "Whether to enable IP aggregation into ranges", "default": false}, "credentials": {"anyOf": [{"$ref": "#/components/schemas/ApiKeyCredentials"}, {"$ref": "#/components/schemas/BasicAuthCredentials"}, {"type": "null"}], "title": "Credentials", "description": "Credentials for the integration"}}, "type": "object", "required": ["id", "name", "organization_id", "created_at", "updated_at", "entity_type", "output_format", "blocklists", "cves", "fingerprints", "endpoint"], "title": "IntegrationUpdateResponse"}, "Links": {"properties": {"first": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "First", "examples": ["/api/v1/users?limit=1&offset1"]}, "last": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Last", "examples": ["/api/v1/users?limit=1&offset1"]}, "self": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Self", "examples": ["/api/v1/users?limit=1&offset1"]}, "next": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Next", "examples": ["/api/v1/users?limit=1&offset1"]}, "prev": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Prev", "examples": ["/api/v1/users?limit=1&offset1"]}}, "type": "object", "title": "Links"}, "OutputFormat": {"type": "string", "enum": ["plain_text", "f5", "remediation_component", "fortigate", "paloalto", "checkpoint", "cisco", "juniper", "mikrotik", "pfsense", "opnsense", "sophos"], "title": "OutputFormat"}, "Stats": {"properties": {"count": {"type": "integer", "title": "Count", "description": "Number of total blocklists items the integration will pull"}}, "type": "object", "required": ["count"], "title": "Stats"}, "ValidationError": {"properties": {"loc": {"items": {"anyOf": [{"type": "string"}, {"type": "integer"}]}, "type": "array", "title": "Location"}, "msg": {"type": "string", "title": "Message"}, "type": {"type": "string", "title": "Error Type"}}, "type": "object", "required": ["loc", "msg", "type"], "title": "ValidationError"}, "AdjustmentScore": {"properties": {"total": {"type": "integer", "title": "Total", "description": "Total score adjustment"}, "recency": {"type": "integer", "title": "Recency", "description": "Recency score adjustment"}, "low_info": {"type": "integer", "title": "Low Info", "description": "Low information score adjustment"}}, "type": "object", "required": ["total", "recency", "low_info"], "title": "AdjustmentScore"}, "AffectedComponent": {"properties": {"vendor": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Vendor", "description": "Vendor of the affected component"}, "product": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Product", "description": "Product name of the affected component"}}, "type": "object", "title": "AffectedComponent", "description": "Affected Component in a CVE"}, "AllowlistSubscription": {"properties": {"id": {"type": "string", "title": "Id"}}, "type": "object", "required": ["id"], "title": "AllowlistSubscription"}, "AttackDetail": {"properties": {"name": {"type": "string", "title": "Name", "description": "Attack detail name"}, "label": {"type": "string", "title": "Label", "description": "Attack detail label"}, "description": {"type": "string", "title": "Description", "description": "Attack detail description"}, "references": {"items": {"type": "string"}, "type": "array", "title": "References", "description": "Attack detail references"}}, "type": "object", "required": ["name", "label", "description"], "title": "AttackDetail"}, "Behavior": {"properties": {"name": {"type": "string", "title": "Name", "description": "Behavior name"}, "label": {"type": "string", "title": "Label", "description": "Behavior label"}, "description": {"type": "string", "title": "Description", "description": "Behavior description"}}, "type": "object", "required": ["name", "label", "description"], "title": "Behavior"}, "CVEEvent": {"properties": {"date": {"type": "string", "format": "date-time", "title": "Date", "description": "Date of the event"}, "description": {"type": "string", "title": "Description", "description": "Description of the event"}, "label": {"type": "string", "title": "Label", "description": "Label of the event"}, "name": {"type": "string", "title": "Name", "description": "Name of the event"}}, "type": "object", "required": ["date", "description", "label", "name"], "title": "CVEEvent", "description": "CVE Event Information"}, "CVEResponseBase": {"properties": {"id": {"type": "string", "title": "Id", "description": "ID of the CVE"}, "name": {"type": "string", "title": "Name", "description": "Name of the CVE"}, "title": {"type": "string", "title": "Title", "description": "Title of the CVE"}, "affected_components": {"items": {"$ref": "#/components/schemas/AffectedComponent"}, "type": "array", "title": "Affected Components", "description": "List of affected components"}, "crowdsec_score": {"type": "integer", "maximum": 10.0, "minimum": 0.0, "title": "Crowdsec Score", "description": "Live Exploit Tracker score of the CVE"}, "opportunity_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Opportunity Score", "description": "Opportunity score indicating if it's an opportunistic(0) or targeted(5) attack (between 0-5)", "default": 0}, "momentum_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Momentum Score", "description": "Momentum score indicating the vulnerability's trendiness based on signal comparison with the previous month. Higher scores (4-5) indicate significantly more signals this month than last month's average, while lower scores (0-1) indicate declining activity (between 0-5)", "default": 0}, "first_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "First Seen", "description": "First seen date"}, "last_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Seen", "description": "Last seen date"}, "nb_ips": {"type": "integer", "minimum": 0.0, "title": "Nb Ips", "description": "Number of unique IPs affected"}, "published_date": {"type": "string", "format": "date-time", "title": "Published Date", "description": "Published date of the CVE"}, "cvss_score": {"anyOf": [{"type": "number", "maximum": 10.0, "minimum": 0.0}, {"type": "null"}], "title": "Cvss Score", "description": "CVSS score of the CVE"}, "has_public_exploit": {"type": "boolean", "title": "Has Public Exploit", "description": "Indicates if there is a public exploit for the CVE"}, "rule_release_date": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Rule Release Date", "description": "Release date of the associated detection rule"}, "exploitation_phase": {"$ref": "#/components/schemas/ExploitationPhase", "description": "Current exploitation phase of the CVE"}, "adjustment_score": {"anyOf": [{"$ref": "#/components/schemas/AdjustmentScore"}, {"type": "null"}], "description": "Score adjustments applied to the CVE score based on various factors"}}, "type": "object", "required": ["id", "name", "title", "affected_components", "crowdsec_score", "nb_ips", "published_date", "has_public_exploit", "exploitation_phase"], "title": "CVEResponseBase", "description": "GET CVE ID Response"}, "CVEsubscription": {"properties": {"id": {"type": "string", "title": "Id"}}, "type": "object", "required": ["id"], "title": "CVEsubscription"}, "CWE": {"properties": {"name": {"type": "string", "title": "Name", "description": "Name of the CWE"}, "label": {"type": "string", "title": "Label", "description": "Label of the CWE"}, "description": {"type": "string", "title": "Description", "description": "Description of the CWE"}}, "type": "object", "required": ["name", "label", "description"], "title": "CWE", "description": "CWE Information"}, "Classification": {"properties": {"name": {"type": "string", "title": "Name", "description": "Classification name"}, "label": {"type": "string", "title": "Label", "description": "Classification label"}, "description": {"type": "string", "title": "Description", "description": "Classification description"}}, "type": "object", "required": ["name", "label", "description"], "title": "Classification"}, "Classifications": {"properties": {"false_positives": {"items": {"$ref": "#/components/schemas/Classification"}, "type": "array", "title": "False Positives", "description": "False positive classifications"}, "classifications": {"items": {"$ref": "#/components/schemas/Classification"}, "type": "array", "title": "Classifications", "description": "Main classifications"}}, "type": "object", "title": "Classifications"}, "EntityType": {"type": "string", "enum": ["org", "tag", "engine", "firewall_integration", "remediation_component_integration", "remediation_component", "log_processor"], "title": "EntityType"}, "ExploitationPhase": {"properties": {"name": {"type": "string", "title": "Name", "description": "Name of the exploitation phase"}, "label": {"type": "string", "title": "Label", "description": "Label of the exploitation phase"}, "description": {"type": "string", "title": "Description", "description": "Description of the exploitation phase"}}, "type": "object", "required": ["name", "label", "description"], "title": "ExploitationPhase"}, "FingerprintRuleResponse": {"properties": {"id": {"type": "string", "title": "Id", "description": "Fingerprint rule identifier"}, "name": {"type": "string", "title": "Name", "description": "Fingerprint rule name"}, "title": {"type": "string", "title": "Title", "description": "Fingerprint rule title"}, "affected_components": {"items": {"$ref": "#/components/schemas/AffectedComponent"}, "type": "array", "title": "Affected Components", "description": "List of affected components"}, "crowdsec_score": {"type": "integer", "maximum": 10.0, "minimum": 0.0, "title": "Crowdsec Score", "description": "Live Exploit Tracker score for the fingerprint rule"}, "opportunity_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Opportunity Score", "description": "Opportunity score", "default": 0}, "momentum_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Momentum Score", "description": "Momentum score", "default": 0}, "first_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "First Seen", "description": "First seen date"}, "last_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Seen", "description": "Last seen date"}, "nb_ips": {"type": "integer", "minimum": 0.0, "title": "Nb Ips", "description": "Number of unique IPs observed"}, "rule_release_date": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Rule Release Date", "description": "Release date of the fingerprint rule"}, "exploitation_phase": {"$ref": "#/components/schemas/ExploitationPhase", "description": "Current exploitation phase"}, "adjustment_score": {"anyOf": [{"$ref": "#/components/schemas/AdjustmentScore"}, {"type": "null"}], "description": "Score adjustment details"}, "hype_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Hype Score", "description": "Hype score (raw momentum component)", "default": 0}, "tags": {"items": {"type": "string"}, "type": "array", "title": "Tags", "description": "Tags associated with the fingerprint rule"}, "description": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Description", "description": "Fingerprint rule description"}, "references": {"items": {"type": "string"}, "type": "array", "title": "References", "description": "Reference links for the fingerprint rule"}, "crowdsec_analysis": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Crowdsec Analysis", "description": "CrowdSec analysis for this fingerprint rule"}, "events": {"items": {"$ref": "#/components/schemas/CVEEvent"}, "type": "array", "title": "Events", "description": "List of events related to the fingerprint rule"}}, "type": "object", "required": ["id", "name", "title", "affected_components", "crowdsec_score", "nb_ips", "exploitation_phase"], "title": "FingerprintRuleResponse"}, "FingerprintRuleSummary": {"properties": {"id": {"type": "string", "title": "Id", "description": "Fingerprint rule identifier"}, "name": {"type": "string", "title": "Name", "description": "Fingerprint rule name"}, "title": {"type": "string", "title": "Title", "description": "Fingerprint rule title"}, "affected_components": {"items": {"$ref": "#/components/schemas/AffectedComponent"}, "type": "array", "title": "Affected Components", "description": "List of affected components"}, "crowdsec_score": {"type": "integer", "maximum": 10.0, "minimum": 0.0, "title": "Crowdsec Score", "description": "Live Exploit Tracker score for the fingerprint rule"}, "opportunity_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Opportunity Score", "description": "Opportunity score", "default": 0}, "momentum_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Momentum Score", "description": "Momentum score", "default": 0}, "first_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "First Seen", "description": "First seen date"}, "last_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Seen", "description": "Last seen date"}, "nb_ips": {"type": "integer", "minimum": 0.0, "title": "Nb Ips", "description": "Number of unique IPs observed"}, "rule_release_date": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Rule Release Date", "description": "Release date of the fingerprint rule"}, "exploitation_phase": {"$ref": "#/components/schemas/ExploitationPhase", "description": "Current exploitation phase"}, "adjustment_score": {"anyOf": [{"$ref": "#/components/schemas/AdjustmentScore"}, {"type": "null"}], "description": "Score adjustment details"}}, "type": "object", "required": ["id", "name", "title", "affected_components", "crowdsec_score", "nb_ips", "exploitation_phase"], "title": "FingerprintRuleSummary"}, "FingerprintTimelineItem": {"properties": {"timestamp": {"type": "string", "format": "date-time", "title": "Timestamp", "description": "Timestamp of the timeline event"}, "count": {"type": "integer", "title": "Count", "description": "Count of occurrences at the timestamp"}}, "type": "object", "required": ["timestamp", "count"], "title": "FingerprintTimelineItem"}, "GetCVEIPsResponsePage": {"properties": {"items": {"items": {"$ref": "#/components/schemas/IPItem"}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "GetCVEIPsResponsePage"}, "GetCVEResponse": {"properties": {"id": {"type": "string", "title": "Id", "description": "ID of the CVE"}, "name": {"type": "string", "title": "Name", "description": "Name of the CVE"}, "title": {"type": "string", "title": "Title", "description": "Title of the CVE"}, "affected_components": {"items": {"$ref": "#/components/schemas/AffectedComponent"}, "type": "array", "title": "Affected Components", "description": "List of affected components"}, "crowdsec_score": {"type": "integer", "maximum": 10.0, "minimum": 0.0, "title": "Crowdsec Score", "description": "Live Exploit Tracker score of the CVE"}, "opportunity_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Opportunity Score", "description": "Opportunity score indicating if it's an opportunistic(0) or targeted(5) attack (between 0-5)", "default": 0}, "momentum_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Momentum Score", "description": "Momentum score indicating the vulnerability's trendiness based on signal comparison with the previous month. Higher scores (4-5) indicate significantly more signals this month than last month's average, while lower scores (0-1) indicate declining activity (between 0-5)", "default": 0}, "first_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "First Seen", "description": "First seen date"}, "last_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Seen", "description": "Last seen date"}, "nb_ips": {"type": "integer", "minimum": 0.0, "title": "Nb Ips", "description": "Number of unique IPs affected"}, "published_date": {"type": "string", "format": "date-time", "title": "Published Date", "description": "Published date of the CVE"}, "cvss_score": {"anyOf": [{"type": "number", "maximum": 10.0, "minimum": 0.0}, {"type": "null"}], "title": "Cvss Score", "description": "CVSS score of the CVE"}, "has_public_exploit": {"type": "boolean", "title": "Has Public Exploit", "description": "Indicates if there is a public exploit for the CVE"}, "rule_release_date": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Rule Release Date", "description": "Release date of the associated detection rule"}, "exploitation_phase": {"$ref": "#/components/schemas/ExploitationPhase", "description": "Current exploitation phase of the CVE"}, "adjustment_score": {"anyOf": [{"$ref": "#/components/schemas/AdjustmentScore"}, {"type": "null"}], "description": "Score adjustments applied to the CVE score based on various factors"}, "hype_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Hype Score", "description": "Hype score (raw momentum component)", "default": 0}, "tags": {"items": {"type": "string"}, "type": "array", "title": "Tags", "description": "Tags associated with the CVE"}, "references": {"items": {"type": "string"}, "type": "array", "title": "References", "description": "List of references for the CVE"}, "description": {"type": "string", "title": "Description", "description": "Description of the CVE"}, "crowdsec_analysis": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Crowdsec Analysis", "description": "CrowdSec analysis of the CVE"}, "cwes": {"items": {"$ref": "#/components/schemas/CWE"}, "type": "array", "title": "Cwes", "description": "List of CWEs associated with the CVE"}, "events": {"items": {"$ref": "#/components/schemas/CVEEvent"}, "type": "array", "title": "Events", "description": "List of events related to the CVE"}}, "type": "object", "required": ["id", "name", "title", "affected_components", "crowdsec_score", "nb_ips", "published_date", "has_public_exploit", "exploitation_phase", "references", "description", "crowdsec_analysis", "cwes"], "title": "GetCVEResponse"}, "GetCVESubscribedIntegrationsResponsePage": {"properties": {"items": {"items": {"$ref": "#/components/schemas/IntegrationResponse"}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "GetCVESubscribedIntegrationsResponsePage"}, "GetCVEsFilterBy": {"type": "string", "enum": ["is_public"], "title": "GetCVEsFilterBy"}, "GetCVEsResponsePage": {"properties": {"items": {"items": {"$ref": "#/components/schemas/CVEResponseBase"}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "GetCVEsResponsePage"}, "GetCVEsSortBy": {"type": "string", "enum": ["rule_release_date", "trending", "nb_ips", "name"], "title": "GetCVEsSortBy"}, "GetCVEsSortOrder": {"type": "string", "enum": ["asc", "desc"], "title": "GetCVEsSortOrder"}, "GetFingerprintIPsResponsePage": {"properties": {"items": {"items": {"$ref": "#/components/schemas/IPItem"}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "GetFingerprintIPsResponsePage"}, "GetFingerprintRulesResponsePage": {"properties": {"items": {"items": {"$ref": "#/components/schemas/FingerprintRuleSummary"}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "GetFingerprintRulesResponsePage"}, "GetFingerprintSubscribedIntegrationsResponsePage": {"properties": {"items": {"items": {"$ref": "#/components/schemas/IntegrationResponse"}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "GetFingerprintSubscribedIntegrationsResponsePage"}, "History": {"properties": {"first_seen": {"type": "string", "format": "date-time", "title": "First Seen", "description": "First seen timestamp"}, "last_seen": {"type": "string", "format": "date-time", "title": "Last Seen", "description": "Last seen timestamp"}, "full_age": {"type": "integer", "title": "Full Age", "description": "Full age in days"}, "days_age": {"type": "integer", "title": "Days Age", "description": "Days age"}}, "type": "object", "required": ["first_seen", "last_seen", "full_age", "days_age"], "title": "History"}, "IPItem": {"properties": {"ip": {"type": "string", "title": "Ip", "description": "IP address"}, "reputation": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Reputation", "description": "Reputation of the IP"}, "ip_range": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Ip Range", "description": "IP range"}, "ip_range_score": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Ip Range Score", "description": "IP range score"}, "ip_range_24": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Ip Range 24", "description": "IP range /24"}, "ip_range_24_reputation": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Ip Range 24 Reputation", "description": "IP range /24 reputation"}, "ip_range_24_score": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Ip Range 24 Score", "description": "IP range /24 score"}, "as_name": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "As Name", "description": "AS name"}, "as_num": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "As Num", "description": "AS number"}, "background_noise_score": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Background Noise Score", "description": "Background noise score"}, "background_noise": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Background Noise", "description": "Background noise level"}, "confidence": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Confidence", "description": "Confidence level"}, "location": {"anyOf": [{"$ref": "#/components/schemas/Location"}, {"type": "null"}], "description": "IP location information"}, "reverse_dns": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Reverse Dns", "description": "Reverse DNS"}, "behaviors": {"items": {"$ref": "#/components/schemas/Behavior"}, "type": "array", "title": "Behaviors", "description": "List of behaviors"}, "references": {"items": {"$ref": "#/components/schemas/Reference"}, "type": "array", "title": "References", "description": "List of references"}, "history": {"anyOf": [{"$ref": "#/components/schemas/History"}, {"type": "null"}], "description": "Historical data"}, "classifications": {"anyOf": [{"$ref": "#/components/schemas/Classifications"}, {"type": "null"}], "description": "Classification data"}, "mitre_techniques": {"items": {"$ref": "#/components/schemas/MitreTechnique"}, "type": "array", "title": "Mitre Techniques", "description": "MITRE techniques"}, "cves": {"items": {"type": "string"}, "type": "array", "title": "Cves", "description": "List of CVEs"}, "attack_details": {"items": {"$ref": "#/components/schemas/AttackDetail"}, "type": "array", "title": "Attack Details", "description": "Attack details"}, "target_countries": {"additionalProperties": {"type": "integer"}, "type": "object", "title": "Target Countries", "description": "Target countries"}, "scores": {"anyOf": [{"$ref": "#/components/schemas/Scores"}, {"type": "null"}], "description": "Scoring information"}}, "type": "object", "required": ["ip"], "title": "IPItem"}, "IntegrationResponse": {"properties": {"tags": {"items": {"type": "string"}, "type": "array", "title": "Tags", "default": []}, "organization_id": {"type": "string", "title": "Organization Id"}, "created_at": {"type": "string", "format": "date-time", "title": "Created At", "description": "Time the integration was created"}, "entity_type": {"$ref": "#/components/schemas/EntityType", "description": "Type of the integration"}, "id": {"type": "string", "title": "Id", "description": "ID of the integration"}, "blocklists": {"items": {"$ref": "#/components/schemas/BlocklistSubscription"}, "type": "array", "title": "Blocklists", "default": []}, "allowlists": {"items": {"$ref": "#/components/schemas/AllowlistSubscription"}, "type": "array", "title": "Allowlists", "default": []}, "cves": {"items": {"$ref": "#/components/schemas/CVEsubscription"}, "type": "array", "title": "Cves", "default": []}, "fingerprints": {"items": {"$ref": "#/components/schemas/FingerprintSubscription"}, "type": "array", "title": "Fingerprints", "default": []}, "name": {"type": "string", "title": "Name", "description": "Name of the integration"}, "updated_at": {"type": "string", "format": "date-time", "title": "Updated At", "description": "Last time the integration was updated"}, "description": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Description", "description": "Description of the integration"}, "output_format": {"$ref": "#/components/schemas/OutputFormat", "description": "Output format of the integration"}, "last_pull": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Pull", "description": "Last time the integration pulled blocklists"}, "pull_limit": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Pull Limit", "description": "Maximum number of items to pull"}, "enable_ip_aggregation": {"type": "boolean", "title": "Enable Ip Aggregation", "description": "Whether to enable IP aggregation into ranges", "default": false}}, "type": "object", "required": ["organization_id", "entity_type", "name", "output_format"], "title": "IntegrationResponse"}, "IntervalOptions": {"type": "string", "enum": ["hour", "day", "week"], "title": "IntervalOptions"}, "Location": {"properties": {"country": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Country", "description": "Country code"}, "city": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "City", "description": "City name"}, "latitude": {"anyOf": [{"type": "number"}, {"type": "null"}], "title": "Latitude", "description": "Latitude coordinate"}, "longitude": {"anyOf": [{"type": "number"}, {"type": "null"}], "title": "Longitude", "description": "Longitude coordinate"}}, "type": "object", "title": "Location"}, "LookupImpactCVEItem": {"properties": {"id": {"type": "string", "title": "Id", "description": "ID of the CVE"}, "name": {"type": "string", "title": "Name", "description": "Name of the CVE"}, "title": {"type": "string", "title": "Title", "description": "Title of the CVE"}, "affected_components": {"items": {"$ref": "#/components/schemas/AffectedComponent"}, "type": "array", "title": "Affected Components", "description": "List of affected components"}, "crowdsec_score": {"type": "integer", "maximum": 10.0, "minimum": 0.0, "title": "Crowdsec Score", "description": "Live Exploit Tracker score of the CVE"}, "opportunity_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Opportunity Score", "description": "Opportunity score indicating if it's an opportunistic(0) or targeted(5) attack (between 0-5)", "default": 0}, "momentum_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Momentum Score", "description": "Momentum score indicating the vulnerability's trendiness based on signal comparison with the previous month. Higher scores (4-5) indicate significantly more signals this month than last month's average, while lower scores (0-1) indicate declining activity (between 0-5)", "default": 0}, "first_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "First Seen", "description": "First seen date"}, "last_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Seen", "description": "Last seen date"}, "nb_ips": {"type": "integer", "minimum": 0.0, "title": "Nb Ips", "description": "Number of unique IPs affected"}, "published_date": {"type": "string", "format": "date-time", "title": "Published Date", "description": "Published date of the CVE"}, "cvss_score": {"anyOf": [{"type": "number", "maximum": 10.0, "minimum": 0.0}, {"type": "null"}], "title": "Cvss Score", "description": "CVSS score of the CVE"}, "has_public_exploit": {"type": "boolean", "title": "Has Public Exploit", "description": "Indicates if there is a public exploit for the CVE"}, "rule_release_date": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Rule Release Date", "description": "Release date of the associated detection rule"}, "exploitation_phase": {"$ref": "#/components/schemas/ExploitationPhase", "description": "Current exploitation phase of the CVE"}, "adjustment_score": {"anyOf": [{"$ref": "#/components/schemas/AdjustmentScore"}, {"type": "null"}], "description": "Score adjustments applied to the CVE score based on various factors"}, "hype_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Hype Score", "description": "Hype score (raw momentum component)", "default": 0}, "tags": {"items": {"type": "string"}, "type": "array", "title": "Tags", "description": "Tags associated with the CVE"}, "references": {"items": {"type": "string"}, "type": "array", "title": "References", "description": "List of references for the CVE"}, "description": {"type": "string", "title": "Description", "description": "Description of the CVE"}, "crowdsec_analysis": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Crowdsec Analysis", "description": "CrowdSec analysis of the CVE"}, "cwes": {"items": {"$ref": "#/components/schemas/CWE"}, "type": "array", "title": "Cwes", "description": "List of CWEs associated with the CVE"}, "events": {"items": {"$ref": "#/components/schemas/CVEEvent"}, "type": "array", "title": "Events", "description": "List of events related to the CVE"}, "type": {"type": "string", "const": "cve", "title": "Type", "description": "Resource type", "default": "cve"}}, "type": "object", "required": ["id", "name", "title", "affected_components", "crowdsec_score", "nb_ips", "published_date", "has_public_exploit", "exploitation_phase", "references", "description", "crowdsec_analysis", "cwes"], "title": "LookupImpactCVEItem"}, "LookupImpactFingerprintItem": {"properties": {"id": {"type": "string", "title": "Id", "description": "Fingerprint rule identifier"}, "name": {"type": "string", "title": "Name", "description": "Fingerprint rule name"}, "title": {"type": "string", "title": "Title", "description": "Fingerprint rule title"}, "affected_components": {"items": {"$ref": "#/components/schemas/AffectedComponent"}, "type": "array", "title": "Affected Components", "description": "List of affected components"}, "crowdsec_score": {"type": "integer", "maximum": 10.0, "minimum": 0.0, "title": "Crowdsec Score", "description": "Live Exploit Tracker score for the fingerprint rule"}, "opportunity_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Opportunity Score", "description": "Opportunity score", "default": 0}, "momentum_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Momentum Score", "description": "Momentum score", "default": 0}, "first_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "First Seen", "description": "First seen date"}, "last_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Seen", "description": "Last seen date"}, "nb_ips": {"type": "integer", "minimum": 0.0, "title": "Nb Ips", "description": "Number of unique IPs observed"}, "rule_release_date": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Rule Release Date", "description": "Release date of the fingerprint rule"}, "exploitation_phase": {"$ref": "#/components/schemas/ExploitationPhase", "description": "Current exploitation phase"}, "adjustment_score": {"anyOf": [{"$ref": "#/components/schemas/AdjustmentScore"}, {"type": "null"}], "description": "Score adjustment details"}, "hype_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Hype Score", "description": "Hype score (raw momentum component)", "default": 0}, "tags": {"items": {"type": "string"}, "type": "array", "title": "Tags", "description": "Tags associated with the fingerprint rule"}, "description": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Description", "description": "Fingerprint rule description"}, "references": {"items": {"type": "string"}, "type": "array", "title": "References", "description": "Reference links for the fingerprint rule"}, "crowdsec_analysis": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Crowdsec Analysis", "description": "CrowdSec analysis for this fingerprint rule"}, "events": {"items": {"$ref": "#/components/schemas/CVEEvent"}, "type": "array", "title": "Events", "description": "List of events related to the fingerprint rule"}, "type": {"type": "string", "const": "fingerprint", "title": "Type", "description": "Resource type", "default": "fingerprint"}}, "type": "object", "required": ["id", "name", "title", "affected_components", "crowdsec_score", "nb_ips", "exploitation_phase"], "title": "LookupImpactFingerprintItem"}, "LookupImpactResponsePage": {"properties": {"items": {"items": {"oneOf": [{"$ref": "#/components/schemas/LookupImpactCVEItem"}, {"$ref": "#/components/schemas/LookupImpactFingerprintItem"}], "discriminator": {"propertyName": "type", "mapping": {"cve": "#/components/schemas/LookupImpactCVEItem", "fingerprint": "#/components/schemas/LookupImpactFingerprintItem"}}}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "LookupImpactResponsePage"}, "LookupListItem": {"properties": {"value": {"type": "string", "title": "Value", "description": "Lookup entry value"}}, "type": "object", "required": ["value"], "title": "LookupListItem"}, "LookupListResponsePage": {"properties": {"items": {"items": {"$ref": "#/components/schemas/LookupListItem"}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "LookupListResponsePage"}, "MitreTechnique": {"properties": {"name": {"type": "string", "title": "Name", "description": "MITRE technique ID"}, "label": {"type": "string", "title": "Label", "description": "MITRE technique label"}, "description": {"type": "string", "title": "Description", "description": "MITRE technique description"}}, "type": "object", "required": ["name", "label", "description"], "title": "MitreTechnique"}, "Reference": {"properties": {"name": {"type": "string", "title": "Name", "description": "Reference name"}, "label": {"type": "string", "title": "Label", "description": "Reference label"}, "description": {"type": "string", "title": "Description", "description": "Reference description"}}, "type": "object", "required": ["name", "label", "description"], "title": "Reference"}, "ScoreBreakdown": {"properties": {"aggressiveness": {"type": "integer", "title": "Aggressiveness", "description": "Aggressiveness score"}, "threat": {"type": "integer", "title": "Threat", "description": "Threat score"}, "trust": {"type": "integer", "title": "Trust", "description": "Trust score"}, "anomaly": {"type": "integer", "title": "Anomaly", "description": "Anomaly score"}, "total": {"type": "integer", "title": "Total", "description": "Total score"}}, "type": "object", "required": ["aggressiveness", "threat", "trust", "anomaly", "total"], "title": "ScoreBreakdown"}, "Scores": {"properties": {"overall": {"$ref": "#/components/schemas/ScoreBreakdown", "description": "Overall scores"}, "last_day": {"$ref": "#/components/schemas/ScoreBreakdown", "description": "Last day scores"}, "last_week": {"$ref": "#/components/schemas/ScoreBreakdown", "description": "Last week scores"}, "last_month": {"$ref": "#/components/schemas/ScoreBreakdown", "description": "Last month scores"}}, "type": "object", "required": ["overall", "last_day", "last_week", "last_month"], "title": "Scores"}, "SinceOptions": {"type": "integer", "enum": [1, 7, 30], "title": "SinceOptions"}, "SubscribeCVEIntegrationRequest": {"properties": {"name": {"type": "string", "title": "Name", "description": "Name of the integration to subscribe"}}, "additionalProperties": false, "type": "object", "required": ["name"], "title": "SubscribeCVEIntegrationRequest"}, "SubscribeFingerprintIntegrationRequest": {"properties": {"name": {"type": "string", "title": "Name", "description": "Name of the integration to subscribe"}}, "additionalProperties": false, "type": "object", "required": ["name"], "title": "SubscribeFingerprintIntegrationRequest"}, "TimelineItem": {"properties": {"timestamp": {"type": "string", "format": "date-time", "title": "Timestamp", "description": "Timestamp of the timeline event"}, "count": {"type": "integer", "title": "Count", "description": "Count of occurrences at the timestamp"}}, "type": "object", "required": ["timestamp", "count"], "title": "TimelineItem"}}, "securitySchemes": {"ApiKeyAuth": {"type": "apiKey", "in": "header", "name": "x-api-key", "description": "If integration key is provided, can also work to get integration content"}, "BasicAuth": {"type": "http", "scheme": "basic", "description": "Basic Auth for integration content endpoint only"}}}, "security": [{"ApiKeyAuth": []}, {"BasicAuth": []}], "servers": [{"url": "https://admin.api.crowdsec.net/v1", "description": "Production server"}]} \ No newline at end of file +{"openapi": "3.1.0", "info": {"title": "LET API", "description": "This is the API to manage Crowdsec Live Exploit Tracker service", "contact": {"name": "CrowdSec", "url": "https://crowdsec.net/", "email": "info@crowdsec.net"}, "version": "1.110.1"}, "paths": {"/integrations": {"post": {"tags": ["Integrations"], "summary": "Create Integration", "description": "Create an integration to a firewall or remediation component, owned by your organization. The name should be unique within the organization. This operation is submitted to quotas.", "operationId": "createIntegration", "requestBody": {"required": true, "content": {"application/json": {"schema": {"$ref": "#/components/schemas/IntegrationCreateRequest"}}}}, "responses": {"201": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/IntegrationCreateResponse"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}, "get": {"tags": ["Integrations"], "summary": "Get Integrations", "description": "Get integrations owned by your organization", "operationId": "getIntegrations", "parameters": [{"name": "tag", "in": "query", "required": false, "schema": {"anyOf": [{"type": "array", "items": {"type": "string"}}, {"type": "null"}], "description": "List of tags associated with the integrations (any of)", "title": "Tag"}, "description": "List of tags associated with the integrations (any of)"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/IntegrationGetResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/integrations/{integration_id}": {"get": {"tags": ["Integrations"], "summary": "Get Integration", "description": "Get an integration by ID", "operationId": "getIntegration", "parameters": [{"name": "integration_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Integration Id"}}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/IntegrationGetResponse"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}, "patch": {"tags": ["Integrations"], "summary": "Update Integration", "description": "Update the integration details", "operationId": "updateIntegration", "parameters": [{"name": "integration_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Integration Id"}}], "requestBody": {"required": true, "content": {"application/json": {"schema": {"$ref": "#/components/schemas/IntegrationUpdateRequest"}}}}, "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/IntegrationUpdateResponse"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}, "delete": {"tags": ["Integrations"], "summary": "Delete Integration", "description": "Delete the integration by ID", "operationId": "deleteIntegration", "parameters": [{"name": "integration_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Integration Id"}}, {"name": "force", "in": "query", "required": false, "schema": {"type": "boolean", "description": "Force delete the integration even if it has active subscriptions (it will unsubscribe from all lists)", "default": false, "title": "Force"}, "description": "Force delete the integration even if it has active subscriptions (it will unsubscribe from all lists)"}], "responses": {"204": {"description": "Successful Response"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/integrations/{integration_id}/content": {"head": {"tags": ["Integrations"], "summary": "Head Integration Content", "description": "Check if the integration has content", "operationId": "headIntegrationContent", "parameters": [{"name": "integration_id", "in": "path", "required": true, "schema": {"type": "string", "format": "ObjectId", "examples": ["5f9d88b9e5c4f5b9a3d3e8b1"], "title": "Integration Id"}}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {}}}}, "404": {"description": "Integration not found"}, "204": {"description": "Integration has no subscribed blocklists or no content available"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}, "get": {"tags": ["Integrations"], "summary": "Get Integration Content", "description": "Get the ips associated to the integration in plain text format. The content can be paginated to accomodate limits in firewalls.", "operationId": "getIntegrationContent", "parameters": [{"name": "integration_id", "in": "path", "required": true, "schema": {"type": "string", "format": "ObjectId", "examples": ["5f9d88b9e5c4f5b9a3d3e8b1"], "title": "Integration Id"}}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number to return", "default": 1, "title": "Page"}, "description": "Page number to return"}, {"name": "page_size", "in": "query", "required": false, "schema": {"anyOf": [{"type": "integer", "minimum": 10000}, {"type": "null"}], "description": "Maximum number of items to return, 0 means no limit (default), should be greater than 10000", "title": "Page Size"}, "description": "Maximum number of items to return, 0 means no limit (default), should be greater than 10000"}, {"name": "pull_limit", "in": "query", "required": false, "schema": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Pull Limit"}}, {"name": "enable_ip_aggregation", "in": "query", "required": false, "schema": {"type": "boolean", "default": false, "title": "Enable Ip Aggregation"}}], "responses": {"200": {"description": "Successful Response", "content": {"text/plain": {"schema": {"type": "string"}}}}, "404": {"description": "Integration not found"}, "204": {"description": "Integration has no subscribed blocklists or no content available"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/integrations/{integration_id}/v1/decisions/stream": {"get": {"tags": ["Integrations"], "summary": "Get Integration Content Stream", "description": "Get the ips associated to the integration in a format compatible with a remediation component. As for the remediation components, you can fetch the full content with startup=true or only the changes since the last pull", "operationId": "getIntegrationContentStream", "parameters": [{"name": "integration_id", "in": "path", "required": true, "schema": {"type": "string", "format": "ObjectId", "examples": ["5f9d88b9e5c4f5b9a3d3e8b1"], "title": "Integration Id"}}, {"name": "startup", "in": "query", "required": false, "schema": {"type": "boolean", "description": "Set to true if it's the first run to fetch all the content, otherwise only changes since the last pull.", "default": false, "title": "Startup"}, "description": "Set to true if it's the first run to fetch all the content, otherwise only changes since the last pull."}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {}}}}, "404": {"description": "Integration not found"}, "204": {"description": "Integration has no subscribed blocklists or no content available"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/cves": {"get": {"tags": ["Cves"], "summary": "Get list of CVEs CrowdSec is tracking", "description": "Get a paginated list of CVEs that CrowdSec is tracking", "operationId": "getCves", "parameters": [{"name": "query", "in": "query", "required": false, "schema": {"anyOf": [{"type": "string"}, {"type": "null"}], "description": "Search query for CVEs", "title": "Query"}, "description": "Search query for CVEs"}, {"name": "sort_by", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortBy"}, {"type": "null"}], "description": "Field to sort by", "default": "rule_release_date", "title": "Sort By"}, "description": "Field to sort by"}, {"name": "sort_order", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortOrder"}, {"type": "null"}], "description": "Sort order: ascending or descending", "default": "desc", "title": "Sort Order"}, "description": "Sort order: ascending or descending"}, {"name": "filters", "in": "query", "required": false, "schema": {"anyOf": [{"type": "array", "items": {"$ref": "#/components/schemas/GetCVEsFilterBy"}}, {"type": "null"}], "description": "Filters to apply on the CVE list", "title": "Filters"}, "description": "Filters to apply on the CVE list"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/GetCVEsResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/cves/{cve_id}": {"get": {"tags": ["Cves"], "summary": "Get CVE ID informations", "description": "Get information about a specific CVE ID", "operationId": "getCve", "parameters": [{"name": "cve_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Cve Id"}}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/GetCVEResponse"}}}}, "404": {"description": "CVE Not Found"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/cves/{cve_id}/ips-download": {"get": {"tags": ["Cves"], "summary": "Download IPs exploiting a CVE ID (raw)", "description": "Download the list of IPs exploiting a specific CVE ID in raw format", "operationId": "downloadCveIps", "parameters": [{"name": "cve_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Cve Id"}}], "responses": {"200": {"description": "Successful Response", "content": {"text/plain": {"schema": {"type": "string"}}}}, "404": {"description": "CVE Not Found"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/cves/{cve_id}/ips-details": {"get": {"tags": ["Cves"], "summary": "Get IPs details exploiting a CVE ID", "description": "Get detailed information about IPs exploiting a specific CVE ID", "operationId": "getCveIpsDetails", "parameters": [{"name": "cve_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Cve Id"}}, {"name": "since", "in": "query", "required": false, "schema": {"anyOf": [{"type": "string", "pattern": "^\\d+[hd]$"}, {"type": "null"}], "description": "Filter IPs seen since this date, format duration (e.g., 7d, 24h), default to 14d", "default": "14d", "title": "Since"}, "description": "Filter IPs seen since this date, format duration (e.g., 7d, 24h), default to 14d"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/GetCVEIPsResponsePage"}}}}, "404": {"description": "CVE Not Found"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/cves/{cve_id}/integrations": {"post": {"tags": ["Cves"], "summary": "Subscribe an integration to a CVE ID", "description": "Subscribe an integration to receive threats related to a specific CVE ID", "operationId": "subscribeIntegrationToCve", "parameters": [{"name": "cve_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Cve Id"}}], "requestBody": {"required": true, "content": {"application/json": {"schema": {"$ref": "#/components/schemas/SubscribeCVEIntegrationRequest"}}}}, "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {}}}}, "404": {"description": "Integration Not Found"}, "400": {"description": "CVE Already Subscribed"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}, "get": {"tags": ["Cves"], "summary": "Get subscribed integrations for a CVE ID", "description": "Get the list of integrations subscribed to a specific CVE ID", "operationId": "getCveSubscribedIntegrations", "parameters": [{"name": "cve_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Cve Id"}}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/GetCVESubscribedIntegrationsResponsePage"}}}}, "404": {"description": "CVE Not Found"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/cves/{cve_id}/integrations/{integration_name}": {"delete": {"tags": ["Cves"], "summary": "Unsubscribe an integration from a CVE ID", "description": "Unsubscribe an integration from receiving threats related to a specific CVE ID", "operationId": "unsubscribeIntegrationFromCve", "parameters": [{"name": "cve_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Cve Id"}}, {"name": "integration_name", "in": "path", "required": true, "schema": {"type": "string", "title": "Integration Name"}}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {}}}}, "404": {"description": "Integration Not Found"}, "400": {"description": "CVE Already Unsubscribed"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/cves/{cve_id}/timeline": {"get": {"tags": ["Cves"], "summary": "Get timeline data for a CVE ID", "description": "Get timeline data of occurrences for a specific CVE ID", "operationId": "getCveTimeline", "parameters": [{"name": "cve_id", "in": "path", "required": true, "schema": {"type": "string", "title": "Cve Id"}}, {"name": "since_days", "in": "query", "required": false, "schema": {"$ref": "#/components/schemas/SinceOptions", "description": "Time range for the timeline data (in days). Options: 1 (1 day), 7 (1 week), 30 (1 month). Default is 7 days.", "default": 7}, "description": "Time range for the timeline data (in days). Options: 1 (1 day), 7 (1 week), 30 (1 month). Default is 7 days."}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"type": "array", "items": {"$ref": "#/components/schemas/TimelineItem"}, "title": "Response Getcvetimeline"}}}}, "404": {"description": "CVE Not Found"}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/vendors": {"get": {"tags": ["Vendors"], "summary": "Get list of vendors", "description": "Get a paginated list of vendors", "operationId": "getVendors", "parameters": [{"name": "query", "in": "query", "required": false, "schema": {"anyOf": [{"type": "string"}, {"type": "null"}], "description": "Search query for vendors", "title": "Query"}, "description": "Search query for vendors"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/LookupListResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/vendors/{vendor}": {"get": {"tags": ["Vendors"], "summary": "Get vendor impact", "description": "Get CVE and fingerprint rules affecting a vendor", "operationId": "getVendorImpact", "parameters": [{"name": "vendor", "in": "path", "required": true, "schema": {"type": "string", "title": "Vendor"}}, {"name": "sort_by", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortBy"}, {"type": "null"}], "description": "Field to sort by", "default": "rule_release_date", "title": "Sort By"}, "description": "Field to sort by"}, {"name": "sort_order", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortOrder"}, {"type": "null"}], "description": "Sort order: ascending or descending", "default": "desc", "title": "Sort Order"}, "description": "Sort order: ascending or descending"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/LookupImpactResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/products": {"get": {"tags": ["Products"], "summary": "Get list of products", "description": "Get a paginated list of products", "operationId": "getProducts", "parameters": [{"name": "query", "in": "query", "required": false, "schema": {"anyOf": [{"type": "string"}, {"type": "null"}], "description": "Search query for products", "title": "Query"}, "description": "Search query for products"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/LookupListResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/products/{product}": {"get": {"tags": ["Products"], "summary": "Get product impact", "description": "Get CVE and fingerprint rules affecting a product", "operationId": "getProductImpact", "parameters": [{"name": "product", "in": "path", "required": true, "schema": {"type": "string", "title": "Product"}}, {"name": "sort_by", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortBy"}, {"type": "null"}], "description": "Field to sort by", "default": "rule_release_date", "title": "Sort By"}, "description": "Field to sort by"}, {"name": "sort_order", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortOrder"}, {"type": "null"}], "description": "Sort order: ascending or descending", "default": "desc", "title": "Sort Order"}, "description": "Sort order: ascending or descending"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/LookupImpactResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/tags": {"get": {"tags": ["Tags"], "summary": "Get list of tags", "description": "Get a paginated list of tags", "operationId": "getTags", "parameters": [{"name": "query", "in": "query", "required": false, "schema": {"anyOf": [{"type": "string"}, {"type": "null"}], "description": "Search query for tags", "title": "Query"}, "description": "Search query for tags"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/LookupListResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/tags/{tag}": {"get": {"tags": ["Tags"], "summary": "Get tag impact", "description": "Get CVE and fingerprint rules affecting a tag", "operationId": "getTagImpact", "parameters": [{"name": "tag", "in": "path", "required": true, "schema": {"type": "string", "title": "Tag"}}, {"name": "sort_by", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortBy"}, {"type": "null"}], "description": "Field to sort by", "default": "rule_release_date", "title": "Sort By"}, "description": "Field to sort by"}, {"name": "sort_order", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortOrder"}, {"type": "null"}], "description": "Sort order: ascending or descending", "default": "desc", "title": "Sort Order"}, "description": "Sort order: ascending or descending"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/LookupImpactResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/fingerprints": {"get": {"tags": ["Fingerprints"], "summary": "Get list of fingerprint rules", "description": "Get a paginated list of fingerprint rules", "operationId": "getFingerprintRules", "parameters": [{"name": "query", "in": "query", "required": false, "schema": {"anyOf": [{"type": "string"}, {"type": "null"}], "description": "Search query for fingerprint rules", "title": "Query"}, "description": "Search query for fingerprint rules"}, {"name": "sort_by", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortBy"}, {"type": "null"}], "description": "Field to sort by", "default": "rule_release_date", "title": "Sort By"}, "description": "Field to sort by"}, {"name": "sort_order", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/GetCVEsSortOrder"}, {"type": "null"}], "description": "Sort order: ascending or descending", "default": "desc", "title": "Sort Order"}, "description": "Sort order: ascending or descending"}, {"name": "filters", "in": "query", "required": false, "schema": {"anyOf": [{"type": "array", "items": {"$ref": "#/components/schemas/GetCVEsFilterBy"}}, {"type": "null"}], "description": "Filters to apply on the fingerprint rule list", "title": "Filters"}, "description": "Filters to apply on the fingerprint rule list"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/GetFingerprintRulesResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/fingerprints/{fingerprint}/ips-download": {"get": {"tags": ["Fingerprints"], "summary": "Download IPs exploiting a fingerprint rule (raw)", "description": "Download the list of IPs exploiting a specific fingerprint rule in raw format", "operationId": "downloadFingerprintIps", "parameters": [{"name": "fingerprint", "in": "path", "required": true, "schema": {"type": "string", "title": "Fingerprint"}}], "responses": {"200": {"description": "Successful Response", "content": {"text/plain": {"schema": {"type": "string"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/fingerprints/{fingerprint}/ips-details": {"get": {"tags": ["Fingerprints"], "summary": "Get IP details exploiting a fingerprint rule", "description": "Get detailed information about IPs exploiting a specific fingerprint rule", "operationId": "getFingerprintIpsDetails", "parameters": [{"name": "fingerprint", "in": "path", "required": true, "schema": {"type": "string", "title": "Fingerprint"}}, {"name": "since", "in": "query", "required": false, "schema": {"anyOf": [{"type": "string", "pattern": "^\\d+[hd]$"}, {"type": "null"}], "description": "Filter IPs seen since this date, format duration (e.g., 7d, 24h), default to 14d", "default": "14d", "title": "Since"}, "description": "Filter IPs seen since this date, format duration (e.g., 7d, 24h), default to 14d"}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/GetFingerprintIPsResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/fingerprints/{fingerprint}/integrations": {"post": {"tags": ["Fingerprints"], "summary": "Subscribe an integration to a fingerprint rule", "description": "Subscribe an integration to receive threats related to a specific fingerprint rule", "operationId": "subscribeIntegrationToFingerprint", "parameters": [{"name": "fingerprint", "in": "path", "required": true, "schema": {"type": "string", "title": "Fingerprint"}}], "requestBody": {"required": true, "content": {"application/json": {"schema": {"$ref": "#/components/schemas/SubscribeFingerprintIntegrationRequest"}}}}, "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}, "get": {"tags": ["Fingerprints"], "summary": "Get subscribed integrations for a fingerprint rule", "description": "Get the list of integrations subscribed to a specific fingerprint rule", "operationId": "getFingerprintSubscribedIntegrations", "parameters": [{"name": "fingerprint", "in": "path", "required": true, "schema": {"type": "string", "title": "Fingerprint"}}, {"name": "page", "in": "query", "required": false, "schema": {"type": "integer", "minimum": 1, "description": "Page number", "default": 1, "title": "Page"}, "description": "Page number"}, {"name": "size", "in": "query", "required": false, "schema": {"type": "integer", "maximum": 100, "minimum": 1, "description": "Page size", "default": 50, "title": "Size"}, "description": "Page size"}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/GetFingerprintSubscribedIntegrationsResponsePage"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/fingerprints/{fingerprint}/integrations/{integration_name}": {"delete": {"tags": ["Fingerprints"], "summary": "Unsubscribe an integration from a fingerprint rule", "description": "Unsubscribe an integration from receiving threats related to a specific fingerprint rule", "operationId": "unsubscribeIntegrationFromFingerprint", "parameters": [{"name": "fingerprint", "in": "path", "required": true, "schema": {"type": "string", "title": "Fingerprint"}}, {"name": "integration_name", "in": "path", "required": true, "schema": {"type": "string", "title": "Integration Name"}}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/fingerprints/{fingerprint}/timeline": {"get": {"tags": ["Fingerprints"], "summary": "Get timeline data for a fingerprint rule", "description": "Get timeline data of occurrences for a specific fingerprint rule", "operationId": "getFingerprintTimeline", "parameters": [{"name": "fingerprint", "in": "path", "required": true, "schema": {"type": "string", "title": "Fingerprint"}}, {"name": "since_days", "in": "query", "required": false, "schema": {"$ref": "#/components/schemas/SinceOptions", "description": "Time range for the timeline data (in days). Options: 1 (1 day), 7 (1 week), 30 (1 month). Default is 7 days.", "default": 7}, "description": "Time range for the timeline data (in days). Options: 1 (1 day), 7 (1 week), 30 (1 month). Default is 7 days."}, {"name": "interval", "in": "query", "required": false, "schema": {"anyOf": [{"$ref": "#/components/schemas/IntervalOptions"}, {"type": "null"}], "description": "Interval for aggregating timeline data. Options: 'hour', 'day', 'week'. Default is adapted based on 'since' parameter.", "title": "Interval"}, "description": "Interval for aggregating timeline data. Options: 'hour', 'day', 'week'. Default is adapted based on 'since' parameter."}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"type": "array", "items": {"$ref": "#/components/schemas/FingerprintTimelineItem"}, "title": "Response Getfingerprinttimeline"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}, "/fingerprints/{fingerprint}": {"get": {"tags": ["Fingerprints"], "summary": "Get fingerprint rule information", "description": "Get information about a specific fingerprint rule", "operationId": "getFingerprintRule", "parameters": [{"name": "fingerprint", "in": "path", "required": true, "schema": {"type": "string", "title": "Fingerprint"}}], "responses": {"200": {"description": "Successful Response", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/FingerprintRuleResponse"}}}}, "422": {"description": "Validation Error", "content": {"application/json": {"schema": {"$ref": "#/components/schemas/HTTPValidationError"}}}}}}}}, "components": {"schemas": {"ApiKeyCredentials": {"properties": {"api_key": {"type": "string", "title": "Api Key", "description": "API key for the integration"}}, "type": "object", "required": ["api_key"], "title": "ApiKeyCredentials"}, "BasicAuthCredentials": {"properties": {"username": {"type": "string", "title": "Username", "description": "Basic auth username for the integration"}, "password": {"type": "string", "title": "Password", "description": "Basic auth password for the integration"}}, "type": "object", "required": ["username", "password"], "title": "BasicAuthCredentials"}, "BlocklistSubscription": {"properties": {"id": {"type": "string", "title": "Id"}, "remediation": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Remediation"}}, "type": "object", "required": ["id"], "title": "BlocklistSubscription"}, "CVESubscription": {"properties": {"id": {"type": "string", "title": "Id", "description": "CVE ID"}}, "type": "object", "required": ["id"], "title": "CVESubscription"}, "FingerprintSubscription": {"properties": {"id": {"type": "string", "title": "Id"}}, "type": "object", "required": ["id"], "title": "FingerprintSubscription"}, "HTTPValidationError": {"properties": {"detail": {"items": {"$ref": "#/components/schemas/ValidationError"}, "type": "array", "title": "Detail"}}, "type": "object", "title": "HTTPValidationError"}, "IntegrationCreateRequest": {"properties": {"name": {"type": "string", "minLength": 1, "title": "Name", "description": "Name of the integration"}, "description": {"type": "string", "minLength": 1, "title": "Description", "description": "Description of the integration"}, "entity_type": {"$ref": "#/components/schemas/IntegrationType", "description": "Type of the integration"}, "output_format": {"$ref": "#/components/schemas/OutputFormat", "description": "Output format of the integration"}, "pull_limit": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Pull Limit", "description": "Maximum number of items to pull"}, "enable_ip_aggregation": {"type": "boolean", "title": "Enable Ip Aggregation", "description": "Whether to enable IP aggregation into ranges", "default": false}}, "additionalProperties": false, "type": "object", "required": ["name", "entity_type", "output_format"], "title": "IntegrationCreateRequest"}, "IntegrationCreateResponse": {"properties": {"id": {"type": "string", "title": "Id", "description": "ID of the integration"}, "name": {"type": "string", "title": "Name", "description": "Name of the integration. Should be unique within the organization"}, "organization_id": {"type": "string", "title": "Organization Id", "description": "ID of the owner organization"}, "description": {"type": "string", "title": "Description", "description": "Description of the integration"}, "created_at": {"type": "string", "format": "date-time", "title": "Created At", "description": "Time the integration was created"}, "updated_at": {"type": "string", "format": "date-time", "title": "Updated At", "description": "Last time the integration was updated"}, "entity_type": {"$ref": "#/components/schemas/IntegrationType", "description": "Type of the integration"}, "output_format": {"$ref": "#/components/schemas/OutputFormat", "description": "Output format of the integration"}, "last_pull": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Pull", "description": "Last time the integration pulled blocklists"}, "blocklists": {"items": {"$ref": "#/components/schemas/BlocklistSubscription"}, "type": "array", "title": "Blocklists", "description": "Blocklists that are subscribed by the integration"}, "cves": {"items": {"$ref": "#/components/schemas/CVESubscription"}, "type": "array", "title": "Cves", "description": "CVEs that are subscribed by the integration"}, "fingerprints": {"items": {"$ref": "#/components/schemas/FingerprintSubscription"}, "type": "array", "title": "Fingerprints", "description": "Fingerprints that are subscribed by the integration"}, "endpoint": {"type": "string", "maxLength": 2083, "minLength": 1, "format": "uri", "title": "Endpoint", "description": "Url that should be used by the firewall or the remediation component to fetch the integration's content"}, "stats": {"$ref": "#/components/schemas/Stats", "description": "Stats of the integration", "default": {"count": 0}}, "tags": {"items": {"type": "string"}, "type": "array", "title": "Tags", "description": "Tags associated with the integration", "default": []}, "pull_limit": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Pull Limit", "description": "Maximum number of items to pull"}, "enable_ip_aggregation": {"type": "boolean", "title": "Enable Ip Aggregation", "description": "Whether to enable IP aggregation into ranges", "default": false}, "credentials": {"anyOf": [{"$ref": "#/components/schemas/ApiKeyCredentials"}, {"$ref": "#/components/schemas/BasicAuthCredentials"}], "title": "Credentials", "description": "Credentials that were generated for the integration"}}, "type": "object", "required": ["id", "name", "organization_id", "created_at", "updated_at", "entity_type", "output_format", "blocklists", "cves", "fingerprints", "endpoint", "credentials"], "title": "IntegrationCreateResponse"}, "IntegrationGetResponse": {"properties": {"id": {"type": "string", "title": "Id", "description": "ID of the integration"}, "name": {"type": "string", "title": "Name", "description": "Name of the integration. Should be unique within the organization"}, "organization_id": {"type": "string", "title": "Organization Id", "description": "ID of the owner organization"}, "description": {"type": "string", "title": "Description", "description": "Description of the integration"}, "created_at": {"type": "string", "format": "date-time", "title": "Created At", "description": "Time the integration was created"}, "updated_at": {"type": "string", "format": "date-time", "title": "Updated At", "description": "Last time the integration was updated"}, "entity_type": {"$ref": "#/components/schemas/IntegrationType", "description": "Type of the integration"}, "output_format": {"$ref": "#/components/schemas/OutputFormat", "description": "Output format of the integration"}, "last_pull": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Pull", "description": "Last time the integration pulled blocklists"}, "blocklists": {"items": {"$ref": "#/components/schemas/BlocklistSubscription"}, "type": "array", "title": "Blocklists", "description": "Blocklists that are subscribed by the integration"}, "cves": {"items": {"$ref": "#/components/schemas/CVESubscription"}, "type": "array", "title": "Cves", "description": "CVEs that are subscribed by the integration"}, "fingerprints": {"items": {"$ref": "#/components/schemas/FingerprintSubscription"}, "type": "array", "title": "Fingerprints", "description": "Fingerprints that are subscribed by the integration"}, "endpoint": {"type": "string", "maxLength": 2083, "minLength": 1, "format": "uri", "title": "Endpoint", "description": "Url that should be used by the firewall or the remediation component to fetch the integration's content"}, "stats": {"$ref": "#/components/schemas/Stats", "description": "Stats of the integration", "default": {"count": 0}}, "tags": {"items": {"type": "string"}, "type": "array", "title": "Tags", "description": "Tags associated with the integration", "default": []}, "pull_limit": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Pull Limit", "description": "Maximum number of items to pull"}, "enable_ip_aggregation": {"type": "boolean", "title": "Enable Ip Aggregation", "description": "Whether to enable IP aggregation into ranges", "default": false}}, "type": "object", "required": ["id", "name", "organization_id", "created_at", "updated_at", "entity_type", "output_format", "blocklists", "cves", "fingerprints", "endpoint"], "title": "IntegrationGetResponse"}, "IntegrationGetResponsePage": {"properties": {"items": {"items": {"$ref": "#/components/schemas/IntegrationGetResponse"}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "IntegrationGetResponsePage"}, "IntegrationType": {"type": "string", "enum": ["firewall_integration", "remediation_component_integration"], "title": "IntegrationType"}, "IntegrationUpdateRequest": {"properties": {"name": {"type": "string", "minLength": 1, "title": "Name", "description": "New name"}, "description": {"type": "string", "minLength": 1, "title": "Description", "description": "New description"}, "output_format": {"$ref": "#/components/schemas/OutputFormat", "description": "New output format"}, "regenerate_credentials": {"type": "boolean", "title": "Regenerate Credentials", "description": "Regenerate credentials for the integration"}, "pull_limit": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Pull Limit", "description": "Maximum number of items to pull"}, "enable_ip_aggregation": {"type": "boolean", "title": "Enable Ip Aggregation", "description": "Whether to enable IP aggregation into ranges", "default": false}}, "additionalProperties": false, "type": "object", "title": "IntegrationUpdateRequest"}, "IntegrationUpdateResponse": {"properties": {"id": {"type": "string", "title": "Id", "description": "ID of the integration"}, "name": {"type": "string", "title": "Name", "description": "Name of the integration. Should be unique within the organization"}, "organization_id": {"type": "string", "title": "Organization Id", "description": "ID of the owner organization"}, "description": {"type": "string", "title": "Description", "description": "Description of the integration"}, "created_at": {"type": "string", "format": "date-time", "title": "Created At", "description": "Time the integration was created"}, "updated_at": {"type": "string", "format": "date-time", "title": "Updated At", "description": "Last time the integration was updated"}, "entity_type": {"$ref": "#/components/schemas/IntegrationType", "description": "Type of the integration"}, "output_format": {"$ref": "#/components/schemas/OutputFormat", "description": "Output format of the integration"}, "last_pull": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Pull", "description": "Last time the integration pulled blocklists"}, "blocklists": {"items": {"$ref": "#/components/schemas/BlocklistSubscription"}, "type": "array", "title": "Blocklists", "description": "Blocklists that are subscribed by the integration"}, "cves": {"items": {"$ref": "#/components/schemas/CVESubscription"}, "type": "array", "title": "Cves", "description": "CVEs that are subscribed by the integration"}, "fingerprints": {"items": {"$ref": "#/components/schemas/FingerprintSubscription"}, "type": "array", "title": "Fingerprints", "description": "Fingerprints that are subscribed by the integration"}, "endpoint": {"type": "string", "maxLength": 2083, "minLength": 1, "format": "uri", "title": "Endpoint", "description": "Url that should be used by the firewall or the remediation component to fetch the integration's content"}, "stats": {"$ref": "#/components/schemas/Stats", "description": "Stats of the integration", "default": {"count": 0}}, "tags": {"items": {"type": "string"}, "type": "array", "title": "Tags", "description": "Tags associated with the integration", "default": []}, "pull_limit": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Pull Limit", "description": "Maximum number of items to pull"}, "enable_ip_aggregation": {"type": "boolean", "title": "Enable Ip Aggregation", "description": "Whether to enable IP aggregation into ranges", "default": false}, "credentials": {"anyOf": [{"$ref": "#/components/schemas/ApiKeyCredentials"}, {"$ref": "#/components/schemas/BasicAuthCredentials"}, {"type": "null"}], "title": "Credentials", "description": "Credentials for the integration"}}, "type": "object", "required": ["id", "name", "organization_id", "created_at", "updated_at", "entity_type", "output_format", "blocklists", "cves", "fingerprints", "endpoint"], "title": "IntegrationUpdateResponse"}, "Links": {"properties": {"first": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "First", "examples": ["/api/v1/users?limit=1&offset1"]}, "last": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Last", "examples": ["/api/v1/users?limit=1&offset1"]}, "self": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Self", "examples": ["/api/v1/users?limit=1&offset1"]}, "next": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Next", "examples": ["/api/v1/users?limit=1&offset1"]}, "prev": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Prev", "examples": ["/api/v1/users?limit=1&offset1"]}}, "type": "object", "title": "Links"}, "OutputFormat": {"type": "string", "enum": ["plain_text", "f5", "remediation_component", "fortigate", "paloalto", "checkpoint", "cisco", "juniper", "mikrotik", "pfsense", "opnsense", "sophos"], "title": "OutputFormat"}, "Stats": {"properties": {"count": {"type": "integer", "title": "Count", "description": "Number of total blocklists items the integration will pull"}}, "type": "object", "required": ["count"], "title": "Stats"}, "ValidationError": {"properties": {"loc": {"items": {"anyOf": [{"type": "string"}, {"type": "integer"}]}, "type": "array", "title": "Location"}, "msg": {"type": "string", "title": "Message"}, "type": {"type": "string", "title": "Error Type"}}, "type": "object", "required": ["loc", "msg", "type"], "title": "ValidationError"}, "AdjustmentScore": {"properties": {"total": {"type": "integer", "title": "Total", "description": "Total score adjustment"}, "recency": {"type": "integer", "title": "Recency", "description": "Recency score adjustment"}, "low_info": {"type": "integer", "title": "Low Info", "description": "Low information score adjustment"}}, "type": "object", "required": ["total", "recency", "low_info"], "title": "AdjustmentScore"}, "AffectedComponent": {"properties": {"vendor": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Vendor", "description": "Vendor of the affected component"}, "product": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Product", "description": "Product name of the affected component"}}, "type": "object", "title": "AffectedComponent", "description": "Affected Component in a CVE"}, "AllowlistSubscription": {"properties": {"id": {"type": "string", "title": "Id"}}, "type": "object", "required": ["id"], "title": "AllowlistSubscription"}, "AttackDetail": {"properties": {"name": {"type": "string", "title": "Name", "description": "Attack detail name"}, "label": {"type": "string", "title": "Label", "description": "Attack detail label"}, "description": {"type": "string", "title": "Description", "description": "Attack detail description"}, "references": {"items": {"type": "string"}, "type": "array", "title": "References", "description": "Attack detail references"}}, "type": "object", "required": ["name", "label", "description"], "title": "AttackDetail"}, "Behavior": {"properties": {"name": {"type": "string", "title": "Name", "description": "Behavior name"}, "label": {"type": "string", "title": "Label", "description": "Behavior label"}, "description": {"type": "string", "title": "Description", "description": "Behavior description"}}, "type": "object", "required": ["name", "label", "description"], "title": "Behavior"}, "CVEEvent": {"properties": {"date": {"type": "string", "format": "date-time", "title": "Date", "description": "Date of the event"}, "description": {"type": "string", "title": "Description", "description": "Description of the event"}, "label": {"type": "string", "title": "Label", "description": "Label of the event"}, "name": {"type": "string", "title": "Name", "description": "Name of the event"}}, "type": "object", "required": ["date", "description", "label", "name"], "title": "CVEEvent", "description": "CVE Event Information"}, "CVEResponseBase": {"properties": {"id": {"type": "string", "title": "Id", "description": "ID of the CVE"}, "name": {"type": "string", "title": "Name", "description": "Name of the CVE"}, "title": {"type": "string", "title": "Title", "description": "Title of the CVE"}, "affected_components": {"items": {"$ref": "#/components/schemas/AffectedComponent"}, "type": "array", "title": "Affected Components", "description": "List of affected components"}, "crowdsec_score": {"type": "integer", "maximum": 10.0, "minimum": 0.0, "title": "Crowdsec Score", "description": "Live Exploit Tracker score of the CVE"}, "opportunity_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Opportunity Score", "description": "Opportunity score indicating if it's an opportunistic(0) or targeted(5) attack (between 0-5)", "default": 0}, "momentum_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Momentum Score", "description": "Momentum score indicating the vulnerability's trendiness based on signal comparison with the previous month. Higher scores (4-5) indicate significantly more signals this month than last month's average, while lower scores (0-1) indicate declining activity (between 0-5)", "default": 0}, "first_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "First Seen", "description": "First seen date"}, "last_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Seen", "description": "Last seen date"}, "nb_ips": {"type": "integer", "minimum": 0.0, "title": "Nb Ips", "description": "Number of unique IPs affected"}, "published_date": {"type": "string", "format": "date-time", "title": "Published Date", "description": "Published date of the CVE"}, "cvss_score": {"anyOf": [{"type": "number", "maximum": 10.0, "minimum": 0.0}, {"type": "null"}], "title": "Cvss Score", "description": "CVSS score of the CVE"}, "has_public_exploit": {"type": "boolean", "title": "Has Public Exploit", "description": "Indicates if there is a public exploit for the CVE"}, "rule_release_date": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Rule Release Date", "description": "Release date of the associated detection rule"}, "exploitation_phase": {"$ref": "#/components/schemas/ExploitationPhase", "description": "Current exploitation phase of the CVE"}, "adjustment_score": {"anyOf": [{"$ref": "#/components/schemas/AdjustmentScore"}, {"type": "null"}], "description": "Score adjustments applied to the CVE score based on various factors"}}, "type": "object", "required": ["id", "name", "title", "affected_components", "crowdsec_score", "nb_ips", "published_date", "has_public_exploit", "exploitation_phase"], "title": "CVEResponseBase", "description": "GET CVE ID Response"}, "CVEsubscription": {"properties": {"id": {"type": "string", "title": "Id"}}, "type": "object", "required": ["id"], "title": "CVEsubscription"}, "CWE": {"properties": {"name": {"type": "string", "title": "Name", "description": "Name of the CWE"}, "label": {"type": "string", "title": "Label", "description": "Label of the CWE"}, "description": {"type": "string", "title": "Description", "description": "Description of the CWE"}}, "type": "object", "required": ["name", "label", "description"], "title": "CWE", "description": "CWE Information"}, "Classification": {"properties": {"name": {"type": "string", "title": "Name", "description": "Classification name"}, "label": {"type": "string", "title": "Label", "description": "Classification label"}, "description": {"type": "string", "title": "Description", "description": "Classification description"}}, "type": "object", "required": ["name", "label", "description"], "title": "Classification"}, "Classifications": {"properties": {"false_positives": {"items": {"$ref": "#/components/schemas/Classification"}, "type": "array", "title": "False Positives", "description": "False positive classifications"}, "classifications": {"items": {"$ref": "#/components/schemas/Classification"}, "type": "array", "title": "Classifications", "description": "Main classifications"}}, "type": "object", "title": "Classifications"}, "EntityType": {"type": "string", "enum": ["org", "tag", "engine", "firewall_integration", "remediation_component_integration", "remediation_component", "log_processor"], "title": "EntityType"}, "ExploitationPhase": {"properties": {"name": {"type": "string", "title": "Name", "description": "Name of the exploitation phase"}, "label": {"type": "string", "title": "Label", "description": "Label of the exploitation phase"}, "description": {"type": "string", "title": "Description", "description": "Description of the exploitation phase"}}, "type": "object", "required": ["name", "label", "description"], "title": "ExploitationPhase"}, "FingerprintRuleResponse": {"properties": {"id": {"type": "string", "title": "Id", "description": "Fingerprint rule identifier"}, "name": {"type": "string", "title": "Name", "description": "Fingerprint rule name"}, "title": {"type": "string", "title": "Title", "description": "Fingerprint rule title"}, "affected_components": {"items": {"$ref": "#/components/schemas/AffectedComponent"}, "type": "array", "title": "Affected Components", "description": "List of affected components"}, "crowdsec_score": {"type": "integer", "maximum": 10.0, "minimum": 0.0, "title": "Crowdsec Score", "description": "Live Exploit Tracker score for the fingerprint rule"}, "opportunity_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Opportunity Score", "description": "Opportunity score", "default": 0}, "momentum_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Momentum Score", "description": "Momentum score", "default": 0}, "first_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "First Seen", "description": "First seen date"}, "last_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Seen", "description": "Last seen date"}, "nb_ips": {"type": "integer", "minimum": 0.0, "title": "Nb Ips", "description": "Number of unique IPs observed"}, "rule_release_date": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Rule Release Date", "description": "Release date of the fingerprint rule"}, "exploitation_phase": {"$ref": "#/components/schemas/ExploitationPhase", "description": "Current exploitation phase"}, "adjustment_score": {"anyOf": [{"$ref": "#/components/schemas/AdjustmentScore"}, {"type": "null"}], "description": "Score adjustment details"}, "hype_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Hype Score", "description": "Hype score (raw momentum component)", "default": 0}, "tags": {"items": {"type": "string"}, "type": "array", "title": "Tags", "description": "Tags associated with the fingerprint rule"}, "description": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Description", "description": "Fingerprint rule description"}, "references": {"items": {"type": "string"}, "type": "array", "title": "References", "description": "Reference links for the fingerprint rule"}, "crowdsec_analysis": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Crowdsec Analysis", "description": "CrowdSec analysis for this fingerprint rule"}, "events": {"items": {"$ref": "#/components/schemas/CVEEvent"}, "type": "array", "title": "Events", "description": "List of events related to the fingerprint rule"}}, "type": "object", "required": ["id", "name", "title", "affected_components", "crowdsec_score", "nb_ips", "exploitation_phase"], "title": "FingerprintRuleResponse"}, "FingerprintRuleSummary": {"properties": {"id": {"type": "string", "title": "Id", "description": "Fingerprint rule identifier"}, "name": {"type": "string", "title": "Name", "description": "Fingerprint rule name"}, "title": {"type": "string", "title": "Title", "description": "Fingerprint rule title"}, "affected_components": {"items": {"$ref": "#/components/schemas/AffectedComponent"}, "type": "array", "title": "Affected Components", "description": "List of affected components"}, "crowdsec_score": {"type": "integer", "maximum": 10.0, "minimum": 0.0, "title": "Crowdsec Score", "description": "Live Exploit Tracker score for the fingerprint rule"}, "opportunity_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Opportunity Score", "description": "Opportunity score", "default": 0}, "momentum_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Momentum Score", "description": "Momentum score", "default": 0}, "first_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "First Seen", "description": "First seen date"}, "last_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Seen", "description": "Last seen date"}, "nb_ips": {"type": "integer", "minimum": 0.0, "title": "Nb Ips", "description": "Number of unique IPs observed"}, "rule_release_date": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Rule Release Date", "description": "Release date of the fingerprint rule"}, "exploitation_phase": {"$ref": "#/components/schemas/ExploitationPhase", "description": "Current exploitation phase"}, "adjustment_score": {"anyOf": [{"$ref": "#/components/schemas/AdjustmentScore"}, {"type": "null"}], "description": "Score adjustment details"}}, "type": "object", "required": ["id", "name", "title", "affected_components", "crowdsec_score", "nb_ips", "exploitation_phase"], "title": "FingerprintRuleSummary"}, "FingerprintTimelineItem": {"properties": {"timestamp": {"type": "string", "format": "date-time", "title": "Timestamp", "description": "Timestamp of the timeline event"}, "count": {"type": "integer", "title": "Count", "description": "Count of occurrences at the timestamp"}}, "type": "object", "required": ["timestamp", "count"], "title": "FingerprintTimelineItem"}, "GetCVEIPsResponsePage": {"properties": {"items": {"items": {"$ref": "#/components/schemas/IPItem"}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "GetCVEIPsResponsePage"}, "GetCVEResponse": {"properties": {"id": {"type": "string", "title": "Id", "description": "ID of the CVE"}, "name": {"type": "string", "title": "Name", "description": "Name of the CVE"}, "title": {"type": "string", "title": "Title", "description": "Title of the CVE"}, "affected_components": {"items": {"$ref": "#/components/schemas/AffectedComponent"}, "type": "array", "title": "Affected Components", "description": "List of affected components"}, "crowdsec_score": {"type": "integer", "maximum": 10.0, "minimum": 0.0, "title": "Crowdsec Score", "description": "Live Exploit Tracker score of the CVE"}, "opportunity_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Opportunity Score", "description": "Opportunity score indicating if it's an opportunistic(0) or targeted(5) attack (between 0-5)", "default": 0}, "momentum_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Momentum Score", "description": "Momentum score indicating the vulnerability's trendiness based on signal comparison with the previous month. Higher scores (4-5) indicate significantly more signals this month than last month's average, while lower scores (0-1) indicate declining activity (between 0-5)", "default": 0}, "first_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "First Seen", "description": "First seen date"}, "last_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Seen", "description": "Last seen date"}, "nb_ips": {"type": "integer", "minimum": 0.0, "title": "Nb Ips", "description": "Number of unique IPs affected"}, "published_date": {"type": "string", "format": "date-time", "title": "Published Date", "description": "Published date of the CVE"}, "cvss_score": {"anyOf": [{"type": "number", "maximum": 10.0, "minimum": 0.0}, {"type": "null"}], "title": "Cvss Score", "description": "CVSS score of the CVE"}, "has_public_exploit": {"type": "boolean", "title": "Has Public Exploit", "description": "Indicates if there is a public exploit for the CVE"}, "rule_release_date": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Rule Release Date", "description": "Release date of the associated detection rule"}, "exploitation_phase": {"$ref": "#/components/schemas/ExploitationPhase", "description": "Current exploitation phase of the CVE"}, "adjustment_score": {"anyOf": [{"$ref": "#/components/schemas/AdjustmentScore"}, {"type": "null"}], "description": "Score adjustments applied to the CVE score based on various factors"}, "hype_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Hype Score", "description": "Hype score (raw momentum component)", "default": 0}, "tags": {"items": {"type": "string"}, "type": "array", "title": "Tags", "description": "Tags associated with the CVE"}, "references": {"items": {"type": "string"}, "type": "array", "title": "References", "description": "List of references for the CVE"}, "description": {"type": "string", "title": "Description", "description": "Description of the CVE"}, "crowdsec_analysis": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Crowdsec Analysis", "description": "CrowdSec analysis of the CVE"}, "cwes": {"items": {"$ref": "#/components/schemas/CWE"}, "type": "array", "title": "Cwes", "description": "List of CWEs associated with the CVE"}, "events": {"items": {"$ref": "#/components/schemas/CVEEvent"}, "type": "array", "title": "Events", "description": "List of events related to the CVE"}}, "type": "object", "required": ["id", "name", "title", "affected_components", "crowdsec_score", "nb_ips", "published_date", "has_public_exploit", "exploitation_phase", "references", "description", "crowdsec_analysis", "cwes"], "title": "GetCVEResponse"}, "GetCVESubscribedIntegrationsResponsePage": {"properties": {"items": {"items": {"$ref": "#/components/schemas/IntegrationResponse"}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "GetCVESubscribedIntegrationsResponsePage"}, "GetCVEsFilterBy": {"type": "string", "enum": ["is_public"], "title": "GetCVEsFilterBy"}, "GetCVEsResponsePage": {"properties": {"items": {"items": {"$ref": "#/components/schemas/CVEResponseBase"}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "GetCVEsResponsePage"}, "GetCVEsSortBy": {"type": "string", "enum": ["rule_release_date", "trending", "nb_ips", "name"], "title": "GetCVEsSortBy"}, "GetCVEsSortOrder": {"type": "string", "enum": ["asc", "desc"], "title": "GetCVEsSortOrder"}, "GetFingerprintIPsResponsePage": {"properties": {"items": {"items": {"$ref": "#/components/schemas/IPItem"}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "GetFingerprintIPsResponsePage"}, "GetFingerprintRulesResponsePage": {"properties": {"items": {"items": {"$ref": "#/components/schemas/FingerprintRuleSummary"}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "GetFingerprintRulesResponsePage"}, "GetFingerprintSubscribedIntegrationsResponsePage": {"properties": {"items": {"items": {"$ref": "#/components/schemas/IntegrationResponse"}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "GetFingerprintSubscribedIntegrationsResponsePage"}, "History": {"properties": {"first_seen": {"type": "string", "format": "date-time", "title": "First Seen", "description": "First seen timestamp"}, "last_seen": {"type": "string", "format": "date-time", "title": "Last Seen", "description": "Last seen timestamp"}, "full_age": {"type": "integer", "title": "Full Age", "description": "Full age in days"}, "days_age": {"type": "integer", "title": "Days Age", "description": "Days age"}}, "type": "object", "required": ["first_seen", "last_seen", "full_age", "days_age"], "title": "History"}, "IPItem": {"properties": {"ip": {"type": "string", "title": "Ip", "description": "IP address"}, "reputation": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Reputation", "description": "Reputation of the IP"}, "ip_range": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Ip Range", "description": "IP range"}, "ip_range_score": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Ip Range Score", "description": "IP range score"}, "ip_range_24": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Ip Range 24", "description": "IP range /24"}, "ip_range_24_reputation": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Ip Range 24 Reputation", "description": "IP range /24 reputation"}, "ip_range_24_score": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Ip Range 24 Score", "description": "IP range /24 score"}, "as_name": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "As Name", "description": "AS name"}, "as_num": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "As Num", "description": "AS number"}, "background_noise_score": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Background Noise Score", "description": "Background noise score"}, "background_noise": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Background Noise", "description": "Background noise level"}, "confidence": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Confidence", "description": "Confidence level"}, "location": {"anyOf": [{"$ref": "#/components/schemas/Location"}, {"type": "null"}], "description": "IP location information"}, "reverse_dns": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Reverse Dns", "description": "Reverse DNS"}, "behaviors": {"items": {"$ref": "#/components/schemas/Behavior"}, "type": "array", "title": "Behaviors", "description": "List of behaviors"}, "references": {"items": {"$ref": "#/components/schemas/Reference"}, "type": "array", "title": "References", "description": "List of references"}, "history": {"anyOf": [{"$ref": "#/components/schemas/History"}, {"type": "null"}], "description": "Historical data"}, "classifications": {"anyOf": [{"$ref": "#/components/schemas/Classifications"}, {"type": "null"}], "description": "Classification data"}, "mitre_techniques": {"items": {"$ref": "#/components/schemas/MitreTechnique"}, "type": "array", "title": "Mitre Techniques", "description": "MITRE techniques"}, "cves": {"items": {"type": "string"}, "type": "array", "title": "Cves", "description": "List of CVEs"}, "attack_details": {"items": {"$ref": "#/components/schemas/AttackDetail"}, "type": "array", "title": "Attack Details", "description": "Attack details"}, "target_countries": {"additionalProperties": {"type": "integer"}, "type": "object", "title": "Target Countries", "description": "Target countries"}, "scores": {"anyOf": [{"$ref": "#/components/schemas/Scores"}, {"type": "null"}], "description": "Scoring information"}}, "type": "object", "required": ["ip"], "title": "IPItem"}, "IntegrationResponse": {"properties": {"tags": {"items": {"type": "string"}, "type": "array", "title": "Tags", "default": []}, "organization_id": {"type": "string", "title": "Organization Id"}, "created_at": {"type": "string", "format": "date-time", "title": "Created At", "description": "Time the integration was created"}, "entity_type": {"$ref": "#/components/schemas/EntityType", "description": "Type of the integration"}, "id": {"type": "string", "title": "Id", "description": "ID of the integration"}, "blocklists": {"items": {"$ref": "#/components/schemas/BlocklistSubscription"}, "type": "array", "title": "Blocklists", "default": []}, "allowlists": {"items": {"$ref": "#/components/schemas/AllowlistSubscription"}, "type": "array", "title": "Allowlists", "default": []}, "cves": {"items": {"$ref": "#/components/schemas/CVEsubscription"}, "type": "array", "title": "Cves", "default": []}, "fingerprints": {"items": {"$ref": "#/components/schemas/FingerprintSubscription"}, "type": "array", "title": "Fingerprints", "default": []}, "name": {"type": "string", "title": "Name", "description": "Name of the integration"}, "updated_at": {"type": "string", "format": "date-time", "title": "Updated At", "description": "Last time the integration was updated"}, "description": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Description", "description": "Description of the integration"}, "output_format": {"$ref": "#/components/schemas/OutputFormat", "description": "Output format of the integration"}, "last_pull": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Pull", "description": "Last time the integration pulled blocklists"}, "pull_limit": {"anyOf": [{"type": "integer"}, {"type": "null"}], "title": "Pull Limit", "description": "Maximum number of items to pull"}, "enable_ip_aggregation": {"type": "boolean", "title": "Enable Ip Aggregation", "description": "Whether to enable IP aggregation into ranges", "default": false}}, "type": "object", "required": ["organization_id", "entity_type", "name", "output_format"], "title": "IntegrationResponse"}, "IntervalOptions": {"type": "string", "enum": ["hour", "day", "week"], "title": "IntervalOptions"}, "Location": {"properties": {"country": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Country", "description": "Country code"}, "city": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "City", "description": "City name"}, "latitude": {"anyOf": [{"type": "number"}, {"type": "null"}], "title": "Latitude", "description": "Latitude coordinate"}, "longitude": {"anyOf": [{"type": "number"}, {"type": "null"}], "title": "Longitude", "description": "Longitude coordinate"}}, "type": "object", "title": "Location"}, "LookupImpactCVEItem": {"properties": {"id": {"type": "string", "title": "Id", "description": "ID of the CVE"}, "name": {"type": "string", "title": "Name", "description": "Name of the CVE"}, "title": {"type": "string", "title": "Title", "description": "Title of the CVE"}, "affected_components": {"items": {"$ref": "#/components/schemas/AffectedComponent"}, "type": "array", "title": "Affected Components", "description": "List of affected components"}, "crowdsec_score": {"type": "integer", "maximum": 10.0, "minimum": 0.0, "title": "Crowdsec Score", "description": "Live Exploit Tracker score of the CVE"}, "opportunity_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Opportunity Score", "description": "Opportunity score indicating if it's an opportunistic(0) or targeted(5) attack (between 0-5)", "default": 0}, "momentum_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Momentum Score", "description": "Momentum score indicating the vulnerability's trendiness based on signal comparison with the previous month. Higher scores (4-5) indicate significantly more signals this month than last month's average, while lower scores (0-1) indicate declining activity (between 0-5)", "default": 0}, "first_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "First Seen", "description": "First seen date"}, "last_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Seen", "description": "Last seen date"}, "nb_ips": {"type": "integer", "minimum": 0.0, "title": "Nb Ips", "description": "Number of unique IPs affected"}, "published_date": {"type": "string", "format": "date-time", "title": "Published Date", "description": "Published date of the CVE"}, "cvss_score": {"anyOf": [{"type": "number", "maximum": 10.0, "minimum": 0.0}, {"type": "null"}], "title": "Cvss Score", "description": "CVSS score of the CVE"}, "has_public_exploit": {"type": "boolean", "title": "Has Public Exploit", "description": "Indicates if there is a public exploit for the CVE"}, "rule_release_date": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Rule Release Date", "description": "Release date of the associated detection rule"}, "exploitation_phase": {"$ref": "#/components/schemas/ExploitationPhase", "description": "Current exploitation phase of the CVE"}, "adjustment_score": {"anyOf": [{"$ref": "#/components/schemas/AdjustmentScore"}, {"type": "null"}], "description": "Score adjustments applied to the CVE score based on various factors"}, "hype_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Hype Score", "description": "Hype score (raw momentum component)", "default": 0}, "tags": {"items": {"type": "string"}, "type": "array", "title": "Tags", "description": "Tags associated with the CVE"}, "references": {"items": {"type": "string"}, "type": "array", "title": "References", "description": "List of references for the CVE"}, "description": {"type": "string", "title": "Description", "description": "Description of the CVE"}, "crowdsec_analysis": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Crowdsec Analysis", "description": "CrowdSec analysis of the CVE"}, "cwes": {"items": {"$ref": "#/components/schemas/CWE"}, "type": "array", "title": "Cwes", "description": "List of CWEs associated with the CVE"}, "events": {"items": {"$ref": "#/components/schemas/CVEEvent"}, "type": "array", "title": "Events", "description": "List of events related to the CVE"}, "type": {"type": "string", "const": "cve", "title": "Type", "description": "Resource type", "default": "cve"}}, "type": "object", "required": ["id", "name", "title", "affected_components", "crowdsec_score", "nb_ips", "published_date", "has_public_exploit", "exploitation_phase", "references", "description", "crowdsec_analysis", "cwes"], "title": "LookupImpactCVEItem"}, "LookupImpactFingerprintItem": {"properties": {"id": {"type": "string", "title": "Id", "description": "Fingerprint rule identifier"}, "name": {"type": "string", "title": "Name", "description": "Fingerprint rule name"}, "title": {"type": "string", "title": "Title", "description": "Fingerprint rule title"}, "affected_components": {"items": {"$ref": "#/components/schemas/AffectedComponent"}, "type": "array", "title": "Affected Components", "description": "List of affected components"}, "crowdsec_score": {"type": "integer", "maximum": 10.0, "minimum": 0.0, "title": "Crowdsec Score", "description": "Live Exploit Tracker score for the fingerprint rule"}, "opportunity_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Opportunity Score", "description": "Opportunity score", "default": 0}, "momentum_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Momentum Score", "description": "Momentum score", "default": 0}, "first_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "First Seen", "description": "First seen date"}, "last_seen": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Last Seen", "description": "Last seen date"}, "nb_ips": {"type": "integer", "minimum": 0.0, "title": "Nb Ips", "description": "Number of unique IPs observed"}, "rule_release_date": {"anyOf": [{"type": "string", "format": "date-time"}, {"type": "null"}], "title": "Rule Release Date", "description": "Release date of the fingerprint rule"}, "exploitation_phase": {"$ref": "#/components/schemas/ExploitationPhase", "description": "Current exploitation phase"}, "adjustment_score": {"anyOf": [{"$ref": "#/components/schemas/AdjustmentScore"}, {"type": "null"}], "description": "Score adjustment details"}, "hype_score": {"type": "integer", "maximum": 5.0, "minimum": 0.0, "title": "Hype Score", "description": "Hype score (raw momentum component)", "default": 0}, "tags": {"items": {"type": "string"}, "type": "array", "title": "Tags", "description": "Tags associated with the fingerprint rule"}, "description": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Description", "description": "Fingerprint rule description"}, "references": {"items": {"type": "string"}, "type": "array", "title": "References", "description": "Reference links for the fingerprint rule"}, "crowdsec_analysis": {"anyOf": [{"type": "string"}, {"type": "null"}], "title": "Crowdsec Analysis", "description": "CrowdSec analysis for this fingerprint rule"}, "events": {"items": {"$ref": "#/components/schemas/CVEEvent"}, "type": "array", "title": "Events", "description": "List of events related to the fingerprint rule"}, "type": {"type": "string", "const": "fingerprint", "title": "Type", "description": "Resource type", "default": "fingerprint"}}, "type": "object", "required": ["id", "name", "title", "affected_components", "crowdsec_score", "nb_ips", "exploitation_phase"], "title": "LookupImpactFingerprintItem"}, "LookupImpactResponsePage": {"properties": {"items": {"items": {"oneOf": [{"$ref": "#/components/schemas/LookupImpactCVEItem"}, {"$ref": "#/components/schemas/LookupImpactFingerprintItem"}], "discriminator": {"propertyName": "type", "mapping": {"cve": "#/components/schemas/LookupImpactCVEItem", "fingerprint": "#/components/schemas/LookupImpactFingerprintItem"}}}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "LookupImpactResponsePage"}, "LookupListItem": {"properties": {"value": {"type": "string", "title": "Value", "description": "Lookup entry value"}}, "type": "object", "required": ["value"], "title": "LookupListItem"}, "LookupListResponsePage": {"properties": {"items": {"items": {"$ref": "#/components/schemas/LookupListItem"}, "type": "array", "title": "Items"}, "total": {"type": "integer", "minimum": 0.0, "title": "Total"}, "page": {"type": "integer", "minimum": 1.0, "title": "Page"}, "size": {"type": "integer", "minimum": 1.0, "title": "Size"}, "pages": {"type": "integer", "minimum": 0.0, "title": "Pages"}, "links": {"$ref": "#/components/schemas/Links", "readOnly": true}}, "type": "object", "required": ["items", "total", "page", "size", "pages", "links"], "title": "LookupListResponsePage"}, "MitreTechnique": {"properties": {"name": {"type": "string", "title": "Name", "description": "MITRE technique ID"}, "label": {"type": "string", "title": "Label", "description": "MITRE technique label"}, "description": {"type": "string", "title": "Description", "description": "MITRE technique description"}}, "type": "object", "required": ["name", "label", "description"], "title": "MitreTechnique"}, "Reference": {"properties": {"name": {"type": "string", "title": "Name", "description": "Reference name"}, "label": {"type": "string", "title": "Label", "description": "Reference label"}, "description": {"type": "string", "title": "Description", "description": "Reference description"}}, "type": "object", "required": ["name", "label", "description"], "title": "Reference"}, "ScoreBreakdown": {"properties": {"aggressiveness": {"type": "integer", "title": "Aggressiveness", "description": "Aggressiveness score"}, "threat": {"type": "integer", "title": "Threat", "description": "Threat score"}, "trust": {"type": "integer", "title": "Trust", "description": "Trust score"}, "anomaly": {"type": "integer", "title": "Anomaly", "description": "Anomaly score"}, "total": {"type": "integer", "title": "Total", "description": "Total score"}}, "type": "object", "required": ["aggressiveness", "threat", "trust", "anomaly", "total"], "title": "ScoreBreakdown"}, "Scores": {"properties": {"overall": {"$ref": "#/components/schemas/ScoreBreakdown", "description": "Overall scores"}, "last_day": {"$ref": "#/components/schemas/ScoreBreakdown", "description": "Last day scores"}, "last_week": {"$ref": "#/components/schemas/ScoreBreakdown", "description": "Last week scores"}, "last_month": {"$ref": "#/components/schemas/ScoreBreakdown", "description": "Last month scores"}}, "type": "object", "required": ["overall", "last_day", "last_week", "last_month"], "title": "Scores"}, "SinceOptions": {"type": "integer", "enum": [1, 7, 30], "title": "SinceOptions"}, "SubscribeCVEIntegrationRequest": {"properties": {"name": {"type": "string", "title": "Name", "description": "Name of the integration to subscribe"}}, "additionalProperties": false, "type": "object", "required": ["name"], "title": "SubscribeCVEIntegrationRequest"}, "SubscribeFingerprintIntegrationRequest": {"properties": {"name": {"type": "string", "title": "Name", "description": "Name of the integration to subscribe"}}, "additionalProperties": false, "type": "object", "required": ["name"], "title": "SubscribeFingerprintIntegrationRequest"}, "TimelineItem": {"properties": {"timestamp": {"type": "string", "format": "date-time", "title": "Timestamp", "description": "Timestamp of the timeline event"}, "count": {"type": "integer", "title": "Count", "description": "Count of occurrences at the timestamp"}}, "type": "object", "required": ["timestamp", "count"], "title": "TimelineItem"}}, "securitySchemes": {"ApiKeyAuth": {"type": "apiKey", "in": "header", "name": "x-api-key", "description": "If integration key is provided, can also work to get integration content"}, "BasicAuth": {"type": "http", "scheme": "basic", "description": "Basic Auth for integration content endpoint only"}}}, "security": [{"ApiKeyAuth": []}, {"BasicAuth": []}], "servers": [{"url": "https://admin.api.crowdsec.net/v1", "description": "Production server"}]} \ No newline at end of file diff --git a/pyproject.toml b/pyproject.toml index f3f7494..dea3249 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta" [project] name = "crowdsec_tracker_api" -version = "1.108.1" +version = "1.110.1" license = { text = "MIT" } authors = [ { name="crowdsec", email="info@crowdsec.net" }