From 92fd6eb11fa97ed37d05cd60c03ea719a2950eeb Mon Sep 17 00:00:00 2001 From: Juliya Smith Date: Mon, 22 Feb 2021 20:19:48 +0000 Subject: [PATCH 1/6] use realistic token becausue dotnet cares --- docs/core.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/core.yml b/docs/core.yml index 57b6eb1..cdade42 100644 --- a/docs/core.yml +++ b/docs/core.yml @@ -1247,7 +1247,7 @@ components: properties: v3_user_token: type: string - example: test_v3_user_token + example: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWUsImp0aSI6IjUyYmE4MDUwLTQ0MWYtNGY5MS05MTJiLTE2Mjg0Y2U3MmQzZSIsImlhdCI6MTYxNDAyNTA5OCwiZXhwIjoxNjE0MDI4Njk4fQ.O5oH8870M3ZXVB-1iyUg_tJ1Yke_b2RuwGYz2m_aYYk error: type: string format: nullable From 0fa7027f7d85d2fdc4b0629a204c9547206d4b3d Mon Sep 17 00:00:00 2001 From: Juliya Smith Date: Mon, 22 Feb 2021 20:20:43 +0000 Subject: [PATCH 2/6] underscores --- docker-compose.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index f43cfde..f044180 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -89,7 +89,7 @@ services: - "4207:4207" command: mock docs/audit-logs.yml -p 4207 -h 0.0.0.0 - file-events: + file_events: image: c42/mock-microservice-endpoints:1.0 build: context: . @@ -100,7 +100,7 @@ services: - "4208:4208" command: mock docs/file-events.yml -p 4208 -h 0.0.0.0 - preservation-data-service: + preservation_data_service: image: c42/mock-microservice-endpoints:1.0 build: context: . From fa2991ad0fa2f3dad56920b764e89c01439e293f Mon Sep 17 00:00:00 2001 From: Juliya Smith Date: Mon, 22 Feb 2021 21:02:34 +0000 Subject: [PATCH 3/6] add saved search --- docs/file-events.yml | 374 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 374 insertions(+) diff --git a/docs/file-events.yml b/docs/file-events.yml index 507ff20..3f97e0b 100644 --- a/docs/file-events.yml +++ b/docs/file-events.yml @@ -80,6 +80,45 @@ paths: $ref: '#/components/schemas/GroupingResponse' deprecated: false x-codegen-request-body-name: request + /v1/file-events/saved-searches: + get: + tags: + - File Events + summary: Get all saved searches + operationId: getSavedSearchesUsingGET + responses: + 200: + description: 'Success: List of all saved searches for the tenant.' + content: + application/json: + schema: + $ref: '#/components/schemas/SavedSearchResponse-file-events' + deprecated: false + /v1/file-events/saved-searches/{id}: + get: + tags: + - File Events + summary: Get a single saved search + operationId: getSavedSearchByIdUsingGET + parameters: + - name: id + in: path + description: Unique identifier for a saved search. + required: true + schema: + type: string + responses: + 200: + description: 'Success: Details of the specified saved search.' + content: + application/json: + schema: + $ref: '#/components/schemas/SavedSearchResponse-file-events' + 404: + description: 'Not found: Saved search does not exist.' + content: {} + deprecated: false + components: schemas: ExportRequest: @@ -1244,3 +1283,338 @@ components: StreamingResponseBody: title: StreamingResponseBody type: object + SavedSearchResponse-file-events: + title: SavedSearchResponse + type: object + properties: + searches: + type: array + description: List of saved searches in the response. + items: + $ref: '#/components/schemas/SavedSearchDetail-file-events' + SavedSearchDetail-file-events: + title: SavedSearchDetail + type: object + properties: + apiVersion: + type: integer + description: Version of the API used to create the search. + format: int32 + example: 1 + columns: + type: array + description: List of columns to be displayed in the web app for the search. + items: + type: string + enum: + - eventId + - eventType + - eventTimestamp + - insertionTimestamp + - filePath + - fileName + - fileType + - fileCategory + - fileCategoryByBytes + - fileCategoryByExtension + - fileSize + - fileOwner + - md5Checksum + - sha256Checksum + - createTimestamp + - modifyTimestamp + - deviceUserName + - deviceUid + - userUid + - osHostName + - domainName + - publicIpAddress + - privateIpAddresses + - actor + - directoryId + - source + - url + - shared + - sharedWith + - sharingTypeAdded + - cloudDriveId + - detectionSourceAlias + - fileId + - exposure + - processOwner + - processName + - windowTitle + - tabUrl + - tabTitles + - tabUrls + - removableMediaVendor + - removableMediaName + - removableMediaSerialNumber + - removableMediaCapacity + - removableMediaBusType + - removableMediaMediaName + - removableMediaVolumeName + - removableMediaPartitionId + - syncDestination + - syncDestinationUsername + - emailDlpPolicyNames + - emailSubject + - emailSender + - emailFrom + - emailRecipients + - outsideActiveHours + - mimeTypeByBytes + - mimeTypeByExtension + - mimeTypeMismatch + - printJobName + - printerName + - printedFilesBackupPath + - remoteActivity + - trusted + - operatingSystemUser + - destinationCategory + - destinationName + createdByUID: + type: string + description: User UID of the user who created the saved search. + example: "806150685834341100" + createdByUsername: + type: string + description: Username of the user who created the saved search. + example: adrian@example.com + creationTimestamp: + type: string + description: Time at which the saved search was created. + format: date-time + example: 2020-10-27T15:16:05.369203Z + groupClause: + type: string + description: Grouping clause for any specified groups. + example: OR + enum: + - AND + - OR + groups: + type: array + description: One or more FilterGroups to be combined in a query. + items: + $ref: '#/components/schemas/FilterGroup-file-events' + id: + type: string + description: Unique identifier for the saved search. + example: cde979fa-d551-4be9-b242-39e75b824089 + modifiedByUID: + type: string + description: User UID of the user who last modified the saved search. + example: "421380797518239200" + modifiedByUsername: + type: string + description: Username of the user who last modified the saved search. + example: ari@example.com + modifiedTimestamp: + type: string + description: Time at which the saved search was last modified. + format: date-time + example: 2020-10-27T15:20:26.311894Z + name: + type: string + description: Name given to the saved search. + example: Example saved search + notes: + type: string + description: Optional notes about the search. + example: This search returns all events. + srtDir: + type: string + description: Sort direction. + example: asc + enum: + - asc + - desc + srtKey: + type: string + description: Search term for sorting. + example: eventId + enum: + - eventId + - eventType + - eventTimestamp + - insertionTimestamp + - filePath + - fileName + - fileType + - fileCategory + - fileCategoryByBytes + - fileCategoryByExtension + - fileSize + - fileOwner + - md5Checksum + - sha256Checksum + - createTimestamp + - modifyTimestamp + - deviceUserName + - deviceUid + - userUid + - osHostName + - domainName + - publicIpAddress + - privateIpAddresses + - actor + - directoryId + - source + - url + - shared + - sharedWith + - sharingTypeAdded + - cloudDriveId + - detectionSourceAlias + - fileId + - exposure + - processOwner + - processName + - windowTitle + - tabUrl + - tabTitles + - tabUrls + - removableMediaVendor + - removableMediaName + - removableMediaSerialNumber + - removableMediaCapacity + - removableMediaBusType + - removableMediaMediaName + - removableMediaVolumeName + - removableMediaPartitionId + - syncDestination + - syncDestinationUsername + - emailDlpPolicyNames + - emailSubject + - emailSender + - emailFrom + - emailRecipients + - outsideActiveHours + - mimeTypeByBytes + - mimeTypeByExtension + - mimeTypeMismatch + - printJobName + - printerName + - printedFilesBackupPath + - remoteActivity + - trusted + - operatingSystemUser + - destinationCategory + - destinationName + FilterGroup-file-events: + type: object + required: + - filters + properties: + filterClause: + type: string + example: AND + description: Grouping clause for filters. Default is `AND`. + enum: + - AND + - OR + filters: + type: array + description: One or more SearchFilters to be combined in a query. + items: + $ref: '#/components/schemas/SearchFilter-file-events' + title: FilterGroup + SearchFilter-file-events: + type: object + required: + - value + properties: + operator: + type: string + example: IS_NOT + description: The type of match to perform. Default value is `IS`. + enum: + - IS + - IS_NOT + - ON_OR_BEFORE + - ON_OR_AFTER + - 'ON' + - WITHIN_THE_LAST + - LESS_THAN + - GREATER_THAN + - EXISTS + - DOES_NOT_EXIST + term: + type: string + example: actor + description: The field to match. Default value is `deviceUserName`. + enum: + - eventId + - eventType + - eventTimestamp + - insertionTimestamp + - filePath + - fileName + - fileType + - fileCategory + - fileCategoryByBytes + - fileCategoryByExtension + - fileSize + - fileOwner + - md5Checksum + - sha256Checksum + - createTimestamp + - modifyTimestamp + - deviceUserName + - deviceUid + - userUid + - osHostName + - domainName + - publicIpAddress + - privateIpAddresses + - actor + - directoryId + - source + - url + - shared + - sharedWith + - sharingTypeAdded + - cloudDriveId + - detectionSourceAlias + - fileId + - exposure + - processOwner + - processName + - windowTitle + - tabUrl + - tabTitles + - tabUrls + - removableMediaVendor + - removableMediaName + - removableMediaSerialNumber + - removableMediaCapacity + - removableMediaBusType + - removableMediaMediaName + - removableMediaVolumeName + - removableMediaPartitionId + - syncDestination + - syncDestinationUsername + - emailDlpPolicyNames + - emailSubject + - emailSender + - emailFrom + - emailRecipients + - outsideActiveHours + - mimeTypeByBytes + - mimeTypeByExtension + - mimeTypeMismatch + - printJobName + - printerName + - printedFilesBackupPath + - remoteActivity + - trusted + - operatingSystemUser + - destinationCategory + - destinationName + value: + type: string + example: ari@example.com + description: The input for the search. + title: SearchFilter From cea3a986bcd96d6173e8f57591b23ea79abf392c Mon Sep 17 00:00:00 2001 From: Juliya Smith Date: Mon, 22 Feb 2021 21:07:02 +0000 Subject: [PATCH 4/6] correct file events urls --- docs/file-events.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/file-events.yml b/docs/file-events.yml index 3f97e0b..3d1a743 100644 --- a/docs/file-events.yml +++ b/docs/file-events.yml @@ -56,7 +56,7 @@ paths: $ref: '#/components/schemas/StreamingResponseBody' deprecated: false x-codegen-request-body-name: request - /api/v1/fileevent/grouping: + /forensic-search/queryservice/api/v1/fileevent/grouping: post: tags: - File Events @@ -80,7 +80,7 @@ paths: $ref: '#/components/schemas/GroupingResponse' deprecated: false x-codegen-request-body-name: request - /v1/file-events/saved-searches: + /forensic-search/queryservice/api/v1/saved: get: tags: - File Events @@ -94,7 +94,7 @@ paths: schema: $ref: '#/components/schemas/SavedSearchResponse-file-events' deprecated: false - /v1/file-events/saved-searches/{id}: + /forensic-search/queryservice/api/v1/saved/{id}: get: tags: - File Events From d69e38618eda45b82cc44236b97047c5ff96f217 Mon Sep 17 00:00:00 2001 From: Juliya Smith Date: Mon, 22 Feb 2021 21:08:46 +0000 Subject: [PATCH 5/6] force str --- docs/file-events.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/file-events.yml b/docs/file-events.yml index 3d1a743..64242cf 100644 --- a/docs/file-events.yml +++ b/docs/file-events.yml @@ -1386,7 +1386,7 @@ components: type: string description: Time at which the saved search was created. format: date-time - example: 2020-10-27T15:16:05.369203Z + example: '2020-10-27T15:16:05.369203Z' groupClause: type: string description: Grouping clause for any specified groups. From 699fda409b9ac8433362a122f4520b7a79e22e7f Mon Sep 17 00:00:00 2001 From: Juliya Smith Date: Mon, 22 Feb 2021 21:11:17 +0000 Subject: [PATCH 6/6] fix content type --- docs/file-events.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/file-events.yml b/docs/file-events.yml index 64242cf..fbc71b8 100644 --- a/docs/file-events.yml +++ b/docs/file-events.yml @@ -75,7 +75,7 @@ paths: 200: description: 'Success: List of groups matching the query.' content: - '*/*': + application/json: schema: $ref: '#/components/schemas/GroupingResponse' deprecated: false @@ -1415,7 +1415,7 @@ components: type: string description: Time at which the saved search was last modified. format: date-time - example: 2020-10-27T15:20:26.311894Z + example: '2020-10-27T15:20:26.311894Z' name: type: string description: Name given to the saved search.