openapi: 3.0.3
info:
title: ARMA Management Console API
version: 1.0.0
description: ARMA Management Console API
externalDocs:
description: Дополнительные соглашения используемые при разработке спецификации
url: https://iwarma.atlassian.net/wiki/spaces/ARMA/pages/25362443/ARMA+AMC+API
servers:
- url: http://localhost:9090/en
security:
- token_auth: []
tags:
- name: assets
description: "All for assets"
paths:
/api/incidents/:
get:
description: |-
Показать список инцидентов
Требуемое права: `can_view_incidents_list`
tags:
- incident
parameters:
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page_size"
- $ref: "#/components/parameters/assets"
responses:
200:
description: ""
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/Pagination"
- properties:
results:
items:
$ref: "#/components/schemas/Incident"
403:
$ref: "#/components/responses/403"
/api/incidents/{uuid}:
parameters:
- $ref: "#/components/parameters/uuidParam"
get:
description: |-
Подробная информация о инциденте
Требуемые права: `can_view_incidents`
tags:
- incident
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/Incident"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
patch:
description: |-
Обновление данных инцидента
Требуемые права: `can_view_incidents`
tags:
- incident
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/IncidentEdit"
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/Incident"
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
/api/incidents/csv_export/:
get:
tags:
- incident
description: 'Экспортирует таблицу инцидентов в новый файл хранилища и возвращает этот файл'
responses:
200:
description: Возвращает файл
/api/incidents/category/:
get:
description: |-
Получить список категорий инцидентов
Требуемые права: `can_view_incidents_list`
tags:
- incident
parameters:
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page_size"
responses:
200:
description: ""
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/Pagination"
- properties:
results:
items:
$ref: "#/components/schemas/NameDescriptionModel"
403:
$ref: "#/components/responses/403"
/api/incidents/effects/:
get:
description: |-
Показать список эффектов инцидента
tags:
- incident
parameters:
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page_size"
responses:
200:
description: ""
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/Pagination"
- properties:
results:
items:
$ref: "#/components/schemas/NameDescriptionModel"
403:
$ref: "#/components/responses/403"
post:
description: Добавить эффект для инцидента
tags:
- incident
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: "#/components/responses/403"
/api/incidents/effects/{id}:
get:
description: "Получить эффект для инцидента по его ID"
tags:
- incident
parameters:
- $ref: '#/components/parameters/idParam'
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
403:
description: Forbidden
content:
application/json:
schema:
properties:
detail:
type: string
example:
detail: "Учетные данные не были предоставлены."
404:
$ref: "#/components/responses/404"
patch:
description: Редактировать эффект инцидента
tags:
- incident
parameters:
- $ref: "#/components/parameters/idParam"
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
delete:
description: Удалить эффект инцидента
tags:
- incident
parameters:
- $ref: "#/components/parameters/idParam"
responses:
200:
description: "Успешное удаление"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
/api/incidents/recommendations/:
get:
description: "Получить список рекоммендаций для инцидентов"
tags:
- incident
parameters:
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page_size"
responses:
200:
description: ""
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/Pagination"
- properties:
results:
items:
$ref: "#/components/schemas/IncidentRecommendations"
403:
description: Forbidden
content:
application/json:
schema:
properties:
detail:
type: string
example:
detail: "Учетные данные не были предоставлены."
post:
description: Добавить рекоммендацию для инцидента
tags:
- incident
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: "#/components/responses/403"
/api/incidents/recommendations/{id}:
get:
description: "Получить рекоммендацию для инцидента по его ID"
tags:
- incident
parameters:
- $ref: '#/components/parameters/idParam'
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
403:
description: Forbidden
content:
application/json:
schema:
properties:
detail:
type: string
example:
detail: "Учетные данные не были предоставлены."
404:
$ref: "#/components/responses/404"
patch:
description: Редактировать рекоммендацию инцидента
tags:
- incident
parameters:
- $ref: "#/components/parameters/idParam"
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
delete:
description: Удалить рекоммендацию инцидента
tags:
- incident
parameters:
- $ref: "#/components/parameters/idParam"
responses:
200:
description: "Успешное удаление"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
/api/assets/groups:
get:
description: Получить список групп ассетов
tags:
- asset groups
parameters:
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page_size"
responses:
200:
description: ""
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/Pagination"
- properties:
results:
items:
$ref: "#/components/schemas/AssetGroup"
403:
$ref: "#/components/responses/403"
405:
$ref: "#/components/responses/405"
400:
description: ""
content:
application/json:
examples:
invalid_page:
$ref: "#/components/examples/invalid_page"
invalid_query_parameter:
$ref: "#/components/examples/invalid_query_parameter"
post:
description: Добавить производителя
tags:
- asset groups
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/AssetGroup"
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/AssetGroup"
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
/api/assets/groups/{id}/:
get:
description: Получить производителя по его ID
tags:
- asset groups
parameters:
- $ref: "#/components/parameters/idParam"
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/AssetGroup"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
patch:
description: Редактировать производителя по его ID
tags:
- asset groups
parameters:
- $ref: "#/components/parameters/idParam"
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/AssetGroup"
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/AssetGroup"
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
delete:
description: Удалить производителя по его ID
tags:
- asset groups
parameters:
- $ref: "#/components/parameters/idParam"
responses:
200:
description: ""
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
/api/assets/manufacturers:
get:
description: Получить список доступных производителей
tags:
- asset manufacturer
parameters:
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page_size"
responses:
200:
description: ""
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/Pagination"
- properties:
results:
items:
$ref: "#/components/schemas/NameDescriptionModel"
403:
$ref: "#/components/responses/403"
405:
$ref: "#/components/responses/405"
400:
description: ""
content:
application/json:
examples:
invalid_page:
$ref: "#/components/examples/invalid_page"
invalid_query_parameter:
$ref: "#/components/examples/invalid_query_parameter"
post:
description: Доавить производителя
tags:
- asset manufacturer
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
/api/assets/manufacturer/{id}/:
get:
description: Получить производителя по его ID
tags:
- asset manufacturer
parameters:
- $ref: "#/components/parameters/idParam"
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
patch:
description: Редактировать производителя по его ID
tags:
- asset manufacturer
parameters:
- $ref: "#/components/parameters/idParam"
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
delete:
description: Удалить производителя по его ID
tags:
- asset manufacturer
parameters:
- $ref: "#/components/parameters/idParam"
responses:
200:
description: ""
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
/api/assets/os:
get:
description: Получить список доступных операционных систем
tags:
- os
parameters:
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page_size"
responses:
200:
description: ""
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/Pagination"
- properties:
results:
items:
$ref: "#/components/schemas/NameDescriptionModel"
403:
$ref: "#/components/responses/403"
405:
$ref: "#/components/responses/405"
400:
description: ""
content:
application/json:
examples:
invalid_page:
$ref: "#/components/examples/invalid_page"
invalid_query_parameter:
$ref: "#/components/examples/invalid_query_parameter"
post:
description: Доавить ОС
tags:
- os
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
/api/assets/os/{id}/:
get:
description: Получить Операционную систему по ее ID
tags:
- os
parameters:
- $ref: "#/components/parameters/idParam"
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
patch:
description: Редактировать ОС по ее ID
tags:
- os
parameters:
- $ref: "#/components/parameters/idParam"
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
delete:
description: Удалить ОС по ее ID
tags:
- os
parameters:
- $ref: "#/components/parameters/idParam"
responses:
200:
description: ""
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
/api/assets/elements/:
get:
description: |-
Show Active List.
Permisions requred:
- "Can view list active";
tags:
- assets
parameters:
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page_size"
- $ref: "#/components/parameters/incidents"
responses:
200:
description: ""
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/Pagination"
- properties:
results:
items:
$ref: "#/components/schemas/AssetList"
403:
$ref: "#/components/responses/403"
405:
$ref: "#/components/responses/405"
400:
description: ""
content:
application/json:
examples:
invalid_page:
$ref: "#/components/examples/invalid_page"
invalid_query_parameter:
$ref: "#/components/examples/invalid_query_parameter"
/api/assets/elements/{id}/:
get:
description: |-
Получение полной информации о запрашиваемом активе. В том числе:
- Связные инциденты
- ?Связные уязвимости?
Связные модели возвращаются ввиде полной информации об объекте
Permisions requred:
- 'Can view active'
parameters:
- $ref: "#/components/parameters/idParam"
tags:
- assets
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/AssetDetail"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
patch:
description: |-
Patch Asset.
Permisions requred:
- 'Can view active'
parameters:
- $ref: "#/components/parameters/idParam"
tags:
- assets
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/AssetPatch"
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/AssetBase"
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
delete:
description: |-
Delete Asset.
Permisions requred:
- 'Can delete active'
parameters:
- $ref: "#/components/parameters/idParam"
tags:
- assets
responses:
200:
$ref: "#/components/responses/200_no_content"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
/api/assets/elements/authorize_assets/:
post:
tags:
- assets
requestBody:
content:
application/json:
schema:
properties:
selected_assets:
type: array
items:
type: integer
minimum: 1
responses:
200:
description: ""
content:
application/json:
example:
status: ok
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
/api/assets/elements/csv_export/:
get:
tags:
- assets
description: 'Экспортирует всю таблицу ассетов в новый файл хранилища и возвращает этот файл'
responses:
200:
description: Возвращает файл
/api/users/:
get:
description: "Получить список не удаленных пользователей (пользователей, у которых в имени не присутсвует префикс deleted_*"
tags:
- users
parameters:
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page_size"
responses:
200:
description: ""
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/Pagination"
- properties:
results:
items:
$ref: "#/components/schemas/UserInfo"
403:
$ref: "#/components/responses/403"
405:
$ref: "#/components/responses/405"
400:
description: ""
content:
application/json:
examples:
invalid_page:
$ref: "#/components/examples/invalid_page"
invalid_query_parameter:
$ref: "#/components/examples/invalid_query_parameter"
post:
description: "Создание нового пользователя"
tags:
- users
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UserInfo'
responses:
200:
description: ""
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/Pagination"
- properties:
results:
items:
$ref: "#/components/schemas/UserInfo"
403:
$ref: "#/components/responses/403"
405:
$ref: "#/components/responses/405"
400:
description: ""
content:
application/json:
examples:
invalid_page:
$ref: "#/components/examples/invalid_page"
invalid_query_parameter:
$ref: "#/components/examples/invalid_query_parameter"
incorrect_password:
$ref: "#/components/examples/incorrect_password"
/api/users/{id}/:
get:
description: "Получение информации о пользователе по его ID"
parameters:
- $ref: "#/components/parameters/idParam"
tags:
- users
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/UserInfo"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
patch:
description: "Редактирование информации о пользователе по его ID"
parameters:
- $ref: "#/components/parameters/idParam"
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UserInfo'
tags:
- users
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/UserInfo"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
incorrect_password:
$ref: "#/components/examples/incorrect_password"
delete:
description: "Удалить пользователя (Переименовывание логина пользователя + изменение состояния is_active -> False) по его ID."
parameters:
- $ref: "#/components/parameters/idParam"
tags:
- users
responses:
200:
$ref: "#/components/responses/200_no_content"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
/api/users/whoami/:
get:
description: "Получение информации об авторизаванном пользователе"
tags:
- users
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/User"
403:
$ref: "#/components/responses/403"
/api/store/:
get:
description: "Список файлов в хранилище"
tags:
- store
parameters:
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page_size"
responses:
200:
description: ""
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/Pagination"
- properties:
results:
items:
$ref: "#/components/schemas/StorageList"
403:
$ref: "#/components/responses/403"
400:
description: ""
content:
application/json:
examples:
invalid_page:
$ref: "#/components/examples/invalid_page"
invalid_query_parameter:
$ref: "#/components/examples/invalid_query_parameter"
/api/store/{id}/:
get:
description: |-
Получения полной информации об одном файле
Требуемые права:
- 'Can view storage'
parameters:
- $ref: "#/components/parameters/idParam"
tags:
- store
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/Storage"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
delete:
description: 'Удаления файла'
parameters:
- $ref: "#/components/parameters/idParam"
tags:
- store
responses:
200:
$ref: "#/components/responses/200_no_content"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
/api/store/{id}/download/:
get:
description: 'Скачивание файла'
parameters:
- $ref: "#/components/parameters/idParam"
tags:
- store
responses:
200:
description: Возвращает файл
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
/api/store/antivirus/:
post:
description: 'Обновление антивируса'
tags:
- store
requestBody:
content:
multipart/form-data:
schema:
type: object
required: [file]
properties:
file:
type: string
format: binary
description: Файл обновления антивируса (zip архив)
responses:
200:
$ref: '#/components/responses/200_status_ok'
403:
$ref: "#/components/responses/403"
400:
$ref: "#/components/responses/400_file_required"
/api/login/:
post:
description: Аутентификация в системе по сессии
tags:
- authorization
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/LoginRequest'
responses:
200:
description: ""
content:
application/json:
example:
status: ok
400:
description: ""
content:
application/json:
examples:
invalid_cred:
$ref: "#/components/examples/invalid_cred"
block_user_first:
$ref: '#/components/examples/block_user_first'
block_user_other:
$ref: '#/components/examples/block_user_other'
/api/logout/:
post:
description: Необходимо быть авторизованным
tags:
- authorization
responses:
200:
description: "Успешное прекращение(удаление) сессии."
403:
$ref: '#/components/responses/403'
/api/license/:
get:
description: "Получение информации о лицензии"
tags:
- license
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/License_info"
403:
$ref: "#/components/responses/403"
400:
$ref: "#/components/responses/400"
/api/license/auto/{uuid}:
parameters:
- $ref: "#/components/parameters/uuidParam"
get:
description: "Автоматическая активация лицензии"
tags:
- license
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/License_activate_success"
403:
$ref: "#/components/responses/403"
400:
$ref: "#/components/responses/400"
/api/license/token/{uuid}:
parameters:
- $ref: "#/components/parameters/uuidParam"
get:
description: "Получение токена для генерации лицензионного ключа"
tags:
- license
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/License_token"
403:
$ref: "#/components/responses/403"
400:
$ref: "#/components/responses/400"
/api/license/manual/:
post:
description: 'Ручная активация лицензии'
tags:
- license
requestBody:
content:
multipart/form-data:
schema:
type: object
required: [file]
properties:
file:
type: string
format: application/json
description: Лицензионный
responses:
200:
description: ""
content:
application/json:
schema:
$ref: '#/components/schemas/License_activate_success'
403:
$ref: "#/components/responses/403"
400:
$ref: "#/components/responses/400"
/api/rotation/events/set/:
post:
description: |
Задаёт новые настройки ротации событий.
Permisions requred:
- can_change_rotation_settings
`size_rotation` указывает количество событий, при котором будет выполнена ротация
tags:
- rotation
requestBody:
content:
application/json:
schema:
oneOf:
- $ref: '#/components/schemas/TimeRotationSettings'
- $ref: '#/components/schemas/SizeRotationSettings'
examples:
Ротация по времени:
value:
rotation_type: 0
schedule:
period: "day"
time: "23:42"
Ротация по размеру:
value:
rotation_type: 1
size_rotation: 76543
Отключить ротацию:
value:
rotation_type: 2
required: true
responses:
'200':
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/RotationSettings'
403:
$ref: '#/components/responses/403'
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
/api/rotation/incidents/set/:
post:
description: |
Задаёт новые настройки ротации инцидентов.
Permisions requred:
- can_change_rotation_settings
`size_rotation` указывает размер таблицы инцидентов, при котором будет выполнена ротация
tags:
- rotation
requestBody:
content:
application/json:
schema:
oneOf:
- $ref: '#/components/schemas/TimeRotationSettings'
- $ref: '#/components/schemas/SizeRotationSettings'
examples:
Ротация по времени:
value:
rotation_type: 0
schedule:
period: "day"
time: "23:42"
Ротация по размеру:
value:
rotation_type: 1
size_rotation: 76543
Отключить ротацию:
value:
rotation_type: 2
required: true
responses:
'200':
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/RotationSettings'
403:
$ref: '#/components/responses/403'
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
/api/rotation/incidents/current_settings/:
get:
description: |
Получить текущие настройки ротации инцидентов.
Permisions requred:
- can_change_rotation_settings
tags:
- rotation
responses:
'200':
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/RotationSettings'
403:
$ref: '#/components/responses/403'
/api/rotation/events/current_settings/:
get:
description: |
Получить текущие настройки ротации событий.
Permisions requred:
- can_change_rotation_settings
tags:
- rotation
responses:
'200':
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/RotationSettings'
403:
$ref: '#/components/responses/403'
/api/events/elastic/query/{index}:
get:
description: "Получение списка эвентов по Index"
tags:
- events
parameters:
- $ref: "#/components/parameters/indexParam"
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page_size"
- $ref: '#/components/parameters/elk_events_search'
- $ref: '#/components/parameters/ordering'
responses:
200:
description: ""
content:
application/json:
schema:
$ref: '#/components/schemas/EventListbyIndex'
400:
$ref: '#/components/responses/400_elk'
403:
$ref: "#/components/responses/403"
/api/events/elastic/all-indexes/:
get:
description: "Получение списка всех индекосов или по патерну"
tags:
- events
parameters:
- $ref: '#/components/parameters/index_pattern'
responses:
200:
description: ""
content:
application/json:
schema:
$ref: '#/components/schemas/EventIndexList'
400:
$ref: '#/components/responses/400_elk'
403:
$ref: "#/components/responses/403"
/api/company/:
get:
description: "Получение данных компании"
tags:
- company
responses:
200:
description: ""
content:
application/json:
schema:
oneOf:
- $ref: '#/components/schemas/Company'
- properties:
details:
type: string
example: company not initialized
examples:
company found:
description: Компания существует
company not found:
value:
details: company not initialized
403:
$ref: "#/components/responses/403"
404:
$ref: '#/components/responses/404'
post:
description: "Создание и обновление компании"
tags:
- company
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/CompanyCreateUpdate'
responses:
200:
description: ""
content:
application/json:
schema:
$ref: '#/components/schemas/Company'
403:
$ref: '#/components/responses/403'
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
/api/company/locations/:
get:
description: "Получения списка кодов локаций"
tags:
- company
responses:
200:
description: ""
content:
application/json:
schema:
$ref: '#/components/schemas/LocationCodeList'
403:
$ref: '#/components/responses/403'
/api/ncircc/notifications/:
get:
description: "Получение списка отправленных инцидентов"
tags:
- ncircc
parameters:
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page_size"
responses:
403:
$ref: '#/components/responses/403'
200:
description: ""
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/Pagination"
- properties:
results:
items:
$ref: '#/components/schemas/NCIRCCNotifictionList'
post:
description: "Отправка инцидента в ГосСОПКА"
tags:
- ncircc
requestBody:
content:
application/json:
schema:
oneOf:
- $ref: '#/components/schemas/NCIRCCNotificationCreateIncident'
- $ref: '#/components/schemas/NCIRCCNotificationCreateAttack'
- $ref: '#/components/schemas/NCIRCCNotificationCreateVulnerability'
examples:
Отправка инцидента:
value: {
"incident": "8c0cd0d51a474243970a80b1de05c25b",
"category": "Уведомление о компьютерном инциденте",
"type": "Вовлечение контролируемого ресурса в инфраструктуру ВПО",
"activity_status": "Меры приняты",
"tlp": "Меры приняты",
"affected_system_name": "string",
"affected_system_category": "Информационный ресурс не является объектом КИИ",
"event_description": "string",
"affected_system_connection": "false",
"assistance": "false",
"integrity_impact": "Отсутствует",
"availability_impact": "Отсутствует",
"confidentiality_impact": "Отсутствует",
"custom_impact": "string"
}
Отправка атаки:
value: {
"incident": "8c0cd0d51a474243970a80b1de05c25b",
"category": "Уведомление о компьютерной атаке",
"type": "DDoS-атака",
"activity_status": "Меры приняты",
"tlp": "Меры приняты",
"affected_system_name": "string",
"affected_system_category": "Информационный ресурс не является объектом КИИ",
"event_description": "string",
"affected_system_connection": "false",
"assistance": "false",
"integrity_impact": "Отсутствует",
"availability_impact": "Отсутствует",
"confidentiality_impact": "Отсутствует",
"custom_impact": "string"
}
Отправка уязвимости:
value: {
"incident": "8c0cd0d51a474243970a80b1de05c25b",
"category": "Уведомление о наличии уязвимости",
"type": "Уязвимый ресурс",
"activity_status": "Меры приняты",
"tlp": "Меры приняты",
"affected_system_name": "string",
"affected_system_category": "Информационный ресурс не является объектом КИИ",
"event_description": "string",
"affected_system_connection": "false",
"assistance": "false",
"vulnerability_id": "string",
"product_category": "string"
}
responses:
201:
description: "todo"
content:
application/json:
schema:
$ref: '#/components/schemas/NCIRCCNotifictionRetrive'
403:
$ref: '#/components/responses/403'
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
ncircc_err:
$ref: '#/components/examples/ncircc_err'
/api/ncircc/notifications/{id}/:
get:
description: "Получение отправленного уведомления по ID"
parameters:
- $ref: "#/components/parameters/idParam"
tags:
- ncircc
responses:
200:
description: ""
content:
application/json:
schema:
$ref: '#/components/schemas/NCIRCCNotifictionRetrive'
403:
$ref: '#/components/responses/403'
404:
$ref: '#/components/responses/404'
patch:
description: "Обновление информации в ГосСОПКА"
tags:
- ncircc
parameters:
- $ref: '#/components/parameters/idParam'
requestBody:
content:
application/json:
schema:
oneOf:
- $ref: '#/components/schemas/NCIRCCNotificationUpdateIncidentAttack'
- $ref: '#/components/schemas/NCIRCCNotificationUpdateIncidentAttack'
- $ref: '#/components/schemas/NCIRCCNotificationUpdateVulnerability'
examples:
Редактирование уведомления об Инциденте:
value: {
"activity_status": "Меры приняты",
"affected_system_connection": "false",
"event_description": "string",
"integrity_impact": "Отсутствует",
"availability_impact": "Отсутствует",
"confidentiality_impact": "Отсутствует",
"custom_impact": "string"
}
Редактирование уведомления об Атаки:
value: {
"activity_status": "Меры приняты",
"affected_system_connection": "false",
"event_description": "string",
"integrity_impact": "Отсутствует",
"availability_impact": "Отсутствует",
"confidentiality_impact": "Отсутствует",
"custom_impact": "string"
}
Редактирование уведомления об Уязвимости:
value: {
"activity_status": "Меры приняты",
"affected_system_connection": "false",
"event_description": "string",
"vulnerability_id": "string",
"product_category": "string"
}
responses:
200:
description: ""
content:
application/json:
schema:
$ref: '#/components/schemas/NCIRCCNotifictionRetrive'
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
ncircc_err:
$ref: '#/components/examples/ncircc_err'
403:
$ref: '#/components/responses/403'
404:
$ref: '#/components/responses/404'
/api/ncircc/notifications/{id}/comments/:
get:
description: "Получение списка сообщений по ID уведомления"
tags:
- ncircc
parameters:
- $ref: "#/components/parameters/idParam"
responses:
200:
description: ""
content:
application/json:
schema:
$ref: '#/components/schemas/NCIRCCCommentRetrieveList'
404:
$ref: '#/components/responses/404'
403:
$ref: '#/components/responses/403'
post:
description: "Отправка сообщения на портал ГосСОПКА"
tags:
- ncircc
parameters:
- $ref: '#/components/parameters/idParam'
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/NCIRCCCommentCreate'
responses:
200:
description: ""
content:
application/json:
schema:
$ref: '#/components/schemas/NCIRCCCommentRetrieve'
400:
description: "todo"
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: '#/components/responses/403'
404:
$ref: '#/components/responses/404'
/api/correlation/rules/:
get:
description: "Получение списка правил корреляции"
tags:
- correlation
parameters:
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page_size"
responses:
403:
$ref: '#/components/responses/403'
200:
description: ""
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/Pagination"
- properties:
results:
items:
$ref: '#/components/schemas/Rule'
post:
description: "Добавление нового правила корреляции"
tags:
- correlation
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/Rule'
responses:
200:
description: ""
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/Pagination"
- properties:
results:
items:
$ref: "#/components/schemas/Rule"
403:
$ref: "#/components/responses/403"
405:
$ref: "#/components/responses/405"
400:
description: ""
content:
application/json:
examples:
invalid_page:
$ref: "#/components/examples/invalid_page"
invalid_query_parameter:
$ref: "#/components/examples/invalid_query_parameter"
/api/correlation/rules/{id}/:
get:
description: "Получение информации о правиле корреляции по его ID"
parameters:
- $ref: "#/components/parameters/idParam"
tags:
- correlation
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/Rule"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
put:
description: "Редактироваие правила корреляции по его ID"
parameters:
- $ref: "#/components/parameters/idParam"
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/Rule'
tags:
- correlation
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/Rule"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
delete:
description: "Удалить правило корреляции"
parameters:
- $ref: "#/components/parameters/idParam"
tags:
- correlation
responses:
200:
$ref: "#/components/responses/200_no_content"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
/api/correlation/groups/:
get:
description: "Получение списка групп правил корреляции"
tags:
- correlation
parameters:
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page_size"
responses:
403:
$ref: '#/components/responses/403'
200:
description: ""
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/Pagination"
- properties:
results:
items:
$ref: '#/components/schemas/RuleGroup'
post:
description: "Добавление новой группы правил корреляции"
tags:
- correlation
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/RuleGroup'
responses:
200:
description: ""
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/Pagination"
- properties:
results:
items:
$ref: "#/components/schemas/RuleGroup"
403:
$ref: "#/components/responses/403"
405:
$ref: "#/components/responses/405"
400:
description: ""
content:
application/json:
examples:
invalid_page:
$ref: "#/components/examples/invalid_page"
invalid_query_parameter:
$ref: "#/components/examples/invalid_query_parameter"
/api/correlation/groups/{id}/:
get:
description: "Получение информации о группе правил корреляции по его ID"
parameters:
- $ref: "#/components/parameters/idParam"
tags:
- correlation
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/RuleGroup"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
put:
description: "Редактироваие группы правил корреляции по его ID"
parameters:
- $ref: "#/components/parameters/idParam"
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/RuleGroup'
tags:
- correlation
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/RuleGroup"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
delete:
description: "Удалить группу правила корреляции"
parameters:
- $ref: "#/components/parameters/idParam"
tags:
- correlation
responses:
200:
$ref: "#/components/responses/200_no_content"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
/api/correlation/rules/import_rules/:
post:
description: "Импорт правил корреляции"
requestBody:
content:
multipart/form-data:
schema:
type: object
format: binary
tags:
- correlation
responses:
200:
description: "Возвращает файл отчёта о результатах импорта правил"
403:
$ref: "#/components/responses/403"
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
/api/correlation/rules/json_export/:
get:
tags:
- correlation
description: 'Экспортирует таблицу правил корреляции в новый файл хранилища и возвращает этот файл'
responses:
200:
description: Возвращает файл
403:
$ref: '#/components/responses/403'
/api/settings/auth/:
get:
tags:
- settings
responses:
200:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/AuthSettings'
patch:
tags:
- settings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/AuthSettings'
responses:
200:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/AuthSettings'
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: '#/components/responses/403'
/api/settings/tls/:
get:
description: Текущие настройки TLS
tags:
- settings
responses:
200:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/TLSSettings'
post:
description: Создать новый сертификат
tags:
- settings
responses:
200:
description: 'ok'
403:
$ref: '#/components/responses/403'
patch:
description: Обновить настройки
tags:
- settings
requestBody:
content:
multipart/form-data:
schema:
$ref: '#/components/schemas/TLSSettings'
responses:
200:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/TLSSettings'
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: '#/components/responses/403'
/api/endpoint/:
get:
description: 'Получение всех endpoint'
tags:
- endpoint
responses:
403:
$ref: '#/components/responses/403'
200:
description: ''
content:
application/json:
schema:
allOf:
- $ref: '#/components/schemas/Pagination'
- properties:
results:
items:
$ref: '#/components/schemas/EndpointDevice'
post:
description: 'Создание endpoint'
tags:
- endpoint
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/EndpointDevice'
responses:
201:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/EndpointDevice'
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: '#/components/responses/403'
/api/endpoint/{id}/:
parameters:
- $ref: '#/components/parameters/idParam'
get:
description: 'Получение информации об endpoint'
tags:
- endpoint
responses:
403:
$ref: '#/components/responses/403'
404:
$ref: '#/components/responses/404'
200:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/EndpointDevice'
patch:
description: 'Изменение endpoint'
tags:
- endpoint
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/EndpointDevice'
responses:
403:
$ref: '#/components/responses/403'
404:
$ref: '#/components/responses/404'
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
200:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/CreateEndpoint'
/api/endpoint/{id}/keepalive/:
parameters:
- $ref: '#/components/parameters/idParam'
get:
description: 'Creating copy of the endpoint with input if it exist'
tags:
- endpoint
responses:
200:
description: ''
content:
application/json:
examples:
endpoint_not_found:
$ref: '#/components/examples/endpoint_not_found'
endpoint_keepalive_success:
$ref: '#/components/examples/endpoint_keepalive_success'
endpoint_keepalive_invalid_data:
$ref: '#/components/examples/endpoint_keepalive_invalid_data'
endpoint_keepalive_success_setting_change:
$ref: '#/components/examples/endpoint_keepalive_success_setting_change'
endpoint_keepalive_success_upload:
$ref: '#/components/examples/endpoint_keepalive_success_upload'
/api/endpoint/{id}/download/:
parameters:
- $ref: '#/components/parameters/idParam'
get:
description: 'Download endpoint settings'
tags:
- endpoint
responses:
403:
$ref: '#/components/responses/403'
404:
$ref: '#/components/responses/404'
200:
description: 'Возвращает файл конфига или json'
content:
application/json:
examples:
endpoint_config_to_str:
$ref: '#/components/examples/endpoint_config_to_str'
application/file:
schema:
type: string
format: binary
/api/endpoint/{id}/status/:
parameters:
- $ref: '#/components/parameters/idParam'
get:
description: 'respond with current Endpoint states'
tags:
- endpoint
responses:
403:
$ref: '#/components/responses/403'
404:
$ref: '#/components/responses/404'
200:
description: ''
content:
application/json:
examples:
endpoint_not_found:
$ref: '#/components/examples/endpoint_not_found'
endpoint_status:
$ref: '#/components/examples/endpoint_status'
/api/endpoint/{id}/upload/:
parameters:
- $ref: '#/components/parameters/idParam'
post:
description: 'update Endpoint model from received Endpoint config'
tags:
- endpoint
responses:
403:
$ref: '#/components/responses/403'
404:
$ref: '#/components/responses/404'
200:
description: ''
content:
application/json:
examples:
endpoint_upload_success:
$ref: '#/components/examples/endpoint_upload_success'
endpoint_upload_invalid_data:
$ref: '#/components/examples/endpoint_upload_invalid_data'
endpoint_upload_no_ip:
$ref: '#/components/examples/endpoint_upload_no_ip'
endpoint_upload_validation_error:
$ref: '#/components/examples/endpoint_upload_validation_error'
endpoint_not_found:
$ref: '#/components/examples/endpoint_not_found'
/api/endpoint/{id}/config_request/:
parameters:
- $ref: '#/components/parameters/idParam'
get:
tags:
- endpoint
responses:
403:
$ref: '#/components/responses/403'
404:
$ref: '#/components/responses/404'
400:
$ref: '#/components/responses/400_invalid_body'
200:
$ref: '#/components/responses/200_status_ok'
/api/endpoint/{id}/antivirus_update/:
parameters:
- $ref: '#/components/parameters/idParam'
get:
tags:
- endpoint
responses:
403:
$ref: '#/components/responses/403'
400:
$ref: '#/components/responses/400_no_update_required'
200:
$ref: '#/components/responses/200_content'
/api/inputs/:
get:
tags:
- inputs
description: Все источники событий
responses:
200:
description: ''
content:
application/json:
schema:
allOf:
- $ref: '#/components/schemas/Pagination'
- properties:
results:
items:
$ref: "#/components/schemas/InputSource"
400:
description: ""
content:
application/json:
examples:
invalid_page:
$ref: "#/components/examples/invalid_page"
invalid_query_parameter:
$ref: "#/components/examples/invalid_query_parameter"
403:
$ref: "#/components/responses/403"
post:
tags:
- inputs
description: Создание источника событий
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/InputSource'
responses:
200:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/InputSource'
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
/api/inputs/{id}/:
parameters:
- $ref: '#/components/parameters/idParam'
get:
tags:
- inputs
description: Получение одного источника
responses:
200:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/InputSource'
404:
$ref: '#/components/responses/404'
403:
$ref: '#/components/responses/403'
patch:
tags:
- inputs
description: Изменение источника
requestBody:
content:
application/json:
schema:
allOf:
- $ref: '#/components/schemas/InputSource'
- properties:
type:
readOnly: true
responses:
200:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/InputSource'
404:
$ref: '#/components/responses/404'
403:
$ref: '#/components/responses/403'
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
delete:
tags:
- inputs
responses:
404:
$ref: '#/components/responses/404'
403:
$ref: '#/components/responses/403'
200:
$ref: '#/components/responses/200_no_content'
/api/devices/:
get:
parameters:
- $ref: '#/components/parameters/search'
description: Получение списка устройств. Всё вперемешку - AIF, AIE и другие.
tags:
- devices
responses:
200:
description: ''
content:
application/json:
schema:
allOf:
- $ref: '#/components/schemas/Pagination'
- properties:
results:
items:
$ref: "#/components/schemas/Device"
403:
$ref: '#/components/responses/403'
/api/devices/csv_export:
get:
tags:
- devices
description: 'Экспортирует всю таблицу устройств в новый файл хранилища и возвращает этот файл'
responses:
200:
description: Возвращает файл
/api/devices/{id}/:
parameters:
- $ref: '#/components/parameters/idParam'
get:
tags:
- devices
description: Получение базовой информации об устройстве
responses:
200:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/Device'
403:
$ref: '#/components/responses/403'
patch:
tags:
- devices
description: Редактирование устройства
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/Device'
responses:
200:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/Device'
403:
$ref: '#/components/responses/403'
404:
$ref: '#/components/responses/404'
400:
$ref: '#/components/responses/400_invalid_body'
delete:
tags:
- devices
responses:
200:
$ref: '#/components/responses/200_no_content'
403:
$ref: '#/components/responses/403'
404:
$ref: '#/components/responses/404'
/api/devices/groups/:
get:
description: 'Список групп устройств'
tags:
- devices
responses:
200:
description: ''
content:
application/json:
schema:
allOf:
- $ref: '#/components/schemas/Pagination'
- properties:
results:
items:
$ref: "#/components/schemas/DeviceGroup"
403:
$ref: '#/components/responses/403'
post:
description: 'Создание группы устройств'
tags:
- devices
requestBody:
description: 'В поле `devices` на вход ожидается список с идентификаторами устройств'
content:
application/json:
schema:
$ref: '#/components/schemas/CreateDeviceGroup'
responses:
200:
description: ''
content:
application/json:
schema:
$ref: "#/components/schemas/DeviceGroup"
403:
$ref: '#/components/responses/403'
400:
$ref: '#/components/responses/400_invalid_body'
/api/devices/groups/{id}/:
parameters:
- $ref: '#/components/parameters/idParam'
get:
description: 'Группа устройств'
tags:
- devices
responses:
200:
description: ''
content:
application/json:
schema:
$ref: "#/components/schemas/DeviceGroup"
403:
$ref: '#/components/responses/403'
404:
$ref: '#/components/responses/404'
patch:
description: 'Редактирование группы устройств'
tags:
- devices
requestBody:
description: 'В поле `devices` на вход ожидается список с идентификаторами устройств'
content:
application/json:
schema:
$ref: '#/components/schemas/CreateDeviceGroup'
responses:
200:
description: ''
content:
application/json:
schema:
$ref: "#/components/schemas/DeviceGroup"
403:
$ref: '#/components/responses/403'
400:
$ref: '#/components/responses/400_invalid_body'
404:
$ref: '#/components/responses/404'
delete:
tags:
- devices
responses:
200:
$ref: '#/components/responses/200_no_content'
403:
$ref: '#/components/responses/403'
404:
$ref: '#/components/responses/404'
/api/devices/firewall/:
get:
tags:
- firewall
responses:
200:
description: ''
content:
application/json:
schema:
allOf:
- $ref: '#/components/schemas/Pagination'
- properties:
results:
items:
$ref: "#/components/schemas/ArmaIndustrialFirewall"
403:
$ref: '#/components/responses/403'
post:
tags:
- firewall
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ArmaIndustrialFirewall'
responses:
201:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/ArmaIndustrialFirewall'
400:
description: ''
content:
application/json:
examples:
invalid_body:
$ref: '#/components/examples/invalid_body'
invalid_credentials:
$ref: '#/components/examples/firewall_invalid_credentials'
connection_error:
$ref: '#/components/examples/firewall_connection_error'
incompatibility_version:
$ref: '#/components/examples/firewall_incompatibility_version'
firewall_unknown_error:
$ref: '#/components/examples/firewall_unknown_error'
403:
$ref: '#/components/responses/403'
/api/devices/firewall/{id}/:
parameters:
- $ref: '#/components/parameters/idParam'
get:
tags:
- firewall
responses:
200:
description: ''
content:
application/json:
schema:
$ref: "#/components/schemas/ArmaIndustrialFirewall"
403:
$ref: '#/components/responses/403'
patch:
tags:
- firewall
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ArmaIndustrialFirewall'
responses:
200:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/ArmaIndustrialFirewall'
400:
description: ''
content:
application/json:
examples:
invalid_body:
$ref: '#/components/examples/invalid_body'
invalid_credentials:
$ref: '#/components/examples/firewall_invalid_credentials'
connection_error:
$ref: '#/components/examples/firewall_connection_error'
incompatibility_version:
$ref: '#/components/examples/firewall_incompatibility_version'
firewall_unknown_error:
$ref: '#/components/examples/firewall_unknown_error'
403:
$ref: '#/components/responses/403'
delete:
tags:
- firewall
responses:
200:
$ref: '#/components/responses/200_no_content'
403:
$ref: '#/components/responses/403'
404:
$ref: '#/components/responses/404'
/api/devices/firewall/{id}/status/:
parameters:
- $ref: '#/components/parameters/idParam'
get:
tags:
- firewall
responses:
200:
description: ''
content:
application/json:
examples:
online:
summary: Online
value: {
"firewall_status": "online",
"status": "ok",
"tooltip": "Online"
}
offline:
summary: Offline
value: {
"sensor_status": "offline",
"status": "ok",
}
unauthorized:
summary: Unauthorized
value: {
"firewall_status": "unauthorized",
"status": "ok",
}
error:
summary: Error
value: {
"firewall_status": "error",
"status": "err",
}
404:
$ref: '#/components/responses/404'
403:
$ref: '#/components/responses/403'
/api/devices/firewall/{id}/reboot/:
parameters:
- $ref: '#/components/parameters/idParam'
post:
tags:
- firewall
responses:
200:
description: ''
content:
application/json:
examples:
online:
summary: Success
value: {"status": "ok"}
400:
description: ''
content:
application/json:
examples:
firewall_remote_error:
$ref: '#/components/examples/firewall_remote_error'
firewall_invalid_credentials:
$ref: '#/components/examples/firewall_invalid_credentials'
firewall_connection_error:
$ref: '#/components/examples/firewall_connection_error'
firewall_invalid_response:
$ref: '#/components/examples/firewall_invalid_response'
firewall_unknown_error:
$ref: '#/components/examples/firewall_unknown_error'
404:
$ref: '#/components/responses/404'
403:
$ref: '#/components/responses/403'
/api/devices/firewall/{id}/rule_fields/:
parameters:
- $ref: '#/components/parameters/idParam'
get:
tags:
- firewall
responses:
200:
description: ''
content:
application/json:
examples:
Success:
$ref: '#/components/examples/firewall_rule_fields'
400:
description: ''
content:
application/json:
examples:
firewall_remote_error:
$ref: '#/components/examples/firewall_remote_error'
firewall_invalid_credentials:
$ref: '#/components/examples/firewall_invalid_credentials'
firewall_connection_error:
$ref: '#/components/examples/firewall_connection_error'
firewall_invalid_response:
$ref: '#/components/examples/firewall_invalid_response'
firewall_unknown_error:
$ref: '#/components/examples/firewall_unknown_error'
404:
$ref: '#/components/responses/404'
403:
$ref: '#/components/responses/403'
/api/devices/firewall/{id}/download_config/:
parameters:
- $ref: '#/components/parameters/idParam'
get:
tags:
- firewall
responses:
200:
description: Возвращает файл
400:
description: ''
content:
application/json:
examples:
firewall_no_file:
$ref: '#/components/examples/firewall_no_file'
firewall_invalid_credentials:
$ref: '#/components/examples/firewall_invalid_credentials'
firewall_connection_error:
$ref: '#/components/examples/firewall_connection_error'
firewall_unknown_error:
$ref: '#/components/examples/firewall_unknown_error'
404:
$ref: '#/components/responses/404'
403:
$ref: '#/components/responses/403'
/api/devices/firewall/{id}/download_rulesets/:
parameters:
- $ref: '#/components/parameters/idParam'
get:
tags:
- firewall
responses:
200:
description: Возвращает файл
400:
description: ''
content:
application/json:
examples:
firewall_no_file:
$ref: '#/components/examples/firewall_no_file'
firewall_invalid_credentials:
$ref: '#/components/examples/firewall_invalid_credentials'
firewall_connection_error:
$ref: '#/components/examples/firewall_connection_error'
firewall_unknown_error:
$ref: '#/components/examples/firewall_unknown_error'
404:
$ref: '#/components/responses/404'
403:
$ref: '#/components/responses/403'
/api/devices/firewall/{id}/upload_config/:
parameters:
- $ref: '#/components/parameters/idParam'
post:
description: 'Отправка файла конфигурации на firewall'
tags:
- firewall
requestBody:
content:
multipart/form-data:
schema:
type: object
properties:
conffile:
type: string
format: binary
responses:
200:
description: ''
content:
application/json:
example:
status: ok
400:
description: ''
content:
application/json:
examples:
firewall_invalid_credentials:
$ref: '#/components/examples/firewall_invalid_credentials'
firewall_connection_error:
$ref: '#/components/examples/firewall_connection_error'
firewall_invalid_response:
$ref: '#/components/examples/firewall_invalid_response'
firewall_invalid_file:
$ref: '#/components/examples/firewall_invalid_file'
firewall_upload_failed:
$ref: '#/components/examples/firewall_upload_failed'
invalid_body:
$ref: '#/components/examples/invalid_body'
firewall_unknown_error:
$ref: '#/components/examples/firewall_unknown_error'
404:
$ref: '#/components/responses/404'
403:
$ref: '#/components/responses/403'
/api/devices/firewall/{id}/upload_rulesets/:
parameters:
- $ref: '#/components/parameters/idParam'
post:
description: 'Отправка архива со списком новых правил на firewall. При успешном ответе указывается количество успешно загруженных и количество не загруженных'
tags:
- firewall
requestBody:
content:
multipart/form-data:
schema:
type: object
properties:
rulesets:
type: string
format: binary
responses:
200:
description: ''
content:
application/json:
example:
status: ok
success: 1234
failed: 3456
400:
description: ''
content:
application/json:
examples:
firewall_invalid_credentials:
$ref: '#/components/examples/firewall_invalid_credentials'
firewall_connection_error:
$ref: '#/components/examples/firewall_connection_error'
firewall_invalid_response:
$ref: '#/components/examples/firewall_invalid_response'
firewall_invalid_file:
$ref: '#/components/examples/firewall_invalid_file'
firewall_upload_failed:
$ref: '#/components/examples/firewall_upload_failed'
invalid_body:
$ref: '#/components/examples/invalid_body'
firewall_unknown_error:
$ref: '#/components/examples/firewall_unknown_error'
404:
$ref: '#/components/responses/404'
403:
$ref: '#/components/responses/403'
/api/devices/sensor/:
get:
tags:
- sensor
responses:
200:
description: ''
content:
application/json:
schema:
allOf:
- $ref: '#/components/schemas/Pagination'
- properties:
results:
items:
$ref: "#/components/schemas/SensorDevice"
403:
$ref: '#/components/responses/403'
post:
tags:
- sensor
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/CreateSensorDevice'
responses:
201:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/SensorDevice'
400:
description: ''
content:
application/json:
examples:
invalid_body:
$ref: '#/components/examples/invalid_body'
403:
$ref: '#/components/responses/403'
/api/devices/sensor/{id}/:
parameters:
- $ref: '#/components/parameters/idParam'
get:
tags:
- sensor
responses:
200:
description: ''
content:
application/json:
schema:
$ref: "#/components/schemas/SensorDevice"
403:
$ref: '#/components/responses/403'
patch:
tags:
- sensor
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SensorDevice'
responses:
200:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/SensorDevice'
400:
description: ''
content:
application/json:
examples:
invalid_body:
$ref: '#/components/examples/invalid_body'
403:
$ref: '#/components/responses/403'
delete:
tags:
- sensor
responses:
200:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/SensorDevice'
400:
description: ''
content:
application/json:
examples:
invalid_body:
$ref: '#/components/examples/invalid_body'
403:
$ref: '#/components/responses/403'
/api/devices/sensor/{id}/system/interfaces/:
parameters:
- $ref: '#/components/parameters/idParam'
get:
tags:
- sensor
responses:
200:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/SensorInterfacesList'
403:
$ref: '#/components/responses/403'
/api/services/status/:
post:
tags:
- services
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ManageService'
responses:
200:
description: ''
content:
application/json:
example:
status: 'active'
400:
description: ''
content:
application/json:
example:
status: 'error'
detail: 'description'
403:
$ref: '#/components/responses/403'
404:
$ref: '#/components/responses/400_invalid_body'
/api/services/reboot/:
post:
tags:
- services
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ManageService'
responses:
200:
description: ''
content:
application/json:
example:
status: 'ok'
400:
description: ''
content:
application/json:
example:
status: 'error'
detail: 'description'
403:
$ref: '#/components/responses/403'
404:
$ref: '#/components/responses/400_invalid_body'
/api/product/version/:
get:
tags:
- product
description: Получение информации о продукте (наименование и версию)
responses:
200:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/ProductVersion'
403:
$ref: '#/components/responses/403'
components:
securitySchemes:
token_auth:
type: apiKey
in: header
name: Authorization
description: Для использования API необходимо в header запроса положить токен авторизации пользователя в виде "Token ХХХХХХХ"
responses:
200_no_content:
description: No content
200_status_ok:
description: Status ok
content:
application/json:
schema:
properties:
status:
type: string
default: ok
200_content:
description: Возвращает ZIP файл
400:
description: "Ошибка запроса"
content:
application/json:
schema:
properties:
detail:
type: string
example:
detail: "Информация об ошибке"
403:
description: Forbidden
content:
application/json:
schema:
properties:
detail:
type: string
example:
detail: "Учетные данные не были предоставлены."
404:
description: Not found
content:
application/json:
schema:
properties:
detail:
type: string
example:
detail: "Не найдено."
405:
description: Method not allowed
content:
application/json:
schema:
properties:
detail:
type: string
example:
detail: "Метод 'PATCH' не разрешен."
400_elk:
description: "Кастомные ошибки от ELK"
content:
application/json:
schema:
properties:
status:
type: string
default: 'err'
error_message:
oneOf:
- type: string
- type: array
400_ncircc:
description: "Кастомные ошибки от ГосСОПКА"
content:
application/json:
schema:
properties:
error:
type: string
400_invalid_body:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
400_file_required:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/file_required"
400_no_update_required:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/no_update_required"
examples:
invalid_cred:
summary: Ошибка авторизации
value:
detail: "Invalid credentials"
block_user_first:
summary: Исчерпаны попытки авторизации
value:
detail: "Authentication for this user is blocked for 0:00:10"
block_user_other:
summary: Вход при блокировке
value:
detail: "Authentication for this user is blocked. Please contact administrator"
invalid_page:
summary: Ошибка при указании номера страницы
value:
detail: "Неправильная страница"
invalid_query_parameter:
description: Ключ в ответе обозначает параметр, в котором допущена ошибка. Значение это список строк описывающих ошибки
summary: Ошибка при указании query параметра
value:
incidents:
- "Введите правильный UUID."
incorrect_password:
description: Пароль должен состоять как минимум из 8 символов. Пароль должен содержать хотя бы 1 цифру. Пароль должен содержать хотя бы 1 заглавную букву. Паротль должен содержать хотя бы одну букву в нижнем регистре.
summary: Пароль недостаточно сложный
value:
password:
- "Пароль должен состоять как минимум из 8 символов. Пароль должен содержать хотя бы 1 цифру. Пароль должен содержать хотя бы 1 заглавную букву. Паротль должен содержать хотя бы одну букву в нижнем регистре"
invalid_body:
description: Каждый ключ в ответе обозначает поле, в котором допущена ошибка. Значение ключа это список строк описывающих ошибки
summary: Ошибка при валидации данных
value:
field:
- "Недопустимый первичный ключ - объект не существует."
file_required:
description: Требуется файл обновления антивируса
summary: Ошибка обновления
value:
status: "error"
detail: "upload file required"
no_update_required:
description: Обновление антивируса не требуется
summary: Ошибка обновления
value:
status: "error"
detail: "Endpoint antivirus no update required"
ncircc_err:
description: Кастомная ошибка НКЦКИ(ГосСОПКА)
summary: Кастомная ошибка НКЦКИ(ГосСОПКА)
value:
error: "string"
firewall_rule_fields:
summary: Поля правила
value:
rule:
enabled: '1'
sequence: '1'
action:
pass:
value: Pass
selected: 1
block:
value: Block
selected: 0
reject:
value: Reject
selected: 0
quick: '1'
interface:
lan:
value: LAN
selected: 1
direction:
in:
value: In
selected: 1
out:
value: Out
selected: 0
ipprotocol:
inet:
value: IPv4
selected: 1
inet6:
value: IPv6
selected: 0
protocol:
any:
value: any
selected: 1
ICMP:
value: ICMP
selected: 0
IGMP:
value: IGMP
selected: 0
GGP:
value: GGP
selected: 0
IPENCAP:
value: IPENCAP
selected: 0
ST2:
value: ST2
selected: 0
TCP:
value: TCP
selected: 0
CBT:
value: CBT
selected: 0
EGP:
value: EGP
selected: 0
IGP:
value: IGP
selected: 0
BBN-RCC:
value: BBN-RCC
selected: 0
NVP:
value: NVP
selected: 0
PUP:
value: PUP
selected: 0
ARGUS:
value: ARGUS
selected: 0
EMCON:
value: EMCON
selected: 0
XNET:
value: XNET
selected: 0
CHAOS:
value: CHAOS
selected: 0
UDP:
value: UDP
selected: 0
MUX:
value: MUX
selected: 0
DCN:
value: DCN
selected: 0
HMP:
value: HMP
selected: 0
PRM:
value: PRM
selected: 0
XNS-IDP:
value: XNS-IDP
selected: 0
TRUNK-1:
value: TRUNK-1
selected: 0
TRUNK-2:
value: TRUNK-2
selected: 0
LEAF-1:
value: LEAF-1
selected: 0
LEAF-2:
value: LEAF-2
selected: 0
RDP:
value: RDP
selected: 0
IRTP:
value: IRTP
selected: 0
ISO-TP4:
value: ISO-TP4
selected: 0
NETBLT:
value: NETBLT
selected: 0
MFE-NSP:
value: MFE-NSP
selected: 0
MERIT-INP:
value: MERIT-INP
selected: 0
DCCP:
value: DCCP
selected: 0
3PC:
value: 3PC
selected: 0
IDPR:
value: IDPR
selected: 0
XTP:
value: XTP
selected: 0
DDP:
value: DDP
selected: 0
IDPR-CMTP:
value: IDPR-CMTP
selected: 0
TP++:
value: TP++
selected: 0
IL:
value: IL
selected: 0
IPV6:
value: IPV6
selected: 0
SDRP:
value: SDRP
selected: 0
IDRP:
value: IDRP
selected: 0
RSVP:
value: RSVP
selected: 0
GRE:
value: GRE
selected: 0
DSR:
value: DSR
selected: 0
BNA:
value: BNA
selected: 0
ESP:
value: ESP
selected: 0
AH:
value: AH
selected: 0
I-NLSP:
value: I-NLSP
selected: 0
SWIPE:
value: SWIPE
selected: 0
NARP:
value: NARP
selected: 0
MOBILE:
value: MOBILE
selected: 0
TLSP:
value: TLSP
selected: 0
SKIP:
value: SKIP
selected: 0
IPV6-ICMP:
value: IPV6-ICMP
selected: 0
CFTP:
value: CFTP
selected: 0
SAT-EXPAK:
value: SAT-EXPAK
selected: 0
KRYPTOLAN:
value: KRYPTOLAN
selected: 0
RVD:
value: RVD
selected: 0
IPPC:
value: IPPC
selected: 0
SAT-MON:
value: SAT-MON
selected: 0
VISA:
value: VISA
selected: 0
IPCV:
value: IPCV
selected: 0
CPNX:
value: CPNX
selected: 0
CPHB:
value: CPHB
selected: 0
WSN:
value: WSN
selected: 0
PVP:
value: PVP
selected: 0
BR-SAT-MON:
value: BR-SAT-MON
selected: 0
SUN-ND:
value: SUN-ND
selected: 0
WB-MON:
value: WB-MON
selected: 0
WB-EXPAK:
value: WB-EXPAK
selected: 0
ISO-IP:
value: ISO-IP
selected: 0
VMTP:
value: VMTP
selected: 0
SECURE-VMTP:
value: SECURE-VMTP
selected: 0
VINES:
value: VINES
selected: 0
TTP:
value: TTP
selected: 0
NSFNET-IGP:
value: NSFNET-IGP
selected: 0
DGP:
value: DGP
selected: 0
TCF:
value: TCF
selected: 0
EIGRP:
value: EIGRP
selected: 0
OSPF:
value: OSPF
selected: 0
SPRITE-RPC:
value: SPRITE-RPC
selected: 0
LARP:
value: LARP
selected: 0
MTP:
value: MTP
selected: 0
AX.25:
value: AX.25
selected: 0
IPIP:
value: IPIP
selected: 0
MICP:
value: MICP
selected: 0
SCC-SP:
value: SCC-SP
selected: 0
ETHERIP:
value: ETHERIP
selected: 0
ENCAP:
value: ENCAP
selected: 0
GMTP:
value: GMTP
selected: 0
IFMP:
value: IFMP
selected: 0
PNNI:
value: PNNI
selected: 0
PIM:
value: PIM
selected: 0
ARIS:
value: ARIS
selected: 0
SCPS:
value: SCPS
selected: 0
QNX:
value: QNX
selected: 0
A/N:
value: A/N
selected: 0
IPCOMP:
value: IPCOMP
selected: 0
SNP:
value: SNP
selected: 0
COMPAQ-PEER:
value: COMPAQ-PEER
selected: 0
IPX-IN-IP:
value: IPX-IN-IP
selected: 0
CARP:
value: CARP
selected: 0
PGM:
value: PGM
selected: 0
L2TP:
value: L2TP
selected: 0
DDX:
value: DDX
selected: 0
IATP:
value: IATP
selected: 0
STP:
value: STP
selected: 0
SRP:
value: SRP
selected: 0
UTI:
value: UTI
selected: 0
SMP:
value: SMP
selected: 0
SM:
value: SM
selected: 0
PTP:
value: PTP
selected: 0
ISIS:
value: ISIS
selected: 0
CRTP:
value: CRTP
selected: 0
CRUDP:
value: CRUDP
selected: 0
SPS:
value: SPS
selected: 0
PIPE:
value: PIPE
selected: 0
SCTP:
value: SCTP
selected: 0
FC:
value: FC
selected: 0
RSVP-E2E-IGNORE:
value: RSVP-E2E-IGNORE
selected: 0
UDPLITE:
value: UDPLITE
selected: 0
MPLS-IN-IP:
value: MPLS-IN-IP
selected: 0
MANET:
value: MANET
selected: 0
HIP:
value: HIP
selected: 0
SHIM6:
value: SHIM6
selected: 0
WESP:
value: WESP
selected: 0
ROHC:
value: ROHC
selected: 0
PFSYNC:
value: PFSYNC
selected: 0
DIVERT:
value: DIVERT
selected: 0
source_net: any
source_not: '0'
source_port: ''
destination_net: any
destination_not: '0'
destination_port: ''
gateway:
'':
value: none
selected: true
LAN_DHCP:
value: LAN_DHCP - 172.16.240.1
selected: 0
Null4:
value: Null4 - 127.0.0.1
selected: 0
Null6:
value: Null6 - ::1
selected: 0
log: '0'
description: ''
endpoint_not_found:
summary: Enndpoint не найден
value:
status: error
reason: Source object not found
pk: 234567
endpoint_keepalive_invalid_data:
value:
status: error
error_messages: json decode error
endpoint_keepalive_success_setting_change:
summary: Успешно
value:
status: ok
command: setting change
endpoint_keepalive_success_upload:
summary: Успешно
value:
status: ok
command: upload
endpoint_keepalive_success:
summary: Успешно
value:
status: ok
endpoint_config_to_str:
summary: Конфиг в json
value:
status: ok
config: string
endpoint_status:
summary: Получение статуса Endpoint
value:
endpoint_config_errors: [{}]
is_requested_config_correct: true
endpoint_upload_success:
summary: Успешно
value:
status: ok
endpoint_upload_invalid_data:
summary: Некорретные данные
value:
status: error
error_message: json decode error
endpoint_upload_no_ip:
summary: Нет IP в полученных данных
value:
status: error
error_message: 'no endpoint model with corresponding ID on console'
endpoint_upload_validation_error:
summary: Невалидные данные
value:
status: error
error_message: {}
firewall_remote_error:
summary: Ошибка на стороне firewall
value:
status: 'error'
code: 'remote_error'
detail: 'Unknown error occurred. Auto FW health check initiated. Please try again'
firewall_invalid_credentials:
summary: 'Неверные учётные данные'
value:
status: 'error'
code: 'unauthorized'
detail: 'Invalid credentials provided to connect to firewall'
firewall_connection_error:
summary: 'Не удалось подключиться к firewall'
value:
status: 'error'
code: 'connection_error'
detail: 'There was a problem connecting to the firewall'
firewall_invalid_response:
summary: 'Не удалось прочитать ответ firewall'
value:
status: 'error'
code: 'invalid_response'
detail: 'Unable to read firewall response'
firewall_no_file:
summary: 'Firewall не вернул файл'
value:
status: 'error'
code: 'no_content'
detail: 'No content disposition during downloading file from ARMA IF'
firewall_invalid_file:
summary: 'Загружен некорректный файл'
value:
status: 'error'
code: 'invalid'
detail: 'Invalid file uploaded'
firewall_upload_failed:
summary: 'Не удалось загрузить файл'
value:
status: 'error'
code: 'failed'
detail: 'Failed to upload file to firewall'
firewall_unknown_error:
summary: 'Неизвестная ошибка'
value:
status: 'error'
code: 'unknown'
detail: 'Description error'
firewall_incompatibility_version:
summary: 'Версия firewall несовместима с версией консоли'
value:
status: 'error'
code: 'incompatible'
detail: 'The firewall version is incompatible with the current console version'
parameters:
idParam:
name: id
in: path
description: 'Идентификатор "Primary key" инстанса модели. >= 1'
required: true
schema:
type: integer
minimum: 1
example: 17654
indexParam:
name: index
in: path
description: "Index параметр в ELK"
required: true
schema:
type: string
example: 'aggregated-2022.05.26'
uuidParam:
name: uuid
in: path
description: "Instance uuid Primary Key"
required: true
schema:
type: string
page:
name: page
in: query
description: "Page number"
schema:
type: integer
page_size:
name: page_size
in: query
description: "Maximum page size"
schema:
type: integer
search:
name: search
in: query
description: "Укажите текст для поиска. Поиск производится по частичному совпадению в названии устройства. Регистр не важен"
schema:
type: string
ordering:
name: ordering
in: query
description: "Сортировка по полям"
schema:
type: string
incidents:
name: incidents
in: query
description: "Фильтрация списка по переданному uuid инцидента"
schema:
type: string
assets:
name: assets
in: query
description: Фильтрация списка инцидентов по переданному `id` актива как по одному `1` так и списком `1,2,3`
schema:
type: string
example: 1,2,3
index_pattern:
name: index
in: query
description: "Шаблон индекса. без него будет отданы все индексы "
schema:
type: string
example: 'aggregated-*'
elk_events_search:
name: q
in: query
description: "Поиск по полям"
schema:
type: string
example: "aggregated_id:4184889928_3e9be706e18ebd2d1937005b2d9e3cf6e4dda8c5ef8c4c31bd64d375422d3b5c"
schemas:
License_token:
properties:
token:
type: string
example: "==================BEGIN=================\r\nEqxxapy0De8J26J77lSr18yYIjtagD84tAC8HB2d\r\nSDMAAAAbMjAyMi0xMC0xNFQwNzo1NzoxMy4wMTQ4MTha\r\n==================END==================="
License_activate_success:
properties:
license:
type: string
example: activated
License_info:
required: [license, features, options]
properties:
license:
type: object
required: [uuid, hardware, customer, product, type, features, options, evaluationStart, evaluationEnd]
properties:
uuid:
type: string
example: "4cf905b3-4bf6-4a33-a2ba-0c2115d06e71"
hardware:
type: string
example: "cc98223b-5a80-3f38-b400-bc1c1d9d4833"
customer:
type: string
example: "Тестовая"
product:
type: string
example: "ARMA Console"
type:
type: string
example: "Коррелятор + 10 источников"
features:
type: array
items:
type: string
example: "event_processing"
options:
type: object
properties:
event_sources:
type: integer
example: 10
evaluationStart:
type: string
example: "2022-10-03T00:00:00.000015Z"
evaluationEnd:
type: string
example: "2022-10-31T00:00:00.000015Z"
features:
type: array
items:
type: object
properties:
name:
type: string
example: "Event processing"
description:
type: string
example: "Enable correlator and event processing"
options:
type: array
items:
type: object
properties:
name:
type: string
example: "Event sources"
description:
type: string
example: "Event sources count"
value:
type: integer
example: 10
Pagination:
properties:
count:
type: integer
example: 123
next:
type: string
nullable: true
previous:
type: string
nullable: true
results:
type: array
items:
type: object
AssetType:
type: string
enum:
- user
- arma_industrial_firewall
- plc
- pc
- server
- network_device
nullable: True
AssetStatus:
type: integer
enum:
- 0
- 1
description: "Статус актива: 1 - разрешенный, 0 - недоверенный"
NameDescriptionModel:
properties:
id:
type: integer
readOnly: true
name:
type: string
maxLength: 128
description:
type: string
nullable: true
AssetBase:
properties:
id:
type: integer
readOnly: true
name:
type: string
maxLength: 128
asset_type:
$ref: "#/components/schemas/AssetType"
status:
$ref: "#/components/schemas/AssetStatus"
ip:
type: string
description: Asset's IPv4 or IPv6 address.
updated:
type: string
format: date-time
readOnly: true
AssetGroup:
allOf:
- $ref: "#/components/schemas/NameDescriptionModel"
- properties:
collapsed:
type: boolean
description: Схлопнута ли данная группа на карте сети
default: false
Asset:
allOf:
- $ref: "#/components/schemas/AssetBase"
- properties:
description:
type: string
nullable: true
sensor:
type: string
maxLength: 128
nullable: true
model:
description: Asset model
type: string
nullable: true
mac:
type: string
nullable: true
description: Asset's MAC address
maxLength: 17
ports:
type: array
nullable: true
items:
type: integer
description: List of open ports
AssetList:
allOf:
- $ref: "#/components/schemas/AssetBase"
- properties:
count_incidents:
type: integer
readOnly: true
description: Count of incidents
vulnerabilities:
type: integer
readOnly: true
description: Count of vulnerabilities
AssetDetail:
allOf:
- $ref: "#/components/schemas/Asset"
- properties:
os:
$ref: "#/components/schemas/Os"
group:
$ref: "#/components/schemas/AssetGroup"
manufacturer:
$ref: "#/components/schemas/AssetManufacturer"
incidents:
type: array
items:
$ref: "#/components/schemas/Incident"
AssetPatch:
allOf:
- $ref: "#/components/schemas/Asset"
- properties:
os:
type: integer
nullable: true
minimum: 1
description: Operating system primary key
group:
type: integer
nullable: true
minimum: 1
description: Asset group primary key
manufacturer:
type: integer
nullable: true
minimum: 1
description: Asset manufacturer primary key
AssetManufacturer:
properties:
id:
type: integer
readOnly: true
name:
type: string
maxLength: 128
description:
type: string
nullable: true
description: Description
required:
- id
- name
nullable: true
Os:
properties:
id:
type: integer
readOnly: true
description:
type: string
nullable: true
description: Description
name:
type: string
maxLength: 128
required:
- id
- name
nullable: true
example:
id: 2345
description: MS Windows
name: Windows
Incident:
type: object
properties:
user_friendly_id:
type: integer
maximum: 2147483647
minimum: 0
nullable: true
readOnly: true
timestamp:
type: string
format: date-time
description: Date and time, when incident occurs
incident_id:
type: string
format: uuid
title: ID
description: ID of incident
title:
type: string
description: Title
maxLength: 128
category:
$ref: "#/components/schemas/IncidentCategory"
importance:
type: integer
maximum: 100
minimum: 0
description: Hazard level of incident
status:
$ref: "#/components/schemas/IncidentStatusEnum"
assigned_to:
type: integer
nullable: true
event_count:
type: integer
maximum: 2147483647
minimum: 1
title: Event's number
description: Amount of events in the incident
created:
type: string
format: date-time
readOnly: true
description: Date and time, when incident was created
updated:
type: string
format: date-time
readOnly: true
description: Date and time, when incident was updated
events:
type: array
items:
$ref: "#/components/schemas/Event"
deadline:
type: string
format: date-time
readOnly: true
nullable: true
description: Deadline. Deadline when incident must be resolved
comment:
type: string
readOnly: true
description: Incident comment
nullable: true
notification_id:
type: integer
nullable: true
close_recommendations:
type: array
items:
$ref: '#/components/schemas/IncidentRecommendations'
effects:
type: array
items:
$ref: '#/components/schemas/IncidentEffect'
required:
- assigned_to
- category
- created
- event_count
- events
- importance
- title
- updated
- incident_id
IncidentCategory:
nullable: true
type: object
properties:
name:
type: string
maxLength: 128
description:
type: string
nullable: true
description: Description
id:
type: integer
readOnly: true
required:
- id
- name
IncidentStatusEnum:
enum:
- 0
- 1
- 2
- 3
- 4
description:
0 - Not assigned (Не назначен)
1 - Assigned (Назначен)
2 - Delayed (Отложен)
3 - Resolved (Решен)
4 - False_alarm (Ложное срабатывание)
type: integer
IncidentEdit:
type: object
properties:
status:
$ref: "#/components/schemas/IncidentStatusEnum"
deadline:
type: string
format: date-time
description: Deadline. Метка времени, до которого инцидент должен быть решен
comment:
type: string
description: Комментарии к инциденту
nullable: true
category:
type: integer
assigned_to:
type: integer
minimum: 0
nullable: true
IncidentEffect:
type: object
properties:
name:
type: string
maxLength: 128
description:
type: string
nullable: true
description: Description
id:
type: integer
readOnly: true
required:
- id
- name
IncidentRecommendations:
type: object
properties:
name:
type: string
maxLength: 128
description:
type: string
nullable: true
description: Description
id:
type: integer
readOnly: true
required:
- id
- name
Event:
type: object
properties:
type:
type: string
Index:
type: string
sign_id:
type: string
"@created":
type: string
event_id:
type: string
rule_tags:
type: string
format: nullable
sign_name:
type: string
source_ip:
type: string
"@timestamp":
type: string
event_hash:
type: string
event_last:
type: string
source_mac:
type: string
celery_done:
type: boolean
event_count:
type: integer
format: int32
event_first:
type: string
source_host:
type: string
source_port:
type: integer
format: int32
source_user:
type: string
aggregated_id:
type: string
device_action:
type: string
device_vendor:
type: string
event_src_msg:
type: string
sign_category:
type: string
destination_ip:
type: string
device_product:
type: string
device_version:
type: string
event_protocol:
type: string
event_severity:
type: integer
format: int32
event_timestamp:
type: string
destination_host:
type: string
destination_port:
type: integer
format: int32
destination_user:
type: string
sign_subcategory:
type: string
UserInfo:
properties:
user:
$ref: '#/components/schemas/User'
comment:
type: string
example: asdasd
user_status:
type: string
example: online
readOnly: true
timezone:
type: string
example: "Europe/Moscow"
expire_date:
type: string
format: nullable
example: "2030-10-10"
description: "Format of field should be: YYYY-MM-DD, MM/DD/YYYY, MM/DD/YY, YYYY-MM-DD"
modified:
readOnly: true
type: string
example: "2022-04-13T14:49:41.810932+03:00"
User:
type: object
properties:
id:
readOnly: true
type: integer
format: int32
example: 3
username:
type: string
example: new_user_2
maxLength: 131
password:
description: "В случае если не нужно менять пароль - данное поле не стоит включать в body.
Минимум 8 символов; Не должен содержать быть похож на юзернейм; не допускается распространенные пароли; должен содержать хотя бы одну заглавную и прописную букуву и цифру"
writeOnly: true
type: string
old_password:
description: Ввод старого пароля требуется, если пользователь меняет пароль самому себе
type: string
writeOnly: true
first_name:
type: string
example: asdasd
is_active:
type: boolean
email:
type: string
example: asdf@mail.ru
RuleGroup:
type: object
properties:
id:
readOnly: true
type: integer
format: in32
example: 5
name:
type: string
example: rule group
description:
type: string
example: rule description
RuleTypeEnum:
type: integer
enum: [0, 1]
description: Тип правила корреляции.
0 - System
1 - User
default: 0
rule_json:
type: object
format: json
required: [type, field, operands]
properties:
type:
type: string
example: 'query_string'
field:
type: string
example: 'sign_category'
operands:
type: string
example: 'sign_category:\"ARPWATCH\" AND device_action: \"station\"'
http_action:
type: object
required: [type, url, template, content_type]
properties:
type:
type: string
example: 'http'
url:
type: string
example: 'http://172.16.230.105/login/?next=/ru/logstash/rule/add/'
template:
type: string
example: 'Шаблон сообщения HTTP Запроса'
content_type:
type: string
example: 'text/plain'
syslog_action:
type: object
required: [type, host, port, name, protocol, template]
properties:
type:
type: string
example: 'syslog'
host:
type: string
example: '192.168.0.1'
port:
type: string
example: '514'
name:
type: string
example: 'Имя источника Syslog для записей'
protocol:
type: string
example: 'udp'
template:
type: string
example: 'Сообщение Syslog для записей'
exec_action:
type: object
required: [type, path, args, env, cwd]
properties:
type:
type: string
example: 'exec'
path:
type: string
example: 'C:Путь к исполняемому файл'
args:
type: string
example: ''
nullable: true
env:
type: string
example: ''
nullable: true
cwd:
type: string
example: ''
nullable: true
bash_action:
type: object
required: [type, body]
properties:
type:
type: string
example: 'bash'
body:
type: string
example: '#!/bin/bash\n\n# Тело запроса Действие: Bash скрипт '
incident_action:
type: object
required: [type, title, comment, description, importance, category, close_recommendations, effects]
properties:
type:
type: string
example: 'incident'
title:
type: string
example: 'Название Инцидента'
comment:
type: string
example: 'Комментарий к инциденту'
nullable: true
description:
type: string
example: 'Описание инцидента'
nullable: true
importance:
type: string
example: '55'
nullable: true
category:
nullable: true
type: object
required: [name, description, id]
properties:
name:
type: string
example: 'Имя категории инцидента'
description:
type: string
nullable: true
example: 'Описание категории инцидента'
id:
type: integer
example: '1'
assigned_to:
type: string
example: ''
nullable: true
close_recommendations:
type: array
nullable: true
items:
type: string
example: '["rec1", "rec2"]'
effects:
type: array
nullable: true
items:
type: string
example: '["eff1", "eff2"]'
asset_action:
type: object
required: [type, name, asset_type, group, description, manufacturer, model, os, ip, ports]
properties:
type:
type: string
example: 'asset'
name:
type: string
example: 'Имя нового актива'
asset_type:
type: string
example: 'plc'
nullable: true
group:
type: string
example: '1'
description:
type: string
example: 'Описание нового актива'
nullable: true
manufacturer:
type: string
example: '1'
model:
type: string
example: 'plc'
nullable: true
os:
type: string
example: '1'
ip:
type: string
example: '192.168.0.1'
ports:
type: string
example: '1234, 4321'
firewall_action:
type: object
required: [type, armaif, sensor, enabled, quick, log, interface, direction, sequence, action, ipprotocol, protocol, source_net, source_port, source_not, destination_net, destination_port, destination_not, description, gateway]
properties:
type:
type: string
example: 'firewall'
armaif:
type: string
example: '1'
sensor:
nullable: true
type: object
required: [ip, scheme, key, secret]
properties:
ip:
type: string
example: '172.16.230.108'
scheme:
type: string
example: 'http'
key:
type: string
example: '33fsfvw4vefevf'
secret:
type: string
example: '33fsfvw4vefevf'
enabled:
type: boolean
example: 'true'
quick:
type: boolean
example: 'true'
log:
type: boolean
example: 'true'
interface:
type: array
example: '["lan", "lan2"]'
items:
type: string
direction:
type: string
example: 'in'
sequence:
type: string
example: '1'
action:
type: string
example: 'pass'
ipprotocol:
type: string
example: 'inet'
protocol:
type: string
example: 'any'
source_net:
type: string
example: 'any'
source_port:
type: string
example: '1234'
source_not:
type: boolean
example: 'true'
destination_net:
type: string
example: 'any'
destination_port:
type: string
example: '1234'
destination_not:
type: boolean
example: 'true'
description:
type: string
example: 'Описание'
nullable: true
gateway:
type: string
example: ''
nullable: true
Rule:
type: object
properties:
id:
readOnly: true
type: integer
format: int32
example: 2
name:
type: string
description:
type: string
group:
$ref: '#/components/schemas/RuleGroup'
multi:
type: boolean
description: "Множественная реакиция"
type:
$ref: '#/components/schemas/RuleTypeEnum'
status:
type: boolean
archived:
type: boolean
depth:
type: string
format: iso8601
description: "Глубина анализа для правила в формате HH:MM:SS"
created:
type: string
format: nullable
example: "2030-10-10"
updated:
type: string
example: "2030-10-10"
rule_json:
$ref: '#/components/schemas/rule_json'
action_json:
type: array
format: json
items:
anyOf:
- $ref: '#/components/schemas/http_action'
- $ref: '#/components/schemas/syslog_action'
- $ref: '#/components/schemas/exec_action'
- $ref: '#/components/schemas/bash_action'
- $ref: '#/components/schemas/incident_action'
- $ref: '#/components/schemas/asset_action'
- $ref: '#/components/schemas/firewall_action'
rev:
type: integer
format: int32
example: 1
description: "Показывает конкретную версию правила. Приращается при обновлении"
sid:
type: integer
format: int32
example: 2
description: "SID правила кореляции"
is_active:
type: boolean
required:
- name
- type
- depth
- rule_json
- rev
- sid
- action_json
StorageTypeEnum:
type: integer
enum: [0, 1, 2, 3, 4]
description: Тип файла в хранилище.
0 - Unknown
1 - DB dump
2 - CSV export
3 - JSON export
4 - ClamAV updates
default: 0
StorageFormatEnum:
type: string
enum: ['Unknown','Plain','JSON','CSV','ZIP']
description: Формат файла в хранилище.
default: 'Unknown'
StorageList:
properties:
id:
type: integer
minimum: 1
format:
$ref: '#/components/schemas/StorageFormatEnum'
size:
type: integer
description:
type: string
created:
type: string
format: date-time
Storage:
allOf:
- $ref: '#/components/schemas/StorageList'
- properties:
last_access:
type: string
format: date-time
type:
$ref: '#/components/schemas/StorageTypeEnum'
crc:
type: object
properties:
crc:
type: string
type:
type: string
enum: ['sha256sum', 'sha512sum']
LoginRequest:
required: [username, password]
properties:
username:
type: string
nullable: false
password:
type: string
nullable: false
minLength: 8
description: Минимум 8 символов; Не должен содержать быть похож на юзернейм; не допускается распространенные пароли; должен содержать хотя бы одну заглавную и прописную букуву и цифру;
RotationType:
type: integer
enum: [0, 1, 2]
description: Тип ротации. 0 - по моменту времени, 1 - по количеству событий, 2 - отключена
RotationPeriod:
type: string
enum: [day, week, month]
description: Задаёт тип расписания, когда будет происходить ротация. Учитывается только если `rotation_type = 0`
RotationTime:
type: string
format: time
description: |
Задаёт конкретное время, когда будет происходить ротация. Учитывается только если `rotation_type = 0` и `rotation_period = day`
Допустимы следующие формат: hh:mm:ss, hh:mm:ss.uuuuuu, hh:mm, hh:mm[:ss[.uuuuuu]], hh:mm[:ss[.uuuuuu]], hh:mm[:ss[.uuuuuu]].
RotationWeekDay:
type: array
items:
type: string
enum: [sunday, monday, tuesday, wednesday, thursday, friday, saturday]
description: |
Задаёт дни недели, когда будет происходить ротация. Учитывается только если `rotation_type = 0` и `rotation_period = week`.
Время задаётся на сервере. По умолчанию в 01:00 в выбранные дни
RotationMonth:
type: array
items:
type: string
enum: [january,
february,
march,
april,
may,
june,
july,
august,
september,
october,
november,
december]
description: |
Задаёт месяц, когда будет происходить ротация. Учитывается только если `rotation_type = 0` и `rotation_period = month`
Время задаётся на сервере. По умолчанию в 01:00 в первый день месяца
RotationSettings:
properties:
rotation_type:
$ref: '#/components/schemas/RotationType'
size_rotation:
type: integer
nullable: true
default: 5242880
description: Количество событий, при котором происходит ротация. Учитывается только если `rotation_type = 1`
schedule:
description: Объект, в котором задаётся время запуска ротации. Учитывается только если `rotation_type = 0`
properties:
period:
$ref: '#/components/schemas/RotationPeriod'
time:
$ref: '#/components/schemas/RotationTime'
week_day:
$ref: '#/components/schemas/RotationWeekDay'
month:
$ref: '#/components/schemas/RotationMonth'
required:
- rotation_type
SizeRotationSettings:
allOf:
- $ref: '#/components/schemas/RotationSettings'
- required:
- size_rotation
TimeRotationSettings:
allOf:
- $ref: '#/components/schemas/RotationSettings'
- required:
- schedule
EventListbyIndex:
properties:
took:
type: integer
timed_out:
type: boolean
_shards:
properties:
total:
type: integer
successful:
type: integer
skipped:
type: integer
failed:
type: integer
hits:
properties:
total:
properties:
value:
type: integer
minimum: 0
description: "Количество событий"
relation:
type: string
default: eq
max_score:
type: number
format: float
nullable: true
hits:
items:
type: object
description: "Информация о событии. Подробние https://wiki.iwarma.ru/x/A4BVAQ"
EventIndexList:
type: array
items:
type: object
properties:
value:
type: string
label:
type: string
# compamy
AffectedSystemFunctionEnum:
type: string
enum:
- Атомная энергетика
- Банковская сфера и иные сферы финансового рынка
- Горнодобывающая промышленность
- Государственная/муниципальная власть
- Здравоохранение
- Металлургическая промышленность
- Наука
- Оборонная промышленность
- Образование
- Ракетно-космическая промышленность
- Связь
- СМИ
- Топливно-энергетический комплекс
- Транспорт
- Химическая промышленность
- Иная
Company:
properties:
name:
type: string
city:
type: string
api_key:
type: string
is_cii:
type: boolean
description: "Является объектом КИИ?"
location:
properties:
id:
type: integer
minimum: 1
code:
type: string
minimum: 1
description: "ID Кода локации; ISO-3166-2"
affected_system_function:
$ref: '#/components/schemas/AffectedSystemFunctionEnum'
CompanyCreateUpdate:
properties:
name:
type: string
city:
type: string
api_key:
type: string
is_cii:
type: boolean
description: "Является объектом КИИ?"
location:
type: integer
minimum: 1
description: "ID Кода локации; ISO-3166-2"
affected_system_function:
$ref: '#/components/schemas/AffectedSystemFunctionEnum'
LocationCodeList:
type: array
items:
type: object
properties:
id:
type: integer
minimum: 1
code:
type: string
# ГосСОПКА
NotificationCategoryEnum:
type: string
enum:
- Уведомление о компьютерном инциденте
- Уведомление о компьютерной атаке
- Уведомление о наличии уязвимости
EventTypeEnum:
type: string
enum:
- Вовлечение контролируемого ресурса в инфраструктуру ВПО
- Замедление работы ресурса в результате DDoS-атаки
- Заражение ВПО
- Захват сетевого трафика
- Использование контролируемого ресурса для фишинга
- Компрометация учетной записи
- Несанкционированное изменение информации
- Несанкционированное разглашение информации
- Публикация на ресурсе запрещенной законодательством РФ информации
- Рассылка спам-сообщений с контролируемого ресурса
- Успешная эксплуатация уязвимости
- DDoS-атака
- Неудачные попытки авторизации
- Попытки внедрения ВПО
- Попытки эксплуатации уязвимости
- Публикация мошеннической информации
- Сетевое сканирование
- Социальная инженерия
- Уязвимый ресурс
EventTypeVulnerabilityEmum:
type: string
enum:
- Уязвимый ресурс
EventTypeIncidentEnum:
type: string
enum:
- Вовлечение контролируемого ресурса в инфраструктуру ВПО
- Замедление работы ресурса в результате DDoS-атаки
- Заражение ВПО
- Захват сетевого трафика
- Использование контролируемого ресурса для фишинга
- Компрометация учетной записи
- Несанкционированное изменение информации
- Несанкционированное разглашение информации
- Публикация на ресурсе запрещенной законодательством РФ информации
- Рассылка спам-сообщений с контролируемого ресурса
- Успешная эксплуатация уязвимости
EventTypeAttackEnum:
type: string
enum:
- Неудачные попытки авторизации
- Попытки эксплуатации уязвимости
- Попытки внедрения ВПО
- Публикация мошеннической информации
- DDoS-атака
- Социальная инженерия
- Сетевое сканирование
ActivityStatusEnum:
type: string
enum:
- Меры приняты
- Проводятся мероприятия по реагированию
- Возобновлены мероприятия по реагированию
TlpEnum:
type: string
enum:
- TLP:WHITE
- TLP:GREEN
- TLP:AMBER
- TLP:RED
description: "TLP:WHITE - Non-confidential; TLP:GREEN - Limiting the transmissions of communicable; TLP:AMBER - Limited distribution within the organization; TLP:RED - Not for distribution;"
AffectedSystemCategoryEnum:
type: string
enum:
- Информационный ресурс не является объектом КИИ
- Объект КИИ без категории значимости
- Объект КИИ третьей категории значимости
- Объект КИИ второй категории значимости
- Объект КИИ первой категории значимости
NotificationStatusEnum:
type: string
enum:
- Проверка НКЦКИ
- Создано
- Зарегистрировано
- Требуется дополнение
- Принято решение
- Отправлено в архив
ImpactEffect:
type: string
enum:
- Высокое
- Низкое
- Отсутствует
NCIRCCNotifictionRetrive:
type: object
properties:
id:
type: integer
minimum: 1
incident:
type: string
format: uuid
description: "PK(ID) инцидента"
update_time:
type: string
format: date-time
uuid:
type: string
format: uuid
identifier:
type: string
category:
$ref: '#/components/schemas/NotificationCategoryEnum'
type:
$ref: '#/components/schemas/EventTypeEnum'
activity_status:
$ref: '#/components/schemas/ActivityStatusEnum'
tlp:
$ref: '#/components/schemas/TlpEnum'
affected_system_name:
type: string
affected_system_category:
$ref: '#/components/schemas/AffectedSystemCategoryEnum'
event_description:
type: string
affected_system_connection:
type: boolean
default: false
assistance:
type: boolean
default: false
notification_status:
$ref: '#/components/schemas/NotificationStatusEnum'
vulnerability_id:
type: string
product_category:
type: string
integrity_impact:
$ref: '#/components/schemas/ImpactEffect'
availability_impact:
$ref: '#/components/schemas/ImpactEffect'
confidentiality_impact:
$ref: '#/components/schemas/ImpactEffect'
custom_impact:
type: string
created:
type: string
format: date-time
updated:
type: string
format: date-time
sending_time:
type: string
format: date-time
readOnly: true
comments_count:
type: integer
minimum: 0
description: "Количество не прочтеных сообщений"
NCIRCCNotifictionList:
type: array
items:
$ref: '#/components/schemas/NCIRCCNotifictionRetrive'
NCIRCCCommentRetrieve:
properties:
id:
type: integer
text:
type: string
create_time:
type: string
format: date-time
login:
type: string
notification:
type: integer
minimum: 1
description: 'PK(ID) Инцидента'
id_in_ncircc:
type: integer
minimum: 1
description: 'ID сообщения на портале ГосСОПКА'
from_console:
type: boolean
default: false
description: "Отправлено ли сообщение с Консоли?"
NCIRCCCommentRetrieveList:
items:
$ref: '#/components/schemas/NCIRCCCommentRetrieve'
NCIRCCCommentCreate:
properties:
text:
type: string
NCIRCCNotificationCreateBasic:
properties:
incident:
type: string
format: uuid
description: "PK(ID) инцидента"
category:
$ref: '#/components/schemas/NotificationCategoryEnum'
activity_status:
$ref: '#/components/schemas/ActivityStatusEnum'
tlp:
$ref: '#/components/schemas/TlpEnum'
affected_system_name:
type: string
affected_system_category:
$ref: '#/components/schemas/AffectedSystemCategoryEnum'
event_description:
type: string
affected_system_connection:
type: boolean
default: false
assistance:
type: boolean
default: false
NCIRCCNotificationCreateIncident:
allOf:
- $ref: '#/components/schemas/NCIRCCNotificationCreateBasic'
- type: object
properties:
type:
$ref: '#/components/schemas/EventTypeIncidentEnum'
integrity_impact:
$ref: '#/components/schemas/ImpactEffect'
availability_impact:
$ref: '#/components/schemas/ImpactEffect'
confidentiality_impact:
$ref: '#/components/schemas/ImpactEffect'
custom_impact:
type: string
NCIRCCNotificationCreateAttack:
allOf:
- $ref: '#/components/schemas/NCIRCCNotificationCreateBasic'
- type: object
properties:
type:
$ref: '#/components/schemas/EventTypeAttackEnum'
integrity_impact:
$ref: '#/components/schemas/ImpactEffect'
availability_impact:
$ref: '#/components/schemas/ImpactEffect'
confidentiality_impact:
$ref: '#/components/schemas/ImpactEffect'
custom_impact:
type: string
NCIRCCNotificationCreateVulnerability:
allOf:
- $ref: '#/components/schemas/NCIRCCNotificationCreateBasic'
- type: object
properties:
type:
$ref: '#/components/schemas/EventTypeVulnerabilityEmum'
vulnerability_id:
type: string
product_category:
type: string
NCIRCCNotificationUpdateBasic:
properties:
activity_status:
$ref: '#/components/schemas/ActivityStatusEnum'
event_description:
type: string
affected_system_connection:
type: boolean
default: false
category:
$ref: '#/components/schemas/NotificationCategoryEnum'
type:
$ref: '#/components/schemas/EventTypeEnum'
required:
- category
- type
NCIRCCNotificationUpdateIncidentAttack:
allOf:
- $ref: '#/components/schemas/NCIRCCNotificationUpdateBasic'
- type: object
properties:
integrity_impact:
$ref: '#/components/schemas/ImpactEffect'
availability_impact:
$ref: '#/components/schemas/ImpactEffect'
confidentiality_impact:
$ref: '#/components/schemas/ImpactEffect'
custom_impact:
type: string
NCIRCCNotificationUpdateVulnerability:
allOf:
- $ref: '#/components/schemas/NCIRCCNotificationUpdateBasic'
- type: object
properties:
vulnerability_id:
type: string
product_category:
type: string
AuthSettings:
properties:
login_attempts_limit:
type: integer
default: 3
minimum: 0
maximum: 100
login_block_timeout:
description: 'Допускается только следующий формат: hh:mm:ss'
type: string
default: "00:30:00"
TLSSettings:
type: object
properties:
enabled:
type: boolean
certificate:
type: string
format: binary
nullable: true
key:
type: string
format: binary
nullable: true
RotationTypeEndpoint:
type: integer
enum:
- 1
- 2
default: 1
description: Тип ротации. 1 - по времени, 2 - по размеру
RotationTimeEndpoint:
type: integer
enum:
- 1
- 2
- 3
description: Время ротации. 1 - каждый день, 2 - каждую неделю, 3 - каждый месяц
default: 1
CreateEndpoint:
required:
- ip
- name
properties:
id:
readOnly: true
type: integer
create_input:
type: boolean
default: false
log_port:
type: integer
minimum: 1500
maximum: 65535
dc_enabled:
type: boolean
default: False
description: Enable device control
prohibit_cd_access:
type: boolean
default: False
description: Prohibit CD/DVD access. To apply this change you need to restart host machine locally
ic_enabled:
type: boolean
default: true
description: Enable integrity control
scan_folders:
type: array
items:
type: string
description: Folder for integrity control
ic_timeout:
type: integer
minimum: 0
maximum: 86400
default: 3
description: Event creation timeout. How often we can get integrity control events. Value in seconds
wl_enable:
type: boolean
description: Enable white list
default: false
wl_admin:
type: boolean
description: Local admin ignores white list
default: true
white_list:
type: array
items:
type: string
maxLength: 1024
description: Folder for white list
default:
- "%HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\SystemRoot%"
- "%HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\ProgramFilesDir%"
usb_control_enabled:
type: boolean
description: Enable USB control. To apply this change you need to restart host machine locally
default: false
usb_allowed_storage:
type: array
items:
type: object
description: Allowed USB devices. List of all allowed USB devices for this Endpoint
default: []
usb_allowed_classes:
type: array
items:
type: integer
description: Allowed USB devices classes. List of all allowed device classes for USB control
default: []
usb_hid_allow_other_subclasses:
type: boolean
default: false
description: Allowed USB devices hid subclasses
usb_hid_allowed_subclasses:
type: array
items:
type: integer
description: Allowed USB devices hid subclasses. List of all allowed USB devices hid subclasses for USB control
default: []
usb_hid_deny_subclasses:
type: array
items:
type: integer
description: Prohibited USB devices hid subclasses. List of all blocked USB devices hid subclasses for USB control
default: []
usb_connected:
type: object
description: Connected USB devices. List of all connected to Endpoint USB devices.
nullable: true
clamav_start_scan:
type: boolean
description: Initiate antivirus scan
default: false
clamav_update_db:
type: boolean
description: Initiate antivirus db update
default: false
clamav_recent_update:
type: integer
nullable: true
description: Link to data storage instance with clamav update file
clamav_enabled:
type: boolean
default: false
description: Enable antivirus. Detailed Antivirus control should be configured on host machine
clamav_scan_on_add:
type: boolean
description: Scan files for viruses on add
default: false
clamav_live_scan:
type: boolean
description: Scan executable files
default: false
clamav_stop_all_tasks:
type: boolean
description: Signal for interruption of all antivirus processes
default: false
clamav_paths:
type: array
items:
type: string
maxLength: 1024
default: []
description: Path for scanning
clamav_last_update:
type: string
format: date-time
nullable: true
description: Last antivirus database update time
clamav_last_scan_init:
type: string
format: date-time
description: Last antivirus database update time
clamav_remove_infected_files:
type: boolean
default: false
description: Remove infected files
event_rotation_type:
$ref: '#/components/schemas/RotationTypeEndpoint'
event_rotation_size:
type: integer
default: 100
minimum: 100
description: Event rotation size. Select the rotation size in KB
event_rotation_period:
$ref: '#/components/schemas/RotationTimeEndpoint'
event_rotation_time:
type: string
maximum: 1024
default: '00:00:00'
nullable: true
updated:
type: string
format: date-time
ip:
type: integer
description: Device IP address
settings_changed:
type: boolean
default: true
description: Flag to mark if Endpoint logs has been changed. Check if you want to upload settings to Endpoint
incorrect_settings:
type: boolean
default: false
description: Flag to mark if config in current console has errors. Checked if config in console for Endpoint contains errors
config_errors:
nullable: true
type: array
description: Endpoint config errors. Full list of Endpoint config errors
items:
type: string
request_config:
default: true
description: 'Flag to show if user wants to upload config from endpoint. If set to True, uploads config from endpoint, saves it'
update_db:
type: boolean
default: true
description: 'Flag to show if user wants to update clamav database. If set to True, update clamav database'
is_requested_config_correct:
type: boolean
default: true
description: 'Flag to show if config, downloaded from endpoint, has correct format. If set to False, means that last attempt to download and set up config from Endpoint has failed'
endpoint_asset:
type: integer
nullable: true
description: Endpoint Asset
InputSourceType:
type: string
enum:
- armaif
- endpoint
InputSource:
required:
- label
- type
properties:
id:
type: integer
readOnly: true
label:
type: string
type:
$ref: '#/components/schemas/InputSourceType'
can_delete:
type: boolean
readOnly: true
port:
type: integer
minimum: 1500
maximum: 65535
DeviceType:
type: string
enum:
- firewall
- endpoint
- sensor
readOnly: true
AdjustDatetime:
type: integer
enum:
- 1
- 2
description: Изменять ли время у событий, которые порождены устройством. 1 - у событий указывается локальное время, 2 - время возникновения не изменяется.
FirewallStatus:
properties:
status:
type: string
enum: [offline, online, unauthorized, error]
EndpointStatus:
properties:
status:
type: string
enum: [offline, online, config_errors]
Device:
properties:
id:
type: integer
readOnly: true
name:
type: string
description:
type: string
type:
$ref: '#/components/schemas/DeviceType'
ip:
type: string
format: ip
port:
type: integer
minimum: 1500
maximum: 65535
updated:
type: string
format: datetime
status:
oneOf:
- $ref: '#/components/schemas/FirewallStatus'
- $ref: '#/components/schemas/EndpointStatus'
group:
anyOf:
- $ref: '#/components/schemas/GroupInDevice'
- nullable: true
CreateSensorDevice:
properties:
name:
type: string
ip:
type: string
format: ip
port:
type: integer
minimum: 1500
maximum: 65535
SensorDevice:
allOf:
- $ref: "#/components/schemas/Device"
- properties:
uuid:
type: string
readOnly: true
synchronization:
type: boolean
readOnly: true
authorization_key:
type: string
readOnly: true
span_interface:
type: string
control_interface:
type: object
signature_analysis:
type: boolean
protocols_analysis:
type: boolean
ProductVersion:
properties:
product:
type: string
version:
type: string
ArmaIndustrialFirewall:
allOf:
- $ref: '#/components/schemas/Device'
- properties:
key:
type: string
secret:
type: string
comment:
type: string
website:
readOnly: true
type: string
version:
readOnly: true
type: string
remote_name:
readOnly: true
type: string
identification_number:
readOnly: true
type: string
hash_number:
readOnly: true
type: string
flavour:
readOnly: true
type: string
email:
readOnly: true
type: string
copyright_years:
readOnly: true
type: string
copyright_url:
readOnly: true
type: string
copyright_owner:
readOnly: true
type: string
architecture:
readOnly: true
type: string
abi:
readOnly: true
type: string
updated:
readOnly: true
type: string
format: date-time
EndpointDevice:
allOf:
- $ref: '#/components/schemas/Device'
properties:
whitelist_enabled:
type: boolean
whitelist_admin:
type: boolean
white_list_paths:
type: array
integrity_control_enabled:
type: boolean
integrity_control_timeout:
type: integer
minimum: 0
maximum: 86400
scan_paths:
type: array
antivirus_enabled:
type: boolean
antivirus_remove_infected_files:
type: boolean
antivirus_start_scan:
type: boolean
antivirus_paths:
type: array
device_control_enabled:
type: boolean
prohibit_cd_access:
type: boolean
usb_control_enabled:
type: boolean
config_errors:
type: object
readOnly: true
event_rotation_type:
$ref: '#/components/schemas/RotationTypeEndpoint'
event_rotation_size:
type: integer
default: 100
minimum: 100
description: Event rotation size. Select the rotation size in KB
event_rotation_period:
$ref: '#/components/schemas/RotationTimeEndpoint'
event_rotation_time:
type: string
maximum: 1024
default: '00:00:00'
nullable: true
DeviceGroup:
allOf:
- $ref: "#/components/schemas/NameDescriptionModel"
- properties:
devices:
type: array
items:
type: object
properties:
id:
type: integer
name:
type: string
CreateDeviceGroup:
allOf:
- $ref: "#/components/schemas/NameDescriptionModel"
- properties:
devices:
type: array
items:
type: integer
ManageService:
properties:
service:
type: string
enum:
- correlator
- nginx
- elasticsearch
- vector
- gunicorn
- celery
- celerybeat
- postgresql
GroupInDevice:
properties:
id:
type: integer
name:
type: string
SensorInterface:
properties:
interface:
type: string
addresses:
type: array
items:
type: object
properties:
address:
type: string
netmask:
type: string
mac:
type: string
up:
type: boolean
SensorInterfacesList:
properties:
status:
type: string
enum: [ok, error]
data:
type: array
items:
$ref: '#/components/schemas/SensorInterface'