CSEC_PUBLIC/catalyst
1
0
Fork 0
mirror of https://github.com/SecurityBrewery/catalyst.git synced 2025-12-13 02:32:50 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
0286574692e0f98149eb9692efcbc6f1a9e37f5d
catalyst/generated/restapi/embedded_spec.go
Jonas Plum 15cf0ebd49 Release catalyst
2021-12-13 00:39:15 +01:00

14077 lines
485 KiB
Go
Raw Blame History

// Code generated by go-swagger; DO NOT EDIT.
package restapi
// This file was generated by the swagger tool.
// Editing this file might prove futile when you re-run the swagger generate command
import (
"encoding/json"
)
var (
// SwaggerJSON embedded version of the swagger document used at generation time
SwaggerJSON json.RawMessage
// FlatSwaggerJSON embedded flattened version of the swagger document used at generation time
FlatSwaggerJSON json.RawMessage
)
func init() {
SwaggerJSON = json.RawMessage([]byte(`{
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"schemes": [
"http"
],
"swagger": "2.0",
"info": {
"description": "API for the catalyst incident response platform."
},
"host": ".",
"basePath": "/api",
"paths": {
"/automations": {
"get": {
"security": [
{
"roles": [
"automation:read"
]
}
],
"tags": [
"automations"
],
"summary": "List automations",
"operationId": "listAutomations",
"responses": {
"200": {
"description": "successful operation",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/AutomationResponse"
}
},
"examples": {
"test": [
{
"id": "comment",
"image": "docker.io/python:3",
"script": "",
"type": [
"playbook"
]
},
{
"id": "hash.sha1",
"image": "docker.io/python:3",
"schema": "{\"title\":\"Input\",\"type\":\"object\",\"properties\":{\"default\":{\"type\":\"string\",\"title\":\"Value\"}},\"required\":[\"default\"]}",
"script": "",
"type": [
"global",
"artifact",
"playbook"
]
},
{
"id": "thehive",
"image": "docker.io/python:3",
"schema": "{\"title\":\"TheHive credentials\",\"type\":\"object\",\"properties\":{\"thehiveurl\":{\"type\":\"string\",\"title\":\"TheHive URL (e.g. 'https://thehive.example.org')\"},\"thehivekey\":{\"type\":\"string\",\"title\":\"TheHive API Key\"},\"skip_files\":{\"type\":\"boolean\", \"default\": true, \"title\":\"Skip Files (much faster)\"},\"keep_ids\":{\"type\":\"boolean\", \"default\": true, \"title\":\"Keep IDs and overwrite existing IDs\"}},\"required\":[\"thehiveurl\", \"thehivekey\", \"skip_files\", \"keep_ids\"]}",
"script": "",
"type": [
"global"
]
},
{
"id": "vt.hash",
"image": "docker.io/python:3",
"schema": "{\"title\":\"Input\",\"type\":\"object\",\"properties\":{\"default\":{\"type\":\"string\",\"title\":\"Value\"}},\"required\":[\"default\"]}",
"script": "",
"type": [
"global",
"artifact",
"playbook"
]
}
]
}
}
}
},
"post": {
"security": [
{
"roles": [
"automation:write"
]
}
],
"tags": [
"automations"
],
"summary": "Create a new automation",
"operationId": "createAutomation",
"parameters": [
{
"x-example": {
"id": "hash-sha-256",
"image": "docker.io/python:3",
"script": "import sys\nimport json\nimport hashlib\n\n\ndef run(msg):\n sha256 = hashlib.sha256(msg['payload']['default'].encode('utf-8'))\n return {'hash': sha256.hexdigest()}\n\n\nprint(json.dumps(run(json.loads(sys.argv[1]))))\n",
"type": [
"global"
]
},
"description": "New automation",
"name": "automation",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/AutomationForm"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/AutomationResponse"
},
"examples": {
"test": {
"id": "hash-sha-256",
"image": "docker.io/python:3",
"script": "import sys\nimport json\nimport hashlib\n\n\ndef run(msg):\n sha256 = hashlib.sha256(msg['payload']['default'].encode('utf-8'))\n return {'hash': sha256.hexdigest()}\n\n\nprint(json.dumps(run(json.loads(sys.argv[1]))))\n",
"type": [
"global"
]
}
}
}
}
}
},
"/automations/{id}": {
"get": {
"security": [
{
"roles": [
"automation:read"
]
}
],
"tags": [
"automations"
],
"summary": "Get a single automation",
"operationId": "getAutomation",
"parameters": [
{
"type": "string",
"x-example": "hash.sha1",
"description": "Automation ID",
"name": "id",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/AutomationResponse"
},
"examples": {
"test": {
"id": "hash.sha1",
"image": "docker.io/python:3",
"schema": "{\"title\":\"Input\",\"type\":\"object\",\"properties\":{\"default\":{\"type\":\"string\",\"title\":\"Value\"}},\"required\":[\"default\"]}",
"script": "#!/usr/bin/env python\n\nimport sys\nimport json\nimport hashlib\n\n\ndef run(msg):\n sha1 = hashlib.sha1(msg['payload']['default'].encode('utf-8'))\n return {\"hash\": sha1.hexdigest()}\n\n\nprint(json.dumps(run(json.loads(sys.argv[1]))))\n",
"type": [
"global",
"artifact",
"playbook"
]
}
}
}
}
},
"put": {
"security": [
{
"roles": [
"automation:write"
]
}
],
"tags": [
"automations"
],
"summary": "Update an existing automation",
"operationId": "updateAutomation",
"parameters": [
{
"type": "string",
"x-example": "hash.sha1",
"description": "Automation ID",
"name": "id",
"in": "path",
"required": true
},
{
"x-example": {
"id": "hash.sha1",
"image": "docker.io/python:3",
"script": "import sys\nimport json\nimport hashlib\n\n\ndef run(msg):\n sha1 = hashlib.sha1(msg['payload'].encode('utf-8'))\n return {'hash': sha1.hexdigest()}\n\n\nprint(json.dumps(run(json.loads(sys.argv[1]))))\n",
"type": [
"global",
"artifact",
"playbook"
]
},
"description": "Automation object that needs to be added",
"name": "automation",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/AutomationForm"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/AutomationResponse"
},
"examples": {
"test": {
"id": "hash.sha1",
"image": "docker.io/python:3",
"script": "import sys\nimport json\nimport hashlib\n\n\ndef run(msg):\n sha1 = hashlib.sha1(msg['payload'].encode('utf-8'))\n return {'hash': sha1.hexdigest()}\n\n\nprint(json.dumps(run(json.loads(sys.argv[1]))))\n",
"type": [
"global",
"artifact",
"playbook"
]
}
}
}
}
},
"delete": {
"security": [
{
"roles": [
"automation:write"
]
}
],
"tags": [
"automations"
],
"summary": "Delete a automation",
"operationId": "deleteAutomation",
"parameters": [
{
"type": "string",
"x-example": "hash.sha1",
"description": "Automation ID",
"name": "id",
"in": "path",
"required": true
}
],
"responses": {
"204": {
"description": "successful operation"
}
}
}
},
"/currentuser": {
"get": {
"security": [
{
"roles": [
"currentuser:read"
]
}
],
"tags": [
"users"
],
"summary": "Get current user",
"operationId": "currentUser",
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/UserResponse"
},
"examples": {
"test": {
"apikey": false,
"blocked": false,
"id": "bob",
"roles": [
"admin:backup:read",
"admin:backup:restore",
"admin:group:write",
"admin:job:read",
"admin:job:write",
"admin:log:read",
"admin:ticket:delete",
"admin:user:write",
"admin:userdata:read",
"admin:userdata:write",
"analyst:automation:read",
"analyst:currentsettings:write",
"analyst:currentuser:read",
"analyst:currentuserdata:read",
"analyst:file",
"analyst:group:read",
"analyst:playbook:read",
"analyst:rule:read",
"analyst:settings:read",
"analyst:template:read",
"analyst:ticket:read",
"analyst:ticket:write",
"analyst:tickettype:read",
"analyst:user:read",
"engineer:automation:write",
"engineer:playbook:write",
"engineer:rule:write",
"engineer:template:write",
"engineer:tickettype:write"
]
}
}
}
}
}
},
"/currentuserdata": {
"get": {
"security": [
{
"roles": [
"currentuserdata:read"
]
}
],
"tags": [
"userdata"
],
"summary": "Get current user data",
"operationId": "currentUserData",
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/UserDataResponse"
},
"examples": {
"test": {
"email": "bob@example.org",
"id": "bob",
"name": "Bob Bad"
}
}
}
}
},
"put": {
"security": [
{
"roles": [
"currentuserdata:write"
]
}
],
"tags": [
"userdata"
],
"summary": "Update current user data",
"operationId": "updateCurrentUserData",
"parameters": [
{
"x-example": {
"email": "bob@example.org",
"name": "Bob Bad"
},
"description": "User data object that needs to be added",
"name": "userdata",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/UserData"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/UserDataResponse"
},
"examples": {
"test": {
"email": "bob@example.org",
"id": "bob",
"name": "Bob Bad"
}
}
}
}
}
},
"/jobs": {
"get": {
"security": [
{
"roles": [
"job:read"
]
}
],
"tags": [
"jobs"
],
"summary": "List jobs",
"operationId": "listJobs",
"responses": {
"200": {
"description": "successful operation",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/JobResponse"
}
},
"examples": {
"test": [
{
"automation": "hash.sha1",
"id": "99cd67131b48",
"payload": "test",
"status": "created"
}
]
}
}
}
},
"post": {
"security": [
{
"roles": [
"job:write"
]
}
],
"tags": [
"jobs"
],
"summary": "Start a new job",
"operationId": "runJob",
"parameters": [
{
"x-example": {
"automation": "hash.sha1",
"message": {
"payload": "test"
}
},
"description": "New job",
"name": "job",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/JobForm"
}
}
],
"responses": {
"204": {
"description": "successful operation"
}
}
}
},
"/jobs/{id}": {
"get": {
"security": [
{
"roles": [
"job:read"
]
}
],
"tags": [
"jobs"
],
"summary": "Get a single job",
"operationId": "getJob",
"parameters": [
{
"type": "string",
"x-example": "99cd67131b48",
"description": "Job ID",
"name": "id",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/JobResponse"
},
"examples": {
"test": {
"automation": "hash.sha1",
"id": "99cd67131b48",
"payload": "test",
"status": "created"
}
}
}
}
},
"put": {
"security": [
{
"roles": [
"job:write"
]
}
],
"tags": [
"jobs"
],
"summary": "Update an existing job",
"operationId": "updateJob",
"parameters": [
{
"type": "string",
"x-example": "99cd67131b48",
"description": "Job ID",
"name": "id",
"in": "path",
"required": true
},
{
"x-example": {
"automation": "hash.sha1",
"id": "99cd67131b48",
"payload": "test",
"status": "failed"
},
"description": "Job object that needs to be added",
"name": "job",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/Job"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/JobResponse"
},
"examples": {
"test": {
"automation": "hash.sha1",
"id": "99cd67131b48",
"payload": "test",
"status": "failed"
}
}
}
}
}
},
"/logs/{reference}": {
"get": {
"security": [
{
"roles": [
"log:read"
]
}
],
"tags": [
"logs"
],
"summary": "Get log entries",
"operationId": "getLogs",
"parameters": [
{
"type": "string",
"x-example": "tickets%2F294511",
"description": "Reference",
"name": "reference",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/LogEntry"
}
},
"examples": {
"test": [
{
"created": "2021-10-02T18:05:00.333535+02:00",
"creator": "bob",
"message": "Fail run account resist lend solve incident centre priority temperature. Cause change distribution examine location technique shape partner milk customer. Rail tea plate soil report cook railway interpretation breath action. Exercise dream accept park conclusion addition shoot assistance may answer. Gold writer link stop combine hear power name commitment operation. Determine lifespan support grow degree henry exclude detail set religion. Direct library policy convention chain retain discover ride walk student. Gather proposal select march aspect play noise avoid encourage employ. Assessment preserve transport combine wish influence income guess run stand. Charge limit crime ignore statement foundation study issue stop claim.",
"reference": "tickets/294511"
}
]
}
}
}
}
},
"/playbooks": {
"get": {
"security": [
{
"roles": [
"playbook:read"
]
}
],
"tags": [
"playbooks"
],
"summary": "List playbooks",
"operationId": "listPlaybooks",
"responses": {
"200": {
"description": "successful operation",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/PlaybookTemplateResponse"
}
},
"examples": {
"test": [
{
"id": "malware",
"name": "Malware",
"yaml": "name: Malware\ntasks:\n file-or-hash:\n name: Do you have the file or the hash?\n type: input\n schema:\n title: Malware\n type: object\n properties:\n file:\n type: string\n title: \"I have the\"\n enum: [ \"File\", \"Hash\" ]\n next:\n enter-hash: \"file == 'Hash'\"\n upload: \"file == 'File'\"\n\n enter-hash:\n name: Please enter the hash\n type: input\n schema:\n title: Malware\n type: object\n properties:\n hash:\n type: string\n title: Please enter the hash value\n minlength: 32\n next:\n virustotal: \"hash != ''\"\n\n upload:\n name: Upload the malware\n type: input\n schema:\n title: Malware\n type: object\n properties:\n malware:\n type: object\n x-display: file\n title: Please upload the malware\n next:\n hash: \"malware\"\n\n hash:\n name: Hash the malware\n type: automation\n automation: hash.sha1\n payload:\n default: \"playbook.tasks['upload'].data['malware']\"\n next:\n virustotal:\n\n virustotal:\n name: Send hash to VirusTotal\n type: automation\n automation: vt.hash\n args:\n hash: \"playbook.tasks['enter-hash'].data['hash'] || playbook.tasks['hash'].data['hash']\"\n # next:\n # known-malware: \"score \u003e 5\"\n # sandbox: \"score \u003c 6\" # unknown-malware\n"
},
{
"id": "phishing",
"name": "Phishing",
"yaml": "name: Phishing\ntasks:\n board:\n name: Board Involvement?\n description: Is a board member involved?\n type: input\n schema:\n properties:\n boardInvolved:\n default: false\n title: A board member is involved.\n type: boolean\n required:\n - boardInvolved\n title: Board Involvement?\n type: object\n next:\n escalate: \"boardInvolved == true\"\n mail-available: \"boardInvolved == false\"\n\n escalate:\n name: Escalate to CISO\n description: Please escalate the task to the CISO\n type: task\n\n mail-available:\n name: Mail available\n type: input\n schema:\n oneOf:\n - properties:\n mail:\n title: Mail\n type: string\n x-display: textarea\n schemaKey:\n const: 'yes'\n type: string\n required:\n - mail\n title: 'Yes'\n - properties:\n schemaKey:\n const: 'no'\n type: string\n title: 'No'\n title: Mail available\n type: object\n next:\n block-sender: \"schemaKey == 'yes'\"\n extract-iocs: \"schemaKey == 'yes'\"\n search-email-gateway: \"schemaKey == 'no'\"\n\n search-email-gateway:\n name: Search email gateway\n description: Please search email-gateway for the phishing mail.\n type: task\n next:\n extract-iocs:\n\n block-sender:\n name: Block sender\n type: task\n next:\n extract-iocs:\n\n extract-iocs:\n name: Extract IOCs\n description: Please insert the IOCs\n type: input\n schema:\n properties:\n iocs:\n items:\n type: string\n title: IOCs\n type: array\n title: Extract IOCs\n type: object\n next:\n block-iocs:\n\n block-iocs:\n name: Block IOCs\n type: task\n"
},
{
"id": "simple",
"name": "Simple",
"yaml": "name: Simple\ntasks:\n input:\n name: Enter something to hash\n type: input\n schema:\n title: Something\n type: object\n properties:\n something:\n type: string\n title: Something\n default: \"\"\n next:\n hash: \"something != ''\"\n\n hash:\n name: Hash the something\n type: automation\n automation: hash.sha1\n payload:\n default: \"playbook.tasks['input'].data['something']\"\n next:\n comment: \"hash != ''\"\n\n comment:\n name: Comment the hash\n type: automation\n automation: comment\n payload:\n default: \"playbook.tasks['hash'].data['hash']\"\n next:\n done: \"done\"\n\n done:\n name: You can close this case now\n type: task\n"
}
]
}
}
}
},
"post": {
"security": [
{
"roles": [
"playbook:write"
]
}
],
"tags": [
"playbooks"
],
"summary": "Create a playbook",
"operationId": "createPlaybook",
"parameters": [
{
"x-example": {
"yaml": "name: Simple2\ntasks:\n input:\n name: Upload malware if possible\n type: input\n schema:\n title: Malware\n type: object\n properties:\n malware:\n type: string\n title: Select malware\n default: \"\"\n next:\n hash: \"malware != ''\"\n\n hash:\n name: Hash the malware\n type: automation\n automation: hash.sha1\n payload:\n default: \"playbook.tasks['input'].data['malware']\"\n next:\n escalate:\n\n escalate:\n name: Escalate to malware team\n type: task\n"
},
"description": "New playbook",
"name": "playbook",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/PlaybookTemplateForm"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/PlaybookTemplateResponse"
}
},
"examples": {
"test": {
"id": "simple-2",
"name": "Simple2",
"yaml": "name: Simple2\ntasks:\n input:\n name: Upload malware if possible\n type: input\n schema:\n title: Malware\n type: object\n properties:\n malware:\n type: string\n title: Select malware\n default: \"\"\n next:\n hash: \"malware != ''\"\n\n hash:\n name: Hash the malware\n type: automation\n automation: hash.sha1\n payload:\n default: \"playbook.tasks['input'].data['malware']\"\n next:\n escalate:\n\n escalate:\n name: Escalate to malware team\n type: task\n"
}
}
}
}
}
},
"/playbooks/{id}": {
"get": {
"security": [
{
"roles": [
"playbook:read"
]
}
],
"tags": [
"playbooks"
],
"summary": "Get a single playbook",
"operationId": "getPlaybook",
"parameters": [
{
"type": "string",
"x-example": "simple",
"description": "Playbook name",
"name": "id",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/PlaybookTemplateResponse"
},
"examples": {
"test": {
"id": "simple",
"name": "Simple",
"yaml": "name: Simple\ntasks:\n input:\n name: Enter something to hash\n type: input\n schema:\n title: Something\n type: object\n properties:\n something:\n type: string\n title: Something\n default: \"\"\n next:\n hash: \"something != ''\"\n\n hash:\n name: Hash the something\n type: automation\n automation: hash.sha1\n payload:\n default: \"playbook.tasks['input'].data['something']\"\n next:\n comment: \"hash != ''\"\n\n comment:\n name: Comment the hash\n type: automation\n automation: comment\n payload:\n default: \"playbook.tasks['hash'].data['hash']\"\n next:\n done: \"done\"\n\n done:\n name: You can close this case now\n type: task\n"
}
}
}
}
},
"put": {
"security": [
{
"roles": [
"playbook:write"
]
}
],
"tags": [
"playbooks"
],
"summary": "Update an existing ticket playbook",
"operationId": "updatePlaybook",
"parameters": [
{
"type": "string",
"x-example": "simple",
"description": "Playbook ID",
"name": "id",
"in": "path",
"required": true
},
{
"x-example": {
"yaml": "name: Simple\ntasks:\n input:\n name: Upload malware if possible\n type: input\n schema:\n title: Malware\n type: object\n properties:\n malware:\n type: string\n title: Select malware\n default: \"\"\n next:\n hash: \"malware != ''\"\n\n hash:\n name: Hash the malware\n type: automation\n automation: hash.sha1\n payload:\n default: \"playbook.tasks['input'].data['malware']\"\n next:\n escalate:\n\n escalate:\n name: Escalate to malware team\n type: task\n"
},
"description": "Updated playbook",
"name": "playbook",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/PlaybookTemplateForm"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/PlaybookTemplateResponse"
},
"examples": {
"test": {
"id": "simple",
"name": "Simple",
"yaml": "name: Simple\ntasks:\n input:\n name: Upload malware if possible\n type: input\n schema:\n title: Malware\n type: object\n properties:\n malware:\n type: string\n title: Select malware\n default: \"\"\n next:\n hash: \"malware != ''\"\n\n hash:\n name: Hash the malware\n type: automation\n automation: hash.sha1\n payload:\n default: \"playbook.tasks['input'].data['malware']\"\n next:\n escalate:\n\n escalate:\n name: Escalate to malware team\n type: task\n"
}
}
}
}
},
"delete": {
"security": [
{
"roles": [
"playbook:write"
]
}
],
"tags": [
"playbooks"
],
"summary": "Delete a playbook",
"operationId": "deletePlaybook",
"parameters": [
{
"type": "string",
"x-example": "simple",
"description": "Playbook name",
"name": "id",
"in": "path",
"required": true
}
],
"responses": {
"204": {
"description": "successful operation"
}
}
}
},
"/settings": {
"get": {
"security": [
{
"roles": [
"settings:read"
]
}
],
"tags": [
"settings"
],
"summary": "Get settings",
"operationId": "getSettings",
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/Settings"
},
"examples": {
"test": {
"artifactStates": [
{
"color": "info",
"icon": "mdi-help-circle-outline",
"id": "unknown",
"name": "Unknown"
},
{
"color": "error",
"icon": "mdi-skull",
"id": "malicious",
"name": "Malicious"
},
{
"color": "success",
"icon": "mdi-check",
"id": "clean",
"name": "Clean"
}
],
"roles": [
"admin:backup:read",
"admin:backup:restore",
"admin:group:write",
"admin:job:read",
"admin:job:write",
"admin:log:read",
"admin:ticket:delete",
"admin:user:write",
"admin:userdata:read",
"admin:userdata:write",
"analyst:automation:read",
"analyst:currentsettings:write",
"analyst:currentuser:read",
"analyst:currentuserdata:read",
"analyst:file",
"analyst:group:read",
"analyst:playbook:read",
"analyst:rule:read",
"analyst:settings:read",
"analyst:template:read",
"analyst:ticket:read",
"analyst:ticket:write",
"analyst:tickettype:read",
"analyst:user:read",
"engineer:automation:write",
"engineer:playbook:write",
"engineer:rule:write",
"engineer:template:write",
"engineer:tickettype:write"
],
"ticketTypes": [
{
"default_playbooks": null,
"default_template": "default",
"icon": "mdi-alert",
"id": "alert",
"name": "Alerts"
},
{
"default_playbooks": null,
"default_template": "default",
"icon": "mdi-radioactive",
"id": "incident",
"name": "Incidents"
},
{
"default_playbooks": null,
"default_template": "default",
"icon": "mdi-fingerprint",
"id": "investigation",
"name": "Forensic Investigations"
},
{
"default_playbooks": null,
"default_template": "default",
"icon": "mdi-target",
"id": "hunt",
"name": "Threat Hunting"
}
],
"tier": "community",
"timeformat": "YYYY-MM-DDThh:mm:ss",
"version": "0.0.0-test"
}
}
}
}
}
},
"/statistics": {
"get": {
"security": [
{
"roles": [
"ticket:read"
]
}
],
"tags": [
"statistics"
],
"summary": "Get statistics",
"operationId": "getStatistics",
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/Statistics"
},
"examples": {
"test": {
"open_tickets_per_user": {},
"tickets_per_type": {
"alert": 2,
"incident": 1
},
"tickets_per_week": {
"2021-39": 3
},
"unassigned": 0
}
}
}
}
}
},
"/tasks": {
"get": {
"security": [
{
"roles": [
"ticket:read"
]
}
],
"tags": [
"tasks"
],
"summary": "List tasks",
"operationId": "listTasks",
"responses": {
"200": {
"description": "successful operation",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/TaskResponse"
}
},
"examples": {
"test": null
}
}
}
}
},
"/templates": {
"get": {
"security": [
{
"roles": [
"template:read"
]
}
],
"tags": [
"templates"
],
"summary": "List templates",
"operationId": "listTemplates",
"responses": {
"200": {
"description": "successful operation",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/TicketTemplateResponse"
}
},
"examples": {
"test": [
{
"id": "default",
"name": "Default",
"schema": "{\n \"definitions\": {},\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"$id\": \"https://example.com/object1618746510.json\",\n \"title\": \"Default\",\n \"type\": \"object\",\n \"required\": [\n \"severity\",\n \"description\",\n \"tlp\"\n ],\n \"properties\": {\n \"severity\": {\n \"$id\": \"#root/severity\",\n \"title\": \"Severity\",\n \"type\": \"string\",\n \"default\": \"Medium\",\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"Low\",\n \"title\": \"Low\",\n \"icon\": \"mdi-chevron-up\"\n },\n {\n \"const\": \"Medium\",\n \"title\": \"Medium\",\n \"icon\": \"mdi-chevron-double-up\"\n },\n {\n \"const\": \"High\",\n \"title\": \"High\",\n \"icon\": \"mdi-chevron-triple-up\"\n }\n ]\n },\n \"tlp\": {\n \"$id\": \"#root/tlp\",\n \"title\": \"TLP\",\n \"type\": \"string\",\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"White\",\n \"title\": \"White\",\n \"icon\": \"mdi-alpha-w\"\n },\n {\n \"const\": \"Green\",\n \"title\": \"Green\",\n \"icon\": \"mdi-alpha-g\"\n },\n {\n \"const\": \"Amber\",\n \"title\": \"Amber\",\n \"icon\": \"mdi-alpha-a\"\n },\n {\n \"const\": \"Red\",\n \"title\": \"Red\",\n \"icon\": \"mdi-alpha-r\"\n }\n ]\n },\n \"description\": {\n \"$id\": \"#root/description\",\n \"title\": \"Description\",\n \"type\": \"string\",\n \"x-display\": \"textarea\",\n \"x-class\": \"pr-2\"\n }\n }\n}\n"
}
]
}
}
}
},
"post": {
"security": [
{
"roles": [
"template:write"
]
}
],
"tags": [
"templates"
],
"summary": "Create a new template",
"operationId": "createTemplate",
"parameters": [
{
"x-example": {
"name": "My Template",
"schema": "{\n \"definitions\": {},\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"$id\": \"https://example.com/object1618746510.json\",\n \"title\": \"Event\",\n \"type\": \"object\",\n \"required\": [\n \"severity\",\n \"description\",\n \"tlp\"\n ],\n \"properties\": {\n \"severity\": {\n \"$id\": \"#root/severity\",\n \"title\": \"Severity\",\n \"type\": \"string\",\n \"default\": \"Medium\",\n \"nx-enum\": [\n \"Low\",\n \"Medium\",\n \"High\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"Low\",\n \"title\": \"Low\",\n \"icon\": \"mdi-chevron-up\"\n },\n {\n \"const\": \"Medium\",\n \"title\": \"Medium\",\n \"icon\": \"mdi-chevron-double-up\"\n },\n {\n \"const\": \"High\",\n \"title\": \"High\",\n \"icon\": \"mdi-chevron-triple-up\"\n }\n ]\n },\n \"tlp\": {\n \"$id\": \"#root/tlp\",\n \"title\": \"TLP\",\n \"type\": \"string\",\n \"nx-enum\": [\n \"White\",\n \"Green\",\n \"Amber\",\n \"Red\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"White\",\n \"title\": \"White\",\n \"icon\": \"mdi-alpha-w\"\n },\n {\n \"const\": \"Green\",\n \"title\": \"Green\",\n \"icon\": \"mdi-alpha-g\"\n },\n {\n \"const\": \"Amber\",\n \"title\": \"Amber\",\n \"icon\": \"mdi-alpha-a\"\n },\n {\n \"const\": \"Red\",\n \"title\": \"Red\",\n \"icon\": \"mdi-alpha-r\"\n }\n ]\n },\n \"description\": {\n \"$id\": \"#root/description\",\n \"title\": \"Description\",\n \"type\": \"string\",\n \"x-display\": \"textarea\",\n \"x-class\": \"pr-2\"\n }\n }\n}\n"
},
"description": "New template",
"name": "template",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/TicketTemplateForm"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketTemplateResponse"
},
"examples": {
"test": {
"id": "my-template",
"name": "My Template",
"schema": "{\n \"definitions\": {},\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"$id\": \"https://example.com/object1618746510.json\",\n \"title\": \"Event\",\n \"type\": \"object\",\n \"required\": [\n \"severity\",\n \"description\",\n \"tlp\"\n ],\n \"properties\": {\n \"severity\": {\n \"$id\": \"#root/severity\",\n \"title\": \"Severity\",\n \"type\": \"string\",\n \"default\": \"Medium\",\n \"nx-enum\": [\n \"Low\",\n \"Medium\",\n \"High\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"Low\",\n \"title\": \"Low\",\n \"icon\": \"mdi-chevron-up\"\n },\n {\n \"const\": \"Medium\",\n \"title\": \"Medium\",\n \"icon\": \"mdi-chevron-double-up\"\n },\n {\n \"const\": \"High\",\n \"title\": \"High\",\n \"icon\": \"mdi-chevron-triple-up\"\n }\n ]\n },\n \"tlp\": {\n \"$id\": \"#root/tlp\",\n \"title\": \"TLP\",\n \"type\": \"string\",\n \"nx-enum\": [\n \"White\",\n \"Green\",\n \"Amber\",\n \"Red\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"White\",\n \"title\": \"White\",\n \"icon\": \"mdi-alpha-w\"\n },\n {\n \"const\": \"Green\",\n \"title\": \"Green\",\n \"icon\": \"mdi-alpha-g\"\n },\n {\n \"const\": \"Amber\",\n \"title\": \"Amber\",\n \"icon\": \"mdi-alpha-a\"\n },\n {\n \"const\": \"Red\",\n \"title\": \"Red\",\n \"icon\": \"mdi-alpha-r\"\n }\n ]\n },\n \"description\": {\n \"$id\": \"#root/description\",\n \"title\": \"Description\",\n \"type\": \"string\",\n \"x-display\": \"textarea\",\n \"x-class\": \"pr-2\"\n }\n }\n}\n"
}
}
}
}
}
},
"/templates/{id}": {
"get": {
"security": [
{
"roles": [
"template:read"
]
}
],
"tags": [
"templates"
],
"summary": "Get a single template",
"operationId": "getTemplate",
"parameters": [
{
"type": "string",
"x-example": "default",
"description": "Template ID",
"name": "id",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketTemplateResponse"
},
"examples": {
"test": {
"id": "default",
"name": "Default",
"schema": "{\n \"definitions\": {},\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"$id\": \"https://example.com/object1618746510.json\",\n \"title\": \"Default\",\n \"type\": \"object\",\n \"required\": [\n \"severity\",\n \"description\",\n \"tlp\"\n ],\n \"properties\": {\n \"severity\": {\n \"$id\": \"#root/severity\",\n \"title\": \"Severity\",\n \"type\": \"string\",\n \"default\": \"Medium\",\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"Low\",\n \"title\": \"Low\",\n \"icon\": \"mdi-chevron-up\"\n },\n {\n \"const\": \"Medium\",\n \"title\": \"Medium\",\n \"icon\": \"mdi-chevron-double-up\"\n },\n {\n \"const\": \"High\",\n \"title\": \"High\",\n \"icon\": \"mdi-chevron-triple-up\"\n }\n ]\n },\n \"tlp\": {\n \"$id\": \"#root/tlp\",\n \"title\": \"TLP\",\n \"type\": \"string\",\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"White\",\n \"title\": \"White\",\n \"icon\": \"mdi-alpha-w\"\n },\n {\n \"const\": \"Green\",\n \"title\": \"Green\",\n \"icon\": \"mdi-alpha-g\"\n },\n {\n \"const\": \"Amber\",\n \"title\": \"Amber\",\n \"icon\": \"mdi-alpha-a\"\n },\n {\n \"const\": \"Red\",\n \"title\": \"Red\",\n \"icon\": \"mdi-alpha-r\"\n }\n ]\n },\n \"description\": {\n \"$id\": \"#root/description\",\n \"title\": \"Description\",\n \"type\": \"string\",\n \"x-display\": \"textarea\",\n \"x-class\": \"pr-2\"\n }\n }\n}\n"
}
}
}
}
},
"put": {
"security": [
{
"roles": [
"template:write"
]
}
],
"tags": [
"templates"
],
"summary": "Update an existing template",
"operationId": "updateTemplate",
"parameters": [
{
"type": "string",
"x-example": "default",
"description": "Template ID",
"name": "id",
"in": "path",
"required": true
},
{
"x-example": {
"name": "My Template",
"schema": "{\n \"definitions\": {},\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"$id\": \"https://example.com/object1618746510.json\",\n \"title\": \"Event\",\n \"type\": \"object\",\n \"required\": [\n \"severity\",\n \"description\",\n \"tlp\"\n ],\n \"properties\": {\n \"severity\": {\n \"$id\": \"#root/severity\",\n \"title\": \"Severity\",\n \"type\": \"string\",\n \"default\": \"Medium\",\n \"nx-enum\": [\n \"Low\",\n \"Medium\",\n \"High\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"Low\",\n \"title\": \"Low\",\n \"icon\": \"mdi-chevron-up\"\n },\n {\n \"const\": \"Medium\",\n \"title\": \"Medium\",\n \"icon\": \"mdi-chevron-double-up\"\n },\n {\n \"const\": \"High\",\n \"title\": \"High\",\n \"icon\": \"mdi-chevron-triple-up\"\n }\n ]\n },\n \"tlp\": {\n \"$id\": \"#root/tlp\",\n \"title\": \"TLP\",\n \"type\": \"string\",\n \"nx-enum\": [\n \"White\",\n \"Green\",\n \"Amber\",\n \"Red\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"White\",\n \"title\": \"White\",\n \"icon\": \"mdi-alpha-w\"\n },\n {\n \"const\": \"Green\",\n \"title\": \"Green\",\n \"icon\": \"mdi-alpha-g\"\n },\n {\n \"const\": \"Amber\",\n \"title\": \"Amber\",\n \"icon\": \"mdi-alpha-a\"\n },\n {\n \"const\": \"Red\",\n \"title\": \"Red\",\n \"icon\": \"mdi-alpha-r\"\n }\n ]\n },\n \"description\": {\n \"$id\": \"#root/description\",\n \"title\": \"Description\",\n \"type\": \"string\",\n \"x-display\": \"textarea\",\n \"x-class\": \"pr-2\"\n }\n }\n}\n"
},
"description": "Template object that needs to be added",
"name": "template",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/TicketTemplateForm"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketTemplateResponse"
},
"examples": {
"test": {
"id": "default",
"name": "My Template",
"schema": "{\n \"definitions\": {},\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"$id\": \"https://example.com/object1618746510.json\",\n \"title\": \"Event\",\n \"type\": \"object\",\n \"required\": [\n \"severity\",\n \"description\",\n \"tlp\"\n ],\n \"properties\": {\n \"severity\": {\n \"$id\": \"#root/severity\",\n \"title\": \"Severity\",\n \"type\": \"string\",\n \"default\": \"Medium\",\n \"nx-enum\": [\n \"Low\",\n \"Medium\",\n \"High\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"Low\",\n \"title\": \"Low\",\n \"icon\": \"mdi-chevron-up\"\n },\n {\n \"const\": \"Medium\",\n \"title\": \"Medium\",\n \"icon\": \"mdi-chevron-double-up\"\n },\n {\n \"const\": \"High\",\n \"title\": \"High\",\n \"icon\": \"mdi-chevron-triple-up\"\n }\n ]\n },\n \"tlp\": {\n \"$id\": \"#root/tlp\",\n \"title\": \"TLP\",\n \"type\": \"string\",\n \"nx-enum\": [\n \"White\",\n \"Green\",\n \"Amber\",\n \"Red\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"White\",\n \"title\": \"White\",\n \"icon\": \"mdi-alpha-w\"\n },\n {\n \"const\": \"Green\",\n \"title\": \"Green\",\n \"icon\": \"mdi-alpha-g\"\n },\n {\n \"const\": \"Amber\",\n \"title\": \"Amber\",\n \"icon\": \"mdi-alpha-a\"\n },\n {\n \"const\": \"Red\",\n \"title\": \"Red\",\n \"icon\": \"mdi-alpha-r\"\n }\n ]\n },\n \"description\": {\n \"$id\": \"#root/description\",\n \"title\": \"Description\",\n \"type\": \"string\",\n \"x-display\": \"textarea\",\n \"x-class\": \"pr-2\"\n }\n }\n}\n"
}
}
}
}
},
"delete": {
"security": [
{
"roles": [
"template:write"
]
}
],
"tags": [
"templates"
],
"summary": "Delete a template",
"operationId": "deleteTemplate",
"parameters": [
{
"type": "string",
"x-example": "default",
"description": "Template ID",
"name": "id",
"in": "path",
"required": true
}
],
"responses": {
"204": {
"description": "successful operation"
}
}
}
},
"/tickets": {
"get": {
"security": [
{
"roles": [
"ticket:read"
]
}
],
"tags": [
"tickets"
],
"summary": "List tickets",
"operationId": "listTickets",
"parameters": [
{
"type": "string",
"description": "Ticket Type",
"name": "type",
"in": "query"
},
{
"type": "integer",
"default": 0,
"description": "Offset of the list",
"name": "offset",
"in": "query"
},
{
"maximum": 100,
"type": "integer",
"default": 25,
"description": "Number of tickets",
"name": "count",
"in": "query"
},
{
"type": "array",
"items": {
"type": "string"
},
"description": "Sort columns",
"name": "sort",
"in": "query"
},
{
"type": "array",
"items": {
"type": "boolean"
},
"description": "Sort descending",
"name": "desc",
"in": "query"
},
{
"type": "string",
"description": "Search query",
"name": "query",
"in": "query"
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketList"
},
"examples": {
"test": {
"count": 3,
"tickets": [
{
"artifacts": [
{
"name": "94d5cab6f5fe3422a447ab15436e7a672bc0c09a",
"status": "unknown"
},
{
"name": "http://www.customerviral.io/scalable/vertical/killer",
"status": "clean"
},
{
"name": "leadreintermediate.io",
"status": "malicious"
}
],
"created": "2021-10-02T18:04:59.078206+02:00",
"id": 8123,
"modified": "2021-10-02T18:04:59.078206+02:00",
"name": "live zebra",
"owner": "demo",
"playbooks": {
"phishing": {
"name": "Phishing",
"tasks": {
"block-iocs": {
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block IOCs",
"type": "task"
},
"block-sender": {
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block sender",
"next": {
"extract-iocs": ""
},
"type": "task"
},
"board": {
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Board Involvement?",
"next": {
"escalate": "boardInvolved == true",
"mail-available": "boardInvolved == false"
},
"schema": {
"properties": {
"boardInvolved": {
"default": false,
"title": "A board member is involved.",
"type": "boolean"
}
},
"required": [
"boardInvolved"
],
"title": "Board Involvement?",
"type": "object"
},
"type": "input"
},
"escalate": {
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Escalate to CISO",
"type": "task"
},
"extract-iocs": {
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Extract IOCs",
"next": {
"block-iocs": ""
},
"schema": {
"properties": {
"iocs": {
"items": {
"type": "string"
},
"title": "IOCs",
"type": "array"
}
},
"title": "Extract IOCs",
"type": "object"
},
"type": "input"
},
"mail-available": {
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Mail available",
"next": {
"block-sender": "schemaKey == 'yes'",
"extract-iocs": "schemaKey == 'yes'",
"search-email-gateway": "schemaKey == 'no'"
},
"schema": {
"oneOf": [
{
"properties": {
"mail": {
"title": "Mail",
"type": "string",
"x-display": "textarea"
},
"schemaKey": {
"const": "yes",
"type": "string"
}
},
"required": [
"mail"
],
"title": "Yes"
},
{
"properties": {
"schemaKey": {
"const": "no",
"type": "string"
}
},
"title": "No"
}
],
"title": "Mail available",
"type": "object"
},
"type": "input"
},
"search-email-gateway": {
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Search email gateway",
"next": {
"extract-iocs": ""
},
"type": "task"
}
}
}
},
"references": [
{
"href": "https://www.leadmaximize.net/e-services/back-end",
"name": "performance"
},
{
"href": "http://www.corporateinteractive.name/rich",
"name": "autumn"
},
{
"href": "https://www.corporateintuitive.org/intuitive/platforms/integrate",
"name": "suggest"
}
],
"schema": "{\n \"definitions\": {},\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"$id\": \"https://example.com/object1618746510.json\",\n \"title\": \"Event\",\n \"type\": \"object\",\n \"required\": [\n \"severity\",\n \"description\",\n \"tlp\"\n ],\n \"properties\": {\n \"severity\": {\n \"$id\": \"#root/severity\",\n \"title\": \"Severity\",\n \"type\": \"string\",\n \"default\": \"Medium\",\n \"nx-enum\": [\n \"Low\",\n \"Medium\",\n \"High\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"Low\",\n \"title\": \"Low\",\n \"icon\": \"mdi-chevron-up\"\n },\n {\n \"const\": \"Medium\",\n \"title\": \"Medium\",\n \"icon\": \"mdi-chevron-double-up\"\n },\n {\n \"const\": \"High\",\n \"title\": \"High\",\n \"icon\": \"mdi-chevron-triple-up\"\n }\n ]\n },\n \"tlp\": {\n \"$id\": \"#root/tlp\",\n \"title\": \"TLP\",\n \"type\": \"string\",\n \"nx-enum\": [\n \"White\",\n \"Green\",\n \"Amber\",\n \"Red\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"White\",\n \"title\": \"White\",\n \"icon\": \"mdi-alpha-w\"\n },\n {\n \"const\": \"Green\",\n \"title\": \"Green\",\n \"icon\": \"mdi-alpha-g\"\n },\n {\n \"const\": \"Amber\",\n \"title\": \"Amber\",\n \"icon\": \"mdi-alpha-a\"\n },\n {\n \"const\": \"Red\",\n \"title\": \"Red\",\n \"icon\": \"mdi-alpha-r\"\n }\n ]\n },\n \"description\": {\n \"$id\": \"#root/description\",\n \"title\": \"Description\",\n \"type\": \"string\",\n \"x-display\": \"textarea\",\n \"x-class\": \"pr-2\"\n }\n }\n}\n",
"status": "closed",
"type": "incident"
},
{
"created": "2021-10-02T18:04:59.078186+02:00",
"id": 8125,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "phishing from selenafadel@von.com detected",
"owner": "demo",
"references": [
{
"href": "https://www.seniorleading-edge.name/users/efficient",
"name": "recovery"
},
{
"href": "http://www.dynamicseamless.com/clicks-and-mortar",
"name": "force"
},
{
"href": "http://www.leadscalable.biz/envisioneer",
"name": "fund"
}
],
"schema": "{}",
"status": "closed",
"type": "alert"
},
{
"created": "2021-10-02T18:04:59.078186+02:00",
"id": 8126,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "Surfaceintroduce virus detected",
"owner": "demo",
"references": [
{
"href": "http://www.centralworld-class.io/synthesize",
"name": "university"
},
{
"href": "https://www.futurevirtual.org/supply-chains/markets/sticky/iterate",
"name": "goal"
},
{
"href": "http://www.chiefsyndicate.io/action-items",
"name": "unemployment"
}
],
"schema": "{}",
"status": "closed",
"type": "alert"
}
]
}
}
}
}
},
"post": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Create a new ticket",
"operationId": "createTicket",
"parameters": [
{
"x-example": {
"id": 123,
"name": "Wannacry infection",
"owner": "bob",
"status": "open",
"type": "incident"
},
"description": "New ticket",
"name": "ticket",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/TicketForm"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketResponse"
},
"examples": {
"test": {
"created": "1985-04-12T23:20:50.52Z",
"id": 123,
"modified": "1985-04-12T23:20:50.52Z",
"name": "Wannacry infection",
"owner": "bob",
"schema": "{}",
"status": "open",
"type": "incident"
}
}
}
}
}
},
"/tickets/batch": {
"post": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Create a new tickets in batch",
"operationId": "createTicketBatch",
"parameters": [
{
"x-example": [
{
"id": 123,
"name": "Wannacry infection",
"owner": "bob",
"status": "open",
"type": "incident"
}
],
"description": "New ticket",
"name": "ticket",
"in": "body",
"required": true,
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/TicketForm"
}
}
}
],
"responses": {
"204": {
"description": "successful operation"
}
}
}
},
"/tickets/{id}": {
"get": {
"security": [
{
"roles": [
"ticket:read"
]
}
],
"tags": [
"tickets"
],
"summary": "Get a single ticket",
"operationId": "getTicket",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8125,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketResponse"
},
"examples": {
"test": {
"created": "2021-10-02T18:04:59.078186+02:00",
"id": 8125,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "phishing from selenafadel@von.com detected",
"owner": "demo",
"references": [
{
"href": "https://www.seniorleading-edge.name/users/efficient",
"name": "recovery"
},
{
"href": "http://www.dynamicseamless.com/clicks-and-mortar",
"name": "force"
},
{
"href": "http://www.leadscalable.biz/envisioneer",
"name": "fund"
}
],
"schema": "{}",
"status": "closed",
"tickets": [
{
"created": "2021-10-02T18:04:59.078186+02:00",
"id": 8126,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "Surfaceintroduce virus detected",
"owner": "demo",
"references": [
{
"href": "http://www.centralworld-class.io/synthesize",
"name": "university"
},
{
"href": "https://www.futurevirtual.org/supply-chains/markets/sticky/iterate",
"name": "goal"
},
{
"href": "http://www.chiefsyndicate.io/action-items",
"name": "unemployment"
}
],
"schema": "{}",
"status": "closed",
"type": "alert"
}
],
"type": "alert"
}
}
}
}
},
"put": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Update an existing ticket",
"operationId": "updateTicket",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8125,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"x-example": {
"created": "2021-10-02T18:04:59.078186+02:00",
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "phishing from selenafadel@von.org detected",
"owner": "demo",
"references": [
{
"href": "https://www.seniorleading-edge.name/users/efficient",
"name": "recovery"
},
{
"href": "http://www.dynamicseamless.com/clicks-and-mortar",
"name": "force"
},
{
"href": "http://www.leadscalable.biz/envisioneer",
"name": "fund"
}
],
"schema": "{}",
"status": "closed",
"type": "alert"
},
"description": "Updated ticket",
"name": "ticket",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/Ticket"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketResponse"
},
"examples": {
"test": {
"created": "2021-10-02T18:04:59.078186+02:00",
"id": 8125,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "phishing from selenafadel@von.org detected",
"owner": "demo",
"references": [
{
"href": "https://www.seniorleading-edge.name/users/efficient",
"name": "recovery"
},
{
"href": "http://www.dynamicseamless.com/clicks-and-mortar",
"name": "force"
},
{
"href": "http://www.leadscalable.biz/envisioneer",
"name": "fund"
}
],
"schema": "{}",
"status": "closed",
"tickets": [
{
"created": "2021-10-02T18:04:59.078186+02:00",
"id": 8126,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "Surfaceintroduce virus detected",
"owner": "demo",
"references": [
{
"href": "http://www.centralworld-class.io/synthesize",
"name": "university"
},
{
"href": "https://www.futurevirtual.org/supply-chains/markets/sticky/iterate",
"name": "goal"
},
{
"href": "http://www.chiefsyndicate.io/action-items",
"name": "unemployment"
}
],
"schema": "{}",
"status": "closed",
"type": "alert"
}
],
"type": "alert"
}
}
}
}
},
"delete": {
"security": [
{
"roles": [
"ticket:delete"
]
}
],
"tags": [
"tickets"
],
"summary": "Delete an ticket",
"operationId": "deleteTicket",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8125,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
}
],
"responses": {
"204": {
"description": "successful operation"
}
}
}
},
"/tickets/{id}/artifacts": {
"post": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Add a single artifact",
"operationId": "addArtifact",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8123,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"x-example": {
"name": "2.2.2.2"
},
"description": "Artifact object that needs to be added",
"name": "artifact",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/Artifact"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketResponse"
},
"examples": {
"test": {
"artifacts": [
{
"name": "94d5cab6f5fe3422a447ab15436e7a672bc0c09a",
"status": "unknown"
},
{
"name": "http://www.customerviral.io/scalable/vertical/killer",
"status": "clean"
},
{
"name": "leadreintermediate.io",
"status": "malicious"
},
{
"name": "2.2.2.2",
"status": "unknown",
"type": "ip"
}
],
"created": "2021-10-02T18:04:59.078206+02:00",
"id": 8123,
"modified": "2021-10-02T18:04:59.078206+02:00",
"name": "live zebra",
"owner": "demo",
"playbooks": {
"phishing": {
"name": "Phishing",
"tasks": {
"block-iocs": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block IOCs",
"order": 6,
"type": "task"
},
"block-sender": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block sender",
"next": {
"extract-iocs": ""
},
"order": 3,
"type": "task"
},
"board": {
"active": true,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Board Involvement?",
"next": {
"escalate": "boardInvolved == true",
"mail-available": "boardInvolved == false"
},
"order": 0,
"schema": {
"properties": {
"boardInvolved": {
"default": false,
"title": "A board member is involved.",
"type": "boolean"
}
},
"required": [
"boardInvolved"
],
"title": "Board Involvement?",
"type": "object"
},
"type": "input"
},
"escalate": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Escalate to CISO",
"order": 1,
"type": "task"
},
"extract-iocs": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Extract IOCs",
"next": {
"block-iocs": ""
},
"order": 5,
"schema": {
"properties": {
"iocs": {
"items": {
"type": "string"
},
"title": "IOCs",
"type": "array"
}
},
"title": "Extract IOCs",
"type": "object"
},
"type": "input"
},
"mail-available": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Mail available",
"next": {
"block-sender": "schemaKey == 'yes'",
"extract-iocs": "schemaKey == 'yes'",
"search-email-gateway": "schemaKey == 'no'"
},
"order": 2,
"schema": {
"oneOf": [
{
"properties": {
"mail": {
"title": "Mail",
"type": "string",
"x-display": "textarea"
},
"schemaKey": {
"const": "yes",
"type": "string"
}
},
"required": [
"mail"
],
"title": "Yes"
},
{
"properties": {
"schemaKey": {
"const": "no",
"type": "string"
}
},
"title": "No"
}
],
"title": "Mail available",
"type": "object"
},
"type": "input"
},
"search-email-gateway": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Search email gateway",
"next": {
"extract-iocs": ""
},
"order": 4,
"type": "task"
}
}
}
},
"references": [
{
"href": "https://www.leadmaximize.net/e-services/back-end",
"name": "performance"
},
{
"href": "http://www.corporateinteractive.name/rich",
"name": "autumn"
},
{
"href": "https://www.corporateintuitive.org/intuitive/platforms/integrate",
"name": "suggest"
}
],
"schema": "{\n \"definitions\": {},\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"$id\": \"https://example.com/object1618746510.json\",\n \"title\": \"Event\",\n \"type\": \"object\",\n \"required\": [\n \"severity\",\n \"description\",\n \"tlp\"\n ],\n \"properties\": {\n \"severity\": {\n \"$id\": \"#root/severity\",\n \"title\": \"Severity\",\n \"type\": \"string\",\n \"default\": \"Medium\",\n \"nx-enum\": [\n \"Low\",\n \"Medium\",\n \"High\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"Low\",\n \"title\": \"Low\",\n \"icon\": \"mdi-chevron-up\"\n },\n {\n \"const\": \"Medium\",\n \"title\": \"Medium\",\n \"icon\": \"mdi-chevron-double-up\"\n },\n {\n \"const\": \"High\",\n \"title\": \"High\",\n \"icon\": \"mdi-chevron-triple-up\"\n }\n ]\n },\n \"tlp\": {\n \"$id\": \"#root/tlp\",\n \"title\": \"TLP\",\n \"type\": \"string\",\n \"nx-enum\": [\n \"White\",\n \"Green\",\n \"Amber\",\n \"Red\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"White\",\n \"title\": \"White\",\n \"icon\": \"mdi-alpha-w\"\n },\n {\n \"const\": \"Green\",\n \"title\": \"Green\",\n \"icon\": \"mdi-alpha-g\"\n },\n {\n \"const\": \"Amber\",\n \"title\": \"Amber\",\n \"icon\": \"mdi-alpha-a\"\n },\n {\n \"const\": \"Red\",\n \"title\": \"Red\",\n \"icon\": \"mdi-alpha-r\"\n }\n ]\n },\n \"description\": {\n \"$id\": \"#root/description\",\n \"title\": \"Description\",\n \"type\": \"string\",\n \"x-display\": \"textarea\",\n \"x-class\": \"pr-2\"\n }\n }\n}\n",
"status": "closed",
"type": "incident"
}
}
}
}
}
},
"/tickets/{id}/artifacts/{name}": {
"get": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Get a single artifact",
"operationId": "getArtifact",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8123,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"type": "string",
"x-example": "leadreintermediate.io",
"name": "name",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/Artifact"
},
"examples": {
"test": {
"name": "leadreintermediate.io",
"status": "malicious"
}
}
}
}
},
"put": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Set a single artifact",
"operationId": "setArtifact",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8123,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"type": "string",
"x-example": "leadreintermediate.io",
"name": "name",
"in": "path",
"required": true
},
{
"x-example": {
"name": "leadreintermediate.io",
"status": "clean"
},
"name": "artifact",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/Artifact"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketResponse"
},
"examples": {
"test": {
"artifacts": [
{
"name": "94d5cab6f5fe3422a447ab15436e7a672bc0c09a",
"status": "unknown"
},
{
"name": "http://www.customerviral.io/scalable/vertical/killer",
"status": "clean"
},
{
"name": "leadreintermediate.io",
"status": "clean"
}
],
"created": "2021-10-02T18:04:59.078206+02:00",
"id": 8123,
"modified": "2021-10-02T18:04:59.078206+02:00",
"name": "live zebra",
"owner": "demo",
"playbooks": {
"phishing": {
"name": "Phishing",
"tasks": {
"block-iocs": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block IOCs",
"order": 6,
"type": "task"
},
"block-sender": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block sender",
"next": {
"extract-iocs": ""
},
"order": 3,
"type": "task"
},
"board": {
"active": true,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Board Involvement?",
"next": {
"escalate": "boardInvolved == true",
"mail-available": "boardInvolved == false"
},
"order": 0,
"schema": {
"properties": {
"boardInvolved": {
"default": false,
"title": "A board member is involved.",
"type": "boolean"
}
},
"required": [
"boardInvolved"
],
"title": "Board Involvement?",
"type": "object"
},
"type": "input"
},
"escalate": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Escalate to CISO",
"order": 1,
"type": "task"
},
"extract-iocs": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Extract IOCs",
"next": {
"block-iocs": ""
},
"order": 5,
"schema": {
"properties": {
"iocs": {
"items": {
"type": "string"
},
"title": "IOCs",
"type": "array"
}
},
"title": "Extract IOCs",
"type": "object"
},
"type": "input"
},
"mail-available": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Mail available",
"next": {
"block-sender": "schemaKey == 'yes'",
"extract-iocs": "schemaKey == 'yes'",
"search-email-gateway": "schemaKey == 'no'"
},
"order": 2,
"schema": {
"oneOf": [
{
"properties": {
"mail": {
"title": "Mail",
"type": "string",
"x-display": "textarea"
},
"schemaKey": {
"const": "yes",
"type": "string"
}
},
"required": [
"mail"
],
"title": "Yes"
},
{
"properties": {
"schemaKey": {
"const": "no",
"type": "string"
}
},
"title": "No"
}
],
"title": "Mail available",
"type": "object"
},
"type": "input"
},
"search-email-gateway": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Search email gateway",
"next": {
"extract-iocs": ""
},
"order": 4,
"type": "task"
}
}
}
},
"references": [
{
"href": "https://www.leadmaximize.net/e-services/back-end",
"name": "performance"
},
{
"href": "http://www.corporateinteractive.name/rich",
"name": "autumn"
},
{
"href": "https://www.corporateintuitive.org/intuitive/platforms/integrate",
"name": "suggest"
}
],
"schema": "{\n \"definitions\": {},\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"$id\": \"https://example.com/object1618746510.json\",\n \"title\": \"Event\",\n \"type\": \"object\",\n \"required\": [\n \"severity\",\n \"description\",\n \"tlp\"\n ],\n \"properties\": {\n \"severity\": {\n \"$id\": \"#root/severity\",\n \"title\": \"Severity\",\n \"type\": \"string\",\n \"default\": \"Medium\",\n \"nx-enum\": [\n \"Low\",\n \"Medium\",\n \"High\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"Low\",\n \"title\": \"Low\",\n \"icon\": \"mdi-chevron-up\"\n },\n {\n \"const\": \"Medium\",\n \"title\": \"Medium\",\n \"icon\": \"mdi-chevron-double-up\"\n },\n {\n \"const\": \"High\",\n \"title\": \"High\",\n \"icon\": \"mdi-chevron-triple-up\"\n }\n ]\n },\n \"tlp\": {\n \"$id\": \"#root/tlp\",\n \"title\": \"TLP\",\n \"type\": \"string\",\n \"nx-enum\": [\n \"White\",\n \"Green\",\n \"Amber\",\n \"Red\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"White\",\n \"title\": \"White\",\n \"icon\": \"mdi-alpha-w\"\n },\n {\n \"const\": \"Green\",\n \"title\": \"Green\",\n \"icon\": \"mdi-alpha-g\"\n },\n {\n \"const\": \"Amber\",\n \"title\": \"Amber\",\n \"icon\": \"mdi-alpha-a\"\n },\n {\n \"const\": \"Red\",\n \"title\": \"Red\",\n \"icon\": \"mdi-alpha-r\"\n }\n ]\n },\n \"description\": {\n \"$id\": \"#root/description\",\n \"title\": \"Description\",\n \"type\": \"string\",\n \"x-display\": \"textarea\",\n \"x-class\": \"pr-2\"\n }\n }\n}\n",
"status": "closed",
"type": "incident"
}
}
}
}
},
"delete": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Remove an artifact",
"operationId": "removeArtifact",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8123,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"type": "string",
"x-example": "leadreintermediate.io",
"name": "name",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketResponse"
},
"examples": {
"test": {
"artifacts": [
{
"name": "94d5cab6f5fe3422a447ab15436e7a672bc0c09a",
"status": "unknown"
},
{
"name": "http://www.customerviral.io/scalable/vertical/killer",
"status": "clean"
}
],
"created": "2021-10-02T18:04:59.078206+02:00",
"id": 8123,
"modified": "2021-10-02T18:04:59.078206+02:00",
"name": "live zebra",
"owner": "demo",
"playbooks": {
"phishing": {
"name": "Phishing",
"tasks": {
"block-iocs": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block IOCs",
"order": 6,
"type": "task"
},
"block-sender": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block sender",
"next": {
"extract-iocs": ""
},
"order": 3,
"type": "task"
},
"board": {
"active": true,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Board Involvement?",
"next": {
"escalate": "boardInvolved == true",
"mail-available": "boardInvolved == false"
},
"order": 0,
"schema": {
"properties": {
"boardInvolved": {
"default": false,
"title": "A board member is involved.",
"type": "boolean"
}
},
"required": [
"boardInvolved"
],
"title": "Board Involvement?",
"type": "object"
},
"type": "input"
},
"escalate": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Escalate to CISO",
"order": 1,
"type": "task"
},
"extract-iocs": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Extract IOCs",
"next": {
"block-iocs": ""
},
"order": 5,
"schema": {
"properties": {
"iocs": {
"items": {
"type": "string"
},
"title": "IOCs",
"type": "array"
}
},
"title": "Extract IOCs",
"type": "object"
},
"type": "input"
},
"mail-available": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Mail available",
"next": {
"block-sender": "schemaKey == 'yes'",
"extract-iocs": "schemaKey == 'yes'",
"search-email-gateway": "schemaKey == 'no'"
},
"order": 2,
"schema": {
"oneOf": [
{
"properties": {
"mail": {
"title": "Mail",
"type": "string",
"x-display": "textarea"
},
"schemaKey": {
"const": "yes",
"type": "string"
}
},
"required": [
"mail"
],
"title": "Yes"
},
{
"properties": {
"schemaKey": {
"const": "no",
"type": "string"
}
},
"title": "No"
}
],
"title": "Mail available",
"type": "object"
},
"type": "input"
},
"search-email-gateway": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Search email gateway",
"next": {
"extract-iocs": ""
},
"order": 4,
"type": "task"
}
}
}
},
"references": [
{
"href": "https://www.leadmaximize.net/e-services/back-end",
"name": "performance"
},
{
"href": "http://www.corporateinteractive.name/rich",
"name": "autumn"
},
{
"href": "https://www.corporateintuitive.org/intuitive/platforms/integrate",
"name": "suggest"
}
],
"schema": "{\n \"definitions\": {},\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"$id\": \"https://example.com/object1618746510.json\",\n \"title\": \"Event\",\n \"type\": \"object\",\n \"required\": [\n \"severity\",\n \"description\",\n \"tlp\"\n ],\n \"properties\": {\n \"severity\": {\n \"$id\": \"#root/severity\",\n \"title\": \"Severity\",\n \"type\": \"string\",\n \"default\": \"Medium\",\n \"nx-enum\": [\n \"Low\",\n \"Medium\",\n \"High\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"Low\",\n \"title\": \"Low\",\n \"icon\": \"mdi-chevron-up\"\n },\n {\n \"const\": \"Medium\",\n \"title\": \"Medium\",\n \"icon\": \"mdi-chevron-double-up\"\n },\n {\n \"const\": \"High\",\n \"title\": \"High\",\n \"icon\": \"mdi-chevron-triple-up\"\n }\n ]\n },\n \"tlp\": {\n \"$id\": \"#root/tlp\",\n \"title\": \"TLP\",\n \"type\": \"string\",\n \"nx-enum\": [\n \"White\",\n \"Green\",\n \"Amber\",\n \"Red\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"White\",\n \"title\": \"White\",\n \"icon\": \"mdi-alpha-w\"\n },\n {\n \"const\": \"Green\",\n \"title\": \"Green\",\n \"icon\": \"mdi-alpha-g\"\n },\n {\n \"const\": \"Amber\",\n \"title\": \"Amber\",\n \"icon\": \"mdi-alpha-a\"\n },\n {\n \"const\": \"Red\",\n \"title\": \"Red\",\n \"icon\": \"mdi-alpha-r\"\n }\n ]\n },\n \"description\": {\n \"$id\": \"#root/description\",\n \"title\": \"Description\",\n \"type\": \"string\",\n \"x-display\": \"textarea\",\n \"x-class\": \"pr-2\"\n }\n }\n}\n",
"status": "closed",
"type": "incident"
}
}
}
}
}
},
"/tickets/{id}/artifacts/{name}/enrich": {
"post": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Enrich a single artifact",
"operationId": "enrichArtifact",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8123,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"type": "string",
"x-example": "leadreintermediate.io",
"name": "name",
"in": "path",
"required": true
},
{
"x-example": {
"data": {
"hash": "b7a067a742c20d07a7456646de89bc2d408a1153"
},
"name": "hash.sha1"
},
"name": "data",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/EnrichmentForm"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/Artifact"
},
"examples": {
"test": {
"artifacts": [
{
"name": "94d5cab6f5fe3422a447ab15436e7a672bc0c09a",
"status": "unknown"
},
{
"name": "http://www.customerviral.io/scalable/vertical/killer",
"status": "clean"
},
{
"enrichments": {
"hash.sha1": {
"created": "2021-10-03T18:44:06.488923+02:00",
"data": {
"hash": "b7a067a742c20d07a7456646de89bc2d408a1153"
},
"name": "hash.sha1"
}
},
"name": "leadreintermediate.io",
"status": "malicious"
}
],
"created": "2021-10-02T18:04:59.078206+02:00",
"id": 8123,
"modified": "2021-10-02T18:04:59.078206+02:00",
"name": "live zebra",
"owner": "demo",
"playbooks": {
"phishing": {
"name": "Phishing",
"tasks": {
"block-iocs": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block IOCs",
"order": 6,
"type": "task"
},
"block-sender": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block sender",
"next": {
"extract-iocs": ""
},
"order": 3,
"type": "task"
},
"board": {
"active": true,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Board Involvement?",
"next": {
"escalate": "boardInvolved == true",
"mail-available": "boardInvolved == false"
},
"order": 0,
"schema": {
"properties": {
"boardInvolved": {
"default": false,
"title": "A board member is involved.",
"type": "boolean"
}
},
"required": [
"boardInvolved"
],
"title": "Board Involvement?",
"type": "object"
},
"type": "input"
},
"escalate": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Escalate to CISO",
"order": 1,
"type": "task"
},
"extract-iocs": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Extract IOCs",
"next": {
"block-iocs": ""
},
"order": 5,
"schema": {
"properties": {
"iocs": {
"items": {
"type": "string"
},
"title": "IOCs",
"type": "array"
}
},
"title": "Extract IOCs",
"type": "object"
},
"type": "input"
},
"mail-available": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Mail available",
"next": {
"block-sender": "schemaKey == 'yes'",
"extract-iocs": "schemaKey == 'yes'",
"search-email-gateway": "schemaKey == 'no'"
},
"order": 2,
"schema": {
"oneOf": [
{
"properties": {
"mail": {
"title": "Mail",
"type": "string",
"x-display": "textarea"
},
"schemaKey": {
"const": "yes",
"type": "string"
}
},
"required": [
"mail"
],
"title": "Yes"
},
{
"properties": {
"schemaKey": {
"const": "no",
"type": "string"
}
},
"title": "No"
}
],
"title": "Mail available",
"type": "object"
},
"type": "input"
},
"search-email-gateway": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Search email gateway",
"next": {
"extract-iocs": ""
},
"order": 4,
"type": "task"
}
}
}
},
"references": [
{
"href": "https://www.leadmaximize.net/e-services/back-end",
"name": "performance"
},
{
"href": "http://www.corporateinteractive.name/rich",
"name": "autumn"
},
{
"href": "https://www.corporateintuitive.org/intuitive/platforms/integrate",
"name": "suggest"
}
],
"schema": "{\n \"definitions\": {},\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"$id\": \"https://example.com/object1618746510.json\",\n \"title\": \"Event\",\n \"type\": \"object\",\n \"required\": [\n \"severity\",\n \"description\",\n \"tlp\"\n ],\n \"properties\": {\n \"severity\": {\n \"$id\": \"#root/severity\",\n \"title\": \"Severity\",\n \"type\": \"string\",\n \"default\": \"Medium\",\n \"nx-enum\": [\n \"Low\",\n \"Medium\",\n \"High\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"Low\",\n \"title\": \"Low\",\n \"icon\": \"mdi-chevron-up\"\n },\n {\n \"const\": \"Medium\",\n \"title\": \"Medium\",\n \"icon\": \"mdi-chevron-double-up\"\n },\n {\n \"const\": \"High\",\n \"title\": \"High\",\n \"icon\": \"mdi-chevron-triple-up\"\n }\n ]\n },\n \"tlp\": {\n \"$id\": \"#root/tlp\",\n \"title\": \"TLP\",\n \"type\": \"string\",\n \"nx-enum\": [\n \"White\",\n \"Green\",\n \"Amber\",\n \"Red\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"White\",\n \"title\": \"White\",\n \"icon\": \"mdi-alpha-w\"\n },\n {\n \"const\": \"Green\",\n \"title\": \"Green\",\n \"icon\": \"mdi-alpha-g\"\n },\n {\n \"const\": \"Amber\",\n \"title\": \"Amber\",\n \"icon\": \"mdi-alpha-a\"\n },\n {\n \"const\": \"Red\",\n \"title\": \"Red\",\n \"icon\": \"mdi-alpha-r\"\n }\n ]\n },\n \"description\": {\n \"$id\": \"#root/description\",\n \"title\": \"Description\",\n \"type\": \"string\",\n \"x-display\": \"textarea\",\n \"x-class\": \"pr-2\"\n }\n }\n}\n",
"status": "closed",
"type": "incident"
}
}
}
}
}
},
"/tickets/{id}/artifacts/{name}/run/{automation}": {
"post": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Run automation on a single artifact",
"operationId": "runArtifact",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8123,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"type": "string",
"x-example": "leadreintermediate.io",
"name": "name",
"in": "path",
"required": true
},
{
"type": "string",
"x-example": "hash.sha1",
"name": "automation",
"in": "path",
"required": true
}
],
"responses": {
"204": {
"description": "successful operation"
}
}
}
},
"/tickets/{id}/comments": {
"post": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Add ticket comment",
"operationId": "addComment",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8125,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"x-example": {
"message": "My first comment"
},
"description": "Ticket comment",
"name": "comment",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/CommentForm"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketResponse"
},
"examples": {
"test": {
"comments": [
{
"created": "2021-10-02T18:04:59.078186+02:00",
"creator": "bob",
"message": "My first comment"
}
],
"created": "2021-10-02T18:04:59.078186+02:00",
"id": 8125,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "phishing from selenafadel@von.com detected",
"owner": "demo",
"references": [
{
"href": "https://www.seniorleading-edge.name/users/efficient",
"name": "recovery"
},
{
"href": "http://www.dynamicseamless.com/clicks-and-mortar",
"name": "force"
},
{
"href": "http://www.leadscalable.biz/envisioneer",
"name": "fund"
}
],
"schema": "{}",
"status": "closed",
"tickets": [
{
"created": "2021-10-02T18:04:59.078186+02:00",
"id": 8126,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "Surfaceintroduce virus detected",
"owner": "demo",
"references": [
{
"href": "http://www.centralworld-class.io/synthesize",
"name": "university"
},
{
"href": "https://www.futurevirtual.org/supply-chains/markets/sticky/iterate",
"name": "goal"
},
{
"href": "http://www.chiefsyndicate.io/action-items",
"name": "unemployment"
}
],
"schema": "{}",
"status": "closed",
"type": "alert"
}
],
"type": "alert"
}
}
}
}
}
},
"/tickets/{id}/comments/{commentID}": {
"delete": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"description": "Comment will be removed from the ticket.",
"tags": [
"tickets"
],
"summary": "Remove an comment from an ticket",
"operationId": "removeComment",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8123,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"type": "integer",
"x-example": 0,
"description": "Comment ID to remove",
"name": "commentID",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketResponse"
},
"examples": {
"test": {
"artifacts": [
{
"name": "94d5cab6f5fe3422a447ab15436e7a672bc0c09a",
"status": "unknown"
},
{
"name": "http://www.customerviral.io/scalable/vertical/killer",
"status": "clean"
},
{
"name": "leadreintermediate.io",
"status": "malicious"
}
],
"created": "2021-10-02T18:04:59.078206+02:00",
"id": 8123,
"modified": "2021-10-02T18:04:59.078206+02:00",
"name": "live zebra",
"owner": "demo",
"playbooks": {
"phishing": {
"name": "Phishing",
"tasks": {
"block-iocs": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block IOCs",
"order": 6,
"type": "task"
},
"block-sender": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block sender",
"next": {
"extract-iocs": ""
},
"order": 3,
"type": "task"
},
"board": {
"active": true,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Board Involvement?",
"next": {
"escalate": "boardInvolved == true",
"mail-available": "boardInvolved == false"
},
"order": 0,
"schema": {
"properties": {
"boardInvolved": {
"default": false,
"title": "A board member is involved.",
"type": "boolean"
}
},
"required": [
"boardInvolved"
],
"title": "Board Involvement?",
"type": "object"
},
"type": "input"
},
"escalate": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Escalate to CISO",
"order": 1,
"type": "task"
},
"extract-iocs": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Extract IOCs",
"next": {
"block-iocs": ""
},
"order": 5,
"schema": {
"properties": {
"iocs": {
"items": {
"type": "string"
},
"title": "IOCs",
"type": "array"
}
},
"title": "Extract IOCs",
"type": "object"
},
"type": "input"
},
"mail-available": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Mail available",
"next": {
"block-sender": "schemaKey == 'yes'",
"extract-iocs": "schemaKey == 'yes'",
"search-email-gateway": "schemaKey == 'no'"
},
"order": 2,
"schema": {
"oneOf": [
{
"properties": {
"mail": {
"title": "Mail",
"type": "string",
"x-display": "textarea"
},
"schemaKey": {
"const": "yes",
"type": "string"
}
},
"required": [
"mail"
],
"title": "Yes"
},
{
"properties": {
"schemaKey": {
"const": "no",
"type": "string"
}
},
"title": "No"
}
],
"title": "Mail available",
"type": "object"
},
"type": "input"
},
"search-email-gateway": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Search email gateway",
"next": {
"extract-iocs": ""
},
"order": 4,
"type": "task"
}
}
}
},
"references": [
{
"href": "https://www.leadmaximize.net/e-services/back-end",
"name": "performance"
},
{
"href": "http://www.corporateinteractive.name/rich",
"name": "autumn"
},
{
"href": "https://www.corporateintuitive.org/intuitive/platforms/integrate",
"name": "suggest"
}
],
"schema": "{\n \"definitions\": {},\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"$id\": \"https://example.com/object1618746510.json\",\n \"title\": \"Event\",\n \"type\": \"object\",\n \"required\": [\n \"severity\",\n \"description\",\n \"tlp\"\n ],\n \"properties\": {\n \"severity\": {\n \"$id\": \"#root/severity\",\n \"title\": \"Severity\",\n \"type\": \"string\",\n \"default\": \"Medium\",\n \"nx-enum\": [\n \"Low\",\n \"Medium\",\n \"High\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"Low\",\n \"title\": \"Low\",\n \"icon\": \"mdi-chevron-up\"\n },\n {\n \"const\": \"Medium\",\n \"title\": \"Medium\",\n \"icon\": \"mdi-chevron-double-up\"\n },\n {\n \"const\": \"High\",\n \"title\": \"High\",\n \"icon\": \"mdi-chevron-triple-up\"\n }\n ]\n },\n \"tlp\": {\n \"$id\": \"#root/tlp\",\n \"title\": \"TLP\",\n \"type\": \"string\",\n \"nx-enum\": [\n \"White\",\n \"Green\",\n \"Amber\",\n \"Red\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"White\",\n \"title\": \"White\",\n \"icon\": \"mdi-alpha-w\"\n },\n {\n \"const\": \"Green\",\n \"title\": \"Green\",\n \"icon\": \"mdi-alpha-g\"\n },\n {\n \"const\": \"Amber\",\n \"title\": \"Amber\",\n \"icon\": \"mdi-alpha-a\"\n },\n {\n \"const\": \"Red\",\n \"title\": \"Red\",\n \"icon\": \"mdi-alpha-r\"\n }\n ]\n },\n \"description\": {\n \"$id\": \"#root/description\",\n \"title\": \"Description\",\n \"type\": \"string\",\n \"x-display\": \"textarea\",\n \"x-class\": \"pr-2\"\n }\n }\n}\n",
"status": "closed",
"type": "incident"
}
}
}
}
}
},
"/tickets/{id}/files": {
"put": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"description": "Link files to an ticket. The files themself will be stored in object storage.",
"tags": [
"tickets"
],
"summary": "Link files to an ticket",
"operationId": "linkFiles",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8125,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"x-example": [
{
"key": "myfile",
"name": "document.doc"
}
],
"description": "Added files",
"name": "files",
"in": "body",
"required": true,
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/File"
}
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketResponse"
},
"examples": {
"test": {
"created": "2021-10-02T18:04:59.078186+02:00",
"files": [
{
"key": "myfile",
"name": "document.doc"
}
],
"id": 8125,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "phishing from selenafadel@von.com detected",
"owner": "demo",
"references": [
{
"href": "https://www.seniorleading-edge.name/users/efficient",
"name": "recovery"
},
{
"href": "http://www.dynamicseamless.com/clicks-and-mortar",
"name": "force"
},
{
"href": "http://www.leadscalable.biz/envisioneer",
"name": "fund"
}
],
"schema": "{}",
"status": "closed",
"tickets": [
{
"created": "2021-10-02T18:04:59.078186+02:00",
"id": 8126,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "Surfaceintroduce virus detected",
"owner": "demo",
"references": [
{
"href": "http://www.centralworld-class.io/synthesize",
"name": "university"
},
{
"href": "https://www.futurevirtual.org/supply-chains/markets/sticky/iterate",
"name": "goal"
},
{
"href": "http://www.chiefsyndicate.io/action-items",
"name": "unemployment"
}
],
"schema": "{}",
"status": "closed",
"type": "alert"
}
],
"type": "alert"
}
}
}
}
}
},
"/tickets/{id}/playbooks": {
"post": {
"tags": [
"tickets"
],
"summary": "Add a new ticket playbook",
"operationId": "addTicketPlaybook",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8125,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"x-example": {
"yaml": "name: Simple\ntasks:\n input:\n name: Upload malware if possible\n type: input\n schema:\n title: Malware\n type: object\n properties:\n malware:\n type: string\n title: Select malware\n default: \"\"\n next:\n hash: \"malware != ''\"\n\n hash:\n name: Hash the malware\n type: automation\n automation: hash.sha1\n payload:\n default: \"playbook.tasks['input'].data['malware']\"\n next:\n escalate:\n\n escalate:\n name: Escalate to malware team\n type: task\n"
},
"description": "Ticket playbook object that needs to be added",
"name": "playbook",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/PlaybookTemplateForm"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketResponse"
},
"examples": {
"test": {
"created": "1985-04-12T23:20:50.52Z",
"id": 8125,
"modified": "1985-04-12T23:20:50.52Z",
"name": "phishing from selenafadel@von.com detected",
"owner": "demo",
"playbooks": {
"simple": {
"name": "Simple",
"tasks": {
"escalate": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Escalate to malware team",
"order": 2,
"type": "task"
},
"hash": {
"active": false,
"automation": "hash.sha1",
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Hash the malware",
"next": {
"escalate": ""
},
"order": 1,
"payload": {
"default": "playbook.tasks['input'].data['malware']"
},
"type": "automation"
},
"input": {
"active": true,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Upload malware if possible",
"next": {
"hash": "malware != ''"
},
"order": 0,
"schema": {
"properties": {
"malware": {
"default": "",
"title": "Select malware",
"type": "string"
}
},
"title": "Malware",
"type": "object"
},
"type": "input"
}
}
}
},
"references": [
{
"href": "https://www.seniorleading-edge.name/users/efficient",
"name": "recovery"
},
{
"href": "http://www.dynamicseamless.com/clicks-and-mortar",
"name": "force"
},
{
"href": "http://www.leadscalable.biz/envisioneer",
"name": "fund"
}
],
"schema": "{}",
"status": "closed",
"tickets": [
{
"created": "2021-10-02T18:04:59.078186+02:00",
"id": 8126,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "Surfaceintroduce virus detected",
"owner": "demo",
"references": [
{
"href": "http://www.centralworld-class.io/synthesize",
"name": "university"
},
{
"href": "https://www.futurevirtual.org/supply-chains/markets/sticky/iterate",
"name": "goal"
},
{
"href": "http://www.chiefsyndicate.io/action-items",
"name": "unemployment"
}
],
"schema": "{}",
"status": "closed",
"type": "alert"
}
],
"type": "alert"
}
}
}
}
}
},
"/tickets/{id}/playbooks/{playbookID}": {
"delete": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Remove an ticket playbook",
"operationId": "removeTicketPlaybook",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8123,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"type": "string",
"x-example": "phishing",
"description": "Playbook ID",
"name": "playbookID",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketResponse"
},
"examples": {
"test": {
"artifacts": [
{
"name": "94d5cab6f5fe3422a447ab15436e7a672bc0c09a",
"status": "unknown"
},
{
"name": "http://www.customerviral.io/scalable/vertical/killer",
"status": "clean"
},
{
"name": "leadreintermediate.io",
"status": "malicious"
}
],
"created": "1985-04-12T23:20:50.52Z",
"id": 8123,
"modified": "1985-04-12T23:20:50.52Z",
"name": "live zebra",
"owner": "demo",
"references": [
{
"href": "https://www.leadmaximize.net/e-services/back-end",
"name": "performance"
},
{
"href": "http://www.corporateinteractive.name/rich",
"name": "autumn"
},
{
"href": "https://www.corporateintuitive.org/intuitive/platforms/integrate",
"name": "suggest"
}
],
"schema": "{\n \"definitions\": {},\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"$id\": \"https://example.com/object1618746510.json\",\n \"title\": \"Event\",\n \"type\": \"object\",\n \"required\": [\n \"severity\",\n \"description\",\n \"tlp\"\n ],\n \"properties\": {\n \"severity\": {\n \"$id\": \"#root/severity\",\n \"title\": \"Severity\",\n \"type\": \"string\",\n \"default\": \"Medium\",\n \"nx-enum\": [\n \"Low\",\n \"Medium\",\n \"High\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"Low\",\n \"title\": \"Low\",\n \"icon\": \"mdi-chevron-up\"\n },\n {\n \"const\": \"Medium\",\n \"title\": \"Medium\",\n \"icon\": \"mdi-chevron-double-up\"\n },\n {\n \"const\": \"High\",\n \"title\": \"High\",\n \"icon\": \"mdi-chevron-triple-up\"\n }\n ]\n },\n \"tlp\": {\n \"$id\": \"#root/tlp\",\n \"title\": \"TLP\",\n \"type\": \"string\",\n \"nx-enum\": [\n \"White\",\n \"Green\",\n \"Amber\",\n \"Red\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"White\",\n \"title\": \"White\",\n \"icon\": \"mdi-alpha-w\"\n },\n {\n \"const\": \"Green\",\n \"title\": \"Green\",\n \"icon\": \"mdi-alpha-g\"\n },\n {\n \"const\": \"Amber\",\n \"title\": \"Amber\",\n \"icon\": \"mdi-alpha-a\"\n },\n {\n \"const\": \"Red\",\n \"title\": \"Red\",\n \"icon\": \"mdi-alpha-r\"\n }\n ]\n },\n \"description\": {\n \"$id\": \"#root/description\",\n \"title\": \"Description\",\n \"type\": \"string\",\n \"x-display\": \"textarea\",\n \"x-class\": \"pr-2\"\n }\n }\n}\n",
"status": "closed",
"type": "incident"
}
}
}
}
}
},
"/tickets/{id}/playbooks/{playbookID}/task/{taskID}": {
"put": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Set a ticket playbook task",
"operationId": "setTask",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8123,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"type": "string",
"x-example": "phishing",
"description": "Playbook ID",
"name": "playbookID",
"in": "path",
"required": true
},
{
"type": "string",
"x-example": "board",
"description": "Task ID",
"name": "taskID",
"in": "path",
"required": true
},
{
"x-example": {
"active": true,
"data": {
"boardInvolved": true
},
"done": false,
"name": "Board Involvement?",
"next": {
"escalate": "boardInvolved == true",
"mail-available": "boardInvolved == false"
},
"order": 0,
"schema": {
"properties": {
"boardInvolved": {
"default": false,
"title": "A board member is involved.",
"type": "boolean"
}
},
"required": [
"boardInvolved"
],
"title": "Board Involvement?",
"type": "object"
},
"type": "input"
},
"description": "Task",
"name": "task",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/Task"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketResponse"
},
"examples": {
"test": {
"artifacts": [
{
"name": "94d5cab6f5fe3422a447ab15436e7a672bc0c09a",
"status": "unknown"
},
{
"name": "http://www.customerviral.io/scalable/vertical/killer",
"status": "clean"
},
{
"name": "leadreintermediate.io",
"status": "malicious"
}
],
"created": "2021-10-02T18:04:59.078206+02:00",
"id": 8123,
"modified": "2021-10-02T18:04:59.078206+02:00",
"name": "live zebra",
"owner": "demo",
"playbooks": {
"phishing": {
"name": "Phishing",
"tasks": {
"block-iocs": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block IOCs",
"order": 6,
"type": "task"
},
"block-sender": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block sender",
"next": {
"extract-iocs": ""
},
"order": 3,
"type": "task"
},
"board": {
"active": true,
"created": "2021-10-02T18:04:59.078186+02:00",
"data": {
"boardInvolved": true
},
"done": false,
"name": "Board Involvement?",
"next": {
"escalate": "boardInvolved == true",
"mail-available": "boardInvolved == false"
},
"order": 0,
"schema": {
"properties": {
"boardInvolved": {
"default": false,
"title": "A board member is involved.",
"type": "boolean"
}
},
"required": [
"boardInvolved"
],
"title": "Board Involvement?",
"type": "object"
},
"type": "input"
},
"escalate": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Escalate to CISO",
"order": 1,
"type": "task"
},
"extract-iocs": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Extract IOCs",
"next": {
"block-iocs": ""
},
"order": 5,
"schema": {
"properties": {
"iocs": {
"items": {
"type": "string"
},
"title": "IOCs",
"type": "array"
}
},
"title": "Extract IOCs",
"type": "object"
},
"type": "input"
},
"mail-available": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Mail available",
"next": {
"block-sender": "schemaKey == 'yes'",
"extract-iocs": "schemaKey == 'yes'",
"search-email-gateway": "schemaKey == 'no'"
},
"order": 2,
"schema": {
"oneOf": [
{
"properties": {
"mail": {
"title": "Mail",
"type": "string",
"x-display": "textarea"
},
"schemaKey": {
"const": "yes",
"type": "string"
}
},
"required": [
"mail"
],
"title": "Yes"
},
{
"properties": {
"schemaKey": {
"const": "no",
"type": "string"
}
},
"title": "No"
}
],
"title": "Mail available",
"type": "object"
},
"type": "input"
},
"search-email-gateway": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Search email gateway",
"next": {
"extract-iocs": ""
},
"order": 4,
"type": "task"
}
}
}
},
"references": [
{
"href": "https://www.leadmaximize.net/e-services/back-end",
"name": "performance"
},
{
"href": "http://www.corporateinteractive.name/rich",
"name": "autumn"
},
{
"href": "https://www.corporateintuitive.org/intuitive/platforms/integrate",
"name": "suggest"
}
],
"schema": "{\n \"definitions\": {},\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"$id\": \"https://example.com/object1618746510.json\",\n \"title\": \"Event\",\n \"type\": \"object\",\n \"required\": [\n \"severity\",\n \"description\",\n \"tlp\"\n ],\n \"properties\": {\n \"severity\": {\n \"$id\": \"#root/severity\",\n \"title\": \"Severity\",\n \"type\": \"string\",\n \"default\": \"Medium\",\n \"nx-enum\": [\n \"Low\",\n \"Medium\",\n \"High\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"Low\",\n \"title\": \"Low\",\n \"icon\": \"mdi-chevron-up\"\n },\n {\n \"const\": \"Medium\",\n \"title\": \"Medium\",\n \"icon\": \"mdi-chevron-double-up\"\n },\n {\n \"const\": \"High\",\n \"title\": \"High\",\n \"icon\": \"mdi-chevron-triple-up\"\n }\n ]\n },\n \"tlp\": {\n \"$id\": \"#root/tlp\",\n \"title\": \"TLP\",\n \"type\": \"string\",\n \"nx-enum\": [\n \"White\",\n \"Green\",\n \"Amber\",\n \"Red\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"White\",\n \"title\": \"White\",\n \"icon\": \"mdi-alpha-w\"\n },\n {\n \"const\": \"Green\",\n \"title\": \"Green\",\n \"icon\": \"mdi-alpha-g\"\n },\n {\n \"const\": \"Amber\",\n \"title\": \"Amber\",\n \"icon\": \"mdi-alpha-a\"\n },\n {\n \"const\": \"Red\",\n \"title\": \"Red\",\n \"icon\": \"mdi-alpha-r\"\n }\n ]\n },\n \"description\": {\n \"$id\": \"#root/description\",\n \"title\": \"Description\",\n \"type\": \"string\",\n \"x-display\": \"textarea\",\n \"x-class\": \"pr-2\"\n }\n }\n}\n",
"status": "closed",
"type": "incident"
}
}
}
}
}
},
"/tickets/{id}/playbooks/{playbookID}/task/{taskID}/complete": {
"put": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Complete ticket playbook task",
"operationId": "completeTask",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8123,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"type": "string",
"x-example": "phishing",
"description": "Playbook ID",
"name": "playbookID",
"in": "path",
"required": true
},
{
"type": "string",
"x-example": "board",
"description": "Task ID",
"name": "taskID",
"in": "path",
"required": true
},
{
"x-example": {
"boardInvolved": true
},
"description": "Ticket playbook object that needs to be added",
"name": "data",
"in": "body",
"required": true,
"schema": {
"type": "object"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketResponse"
},
"examples": {
"test": {
"artifacts": [
{
"name": "94d5cab6f5fe3422a447ab15436e7a672bc0c09a",
"status": "unknown"
},
{
"name": "http://www.customerviral.io/scalable/vertical/killer",
"status": "clean"
},
{
"name": "leadreintermediate.io",
"status": "malicious"
}
],
"created": "2021-10-02T18:04:59.078206+02:00",
"id": 8123,
"modified": "2021-10-02T18:04:59.078206+02:00",
"name": "live zebra",
"owner": "demo",
"playbooks": {
"phishing": {
"name": "Phishing",
"tasks": {
"block-iocs": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block IOCs",
"order": 6,
"type": "task"
},
"block-sender": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block sender",
"next": {
"extract-iocs": ""
},
"order": 3,
"type": "task"
},
"board": {
"active": false,
"closed": "2021-10-02T18:04:59.078186+02:00",
"created": "2021-10-02T18:04:59.078186+02:00",
"data": {
"boardInvolved": true
},
"done": true,
"name": "Board Involvement?",
"next": {
"escalate": "boardInvolved == true",
"mail-available": "boardInvolved == false"
},
"order": 0,
"schema": {
"properties": {
"boardInvolved": {
"default": false,
"title": "A board member is involved.",
"type": "boolean"
}
},
"required": [
"boardInvolved"
],
"title": "Board Involvement?",
"type": "object"
},
"type": "input"
},
"escalate": {
"active": true,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Escalate to CISO",
"order": 1,
"type": "task"
},
"extract-iocs": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Extract IOCs",
"next": {
"block-iocs": ""
},
"order": 5,
"schema": {
"properties": {
"iocs": {
"items": {
"type": "string"
},
"title": "IOCs",
"type": "array"
}
},
"title": "Extract IOCs",
"type": "object"
},
"type": "input"
},
"mail-available": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Mail available",
"next": {
"block-sender": "schemaKey == 'yes'",
"extract-iocs": "schemaKey == 'yes'",
"search-email-gateway": "schemaKey == 'no'"
},
"order": 2,
"schema": {
"oneOf": [
{
"properties": {
"mail": {
"title": "Mail",
"type": "string",
"x-display": "textarea"
},
"schemaKey": {
"const": "yes",
"type": "string"
}
},
"required": [
"mail"
],
"title": "Yes"
},
{
"properties": {
"schemaKey": {
"const": "no",
"type": "string"
}
},
"title": "No"
}
],
"title": "Mail available",
"type": "object"
},
"type": "input"
},
"search-email-gateway": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Search email gateway",
"next": {
"extract-iocs": ""
},
"order": 4,
"type": "task"
}
}
}
},
"references": [
{
"href": "https://www.leadmaximize.net/e-services/back-end",
"name": "performance"
},
{
"href": "http://www.corporateinteractive.name/rich",
"name": "autumn"
},
{
"href": "https://www.corporateintuitive.org/intuitive/platforms/integrate",
"name": "suggest"
}
],
"schema": "{\n \"definitions\": {},\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"$id\": \"https://example.com/object1618746510.json\",\n \"title\": \"Event\",\n \"type\": \"object\",\n \"required\": [\n \"severity\",\n \"description\",\n \"tlp\"\n ],\n \"properties\": {\n \"severity\": {\n \"$id\": \"#root/severity\",\n \"title\": \"Severity\",\n \"type\": \"string\",\n \"default\": \"Medium\",\n \"nx-enum\": [\n \"Low\",\n \"Medium\",\n \"High\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"Low\",\n \"title\": \"Low\",\n \"icon\": \"mdi-chevron-up\"\n },\n {\n \"const\": \"Medium\",\n \"title\": \"Medium\",\n \"icon\": \"mdi-chevron-double-up\"\n },\n {\n \"const\": \"High\",\n \"title\": \"High\",\n \"icon\": \"mdi-chevron-triple-up\"\n }\n ]\n },\n \"tlp\": {\n \"$id\": \"#root/tlp\",\n \"title\": \"TLP\",\n \"type\": \"string\",\n \"nx-enum\": [\n \"White\",\n \"Green\",\n \"Amber\",\n \"Red\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"White\",\n \"title\": \"White\",\n \"icon\": \"mdi-alpha-w\"\n },\n {\n \"const\": \"Green\",\n \"title\": \"Green\",\n \"icon\": \"mdi-alpha-g\"\n },\n {\n \"const\": \"Amber\",\n \"title\": \"Amber\",\n \"icon\": \"mdi-alpha-a\"\n },\n {\n \"const\": \"Red\",\n \"title\": \"Red\",\n \"icon\": \"mdi-alpha-r\"\n }\n ]\n },\n \"description\": {\n \"$id\": \"#root/description\",\n \"title\": \"Description\",\n \"type\": \"string\",\n \"x-display\": \"textarea\",\n \"x-class\": \"pr-2\"\n }\n }\n}\n",
"status": "closed",
"type": "incident"
}
}
}
}
}
},
"/tickets/{id}/playbooks/{playbookID}/task/{taskID}/run": {
"post": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Run ticket playbook task",
"operationId": "runTask",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8123,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"type": "string",
"x-example": "phishing",
"description": "Playbook ID",
"name": "playbookID",
"in": "path",
"required": true
},
{
"type": "string",
"x-example": "board",
"description": "Task ID",
"name": "taskID",
"in": "path",
"required": true
}
],
"responses": {
"204": {
"description": "successful operation"
}
}
}
},
"/tickets/{id}/references": {
"put": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Set ticket references",
"operationId": "setReferences",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8125,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"x-example": [
{
"href": "http://www.leadscalable.biz/envisioneer",
"name": "fund"
}
],
"description": "All ticket references",
"name": "references",
"in": "body",
"required": true,
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/Reference"
}
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketResponse"
},
"examples": {
"test": {
"created": "2021-10-02T18:04:59.078186+02:00",
"id": 8125,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "phishing from selenafadel@von.com detected",
"owner": "demo",
"references": [
{
"href": "http://www.leadscalable.biz/envisioneer",
"name": "fund"
}
],
"schema": "{}",
"status": "closed",
"tickets": [
{
"created": "2021-10-02T18:04:59.078186+02:00",
"id": 8126,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "Surfaceintroduce virus detected",
"owner": "demo",
"references": [
{
"href": "http://www.centralworld-class.io/synthesize",
"name": "university"
},
{
"href": "https://www.futurevirtual.org/supply-chains/markets/sticky/iterate",
"name": "goal"
},
{
"href": "http://www.chiefsyndicate.io/action-items",
"name": "unemployment"
}
],
"schema": "{}",
"status": "closed",
"type": "alert"
}
],
"type": "alert"
}
}
}
}
}
},
"/tickets/{id}/schema": {
"put": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Set ticket schema",
"operationId": "setSchema",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8125,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"x-example": "{}",
"description": "New ticket schema",
"name": "schema",
"in": "body",
"schema": {
"type": "string"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketResponse"
},
"examples": {
"test": {
"created": "2021-10-02T18:04:59.078186+02:00",
"id": 8125,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "phishing from selenafadel@von.com detected",
"owner": "demo",
"references": [
{
"href": "https://www.seniorleading-edge.name/users/efficient",
"name": "recovery"
},
{
"href": "http://www.dynamicseamless.com/clicks-and-mortar",
"name": "force"
},
{
"href": "http://www.leadscalable.biz/envisioneer",
"name": "fund"
}
],
"schema": "{}",
"status": "closed",
"tickets": [
{
"created": "2021-10-02T18:04:59.078186+02:00",
"id": 8126,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "Surfaceintroduce virus detected",
"owner": "demo",
"references": [
{
"href": "http://www.centralworld-class.io/synthesize",
"name": "university"
},
{
"href": "https://www.futurevirtual.org/supply-chains/markets/sticky/iterate",
"name": "goal"
},
{
"href": "http://www.chiefsyndicate.io/action-items",
"name": "unemployment"
}
],
"schema": "{}",
"status": "closed",
"type": "alert"
}
],
"type": "alert"
}
}
}
}
}
},
"/tickets/{id}/tickets": {
"delete": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Unlink an ticket to an ticket",
"operationId": "unlinkTicket",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8126,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"x-example": 8125,
"description": "Added ticket ID",
"name": "linkedID",
"in": "body",
"required": true,
"schema": {
"type": "integer",
"format": "int64"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketResponse"
},
"examples": {
"test": {
"created": "2021-10-02T18:04:59.078186+02:00",
"id": 8126,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "Surfaceintroduce virus detected",
"owner": "demo",
"references": [
{
"href": "http://www.centralworld-class.io/synthesize",
"name": "university"
},
{
"href": "https://www.futurevirtual.org/supply-chains/markets/sticky/iterate",
"name": "goal"
},
{
"href": "http://www.chiefsyndicate.io/action-items",
"name": "unemployment"
}
],
"schema": "{}",
"status": "closed",
"type": "alert"
}
}
}
}
},
"patch": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Link an ticket to an ticket",
"operationId": "linkTicket",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8126,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"x-example": 8123,
"description": "Added ticket ID",
"name": "linkedID",
"in": "body",
"required": true,
"schema": {
"type": "integer",
"format": "int64"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketResponse"
},
"examples": {
"test": {
"created": "2021-10-02T18:04:59.078186+02:00",
"id": 8126,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "Surfaceintroduce virus detected",
"owner": "demo",
"references": [
{
"href": "http://www.centralworld-class.io/synthesize",
"name": "university"
},
{
"href": "https://www.futurevirtual.org/supply-chains/markets/sticky/iterate",
"name": "goal"
},
{
"href": "http://www.chiefsyndicate.io/action-items",
"name": "unemployment"
}
],
"schema": "{}",
"status": "closed",
"tickets": [
{
"artifacts": [
{
"name": "94d5cab6f5fe3422a447ab15436e7a672bc0c09a",
"status": "unknown"
},
{
"name": "http://www.customerviral.io/scalable/vertical/killer",
"status": "clean"
},
{
"name": "leadreintermediate.io",
"status": "malicious"
}
],
"created": "2021-10-02T18:04:59.078206+02:00",
"id": 8123,
"modified": "2021-10-02T18:04:59.078206+02:00",
"name": "live zebra",
"owner": "demo",
"playbooks": {
"phishing": {
"name": "Phishing",
"tasks": {
"block-iocs": {
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block IOCs",
"type": "task"
},
"block-sender": {
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block sender",
"next": {
"extract-iocs": ""
},
"type": "task"
},
"board": {
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Board Involvement?",
"next": {
"escalate": "boardInvolved == true",
"mail-available": "boardInvolved == false"
},
"schema": {
"properties": {
"boardInvolved": {
"default": false,
"title": "A board member is involved.",
"type": "boolean"
}
},
"required": [
"boardInvolved"
],
"title": "Board Involvement?",
"type": "object"
},
"type": "input"
},
"escalate": {
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Escalate to CISO",
"type": "task"
},
"extract-iocs": {
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Extract IOCs",
"next": {
"block-iocs": ""
},
"schema": {
"properties": {
"iocs": {
"items": {
"type": "string"
},
"title": "IOCs",
"type": "array"
}
},
"title": "Extract IOCs",
"type": "object"
},
"type": "input"
},
"mail-available": {
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Mail available",
"next": {
"block-sender": "schemaKey == 'yes'",
"extract-iocs": "schemaKey == 'yes'",
"search-email-gateway": "schemaKey == 'no'"
},
"schema": {
"oneOf": [
{
"properties": {
"mail": {
"title": "Mail",
"type": "string",
"x-display": "textarea"
},
"schemaKey": {
"const": "yes",
"type": "string"
}
},
"required": [
"mail"
],
"title": "Yes"
},
{
"properties": {
"schemaKey": {
"const": "no",
"type": "string"
}
},
"title": "No"
}
],
"title": "Mail available",
"type": "object"
},
"type": "input"
},
"search-email-gateway": {
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Search email gateway",
"next": {
"extract-iocs": ""
},
"type": "task"
}
}
}
},
"references": [
{
"href": "https://www.leadmaximize.net/e-services/back-end",
"name": "performance"
},
{
"href": "http://www.corporateinteractive.name/rich",
"name": "autumn"
},
{
"href": "https://www.corporateintuitive.org/intuitive/platforms/integrate",
"name": "suggest"
}
],
"schema": "{\n \"definitions\": {},\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"$id\": \"https://example.com/object1618746510.json\",\n \"title\": \"Event\",\n \"type\": \"object\",\n \"required\": [\n \"severity\",\n \"description\",\n \"tlp\"\n ],\n \"properties\": {\n \"severity\": {\n \"$id\": \"#root/severity\",\n \"title\": \"Severity\",\n \"type\": \"string\",\n \"default\": \"Medium\",\n \"nx-enum\": [\n \"Low\",\n \"Medium\",\n \"High\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"Low\",\n \"title\": \"Low\",\n \"icon\": \"mdi-chevron-up\"\n },\n {\n \"const\": \"Medium\",\n \"title\": \"Medium\",\n \"icon\": \"mdi-chevron-double-up\"\n },\n {\n \"const\": \"High\",\n \"title\": \"High\",\n \"icon\": \"mdi-chevron-triple-up\"\n }\n ]\n },\n \"tlp\": {\n \"$id\": \"#root/tlp\",\n \"title\": \"TLP\",\n \"type\": \"string\",\n \"nx-enum\": [\n \"White\",\n \"Green\",\n \"Amber\",\n \"Red\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"White\",\n \"title\": \"White\",\n \"icon\": \"mdi-alpha-w\"\n },\n {\n \"const\": \"Green\",\n \"title\": \"Green\",\n \"icon\": \"mdi-alpha-g\"\n },\n {\n \"const\": \"Amber\",\n \"title\": \"Amber\",\n \"icon\": \"mdi-alpha-a\"\n },\n {\n \"const\": \"Red\",\n \"title\": \"Red\",\n \"icon\": \"mdi-alpha-r\"\n }\n ]\n },\n \"description\": {\n \"$id\": \"#root/description\",\n \"title\": \"Description\",\n \"type\": \"string\",\n \"x-display\": \"textarea\",\n \"x-class\": \"pr-2\"\n }\n }\n}\n",
"status": "closed",
"type": "incident"
},
{
"created": "2021-10-02T18:04:59.078186+02:00",
"id": 8125,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "phishing from selenafadel@von.com detected",
"owner": "demo",
"references": [
{
"href": "https://www.seniorleading-edge.name/users/efficient",
"name": "recovery"
},
{
"href": "http://www.dynamicseamless.com/clicks-and-mortar",
"name": "force"
},
{
"href": "http://www.leadscalable.biz/envisioneer",
"name": "fund"
}
],
"schema": "{}",
"status": "closed",
"type": "alert"
}
],
"type": "alert"
}
}
}
}
}
},
"/tickettypes": {
"get": {
"security": [
{
"roles": [
"tickettype:read"
]
}
],
"tags": [
"tickettypes"
],
"summary": "List tickettypes",
"operationId": "listTicketTypes",
"responses": {
"200": {
"description": "successful operation",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/TicketTypeResponse"
}
},
"examples": {
"test": [
{
"default_playbooks": null,
"default_template": "default",
"icon": "mdi-alert",
"id": "alert",
"name": "Alerts"
},
{
"default_playbooks": null,
"default_template": "default",
"icon": "mdi-radioactive",
"id": "incident",
"name": "Incidents"
},
{
"default_playbooks": null,
"default_template": "default",
"icon": "mdi-fingerprint",
"id": "investigation",
"name": "Forensic Investigations"
},
{
"default_playbooks": null,
"default_template": "default",
"icon": "mdi-target",
"id": "hunt",
"name": "Threat Hunting"
}
]
}
}
}
},
"post": {
"security": [
{
"roles": [
"tickettype:write"
]
}
],
"tags": [
"tickettypes"
],
"summary": "Create a new tickettype",
"operationId": "createTicketType",
"parameters": [
{
"x-example": {
"default_playbooks": null,
"default_template": "default",
"icon": "mdi-newspaper-variant-outline",
"name": "TI Tickets"
},
"description": "New tickettype",
"name": "tickettype",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/TicketTypeForm"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketTypeResponse"
},
"examples": {
"test": {
"default_playbooks": null,
"default_template": "default",
"icon": "mdi-newspaper-variant-outline",
"id": "ti-tickets",
"name": "TI Tickets"
}
}
}
}
}
},
"/tickettypes/{id}": {
"get": {
"security": [
{
"roles": [
"tickettype:read"
]
}
],
"tags": [
"tickettypes"
],
"summary": "Get a single tickettype",
"operationId": "getTicketType",
"parameters": [
{
"type": "string",
"x-example": "alert",
"description": "TicketType ID",
"name": "id",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketTypeResponse"
},
"examples": {
"test": {
"default_playbooks": null,
"default_template": "default",
"icon": "mdi-alert",
"id": "alert",
"name": "Alerts"
}
}
}
}
},
"put": {
"security": [
{
"roles": [
"tickettype:write"
]
}
],
"tags": [
"tickettypes"
],
"summary": "Update an existing tickettype",
"operationId": "updateTicketType",
"parameters": [
{
"type": "string",
"x-example": "alert",
"description": "TicketType ID",
"name": "id",
"in": "path",
"required": true
},
{
"x-example": {
"default_playbooks": null,
"default_template": "default",
"icon": "mdi-bell",
"id": "alert",
"name": "Alerts"
},
"description": "TicketType object that needs to be added",
"name": "tickettype",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/TicketTypeForm"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketTypeResponse"
},
"examples": {
"test": {
"default_playbooks": null,
"default_template": "default",
"icon": "mdi-bell",
"id": "alert",
"name": "Alerts"
}
}
}
}
},
"delete": {
"security": [
{
"roles": [
"tickettype:write"
]
}
],
"tags": [
"tickettypes"
],
"summary": "Delete a tickettype",
"operationId": "deleteTicketType",
"parameters": [
{
"type": "string",
"x-example": "alert",
"description": "TicketType ID",
"name": "id",
"in": "path",
"required": true
}
],
"responses": {
"204": {
"description": "successful operation"
}
}
}
},
"/userdata": {
"get": {
"security": [
{
"roles": [
"userdata:read"
]
}
],
"tags": [
"userdata"
],
"summary": "List userdata",
"operationId": "listUserData",
"responses": {
"200": {
"description": "successful operation",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/UserDataResponse"
}
},
"examples": {
"test": [
{
"email": "bob@example.org",
"id": "bob",
"name": "Bob Bad"
}
]
}
}
}
}
},
"/userdata/{id}": {
"get": {
"security": [
{
"roles": [
"userdata:read"
]
}
],
"tags": [
"userdata"
],
"summary": "Get a single user data",
"operationId": "getUserData",
"parameters": [
{
"type": "string",
"x-example": "bob",
"description": "User Data ID",
"name": "id",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/UserDataResponse"
},
"examples": {
"test": {
"email": "bob@example.org",
"id": "bob",
"name": "Bob Bad"
}
}
}
}
},
"put": {
"security": [
{
"roles": [
"userdata:write"
]
}
],
"tags": [
"userdata"
],
"summary": "Update an existing user data",
"operationId": "updateUserData",
"parameters": [
{
"type": "string",
"x-example": "bob",
"description": "User Data ID",
"name": "id",
"in": "path",
"required": true
},
{
"x-example": {
"blocked": false,
"email": "bob@example.org",
"name": "Bob Bad"
},
"description": "User data object that needs to be added",
"name": "userdata",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/UserData"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/UserDataResponse"
},
"examples": {
"test": {
"email": "bob@example.org",
"id": "bob",
"name": "Bob Bad"
}
}
}
}
}
},
"/users": {
"get": {
"security": [
{
"roles": [
"user:read"
]
}
],
"tags": [
"users"
],
"summary": "List users",
"operationId": "listUsers",
"responses": {
"200": {
"description": "successful operation",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/UserResponse"
}
},
"examples": {
"test": [
{
"apikey": false,
"blocked": false,
"id": "bob",
"roles": [
"admin:backup:read",
"admin:backup:restore",
"admin:group:write",
"admin:job:read",
"admin:job:write",
"admin:log:read",
"admin:ticket:delete",
"admin:user:write",
"admin:userdata:read",
"admin:userdata:write",
"analyst:automation:read",
"analyst:currentsettings:write",
"analyst:currentuser:read",
"analyst:currentuserdata:read",
"analyst:file",
"analyst:group:read",
"analyst:playbook:read",
"analyst:rule:read",
"analyst:settings:read",
"analyst:template:read",
"analyst:ticket:read",
"analyst:ticket:write",
"analyst:tickettype:read",
"analyst:user:read",
"engineer:automation:write",
"engineer:playbook:write",
"engineer:rule:write",
"engineer:template:write",
"engineer:tickettype:write"
]
},
{
"apikey": true,
"blocked": false,
"id": "script",
"roles": [
"analyst:automation:read",
"analyst:currentsettings:write",
"analyst:currentuser:read",
"analyst:currentuserdata:read",
"analyst:file",
"analyst:group:read",
"analyst:playbook:read",
"analyst:rule:read",
"analyst:settings:read",
"analyst:template:read",
"analyst:ticket:read",
"analyst:ticket:write",
"analyst:tickettype:read",
"analyst:user:read",
"engineer:automation:write",
"engineer:playbook:write",
"engineer:rule:write",
"engineer:template:write",
"engineer:tickettype:write"
]
}
]
}
}
}
},
"post": {
"security": [
{
"roles": [
"user:write"
]
}
],
"tags": [
"users"
],
"summary": "Create user",
"operationId": "createUser",
"parameters": [
{
"x-example": {
"id": "syncscript",
"roles": [
"analyst"
]
},
"description": "user object that needs to be added",
"name": "user",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/UserForm"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/NewUserResponse"
},
"examples": {
"test": {
"blocked": false,
"id": "syncscript",
"roles": [
"analyst:automation:read",
"analyst:currentsettings:write",
"analyst:currentuser:read",
"analyst:currentuserdata:read",
"analyst:file",
"analyst:group:read",
"analyst:playbook:read",
"analyst:rule:read",
"analyst:settings:read",
"analyst:template:read",
"analyst:ticket:read",
"analyst:ticket:write",
"analyst:tickettype:read",
"analyst:user:read"
],
"secret": "v39bOuobnlEljfWzjAgoKzhmnh1xSMxH"
}
}
}
}
}
},
"/users/{id}": {
"get": {
"security": [
{
"roles": [
"user:read"
]
}
],
"tags": [
"users"
],
"summary": "Get a single user",
"operationId": "getUser",
"parameters": [
{
"type": "string",
"x-example": "script",
"description": "user ID",
"name": "id",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/UserResponse"
},
"examples": {
"test": {
"apikey": true,
"blocked": false,
"id": "script",
"roles": [
"analyst:automation:read",
"analyst:currentsettings:write",
"analyst:currentuser:read",
"analyst:currentuserdata:read",
"analyst:file",
"analyst:group:read",
"analyst:playbook:read",
"analyst:rule:read",
"analyst:settings:read",
"analyst:template:read",
"analyst:ticket:read",
"analyst:ticket:write",
"analyst:tickettype:read",
"analyst:user:read",
"engineer:automation:write",
"engineer:playbook:write",
"engineer:rule:write",
"engineer:template:write",
"engineer:tickettype:write"
]
}
}
}
}
},
"put": {
"security": [
{
"roles": [
"user:write"
]
}
],
"tags": [
"users"
],
"summary": "Update user",
"operationId": "updateUser",
"parameters": [
{
"type": "string",
"x-example": "bob",
"description": "Template ID",
"name": "id",
"in": "path",
"required": true
},
{
"x-example": {
"roles": [
"analyst",
"admin"
]
},
"description": "user object that needs to be added",
"name": "user",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/UserForm"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/UserResponse"
},
"examples": {
"test": {
"apikey": false,
"blocked": false,
"id": "bob",
"roles": [
"admin:backup:read",
"admin:backup:restore",
"admin:group:write",
"admin:job:read",
"admin:job:write",
"admin:log:read",
"admin:ticket:delete",
"admin:user:write",
"admin:userdata:read",
"admin:userdata:write",
"analyst:automation:read",
"analyst:currentsettings:write",
"analyst:currentuser:read",
"analyst:currentuserdata:read",
"analyst:file",
"analyst:group:read",
"analyst:playbook:read",
"analyst:rule:read",
"analyst:settings:read",
"analyst:template:read",
"analyst:ticket:read",
"analyst:ticket:write",
"analyst:tickettype:read",
"analyst:user:read",
"engineer:automation:write",
"engineer:playbook:write",
"engineer:rule:write",
"engineer:template:write",
"engineer:tickettype:write"
]
}
}
}
}
},
"delete": {
"security": [
{
"roles": [
"user:write"
]
}
],
"tags": [
"users"
],
"summary": "Delete user",
"operationId": "deleteUser",
"parameters": [
{
"type": "string",
"x-example": "script",
"description": "user ID",
"name": "id",
"in": "path",
"required": true
}
],
"responses": {
"204": {
"description": "successful operation"
}
}
}
}
},
"definitions": {
"Artifact": {
"type": "object",
"required": [
"name"
],
"properties": {
"enrichments": {
"type": "object",
"additionalProperties": {
"$ref": "#/definitions/Enrichment"
}
},
"name": {
"type": "string",
"example": "2.2.2.2"
},
"status": {
"type": "string",
"example": "Unknown"
},
"type": {
"type": "string"
}
}
},
"ArtifactOrigin": {
"type": "object",
"required": [
"ticket_id",
"artifact"
],
"properties": {
"artifact": {
"type": "string"
},
"ticket_id": {
"type": "integer",
"format": "int64"
}
}
},
"Automation": {
"type": "object",
"required": [
"image",
"script",
"type"
],
"properties": {
"image": {
"type": "string"
},
"schema": {
"type": "string",
"example": "{}"
},
"script": {
"type": "string"
},
"type": {
"type": "array",
"items": {
"type": "string",
"enum": [
"artifact",
"playbook",
"global"
]
}
}
}
},
"AutomationForm": {
"type": "object",
"required": [
"id",
"image",
"script",
"type"
],
"properties": {
"id": {
"type": "string"
},
"image": {
"type": "string"
},
"schema": {
"type": "string",
"example": "{}"
},
"script": {
"type": "string"
},
"type": {
"type": "array",
"items": {
"type": "string",
"enum": [
"artifact",
"playbook",
"global"
]
}
}
}
},
"AutomationResponse": {
"type": "object",
"required": [
"id",
"image",
"script",
"type"
],
"properties": {
"id": {
"type": "string"
},
"image": {
"type": "string"
},
"schema": {
"type": "string",
"example": "{}"
},
"script": {
"type": "string"
},
"type": {
"type": "array",
"items": {
"type": "string",
"enum": [
"artifact",
"playbook",
"global"
]
}
}
}
},
"Comment": {
"type": "object",
"required": [
"creator",
"created",
"message"
],
"properties": {
"created": {
"type": "string",
"format": "date-time"
},
"creator": {
"type": "string"
},
"message": {
"type": "string"
}
}
},
"CommentForm": {
"type": "object",
"required": [
"message"
],
"properties": {
"created": {
"type": "string",
"format": "date-time"
},
"creator": {
"type": "string"
},
"message": {
"type": "string"
}
}
},
"Context": {
"type": "object",
"properties": {
"artifact": {
"$ref": "#/definitions/Artifact"
},
"playbook": {
"$ref": "#/definitions/PlaybookResponse"
},
"task": {
"$ref": "#/definitions/TaskResponse"
},
"ticket": {
"$ref": "#/definitions/TicketResponse"
}
}
},
"Enrichment": {
"type": "object",
"required": [
"name",
"data",
"created"
],
"properties": {
"created": {
"type": "string",
"format": "date-time",
"example": "1985-04-12T23:20:50.52Z"
},
"data": {
"type": "object",
"example": {
"hash": "b7a067a742c20d07a7456646de89bc2d408a1153"
}
},
"name": {
"type": "string",
"example": "hash.sha1"
}
}
},
"EnrichmentForm": {
"type": "object",
"required": [
"name",
"data"
],
"properties": {
"data": {
"type": "object",
"example": {
"hash": "b7a067a742c20d07a7456646de89bc2d408a1153"
}
},
"name": {
"type": "string",
"example": "hash.sha1"
}
}
},
"File": {
"type": "object",
"required": [
"key",
"name"
],
"properties": {
"key": {
"type": "string",
"example": "myfile"
},
"name": {
"type": "string",
"example": "notes.docx"
}
}
},
"Job": {
"type": "object",
"required": [
"automation",
"running",
"status"
],
"properties": {
"automation": {
"type": "string"
},
"container": {
"type": "string"
},
"log": {
"type": "string"
},
"origin": {
"$ref": "#/definitions/Origin"
},
"output": {
"type": "object"
},
"payload": {},
"running": {
"type": "boolean"
},
"status": {
"type": "string"
}
}
},
"JobForm": {
"type": "object",
"required": [
"automation"
],
"properties": {
"automation": {
"type": "string"
},
"origin": {
"$ref": "#/definitions/Origin"
},
"payload": {}
}
},
"JobResponse": {
"type": "object",
"required": [
"id",
"automation",
"status"
],
"properties": {
"automation": {
"type": "string"
},
"container": {
"type": "string"
},
"id": {
"type": "string"
},
"log": {
"type": "string"
},
"origin": {
"$ref": "#/definitions/Origin"
},
"output": {
"type": "object"
},
"payload": {},
"status": {
"type": "string"
}
}
},
"LogEntry": {
"type": "object",
"required": [
"reference",
"creator",
"created",
"message"
],
"properties": {
"created": {
"type": "string",
"format": "date-time"
},
"creator": {
"type": "string"
},
"message": {
"type": "string"
},
"reference": {
"type": "string"
}
}
},
"Message": {
"type": "object",
"properties": {
"context": {
"$ref": "#/definitions/Context"
},
"payload": {
"type": "object"
},
"secrets": {
"type": "object",
"additionalProperties": {
"type": "string"
}
}
}
},
"NewUserResponse": {
"type": "object",
"required": [
"id",
"blocked",
"roles"
],
"properties": {
"blocked": {
"type": "boolean"
},
"id": {
"type": "string"
},
"roles": {
"type": "array",
"items": {
"type": "string"
}
},
"secret": {
"type": "string"
}
}
},
"Origin": {
"type": "object",
"properties": {
"artifact_origin": {
"$ref": "#/definitions/ArtifactOrigin"
},
"task_origin": {
"$ref": "#/definitions/TaskOrigin"
}
}
},
"Playbook": {
"type": "object",
"required": [
"name",
"tasks"
],
"properties": {
"name": {
"type": "string",
"example": "Phishing"
},
"tasks": {
"type": "object",
"additionalProperties": {
"$ref": "#/definitions/Task"
}
}
}
},
"PlaybookResponse": {
"type": "object",
"required": [
"name",
"tasks"
],
"properties": {
"name": {
"type": "string",
"example": "Phishing"
},
"tasks": {
"type": "object",
"additionalProperties": {
"$ref": "#/definitions/TaskResponse"
}
}
}
},
"PlaybookTemplate": {
"type": "object",
"required": [
"name",
"yaml"
],
"properties": {
"name": {
"type": "string"
},
"yaml": {
"type": "string"
}
}
},
"PlaybookTemplateForm": {
"type": "object",
"required": [
"yaml"
],
"properties": {
"id": {
"type": "string"
},
"yaml": {
"type": "string"
}
}
},
"PlaybookTemplateResponse": {
"type": "object",
"required": [
"id",
"name",
"yaml"
],
"properties": {
"id": {
"type": "string"
},
"name": {
"type": "string"
},
"yaml": {
"type": "string"
}
}
},
"Reference": {
"type": "object",
"required": [
"name",
"href"
],
"properties": {
"href": {
"type": "string",
"example": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-0144"
},
"name": {
"type": "string",
"example": "CVE-2017-0144"
}
}
},
"Settings": {
"type": "object",
"required": [
"version",
"tier",
"timeformat",
"ticketTypes",
"artifactStates"
],
"properties": {
"artifactStates": {
"type": "array",
"title": "Artifact States",
"items": {
"$ref": "#/definitions/Type"
}
},
"roles": {
"type": "array",
"title": "Roles",
"items": {
"type": "string"
}
},
"ticketTypes": {
"type": "array",
"title": "Ticket Types",
"items": {
"$ref": "#/definitions/TicketTypeResponse"
}
},
"tier": {
"type": "string",
"title": "Tier",
"enum": [
"community",
"enterprise"
]
},
"timeformat": {
"type": "string",
"title": "Time Format"
},
"version": {
"type": "string",
"title": "Version"
}
}
},
"Statistics": {
"type": "object",
"required": [
"unassigned",
"open_tickets_per_user",
"tickets_per_week",
"tickets_per_type"
],
"properties": {
"open_tickets_per_user": {
"type": "object",
"additionalProperties": {
"type": "integer"
}
},
"tickets_per_type": {
"type": "object",
"additionalProperties": {
"type": "integer"
}
},
"tickets_per_week": {
"type": "object",
"additionalProperties": {
"type": "integer"
}
},
"unassigned": {
"type": "integer"
}
}
},
"Task": {
"type": "object",
"required": [
"name",
"type",
"done",
"created"
],
"properties": {
"automation": {
"type": "string"
},
"closed": {
"type": "string",
"format": "date-time",
"example": "1985-04-12T23:20:50.52Z"
},
"created": {
"type": "string",
"format": "date-time",
"example": "1985-04-12T23:20:50.52Z"
},
"data": {
"type": "object"
},
"done": {
"type": "boolean"
},
"join": {
"type": "boolean",
"example": false
},
"name": {
"type": "string",
"example": "Inform user"
},
"next": {
"type": "object",
"additionalProperties": {
"type": "string"
}
},
"owner": {
"type": "string"
},
"payload": {
"type": "object",
"additionalProperties": {
"type": "string"
}
},
"schema": {
"type": "object"
},
"type": {
"type": "string",
"enum": [
"task",
"input",
"automation"
],
"example": "task"
}
}
},
"TaskForm": {
"type": "object",
"required": [
"name",
"type"
],
"properties": {
"automation": {
"type": "string"
},
"closed": {
"type": "string",
"format": "date-time",
"example": "1985-04-12T23:20:50.52Z"
},
"created": {
"type": "string",
"format": "date-time",
"example": "1985-04-12T23:20:50.52Z"
},
"data": {
"type": "object"
},
"done": {
"type": "boolean"
},
"join": {
"type": "boolean",
"example": false
},
"name": {
"type": "string",
"example": "Inform user"
},
"next": {
"type": "object",
"additionalProperties": {
"type": "string"
}
},
"owner": {
"type": "string"
},
"payload": {
"type": "object",
"additionalProperties": {
"type": "string"
}
},
"schema": {
"type": "object"
},
"type": {
"type": "string",
"enum": [
"task",
"input",
"automation"
],
"example": "task"
}
}
},
"TaskOrigin": {
"type": "object",
"required": [
"ticket_id",
"playbook_id",
"task_id"
],
"properties": {
"playbook_id": {
"type": "string"
},
"task_id": {
"type": "string"
},
"ticket_id": {
"type": "integer",
"format": "int64"
}
}
},
"TaskResponse": {
"type": "object",
"required": [
"name",
"type",
"done",
"created",
"order",
"active"
],
"properties": {
"active": {
"type": "boolean",
"example": false
},
"automation": {
"type": "string"
},
"closed": {
"type": "string",
"format": "date-time",
"example": "1985-04-12T23:20:50.52Z"
},
"created": {
"type": "string",
"format": "date-time",
"example": "1985-04-12T23:20:50.52Z"
},
"data": {
"type": "object"
},
"done": {
"type": "boolean"
},
"join": {
"type": "boolean",
"example": false
},
"name": {
"type": "string",
"example": "Inform user"
},
"next": {
"type": "object",
"additionalProperties": {
"type": "string"
}
},
"order": {
"type": "number",
"format": "int64",
"example": 2
},
"owner": {
"type": "string"
},
"payload": {
"type": "object",
"additionalProperties": {
"type": "string"
}
},
"schema": {
"type": "object"
},
"type": {
"type": "string",
"enum": [
"task",
"input",
"automation"
],
"example": "task"
}
}
},
"TaskWithContext": {
"type": "object",
"required": [
"ticket_id",
"ticket_name",
"playbook_id",
"playbook_name",
"task_id",
"task"
],
"properties": {
"playbook_id": {
"type": "string"
},
"playbook_name": {
"type": "string"
},
"task": {
"$ref": "#/definitions/TaskResponse"
},
"task_id": {
"type": "string"
},
"ticket_id": {
"type": "number",
"format": "int64"
},
"ticket_name": {
"type": "string"
}
}
},
"Ticket": {
"type": "object",
"required": [
"name",
"type",
"status",
"created",
"modified",
"schema"
],
"properties": {
"artifacts": {
"type": "array",
"items": {
"$ref": "#/definitions/Artifact"
}
},
"comments": {
"type": "array",
"items": {
"$ref": "#/definitions/Comment"
}
},
"created": {
"type": "string",
"format": "date-time",
"example": "1985-04-12T23:20:50.52Z"
},
"details": {
"type": "object",
"example": {
"description": "my little incident"
}
},
"files": {
"type": "array",
"items": {
"$ref": "#/definitions/File"
}
},
"modified": {
"type": "string",
"format": "date-time",
"example": "1985-04-12T23:20:50.52Z"
},
"name": {
"type": "string",
"example": "WannyCry"
},
"owner": {
"type": "string",
"example": "bob"
},
"playbooks": {
"type": "object",
"additionalProperties": {
"$ref": "#/definitions/Playbook"
}
},
"read": {
"type": "array",
"items": {
"type": "string"
},
"example": [
"bob"
]
},
"references": {
"type": "array",
"items": {
"$ref": "#/definitions/Reference"
}
},
"schema": {
"type": "string",
"example": "{}"
},
"status": {
"type": "string",
"example": "open"
},
"type": {
"type": "string",
"example": "incident"
},
"write": {
"type": "array",
"items": {
"type": "string"
},
"example": [
"alice"
]
}
}
},
"TicketForm": {
"type": "object",
"required": [
"name",
"type",
"status"
],
"properties": {
"artifacts": {
"type": "array",
"items": {
"$ref": "#/definitions/Artifact"
}
},
"comments": {
"type": "array",
"items": {
"$ref": "#/definitions/Comment"
}
},
"created": {
"type": "string",
"format": "date-time",
"example": "1985-04-12T23:20:50.52Z"
},
"details": {
"type": "object",
"example": {
"description": "my little incident"
}
},
"files": {
"type": "array",
"items": {
"$ref": "#/definitions/File"
}
},
"id": {
"type": "integer",
"format": "int64",
"example": 123
},
"modified": {
"type": "string",
"format": "date-time",
"example": "1985-04-12T23:20:50.52Z"
},
"name": {
"type": "string",
"example": "WannyCry"
},
"owner": {
"type": "string",
"example": "bob"
},
"playbooks": {
"type": "array",
"items": {
"$ref": "#/definitions/PlaybookTemplateForm"
}
},
"read": {
"type": "array",
"items": {
"type": "string"
},
"example": [
"bob"
]
},
"references": {
"type": "array",
"items": {
"$ref": "#/definitions/Reference"
}
},
"schema": {
"type": "string",
"example": "{}"
},
"status": {
"type": "string",
"example": "open"
},
"type": {
"type": "string",
"example": "incident"
},
"write": {
"type": "array",
"items": {
"type": "string"
},
"example": [
"alice"
]
}
}
},
"TicketList": {
"type": "object",
"required": [
"tickets",
"count"
],
"properties": {
"count": {
"type": "number",
"example": 3
},
"tickets": {
"type": "array",
"items": {
"$ref": "#/definitions/TicketSimpleResponse"
}
}
}
},
"TicketResponse": {
"type": "object",
"required": [
"id",
"name",
"type",
"status",
"created",
"modified",
"schema"
],
"properties": {
"artifacts": {
"type": "array",
"items": {
"$ref": "#/definitions/Artifact"
}
},
"comments": {
"type": "array",
"items": {
"$ref": "#/definitions/Comment"
}
},
"created": {
"type": "string",
"format": "date-time",
"example": "1985-04-12T23:20:50.52Z"
},
"details": {
"type": "object",
"example": {
"description": "my little incident"
}
},
"files": {
"type": "array",
"items": {
"$ref": "#/definitions/File"
}
},
"id": {
"type": "integer",
"format": "int64",
"example": 123
},
"modified": {
"type": "string",
"format": "date-time",
"example": "1985-04-12T23:20:50.52Z"
},
"name": {
"type": "string",
"example": "WannyCry"
},
"owner": {
"type": "string",
"example": "bob"
},
"playbooks": {
"type": "object",
"additionalProperties": {
"$ref": "#/definitions/PlaybookResponse"
}
},
"read": {
"type": "array",
"items": {
"type": "string"
},
"example": [
"bob"
]
},
"references": {
"type": "array",
"items": {
"$ref": "#/definitions/Reference"
}
},
"schema": {
"type": "string",
"example": "{}"
},
"status": {
"type": "string",
"example": "open"
},
"type": {
"type": "string",
"example": "incident"
},
"write": {
"type": "array",
"items": {
"type": "string"
},
"example": [
"alice"
]
}
}
},
"TicketSimpleResponse": {
"type": "object",
"required": [
"id",
"name",
"type",
"status",
"created",
"modified",
"schema"
],
"properties": {
"artifacts": {
"type": "array",
"items": {
"$ref": "#/definitions/Artifact"
}
},
"comments": {
"type": "array",
"items": {
"$ref": "#/definitions/Comment"
}
},
"created": {
"type": "string",
"format": "date-time",
"example": "1985-04-12T23:20:50.52Z"
},
"details": {
"type": "object",
"example": {
"description": "my little incident"
}
},
"files": {
"type": "array",
"items": {
"$ref": "#/definitions/File"
}
},
"id": {
"type": "integer",
"format": "int64",
"example": 123
},
"modified": {
"type": "string",
"format": "date-time",
"example": "1985-04-12T23:20:50.52Z"
},
"name": {
"type": "string",
"example": "WannyCry"
},
"owner": {
"type": "string",
"example": "bob"
},
"playbooks": {
"type": "object",
"additionalProperties": {
"$ref": "#/definitions/Playbook"
}
},
"read": {
"type": "array",
"items": {
"type": "string"
},
"example": [
"bob"
]
},
"references": {
"type": "array",
"items": {
"$ref": "#/definitions/Reference"
}
},
"schema": {
"type": "string",
"example": "{}"
},
"status": {
"type": "string",
"example": "open"
},
"type": {
"type": "string",
"example": "incident"
},
"write": {
"type": "array",
"items": {
"type": "string"
},
"example": [
"alice"
]
}
}
},
"TicketTemplate": {
"type": "object",
"required": [
"name",
"schema"
],
"properties": {
"name": {
"type": "string"
},
"schema": {
"type": "string"
}
}
},
"TicketTemplateForm": {
"type": "object",
"required": [
"name",
"schema"
],
"properties": {
"id": {
"type": "string"
},
"name": {
"type": "string"
},
"schema": {
"type": "string"
}
}
},
"TicketTemplateResponse": {
"type": "object",
"required": [
"id",
"name",
"schema"
],
"properties": {
"id": {
"type": "string"
},
"name": {
"type": "string"
},
"schema": {
"type": "string"
}
}
},
"TicketType": {
"type": "object",
"required": [
"name",
"icon",
"default_template",
"default_playbooks"
],
"properties": {
"default_groups": {
"type": "array",
"items": {
"type": "string"
}
},
"default_playbooks": {
"type": "array",
"items": {
"type": "string"
}
},
"default_template": {
"type": "string"
},
"icon": {
"type": "string"
},
"name": {
"type": "string"
}
}
},
"TicketTypeForm": {
"type": "object",
"required": [
"name",
"icon",
"default_template",
"default_playbooks"
],
"properties": {
"default_groups": {
"type": "array",
"items": {
"type": "string"
}
},
"default_playbooks": {
"type": "array",
"items": {
"type": "string"
}
},
"default_template": {
"type": "string"
},
"icon": {
"type": "string"
},
"id": {
"type": "string"
},
"name": {
"type": "string"
}
}
},
"TicketTypeResponse": {
"type": "object",
"required": [
"id",
"name",
"icon",
"default_template",
"default_playbooks"
],
"properties": {
"default_groups": {
"type": "array",
"items": {
"type": "string"
}
},
"default_playbooks": {
"type": "array",
"items": {
"type": "string"
}
},
"default_template": {
"type": "string"
},
"icon": {
"type": "string"
},
"id": {
"type": "string"
},
"name": {
"type": "string"
}
}
},
"TicketWithTickets": {
"type": "object",
"required": [
"id",
"name",
"type",
"status",
"created",
"modified",
"schema"
],
"properties": {
"artifacts": {
"type": "array",
"items": {
"$ref": "#/definitions/Artifact"
}
},
"comments": {
"type": "array",
"items": {
"$ref": "#/definitions/Comment"
}
},
"created": {
"type": "string",
"format": "date-time",
"example": "1985-04-12T23:20:50.52Z"
},
"details": {
"type": "object",
"example": {
"description": "my little incident"
}
},
"files": {
"type": "array",
"items": {
"$ref": "#/definitions/File"
}
},
"id": {
"type": "integer",
"format": "int64",
"example": 123
},
"modified": {
"type": "string",
"format": "date-time",
"example": "1985-04-12T23:20:50.52Z"
},
"name": {
"type": "string",
"example": "WannyCry"
},
"owner": {
"type": "string",
"example": "bob"
},
"playbooks": {
"type": "object",
"additionalProperties": {
"$ref": "#/definitions/PlaybookResponse"
}
},
"read": {
"type": "array",
"items": {
"type": "string"
},
"example": [
"bob"
]
},
"references": {
"type": "array",
"items": {
"$ref": "#/definitions/Reference"
}
},
"schema": {
"type": "string",
"example": "{}"
},
"status": {
"type": "string",
"example": "open"
},
"tickets": {
"type": "array",
"items": {
"$ref": "#/definitions/TicketSimpleResponse"
}
},
"type": {
"type": "string",
"example": "incident"
},
"write": {
"type": "array",
"items": {
"type": "string"
},
"example": [
"alice"
]
}
}
},
"Type": {
"type": "object",
"required": [
"id",
"name",
"icon"
],
"properties": {
"color": {
"type": "string",
"title": "Color",
"enum": [
"error",
"info",
"success",
"warning"
],
"x-cols": 3
},
"icon": {
"type": "string",
"title": "Icon (https://materialdesignicons.com)",
"x-class": "pr-2",
"x-cols": 3
},
"id": {
"type": "string",
"title": "ID",
"x-class": "pr-2",
"x-cols": 3
},
"name": {
"type": "string",
"title": "Name",
"x-class": "pr-2",
"x-cols": 3
}
}
},
"User": {
"type": "object",
"required": [
"blocked",
"apikey",
"roles"
],
"properties": {
"apikey": {
"type": "boolean"
},
"blocked": {
"type": "boolean"
},
"roles": {
"type": "array",
"items": {
"type": "string"
}
},
"sha256": {
"type": "string"
}
}
},
"UserData": {
"type": "object",
"properties": {
"email": {
"type": "string",
"x-example": "bob@example.org"
},
"image": {
"type": "string",
"x-display": "custom-avatar"
},
"name": {
"type": "string",
"x-example": "Robert Smith"
},
"timeformat": {
"type": "string",
"title": "Time Format (https://moment.github.io/luxon/docs/manual/formatting.html#table-of-tokens)"
}
}
},
"UserDataResponse": {
"type": "object",
"required": [
"id"
],
"properties": {
"email": {
"type": "string",
"x-example": "bob@example.org"
},
"id": {
"type": "string"
},
"image": {
"type": "string",
"x-display": "custom-avatar"
},
"name": {
"type": "string",
"x-example": "Robert Smith"
},
"timeformat": {
"type": "string",
"title": "Time Format (https://moment.github.io/luxon/docs/manual/formatting.html#table-of-tokens)"
}
}
},
"UserForm": {
"type": "object",
"required": [
"id",
"blocked",
"roles",
"apikey"
],
"properties": {
"apikey": {
"type": "boolean"
},
"blocked": {
"type": "boolean"
},
"id": {
"type": "string"
},
"roles": {
"type": "array",
"items": {
"type": "string"
}
}
}
},
"UserResponse": {
"type": "object",
"required": [
"id",
"blocked",
"roles",
"apikey"
],
"properties": {
"apikey": {
"type": "boolean"
},
"blocked": {
"type": "boolean"
},
"id": {
"type": "string"
},
"roles": {
"type": "array",
"items": {
"type": "string"
}
}
}
}
}
}`))
FlatSwaggerJSON = json.RawMessage([]byte(`{
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"schemes": [
"http"
],
"swagger": "2.0",
"info": {
"description": "API for the catalyst incident response platform."
},
"host": ".",
"basePath": "/api",
"paths": {
"/automations": {
"get": {
"security": [
{
"roles": [
"automation:read"
]
}
],
"tags": [
"automations"
],
"summary": "List automations",
"operationId": "listAutomations",
"responses": {
"200": {
"description": "successful operation",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/AutomationResponse"
}
},
"examples": {
"test": [
{
"id": "comment",
"image": "docker.io/python:3",
"script": "",
"type": [
"playbook"
]
},
{
"id": "hash.sha1",
"image": "docker.io/python:3",
"schema": "{\"title\":\"Input\",\"type\":\"object\",\"properties\":{\"default\":{\"type\":\"string\",\"title\":\"Value\"}},\"required\":[\"default\"]}",
"script": "",
"type": [
"global",
"artifact",
"playbook"
]
},
{
"id": "thehive",
"image": "docker.io/python:3",
"schema": "{\"title\":\"TheHive credentials\",\"type\":\"object\",\"properties\":{\"thehiveurl\":{\"type\":\"string\",\"title\":\"TheHive URL (e.g. 'https://thehive.example.org')\"},\"thehivekey\":{\"type\":\"string\",\"title\":\"TheHive API Key\"},\"skip_files\":{\"type\":\"boolean\", \"default\": true, \"title\":\"Skip Files (much faster)\"},\"keep_ids\":{\"type\":\"boolean\", \"default\": true, \"title\":\"Keep IDs and overwrite existing IDs\"}},\"required\":[\"thehiveurl\", \"thehivekey\", \"skip_files\", \"keep_ids\"]}",
"script": "",
"type": [
"global"
]
},
{
"id": "vt.hash",
"image": "docker.io/python:3",
"schema": "{\"title\":\"Input\",\"type\":\"object\",\"properties\":{\"default\":{\"type\":\"string\",\"title\":\"Value\"}},\"required\":[\"default\"]}",
"script": "",
"type": [
"global",
"artifact",
"playbook"
]
}
]
}
}
}
},
"post": {
"security": [
{
"roles": [
"automation:write"
]
}
],
"tags": [
"automations"
],
"summary": "Create a new automation",
"operationId": "createAutomation",
"parameters": [
{
"x-example": {
"id": "hash-sha-256",
"image": "docker.io/python:3",
"script": "import sys\nimport json\nimport hashlib\n\n\ndef run(msg):\n sha256 = hashlib.sha256(msg['payload']['default'].encode('utf-8'))\n return {'hash': sha256.hexdigest()}\n\n\nprint(json.dumps(run(json.loads(sys.argv[1]))))\n",
"type": [
"global"
]
},
"description": "New automation",
"name": "automation",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/AutomationForm"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/AutomationResponse"
},
"examples": {
"test": {
"id": "hash-sha-256",
"image": "docker.io/python:3",
"script": "import sys\nimport json\nimport hashlib\n\n\ndef run(msg):\n sha256 = hashlib.sha256(msg['payload']['default'].encode('utf-8'))\n return {'hash': sha256.hexdigest()}\n\n\nprint(json.dumps(run(json.loads(sys.argv[1]))))\n",
"type": [
"global"
]
}
}
}
}
}
},
"/automations/{id}": {
"get": {
"security": [
{
"roles": [
"automation:read"
]
}
],
"tags": [
"automations"
],
"summary": "Get a single automation",
"operationId": "getAutomation",
"parameters": [
{
"type": "string",
"x-example": "hash.sha1",
"description": "Automation ID",
"name": "id",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/AutomationResponse"
},
"examples": {
"test": {
"id": "hash.sha1",
"image": "docker.io/python:3",
"schema": "{\"title\":\"Input\",\"type\":\"object\",\"properties\":{\"default\":{\"type\":\"string\",\"title\":\"Value\"}},\"required\":[\"default\"]}",
"script": "#!/usr/bin/env python\n\nimport sys\nimport json\nimport hashlib\n\n\ndef run(msg):\n sha1 = hashlib.sha1(msg['payload']['default'].encode('utf-8'))\n return {\"hash\": sha1.hexdigest()}\n\n\nprint(json.dumps(run(json.loads(sys.argv[1]))))\n",
"type": [
"global",
"artifact",
"playbook"
]
}
}
}
}
},
"put": {
"security": [
{
"roles": [
"automation:write"
]
}
],
"tags": [
"automations"
],
"summary": "Update an existing automation",
"operationId": "updateAutomation",
"parameters": [
{
"type": "string",
"x-example": "hash.sha1",
"description": "Automation ID",
"name": "id",
"in": "path",
"required": true
},
{
"x-example": {
"id": "hash.sha1",
"image": "docker.io/python:3",
"script": "import sys\nimport json\nimport hashlib\n\n\ndef run(msg):\n sha1 = hashlib.sha1(msg['payload'].encode('utf-8'))\n return {'hash': sha1.hexdigest()}\n\n\nprint(json.dumps(run(json.loads(sys.argv[1]))))\n",
"type": [
"global",
"artifact",
"playbook"
]
},
"description": "Automation object that needs to be added",
"name": "automation",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/AutomationForm"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/AutomationResponse"
},
"examples": {
"test": {
"id": "hash.sha1",
"image": "docker.io/python:3",
"script": "import sys\nimport json\nimport hashlib\n\n\ndef run(msg):\n sha1 = hashlib.sha1(msg['payload'].encode('utf-8'))\n return {'hash': sha1.hexdigest()}\n\n\nprint(json.dumps(run(json.loads(sys.argv[1]))))\n",
"type": [
"global",
"artifact",
"playbook"
]
}
}
}
}
},
"delete": {
"security": [
{
"roles": [
"automation:write"
]
}
],
"tags": [
"automations"
],
"summary": "Delete a automation",
"operationId": "deleteAutomation",
"parameters": [
{
"type": "string",
"x-example": "hash.sha1",
"description": "Automation ID",
"name": "id",
"in": "path",
"required": true
}
],
"responses": {
"204": {
"description": "successful operation"
}
}
}
},
"/currentuser": {
"get": {
"security": [
{
"roles": [
"currentuser:read"
]
}
],
"tags": [
"users"
],
"summary": "Get current user",
"operationId": "currentUser",
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/UserResponse"
},
"examples": {
"test": {
"apikey": false,
"blocked": false,
"id": "bob",
"roles": [
"admin:backup:read",
"admin:backup:restore",
"admin:group:write",
"admin:job:read",
"admin:job:write",
"admin:log:read",
"admin:ticket:delete",
"admin:user:write",
"admin:userdata:read",
"admin:userdata:write",
"analyst:automation:read",
"analyst:currentsettings:write",
"analyst:currentuser:read",
"analyst:currentuserdata:read",
"analyst:file",
"analyst:group:read",
"analyst:playbook:read",
"analyst:rule:read",
"analyst:settings:read",
"analyst:template:read",
"analyst:ticket:read",
"analyst:ticket:write",
"analyst:tickettype:read",
"analyst:user:read",
"engineer:automation:write",
"engineer:playbook:write",
"engineer:rule:write",
"engineer:template:write",
"engineer:tickettype:write"
]
}
}
}
}
}
},
"/currentuserdata": {
"get": {
"security": [
{
"roles": [
"currentuserdata:read"
]
}
],
"tags": [
"userdata"
],
"summary": "Get current user data",
"operationId": "currentUserData",
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/UserDataResponse"
},
"examples": {
"test": {
"email": "bob@example.org",
"id": "bob",
"name": "Bob Bad"
}
}
}
}
},
"put": {
"security": [
{
"roles": [
"currentuserdata:write"
]
}
],
"tags": [
"userdata"
],
"summary": "Update current user data",
"operationId": "updateCurrentUserData",
"parameters": [
{
"x-example": {
"email": "bob@example.org",
"name": "Bob Bad"
},
"description": "User data object that needs to be added",
"name": "userdata",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/UserData"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/UserDataResponse"
},
"examples": {
"test": {
"email": "bob@example.org",
"id": "bob",
"name": "Bob Bad"
}
}
}
}
}
},
"/jobs": {
"get": {
"security": [
{
"roles": [
"job:read"
]
}
],
"tags": [
"jobs"
],
"summary": "List jobs",
"operationId": "listJobs",
"responses": {
"200": {
"description": "successful operation",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/JobResponse"
}
},
"examples": {
"test": [
{
"automation": "hash.sha1",
"id": "99cd67131b48",
"payload": "test",
"status": "created"
}
]
}
}
}
},
"post": {
"security": [
{
"roles": [
"job:write"
]
}
],
"tags": [
"jobs"
],
"summary": "Start a new job",
"operationId": "runJob",
"parameters": [
{
"x-example": {
"automation": "hash.sha1",
"message": {
"payload": "test"
}
},
"description": "New job",
"name": "job",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/JobForm"
}
}
],
"responses": {
"204": {
"description": "successful operation"
}
}
}
},
"/jobs/{id}": {
"get": {
"security": [
{
"roles": [
"job:read"
]
}
],
"tags": [
"jobs"
],
"summary": "Get a single job",
"operationId": "getJob",
"parameters": [
{
"type": "string",
"x-example": "99cd67131b48",
"description": "Job ID",
"name": "id",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/JobResponse"
},
"examples": {
"test": {
"automation": "hash.sha1",
"id": "99cd67131b48",
"payload": "test",
"status": "created"
}
}
}
}
},
"put": {
"security": [
{
"roles": [
"job:write"
]
}
],
"tags": [
"jobs"
],
"summary": "Update an existing job",
"operationId": "updateJob",
"parameters": [
{
"type": "string",
"x-example": "99cd67131b48",
"description": "Job ID",
"name": "id",
"in": "path",
"required": true
},
{
"x-example": {
"automation": "hash.sha1",
"id": "99cd67131b48",
"payload": "test",
"status": "failed"
},
"description": "Job object that needs to be added",
"name": "job",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/Job"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/JobResponse"
},
"examples": {
"test": {
"automation": "hash.sha1",
"id": "99cd67131b48",
"payload": "test",
"status": "failed"
}
}
}
}
}
},
"/logs/{reference}": {
"get": {
"security": [
{
"roles": [
"log:read"
]
}
],
"tags": [
"logs"
],
"summary": "Get log entries",
"operationId": "getLogs",
"parameters": [
{
"type": "string",
"x-example": "tickets%2F294511",
"description": "Reference",
"name": "reference",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/LogEntry"
}
},
"examples": {
"test": [
{
"created": "2021-10-02T18:05:00.333535+02:00",
"creator": "bob",
"message": "Fail run account resist lend solve incident centre priority temperature. Cause change distribution examine location technique shape partner milk customer. Rail tea plate soil report cook railway interpretation breath action. Exercise dream accept park conclusion addition shoot assistance may answer. Gold writer link stop combine hear power name commitment operation. Determine lifespan support grow degree henry exclude detail set religion. Direct library policy convention chain retain discover ride walk student. Gather proposal select march aspect play noise avoid encourage employ. Assessment preserve transport combine wish influence income guess run stand. Charge limit crime ignore statement foundation study issue stop claim.",
"reference": "tickets/294511"
}
]
}
}
}
}
},
"/playbooks": {
"get": {
"security": [
{
"roles": [
"playbook:read"
]
}
],
"tags": [
"playbooks"
],
"summary": "List playbooks",
"operationId": "listPlaybooks",
"responses": {
"200": {
"description": "successful operation",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/PlaybookTemplateResponse"
}
},
"examples": {
"test": [
{
"id": "malware",
"name": "Malware",
"yaml": "name: Malware\ntasks:\n file-or-hash:\n name: Do you have the file or the hash?\n type: input\n schema:\n title: Malware\n type: object\n properties:\n file:\n type: string\n title: \"I have the\"\n enum: [ \"File\", \"Hash\" ]\n next:\n enter-hash: \"file == 'Hash'\"\n upload: \"file == 'File'\"\n\n enter-hash:\n name: Please enter the hash\n type: input\n schema:\n title: Malware\n type: object\n properties:\n hash:\n type: string\n title: Please enter the hash value\n minlength: 32\n next:\n virustotal: \"hash != ''\"\n\n upload:\n name: Upload the malware\n type: input\n schema:\n title: Malware\n type: object\n properties:\n malware:\n type: object\n x-display: file\n title: Please upload the malware\n next:\n hash: \"malware\"\n\n hash:\n name: Hash the malware\n type: automation\n automation: hash.sha1\n payload:\n default: \"playbook.tasks['upload'].data['malware']\"\n next:\n virustotal:\n\n virustotal:\n name: Send hash to VirusTotal\n type: automation\n automation: vt.hash\n args:\n hash: \"playbook.tasks['enter-hash'].data['hash'] || playbook.tasks['hash'].data['hash']\"\n # next:\n # known-malware: \"score \u003e 5\"\n # sandbox: \"score \u003c 6\" # unknown-malware\n"
},
{
"id": "phishing",
"name": "Phishing",
"yaml": "name: Phishing\ntasks:\n board:\n name: Board Involvement?\n description: Is a board member involved?\n type: input\n schema:\n properties:\n boardInvolved:\n default: false\n title: A board member is involved.\n type: boolean\n required:\n - boardInvolved\n title: Board Involvement?\n type: object\n next:\n escalate: \"boardInvolved == true\"\n mail-available: \"boardInvolved == false\"\n\n escalate:\n name: Escalate to CISO\n description: Please escalate the task to the CISO\n type: task\n\n mail-available:\n name: Mail available\n type: input\n schema:\n oneOf:\n - properties:\n mail:\n title: Mail\n type: string\n x-display: textarea\n schemaKey:\n const: 'yes'\n type: string\n required:\n - mail\n title: 'Yes'\n - properties:\n schemaKey:\n const: 'no'\n type: string\n title: 'No'\n title: Mail available\n type: object\n next:\n block-sender: \"schemaKey == 'yes'\"\n extract-iocs: \"schemaKey == 'yes'\"\n search-email-gateway: \"schemaKey == 'no'\"\n\n search-email-gateway:\n name: Search email gateway\n description: Please search email-gateway for the phishing mail.\n type: task\n next:\n extract-iocs:\n\n block-sender:\n name: Block sender\n type: task\n next:\n extract-iocs:\n\n extract-iocs:\n name: Extract IOCs\n description: Please insert the IOCs\n type: input\n schema:\n properties:\n iocs:\n items:\n type: string\n title: IOCs\n type: array\n title: Extract IOCs\n type: object\n next:\n block-iocs:\n\n block-iocs:\n name: Block IOCs\n type: task\n"
},
{
"id": "simple",
"name": "Simple",
"yaml": "name: Simple\ntasks:\n input:\n name: Enter something to hash\n type: input\n schema:\n title: Something\n type: object\n properties:\n something:\n type: string\n title: Something\n default: \"\"\n next:\n hash: \"something != ''\"\n\n hash:\n name: Hash the something\n type: automation\n automation: hash.sha1\n payload:\n default: \"playbook.tasks['input'].data['something']\"\n next:\n comment: \"hash != ''\"\n\n comment:\n name: Comment the hash\n type: automation\n automation: comment\n payload:\n default: \"playbook.tasks['hash'].data['hash']\"\n next:\n done: \"done\"\n\n done:\n name: You can close this case now\n type: task\n"
}
]
}
}
}
},
"post": {
"security": [
{
"roles": [
"playbook:write"
]
}
],
"tags": [
"playbooks"
],
"summary": "Create a playbook",
"operationId": "createPlaybook",
"parameters": [
{
"x-example": {
"yaml": "name: Simple2\ntasks:\n input:\n name: Upload malware if possible\n type: input\n schema:\n title: Malware\n type: object\n properties:\n malware:\n type: string\n title: Select malware\n default: \"\"\n next:\n hash: \"malware != ''\"\n\n hash:\n name: Hash the malware\n type: automation\n automation: hash.sha1\n payload:\n default: \"playbook.tasks['input'].data['malware']\"\n next:\n escalate:\n\n escalate:\n name: Escalate to malware team\n type: task\n"
},
"description": "New playbook",
"name": "playbook",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/PlaybookTemplateForm"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/PlaybookTemplateResponse"
}
},
"examples": {
"test": {
"id": "simple-2",
"name": "Simple2",
"yaml": "name: Simple2\ntasks:\n input:\n name: Upload malware if possible\n type: input\n schema:\n title: Malware\n type: object\n properties:\n malware:\n type: string\n title: Select malware\n default: \"\"\n next:\n hash: \"malware != ''\"\n\n hash:\n name: Hash the malware\n type: automation\n automation: hash.sha1\n payload:\n default: \"playbook.tasks['input'].data['malware']\"\n next:\n escalate:\n\n escalate:\n name: Escalate to malware team\n type: task\n"
}
}
}
}
}
},
"/playbooks/{id}": {
"get": {
"security": [
{
"roles": [
"playbook:read"
]
}
],
"tags": [
"playbooks"
],
"summary": "Get a single playbook",
"operationId": "getPlaybook",
"parameters": [
{
"type": "string",
"x-example": "simple",
"description": "Playbook name",
"name": "id",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/PlaybookTemplateResponse"
},
"examples": {
"test": {
"id": "simple",
"name": "Simple",
"yaml": "name: Simple\ntasks:\n input:\n name: Enter something to hash\n type: input\n schema:\n title: Something\n type: object\n properties:\n something:\n type: string\n title: Something\n default: \"\"\n next:\n hash: \"something != ''\"\n\n hash:\n name: Hash the something\n type: automation\n automation: hash.sha1\n payload:\n default: \"playbook.tasks['input'].data['something']\"\n next:\n comment: \"hash != ''\"\n\n comment:\n name: Comment the hash\n type: automation\n automation: comment\n payload:\n default: \"playbook.tasks['hash'].data['hash']\"\n next:\n done: \"done\"\n\n done:\n name: You can close this case now\n type: task\n"
}
}
}
}
},
"put": {
"security": [
{
"roles": [
"playbook:write"
]
}
],
"tags": [
"playbooks"
],
"summary": "Update an existing ticket playbook",
"operationId": "updatePlaybook",
"parameters": [
{
"type": "string",
"x-example": "simple",
"description": "Playbook ID",
"name": "id",
"in": "path",
"required": true
},
{
"x-example": {
"yaml": "name: Simple\ntasks:\n input:\n name: Upload malware if possible\n type: input\n schema:\n title: Malware\n type: object\n properties:\n malware:\n type: string\n title: Select malware\n default: \"\"\n next:\n hash: \"malware != ''\"\n\n hash:\n name: Hash the malware\n type: automation\n automation: hash.sha1\n payload:\n default: \"playbook.tasks['input'].data['malware']\"\n next:\n escalate:\n\n escalate:\n name: Escalate to malware team\n type: task\n"
},
"description": "Updated playbook",
"name": "playbook",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/PlaybookTemplateForm"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/PlaybookTemplateResponse"
},
"examples": {
"test": {
"id": "simple",
"name": "Simple",
"yaml": "name: Simple\ntasks:\n input:\n name: Upload malware if possible\n type: input\n schema:\n title: Malware\n type: object\n properties:\n malware:\n type: string\n title: Select malware\n default: \"\"\n next:\n hash: \"malware != ''\"\n\n hash:\n name: Hash the malware\n type: automation\n automation: hash.sha1\n payload:\n default: \"playbook.tasks['input'].data['malware']\"\n next:\n escalate:\n\n escalate:\n name: Escalate to malware team\n type: task\n"
}
}
}
}
},
"delete": {
"security": [
{
"roles": [
"playbook:write"
]
}
],
"tags": [
"playbooks"
],
"summary": "Delete a playbook",
"operationId": "deletePlaybook",
"parameters": [
{
"type": "string",
"x-example": "simple",
"description": "Playbook name",
"name": "id",
"in": "path",
"required": true
}
],
"responses": {
"204": {
"description": "successful operation"
}
}
}
},
"/settings": {
"get": {
"security": [
{
"roles": [
"settings:read"
]
}
],
"tags": [
"settings"
],
"summary": "Get settings",
"operationId": "getSettings",
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/Settings"
},
"examples": {
"test": {
"artifactStates": [
{
"color": "info",
"icon": "mdi-help-circle-outline",
"id": "unknown",
"name": "Unknown"
},
{
"color": "error",
"icon": "mdi-skull",
"id": "malicious",
"name": "Malicious"
},
{
"color": "success",
"icon": "mdi-check",
"id": "clean",
"name": "Clean"
}
],
"roles": [
"admin:backup:read",
"admin:backup:restore",
"admin:group:write",
"admin:job:read",
"admin:job:write",
"admin:log:read",
"admin:ticket:delete",
"admin:user:write",
"admin:userdata:read",
"admin:userdata:write",
"analyst:automation:read",
"analyst:currentsettings:write",
"analyst:currentuser:read",
"analyst:currentuserdata:read",
"analyst:file",
"analyst:group:read",
"analyst:playbook:read",
"analyst:rule:read",
"analyst:settings:read",
"analyst:template:read",
"analyst:ticket:read",
"analyst:ticket:write",
"analyst:tickettype:read",
"analyst:user:read",
"engineer:automation:write",
"engineer:playbook:write",
"engineer:rule:write",
"engineer:template:write",
"engineer:tickettype:write"
],
"ticketTypes": [
{
"default_playbooks": [],
"default_template": "default",
"icon": "mdi-alert",
"id": "alert",
"name": "Alerts"
},
{
"default_playbooks": [],
"default_template": "default",
"icon": "mdi-radioactive",
"id": "incident",
"name": "Incidents"
},
{
"default_playbooks": [],
"default_template": "default",
"icon": "mdi-fingerprint",
"id": "investigation",
"name": "Forensic Investigations"
},
{
"default_playbooks": [],
"default_template": "default",
"icon": "mdi-target",
"id": "hunt",
"name": "Threat Hunting"
}
],
"tier": "community",
"timeformat": "YYYY-MM-DDThh:mm:ss",
"version": "0.0.0-test"
}
}
}
}
}
},
"/statistics": {
"get": {
"security": [
{
"roles": [
"ticket:read"
]
}
],
"tags": [
"statistics"
],
"summary": "Get statistics",
"operationId": "getStatistics",
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/Statistics"
},
"examples": {
"test": {
"open_tickets_per_user": {},
"tickets_per_type": {
"alert": 2,
"incident": 1
},
"tickets_per_week": {
"2021-39": 3
},
"unassigned": 0
}
}
}
}
}
},
"/tasks": {
"get": {
"security": [
{
"roles": [
"ticket:read"
]
}
],
"tags": [
"tasks"
],
"summary": "List tasks",
"operationId": "listTasks",
"responses": {
"200": {
"description": "successful operation",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/TaskResponse"
}
},
"examples": {
"test": []
}
}
}
}
},
"/templates": {
"get": {
"security": [
{
"roles": [
"template:read"
]
}
],
"tags": [
"templates"
],
"summary": "List templates",
"operationId": "listTemplates",
"responses": {
"200": {
"description": "successful operation",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/TicketTemplateResponse"
}
},
"examples": {
"test": [
{
"id": "default",
"name": "Default",
"schema": "{\n \"definitions\": {},\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"$id\": \"https://example.com/object1618746510.json\",\n \"title\": \"Default\",\n \"type\": \"object\",\n \"required\": [\n \"severity\",\n \"description\",\n \"tlp\"\n ],\n \"properties\": {\n \"severity\": {\n \"$id\": \"#root/severity\",\n \"title\": \"Severity\",\n \"type\": \"string\",\n \"default\": \"Medium\",\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"Low\",\n \"title\": \"Low\",\n \"icon\": \"mdi-chevron-up\"\n },\n {\n \"const\": \"Medium\",\n \"title\": \"Medium\",\n \"icon\": \"mdi-chevron-double-up\"\n },\n {\n \"const\": \"High\",\n \"title\": \"High\",\n \"icon\": \"mdi-chevron-triple-up\"\n }\n ]\n },\n \"tlp\": {\n \"$id\": \"#root/tlp\",\n \"title\": \"TLP\",\n \"type\": \"string\",\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"White\",\n \"title\": \"White\",\n \"icon\": \"mdi-alpha-w\"\n },\n {\n \"const\": \"Green\",\n \"title\": \"Green\",\n \"icon\": \"mdi-alpha-g\"\n },\n {\n \"const\": \"Amber\",\n \"title\": \"Amber\",\n \"icon\": \"mdi-alpha-a\"\n },\n {\n \"const\": \"Red\",\n \"title\": \"Red\",\n \"icon\": \"mdi-alpha-r\"\n }\n ]\n },\n \"description\": {\n \"$id\": \"#root/description\",\n \"title\": \"Description\",\n \"type\": \"string\",\n \"x-display\": \"textarea\",\n \"x-class\": \"pr-2\"\n }\n }\n}\n"
}
]
}
}
}
},
"post": {
"security": [
{
"roles": [
"template:write"
]
}
],
"tags": [
"templates"
],
"summary": "Create a new template",
"operationId": "createTemplate",
"parameters": [
{
"x-example": {
"name": "My Template",
"schema": "{\n \"definitions\": {},\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"$id\": \"https://example.com/object1618746510.json\",\n \"title\": \"Event\",\n \"type\": \"object\",\n \"required\": [\n \"severity\",\n \"description\",\n \"tlp\"\n ],\n \"properties\": {\n \"severity\": {\n \"$id\": \"#root/severity\",\n \"title\": \"Severity\",\n \"type\": \"string\",\n \"default\": \"Medium\",\n \"nx-enum\": [\n \"Low\",\n \"Medium\",\n \"High\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"Low\",\n \"title\": \"Low\",\n \"icon\": \"mdi-chevron-up\"\n },\n {\n \"const\": \"Medium\",\n \"title\": \"Medium\",\n \"icon\": \"mdi-chevron-double-up\"\n },\n {\n \"const\": \"High\",\n \"title\": \"High\",\n \"icon\": \"mdi-chevron-triple-up\"\n }\n ]\n },\n \"tlp\": {\n \"$id\": \"#root/tlp\",\n \"title\": \"TLP\",\n \"type\": \"string\",\n \"nx-enum\": [\n \"White\",\n \"Green\",\n \"Amber\",\n \"Red\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"White\",\n \"title\": \"White\",\n \"icon\": \"mdi-alpha-w\"\n },\n {\n \"const\": \"Green\",\n \"title\": \"Green\",\n \"icon\": \"mdi-alpha-g\"\n },\n {\n \"const\": \"Amber\",\n \"title\": \"Amber\",\n \"icon\": \"mdi-alpha-a\"\n },\n {\n \"const\": \"Red\",\n \"title\": \"Red\",\n \"icon\": \"mdi-alpha-r\"\n }\n ]\n },\n \"description\": {\n \"$id\": \"#root/description\",\n \"title\": \"Description\",\n \"type\": \"string\",\n \"x-display\": \"textarea\",\n \"x-class\": \"pr-2\"\n }\n }\n}\n"
},
"description": "New template",
"name": "template",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/TicketTemplateForm"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketTemplateResponse"
},
"examples": {
"test": {
"id": "my-template",
"name": "My Template",
"schema": "{\n \"definitions\": {},\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"$id\": \"https://example.com/object1618746510.json\",\n \"title\": \"Event\",\n \"type\": \"object\",\n \"required\": [\n \"severity\",\n \"description\",\n \"tlp\"\n ],\n \"properties\": {\n \"severity\": {\n \"$id\": \"#root/severity\",\n \"title\": \"Severity\",\n \"type\": \"string\",\n \"default\": \"Medium\",\n \"nx-enum\": [\n \"Low\",\n \"Medium\",\n \"High\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"Low\",\n \"title\": \"Low\",\n \"icon\": \"mdi-chevron-up\"\n },\n {\n \"const\": \"Medium\",\n \"title\": \"Medium\",\n \"icon\": \"mdi-chevron-double-up\"\n },\n {\n \"const\": \"High\",\n \"title\": \"High\",\n \"icon\": \"mdi-chevron-triple-up\"\n }\n ]\n },\n \"tlp\": {\n \"$id\": \"#root/tlp\",\n \"title\": \"TLP\",\n \"type\": \"string\",\n \"nx-enum\": [\n \"White\",\n \"Green\",\n \"Amber\",\n \"Red\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"White\",\n \"title\": \"White\",\n \"icon\": \"mdi-alpha-w\"\n },\n {\n \"const\": \"Green\",\n \"title\": \"Green\",\n \"icon\": \"mdi-alpha-g\"\n },\n {\n \"const\": \"Amber\",\n \"title\": \"Amber\",\n \"icon\": \"mdi-alpha-a\"\n },\n {\n \"const\": \"Red\",\n \"title\": \"Red\",\n \"icon\": \"mdi-alpha-r\"\n }\n ]\n },\n \"description\": {\n \"$id\": \"#root/description\",\n \"title\": \"Description\",\n \"type\": \"string\",\n \"x-display\": \"textarea\",\n \"x-class\": \"pr-2\"\n }\n }\n}\n"
}
}
}
}
}
},
"/templates/{id}": {
"get": {
"security": [
{
"roles": [
"template:read"
]
}
],
"tags": [
"templates"
],
"summary": "Get a single template",
"operationId": "getTemplate",
"parameters": [
{
"type": "string",
"x-example": "default",
"description": "Template ID",
"name": "id",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketTemplateResponse"
},
"examples": {
"test": {
"id": "default",
"name": "Default",
"schema": "{\n \"definitions\": {},\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"$id\": \"https://example.com/object1618746510.json\",\n \"title\": \"Default\",\n \"type\": \"object\",\n \"required\": [\n \"severity\",\n \"description\",\n \"tlp\"\n ],\n \"properties\": {\n \"severity\": {\n \"$id\": \"#root/severity\",\n \"title\": \"Severity\",\n \"type\": \"string\",\n \"default\": \"Medium\",\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"Low\",\n \"title\": \"Low\",\n \"icon\": \"mdi-chevron-up\"\n },\n {\n \"const\": \"Medium\",\n \"title\": \"Medium\",\n \"icon\": \"mdi-chevron-double-up\"\n },\n {\n \"const\": \"High\",\n \"title\": \"High\",\n \"icon\": \"mdi-chevron-triple-up\"\n }\n ]\n },\n \"tlp\": {\n \"$id\": \"#root/tlp\",\n \"title\": \"TLP\",\n \"type\": \"string\",\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"White\",\n \"title\": \"White\",\n \"icon\": \"mdi-alpha-w\"\n },\n {\n \"const\": \"Green\",\n \"title\": \"Green\",\n \"icon\": \"mdi-alpha-g\"\n },\n {\n \"const\": \"Amber\",\n \"title\": \"Amber\",\n \"icon\": \"mdi-alpha-a\"\n },\n {\n \"const\": \"Red\",\n \"title\": \"Red\",\n \"icon\": \"mdi-alpha-r\"\n }\n ]\n },\n \"description\": {\n \"$id\": \"#root/description\",\n \"title\": \"Description\",\n \"type\": \"string\",\n \"x-display\": \"textarea\",\n \"x-class\": \"pr-2\"\n }\n }\n}\n"
}
}
}
}
},
"put": {
"security": [
{
"roles": [
"template:write"
]
}
],
"tags": [
"templates"
],
"summary": "Update an existing template",
"operationId": "updateTemplate",
"parameters": [
{
"type": "string",
"x-example": "default",
"description": "Template ID",
"name": "id",
"in": "path",
"required": true
},
{
"x-example": {
"name": "My Template",
"schema": "{\n \"definitions\": {},\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"$id\": \"https://example.com/object1618746510.json\",\n \"title\": \"Event\",\n \"type\": \"object\",\n \"required\": [\n \"severity\",\n \"description\",\n \"tlp\"\n ],\n \"properties\": {\n \"severity\": {\n \"$id\": \"#root/severity\",\n \"title\": \"Severity\",\n \"type\": \"string\",\n \"default\": \"Medium\",\n \"nx-enum\": [\n \"Low\",\n \"Medium\",\n \"High\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"Low\",\n \"title\": \"Low\",\n \"icon\": \"mdi-chevron-up\"\n },\n {\n \"const\": \"Medium\",\n \"title\": \"Medium\",\n \"icon\": \"mdi-chevron-double-up\"\n },\n {\n \"const\": \"High\",\n \"title\": \"High\",\n \"icon\": \"mdi-chevron-triple-up\"\n }\n ]\n },\n \"tlp\": {\n \"$id\": \"#root/tlp\",\n \"title\": \"TLP\",\n \"type\": \"string\",\n \"nx-enum\": [\n \"White\",\n \"Green\",\n \"Amber\",\n \"Red\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"White\",\n \"title\": \"White\",\n \"icon\": \"mdi-alpha-w\"\n },\n {\n \"const\": \"Green\",\n \"title\": \"Green\",\n \"icon\": \"mdi-alpha-g\"\n },\n {\n \"const\": \"Amber\",\n \"title\": \"Amber\",\n \"icon\": \"mdi-alpha-a\"\n },\n {\n \"const\": \"Red\",\n \"title\": \"Red\",\n \"icon\": \"mdi-alpha-r\"\n }\n ]\n },\n \"description\": {\n \"$id\": \"#root/description\",\n \"title\": \"Description\",\n \"type\": \"string\",\n \"x-display\": \"textarea\",\n \"x-class\": \"pr-2\"\n }\n }\n}\n"
},
"description": "Template object that needs to be added",
"name": "template",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/TicketTemplateForm"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketTemplateResponse"
},
"examples": {
"test": {
"id": "default",
"name": "My Template",
"schema": "{\n \"definitions\": {},\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"$id\": \"https://example.com/object1618746510.json\",\n \"title\": \"Event\",\n \"type\": \"object\",\n \"required\": [\n \"severity\",\n \"description\",\n \"tlp\"\n ],\n \"properties\": {\n \"severity\": {\n \"$id\": \"#root/severity\",\n \"title\": \"Severity\",\n \"type\": \"string\",\n \"default\": \"Medium\",\n \"nx-enum\": [\n \"Low\",\n \"Medium\",\n \"High\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"Low\",\n \"title\": \"Low\",\n \"icon\": \"mdi-chevron-up\"\n },\n {\n \"const\": \"Medium\",\n \"title\": \"Medium\",\n \"icon\": \"mdi-chevron-double-up\"\n },\n {\n \"const\": \"High\",\n \"title\": \"High\",\n \"icon\": \"mdi-chevron-triple-up\"\n }\n ]\n },\n \"tlp\": {\n \"$id\": \"#root/tlp\",\n \"title\": \"TLP\",\n \"type\": \"string\",\n \"nx-enum\": [\n \"White\",\n \"Green\",\n \"Amber\",\n \"Red\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"White\",\n \"title\": \"White\",\n \"icon\": \"mdi-alpha-w\"\n },\n {\n \"const\": \"Green\",\n \"title\": \"Green\",\n \"icon\": \"mdi-alpha-g\"\n },\n {\n \"const\": \"Amber\",\n \"title\": \"Amber\",\n \"icon\": \"mdi-alpha-a\"\n },\n {\n \"const\": \"Red\",\n \"title\": \"Red\",\n \"icon\": \"mdi-alpha-r\"\n }\n ]\n },\n \"description\": {\n \"$id\": \"#root/description\",\n \"title\": \"Description\",\n \"type\": \"string\",\n \"x-display\": \"textarea\",\n \"x-class\": \"pr-2\"\n }\n }\n}\n"
}
}
}
}
},
"delete": {
"security": [
{
"roles": [
"template:write"
]
}
],
"tags": [
"templates"
],
"summary": "Delete a template",
"operationId": "deleteTemplate",
"parameters": [
{
"type": "string",
"x-example": "default",
"description": "Template ID",
"name": "id",
"in": "path",
"required": true
}
],
"responses": {
"204": {
"description": "successful operation"
}
}
}
},
"/tickets": {
"get": {
"security": [
{
"roles": [
"ticket:read"
]
}
],
"tags": [
"tickets"
],
"summary": "List tickets",
"operationId": "listTickets",
"parameters": [
{
"type": "string",
"description": "Ticket Type",
"name": "type",
"in": "query"
},
{
"type": "integer",
"default": 0,
"description": "Offset of the list",
"name": "offset",
"in": "query"
},
{
"maximum": 100,
"type": "integer",
"default": 25,
"description": "Number of tickets",
"name": "count",
"in": "query"
},
{
"type": "array",
"items": {
"type": "string"
},
"description": "Sort columns",
"name": "sort",
"in": "query"
},
{
"type": "array",
"items": {
"type": "boolean"
},
"description": "Sort descending",
"name": "desc",
"in": "query"
},
{
"type": "string",
"description": "Search query",
"name": "query",
"in": "query"
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketList"
},
"examples": {
"test": {
"count": 3,
"tickets": [
{
"artifacts": [
{
"name": "94d5cab6f5fe3422a447ab15436e7a672bc0c09a",
"status": "unknown"
},
{
"name": "http://www.customerviral.io/scalable/vertical/killer",
"status": "clean"
},
{
"name": "leadreintermediate.io",
"status": "malicious"
}
],
"created": "2021-10-02T18:04:59.078206+02:00",
"id": 8123,
"modified": "2021-10-02T18:04:59.078206+02:00",
"name": "live zebra",
"owner": "demo",
"playbooks": {
"phishing": {
"name": "Phishing",
"tasks": {
"block-iocs": {
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block IOCs",
"type": "task"
},
"block-sender": {
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block sender",
"next": {
"extract-iocs": ""
},
"type": "task"
},
"board": {
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Board Involvement?",
"next": {
"escalate": "boardInvolved == true",
"mail-available": "boardInvolved == false"
},
"schema": {
"properties": {
"boardInvolved": {
"default": false,
"title": "A board member is involved.",
"type": "boolean"
}
},
"required": [
"boardInvolved"
],
"title": "Board Involvement?",
"type": "object"
},
"type": "input"
},
"escalate": {
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Escalate to CISO",
"type": "task"
},
"extract-iocs": {
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Extract IOCs",
"next": {
"block-iocs": ""
},
"schema": {
"properties": {
"iocs": {
"items": {
"type": "string"
},
"title": "IOCs",
"type": "array"
}
},
"title": "Extract IOCs",
"type": "object"
},
"type": "input"
},
"mail-available": {
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Mail available",
"next": {
"block-sender": "schemaKey == 'yes'",
"extract-iocs": "schemaKey == 'yes'",
"search-email-gateway": "schemaKey == 'no'"
},
"schema": {
"oneOf": [
{
"properties": {
"mail": {
"title": "Mail",
"type": "string",
"x-display": "textarea"
},
"schemaKey": {
"const": "yes",
"type": "string"
}
},
"required": [
"mail"
],
"title": "Yes"
},
{
"properties": {
"schemaKey": {
"const": "no",
"type": "string"
}
},
"title": "No"
}
],
"title": "Mail available",
"type": "object"
},
"type": "input"
},
"search-email-gateway": {
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Search email gateway",
"next": {
"extract-iocs": ""
},
"type": "task"
}
}
}
},
"references": [
{
"href": "https://www.leadmaximize.net/e-services/back-end",
"name": "performance"
},
{
"href": "http://www.corporateinteractive.name/rich",
"name": "autumn"
},
{
"href": "https://www.corporateintuitive.org/intuitive/platforms/integrate",
"name": "suggest"
}
],
"schema": "{\n \"definitions\": {},\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"$id\": \"https://example.com/object1618746510.json\",\n \"title\": \"Event\",\n \"type\": \"object\",\n \"required\": [\n \"severity\",\n \"description\",\n \"tlp\"\n ],\n \"properties\": {\n \"severity\": {\n \"$id\": \"#root/severity\",\n \"title\": \"Severity\",\n \"type\": \"string\",\n \"default\": \"Medium\",\n \"nx-enum\": [\n \"Low\",\n \"Medium\",\n \"High\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"Low\",\n \"title\": \"Low\",\n \"icon\": \"mdi-chevron-up\"\n },\n {\n \"const\": \"Medium\",\n \"title\": \"Medium\",\n \"icon\": \"mdi-chevron-double-up\"\n },\n {\n \"const\": \"High\",\n \"title\": \"High\",\n \"icon\": \"mdi-chevron-triple-up\"\n }\n ]\n },\n \"tlp\": {\n \"$id\": \"#root/tlp\",\n \"title\": \"TLP\",\n \"type\": \"string\",\n \"nx-enum\": [\n \"White\",\n \"Green\",\n \"Amber\",\n \"Red\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"White\",\n \"title\": \"White\",\n \"icon\": \"mdi-alpha-w\"\n },\n {\n \"const\": \"Green\",\n \"title\": \"Green\",\n \"icon\": \"mdi-alpha-g\"\n },\n {\n \"const\": \"Amber\",\n \"title\": \"Amber\",\n \"icon\": \"mdi-alpha-a\"\n },\n {\n \"const\": \"Red\",\n \"title\": \"Red\",\n \"icon\": \"mdi-alpha-r\"\n }\n ]\n },\n \"description\": {\n \"$id\": \"#root/description\",\n \"title\": \"Description\",\n \"type\": \"string\",\n \"x-display\": \"textarea\",\n \"x-class\": \"pr-2\"\n }\n }\n}\n",
"status": "closed",
"type": "incident"
},
{
"created": "2021-10-02T18:04:59.078186+02:00",
"id": 8125,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "phishing from selenafadel@von.com detected",
"owner": "demo",
"references": [
{
"href": "https://www.seniorleading-edge.name/users/efficient",
"name": "recovery"
},
{
"href": "http://www.dynamicseamless.com/clicks-and-mortar",
"name": "force"
},
{
"href": "http://www.leadscalable.biz/envisioneer",
"name": "fund"
}
],
"schema": "{}",
"status": "closed",
"type": "alert"
},
{
"created": "2021-10-02T18:04:59.078186+02:00",
"id": 8126,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "Surfaceintroduce virus detected",
"owner": "demo",
"references": [
{
"href": "http://www.centralworld-class.io/synthesize",
"name": "university"
},
{
"href": "https://www.futurevirtual.org/supply-chains/markets/sticky/iterate",
"name": "goal"
},
{
"href": "http://www.chiefsyndicate.io/action-items",
"name": "unemployment"
}
],
"schema": "{}",
"status": "closed",
"type": "alert"
}
]
}
}
}
}
},
"post": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Create a new ticket",
"operationId": "createTicket",
"parameters": [
{
"x-example": {
"id": 123,
"name": "Wannacry infection",
"owner": "bob",
"status": "open",
"type": "incident"
},
"description": "New ticket",
"name": "ticket",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/TicketForm"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketResponse"
},
"examples": {
"test": {
"created": "1985-04-12T23:20:50.52Z",
"id": 123,
"modified": "1985-04-12T23:20:50.52Z",
"name": "Wannacry infection",
"owner": "bob",
"schema": "{}",
"status": "open",
"type": "incident"
}
}
}
}
}
},
"/tickets/batch": {
"post": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Create a new tickets in batch",
"operationId": "createTicketBatch",
"parameters": [
{
"x-example": [
{
"id": 123,
"name": "Wannacry infection",
"owner": "bob",
"status": "open",
"type": "incident"
}
],
"description": "New ticket",
"name": "ticket",
"in": "body",
"required": true,
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/TicketForm"
}
}
}
],
"responses": {
"204": {
"description": "successful operation"
}
}
}
},
"/tickets/{id}": {
"get": {
"security": [
{
"roles": [
"ticket:read"
]
}
],
"tags": [
"tickets"
],
"summary": "Get a single ticket",
"operationId": "getTicket",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8125,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketResponse"
},
"examples": {
"test": {
"created": "2021-10-02T18:04:59.078186+02:00",
"id": 8125,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "phishing from selenafadel@von.com detected",
"owner": "demo",
"references": [
{
"href": "https://www.seniorleading-edge.name/users/efficient",
"name": "recovery"
},
{
"href": "http://www.dynamicseamless.com/clicks-and-mortar",
"name": "force"
},
{
"href": "http://www.leadscalable.biz/envisioneer",
"name": "fund"
}
],
"schema": "{}",
"status": "closed",
"tickets": [
{
"created": "2021-10-02T18:04:59.078186+02:00",
"id": 8126,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "Surfaceintroduce virus detected",
"owner": "demo",
"references": [
{
"href": "http://www.centralworld-class.io/synthesize",
"name": "university"
},
{
"href": "https://www.futurevirtual.org/supply-chains/markets/sticky/iterate",
"name": "goal"
},
{
"href": "http://www.chiefsyndicate.io/action-items",
"name": "unemployment"
}
],
"schema": "{}",
"status": "closed",
"type": "alert"
}
],
"type": "alert"
}
}
}
}
},
"put": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Update an existing ticket",
"operationId": "updateTicket",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8125,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"x-example": {
"created": "2021-10-02T18:04:59.078186+02:00",
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "phishing from selenafadel@von.org detected",
"owner": "demo",
"references": [
{
"href": "https://www.seniorleading-edge.name/users/efficient",
"name": "recovery"
},
{
"href": "http://www.dynamicseamless.com/clicks-and-mortar",
"name": "force"
},
{
"href": "http://www.leadscalable.biz/envisioneer",
"name": "fund"
}
],
"schema": "{}",
"status": "closed",
"type": "alert"
},
"description": "Updated ticket",
"name": "ticket",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/Ticket"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketResponse"
},
"examples": {
"test": {
"created": "2021-10-02T18:04:59.078186+02:00",
"id": 8125,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "phishing from selenafadel@von.org detected",
"owner": "demo",
"references": [
{
"href": "https://www.seniorleading-edge.name/users/efficient",
"name": "recovery"
},
{
"href": "http://www.dynamicseamless.com/clicks-and-mortar",
"name": "force"
},
{
"href": "http://www.leadscalable.biz/envisioneer",
"name": "fund"
}
],
"schema": "{}",
"status": "closed",
"tickets": [
{
"created": "2021-10-02T18:04:59.078186+02:00",
"id": 8126,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "Surfaceintroduce virus detected",
"owner": "demo",
"references": [
{
"href": "http://www.centralworld-class.io/synthesize",
"name": "university"
},
{
"href": "https://www.futurevirtual.org/supply-chains/markets/sticky/iterate",
"name": "goal"
},
{
"href": "http://www.chiefsyndicate.io/action-items",
"name": "unemployment"
}
],
"schema": "{}",
"status": "closed",
"type": "alert"
}
],
"type": "alert"
}
}
}
}
},
"delete": {
"security": [
{
"roles": [
"ticket:delete"
]
}
],
"tags": [
"tickets"
],
"summary": "Delete an ticket",
"operationId": "deleteTicket",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8125,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
}
],
"responses": {
"204": {
"description": "successful operation"
}
}
}
},
"/tickets/{id}/artifacts": {
"post": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Add a single artifact",
"operationId": "addArtifact",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8123,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"x-example": {
"name": "2.2.2.2"
},
"description": "Artifact object that needs to be added",
"name": "artifact",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/Artifact"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketResponse"
},
"examples": {
"test": {
"artifacts": [
{
"name": "94d5cab6f5fe3422a447ab15436e7a672bc0c09a",
"status": "unknown"
},
{
"name": "http://www.customerviral.io/scalable/vertical/killer",
"status": "clean"
},
{
"name": "leadreintermediate.io",
"status": "malicious"
},
{
"name": "2.2.2.2",
"status": "unknown",
"type": "ip"
}
],
"created": "2021-10-02T18:04:59.078206+02:00",
"id": 8123,
"modified": "2021-10-02T18:04:59.078206+02:00",
"name": "live zebra",
"owner": "demo",
"playbooks": {
"phishing": {
"name": "Phishing",
"tasks": {
"block-iocs": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block IOCs",
"order": 6,
"type": "task"
},
"block-sender": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block sender",
"next": {
"extract-iocs": ""
},
"order": 3,
"type": "task"
},
"board": {
"active": true,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Board Involvement?",
"next": {
"escalate": "boardInvolved == true",
"mail-available": "boardInvolved == false"
},
"order": 0,
"schema": {
"properties": {
"boardInvolved": {
"default": false,
"title": "A board member is involved.",
"type": "boolean"
}
},
"required": [
"boardInvolved"
],
"title": "Board Involvement?",
"type": "object"
},
"type": "input"
},
"escalate": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Escalate to CISO",
"order": 1,
"type": "task"
},
"extract-iocs": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Extract IOCs",
"next": {
"block-iocs": ""
},
"order": 5,
"schema": {
"properties": {
"iocs": {
"items": {
"type": "string"
},
"title": "IOCs",
"type": "array"
}
},
"title": "Extract IOCs",
"type": "object"
},
"type": "input"
},
"mail-available": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Mail available",
"next": {
"block-sender": "schemaKey == 'yes'",
"extract-iocs": "schemaKey == 'yes'",
"search-email-gateway": "schemaKey == 'no'"
},
"order": 2,
"schema": {
"oneOf": [
{
"properties": {
"mail": {
"title": "Mail",
"type": "string",
"x-display": "textarea"
},
"schemaKey": {
"const": "yes",
"type": "string"
}
},
"required": [
"mail"
],
"title": "Yes"
},
{
"properties": {
"schemaKey": {
"const": "no",
"type": "string"
}
},
"title": "No"
}
],
"title": "Mail available",
"type": "object"
},
"type": "input"
},
"search-email-gateway": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Search email gateway",
"next": {
"extract-iocs": ""
},
"order": 4,
"type": "task"
}
}
}
},
"references": [
{
"href": "https://www.leadmaximize.net/e-services/back-end",
"name": "performance"
},
{
"href": "http://www.corporateinteractive.name/rich",
"name": "autumn"
},
{
"href": "https://www.corporateintuitive.org/intuitive/platforms/integrate",
"name": "suggest"
}
],
"schema": "{\n \"definitions\": {},\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"$id\": \"https://example.com/object1618746510.json\",\n \"title\": \"Event\",\n \"type\": \"object\",\n \"required\": [\n \"severity\",\n \"description\",\n \"tlp\"\n ],\n \"properties\": {\n \"severity\": {\n \"$id\": \"#root/severity\",\n \"title\": \"Severity\",\n \"type\": \"string\",\n \"default\": \"Medium\",\n \"nx-enum\": [\n \"Low\",\n \"Medium\",\n \"High\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"Low\",\n \"title\": \"Low\",\n \"icon\": \"mdi-chevron-up\"\n },\n {\n \"const\": \"Medium\",\n \"title\": \"Medium\",\n \"icon\": \"mdi-chevron-double-up\"\n },\n {\n \"const\": \"High\",\n \"title\": \"High\",\n \"icon\": \"mdi-chevron-triple-up\"\n }\n ]\n },\n \"tlp\": {\n \"$id\": \"#root/tlp\",\n \"title\": \"TLP\",\n \"type\": \"string\",\n \"nx-enum\": [\n \"White\",\n \"Green\",\n \"Amber\",\n \"Red\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"White\",\n \"title\": \"White\",\n \"icon\": \"mdi-alpha-w\"\n },\n {\n \"const\": \"Green\",\n \"title\": \"Green\",\n \"icon\": \"mdi-alpha-g\"\n },\n {\n \"const\": \"Amber\",\n \"title\": \"Amber\",\n \"icon\": \"mdi-alpha-a\"\n },\n {\n \"const\": \"Red\",\n \"title\": \"Red\",\n \"icon\": \"mdi-alpha-r\"\n }\n ]\n },\n \"description\": {\n \"$id\": \"#root/description\",\n \"title\": \"Description\",\n \"type\": \"string\",\n \"x-display\": \"textarea\",\n \"x-class\": \"pr-2\"\n }\n }\n}\n",
"status": "closed",
"type": "incident"
}
}
}
}
}
},
"/tickets/{id}/artifacts/{name}": {
"get": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Get a single artifact",
"operationId": "getArtifact",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8123,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"type": "string",
"x-example": "leadreintermediate.io",
"name": "name",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/Artifact"
},
"examples": {
"test": {
"name": "leadreintermediate.io",
"status": "malicious"
}
}
}
}
},
"put": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Set a single artifact",
"operationId": "setArtifact",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8123,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"type": "string",
"x-example": "leadreintermediate.io",
"name": "name",
"in": "path",
"required": true
},
{
"x-example": {
"name": "leadreintermediate.io",
"status": "clean"
},
"name": "artifact",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/Artifact"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketResponse"
},
"examples": {
"test": {
"artifacts": [
{
"name": "94d5cab6f5fe3422a447ab15436e7a672bc0c09a",
"status": "unknown"
},
{
"name": "http://www.customerviral.io/scalable/vertical/killer",
"status": "clean"
},
{
"name": "leadreintermediate.io",
"status": "clean"
}
],
"created": "2021-10-02T18:04:59.078206+02:00",
"id": 8123,
"modified": "2021-10-02T18:04:59.078206+02:00",
"name": "live zebra",
"owner": "demo",
"playbooks": {
"phishing": {
"name": "Phishing",
"tasks": {
"block-iocs": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block IOCs",
"order": 6,
"type": "task"
},
"block-sender": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block sender",
"next": {
"extract-iocs": ""
},
"order": 3,
"type": "task"
},
"board": {
"active": true,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Board Involvement?",
"next": {
"escalate": "boardInvolved == true",
"mail-available": "boardInvolved == false"
},
"order": 0,
"schema": {
"properties": {
"boardInvolved": {
"default": false,
"title": "A board member is involved.",
"type": "boolean"
}
},
"required": [
"boardInvolved"
],
"title": "Board Involvement?",
"type": "object"
},
"type": "input"
},
"escalate": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Escalate to CISO",
"order": 1,
"type": "task"
},
"extract-iocs": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Extract IOCs",
"next": {
"block-iocs": ""
},
"order": 5,
"schema": {
"properties": {
"iocs": {
"items": {
"type": "string"
},
"title": "IOCs",
"type": "array"
}
},
"title": "Extract IOCs",
"type": "object"
},
"type": "input"
},
"mail-available": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Mail available",
"next": {
"block-sender": "schemaKey == 'yes'",
"extract-iocs": "schemaKey == 'yes'",
"search-email-gateway": "schemaKey == 'no'"
},
"order": 2,
"schema": {
"oneOf": [
{
"properties": {
"mail": {
"title": "Mail",
"type": "string",
"x-display": "textarea"
},
"schemaKey": {
"const": "yes",
"type": "string"
}
},
"required": [
"mail"
],
"title": "Yes"
},
{
"properties": {
"schemaKey": {
"const": "no",
"type": "string"
}
},
"title": "No"
}
],
"title": "Mail available",
"type": "object"
},
"type": "input"
},
"search-email-gateway": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Search email gateway",
"next": {
"extract-iocs": ""
},
"order": 4,
"type": "task"
}
}
}
},
"references": [
{
"href": "https://www.leadmaximize.net/e-services/back-end",
"name": "performance"
},
{
"href": "http://www.corporateinteractive.name/rich",
"name": "autumn"
},
{
"href": "https://www.corporateintuitive.org/intuitive/platforms/integrate",
"name": "suggest"
}
],
"schema": "{\n \"definitions\": {},\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"$id\": \"https://example.com/object1618746510.json\",\n \"title\": \"Event\",\n \"type\": \"object\",\n \"required\": [\n \"severity\",\n \"description\",\n \"tlp\"\n ],\n \"properties\": {\n \"severity\": {\n \"$id\": \"#root/severity\",\n \"title\": \"Severity\",\n \"type\": \"string\",\n \"default\": \"Medium\",\n \"nx-enum\": [\n \"Low\",\n \"Medium\",\n \"High\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"Low\",\n \"title\": \"Low\",\n \"icon\": \"mdi-chevron-up\"\n },\n {\n \"const\": \"Medium\",\n \"title\": \"Medium\",\n \"icon\": \"mdi-chevron-double-up\"\n },\n {\n \"const\": \"High\",\n \"title\": \"High\",\n \"icon\": \"mdi-chevron-triple-up\"\n }\n ]\n },\n \"tlp\": {\n \"$id\": \"#root/tlp\",\n \"title\": \"TLP\",\n \"type\": \"string\",\n \"nx-enum\": [\n \"White\",\n \"Green\",\n \"Amber\",\n \"Red\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"White\",\n \"title\": \"White\",\n \"icon\": \"mdi-alpha-w\"\n },\n {\n \"const\": \"Green\",\n \"title\": \"Green\",\n \"icon\": \"mdi-alpha-g\"\n },\n {\n \"const\": \"Amber\",\n \"title\": \"Amber\",\n \"icon\": \"mdi-alpha-a\"\n },\n {\n \"const\": \"Red\",\n \"title\": \"Red\",\n \"icon\": \"mdi-alpha-r\"\n }\n ]\n },\n \"description\": {\n \"$id\": \"#root/description\",\n \"title\": \"Description\",\n \"type\": \"string\",\n \"x-display\": \"textarea\",\n \"x-class\": \"pr-2\"\n }\n }\n}\n",
"status": "closed",
"type": "incident"
}
}
}
}
},
"delete": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Remove an artifact",
"operationId": "removeArtifact",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8123,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"type": "string",
"x-example": "leadreintermediate.io",
"name": "name",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketResponse"
},
"examples": {
"test": {
"artifacts": [
{
"name": "94d5cab6f5fe3422a447ab15436e7a672bc0c09a",
"status": "unknown"
},
{
"name": "http://www.customerviral.io/scalable/vertical/killer",
"status": "clean"
}
],
"created": "2021-10-02T18:04:59.078206+02:00",
"id": 8123,
"modified": "2021-10-02T18:04:59.078206+02:00",
"name": "live zebra",
"owner": "demo",
"playbooks": {
"phishing": {
"name": "Phishing",
"tasks": {
"block-iocs": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block IOCs",
"order": 6,
"type": "task"
},
"block-sender": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block sender",
"next": {
"extract-iocs": ""
},
"order": 3,
"type": "task"
},
"board": {
"active": true,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Board Involvement?",
"next": {
"escalate": "boardInvolved == true",
"mail-available": "boardInvolved == false"
},
"order": 0,
"schema": {
"properties": {
"boardInvolved": {
"default": false,
"title": "A board member is involved.",
"type": "boolean"
}
},
"required": [
"boardInvolved"
],
"title": "Board Involvement?",
"type": "object"
},
"type": "input"
},
"escalate": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Escalate to CISO",
"order": 1,
"type": "task"
},
"extract-iocs": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Extract IOCs",
"next": {
"block-iocs": ""
},
"order": 5,
"schema": {
"properties": {
"iocs": {
"items": {
"type": "string"
},
"title": "IOCs",
"type": "array"
}
},
"title": "Extract IOCs",
"type": "object"
},
"type": "input"
},
"mail-available": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Mail available",
"next": {
"block-sender": "schemaKey == 'yes'",
"extract-iocs": "schemaKey == 'yes'",
"search-email-gateway": "schemaKey == 'no'"
},
"order": 2,
"schema": {
"oneOf": [
{
"properties": {
"mail": {
"title": "Mail",
"type": "string",
"x-display": "textarea"
},
"schemaKey": {
"const": "yes",
"type": "string"
}
},
"required": [
"mail"
],
"title": "Yes"
},
{
"properties": {
"schemaKey": {
"const": "no",
"type": "string"
}
},
"title": "No"
}
],
"title": "Mail available",
"type": "object"
},
"type": "input"
},
"search-email-gateway": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Search email gateway",
"next": {
"extract-iocs": ""
},
"order": 4,
"type": "task"
}
}
}
},
"references": [
{
"href": "https://www.leadmaximize.net/e-services/back-end",
"name": "performance"
},
{
"href": "http://www.corporateinteractive.name/rich",
"name": "autumn"
},
{
"href": "https://www.corporateintuitive.org/intuitive/platforms/integrate",
"name": "suggest"
}
],
"schema": "{\n \"definitions\": {},\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"$id\": \"https://example.com/object1618746510.json\",\n \"title\": \"Event\",\n \"type\": \"object\",\n \"required\": [\n \"severity\",\n \"description\",\n \"tlp\"\n ],\n \"properties\": {\n \"severity\": {\n \"$id\": \"#root/severity\",\n \"title\": \"Severity\",\n \"type\": \"string\",\n \"default\": \"Medium\",\n \"nx-enum\": [\n \"Low\",\n \"Medium\",\n \"High\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"Low\",\n \"title\": \"Low\",\n \"icon\": \"mdi-chevron-up\"\n },\n {\n \"const\": \"Medium\",\n \"title\": \"Medium\",\n \"icon\": \"mdi-chevron-double-up\"\n },\n {\n \"const\": \"High\",\n \"title\": \"High\",\n \"icon\": \"mdi-chevron-triple-up\"\n }\n ]\n },\n \"tlp\": {\n \"$id\": \"#root/tlp\",\n \"title\": \"TLP\",\n \"type\": \"string\",\n \"nx-enum\": [\n \"White\",\n \"Green\",\n \"Amber\",\n \"Red\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"White\",\n \"title\": \"White\",\n \"icon\": \"mdi-alpha-w\"\n },\n {\n \"const\": \"Green\",\n \"title\": \"Green\",\n \"icon\": \"mdi-alpha-g\"\n },\n {\n \"const\": \"Amber\",\n \"title\": \"Amber\",\n \"icon\": \"mdi-alpha-a\"\n },\n {\n \"const\": \"Red\",\n \"title\": \"Red\",\n \"icon\": \"mdi-alpha-r\"\n }\n ]\n },\n \"description\": {\n \"$id\": \"#root/description\",\n \"title\": \"Description\",\n \"type\": \"string\",\n \"x-display\": \"textarea\",\n \"x-class\": \"pr-2\"\n }\n }\n}\n",
"status": "closed",
"type": "incident"
}
}
}
}
}
},
"/tickets/{id}/artifacts/{name}/enrich": {
"post": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Enrich a single artifact",
"operationId": "enrichArtifact",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8123,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"type": "string",
"x-example": "leadreintermediate.io",
"name": "name",
"in": "path",
"required": true
},
{
"x-example": {
"data": {
"hash": "b7a067a742c20d07a7456646de89bc2d408a1153"
},
"name": "hash.sha1"
},
"name": "data",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/EnrichmentForm"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/Artifact"
},
"examples": {
"test": {
"artifacts": [
{
"name": "94d5cab6f5fe3422a447ab15436e7a672bc0c09a",
"status": "unknown"
},
{
"name": "http://www.customerviral.io/scalable/vertical/killer",
"status": "clean"
},
{
"enrichments": {
"hash.sha1": {
"created": "2021-10-03T18:44:06.488923+02:00",
"data": {
"hash": "b7a067a742c20d07a7456646de89bc2d408a1153"
},
"name": "hash.sha1"
}
},
"name": "leadreintermediate.io",
"status": "malicious"
}
],
"created": "2021-10-02T18:04:59.078206+02:00",
"id": 8123,
"modified": "2021-10-02T18:04:59.078206+02:00",
"name": "live zebra",
"owner": "demo",
"playbooks": {
"phishing": {
"name": "Phishing",
"tasks": {
"block-iocs": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block IOCs",
"order": 6,
"type": "task"
},
"block-sender": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block sender",
"next": {
"extract-iocs": ""
},
"order": 3,
"type": "task"
},
"board": {
"active": true,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Board Involvement?",
"next": {
"escalate": "boardInvolved == true",
"mail-available": "boardInvolved == false"
},
"order": 0,
"schema": {
"properties": {
"boardInvolved": {
"default": false,
"title": "A board member is involved.",
"type": "boolean"
}
},
"required": [
"boardInvolved"
],
"title": "Board Involvement?",
"type": "object"
},
"type": "input"
},
"escalate": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Escalate to CISO",
"order": 1,
"type": "task"
},
"extract-iocs": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Extract IOCs",
"next": {
"block-iocs": ""
},
"order": 5,
"schema": {
"properties": {
"iocs": {
"items": {
"type": "string"
},
"title": "IOCs",
"type": "array"
}
},
"title": "Extract IOCs",
"type": "object"
},
"type": "input"
},
"mail-available": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Mail available",
"next": {
"block-sender": "schemaKey == 'yes'",
"extract-iocs": "schemaKey == 'yes'",
"search-email-gateway": "schemaKey == 'no'"
},
"order": 2,
"schema": {
"oneOf": [
{
"properties": {
"mail": {
"title": "Mail",
"type": "string",
"x-display": "textarea"
},
"schemaKey": {
"const": "yes",
"type": "string"
}
},
"required": [
"mail"
],
"title": "Yes"
},
{
"properties": {
"schemaKey": {
"const": "no",
"type": "string"
}
},
"title": "No"
}
],
"title": "Mail available",
"type": "object"
},
"type": "input"
},
"search-email-gateway": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Search email gateway",
"next": {
"extract-iocs": ""
},
"order": 4,
"type": "task"
}
}
}
},
"references": [
{
"href": "https://www.leadmaximize.net/e-services/back-end",
"name": "performance"
},
{
"href": "http://www.corporateinteractive.name/rich",
"name": "autumn"
},
{
"href": "https://www.corporateintuitive.org/intuitive/platforms/integrate",
"name": "suggest"
}
],
"schema": "{\n \"definitions\": {},\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"$id\": \"https://example.com/object1618746510.json\",\n \"title\": \"Event\",\n \"type\": \"object\",\n \"required\": [\n \"severity\",\n \"description\",\n \"tlp\"\n ],\n \"properties\": {\n \"severity\": {\n \"$id\": \"#root/severity\",\n \"title\": \"Severity\",\n \"type\": \"string\",\n \"default\": \"Medium\",\n \"nx-enum\": [\n \"Low\",\n \"Medium\",\n \"High\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"Low\",\n \"title\": \"Low\",\n \"icon\": \"mdi-chevron-up\"\n },\n {\n \"const\": \"Medium\",\n \"title\": \"Medium\",\n \"icon\": \"mdi-chevron-double-up\"\n },\n {\n \"const\": \"High\",\n \"title\": \"High\",\n \"icon\": \"mdi-chevron-triple-up\"\n }\n ]\n },\n \"tlp\": {\n \"$id\": \"#root/tlp\",\n \"title\": \"TLP\",\n \"type\": \"string\",\n \"nx-enum\": [\n \"White\",\n \"Green\",\n \"Amber\",\n \"Red\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"White\",\n \"title\": \"White\",\n \"icon\": \"mdi-alpha-w\"\n },\n {\n \"const\": \"Green\",\n \"title\": \"Green\",\n \"icon\": \"mdi-alpha-g\"\n },\n {\n \"const\": \"Amber\",\n \"title\": \"Amber\",\n \"icon\": \"mdi-alpha-a\"\n },\n {\n \"const\": \"Red\",\n \"title\": \"Red\",\n \"icon\": \"mdi-alpha-r\"\n }\n ]\n },\n \"description\": {\n \"$id\": \"#root/description\",\n \"title\": \"Description\",\n \"type\": \"string\",\n \"x-display\": \"textarea\",\n \"x-class\": \"pr-2\"\n }\n }\n}\n",
"status": "closed",
"type": "incident"
}
}
}
}
}
},
"/tickets/{id}/artifacts/{name}/run/{automation}": {
"post": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Run automation on a single artifact",
"operationId": "runArtifact",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8123,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"type": "string",
"x-example": "leadreintermediate.io",
"name": "name",
"in": "path",
"required": true
},
{
"type": "string",
"x-example": "hash.sha1",
"name": "automation",
"in": "path",
"required": true
}
],
"responses": {
"204": {
"description": "successful operation"
}
}
}
},
"/tickets/{id}/comments": {
"post": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Add ticket comment",
"operationId": "addComment",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8125,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"x-example": {
"message": "My first comment"
},
"description": "Ticket comment",
"name": "comment",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/CommentForm"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketResponse"
},
"examples": {
"test": {
"comments": [
{
"created": "2021-10-02T18:04:59.078186+02:00",
"creator": "bob",
"message": "My first comment"
}
],
"created": "2021-10-02T18:04:59.078186+02:00",
"id": 8125,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "phishing from selenafadel@von.com detected",
"owner": "demo",
"references": [
{
"href": "https://www.seniorleading-edge.name/users/efficient",
"name": "recovery"
},
{
"href": "http://www.dynamicseamless.com/clicks-and-mortar",
"name": "force"
},
{
"href": "http://www.leadscalable.biz/envisioneer",
"name": "fund"
}
],
"schema": "{}",
"status": "closed",
"tickets": [
{
"created": "2021-10-02T18:04:59.078186+02:00",
"id": 8126,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "Surfaceintroduce virus detected",
"owner": "demo",
"references": [
{
"href": "http://www.centralworld-class.io/synthesize",
"name": "university"
},
{
"href": "https://www.futurevirtual.org/supply-chains/markets/sticky/iterate",
"name": "goal"
},
{
"href": "http://www.chiefsyndicate.io/action-items",
"name": "unemployment"
}
],
"schema": "{}",
"status": "closed",
"type": "alert"
}
],
"type": "alert"
}
}
}
}
}
},
"/tickets/{id}/comments/{commentID}": {
"delete": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"description": "Comment will be removed from the ticket.",
"tags": [
"tickets"
],
"summary": "Remove an comment from an ticket",
"operationId": "removeComment",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8123,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"type": "integer",
"x-example": 0,
"description": "Comment ID to remove",
"name": "commentID",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketResponse"
},
"examples": {
"test": {
"artifacts": [
{
"name": "94d5cab6f5fe3422a447ab15436e7a672bc0c09a",
"status": "unknown"
},
{
"name": "http://www.customerviral.io/scalable/vertical/killer",
"status": "clean"
},
{
"name": "leadreintermediate.io",
"status": "malicious"
}
],
"created": "2021-10-02T18:04:59.078206+02:00",
"id": 8123,
"modified": "2021-10-02T18:04:59.078206+02:00",
"name": "live zebra",
"owner": "demo",
"playbooks": {
"phishing": {
"name": "Phishing",
"tasks": {
"block-iocs": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block IOCs",
"order": 6,
"type": "task"
},
"block-sender": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block sender",
"next": {
"extract-iocs": ""
},
"order": 3,
"type": "task"
},
"board": {
"active": true,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Board Involvement?",
"next": {
"escalate": "boardInvolved == true",
"mail-available": "boardInvolved == false"
},
"order": 0,
"schema": {
"properties": {
"boardInvolved": {
"default": false,
"title": "A board member is involved.",
"type": "boolean"
}
},
"required": [
"boardInvolved"
],
"title": "Board Involvement?",
"type": "object"
},
"type": "input"
},
"escalate": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Escalate to CISO",
"order": 1,
"type": "task"
},
"extract-iocs": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Extract IOCs",
"next": {
"block-iocs": ""
},
"order": 5,
"schema": {
"properties": {
"iocs": {
"items": {
"type": "string"
},
"title": "IOCs",
"type": "array"
}
},
"title": "Extract IOCs",
"type": "object"
},
"type": "input"
},
"mail-available": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Mail available",
"next": {
"block-sender": "schemaKey == 'yes'",
"extract-iocs": "schemaKey == 'yes'",
"search-email-gateway": "schemaKey == 'no'"
},
"order": 2,
"schema": {
"oneOf": [
{
"properties": {
"mail": {
"title": "Mail",
"type": "string",
"x-display": "textarea"
},
"schemaKey": {
"const": "yes",
"type": "string"
}
},
"required": [
"mail"
],
"title": "Yes"
},
{
"properties": {
"schemaKey": {
"const": "no",
"type": "string"
}
},
"title": "No"
}
],
"title": "Mail available",
"type": "object"
},
"type": "input"
},
"search-email-gateway": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Search email gateway",
"next": {
"extract-iocs": ""
},
"order": 4,
"type": "task"
}
}
}
},
"references": [
{
"href": "https://www.leadmaximize.net/e-services/back-end",
"name": "performance"
},
{
"href": "http://www.corporateinteractive.name/rich",
"name": "autumn"
},
{
"href": "https://www.corporateintuitive.org/intuitive/platforms/integrate",
"name": "suggest"
}
],
"schema": "{\n \"definitions\": {},\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"$id\": \"https://example.com/object1618746510.json\",\n \"title\": \"Event\",\n \"type\": \"object\",\n \"required\": [\n \"severity\",\n \"description\",\n \"tlp\"\n ],\n \"properties\": {\n \"severity\": {\n \"$id\": \"#root/severity\",\n \"title\": \"Severity\",\n \"type\": \"string\",\n \"default\": \"Medium\",\n \"nx-enum\": [\n \"Low\",\n \"Medium\",\n \"High\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"Low\",\n \"title\": \"Low\",\n \"icon\": \"mdi-chevron-up\"\n },\n {\n \"const\": \"Medium\",\n \"title\": \"Medium\",\n \"icon\": \"mdi-chevron-double-up\"\n },\n {\n \"const\": \"High\",\n \"title\": \"High\",\n \"icon\": \"mdi-chevron-triple-up\"\n }\n ]\n },\n \"tlp\": {\n \"$id\": \"#root/tlp\",\n \"title\": \"TLP\",\n \"type\": \"string\",\n \"nx-enum\": [\n \"White\",\n \"Green\",\n \"Amber\",\n \"Red\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"White\",\n \"title\": \"White\",\n \"icon\": \"mdi-alpha-w\"\n },\n {\n \"const\": \"Green\",\n \"title\": \"Green\",\n \"icon\": \"mdi-alpha-g\"\n },\n {\n \"const\": \"Amber\",\n \"title\": \"Amber\",\n \"icon\": \"mdi-alpha-a\"\n },\n {\n \"const\": \"Red\",\n \"title\": \"Red\",\n \"icon\": \"mdi-alpha-r\"\n }\n ]\n },\n \"description\": {\n \"$id\": \"#root/description\",\n \"title\": \"Description\",\n \"type\": \"string\",\n \"x-display\": \"textarea\",\n \"x-class\": \"pr-2\"\n }\n }\n}\n",
"status": "closed",
"type": "incident"
}
}
}
}
}
},
"/tickets/{id}/files": {
"put": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"description": "Link files to an ticket. The files themself will be stored in object storage.",
"tags": [
"tickets"
],
"summary": "Link files to an ticket",
"operationId": "linkFiles",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8125,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"x-example": [
{
"key": "myfile",
"name": "document.doc"
}
],
"description": "Added files",
"name": "files",
"in": "body",
"required": true,
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/File"
}
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketResponse"
},
"examples": {
"test": {
"created": "2021-10-02T18:04:59.078186+02:00",
"files": [
{
"key": "myfile",
"name": "document.doc"
}
],
"id": 8125,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "phishing from selenafadel@von.com detected",
"owner": "demo",
"references": [
{
"href": "https://www.seniorleading-edge.name/users/efficient",
"name": "recovery"
},
{
"href": "http://www.dynamicseamless.com/clicks-and-mortar",
"name": "force"
},
{
"href": "http://www.leadscalable.biz/envisioneer",
"name": "fund"
}
],
"schema": "{}",
"status": "closed",
"tickets": [
{
"created": "2021-10-02T18:04:59.078186+02:00",
"id": 8126,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "Surfaceintroduce virus detected",
"owner": "demo",
"references": [
{
"href": "http://www.centralworld-class.io/synthesize",
"name": "university"
},
{
"href": "https://www.futurevirtual.org/supply-chains/markets/sticky/iterate",
"name": "goal"
},
{
"href": "http://www.chiefsyndicate.io/action-items",
"name": "unemployment"
}
],
"schema": "{}",
"status": "closed",
"type": "alert"
}
],
"type": "alert"
}
}
}
}
}
},
"/tickets/{id}/playbooks": {
"post": {
"tags": [
"tickets"
],
"summary": "Add a new ticket playbook",
"operationId": "addTicketPlaybook",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8125,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"x-example": {
"yaml": "name: Simple\ntasks:\n input:\n name: Upload malware if possible\n type: input\n schema:\n title: Malware\n type: object\n properties:\n malware:\n type: string\n title: Select malware\n default: \"\"\n next:\n hash: \"malware != ''\"\n\n hash:\n name: Hash the malware\n type: automation\n automation: hash.sha1\n payload:\n default: \"playbook.tasks['input'].data['malware']\"\n next:\n escalate:\n\n escalate:\n name: Escalate to malware team\n type: task\n"
},
"description": "Ticket playbook object that needs to be added",
"name": "playbook",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/PlaybookTemplateForm"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketResponse"
},
"examples": {
"test": {
"created": "1985-04-12T23:20:50.52Z",
"id": 8125,
"modified": "1985-04-12T23:20:50.52Z",
"name": "phishing from selenafadel@von.com detected",
"owner": "demo",
"playbooks": {
"simple": {
"name": "Simple",
"tasks": {
"escalate": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Escalate to malware team",
"order": 2,
"type": "task"
},
"hash": {
"active": false,
"automation": "hash.sha1",
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Hash the malware",
"next": {
"escalate": ""
},
"order": 1,
"payload": {
"default": "playbook.tasks['input'].data['malware']"
},
"type": "automation"
},
"input": {
"active": true,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Upload malware if possible",
"next": {
"hash": "malware != ''"
},
"order": 0,
"schema": {
"properties": {
"malware": {
"default": "",
"title": "Select malware",
"type": "string"
}
},
"title": "Malware",
"type": "object"
},
"type": "input"
}
}
}
},
"references": [
{
"href": "https://www.seniorleading-edge.name/users/efficient",
"name": "recovery"
},
{
"href": "http://www.dynamicseamless.com/clicks-and-mortar",
"name": "force"
},
{
"href": "http://www.leadscalable.biz/envisioneer",
"name": "fund"
}
],
"schema": "{}",
"status": "closed",
"tickets": [
{
"created": "2021-10-02T18:04:59.078186+02:00",
"id": 8126,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "Surfaceintroduce virus detected",
"owner": "demo",
"references": [
{
"href": "http://www.centralworld-class.io/synthesize",
"name": "university"
},
{
"href": "https://www.futurevirtual.org/supply-chains/markets/sticky/iterate",
"name": "goal"
},
{
"href": "http://www.chiefsyndicate.io/action-items",
"name": "unemployment"
}
],
"schema": "{}",
"status": "closed",
"type": "alert"
}
],
"type": "alert"
}
}
}
}
}
},
"/tickets/{id}/playbooks/{playbookID}": {
"delete": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Remove an ticket playbook",
"operationId": "removeTicketPlaybook",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8123,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"type": "string",
"x-example": "phishing",
"description": "Playbook ID",
"name": "playbookID",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketResponse"
},
"examples": {
"test": {
"artifacts": [
{
"name": "94d5cab6f5fe3422a447ab15436e7a672bc0c09a",
"status": "unknown"
},
{
"name": "http://www.customerviral.io/scalable/vertical/killer",
"status": "clean"
},
{
"name": "leadreintermediate.io",
"status": "malicious"
}
],
"created": "1985-04-12T23:20:50.52Z",
"id": 8123,
"modified": "1985-04-12T23:20:50.52Z",
"name": "live zebra",
"owner": "demo",
"references": [
{
"href": "https://www.leadmaximize.net/e-services/back-end",
"name": "performance"
},
{
"href": "http://www.corporateinteractive.name/rich",
"name": "autumn"
},
{
"href": "https://www.corporateintuitive.org/intuitive/platforms/integrate",
"name": "suggest"
}
],
"schema": "{\n \"definitions\": {},\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"$id\": \"https://example.com/object1618746510.json\",\n \"title\": \"Event\",\n \"type\": \"object\",\n \"required\": [\n \"severity\",\n \"description\",\n \"tlp\"\n ],\n \"properties\": {\n \"severity\": {\n \"$id\": \"#root/severity\",\n \"title\": \"Severity\",\n \"type\": \"string\",\n \"default\": \"Medium\",\n \"nx-enum\": [\n \"Low\",\n \"Medium\",\n \"High\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"Low\",\n \"title\": \"Low\",\n \"icon\": \"mdi-chevron-up\"\n },\n {\n \"const\": \"Medium\",\n \"title\": \"Medium\",\n \"icon\": \"mdi-chevron-double-up\"\n },\n {\n \"const\": \"High\",\n \"title\": \"High\",\n \"icon\": \"mdi-chevron-triple-up\"\n }\n ]\n },\n \"tlp\": {\n \"$id\": \"#root/tlp\",\n \"title\": \"TLP\",\n \"type\": \"string\",\n \"nx-enum\": [\n \"White\",\n \"Green\",\n \"Amber\",\n \"Red\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"White\",\n \"title\": \"White\",\n \"icon\": \"mdi-alpha-w\"\n },\n {\n \"const\": \"Green\",\n \"title\": \"Green\",\n \"icon\": \"mdi-alpha-g\"\n },\n {\n \"const\": \"Amber\",\n \"title\": \"Amber\",\n \"icon\": \"mdi-alpha-a\"\n },\n {\n \"const\": \"Red\",\n \"title\": \"Red\",\n \"icon\": \"mdi-alpha-r\"\n }\n ]\n },\n \"description\": {\n \"$id\": \"#root/description\",\n \"title\": \"Description\",\n \"type\": \"string\",\n \"x-display\": \"textarea\",\n \"x-class\": \"pr-2\"\n }\n }\n}\n",
"status": "closed",
"type": "incident"
}
}
}
}
}
},
"/tickets/{id}/playbooks/{playbookID}/task/{taskID}": {
"put": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Set a ticket playbook task",
"operationId": "setTask",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8123,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"type": "string",
"x-example": "phishing",
"description": "Playbook ID",
"name": "playbookID",
"in": "path",
"required": true
},
{
"type": "string",
"x-example": "board",
"description": "Task ID",
"name": "taskID",
"in": "path",
"required": true
},
{
"x-example": {
"active": true,
"data": {
"boardInvolved": true
},
"done": false,
"name": "Board Involvement?",
"next": {
"escalate": "boardInvolved == true",
"mail-available": "boardInvolved == false"
},
"order": 0,
"schema": {
"properties": {
"boardInvolved": {
"default": false,
"title": "A board member is involved.",
"type": "boolean"
}
},
"required": [
"boardInvolved"
],
"title": "Board Involvement?",
"type": "object"
},
"type": "input"
},
"description": "Task",
"name": "task",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/Task"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketResponse"
},
"examples": {
"test": {
"artifacts": [
{
"name": "94d5cab6f5fe3422a447ab15436e7a672bc0c09a",
"status": "unknown"
},
{
"name": "http://www.customerviral.io/scalable/vertical/killer",
"status": "clean"
},
{
"name": "leadreintermediate.io",
"status": "malicious"
}
],
"created": "2021-10-02T18:04:59.078206+02:00",
"id": 8123,
"modified": "2021-10-02T18:04:59.078206+02:00",
"name": "live zebra",
"owner": "demo",
"playbooks": {
"phishing": {
"name": "Phishing",
"tasks": {
"block-iocs": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block IOCs",
"order": 6,
"type": "task"
},
"block-sender": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block sender",
"next": {
"extract-iocs": ""
},
"order": 3,
"type": "task"
},
"board": {
"active": true,
"created": "2021-10-02T18:04:59.078186+02:00",
"data": {
"boardInvolved": true
},
"done": false,
"name": "Board Involvement?",
"next": {
"escalate": "boardInvolved == true",
"mail-available": "boardInvolved == false"
},
"order": 0,
"schema": {
"properties": {
"boardInvolved": {
"default": false,
"title": "A board member is involved.",
"type": "boolean"
}
},
"required": [
"boardInvolved"
],
"title": "Board Involvement?",
"type": "object"
},
"type": "input"
},
"escalate": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Escalate to CISO",
"order": 1,
"type": "task"
},
"extract-iocs": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Extract IOCs",
"next": {
"block-iocs": ""
},
"order": 5,
"schema": {
"properties": {
"iocs": {
"items": {
"type": "string"
},
"title": "IOCs",
"type": "array"
}
},
"title": "Extract IOCs",
"type": "object"
},
"type": "input"
},
"mail-available": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Mail available",
"next": {
"block-sender": "schemaKey == 'yes'",
"extract-iocs": "schemaKey == 'yes'",
"search-email-gateway": "schemaKey == 'no'"
},
"order": 2,
"schema": {
"oneOf": [
{
"properties": {
"mail": {
"title": "Mail",
"type": "string",
"x-display": "textarea"
},
"schemaKey": {
"const": "yes",
"type": "string"
}
},
"required": [
"mail"
],
"title": "Yes"
},
{
"properties": {
"schemaKey": {
"const": "no",
"type": "string"
}
},
"title": "No"
}
],
"title": "Mail available",
"type": "object"
},
"type": "input"
},
"search-email-gateway": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Search email gateway",
"next": {
"extract-iocs": ""
},
"order": 4,
"type": "task"
}
}
}
},
"references": [
{
"href": "https://www.leadmaximize.net/e-services/back-end",
"name": "performance"
},
{
"href": "http://www.corporateinteractive.name/rich",
"name": "autumn"
},
{
"href": "https://www.corporateintuitive.org/intuitive/platforms/integrate",
"name": "suggest"
}
],
"schema": "{\n \"definitions\": {},\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"$id\": \"https://example.com/object1618746510.json\",\n \"title\": \"Event\",\n \"type\": \"object\",\n \"required\": [\n \"severity\",\n \"description\",\n \"tlp\"\n ],\n \"properties\": {\n \"severity\": {\n \"$id\": \"#root/severity\",\n \"title\": \"Severity\",\n \"type\": \"string\",\n \"default\": \"Medium\",\n \"nx-enum\": [\n \"Low\",\n \"Medium\",\n \"High\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"Low\",\n \"title\": \"Low\",\n \"icon\": \"mdi-chevron-up\"\n },\n {\n \"const\": \"Medium\",\n \"title\": \"Medium\",\n \"icon\": \"mdi-chevron-double-up\"\n },\n {\n \"const\": \"High\",\n \"title\": \"High\",\n \"icon\": \"mdi-chevron-triple-up\"\n }\n ]\n },\n \"tlp\": {\n \"$id\": \"#root/tlp\",\n \"title\": \"TLP\",\n \"type\": \"string\",\n \"nx-enum\": [\n \"White\",\n \"Green\",\n \"Amber\",\n \"Red\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"White\",\n \"title\": \"White\",\n \"icon\": \"mdi-alpha-w\"\n },\n {\n \"const\": \"Green\",\n \"title\": \"Green\",\n \"icon\": \"mdi-alpha-g\"\n },\n {\n \"const\": \"Amber\",\n \"title\": \"Amber\",\n \"icon\": \"mdi-alpha-a\"\n },\n {\n \"const\": \"Red\",\n \"title\": \"Red\",\n \"icon\": \"mdi-alpha-r\"\n }\n ]\n },\n \"description\": {\n \"$id\": \"#root/description\",\n \"title\": \"Description\",\n \"type\": \"string\",\n \"x-display\": \"textarea\",\n \"x-class\": \"pr-2\"\n }\n }\n}\n",
"status": "closed",
"type": "incident"
}
}
}
}
}
},
"/tickets/{id}/playbooks/{playbookID}/task/{taskID}/complete": {
"put": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Complete ticket playbook task",
"operationId": "completeTask",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8123,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"type": "string",
"x-example": "phishing",
"description": "Playbook ID",
"name": "playbookID",
"in": "path",
"required": true
},
{
"type": "string",
"x-example": "board",
"description": "Task ID",
"name": "taskID",
"in": "path",
"required": true
},
{
"x-example": {
"boardInvolved": true
},
"description": "Ticket playbook object that needs to be added",
"name": "data",
"in": "body",
"required": true,
"schema": {
"type": "object"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketResponse"
},
"examples": {
"test": {
"artifacts": [
{
"name": "94d5cab6f5fe3422a447ab15436e7a672bc0c09a",
"status": "unknown"
},
{
"name": "http://www.customerviral.io/scalable/vertical/killer",
"status": "clean"
},
{
"name": "leadreintermediate.io",
"status": "malicious"
}
],
"created": "2021-10-02T18:04:59.078206+02:00",
"id": 8123,
"modified": "2021-10-02T18:04:59.078206+02:00",
"name": "live zebra",
"owner": "demo",
"playbooks": {
"phishing": {
"name": "Phishing",
"tasks": {
"block-iocs": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block IOCs",
"order": 6,
"type": "task"
},
"block-sender": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block sender",
"next": {
"extract-iocs": ""
},
"order": 3,
"type": "task"
},
"board": {
"active": false,
"closed": "2021-10-02T18:04:59.078186+02:00",
"created": "2021-10-02T18:04:59.078186+02:00",
"data": {
"boardInvolved": true
},
"done": true,
"name": "Board Involvement?",
"next": {
"escalate": "boardInvolved == true",
"mail-available": "boardInvolved == false"
},
"order": 0,
"schema": {
"properties": {
"boardInvolved": {
"default": false,
"title": "A board member is involved.",
"type": "boolean"
}
},
"required": [
"boardInvolved"
],
"title": "Board Involvement?",
"type": "object"
},
"type": "input"
},
"escalate": {
"active": true,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Escalate to CISO",
"order": 1,
"type": "task"
},
"extract-iocs": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Extract IOCs",
"next": {
"block-iocs": ""
},
"order": 5,
"schema": {
"properties": {
"iocs": {
"items": {
"type": "string"
},
"title": "IOCs",
"type": "array"
}
},
"title": "Extract IOCs",
"type": "object"
},
"type": "input"
},
"mail-available": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Mail available",
"next": {
"block-sender": "schemaKey == 'yes'",
"extract-iocs": "schemaKey == 'yes'",
"search-email-gateway": "schemaKey == 'no'"
},
"order": 2,
"schema": {
"oneOf": [
{
"properties": {
"mail": {
"title": "Mail",
"type": "string",
"x-display": "textarea"
},
"schemaKey": {
"const": "yes",
"type": "string"
}
},
"required": [
"mail"
],
"title": "Yes"
},
{
"properties": {
"schemaKey": {
"const": "no",
"type": "string"
}
},
"title": "No"
}
],
"title": "Mail available",
"type": "object"
},
"type": "input"
},
"search-email-gateway": {
"active": false,
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Search email gateway",
"next": {
"extract-iocs": ""
},
"order": 4,
"type": "task"
}
}
}
},
"references": [
{
"href": "https://www.leadmaximize.net/e-services/back-end",
"name": "performance"
},
{
"href": "http://www.corporateinteractive.name/rich",
"name": "autumn"
},
{
"href": "https://www.corporateintuitive.org/intuitive/platforms/integrate",
"name": "suggest"
}
],
"schema": "{\n \"definitions\": {},\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"$id\": \"https://example.com/object1618746510.json\",\n \"title\": \"Event\",\n \"type\": \"object\",\n \"required\": [\n \"severity\",\n \"description\",\n \"tlp\"\n ],\n \"properties\": {\n \"severity\": {\n \"$id\": \"#root/severity\",\n \"title\": \"Severity\",\n \"type\": \"string\",\n \"default\": \"Medium\",\n \"nx-enum\": [\n \"Low\",\n \"Medium\",\n \"High\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"Low\",\n \"title\": \"Low\",\n \"icon\": \"mdi-chevron-up\"\n },\n {\n \"const\": \"Medium\",\n \"title\": \"Medium\",\n \"icon\": \"mdi-chevron-double-up\"\n },\n {\n \"const\": \"High\",\n \"title\": \"High\",\n \"icon\": \"mdi-chevron-triple-up\"\n }\n ]\n },\n \"tlp\": {\n \"$id\": \"#root/tlp\",\n \"title\": \"TLP\",\n \"type\": \"string\",\n \"nx-enum\": [\n \"White\",\n \"Green\",\n \"Amber\",\n \"Red\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"White\",\n \"title\": \"White\",\n \"icon\": \"mdi-alpha-w\"\n },\n {\n \"const\": \"Green\",\n \"title\": \"Green\",\n \"icon\": \"mdi-alpha-g\"\n },\n {\n \"const\": \"Amber\",\n \"title\": \"Amber\",\n \"icon\": \"mdi-alpha-a\"\n },\n {\n \"const\": \"Red\",\n \"title\": \"Red\",\n \"icon\": \"mdi-alpha-r\"\n }\n ]\n },\n \"description\": {\n \"$id\": \"#root/description\",\n \"title\": \"Description\",\n \"type\": \"string\",\n \"x-display\": \"textarea\",\n \"x-class\": \"pr-2\"\n }\n }\n}\n",
"status": "closed",
"type": "incident"
}
}
}
}
}
},
"/tickets/{id}/playbooks/{playbookID}/task/{taskID}/run": {
"post": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Run ticket playbook task",
"operationId": "runTask",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8123,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"type": "string",
"x-example": "phishing",
"description": "Playbook ID",
"name": "playbookID",
"in": "path",
"required": true
},
{
"type": "string",
"x-example": "board",
"description": "Task ID",
"name": "taskID",
"in": "path",
"required": true
}
],
"responses": {
"204": {
"description": "successful operation"
}
}
}
},
"/tickets/{id}/references": {
"put": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Set ticket references",
"operationId": "setReferences",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8125,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"x-example": [
{
"href": "http://www.leadscalable.biz/envisioneer",
"name": "fund"
}
],
"description": "All ticket references",
"name": "references",
"in": "body",
"required": true,
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/Reference"
}
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketResponse"
},
"examples": {
"test": {
"created": "2021-10-02T18:04:59.078186+02:00",
"id": 8125,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "phishing from selenafadel@von.com detected",
"owner": "demo",
"references": [
{
"href": "http://www.leadscalable.biz/envisioneer",
"name": "fund"
}
],
"schema": "{}",
"status": "closed",
"tickets": [
{
"created": "2021-10-02T18:04:59.078186+02:00",
"id": 8126,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "Surfaceintroduce virus detected",
"owner": "demo",
"references": [
{
"href": "http://www.centralworld-class.io/synthesize",
"name": "university"
},
{
"href": "https://www.futurevirtual.org/supply-chains/markets/sticky/iterate",
"name": "goal"
},
{
"href": "http://www.chiefsyndicate.io/action-items",
"name": "unemployment"
}
],
"schema": "{}",
"status": "closed",
"type": "alert"
}
],
"type": "alert"
}
}
}
}
}
},
"/tickets/{id}/schema": {
"put": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Set ticket schema",
"operationId": "setSchema",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8125,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"x-example": "{}",
"description": "New ticket schema",
"name": "schema",
"in": "body",
"schema": {
"type": "string"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketResponse"
},
"examples": {
"test": {
"created": "2021-10-02T18:04:59.078186+02:00",
"id": 8125,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "phishing from selenafadel@von.com detected",
"owner": "demo",
"references": [
{
"href": "https://www.seniorleading-edge.name/users/efficient",
"name": "recovery"
},
{
"href": "http://www.dynamicseamless.com/clicks-and-mortar",
"name": "force"
},
{
"href": "http://www.leadscalable.biz/envisioneer",
"name": "fund"
}
],
"schema": "{}",
"status": "closed",
"tickets": [
{
"created": "2021-10-02T18:04:59.078186+02:00",
"id": 8126,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "Surfaceintroduce virus detected",
"owner": "demo",
"references": [
{
"href": "http://www.centralworld-class.io/synthesize",
"name": "university"
},
{
"href": "https://www.futurevirtual.org/supply-chains/markets/sticky/iterate",
"name": "goal"
},
{
"href": "http://www.chiefsyndicate.io/action-items",
"name": "unemployment"
}
],
"schema": "{}",
"status": "closed",
"type": "alert"
}
],
"type": "alert"
}
}
}
}
}
},
"/tickets/{id}/tickets": {
"delete": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Unlink an ticket to an ticket",
"operationId": "unlinkTicket",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8126,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"x-example": 8125,
"description": "Added ticket ID",
"name": "linkedID",
"in": "body",
"required": true,
"schema": {
"type": "integer",
"format": "int64"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketResponse"
},
"examples": {
"test": {
"created": "2021-10-02T18:04:59.078186+02:00",
"id": 8126,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "Surfaceintroduce virus detected",
"owner": "demo",
"references": [
{
"href": "http://www.centralworld-class.io/synthesize",
"name": "university"
},
{
"href": "https://www.futurevirtual.org/supply-chains/markets/sticky/iterate",
"name": "goal"
},
{
"href": "http://www.chiefsyndicate.io/action-items",
"name": "unemployment"
}
],
"schema": "{}",
"status": "closed",
"type": "alert"
}
}
}
}
},
"patch": {
"security": [
{
"roles": [
"ticket:write"
]
}
],
"tags": [
"tickets"
],
"summary": "Link an ticket to an ticket",
"operationId": "linkTicket",
"parameters": [
{
"type": "integer",
"format": "int64",
"x-example": 8126,
"description": "Ticket ID",
"name": "id",
"in": "path",
"required": true
},
{
"x-example": 8123,
"description": "Added ticket ID",
"name": "linkedID",
"in": "body",
"required": true,
"schema": {
"type": "integer",
"format": "int64"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketResponse"
},
"examples": {
"test": {
"created": "2021-10-02T18:04:59.078186+02:00",
"id": 8126,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "Surfaceintroduce virus detected",
"owner": "demo",
"references": [
{
"href": "http://www.centralworld-class.io/synthesize",
"name": "university"
},
{
"href": "https://www.futurevirtual.org/supply-chains/markets/sticky/iterate",
"name": "goal"
},
{
"href": "http://www.chiefsyndicate.io/action-items",
"name": "unemployment"
}
],
"schema": "{}",
"status": "closed",
"tickets": [
{
"artifacts": [
{
"name": "94d5cab6f5fe3422a447ab15436e7a672bc0c09a",
"status": "unknown"
},
{
"name": "http://www.customerviral.io/scalable/vertical/killer",
"status": "clean"
},
{
"name": "leadreintermediate.io",
"status": "malicious"
}
],
"created": "2021-10-02T18:04:59.078206+02:00",
"id": 8123,
"modified": "2021-10-02T18:04:59.078206+02:00",
"name": "live zebra",
"owner": "demo",
"playbooks": {
"phishing": {
"name": "Phishing",
"tasks": {
"block-iocs": {
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block IOCs",
"type": "task"
},
"block-sender": {
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Block sender",
"next": {
"extract-iocs": ""
},
"type": "task"
},
"board": {
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Board Involvement?",
"next": {
"escalate": "boardInvolved == true",
"mail-available": "boardInvolved == false"
},
"schema": {
"properties": {
"boardInvolved": {
"default": false,
"title": "A board member is involved.",
"type": "boolean"
}
},
"required": [
"boardInvolved"
],
"title": "Board Involvement?",
"type": "object"
},
"type": "input"
},
"escalate": {
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Escalate to CISO",
"type": "task"
},
"extract-iocs": {
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Extract IOCs",
"next": {
"block-iocs": ""
},
"schema": {
"properties": {
"iocs": {
"items": {
"type": "string"
},
"title": "IOCs",
"type": "array"
}
},
"title": "Extract IOCs",
"type": "object"
},
"type": "input"
},
"mail-available": {
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Mail available",
"next": {
"block-sender": "schemaKey == 'yes'",
"extract-iocs": "schemaKey == 'yes'",
"search-email-gateway": "schemaKey == 'no'"
},
"schema": {
"oneOf": [
{
"properties": {
"mail": {
"title": "Mail",
"type": "string",
"x-display": "textarea"
},
"schemaKey": {
"const": "yes",
"type": "string"
}
},
"required": [
"mail"
],
"title": "Yes"
},
{
"properties": {
"schemaKey": {
"const": "no",
"type": "string"
}
},
"title": "No"
}
],
"title": "Mail available",
"type": "object"
},
"type": "input"
},
"search-email-gateway": {
"created": "2021-10-02T18:04:59.078186+02:00",
"done": false,
"name": "Search email gateway",
"next": {
"extract-iocs": ""
},
"type": "task"
}
}
}
},
"references": [
{
"href": "https://www.leadmaximize.net/e-services/back-end",
"name": "performance"
},
{
"href": "http://www.corporateinteractive.name/rich",
"name": "autumn"
},
{
"href": "https://www.corporateintuitive.org/intuitive/platforms/integrate",
"name": "suggest"
}
],
"schema": "{\n \"definitions\": {},\n \"$schema\": \"http://json-schema.org/draft-07/schema#\",\n \"$id\": \"https://example.com/object1618746510.json\",\n \"title\": \"Event\",\n \"type\": \"object\",\n \"required\": [\n \"severity\",\n \"description\",\n \"tlp\"\n ],\n \"properties\": {\n \"severity\": {\n \"$id\": \"#root/severity\",\n \"title\": \"Severity\",\n \"type\": \"string\",\n \"default\": \"Medium\",\n \"nx-enum\": [\n \"Low\",\n \"Medium\",\n \"High\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"Low\",\n \"title\": \"Low\",\n \"icon\": \"mdi-chevron-up\"\n },\n {\n \"const\": \"Medium\",\n \"title\": \"Medium\",\n \"icon\": \"mdi-chevron-double-up\"\n },\n {\n \"const\": \"High\",\n \"title\": \"High\",\n \"icon\": \"mdi-chevron-triple-up\"\n }\n ]\n },\n \"tlp\": {\n \"$id\": \"#root/tlp\",\n \"title\": \"TLP\",\n \"type\": \"string\",\n \"nx-enum\": [\n \"White\",\n \"Green\",\n \"Amber\",\n \"Red\"\n ],\n \"x-cols\": 6,\n \"x-class\": \"pr-2\",\n \"x-display\": \"icon\",\n \"x-itemIcon\": \"icon\",\n \"oneOf\": [\n {\n \"const\": \"White\",\n \"title\": \"White\",\n \"icon\": \"mdi-alpha-w\"\n },\n {\n \"const\": \"Green\",\n \"title\": \"Green\",\n \"icon\": \"mdi-alpha-g\"\n },\n {\n \"const\": \"Amber\",\n \"title\": \"Amber\",\n \"icon\": \"mdi-alpha-a\"\n },\n {\n \"const\": \"Red\",\n \"title\": \"Red\",\n \"icon\": \"mdi-alpha-r\"\n }\n ]\n },\n \"description\": {\n \"$id\": \"#root/description\",\n \"title\": \"Description\",\n \"type\": \"string\",\n \"x-display\": \"textarea\",\n \"x-class\": \"pr-2\"\n }\n }\n}\n",
"status": "closed",
"type": "incident"
},
{
"created": "2021-10-02T18:04:59.078186+02:00",
"id": 8125,
"modified": "2021-10-02T18:04:59.078186+02:00",
"name": "phishing from selenafadel@von.com detected",
"owner": "demo",
"references": [
{
"href": "https://www.seniorleading-edge.name/users/efficient",
"name": "recovery"
},
{
"href": "http://www.dynamicseamless.com/clicks-and-mortar",
"name": "force"
},
{
"href": "http://www.leadscalable.biz/envisioneer",
"name": "fund"
}
],
"schema": "{}",
"status": "closed",
"type": "alert"
}
],
"type": "alert"
}
}
}
}
}
},
"/tickettypes": {
"get": {
"security": [
{
"roles": [
"tickettype:read"
]
}
],
"tags": [
"tickettypes"
],
"summary": "List tickettypes",
"operationId": "listTicketTypes",
"responses": {
"200": {
"description": "successful operation",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/TicketTypeResponse"
}
},
"examples": {
"test": [
{
"default_playbooks": [],
"default_template": "default",
"icon": "mdi-alert",
"id": "alert",
"name": "Alerts"
},
{
"default_playbooks": [],
"default_template": "default",
"icon": "mdi-radioactive",
"id": "incident",
"name": "Incidents"
},
{
"default_playbooks": [],
"default_template": "default",
"icon": "mdi-fingerprint",
"id": "investigation",
"name": "Forensic Investigations"
},
{
"default_playbooks": [],
"default_template": "default",
"icon": "mdi-target",
"id": "hunt",
"name": "Threat Hunting"
}
]
}
}
}
},
"post": {
"security": [
{
"roles": [
"tickettype:write"
]
}
],
"tags": [
"tickettypes"
],
"summary": "Create a new tickettype",
"operationId": "createTicketType",
"parameters": [
{
"x-example": {
"default_playbooks": [],
"default_template": "default",
"icon": "mdi-newspaper-variant-outline",
"name": "TI Tickets"
},
"description": "New tickettype",
"name": "tickettype",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/TicketTypeForm"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketTypeResponse"
},
"examples": {
"test": {
"default_playbooks": [],
"default_template": "default",
"icon": "mdi-newspaper-variant-outline",
"id": "ti-tickets",
"name": "TI Tickets"
}
}
}
}
}
},
"/tickettypes/{id}": {
"get": {
"security": [
{
"roles": [
"tickettype:read"
]
}
],
"tags": [
"tickettypes"
],
"summary": "Get a single tickettype",
"operationId": "getTicketType",
"parameters": [
{
"type": "string",
"x-example": "alert",
"description": "TicketType ID",
"name": "id",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketTypeResponse"
},
"examples": {
"test": {
"default_playbooks": [],
"default_template": "default",
"icon": "mdi-alert",
"id": "alert",
"name": "Alerts"
}
}
}
}
},
"put": {
"security": [
{
"roles": [
"tickettype:write"
]
}
],
"tags": [
"tickettypes"
],
"summary": "Update an existing tickettype",
"operationId": "updateTicketType",
"parameters": [
{
"type": "string",
"x-example": "alert",
"description": "TicketType ID",
"name": "id",
"in": "path",
"required": true
},
{
"x-example": {
"default_playbooks": [],
"default_template": "default",
"icon": "mdi-bell",
"id": "alert",
"name": "Alerts"
},
"description": "TicketType object that needs to be added",
"name": "tickettype",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/TicketTypeForm"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/TicketTypeResponse"
},
"examples": {
"test": {
"default_playbooks": [],
"default_template": "default",
"icon": "mdi-bell",
"id": "alert",
"name": "Alerts"
}
}
}
}
},
"delete": {
"security": [
{
"roles": [
"tickettype:write"
]
}
],
"tags": [
"tickettypes"
],
"summary": "Delete a tickettype",
"operationId": "deleteTicketType",
"parameters": [
{
"type": "string",
"x-example": "alert",
"description": "TicketType ID",
"name": "id",
"in": "path",
"required": true
}
],
"responses": {
"204": {
"description": "successful operation"
}
}
}
},
"/userdata": {
"get": {
"security": [
{
"roles": [
"userdata:read"
]
}
],
"tags": [
"userdata"
],
"summary": "List userdata",
"operationId": "listUserData",
"responses": {
"200": {
"description": "successful operation",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/UserDataResponse"
}
},
"examples": {
"test": [
{
"email": "bob@example.org",
"id": "bob",
"name": "Bob Bad"
}
]
}
}
}
}
},
"/userdata/{id}": {
"get": {
"security": [
{
"roles": [
"userdata:read"
]
}
],
"tags": [
"userdata"
],
"summary": "Get a single user data",
"operationId": "getUserData",
"parameters": [
{
"type": "string",
"x-example": "bob",
"description": "User Data ID",
"name": "id",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/UserDataResponse"
},
"examples": {
"test": {
"email": "bob@example.org",
"id": "bob",
"name": "Bob Bad"
}
}
}
}
},
"put": {
"security": [
{
"roles": [
"userdata:write"
]
}
],
"tags": [
"userdata"
],
"summary": "Update an existing user data",
"operationId": "updateUserData",
"parameters": [
{
"type": "string",
"x-example": "bob",
"description": "User Data ID",
"name": "id",
"in": "path",
"required": true
},
{
"x-example": {
"blocked": false,
"email": "bob@example.org",
"name": "Bob Bad"
},
"description": "User data object that needs to be added",
"name": "userdata",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/UserData"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/UserDataResponse"
},
"examples": {
"test": {
"email": "bob@example.org",
"id": "bob",
"name": "Bob Bad"
}
}
}
}
}
},
"/users": {
"get": {
"security": [
{
"roles": [
"user:read"
]
}
],
"tags": [
"users"
],
"summary": "List users",
"operationId": "listUsers",
"responses": {
"200": {
"description": "successful operation",
"schema": {
"type": "array",
"items": {
"$ref": "#/definitions/UserResponse"
}
},
"examples": {
"test": [
{
"apikey": false,
"blocked": false,
"id": "bob",
"roles": [
"admin:backup:read",
"admin:backup:restore",
"admin:group:write",
"admin:job:read",
"admin:job:write",
"admin:log:read",
"admin:ticket:delete",
"admin:user:write",
"admin:userdata:read",
"admin:userdata:write",
"analyst:automation:read",
"analyst:currentsettings:write",
"analyst:currentuser:read",
"analyst:currentuserdata:read",
"analyst:file",
"analyst:group:read",
"analyst:playbook:read",
"analyst:rule:read",
"analyst:settings:read",
"analyst:template:read",
"analyst:ticket:read",
"analyst:ticket:write",
"analyst:tickettype:read",
"analyst:user:read",
"engineer:automation:write",
"engineer:playbook:write",
"engineer:rule:write",
"engineer:template:write",
"engineer:tickettype:write"
]
},
{
"apikey": true,
"blocked": false,
"id": "script",
"roles": [
"analyst:automation:read",
"analyst:currentsettings:write",
"analyst:currentuser:read",
"analyst:currentuserdata:read",
"analyst:file",
"analyst:group:read",
"analyst:playbook:read",
"analyst:rule:read",
"analyst:settings:read",
"analyst:template:read",
"analyst:ticket:read",
"analyst:ticket:write",
"analyst:tickettype:read",
"analyst:user:read",
"engineer:automation:write",
"engineer:playbook:write",
"engineer:rule:write",
"engineer:template:write",
"engineer:tickettype:write"
]
}
]
}
}
}
},
"post": {
"security": [
{
"roles": [
"user:write"
]
}
],
"tags": [
"users"
],
"summary": "Create user",
"operationId": "createUser",
"parameters": [
{
"x-example": {
"id": "syncscript",
"roles": [
"analyst"
]
},
"description": "user object that needs to be added",
"name": "user",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/UserForm"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/NewUserResponse"
},
"examples": {
"test": {
"blocked": false,
"id": "syncscript",
"roles": [
"analyst:automation:read",
"analyst:currentsettings:write",
"analyst:currentuser:read",
"analyst:currentuserdata:read",
"analyst:file",
"analyst:group:read",
"analyst:playbook:read",
"analyst:rule:read",
"analyst:settings:read",
"analyst:template:read",
"analyst:ticket:read",
"analyst:ticket:write",
"analyst:tickettype:read",
"analyst:user:read"
],
"secret": "v39bOuobnlEljfWzjAgoKzhmnh1xSMxH"
}
}
}
}
}
},
"/users/{id}": {
"get": {
"security": [
{
"roles": [
"user:read"
]
}
],
"tags": [
"users"
],
"summary": "Get a single user",
"operationId": "getUser",
"parameters": [
{
"type": "string",
"x-example": "script",
"description": "user ID",
"name": "id",
"in": "path",
"required": true
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/UserResponse"
},
"examples": {
"test": {
"apikey": true,
"blocked": false,
"id": "script",
"roles": [
"analyst:automation:read",
"analyst:currentsettings:write",
"analyst:currentuser:read",
"analyst:currentuserdata:read",
"analyst:file",
"analyst:group:read",
"analyst:playbook:read",
"analyst:rule:read",
"analyst:settings:read",
"analyst:template:read",
"analyst:ticket:read",
"analyst:ticket:write",
"analyst:tickettype:read",
"analyst:user:read",
"engineer:automation:write",
"engineer:playbook:write",
"engineer:rule:write",
"engineer:template:write",
"engineer:tickettype:write"
]
}
}
}
}
},
"put": {
"security": [
{
"roles": [
"user:write"
]
}
],
"tags": [
"users"
],
"summary": "Update user",
"operationId": "updateUser",
"parameters": [
{
"type": "string",
"x-example": "bob",
"description": "Template ID",
"name": "id",
"in": "path",
"required": true
},
{
"x-example": {
"roles": [
"analyst",
"admin"
]
},
"description": "user object that needs to be added",
"name": "user",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/UserForm"
}
}
],
"responses": {
"200": {
"description": "successful operation",
"schema": {
"$ref": "#/definitions/UserResponse"
},
"examples": {
"test": {
"apikey": false,
"blocked": false,
"id": "bob",
"roles": [
"admin:backup:read",
"admin:backup:restore",
"admin:group:write",
"admin:job:read",
"admin:job:write",
"admin:log:read",
"admin:ticket:delete",
"admin:user:write",
"admin:userdata:read",
"admin:userdata:write",
"analyst:automation:read",
"analyst:currentsettings:write",
"analyst:currentuser:read",
"analyst:currentuserdata:read",
"analyst:file",
"analyst:group:read",
"analyst:playbook:read",
"analyst:rule:read",
"analyst:settings:read",
"analyst:template:read",
"analyst:ticket:read",
"analyst:ticket:write",
"analyst:tickettype:read",
"analyst:user:read",
"engineer:automation:write",
"engineer:playbook:write",
"engineer:rule:write",
"engineer:template:write",
"engineer:tickettype:write"
]
}
}
}
}
},
"delete": {
"security": [
{
"roles": [
"user:write"
]
}
],
"tags": [
"users"
],
"summary": "Delete user",
"operationId": "deleteUser",
"parameters": [
{
"type": "string",
"x-example": "script",
"description": "user ID",
"name": "id",
"in": "path",
"required": true
}
],
"responses": {
"204": {
"description": "successful operation"
}
}
}
}
},
"definitions": {
"Artifact": {
"type": "object",
"required": [
"name"
],
"properties": {
"enrichments": {
"type": "object",
"additionalProperties": {
"$ref": "#/definitions/Enrichment"
}
},
"name": {
"type": "string",
"example": "2.2.2.2"
},
"status": {
"type": "string",
"example": "Unknown"
},
"type": {
"type": "string"
}
}
},
"ArtifactOrigin": {
"type": "object",
"required": [
"ticket_id",
"artifact"
],
"properties": {
"artifact": {
"type": "string"
},
"ticket_id": {
"type": "integer",
"format": "int64"
}
}
},
"Automation": {
"type": "object",
"required": [
"image",
"script",
"type"
],
"properties": {
"image": {
"type": "string"
},
"schema": {
"type": "string",
"example": "{}"
},
"script": {
"type": "string"
},
"type": {
"type": "array",
"items": {
"type": "string",
"enum": [
"artifact",
"playbook",
"global"
]
}
}
}
},
"AutomationForm": {
"type": "object",
"required": [
"id",
"image",
"script",
"type"
],
"properties": {
"id": {
"type": "string"
},
"image": {
"type": "string"
},
"schema": {
"type": "string",
"example": "{}"
},
"script": {
"type": "string"
},
"type": {
"type": "array",
"items": {
"type": "string",
"enum": [
"artifact",
"playbook",
"global"
]
}
}
}
},
"AutomationResponse": {
"type": "object",
"required": [
"id",
"image",
"script",
"type"
],
"properties": {
"id": {
"type": "string"
},
"image": {
"type": "string"
},
"schema": {
"type": "string",
"example": "{}"
},
"script": {
"type": "string"
},
"type": {
"type": "array",
"items": {
"type": "string",
"enum": [
"artifact",
"playbook",
"global"
]
}
}
}
},
"Comment": {
"type": "object",
"required": [
"creator",
"created",
"message"
],
"properties": {
"created": {
"type": "string",
"format": "date-time"
},
"creator": {
"type": "string"
},
"message": {
"type": "string"
}
}
},
"CommentForm": {
"type": "object",
"required": [
"message"
],
"properties": {
"created": {
"type": "string",
"format": "date-time"
},
"creator": {
"type": "string"
},
"message": {
"type": "string"
}
}
},
"Context": {
"type": "object",
"properties": {
"artifact": {
"$ref": "#/definitions/Artifact"
},
"playbook": {
"$ref": "#/definitions/PlaybookResponse"
},
"task": {
"$ref": "#/definitions/TaskResponse"
},
"ticket": {
"$ref": "#/definitions/TicketResponse"
}
}
},
"Enrichment": {
"type": "object",
"required": [
"name",
"data",
"created"
],
"properties": {
"created": {
"type": "string",
"format": "date-time",
"example": "1985-04-12T23:20:50.52Z"
},
"data": {
"type": "object",
"example": {
"hash": "b7a067a742c20d07a7456646de89bc2d408a1153"
}
},
"name": {
"type": "string",
"example": "hash.sha1"
}
}
},
"EnrichmentForm": {
"type": "object",
"required": [
"name",
"data"
],
"properties": {
"data": {
"type": "object",
"example": {
"hash": "b7a067a742c20d07a7456646de89bc2d408a1153"
}
},
"name": {
"type": "string",
"example": "hash.sha1"
}
}
},
"File": {
"type": "object",
"required": [
"key",
"name"
],
"properties": {
"key": {
"type": "string",
"example": "myfile"
},
"name": {
"type": "string",
"example": "notes.docx"
}
}
},
"Job": {
"type": "object",
"required": [
"automation",
"running",
"status"
],
"properties": {
"automation": {
"type": "string"
},
"container": {
"type": "string"
},
"log": {
"type": "string"
},
"origin": {
"$ref": "#/definitions/Origin"
},
"output": {
"type": "object"
},
"payload": {},
"running": {
"type": "boolean"
},
"status": {
"type": "string"
}
}
},
"JobForm": {
"type": "object",
"required": [
"automation"
],
"properties": {
"automation": {
"type": "string"
},
"origin": {
"$ref": "#/definitions/Origin"
},
"payload": {}
}
},
"JobResponse": {
"type": "object",
"required": [
"id",
"automation",
"status"
],
"properties": {
"automation": {
"type": "string"
},
"container": {
"type": "string"
},
"id": {
"type": "string"
},
"log": {
"type": "string"
},
"origin": {
"$ref": "#/definitions/Origin"
},
"output": {
"type": "object"
},
"payload": {},
"status": {
"type": "string"
}
}
},
"LogEntry": {
"type": "object",
"required": [
"reference",
"creator",
"created",
"message"
],
"properties": {
"created": {
"type": "string",
"format": "date-time"
},
"creator": {
"type": "string"
},
"message": {
"type": "string"
},
"reference": {
"type": "string"
}
}
},
"Message": {
"type": "object",
"properties": {
"context": {
"$ref": "#/definitions/Context"
},
"payload": {
"type": "object"
},
"secrets": {
"type": "object",
"additionalProperties": {
"type": "string"
}
}
}
},
"NewUserResponse": {
"type": "object",
"required": [
"id",
"blocked",
"roles"
],
"properties": {
"blocked": {
"type": "boolean"
},
"id": {
"type": "string"
},
"roles": {
"type": "array",
"items": {
"type": "string"
}
},
"secret": {
"type": "string"
}
}
},
"Origin": {
"type": "object",
"properties": {
"artifact_origin": {
"$ref": "#/definitions/ArtifactOrigin"
},
"task_origin": {
"$ref": "#/definitions/TaskOrigin"
}
}
},
"Playbook": {
"type": "object",
"required": [
"name",
"tasks"
],
"properties": {
"name": {
"type": "string",
"example": "Phishing"
},
"tasks": {
"type": "object",
"additionalProperties": {
"$ref": "#/definitions/Task"
}
}
}
},
"PlaybookResponse": {
"type": "object",
"required": [
"name",
"tasks"
],
"properties": {
"name": {
"type": "string",
"example": "Phishing"
},
"tasks": {
"type": "object",
"additionalProperties": {
"$ref": "#/definitions/TaskResponse"
}
}
}
},
"PlaybookTemplate": {
"type": "object",
"required": [
"name",
"yaml"
],
"properties": {
"name": {
"type": "string"
},
"yaml": {
"type": "string"
}
}
},
"PlaybookTemplateForm": {
"type": "object",
"required": [
"yaml"
],
"properties": {
"id": {
"type": "string"
},
"yaml": {
"type": "string"
}
}
},
"PlaybookTemplateResponse": {
"type": "object",
"required": [
"id",
"name",
"yaml"
],
"properties": {
"id": {
"type": "string"
},
"name": {
"type": "string"
},
"yaml": {
"type": "string"
}
}
},
"Reference": {
"type": "object",
"required": [
"name",
"href"
],
"properties": {
"href": {
"type": "string",
"example": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-0144"
},
"name": {
"type": "string",
"example": "CVE-2017-0144"
}
}
},
"Settings": {
"type": "object",
"required": [
"version",
"tier",
"timeformat",
"ticketTypes",
"artifactStates"
],
"properties": {
"artifactStates": {
"type": "array",
"title": "Artifact States",
"items": {
"$ref": "#/definitions/Type"
}
},
"roles": {
"type": "array",
"title": "Roles",
"items": {
"type": "string"
}
},
"ticketTypes": {
"type": "array",
"title": "Ticket Types",
"items": {
"$ref": "#/definitions/TicketTypeResponse"
}
},
"tier": {
"type": "string",
"title": "Tier",
"enum": [
"community",
"enterprise"
]
},
"timeformat": {
"type": "string",
"title": "Time Format"
},
"version": {
"type": "string",
"title": "Version"
}
}
},
"Statistics": {
"type": "object",
"required": [
"unassigned",
"open_tickets_per_user",
"tickets_per_week",
"tickets_per_type"
],
"properties": {
"open_tickets_per_user": {
"type": "object",
"additionalProperties": {
"type": "integer"
}
},
"tickets_per_type": {
"type": "object",
"additionalProperties": {
"type": "integer"
}
},
"tickets_per_week": {
"type": "object",
"additionalProperties": {
"type": "integer"
}
},
"unassigned": {
"type": "integer"
}
}
},
"Task": {
"type": "object",
"required": [
"name",
"type",
"done",
"created"
],
"properties": {
"automation": {
"type": "string"
},
"closed": {
"type": "string",
"format": "date-time",
"example": "1985-04-12T23:20:50.52Z"
},
"created": {
"type": "string",
"format": "date-time",
"example": "1985-04-12T23:20:50.52Z"
},
"data": {
"type": "object"
},
"done": {
"type": "boolean"
},
"join": {
"type": "boolean",
"example": false
},
"name": {
"type": "string",
"example": "Inform user"
},
"next": {
"type": "object",
"additionalProperties": {
"type": "string"
}
},
"owner": {
"type": "string"
},
"payload": {
"type": "object",
"additionalProperties": {
"type": "string"
}
},
"schema": {
"type": "object"
},
"type": {
"type": "string",
"enum": [
"task",
"input",
"automation"
],
"example": "task"
}
}
},
"TaskForm": {
"type": "object",
"required": [
"name",
"type"
],
"properties": {
"automation": {
"type": "string"
},
"closed": {
"type": "string",
"format": "date-time",
"example": "1985-04-12T23:20:50.52Z"
},
"created": {
"type": "string",
"format": "date-time",
"example": "1985-04-12T23:20:50.52Z"
},
"data": {
"type": "object"
},
"done": {
"type": "boolean"
},
"join": {
"type": "boolean",
"example": false
},
"name": {
"type": "string",
"example": "Inform user"
},
"next": {
"type": "object",
"additionalProperties": {
"type": "string"
}
},
"owner": {
"type": "string"
},
"payload": {
"type": "object",
"additionalProperties": {
"type": "string"
}
},
"schema": {
"type": "object"
},
"type": {
"type": "string",
"enum": [
"task",
"input",
"automation"
],
"example": "task"
}
}
},
"TaskOrigin": {
"type": "object",
"required": [
"ticket_id",
"playbook_id",
"task_id"
],
"properties": {
"playbook_id": {
"type": "string"
},
"task_id": {
"type": "string"
},
"ticket_id": {
"type": "integer",
"format": "int64"
}
}
},
"TaskResponse": {
"type": "object",
"required": [
"name",
"type",
"done",
"created",
"order",
"active"
],
"properties": {
"active": {
"type": "boolean",
"example": false
},
"automation": {
"type": "string"
},
"closed": {
"type": "string",
"format": "date-time",
"example": "1985-04-12T23:20:50.52Z"
},
"created": {
"type": "string",
"format": "date-time",
"example": "1985-04-12T23:20:50.52Z"
},
"data": {
"type": "object"
},
"done": {
"type": "boolean"
},
"join": {
"type": "boolean",
"example": false
},
"name": {
"type": "string",
"example": "Inform user"
},
"next": {
"type": "object",
"additionalProperties": {
"type": "string"
}
},
"order": {
"type": "number",
"format": "int64",
"example": 2
},
"owner": {
"type": "string"
},
"payload": {
"type": "object",
"additionalProperties": {
"type": "string"
}
},
"schema": {
"type": "object"
},
"type": {
"type": "string",
"enum": [
"task",
"input",
"automation"
],
"example": "task"
}
}
},
"TaskWithContext": {
"type": "object",
"required": [
"ticket_id",
"ticket_name",
"playbook_id",
"playbook_name",
"task_id",
"task"
],
"properties": {
"playbook_id": {
"type": "string"
},
"playbook_name": {
"type": "string"
},
"task": {
"$ref": "#/definitions/TaskResponse"
},
"task_id": {
"type": "string"
},
"ticket_id": {
"type": "number",
"format": "int64"
},
"ticket_name": {
"type": "string"
}
}
},
"Ticket": {
"type": "object",
"required": [
"name",
"type",
"status",
"created",
"modified",
"schema"
],
"properties": {
"artifacts": {
"type": "array",
"items": {
"$ref": "#/definitions/Artifact"
}
},
"comments": {
"type": "array",
"items": {
"$ref": "#/definitions/Comment"
}
},
"created": {
"type": "string",
"format": "date-time",
"example": "1985-04-12T23:20:50.52Z"
},
"details": {
"type": "object",
"example": {
"description": "my little incident"
}
},
"files": {
"type": "array",
"items": {
"$ref": "#/definitions/File"
}
},
"modified": {
"type": "string",
"format": "date-time",
"example": "1985-04-12T23:20:50.52Z"
},
"name": {
"type": "string",
"example": "WannyCry"
},
"owner": {
"type": "string",
"example": "bob"
},
"playbooks": {
"type": "object",
"additionalProperties": {
"$ref": "#/definitions/Playbook"
}
},
"read": {
"type": "array",
"items": {
"type": "string"
},
"example": [
"bob"
]
},
"references": {
"type": "array",
"items": {
"$ref": "#/definitions/Reference"
}
},
"schema": {
"type": "string",
"example": "{}"
},
"status": {
"type": "string",
"example": "open"
},
"type": {
"type": "string",
"example": "incident"
},
"write": {
"type": "array",
"items": {
"type": "string"
},
"example": [
"alice"
]
}
}
},
"TicketForm": {
"type": "object",
"required": [
"name",
"type",
"status"
],
"properties": {
"artifacts": {
"type": "array",
"items": {
"$ref": "#/definitions/Artifact"
}
},
"comments": {
"type": "array",
"items": {
"$ref": "#/definitions/Comment"
}
},
"created": {
"type": "string",
"format": "date-time",
"example": "1985-04-12T23:20:50.52Z"
},
"details": {
"type": "object",
"example": {
"description": "my little incident"
}
},
"files": {
"type": "array",
"items": {
"$ref": "#/definitions/File"
}
},
"id": {
"type": "integer",
"format": "int64",
"example": 123
},
"modified": {
"type": "string",
"format": "date-time",
"example": "1985-04-12T23:20:50.52Z"
},
"name": {
"type": "string",
"example": "WannyCry"
},
"owner": {
"type": "string",
"example": "bob"
},
"playbooks": {
"type": "array",
"items": {
"$ref": "#/definitions/PlaybookTemplateForm"
}
},
"read": {
"type": "array",
"items": {
"type": "string"
},
"example": [
"bob"
]
},
"references": {
"type": "array",
"items": {
"$ref": "#/definitions/Reference"
}
},
"schema": {
"type": "string",
"example": "{}"
},
"status": {
"type": "string",
"example": "open"
},
"type": {
"type": "string",
"example": "incident"
},
"write": {
"type": "array",
"items": {
"type": "string"
},
"example": [
"alice"
]
}
}
},
"TicketList": {
"type": "object",
"required": [
"tickets",
"count"
],
"properties": {
"count": {
"type": "number",
"example": 3
},
"tickets": {
"type": "array",
"items": {
"$ref": "#/definitions/TicketSimpleResponse"
}
}
}
},
"TicketResponse": {
"type": "object",
"required": [
"id",
"name",
"type",
"status",
"created",
"modified",
"schema"
],
"properties": {
"artifacts": {
"type": "array",
"items": {
"$ref": "#/definitions/Artifact"
}
},
"comments": {
"type": "array",
"items": {
"$ref": "#/definitions/Comment"
}
},
"created": {
"type": "string",
"format": "date-time",
"example": "1985-04-12T23:20:50.52Z"
},
"details": {
"type": "object",
"example": {
"description": "my little incident"
}
},
"files": {
"type": "array",
"items": {
"$ref": "#/definitions/File"
}
},
"id": {
"type": "integer",
"format": "int64",
"example": 123
},
"modified": {
"type": "string",
"format": "date-time",
"example": "1985-04-12T23:20:50.52Z"
},
"name": {
"type": "string",
"example": "WannyCry"
},
"owner": {
"type": "string",
"example": "bob"
},
"playbooks": {
"type": "object",
"additionalProperties": {
"$ref": "#/definitions/PlaybookResponse"
}
},
"read": {
"type": "array",
"items": {
"type": "string"
},
"example": [
"bob"
]
},
"references": {
"type": "array",
"items": {
"$ref": "#/definitions/Reference"
}
},
"schema": {
"type": "string",
"example": "{}"
},
"status": {
"type": "string",
"example": "open"
},
"type": {
"type": "string",
"example": "incident"
},
"write": {
"type": "array",
"items": {
"type": "string"
},
"example": [
"alice"
]
}
}
},
"TicketSimpleResponse": {
"type": "object",
"required": [
"id",
"name",
"type",
"status",
"created",
"modified",
"schema"
],
"properties": {
"artifacts": {
"type": "array",
"items": {
"$ref": "#/definitions/Artifact"
}
},
"comments": {
"type": "array",
"items": {
"$ref": "#/definitions/Comment"
}
},
"created": {
"type": "string",
"format": "date-time",
"example": "1985-04-12T23:20:50.52Z"
},
"details": {
"type": "object",
"example": {
"description": "my little incident"
}
},
"files": {
"type": "array",
"items": {
"$ref": "#/definitions/File"
}
},
"id": {
"type": "integer",
"format": "int64",
"example": 123
},
"modified": {
"type": "string",
"format": "date-time",
"example": "1985-04-12T23:20:50.52Z"
},
"name": {
"type": "string",
"example": "WannyCry"
},
"owner": {
"type": "string",
"example": "bob"
},
"playbooks": {
"type": "object",
"additionalProperties": {
"$ref": "#/definitions/Playbook"
}
},
"read": {
"type": "array",
"items": {
"type": "string"
},
"example": [
"bob"
]
},
"references": {
"type": "array",
"items": {
"$ref": "#/definitions/Reference"
}
},
"schema": {
"type": "string",
"example": "{}"
},
"status": {
"type": "string",
"example": "open"
},
"type": {
"type": "string",
"example": "incident"
},
"write": {
"type": "array",
"items": {
"type": "string"
},
"example": [
"alice"
]
}
}
},
"TicketTemplate": {
"type": "object",
"required": [
"name",
"schema"
],
"properties": {
"name": {
"type": "string"
},
"schema": {
"type": "string"
}
}
},
"TicketTemplateForm": {
"type": "object",
"required": [
"name",
"schema"
],
"properties": {
"id": {
"type": "string"
},
"name": {
"type": "string"
},
"schema": {
"type": "string"
}
}
},
"TicketTemplateResponse": {
"type": "object",
"required": [
"id",
"name",
"schema"
],
"properties": {
"id": {
"type": "string"
},
"name": {
"type": "string"
},
"schema": {
"type": "string"
}
}
},
"TicketType": {
"type": "object",
"required": [
"name",
"icon",
"default_template",
"default_playbooks"
],
"properties": {
"default_groups": {
"type": "array",
"items": {
"type": "string"
}
},
"default_playbooks": {
"type": "array",
"items": {
"type": "string"
}
},
"default_template": {
"type": "string"
},
"icon": {
"type": "string"
},
"name": {
"type": "string"
}
}
},
"TicketTypeForm": {
"type": "object",
"required": [
"name",
"icon",
"default_template",
"default_playbooks"
],
"properties": {
"default_groups": {
"type": "array",
"items": {
"type": "string"
}
},
"default_playbooks": {
"type": "array",
"items": {
"type": "string"
}
},
"default_template": {
"type": "string"
},
"icon": {
"type": "string"
},
"id": {
"type": "string"
},
"name": {
"type": "string"
}
}
},
"TicketTypeResponse": {
"type": "object",
"required": [
"id",
"name",
"icon",
"default_template",
"default_playbooks"
],
"properties": {
"default_groups": {
"type": "array",
"items": {
"type": "string"
}
},
"default_playbooks": {
"type": "array",
"items": {
"type": "string"
}
},
"default_template": {
"type": "string"
},
"icon": {
"type": "string"
},
"id": {
"type": "string"
},
"name": {
"type": "string"
}
}
},
"TicketWithTickets": {
"type": "object",
"required": [
"id",
"name",
"type",
"status",
"created",
"modified",
"schema"
],
"properties": {
"artifacts": {
"type": "array",
"items": {
"$ref": "#/definitions/Artifact"
}
},
"comments": {
"type": "array",
"items": {
"$ref": "#/definitions/Comment"
}
},
"created": {
"type": "string",
"format": "date-time",
"example": "1985-04-12T23:20:50.52Z"
},
"details": {
"type": "object",
"example": {
"description": "my little incident"
}
},
"files": {
"type": "array",
"items": {
"$ref": "#/definitions/File"
}
},
"id": {
"type": "integer",
"format": "int64",
"example": 123
},
"modified": {
"type": "string",
"format": "date-time",
"example": "1985-04-12T23:20:50.52Z"
},
"name": {
"type": "string",
"example": "WannyCry"
},
"owner": {
"type": "string",
"example": "bob"
},
"playbooks": {
"type": "object",
"additionalProperties": {
"$ref": "#/definitions/PlaybookResponse"
}
},
"read": {
"type": "array",
"items": {
"type": "string"
},
"example": [
"bob"
]
},
"references": {
"type": "array",
"items": {
"$ref": "#/definitions/Reference"
}
},
"schema": {
"type": "string",
"example": "{}"
},
"status": {
"type": "string",
"example": "open"
},
"tickets": {
"type": "array",
"items": {
"$ref": "#/definitions/TicketSimpleResponse"
}
},
"type": {
"type": "string",
"example": "incident"
},
"write": {
"type": "array",
"items": {
"type": "string"
},
"example": [
"alice"
]
}
}
},
"Type": {
"type": "object",
"required": [
"id",
"name",
"icon"
],
"properties": {
"color": {
"type": "string",
"title": "Color",
"enum": [
"error",
"info",
"success",
"warning"
],
"x-cols": 3
},
"icon": {
"type": "string",
"title": "Icon (https://materialdesignicons.com)",
"x-class": "pr-2",
"x-cols": 3
},
"id": {
"type": "string",
"title": "ID",
"x-class": "pr-2",
"x-cols": 3
},
"name": {
"type": "string",
"title": "Name",
"x-class": "pr-2",
"x-cols": 3
}
}
},
"User": {
"type": "object",
"required": [
"blocked",
"apikey",
"roles"
],
"properties": {
"apikey": {
"type": "boolean"
},
"blocked": {
"type": "boolean"
},
"roles": {
"type": "array",
"items": {
"type": "string"
}
},
"sha256": {
"type": "string"
}
}
},
"UserData": {
"type": "object",
"properties": {
"email": {
"type": "string",
"x-example": "bob@example.org"
},
"image": {
"type": "string",
"x-display": "custom-avatar"
},
"name": {
"type": "string",
"x-example": "Robert Smith"
},
"timeformat": {
"type": "string",
"title": "Time Format (https://moment.github.io/luxon/docs/manual/formatting.html#table-of-tokens)"
}
}
},
"UserDataResponse": {
"type": "object",
"required": [
"id"
],
"properties": {
"email": {
"type": "string",
"x-example": "bob@example.org"
},
"id": {
"type": "string"
},
"image": {
"type": "string",
"x-display": "custom-avatar"
},
"name": {
"type": "string",
"x-example": "Robert Smith"
},
"timeformat": {
"type": "string",
"title": "Time Format (https://moment.github.io/luxon/docs/manual/formatting.html#table-of-tokens)"
}
}
},
"UserForm": {
"type": "object",
"required": [
"id",
"blocked",
"roles",
"apikey"
],
"properties": {
"apikey": {
"type": "boolean"
},
"blocked": {
"type": "boolean"
},
"id": {
"type": "string"
},
"roles": {
"type": "array",
"items": {
"type": "string"
}
}
}
},
"UserResponse": {
"type": "object",
"required": [
"id",
"blocked",
"roles",
"apikey"
],
"properties": {
"apikey": {
"type": "boolean"
},
"blocked": {
"type": "boolean"
},
"id": {
"type": "string"
},
"roles": {
"type": "array",
"items": {
"type": "string"
}
}
}
}
}
}`))
}
Reference in New Issue View Git Blame Copy Permalink