t0xa/old_console
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
old_console/frontend/finalschemaAPI.yaml
pro100ton ed782d491a Initial migration
2024-11-02 14:12:45 +03:00

5882 lines
174 KiB
YAML
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

openapi: 3.0.3
info:
title: ARMA Management Console API
version: 1.0.0
description: ARMA Management Console API
externalDocs:
description: Дополнительные соглашения используемые при разработке спецификации
url: https://iwarma.atlassian.net/wiki/spaces/ARMA/pages/25362443/ARMA+AMC+API
servers:
- url: http://localhost:9090/en
security:
- token_auth: []
tags:
- name: assets
description: "All for assets"
paths:
/api/incidents/:
get:
description: |-
Показать список инцидентов
Требуемое права: `can_view_incidents_list`
tags:
- incident
parameters:
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page_size"
- $ref: "#/components/parameters/assets"
responses:
200:
description: ""
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/Pagination"
- properties:
results:
items:
$ref: "#/components/schemas/Incident"
403:
$ref: "#/components/responses/403"
/api/incidents/{uuid}:
parameters:
- $ref: "#/components/parameters/uuidParam"
get:
description: |-
Подробная информация о инциденте
Требуемые права: `can_view_incidents`
tags:
- incident
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/Incident"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
patch:
description: |-
Обновление данных инцидента
Требуемые права: `can_view_incidents`
tags:
- incident
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/IncidentEdit"
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/Incident"
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
/api/incidents/csv_export/:
get:
tags:
- incident
description: 'Экспортирует таблицу инцидентов в новый файл хранилища и возвращает этот файл'
responses:
200:
description: Возвращает файл
/api/incidents/category/:
get:
description: |-
Получить список категорий инцидентов
Требуемые права: `can_view_incidents_list`
tags:
- incident
parameters:
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page_size"
responses:
200:
description: ""
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/Pagination"
- properties:
results:
items:
$ref: "#/components/schemas/NameDescriptionModel"
403:
$ref: "#/components/responses/403"
/api/incidents/effects/:
get:
description: |-
Показать список эффектов инцидента
tags:
- incident
parameters:
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page_size"
responses:
200:
description: ""
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/Pagination"
- properties:
results:
items:
$ref: "#/components/schemas/NameDescriptionModel"
403:
$ref: "#/components/responses/403"
post:
description: Добавить эффект для инцидента
tags:
- incident
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: "#/components/responses/403"
/api/incidents/effects/{id}:
get:
description: "Получить эффект для инцидента по его ID"
tags:
- incident
parameters:
- $ref: '#/components/parameters/idParam'
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
403:
description: Forbidden
content:
application/json:
schema:
properties:
detail:
type: string
example:
detail: "Учетные данные не были предоставлены."
404:
$ref: "#/components/responses/404"
patch:
description: Редактировать эффект инцидента
tags:
- incident
parameters:
- $ref: "#/components/parameters/idParam"
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
delete:
description: Удалить эффект инцидента
tags:
- incident
parameters:
- $ref: "#/components/parameters/idParam"
responses:
200:
description: "Успешное удаление"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
/api/incidents/recommendations/:
get:
description: "Получить список рекоммендаций для инцидентов"
tags:
- incident
parameters:
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page_size"
responses:
200:
description: ""
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/Pagination"
- properties:
results:
items:
$ref: "#/components/schemas/IncidentRecommendations"
403:
description: Forbidden
content:
application/json:
schema:
properties:
detail:
type: string
example:
detail: "Учетные данные не были предоставлены."
post:
description: Добавить рекоммендацию для инцидента
tags:
- incident
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: "#/components/responses/403"
/api/incidents/recommendations/{id}:
get:
description: "Получить рекоммендацию для инцидента по его ID"
tags:
- incident
parameters:
- $ref: '#/components/parameters/idParam'
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
403:
description: Forbidden
content:
application/json:
schema:
properties:
detail:
type: string
example:
detail: "Учетные данные не были предоставлены."
404:
$ref: "#/components/responses/404"
patch:
description: Редактировать рекоммендацию инцидента
tags:
- incident
parameters:
- $ref: "#/components/parameters/idParam"
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
delete:
description: Удалить рекоммендацию инцидента
tags:
- incident
parameters:
- $ref: "#/components/parameters/idParam"
responses:
200:
description: "Успешное удаление"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
/api/assets/groups:
get:
description: Получить список групп ассетов
tags:
- asset groups
parameters:
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page_size"
responses:
200:
description: ""
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/Pagination"
- properties:
results:
items:
$ref: "#/components/schemas/AssetGroup"
403:
$ref: "#/components/responses/403"
405:
$ref: "#/components/responses/405"
400:
description: ""
content:
application/json:
examples:
invalid_page:
$ref: "#/components/examples/invalid_page"
invalid_query_parameter:
$ref: "#/components/examples/invalid_query_parameter"
post:
description: Добавить производителя
tags:
- asset groups
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/AssetGroup"
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/AssetGroup"
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
/api/assets/groups/{id}/:
get:
description: Получить производителя по его ID
tags:
- asset groups
parameters:
- $ref: "#/components/parameters/idParam"
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/AssetGroup"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
patch:
description: Редактировать производителя по его ID
tags:
- asset groups
parameters:
- $ref: "#/components/parameters/idParam"
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/AssetGroup"
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/AssetGroup"
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
delete:
description: Удалить производителя по его ID
tags:
- asset groups
parameters:
- $ref: "#/components/parameters/idParam"
responses:
200:
description: ""
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
/api/assets/manufacturers:
get:
description: Получить список доступных производителей
tags:
- asset manufacturer
parameters:
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page_size"
responses:
200:
description: ""
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/Pagination"
- properties:
results:
items:
$ref: "#/components/schemas/NameDescriptionModel"
403:
$ref: "#/components/responses/403"
405:
$ref: "#/components/responses/405"
400:
description: ""
content:
application/json:
examples:
invalid_page:
$ref: "#/components/examples/invalid_page"
invalid_query_parameter:
$ref: "#/components/examples/invalid_query_parameter"
post:
description: Доавить производителя
tags:
- asset manufacturer
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
/api/assets/manufacturer/{id}/:
get:
description: Получить производителя по его ID
tags:
- asset manufacturer
parameters:
- $ref: "#/components/parameters/idParam"
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
patch:
description: Редактировать производителя по его ID
tags:
- asset manufacturer
parameters:
- $ref: "#/components/parameters/idParam"
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
delete:
description: Удалить производителя по его ID
tags:
- asset manufacturer
parameters:
- $ref: "#/components/parameters/idParam"
responses:
200:
description: ""
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
/api/assets/os:
get:
description: Получить список доступных операционных систем
tags:
- os
parameters:
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page_size"
responses:
200:
description: ""
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/Pagination"
- properties:
results:
items:
$ref: "#/components/schemas/NameDescriptionModel"
403:
$ref: "#/components/responses/403"
405:
$ref: "#/components/responses/405"
400:
description: ""
content:
application/json:
examples:
invalid_page:
$ref: "#/components/examples/invalid_page"
invalid_query_parameter:
$ref: "#/components/examples/invalid_query_parameter"
post:
description: Доавить ОС
tags:
- os
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
/api/assets/os/{id}/:
get:
description: Получить Операционную систему по ее ID
tags:
- os
parameters:
- $ref: "#/components/parameters/idParam"
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
patch:
description: Редактировать ОС по ее ID
tags:
- os
parameters:
- $ref: "#/components/parameters/idParam"
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/NameDescriptionModel"
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
delete:
description: Удалить ОС по ее ID
tags:
- os
parameters:
- $ref: "#/components/parameters/idParam"
responses:
200:
description: ""
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
/api/assets/elements/:
get:
description: |-
Show Active List.
Permisions requred:
- "Can view list active";
tags:
- assets
parameters:
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page_size"
- $ref: "#/components/parameters/incidents"
responses:
200:
description: ""
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/Pagination"
- properties:
results:
items:
$ref: "#/components/schemas/AssetList"
403:
$ref: "#/components/responses/403"
405:
$ref: "#/components/responses/405"
400:
description: ""
content:
application/json:
examples:
invalid_page:
$ref: "#/components/examples/invalid_page"
invalid_query_parameter:
$ref: "#/components/examples/invalid_query_parameter"
/api/assets/elements/{id}/:
get:
description: |-
Получение полной информации о запрашиваемом активе. В том числе:
- Связные инциденты
- ?Связные уязвимости?
Связные модели возвращаются ввиде полной информации об объекте
Permisions requred:
- 'Can view active'
parameters:
- $ref: "#/components/parameters/idParam"
tags:
- assets
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/AssetDetail"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
patch:
description: |-
Patch Asset.
Permisions requred:
- 'Can view active'
parameters:
- $ref: "#/components/parameters/idParam"
tags:
- assets
requestBody:
content:
application/json:
schema:
$ref: "#/components/schemas/AssetPatch"
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/AssetBase"
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
delete:
description: |-
Delete Asset.
Permisions requred:
- 'Can delete active'
parameters:
- $ref: "#/components/parameters/idParam"
tags:
- assets
responses:
200:
$ref: "#/components/responses/200_no_content"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
/api/assets/elements/authorize_assets/:
post:
tags:
- assets
requestBody:
content:
application/json:
schema:
properties:
selected_assets:
type: array
items:
type: integer
minimum: 1
responses:
200:
description: ""
content:
application/json:
example:
status: ok
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
/api/assets/elements/csv_export/:
get:
tags:
- assets
description: 'Экспортирует всю таблицу ассетов в новый файл хранилища и возвращает этот файл'
responses:
200:
description: Возвращает файл
/api/users/:
get:
description: "Получить список не удаленных пользователей (пользователей, у которых в имени не присутсвует префикс deleted_*"
tags:
- users
parameters:
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page_size"
responses:
200:
description: ""
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/Pagination"
- properties:
results:
items:
$ref: "#/components/schemas/UserInfo"
403:
$ref: "#/components/responses/403"
405:
$ref: "#/components/responses/405"
400:
description: ""
content:
application/json:
examples:
invalid_page:
$ref: "#/components/examples/invalid_page"
invalid_query_parameter:
$ref: "#/components/examples/invalid_query_parameter"
post:
description: "Создание нового пользователя"
tags:
- users
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UserInfo'
responses:
200:
description: ""
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/Pagination"
- properties:
results:
items:
$ref: "#/components/schemas/UserInfo"
403:
$ref: "#/components/responses/403"
405:
$ref: "#/components/responses/405"
400:
description: ""
content:
application/json:
examples:
invalid_page:
$ref: "#/components/examples/invalid_page"
invalid_query_parameter:
$ref: "#/components/examples/invalid_query_parameter"
incorrect_password:
$ref: "#/components/examples/incorrect_password"
/api/users/{id}/:
get:
description: "Получение информации о пользователе по его ID"
parameters:
- $ref: "#/components/parameters/idParam"
tags:
- users
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/UserInfo"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
patch:
description: "Редактирование информации о пользователе по его ID"
parameters:
- $ref: "#/components/parameters/idParam"
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/UserInfo'
tags:
- users
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/UserInfo"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
incorrect_password:
$ref: "#/components/examples/incorrect_password"
delete:
description: "Удалить пользователя (Переименовывание логина пользователя + изменение состояния is_active -> False) по его ID."
parameters:
- $ref: "#/components/parameters/idParam"
tags:
- users
responses:
200:
$ref: "#/components/responses/200_no_content"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
/api/users/whoami/:
get:
description: "Получение информации об авторизаванном пользователе"
tags:
- users
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/User"
403:
$ref: "#/components/responses/403"
/api/store/:
get:
description: "Список файлов в хранилище"
tags:
- store
parameters:
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page_size"
responses:
200:
description: ""
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/Pagination"
- properties:
results:
items:
$ref: "#/components/schemas/StorageList"
403:
$ref: "#/components/responses/403"
400:
description: ""
content:
application/json:
examples:
invalid_page:
$ref: "#/components/examples/invalid_page"
invalid_query_parameter:
$ref: "#/components/examples/invalid_query_parameter"
/api/store/{id}/:
get:
description: |-
Получения полной информации об одном файле
Требуемые права:
- 'Can view storage'
parameters:
- $ref: "#/components/parameters/idParam"
tags:
- store
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/Storage"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
delete:
description: 'Удаления файла'
parameters:
- $ref: "#/components/parameters/idParam"
tags:
- store
responses:
200:
$ref: "#/components/responses/200_no_content"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
/api/store/{id}/download/:
get:
description: 'Скачивание файла'
parameters:
- $ref: "#/components/parameters/idParam"
tags:
- store
responses:
200:
description: Возвращает файл
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
/api/store/antivirus/:
post:
description: 'Обновление антивируса'
tags:
- store
requestBody:
content:
multipart/form-data:
schema:
type: object
required: [file]
properties:
file:
type: string
format: binary
description: Файл обновления антивируса (zip архив)
responses:
200:
$ref: '#/components/responses/200_status_ok'
403:
$ref: "#/components/responses/403"
400:
$ref: "#/components/responses/400_file_required"
/api/login/:
post:
description: Аутентификация в системе по сессии
tags:
- authorization
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/LoginRequest'
responses:
200:
description: ""
content:
application/json:
example:
status: ok
400:
description: ""
content:
application/json:
examples:
invalid_cred:
$ref: "#/components/examples/invalid_cred"
block_user_first:
$ref: '#/components/examples/block_user_first'
block_user_other:
$ref: '#/components/examples/block_user_other'
/api/logout/:
post:
description: Необходимо быть авторизованным
tags:
- authorization
responses:
200:
description: "Успешное прекращение(удаление) сессии."
403:
$ref: '#/components/responses/403'
/api/license/:
get:
description: "Получение информации о лицензии"
tags:
- license
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/License_info"
403:
$ref: "#/components/responses/403"
400:
$ref: "#/components/responses/400"
/api/license/auto/{uuid}:
parameters:
- $ref: "#/components/parameters/uuidParam"
get:
description: "Автоматическая активация лицензии"
tags:
- license
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/License_activate_success"
403:
$ref: "#/components/responses/403"
400:
$ref: "#/components/responses/400"
/api/license/token/{uuid}:
parameters:
- $ref: "#/components/parameters/uuidParam"
get:
description: "Получение токена для генерации лицензионного ключа"
tags:
- license
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/License_token"
403:
$ref: "#/components/responses/403"
400:
$ref: "#/components/responses/400"
/api/license/manual/:
post:
description: 'Ручная активация лицензии'
tags:
- license
requestBody:
content:
multipart/form-data:
schema:
type: object
required: [file]
properties:
file:
type: string
format: application/json
description: Лицензионный
responses:
200:
description: ""
content:
application/json:
schema:
$ref: '#/components/schemas/License_activate_success'
403:
$ref: "#/components/responses/403"
400:
$ref: "#/components/responses/400"
/api/rotation/events/set/:
post:
description: |
Задаёт новые настройки ротации событий.
Permisions requred:
- can_change_rotation_settings <br>
`size_rotation` указывает количество событий, при котором будет выполнена ротация
tags:
- rotation
requestBody:
content:
application/json:
schema:
oneOf:
- $ref: '#/components/schemas/TimeRotationSettings'
- $ref: '#/components/schemas/SizeRotationSettings'
examples:
Ротация по времени:
value:
rotation_type: 0
schedule:
period: "day"
time: "23:42"
Ротация по размеру:
value:
rotation_type: 1
size_rotation: 76543
Отключить ротацию:
value:
rotation_type: 2
required: true
responses:
'200':
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/RotationSettings'
403:
$ref: '#/components/responses/403'
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
/api/rotation/incidents/set/:
post:
description: |
Задаёт новые настройки ротации инцидентов.
Permisions requred:
- can_change_rotation_settings <br>
`size_rotation` указывает размер таблицы инцидентов, при котором будет выполнена ротация
tags:
- rotation
requestBody:
content:
application/json:
schema:
oneOf:
- $ref: '#/components/schemas/TimeRotationSettings'
- $ref: '#/components/schemas/SizeRotationSettings'
examples:
Ротация по времени:
value:
rotation_type: 0
schedule:
period: "day"
time: "23:42"
Ротация по размеру:
value:
rotation_type: 1
size_rotation: 76543
Отключить ротацию:
value:
rotation_type: 2
required: true
responses:
'200':
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/RotationSettings'
403:
$ref: '#/components/responses/403'
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
/api/rotation/incidents/current_settings/:
get:
description: |
Получить текущие настройки ротации инцидентов.
Permisions requred:
- can_change_rotation_settings
tags:
- rotation
responses:
'200':
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/RotationSettings'
403:
$ref: '#/components/responses/403'
/api/rotation/events/current_settings/:
get:
description: |
Получить текущие настройки ротации событий.
Permisions requred:
- can_change_rotation_settings
tags:
- rotation
responses:
'200':
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/RotationSettings'
403:
$ref: '#/components/responses/403'
/api/events/elastic/query/{index}:
get:
description: "Получение списка эвентов по Index"
tags:
- events
parameters:
- $ref: "#/components/parameters/indexParam"
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page_size"
- $ref: '#/components/parameters/elk_events_search'
- $ref: '#/components/parameters/ordering'
responses:
200:
description: ""
content:
application/json:
schema:
$ref: '#/components/schemas/EventListbyIndex'
400:
$ref: '#/components/responses/400_elk'
403:
$ref: "#/components/responses/403"
/api/events/elastic/all-indexes/:
get:
description: "Получение списка всех индекосов или по патерну"
tags:
- events
parameters:
- $ref: '#/components/parameters/index_pattern'
responses:
200:
description: ""
content:
application/json:
schema:
$ref: '#/components/schemas/EventIndexList'
400:
$ref: '#/components/responses/400_elk'
403:
$ref: "#/components/responses/403"
/api/company/:
get:
description: "Получение данных компании"
tags:
- company
responses:
200:
description: ""
content:
application/json:
schema:
oneOf:
- $ref: '#/components/schemas/Company'
- properties:
details:
type: string
example: company not initialized
examples:
company found:
description: Компания существует
company not found:
value:
details: company not initialized
403:
$ref: "#/components/responses/403"
404:
$ref: '#/components/responses/404'
post:
description: "Создание и обновление компании"
tags:
- company
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/CompanyCreateUpdate'
responses:
200:
description: ""
content:
application/json:
schema:
$ref: '#/components/schemas/Company'
403:
$ref: '#/components/responses/403'
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
/api/company/locations/:
get:
description: "Получения списка кодов локаций"
tags:
- company
responses:
200:
description: ""
content:
application/json:
schema:
$ref: '#/components/schemas/LocationCodeList'
403:
$ref: '#/components/responses/403'
/api/ncircc/notifications/:
get:
description: "Получение списка отправленных инцидентов"
tags:
- ncircc
parameters:
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page_size"
responses:
403:
$ref: '#/components/responses/403'
200:
description: ""
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/Pagination"
- properties:
results:
items:
$ref: '#/components/schemas/NCIRCCNotifictionList'
post:
description: "Отправка инцидента в ГосСОПКА"
tags:
- ncircc
requestBody:
content:
application/json:
schema:
oneOf:
- $ref: '#/components/schemas/NCIRCCNotificationCreateIncident'
- $ref: '#/components/schemas/NCIRCCNotificationCreateAttack'
- $ref: '#/components/schemas/NCIRCCNotificationCreateVulnerability'
examples:
Отправка инцидента:
value: {
"incident": "8c0cd0d51a474243970a80b1de05c25b",
"category": "Уведомление о компьютерном инциденте",
"type": "Вовлечение контролируемого ресурса в инфраструктуру ВПО",
"activity_status": "Меры приняты",
"tlp": "Меры приняты",
"affected_system_name": "string",
"affected_system_category": "Информационный ресурс не является объектом КИИ",
"event_description": "string",
"affected_system_connection": "false",
"assistance": "false",
"integrity_impact": "Отсутствует",
"availability_impact": "Отсутствует",
"confidentiality_impact": "Отсутствует",
"custom_impact": "string"
}
Отправка атаки:
value: {
"incident": "8c0cd0d51a474243970a80b1de05c25b",
"category": "Уведомление о компьютерной атаке",
"type": "DDoS-атака",
"activity_status": "Меры приняты",
"tlp": "Меры приняты",
"affected_system_name": "string",
"affected_system_category": "Информационный ресурс не является объектом КИИ",
"event_description": "string",
"affected_system_connection": "false",
"assistance": "false",
"integrity_impact": "Отсутствует",
"availability_impact": "Отсутствует",
"confidentiality_impact": "Отсутствует",
"custom_impact": "string"
}
Отправка уязвимости:
value: {
"incident": "8c0cd0d51a474243970a80b1de05c25b",
"category": "Уведомление о наличии уязвимости",
"type": "Уязвимый ресурс",
"activity_status": "Меры приняты",
"tlp": "Меры приняты",
"affected_system_name": "string",
"affected_system_category": "Информационный ресурс не является объектом КИИ",
"event_description": "string",
"affected_system_connection": "false",
"assistance": "false",
"vulnerability_id": "string",
"product_category": "string"
}
responses:
201:
description: "todo"
content:
application/json:
schema:
$ref: '#/components/schemas/NCIRCCNotifictionRetrive'
403:
$ref: '#/components/responses/403'
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
ncircc_err:
$ref: '#/components/examples/ncircc_err'
/api/ncircc/notifications/{id}/:
get:
description: "Получение отправленного уведомления по ID"
parameters:
- $ref: "#/components/parameters/idParam"
tags:
- ncircc
responses:
200:
description: ""
content:
application/json:
schema:
$ref: '#/components/schemas/NCIRCCNotifictionRetrive'
403:
$ref: '#/components/responses/403'
404:
$ref: '#/components/responses/404'
patch:
description: "Обновление информации в ГосСОПКА"
tags:
- ncircc
parameters:
- $ref: '#/components/parameters/idParam'
requestBody:
content:
application/json:
schema:
oneOf:
- $ref: '#/components/schemas/NCIRCCNotificationUpdateIncidentAttack'
- $ref: '#/components/schemas/NCIRCCNotificationUpdateIncidentAttack'
- $ref: '#/components/schemas/NCIRCCNotificationUpdateVulnerability'
examples:
Редактирование уведомления об Инциденте:
value: {
"activity_status": "Меры приняты",
"affected_system_connection": "false",
"event_description": "string",
"integrity_impact": "Отсутствует",
"availability_impact": "Отсутствует",
"confidentiality_impact": "Отсутствует",
"custom_impact": "string"
}
Редактирование уведомления об Атаки:
value: {
"activity_status": "Меры приняты",
"affected_system_connection": "false",
"event_description": "string",
"integrity_impact": "Отсутствует",
"availability_impact": "Отсутствует",
"confidentiality_impact": "Отсутствует",
"custom_impact": "string"
}
Редактирование уведомления об Уязвимости:
value: {
"activity_status": "Меры приняты",
"affected_system_connection": "false",
"event_description": "string",
"vulnerability_id": "string",
"product_category": "string"
}
responses:
200:
description: ""
content:
application/json:
schema:
$ref: '#/components/schemas/NCIRCCNotifictionRetrive'
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
ncircc_err:
$ref: '#/components/examples/ncircc_err'
403:
$ref: '#/components/responses/403'
404:
$ref: '#/components/responses/404'
/api/ncircc/notifications/{id}/comments/:
get:
description: "Получение списка сообщений по ID уведомления"
tags:
- ncircc
parameters:
- $ref: "#/components/parameters/idParam"
responses:
200:
description: ""
content:
application/json:
schema:
$ref: '#/components/schemas/NCIRCCCommentRetrieveList'
404:
$ref: '#/components/responses/404'
403:
$ref: '#/components/responses/403'
post:
description: "Отправка сообщения на портал ГосСОПКА"
tags:
- ncircc
parameters:
- $ref: '#/components/parameters/idParam'
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/NCIRCCCommentCreate'
responses:
200:
description: ""
content:
application/json:
schema:
$ref: '#/components/schemas/NCIRCCCommentRetrieve'
400:
description: "todo"
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: '#/components/responses/403'
404:
$ref: '#/components/responses/404'
/api/correlation/rules/:
get:
description: "Получение списка правил корреляции"
tags:
- correlation
parameters:
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page_size"
responses:
403:
$ref: '#/components/responses/403'
200:
description: ""
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/Pagination"
- properties:
results:
items:
$ref: '#/components/schemas/Rule'
post:
description: "Добавление нового правила корреляции"
tags:
- correlation
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/Rule'
responses:
200:
description: ""
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/Pagination"
- properties:
results:
items:
$ref: "#/components/schemas/Rule"
403:
$ref: "#/components/responses/403"
405:
$ref: "#/components/responses/405"
400:
description: ""
content:
application/json:
examples:
invalid_page:
$ref: "#/components/examples/invalid_page"
invalid_query_parameter:
$ref: "#/components/examples/invalid_query_parameter"
/api/correlation/rules/{id}/:
get:
description: "Получение информации о правиле корреляции по его ID"
parameters:
- $ref: "#/components/parameters/idParam"
tags:
- correlation
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/Rule"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
put:
description: "Редактироваие правила корреляции по его ID"
parameters:
- $ref: "#/components/parameters/idParam"
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/Rule'
tags:
- correlation
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/Rule"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
delete:
description: "Удалить правило корреляции"
parameters:
- $ref: "#/components/parameters/idParam"
tags:
- correlation
responses:
200:
$ref: "#/components/responses/200_no_content"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
/api/correlation/groups/:
get:
description: "Получение списка групп правил корреляции"
tags:
- correlation
parameters:
- $ref: "#/components/parameters/page"
- $ref: "#/components/parameters/page_size"
responses:
403:
$ref: '#/components/responses/403'
200:
description: ""
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/Pagination"
- properties:
results:
items:
$ref: '#/components/schemas/RuleGroup'
post:
description: "Добавление новой группы правил корреляции"
tags:
- correlation
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/RuleGroup'
responses:
200:
description: ""
content:
application/json:
schema:
allOf:
- $ref: "#/components/schemas/Pagination"
- properties:
results:
items:
$ref: "#/components/schemas/RuleGroup"
403:
$ref: "#/components/responses/403"
405:
$ref: "#/components/responses/405"
400:
description: ""
content:
application/json:
examples:
invalid_page:
$ref: "#/components/examples/invalid_page"
invalid_query_parameter:
$ref: "#/components/examples/invalid_query_parameter"
/api/correlation/groups/{id}/:
get:
description: "Получение информации о группе правил корреляции по его ID"
parameters:
- $ref: "#/components/parameters/idParam"
tags:
- correlation
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/RuleGroup"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
put:
description: "Редактироваие группы правил корреляции по его ID"
parameters:
- $ref: "#/components/parameters/idParam"
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/RuleGroup'
tags:
- correlation
responses:
200:
description: ""
content:
application/json:
schema:
$ref: "#/components/schemas/RuleGroup"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
delete:
description: "Удалить группу правила корреляции"
parameters:
- $ref: "#/components/parameters/idParam"
tags:
- correlation
responses:
200:
$ref: "#/components/responses/200_no_content"
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
/api/correlation/rules/import_rules/:
post:
description: "Импорт правил корреляции"
requestBody:
content:
multipart/form-data:
schema:
type: object
format: binary
tags:
- correlation
responses:
200:
description: "Возвращает файл отчёта о результатах импорта правил"
403:
$ref: "#/components/responses/403"
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
/api/correlation/rules/json_export/:
get:
tags:
- correlation
description: 'Экспортирует таблицу правил корреляции в новый файл хранилища и возвращает этот файл'
responses:
200:
description: Возвращает файл
403:
$ref: '#/components/responses/403'
/api/settings/auth/:
get:
tags:
- settings
responses:
200:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/AuthSettings'
patch:
tags:
- settings
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/AuthSettings'
responses:
200:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/AuthSettings'
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: '#/components/responses/403'
/api/settings/tls/:
get:
description: Текущие настройки TLS
tags:
- settings
responses:
200:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/TLSSettings'
post:
description: Создать новый сертификат
tags:
- settings
responses:
200:
description: 'ok'
403:
$ref: '#/components/responses/403'
patch:
description: Обновить настройки
tags:
- settings
requestBody:
content:
multipart/form-data:
schema:
$ref: '#/components/schemas/TLSSettings'
responses:
200:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/TLSSettings'
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: '#/components/responses/403'
/api/endpoint/:
get:
description: 'Получение всех endpoint'
tags:
- endpoint
responses:
403:
$ref: '#/components/responses/403'
200:
description: ''
content:
application/json:
schema:
allOf:
- $ref: '#/components/schemas/Pagination'
- properties:
results:
items:
$ref: '#/components/schemas/EndpointDevice'
post:
description: 'Создание endpoint'
tags:
- endpoint
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/EndpointDevice'
responses:
201:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/EndpointDevice'
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
403:
$ref: '#/components/responses/403'
/api/endpoint/{id}/:
parameters:
- $ref: '#/components/parameters/idParam'
get:
description: 'Получение информации об endpoint'
tags:
- endpoint
responses:
403:
$ref: '#/components/responses/403'
404:
$ref: '#/components/responses/404'
200:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/EndpointDevice'
patch:
description: 'Изменение endpoint'
tags:
- endpoint
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/EndpointDevice'
responses:
403:
$ref: '#/components/responses/403'
404:
$ref: '#/components/responses/404'
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
200:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/CreateEndpoint'
/api/endpoint/{id}/keepalive/:
parameters:
- $ref: '#/components/parameters/idParam'
get:
description: 'Creating copy of the endpoint with input if it exist'
tags:
- endpoint
responses:
200:
description: ''
content:
application/json:
examples:
endpoint_not_found:
$ref: '#/components/examples/endpoint_not_found'
endpoint_keepalive_success:
$ref: '#/components/examples/endpoint_keepalive_success'
endpoint_keepalive_invalid_data:
$ref: '#/components/examples/endpoint_keepalive_invalid_data'
endpoint_keepalive_success_setting_change:
$ref: '#/components/examples/endpoint_keepalive_success_setting_change'
endpoint_keepalive_success_upload:
$ref: '#/components/examples/endpoint_keepalive_success_upload'
/api/endpoint/{id}/download/:
parameters:
- $ref: '#/components/parameters/idParam'
get:
description: 'Download endpoint settings'
tags:
- endpoint
responses:
403:
$ref: '#/components/responses/403'
404:
$ref: '#/components/responses/404'
200:
description: 'Возвращает файл конфига или json'
content:
application/json:
examples:
endpoint_config_to_str:
$ref: '#/components/examples/endpoint_config_to_str'
application/file:
schema:
type: string
format: binary
/api/endpoint/{id}/status/:
parameters:
- $ref: '#/components/parameters/idParam'
get:
description: 'respond with current Endpoint states'
tags:
- endpoint
responses:
403:
$ref: '#/components/responses/403'
404:
$ref: '#/components/responses/404'
200:
description: ''
content:
application/json:
examples:
endpoint_not_found:
$ref: '#/components/examples/endpoint_not_found'
endpoint_status:
$ref: '#/components/examples/endpoint_status'
/api/endpoint/{id}/upload/:
parameters:
- $ref: '#/components/parameters/idParam'
post:
description: 'update Endpoint model from received Endpoint config'
tags:
- endpoint
responses:
403:
$ref: '#/components/responses/403'
404:
$ref: '#/components/responses/404'
200:
description: ''
content:
application/json:
examples:
endpoint_upload_success:
$ref: '#/components/examples/endpoint_upload_success'
endpoint_upload_invalid_data:
$ref: '#/components/examples/endpoint_upload_invalid_data'
endpoint_upload_no_ip:
$ref: '#/components/examples/endpoint_upload_no_ip'
endpoint_upload_validation_error:
$ref: '#/components/examples/endpoint_upload_validation_error'
endpoint_not_found:
$ref: '#/components/examples/endpoint_not_found'
/api/endpoint/{id}/config_request/:
parameters:
- $ref: '#/components/parameters/idParam'
get:
tags:
- endpoint
responses:
403:
$ref: '#/components/responses/403'
404:
$ref: '#/components/responses/404'
400:
$ref: '#/components/responses/400_invalid_body'
200:
$ref: '#/components/responses/200_status_ok'
/api/endpoint/{id}/antivirus_update/:
parameters:
- $ref: '#/components/parameters/idParam'
get:
tags:
- endpoint
responses:
403:
$ref: '#/components/responses/403'
400:
$ref: '#/components/responses/400_no_update_required'
200:
$ref: '#/components/responses/200_content'
/api/inputs/:
get:
tags:
- inputs
description: Все источники событий
responses:
200:
description: ''
content:
application/json:
schema:
allOf:
- $ref: '#/components/schemas/Pagination'
- properties:
results:
items:
$ref: "#/components/schemas/InputSource"
400:
description: ""
content:
application/json:
examples:
invalid_page:
$ref: "#/components/examples/invalid_page"
invalid_query_parameter:
$ref: "#/components/examples/invalid_query_parameter"
403:
$ref: "#/components/responses/403"
post:
tags:
- inputs
description: Создание источника событий
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/InputSource'
responses:
200:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/InputSource'
403:
$ref: "#/components/responses/403"
404:
$ref: "#/components/responses/404"
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
/api/inputs/{id}/:
parameters:
- $ref: '#/components/parameters/idParam'
get:
tags:
- inputs
description: Получение одного источника
responses:
200:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/InputSource'
404:
$ref: '#/components/responses/404'
403:
$ref: '#/components/responses/403'
patch:
tags:
- inputs
description: Изменение источника
requestBody:
content:
application/json:
schema:
allOf:
- $ref: '#/components/schemas/InputSource'
- properties:
type:
readOnly: true
responses:
200:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/InputSource'
404:
$ref: '#/components/responses/404'
403:
$ref: '#/components/responses/403'
400:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
delete:
tags:
- inputs
responses:
404:
$ref: '#/components/responses/404'
403:
$ref: '#/components/responses/403'
200:
$ref: '#/components/responses/200_no_content'
/api/devices/:
get:
parameters:
- $ref: '#/components/parameters/search'
description: Получение списка устройств. Всё вперемешку - AIF, AIE и другие.
tags:
- devices
responses:
200:
description: ''
content:
application/json:
schema:
allOf:
- $ref: '#/components/schemas/Pagination'
- properties:
results:
items:
$ref: "#/components/schemas/Device"
403:
$ref: '#/components/responses/403'
/api/devices/csv_export:
get:
tags:
- devices
description: 'Экспортирует всю таблицу устройств в новый файл хранилища и возвращает этот файл'
responses:
200:
description: Возвращает файл
/api/devices/{id}/:
parameters:
- $ref: '#/components/parameters/idParam'
get:
tags:
- devices
description: Получение базовой информации об устройстве
responses:
200:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/Device'
403:
$ref: '#/components/responses/403'
patch:
tags:
- devices
description: Редактирование устройства
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/Device'
responses:
200:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/Device'
403:
$ref: '#/components/responses/403'
404:
$ref: '#/components/responses/404'
400:
$ref: '#/components/responses/400_invalid_body'
delete:
tags:
- devices
responses:
200:
$ref: '#/components/responses/200_no_content'
403:
$ref: '#/components/responses/403'
404:
$ref: '#/components/responses/404'
/api/devices/groups/:
get:
description: 'Список групп устройств'
tags:
- devices
responses:
200:
description: ''
content:
application/json:
schema:
allOf:
- $ref: '#/components/schemas/Pagination'
- properties:
results:
items:
$ref: "#/components/schemas/DeviceGroup"
403:
$ref: '#/components/responses/403'
post:
description: 'Создание группы устройств'
tags:
- devices
requestBody:
description: 'В поле `devices` на вход ожидается список с идентификаторами устройств'
content:
application/json:
schema:
$ref: '#/components/schemas/CreateDeviceGroup'
responses:
200:
description: ''
content:
application/json:
schema:
$ref: "#/components/schemas/DeviceGroup"
403:
$ref: '#/components/responses/403'
400:
$ref: '#/components/responses/400_invalid_body'
/api/devices/groups/{id}/:
parameters:
- $ref: '#/components/parameters/idParam'
get:
description: 'Группа устройств'
tags:
- devices
responses:
200:
description: ''
content:
application/json:
schema:
$ref: "#/components/schemas/DeviceGroup"
403:
$ref: '#/components/responses/403'
404:
$ref: '#/components/responses/404'
patch:
description: 'Редактирование группы устройств'
tags:
- devices
requestBody:
description: 'В поле `devices` на вход ожидается список с идентификаторами устройств'
content:
application/json:
schema:
$ref: '#/components/schemas/CreateDeviceGroup'
responses:
200:
description: ''
content:
application/json:
schema:
$ref: "#/components/schemas/DeviceGroup"
403:
$ref: '#/components/responses/403'
400:
$ref: '#/components/responses/400_invalid_body'
404:
$ref: '#/components/responses/404'
delete:
tags:
- devices
responses:
200:
$ref: '#/components/responses/200_no_content'
403:
$ref: '#/components/responses/403'
404:
$ref: '#/components/responses/404'
/api/devices/firewall/:
get:
tags:
- firewall
responses:
200:
description: ''
content:
application/json:
schema:
allOf:
- $ref: '#/components/schemas/Pagination'
- properties:
results:
items:
$ref: "#/components/schemas/ArmaIndustrialFirewall"
403:
$ref: '#/components/responses/403'
post:
tags:
- firewall
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ArmaIndustrialFirewall'
responses:
201:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/ArmaIndustrialFirewall'
400:
description: ''
content:
application/json:
examples:
invalid_body:
$ref: '#/components/examples/invalid_body'
invalid_credentials:
$ref: '#/components/examples/firewall_invalid_credentials'
connection_error:
$ref: '#/components/examples/firewall_connection_error'
incompatibility_version:
$ref: '#/components/examples/firewall_incompatibility_version'
firewall_unknown_error:
$ref: '#/components/examples/firewall_unknown_error'
403:
$ref: '#/components/responses/403'
/api/devices/firewall/{id}/:
parameters:
- $ref: '#/components/parameters/idParam'
get:
tags:
- firewall
responses:
200:
description: ''
content:
application/json:
schema:
$ref: "#/components/schemas/ArmaIndustrialFirewall"
403:
$ref: '#/components/responses/403'
patch:
tags:
- firewall
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ArmaIndustrialFirewall'
responses:
200:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/ArmaIndustrialFirewall'
400:
description: ''
content:
application/json:
examples:
invalid_body:
$ref: '#/components/examples/invalid_body'
invalid_credentials:
$ref: '#/components/examples/firewall_invalid_credentials'
connection_error:
$ref: '#/components/examples/firewall_connection_error'
incompatibility_version:
$ref: '#/components/examples/firewall_incompatibility_version'
firewall_unknown_error:
$ref: '#/components/examples/firewall_unknown_error'
403:
$ref: '#/components/responses/403'
delete:
tags:
- firewall
responses:
200:
$ref: '#/components/responses/200_no_content'
403:
$ref: '#/components/responses/403'
404:
$ref: '#/components/responses/404'
/api/devices/firewall/{id}/status/:
parameters:
- $ref: '#/components/parameters/idParam'
get:
tags:
- firewall
responses:
200:
description: ''
content:
application/json:
examples:
online:
summary: Online
value: {
"firewall_status": "online",
"status": "ok",
"tooltip": "Online"
}
offline:
summary: Offline
value: {
"sensor_status": "offline",
"status": "ok",
}
unauthorized:
summary: Unauthorized
value: {
"firewall_status": "unauthorized",
"status": "ok",
}
error:
summary: Error
value: {
"firewall_status": "error",
"status": "err",
}
404:
$ref: '#/components/responses/404'
403:
$ref: '#/components/responses/403'
/api/devices/firewall/{id}/reboot/:
parameters:
- $ref: '#/components/parameters/idParam'
post:
tags:
- firewall
responses:
200:
description: ''
content:
application/json:
examples:
online:
summary: Success
value: {"status": "ok"}
400:
description: ''
content:
application/json:
examples:
firewall_remote_error:
$ref: '#/components/examples/firewall_remote_error'
firewall_invalid_credentials:
$ref: '#/components/examples/firewall_invalid_credentials'
firewall_connection_error:
$ref: '#/components/examples/firewall_connection_error'
firewall_invalid_response:
$ref: '#/components/examples/firewall_invalid_response'
firewall_unknown_error:
$ref: '#/components/examples/firewall_unknown_error'
404:
$ref: '#/components/responses/404'
403:
$ref: '#/components/responses/403'
/api/devices/firewall/{id}/rule_fields/:
parameters:
- $ref: '#/components/parameters/idParam'
get:
tags:
- firewall
responses:
200:
description: ''
content:
application/json:
examples:
Success:
$ref: '#/components/examples/firewall_rule_fields'
400:
description: ''
content:
application/json:
examples:
firewall_remote_error:
$ref: '#/components/examples/firewall_remote_error'
firewall_invalid_credentials:
$ref: '#/components/examples/firewall_invalid_credentials'
firewall_connection_error:
$ref: '#/components/examples/firewall_connection_error'
firewall_invalid_response:
$ref: '#/components/examples/firewall_invalid_response'
firewall_unknown_error:
$ref: '#/components/examples/firewall_unknown_error'
404:
$ref: '#/components/responses/404'
403:
$ref: '#/components/responses/403'
/api/devices/firewall/{id}/download_config/:
parameters:
- $ref: '#/components/parameters/idParam'
get:
tags:
- firewall
responses:
200:
description: Возвращает файл
400:
description: ''
content:
application/json:
examples:
firewall_no_file:
$ref: '#/components/examples/firewall_no_file'
firewall_invalid_credentials:
$ref: '#/components/examples/firewall_invalid_credentials'
firewall_connection_error:
$ref: '#/components/examples/firewall_connection_error'
firewall_unknown_error:
$ref: '#/components/examples/firewall_unknown_error'
404:
$ref: '#/components/responses/404'
403:
$ref: '#/components/responses/403'
/api/devices/firewall/{id}/download_rulesets/:
parameters:
- $ref: '#/components/parameters/idParam'
get:
tags:
- firewall
responses:
200:
description: Возвращает файл
400:
description: ''
content:
application/json:
examples:
firewall_no_file:
$ref: '#/components/examples/firewall_no_file'
firewall_invalid_credentials:
$ref: '#/components/examples/firewall_invalid_credentials'
firewall_connection_error:
$ref: '#/components/examples/firewall_connection_error'
firewall_unknown_error:
$ref: '#/components/examples/firewall_unknown_error'
404:
$ref: '#/components/responses/404'
403:
$ref: '#/components/responses/403'
/api/devices/firewall/{id}/upload_config/:
parameters:
- $ref: '#/components/parameters/idParam'
post:
description: 'Отправка файла конфигурации на firewall'
tags:
- firewall
requestBody:
content:
multipart/form-data:
schema:
type: object
properties:
conffile:
type: string
format: binary
responses:
200:
description: ''
content:
application/json:
example:
status: ok
400:
description: ''
content:
application/json:
examples:
firewall_invalid_credentials:
$ref: '#/components/examples/firewall_invalid_credentials'
firewall_connection_error:
$ref: '#/components/examples/firewall_connection_error'
firewall_invalid_response:
$ref: '#/components/examples/firewall_invalid_response'
firewall_invalid_file:
$ref: '#/components/examples/firewall_invalid_file'
firewall_upload_failed:
$ref: '#/components/examples/firewall_upload_failed'
invalid_body:
$ref: '#/components/examples/invalid_body'
firewall_unknown_error:
$ref: '#/components/examples/firewall_unknown_error'
404:
$ref: '#/components/responses/404'
403:
$ref: '#/components/responses/403'
/api/devices/firewall/{id}/upload_rulesets/:
parameters:
- $ref: '#/components/parameters/idParam'
post:
description: 'Отправка архива со списком новых правил на firewall. При успешном ответе указывается количество успешно загруженных и количество не загруженных'
tags:
- firewall
requestBody:
content:
multipart/form-data:
schema:
type: object
properties:
rulesets:
type: string
format: binary
responses:
200:
description: ''
content:
application/json:
example:
status: ok
success: 1234
failed: 3456
400:
description: ''
content:
application/json:
examples:
firewall_invalid_credentials:
$ref: '#/components/examples/firewall_invalid_credentials'
firewall_connection_error:
$ref: '#/components/examples/firewall_connection_error'
firewall_invalid_response:
$ref: '#/components/examples/firewall_invalid_response'
firewall_invalid_file:
$ref: '#/components/examples/firewall_invalid_file'
firewall_upload_failed:
$ref: '#/components/examples/firewall_upload_failed'
invalid_body:
$ref: '#/components/examples/invalid_body'
firewall_unknown_error:
$ref: '#/components/examples/firewall_unknown_error'
404:
$ref: '#/components/responses/404'
403:
$ref: '#/components/responses/403'
/api/devices/sensor/:
get:
tags:
- sensor
responses:
200:
description: ''
content:
application/json:
schema:
allOf:
- $ref: '#/components/schemas/Pagination'
- properties:
results:
items:
$ref: "#/components/schemas/SensorDevice"
403:
$ref: '#/components/responses/403'
post:
tags:
- sensor
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/CreateSensorDevice'
responses:
201:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/SensorDevice'
400:
description: ''
content:
application/json:
examples:
invalid_body:
$ref: '#/components/examples/invalid_body'
403:
$ref: '#/components/responses/403'
/api/devices/sensor/{id}/:
parameters:
- $ref: '#/components/parameters/idParam'
get:
tags:
- sensor
responses:
200:
description: ''
content:
application/json:
schema:
$ref: "#/components/schemas/SensorDevice"
403:
$ref: '#/components/responses/403'
patch:
tags:
- sensor
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SensorDevice'
responses:
200:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/SensorDevice'
400:
description: ''
content:
application/json:
examples:
invalid_body:
$ref: '#/components/examples/invalid_body'
403:
$ref: '#/components/responses/403'
delete:
tags:
- sensor
responses:
200:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/SensorDevice'
400:
description: ''
content:
application/json:
examples:
invalid_body:
$ref: '#/components/examples/invalid_body'
403:
$ref: '#/components/responses/403'
/api/devices/sensor/{id}/system/interfaces/:
parameters:
- $ref: '#/components/parameters/idParam'
get:
tags:
- sensor
responses:
200:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/SensorInterfacesList'
403:
$ref: '#/components/responses/403'
/api/services/status/:
post:
tags:
- services
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ManageService'
responses:
200:
description: ''
content:
application/json:
example:
status: 'active'
400:
description: ''
content:
application/json:
example:
status: 'error'
detail: 'description'
403:
$ref: '#/components/responses/403'
404:
$ref: '#/components/responses/400_invalid_body'
/api/services/reboot/:
post:
tags:
- services
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/ManageService'
responses:
200:
description: ''
content:
application/json:
example:
status: 'ok'
400:
description: ''
content:
application/json:
example:
status: 'error'
detail: 'description'
403:
$ref: '#/components/responses/403'
404:
$ref: '#/components/responses/400_invalid_body'
/api/product/version/:
get:
tags:
- product
description: Получение информации о продукте (наименование и версию)
responses:
200:
description: ''
content:
application/json:
schema:
$ref: '#/components/schemas/ProductVersion'
403:
$ref: '#/components/responses/403'
components:
securitySchemes:
token_auth:
type: apiKey
in: header
name: Authorization
description: Для использования API необходимо в header запроса положить токен авторизации пользователя в виде "Token ХХХХХХХ"
responses:
200_no_content:
description: No content
200_status_ok:
description: Status ok
content:
application/json:
schema:
properties:
status:
type: string
default: ok
200_content:
description: Возвращает ZIP файл
400:
description: "Ошибка запроса"
content:
application/json:
schema:
properties:
detail:
type: string
example:
detail: "Информация об ошибке"
403:
description: Forbidden
content:
application/json:
schema:
properties:
detail:
type: string
example:
detail: "Учетные данные не были предоставлены."
404:
description: Not found
content:
application/json:
schema:
properties:
detail:
type: string
example:
detail: "Не найдено."
405:
description: Method not allowed
content:
application/json:
schema:
properties:
detail:
type: string
example:
detail: "Метод 'PATCH' не разрешен."
400_elk:
description: "Кастомные ошибки от ELK"
content:
application/json:
schema:
properties:
status:
type: string
default: 'err'
error_message:
oneOf:
- type: string
- type: array
400_ncircc:
description: "Кастомные ошибки от ГосСОПКА"
content:
application/json:
schema:
properties:
error:
type: string
400_invalid_body:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/invalid_body"
400_file_required:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/file_required"
400_no_update_required:
description: ""
content:
application/json:
examples:
invalid_body:
$ref: "#/components/examples/no_update_required"
examples:
invalid_cred:
summary: Ошибка авторизации
value:
detail: "Invalid credentials"
block_user_first:
summary: Исчерпаны попытки авторизации
value:
detail: "Authentication for this user is blocked for 0:00:10"
block_user_other:
summary: Вход при блокировке
value:
detail: "Authentication for this user is blocked. Please contact administrator"
invalid_page:
summary: Ошибка при указании номера страницы
value:
detail: "Неправильная страница"
invalid_query_parameter:
description: Ключ в ответе обозначает параметр, в котором допущена ошибка. Значение это список строк описывающих ошибки
summary: Ошибка при указании query параметра
value:
incidents:
- "Введите правильный UUID."
incorrect_password:
description: Пароль должен состоять как минимум из 8 символов. Пароль должен содержать хотя бы 1 цифру. Пароль должен содержать хотя бы 1 заглавную букву. Паротль должен содержать хотя бы одну букву в нижнем регистре.
summary: Пароль недостаточно сложный
value:
password:
- "Пароль должен состоять как минимум из 8 символов. Пароль должен содержать хотя бы 1 цифру. Пароль должен содержать хотя бы 1 заглавную букву. Паротль должен содержать хотя бы одну букву в нижнем регистре"
invalid_body:
description: Каждый ключ в ответе обозначает поле, в котором допущена ошибка. Значение ключа это список строк описывающих ошибки
summary: Ошибка при валидации данных
value:
field:
- "Недопустимый первичный ключ - объект не существует."
file_required:
description: Требуется файл обновления антивируса
summary: Ошибка обновления
value:
status: "error"
detail: "upload file required"
no_update_required:
description: Обновление антивируса не требуется
summary: Ошибка обновления
value:
status: "error"
detail: "Endpoint antivirus no update required"
ncircc_err:
description: Кастомная ошибка НКЦКИ(ГосСОПКА)
summary: Кастомная ошибка НКЦКИ(ГосСОПКА)
value:
error: "string"
firewall_rule_fields:
summary: Поля правила
value:
rule:
enabled: '1'
sequence: '1'
action:
pass:
value: Pass
selected: 1
block:
value: Block
selected: 0
reject:
value: Reject
selected: 0
quick: '1'
interface:
lan:
value: LAN
selected: 1
direction:
in:
value: In
selected: 1
out:
value: Out
selected: 0
ipprotocol:
inet:
value: IPv4
selected: 1
inet6:
value: IPv6
selected: 0
protocol:
any:
value: any
selected: 1
ICMP:
value: ICMP
selected: 0
IGMP:
value: IGMP
selected: 0
GGP:
value: GGP
selected: 0
IPENCAP:
value: IPENCAP
selected: 0
ST2:
value: ST2
selected: 0
TCP:
value: TCP
selected: 0
CBT:
value: CBT
selected: 0
EGP:
value: EGP
selected: 0
IGP:
value: IGP
selected: 0
BBN-RCC:
value: BBN-RCC
selected: 0
NVP:
value: NVP
selected: 0
PUP:
value: PUP
selected: 0
ARGUS:
value: ARGUS
selected: 0
EMCON:
value: EMCON
selected: 0
XNET:
value: XNET
selected: 0
CHAOS:
value: CHAOS
selected: 0
UDP:
value: UDP
selected: 0
MUX:
value: MUX
selected: 0
DCN:
value: DCN
selected: 0
HMP:
value: HMP
selected: 0
PRM:
value: PRM
selected: 0
XNS-IDP:
value: XNS-IDP
selected: 0
TRUNK-1:
value: TRUNK-1
selected: 0
TRUNK-2:
value: TRUNK-2
selected: 0
LEAF-1:
value: LEAF-1
selected: 0
LEAF-2:
value: LEAF-2
selected: 0
RDP:
value: RDP
selected: 0
IRTP:
value: IRTP
selected: 0
ISO-TP4:
value: ISO-TP4
selected: 0
NETBLT:
value: NETBLT
selected: 0
MFE-NSP:
value: MFE-NSP
selected: 0
MERIT-INP:
value: MERIT-INP
selected: 0
DCCP:
value: DCCP
selected: 0
3PC:
value: 3PC
selected: 0
IDPR:
value: IDPR
selected: 0
XTP:
value: XTP
selected: 0
DDP:
value: DDP
selected: 0
IDPR-CMTP:
value: IDPR-CMTP
selected: 0
TP++:
value: TP++
selected: 0
IL:
value: IL
selected: 0
IPV6:
value: IPV6
selected: 0
SDRP:
value: SDRP
selected: 0
IDRP:
value: IDRP
selected: 0
RSVP:
value: RSVP
selected: 0
GRE:
value: GRE
selected: 0
DSR:
value: DSR
selected: 0
BNA:
value: BNA
selected: 0
ESP:
value: ESP
selected: 0
AH:
value: AH
selected: 0
I-NLSP:
value: I-NLSP
selected: 0
SWIPE:
value: SWIPE
selected: 0
NARP:
value: NARP
selected: 0
MOBILE:
value: MOBILE
selected: 0
TLSP:
value: TLSP
selected: 0
SKIP:
value: SKIP
selected: 0
IPV6-ICMP:
value: IPV6-ICMP
selected: 0
CFTP:
value: CFTP
selected: 0
SAT-EXPAK:
value: SAT-EXPAK
selected: 0
KRYPTOLAN:
value: KRYPTOLAN
selected: 0
RVD:
value: RVD
selected: 0
IPPC:
value: IPPC
selected: 0
SAT-MON:
value: SAT-MON
selected: 0
VISA:
value: VISA
selected: 0
IPCV:
value: IPCV
selected: 0
CPNX:
value: CPNX
selected: 0
CPHB:
value: CPHB
selected: 0
WSN:
value: WSN
selected: 0
PVP:
value: PVP
selected: 0
BR-SAT-MON:
value: BR-SAT-MON
selected: 0
SUN-ND:
value: SUN-ND
selected: 0
WB-MON:
value: WB-MON
selected: 0
WB-EXPAK:
value: WB-EXPAK
selected: 0
ISO-IP:
value: ISO-IP
selected: 0
VMTP:
value: VMTP
selected: 0
SECURE-VMTP:
value: SECURE-VMTP
selected: 0
VINES:
value: VINES
selected: 0
TTP:
value: TTP
selected: 0
NSFNET-IGP:
value: NSFNET-IGP
selected: 0
DGP:
value: DGP
selected: 0
TCF:
value: TCF
selected: 0
EIGRP:
value: EIGRP
selected: 0
OSPF:
value: OSPF
selected: 0
SPRITE-RPC:
value: SPRITE-RPC
selected: 0
LARP:
value: LARP
selected: 0
MTP:
value: MTP
selected: 0
AX.25:
value: AX.25
selected: 0
IPIP:
value: IPIP
selected: 0
MICP:
value: MICP
selected: 0
SCC-SP:
value: SCC-SP
selected: 0
ETHERIP:
value: ETHERIP
selected: 0
ENCAP:
value: ENCAP
selected: 0
GMTP:
value: GMTP
selected: 0
IFMP:
value: IFMP
selected: 0
PNNI:
value: PNNI
selected: 0
PIM:
value: PIM
selected: 0
ARIS:
value: ARIS
selected: 0
SCPS:
value: SCPS
selected: 0
QNX:
value: QNX
selected: 0
A/N:
value: A/N
selected: 0
IPCOMP:
value: IPCOMP
selected: 0
SNP:
value: SNP
selected: 0
COMPAQ-PEER:
value: COMPAQ-PEER
selected: 0
IPX-IN-IP:
value: IPX-IN-IP
selected: 0
CARP:
value: CARP
selected: 0
PGM:
value: PGM
selected: 0
L2TP:
value: L2TP
selected: 0
DDX:
value: DDX
selected: 0
IATP:
value: IATP
selected: 0
STP:
value: STP
selected: 0
SRP:
value: SRP
selected: 0
UTI:
value: UTI
selected: 0
SMP:
value: SMP
selected: 0
SM:
value: SM
selected: 0
PTP:
value: PTP
selected: 0
ISIS:
value: ISIS
selected: 0
CRTP:
value: CRTP
selected: 0
CRUDP:
value: CRUDP
selected: 0
SPS:
value: SPS
selected: 0
PIPE:
value: PIPE
selected: 0
SCTP:
value: SCTP
selected: 0
FC:
value: FC
selected: 0
RSVP-E2E-IGNORE:
value: RSVP-E2E-IGNORE
selected: 0
UDPLITE:
value: UDPLITE
selected: 0
MPLS-IN-IP:
value: MPLS-IN-IP
selected: 0
MANET:
value: MANET
selected: 0
HIP:
value: HIP
selected: 0
SHIM6:
value: SHIM6
selected: 0
WESP:
value: WESP
selected: 0
ROHC:
value: ROHC
selected: 0
PFSYNC:
value: PFSYNC
selected: 0
DIVERT:
value: DIVERT
selected: 0
source_net: any
source_not: '0'
source_port: ''
destination_net: any
destination_not: '0'
destination_port: ''
gateway:
'':
value: none
selected: true
LAN_DHCP:
value: LAN_DHCP - 172.16.240.1
selected: 0
Null4:
value: Null4 - 127.0.0.1
selected: 0
Null6:
value: Null6 - ::1
selected: 0
log: '0'
description: ''
endpoint_not_found:
summary: Enndpoint не найден
value:
status: error
reason: Source object not found
pk: 234567
endpoint_keepalive_invalid_data:
value:
status: error
error_messages: json decode error
endpoint_keepalive_success_setting_change:
summary: Успешно
value:
status: ok
command: setting change
endpoint_keepalive_success_upload:
summary: Успешно
value:
status: ok
command: upload
endpoint_keepalive_success:
summary: Успешно
value:
status: ok
endpoint_config_to_str:
summary: Конфиг в json
value:
status: ok
config: string
endpoint_status:
summary: Получение статуса Endpoint
value:
endpoint_config_errors: [{}]
is_requested_config_correct: true
endpoint_upload_success:
summary: Успешно
value:
status: ok
endpoint_upload_invalid_data:
summary: Некорретные данные
value:
status: error
error_message: json decode error
endpoint_upload_no_ip:
summary: Нет IP в полученных данных
value:
status: error
error_message: 'no endpoint model with corresponding ID on console'
endpoint_upload_validation_error:
summary: Невалидные данные
value:
status: error
error_message: {}
firewall_remote_error:
summary: Ошибка на стороне firewall
value:
status: 'error'
code: 'remote_error'
detail: 'Unknown error occurred. Auto FW health check initiated. Please try again'
firewall_invalid_credentials:
summary: 'Неверные учётные данные'
value:
status: 'error'
code: 'unauthorized'
detail: 'Invalid credentials provided to connect to firewall'
firewall_connection_error:
summary: 'Не удалось подключиться к firewall'
value:
status: 'error'
code: 'connection_error'
detail: 'There was a problem connecting to the firewall'
firewall_invalid_response:
summary: 'Не удалось прочитать ответ firewall'
value:
status: 'error'
code: 'invalid_response'
detail: 'Unable to read firewall response'
firewall_no_file:
summary: 'Firewall не вернул файл'
value:
status: 'error'
code: 'no_content'
detail: 'No content disposition during downloading file from ARMA IF'
firewall_invalid_file:
summary: 'Загружен некорректный файл'
value:
status: 'error'
code: 'invalid'
detail: 'Invalid file uploaded'
firewall_upload_failed:
summary: 'Не удалось загрузить файл'
value:
status: 'error'
code: 'failed'
detail: 'Failed to upload file to firewall'
firewall_unknown_error:
summary: 'Неизвестная ошибка'
value:
status: 'error'
code: 'unknown'
detail: 'Description error'
firewall_incompatibility_version:
summary: 'Версия firewall несовместима с версией консоли'
value:
status: 'error'
code: 'incompatible'
detail: 'The firewall version is incompatible with the current console version'
parameters:
idParam:
name: id
in: path
description: 'Идентификатор "Primary key" инстанса модели. >= 1'
required: true
schema:
type: integer
minimum: 1
example: 17654
indexParam:
name: index
in: path
description: "Index параметр в ELK"
required: true
schema:
type: string
example: 'aggregated-2022.05.26'
uuidParam:
name: uuid
in: path
description: "Instance uuid Primary Key"
required: true
schema:
type: string
page:
name: page
in: query
description: "Page number"
schema:
type: integer
page_size:
name: page_size
in: query
description: "Maximum page size"
schema:
type: integer
search:
name: search
in: query
description: "Укажите текст для поиска. Поиск производится по частичному совпадению в названии устройства. Регистр не важен"
schema:
type: string
ordering:
name: ordering
in: query
description: "Сортировка по полям"
schema:
type: string
incidents:
name: incidents
in: query
description: "Фильтрация списка по переданному uuid инцидента"
schema:
type: string
assets:
name: assets
in: query
description: Фильтрация списка инцидентов по переданному `id` актива как по одному `1` так и списком `1,2,3`
schema:
type: string
example: 1,2,3
index_pattern:
name: index
in: query
description: "Шаблон индекса. без него будет отданы все индексы "
schema:
type: string
example: 'aggregated-*'
elk_events_search:
name: q
in: query
description: "Поиск по полям"
schema:
type: string
example: "aggregated_id:4184889928_3e9be706e18ebd2d1937005b2d9e3cf6e4dda8c5ef8c4c31bd64d375422d3b5c"
schemas:
License_token:
properties:
token:
type: string
example: "==================BEGIN=================\r\nEqxxapy0De8J26J77lSr18yYIjtagD84tAC8HB2d\r\nSDMAAAAbMjAyMi0xMC0xNFQwNzo1NzoxMy4wMTQ4MTha\r\n==================END==================="
License_activate_success:
properties:
license:
type: string
example: activated
License_info:
required: [license, features, options]
properties:
license:
type: object
required: [uuid, hardware, customer, product, type, features, options, evaluationStart, evaluationEnd]
properties:
uuid:
type: string
example: "4cf905b3-4bf6-4a33-a2ba-0c2115d06e71"
hardware:
type: string
example: "cc98223b-5a80-3f38-b400-bc1c1d9d4833"
customer:
type: string
example: "Тестовая"
product:
type: string
example: "ARMA Console"
type:
type: string
example: "Коррелятор + 10 источников"
features:
type: array
items:
type: string
example: "event_processing"
options:
type: object
properties:
event_sources:
type: integer
example: 10
evaluationStart:
type: string
example: "2022-10-03T00:00:00.000015Z"
evaluationEnd:
type: string
example: "2022-10-31T00:00:00.000015Z"
features:
type: array
items:
type: object
properties:
name:
type: string
example: "Event processing"
description:
type: string
example: "Enable correlator and event processing"
options:
type: array
items:
type: object
properties:
name:
type: string
example: "Event sources"
description:
type: string
example: "Event sources count"
value:
type: integer
example: 10
Pagination:
properties:
count:
type: integer
example: 123
next:
type: string
nullable: true
previous:
type: string
nullable: true
results:
type: array
items:
type: object
AssetType:
type: string
enum:
- user
- arma_industrial_firewall
- plc
- pc
- server
- network_device
nullable: True
AssetStatus:
type: integer
enum:
- 0
- 1
description: "Статус актива: 1 - разрешенный, 0 - недоверенный"
NameDescriptionModel:
properties:
id:
type: integer
readOnly: true
name:
type: string
maxLength: 128
description:
type: string
nullable: true
AssetBase:
properties:
id:
type: integer
readOnly: true
name:
type: string
maxLength: 128
asset_type:
$ref: "#/components/schemas/AssetType"
status:
$ref: "#/components/schemas/AssetStatus"
ip:
type: string
description: Asset's IPv4 or IPv6 address.
updated:
type: string
format: date-time
readOnly: true
AssetGroup:
allOf:
- $ref: "#/components/schemas/NameDescriptionModel"
- properties:
collapsed:
type: boolean
description: Схлопнута ли данная группа на карте сети
default: false
Asset:
allOf:
- $ref: "#/components/schemas/AssetBase"
- properties:
description:
type: string
nullable: true
sensor:
type: string
maxLength: 128
nullable: true
model:
description: Asset model
type: string
nullable: true
mac:
type: string
nullable: true
description: Asset's MAC address
maxLength: 17
ports:
type: array
nullable: true
items:
type: integer
description: List of open ports
AssetList:
allOf:
- $ref: "#/components/schemas/AssetBase"
- properties:
count_incidents:
type: integer
readOnly: true
description: Count of incidents
vulnerabilities:
type: integer
readOnly: true
description: Count of vulnerabilities
AssetDetail:
allOf:
- $ref: "#/components/schemas/Asset"
- properties:
os:
$ref: "#/components/schemas/Os"
group:
$ref: "#/components/schemas/AssetGroup"
manufacturer:
$ref: "#/components/schemas/AssetManufacturer"
incidents:
type: array
items:
$ref: "#/components/schemas/Incident"
AssetPatch:
allOf:
- $ref: "#/components/schemas/Asset"
- properties:
os:
type: integer
nullable: true
minimum: 1
description: Operating system primary key
group:
type: integer
nullable: true
minimum: 1
description: Asset group primary key
manufacturer:
type: integer
nullable: true
minimum: 1
description: Asset manufacturer primary key
AssetManufacturer:
properties:
id:
type: integer
readOnly: true
name:
type: string
maxLength: 128
description:
type: string
nullable: true
description: Description
required:
- id
- name
nullable: true
Os:
properties:
id:
type: integer
readOnly: true
description:
type: string
nullable: true
description: Description
name:
type: string
maxLength: 128
required:
- id
- name
nullable: true
example:
id: 2345
description: MS Windows
name: Windows
Incident:
type: object
properties:
user_friendly_id:
type: integer
maximum: 2147483647
minimum: 0
nullable: true
readOnly: true
timestamp:
type: string
format: date-time
description: Date and time, when incident occurs
incident_id:
type: string
format: uuid
title: ID
description: ID of incident
title:
type: string
description: Title
maxLength: 128
category:
$ref: "#/components/schemas/IncidentCategory"
importance:
type: integer
maximum: 100
minimum: 0
description: Hazard level of incident
status:
$ref: "#/components/schemas/IncidentStatusEnum"
assigned_to:
type: integer
nullable: true
event_count:
type: integer
maximum: 2147483647
minimum: 1
title: Event's number
description: Amount of events in the incident
created:
type: string
format: date-time
readOnly: true
description: Date and time, when incident was created
updated:
type: string
format: date-time
readOnly: true
description: Date and time, when incident was updated
events:
type: array
items:
$ref: "#/components/schemas/Event"
deadline:
type: string
format: date-time
readOnly: true
nullable: true
description: Deadline. Deadline when incident must be resolved
comment:
type: string
readOnly: true
description: Incident comment
nullable: true
notification_id:
type: integer
nullable: true
close_recommendations:
type: array
items:
$ref: '#/components/schemas/IncidentRecommendations'
effects:
type: array
items:
$ref: '#/components/schemas/IncidentEffect'
required:
- assigned_to
- category
- created
- event_count
- events
- importance
- title
- updated
- incident_id
IncidentCategory:
nullable: true
type: object
properties:
name:
type: string
maxLength: 128
description:
type: string
nullable: true
description: Description
id:
type: integer
readOnly: true
required:
- id
- name
IncidentStatusEnum:
enum:
- 0
- 1
- 2
- 3
- 4
description:
0 - Not assigned (Не назначен)
1 - Assigned (Назначен)
2 - Delayed (Отложен)
3 - Resolved (Решен)
4 - False_alarm (Ложное срабатывание)
type: integer
IncidentEdit:
type: object
properties:
status:
$ref: "#/components/schemas/IncidentStatusEnum"
deadline:
type: string
format: date-time
description: Deadline. Метка времени, до которого инцидент должен быть решен
comment:
type: string
description: Комментарии к инциденту
nullable: true
category:
type: integer
assigned_to:
type: integer
minimum: 0
nullable: true
IncidentEffect:
type: object
properties:
name:
type: string
maxLength: 128
description:
type: string
nullable: true
description: Description
id:
type: integer
readOnly: true
required:
- id
- name
IncidentRecommendations:
type: object
properties:
name:
type: string
maxLength: 128
description:
type: string
nullable: true
description: Description
id:
type: integer
readOnly: true
required:
- id
- name
Event:
type: object
properties:
type:
type: string
Index:
type: string
sign_id:
type: string
"@created":
type: string
event_id:
type: string
rule_tags:
type: string
format: nullable
sign_name:
type: string
source_ip:
type: string
"@timestamp":
type: string
event_hash:
type: string
event_last:
type: string
source_mac:
type: string
celery_done:
type: boolean
event_count:
type: integer
format: int32
event_first:
type: string
source_host:
type: string
source_port:
type: integer
format: int32
source_user:
type: string
aggregated_id:
type: string
device_action:
type: string
device_vendor:
type: string
event_src_msg:
type: string
sign_category:
type: string
destination_ip:
type: string
device_product:
type: string
device_version:
type: string
event_protocol:
type: string
event_severity:
type: integer
format: int32
event_timestamp:
type: string
destination_host:
type: string
destination_port:
type: integer
format: int32
destination_user:
type: string
sign_subcategory:
type: string
UserInfo:
properties:
user:
$ref: '#/components/schemas/User'
comment:
type: string
example: asdasd
user_status:
type: string
example: online
readOnly: true
timezone:
type: string
example: "Europe/Moscow"
expire_date:
type: string
format: nullable
example: "2030-10-10"
description: "Format of field should be: YYYY-MM-DD, MM/DD/YYYY, MM/DD/YY, YYYY-MM-DD"
modified:
readOnly: true
type: string
example: "2022-04-13T14:49:41.810932+03:00"
User:
type: object
properties:
id:
readOnly: true
type: integer
format: int32
example: 3
username:
type: string
example: new_user_2
maxLength: 131
password:
description: "В случае если не нужно менять пароль - данное поле не стоит включать в body.
Минимум 8 символов; Не должен содержать быть похож на юзернейм; не допускается распространенные пароли; должен содержать хотя бы одну заглавную и прописную букуву и цифру"
writeOnly: true
type: string
old_password:
description: Ввод старого пароля требуется, если пользователь меняет пароль самому себе
type: string
writeOnly: true
first_name:
type: string
example: asdasd
is_active:
type: boolean
email:
type: string
example: asdf@mail.ru
RuleGroup:
type: object
properties:
id:
readOnly: true
type: integer
format: in32
example: 5
name:
type: string
example: rule group
description:
type: string
example: rule description
RuleTypeEnum:
type: integer
enum: [0, 1]
description: Тип правила корреляции.
0 - System
1 - User
default: 0
rule_json:
type: object
format: json
required: [type, field, operands]
properties:
type:
type: string
example: 'query_string'
field:
type: string
example: 'sign_category'
operands:
type: string
example: 'sign_category:\"ARPWATCH\" AND device_action: \"station\"'
http_action:
type: object
required: [type, url, template, content_type]
properties:
type:
type: string
example: 'http'
url:
type: string
example: 'http://172.16.230.105/login/?next=/ru/logstash/rule/add/'
template:
type: string
example: 'Шаблон сообщения HTTP Запроса'
content_type:
type: string
example: 'text/plain'
syslog_action:
type: object
required: [type, host, port, name, protocol, template]
properties:
type:
type: string
example: 'syslog'
host:
type: string
example: '192.168.0.1'
port:
type: string
example: '514'
name:
type: string
example: 'Имя источника Syslog для записей'
protocol:
type: string
example: 'udp'
template:
type: string
example: 'Сообщение Syslog для записей'
exec_action:
type: object
required: [type, path, args, env, cwd]
properties:
type:
type: string
example: 'exec'
path:
type: string
example: 'C:Путь к исполняемому файл'
args:
type: string
example: ''
nullable: true
env:
type: string
example: ''
nullable: true
cwd:
type: string
example: ''
nullable: true
bash_action:
type: object
required: [type, body]
properties:
type:
type: string
example: 'bash'
body:
type: string
example: '#!/bin/bash\n\n# Тело запроса Действие: Bash скрипт '
incident_action:
type: object
required: [type, title, comment, description, importance, category, close_recommendations, effects]
properties:
type:
type: string
example: 'incident'
title:
type: string
example: 'Название Инцидента'
comment:
type: string
example: 'Комментарий к инциденту'
nullable: true
description:
type: string
example: 'Описание инцидента'
nullable: true
importance:
type: string
example: '55'
nullable: true
category:
nullable: true
type: object
required: [name, description, id]
properties:
name:
type: string
example: 'Имя категории инцидента'
description:
type: string
nullable: true
example: 'Описание категории инцидента'
id:
type: integer
example: '1'
assigned_to:
type: string
example: ''
nullable: true
close_recommendations:
type: array
nullable: true
items:
type: string
example: '["rec1", "rec2"]'
effects:
type: array
nullable: true
items:
type: string
example: '["eff1", "eff2"]'
asset_action:
type: object
required: [type, name, asset_type, group, description, manufacturer, model, os, ip, ports]
properties:
type:
type: string
example: 'asset'
name:
type: string
example: 'Имя нового актива'
asset_type:
type: string
example: 'plc'
nullable: true
group:
type: string
example: '1'
description:
type: string
example: 'Описание нового актива'
nullable: true
manufacturer:
type: string
example: '1'
model:
type: string
example: 'plc'
nullable: true
os:
type: string
example: '1'
ip:
type: string
example: '192.168.0.1'
ports:
type: string
example: '1234, 4321'
firewall_action:
type: object
required: [type, armaif, sensor, enabled, quick, log, interface, direction, sequence, action, ipprotocol, protocol, source_net, source_port, source_not, destination_net, destination_port, destination_not, description, gateway]
properties:
type:
type: string
example: 'firewall'
armaif:
type: string
example: '1'
sensor:
nullable: true
type: object
required: [ip, scheme, key, secret]
properties:
ip:
type: string
example: '172.16.230.108'
scheme:
type: string
example: 'http'
key:
type: string
example: '33fsfvw4vefevf'
secret:
type: string
example: '33fsfvw4vefevf'
enabled:
type: boolean
example: 'true'
quick:
type: boolean
example: 'true'
log:
type: boolean
example: 'true'
interface:
type: array
example: '["lan", "lan2"]'
items:
type: string
direction:
type: string
example: 'in'
sequence:
type: string
example: '1'
action:
type: string
example: 'pass'
ipprotocol:
type: string
example: 'inet'
protocol:
type: string
example: 'any'
source_net:
type: string
example: 'any'
source_port:
type: string
example: '1234'
source_not:
type: boolean
example: 'true'
destination_net:
type: string
example: 'any'
destination_port:
type: string
example: '1234'
destination_not:
type: boolean
example: 'true'
description:
type: string
example: 'Описание'
nullable: true
gateway:
type: string
example: ''
nullable: true
Rule:
type: object
properties:
id:
readOnly: true
type: integer
format: int32
example: 2
name:
type: string
description:
type: string
group:
$ref: '#/components/schemas/RuleGroup'
multi:
type: boolean
description: "Множественная реакиция"
type:
$ref: '#/components/schemas/RuleTypeEnum'
status:
type: boolean
archived:
type: boolean
depth:
type: string
format: iso8601
description: "Глубина анализа для правила в формате HH:MM:SS"
created:
type: string
format: nullable
example: "2030-10-10"
updated:
type: string
example: "2030-10-10"
rule_json:
$ref: '#/components/schemas/rule_json'
action_json:
type: array
format: json
items:
anyOf:
- $ref: '#/components/schemas/http_action'
- $ref: '#/components/schemas/syslog_action'
- $ref: '#/components/schemas/exec_action'
- $ref: '#/components/schemas/bash_action'
- $ref: '#/components/schemas/incident_action'
- $ref: '#/components/schemas/asset_action'
- $ref: '#/components/schemas/firewall_action'
rev:
type: integer
format: int32
example: 1
description: "Показывает конкретную версию правила. Приращается при обновлении"
sid:
type: integer
format: int32
example: 2
description: "SID правила кореляции"
is_active:
type: boolean
required:
- name
- type
- depth
- rule_json
- rev
- sid
- action_json
StorageTypeEnum:
type: integer
enum: [0, 1, 2, 3, 4]
description: Тип файла в хранилище.
0 - Unknown
1 - DB dump
2 - CSV export
3 - JSON export
4 - ClamAV updates
default: 0
StorageFormatEnum:
type: string
enum: ['Unknown','Plain','JSON','CSV','ZIP']
description: Формат файла в хранилище.
default: 'Unknown'
StorageList:
properties:
id:
type: integer
minimum: 1
format:
$ref: '#/components/schemas/StorageFormatEnum'
size:
type: integer
description:
type: string
created:
type: string
format: date-time
Storage:
allOf:
- $ref: '#/components/schemas/StorageList'
- properties:
last_access:
type: string
format: date-time
type:
$ref: '#/components/schemas/StorageTypeEnum'
crc:
type: object
properties:
crc:
type: string
type:
type: string
enum: ['sha256sum', 'sha512sum']
LoginRequest:
required: [username, password]
properties:
username:
type: string
nullable: false
password:
type: string
nullable: false
minLength: 8
description: Минимум 8 символов; Не должен содержать быть похож на юзернейм; не допускается распространенные пароли; должен содержать хотя бы одну заглавную и прописную букуву и цифру;
RotationType:
type: integer
enum: [0, 1, 2]
description: Тип ротации. 0 - по моменту времени, 1 - по количеству событий, 2 - отключена
RotationPeriod:
type: string
enum: [day, week, month]
description: Задаёт тип расписания, когда будет происходить ротация. Учитывается только если `rotation_type = 0`
RotationTime:
type: string
format: time
description: |
Задаёт конкретное время, когда будет происходить ротация. Учитывается только если `rotation_type = 0` и `rotation_period = day` <br><br>
Допустимы следующие формат: hh:mm:ss, hh:mm:ss.uuuuuu, hh:mm, hh:mm[:ss[.uuuuuu]], hh:mm[:ss[.uuuuuu]], hh:mm[:ss[.uuuuuu]].
RotationWeekDay:
type: array
items:
type: string
enum: [sunday, monday, tuesday, wednesday, thursday, friday, saturday]
description: |
Задаёт дни недели, когда будет происходить ротация. Учитывается только если `rotation_type = 0` и `rotation_period = week`.
Время задаётся на сервере. По умолчанию в 01:00 в выбранные дни
RotationMonth:
type: array
items:
type: string
enum: [january,
february,
march,
april,
may,
june,
july,
august,
september,
october,
november,
december]
description: |
Задаёт месяц, когда будет происходить ротация. Учитывается только если `rotation_type = 0` и `rotation_period = month`
Время задаётся на сервере. По умолчанию в 01:00 в первый день месяца
RotationSettings:
properties:
rotation_type:
$ref: '#/components/schemas/RotationType'
size_rotation:
type: integer
nullable: true
default: 5242880
description: Количество событий, при котором происходит ротация. Учитывается только если `rotation_type = 1`
schedule:
description: Объект, в котором задаётся время запуска ротации. Учитывается только если `rotation_type = 0`
properties:
period:
$ref: '#/components/schemas/RotationPeriod'
time:
$ref: '#/components/schemas/RotationTime'
week_day:
$ref: '#/components/schemas/RotationWeekDay'
month:
$ref: '#/components/schemas/RotationMonth'
required:
- rotation_type
SizeRotationSettings:
allOf:
- $ref: '#/components/schemas/RotationSettings'
- required:
- size_rotation
TimeRotationSettings:
allOf:
- $ref: '#/components/schemas/RotationSettings'
- required:
- schedule
EventListbyIndex:
properties:
took:
type: integer
timed_out:
type: boolean
_shards:
properties:
total:
type: integer
successful:
type: integer
skipped:
type: integer
failed:
type: integer
hits:
properties:
total:
properties:
value:
type: integer
minimum: 0
description: "Количество событий"
relation:
type: string
default: eq
max_score:
type: number
format: float
nullable: true
hits:
items:
type: object
description: "Информация о событии. Подробние https://wiki.iwarma.ru/x/A4BVAQ"
EventIndexList:
type: array
items:
type: object
properties:
value:
type: string
label:
type: string
# compamy
AffectedSystemFunctionEnum:
type: string
enum:
- Атомная энергетика
- Банковская сфера и иные сферы финансового рынка
- Горнодобывающая промышленность
- Государственная/муниципальная власть
- Здравоохранение
- Металлургическая промышленность
- Наука
- Оборонная промышленность
- Образование
- Ракетно-космическая промышленность
- Связь
- СМИ
- Топливно-энергетический комплекс
- Транспорт
- Химическая промышленность
- Иная
Company:
properties:
name:
type: string
city:
type: string
api_key:
type: string
is_cii:
type: boolean
description: "Является объектом КИИ?"
location:
properties:
id:
type: integer
minimum: 1
code:
type: string
minimum: 1
description: "ID Кода локации; ISO-3166-2"
affected_system_function:
$ref: '#/components/schemas/AffectedSystemFunctionEnum'
CompanyCreateUpdate:
properties:
name:
type: string
city:
type: string
api_key:
type: string
is_cii:
type: boolean
description: "Является объектом КИИ?"
location:
type: integer
minimum: 1
description: "ID Кода локации; ISO-3166-2"
affected_system_function:
$ref: '#/components/schemas/AffectedSystemFunctionEnum'
LocationCodeList:
type: array
items:
type: object
properties:
id:
type: integer
minimum: 1
code:
type: string
# ГосСОПКА
NotificationCategoryEnum:
type: string
enum:
- Уведомление о компьютерном инциденте
- Уведомление о компьютерной атаке
- Уведомление о наличии уязвимости
EventTypeEnum:
type: string
enum:
- Вовлечение контролируемого ресурса в инфраструктуру ВПО
- Замедление работы ресурса в результате DDoS-атаки
- Заражение ВПО
- Захват сетевого трафика
- Использование контролируемого ресурса для фишинга
- Компрометация учетной записи
- Несанкционированное изменение информации
- Несанкционированное разглашение информации
- Публикация на ресурсе запрещенной законодательством РФ информации
- Рассылка спам-сообщений с контролируемого ресурса
- Успешная эксплуатация уязвимости
- DDoS-атака
- Неудачные попытки авторизации
- Попытки внедрения ВПО
- Попытки эксплуатации уязвимости
- Публикация мошеннической информации
- Сетевое сканирование
- Социальная инженерия
- Уязвимый ресурс
EventTypeVulnerabilityEmum:
type: string
enum:
- Уязвимый ресурс
EventTypeIncidentEnum:
type: string
enum:
- Вовлечение контролируемого ресурса в инфраструктуру ВПО
- Замедление работы ресурса в результате DDoS-атаки
- Заражение ВПО
- Захват сетевого трафика
- Использование контролируемого ресурса для фишинга
- Компрометация учетной записи
- Несанкционированное изменение информации
- Несанкционированное разглашение информации
- Публикация на ресурсе запрещенной законодательством РФ информации
- Рассылка спам-сообщений с контролируемого ресурса
- Успешная эксплуатация уязвимости
EventTypeAttackEnum:
type: string
enum:
- Неудачные попытки авторизации
- Попытки эксплуатации уязвимости
- Попытки внедрения ВПО
- Публикация мошеннической информации
- DDoS-атака
- Социальная инженерия
- Сетевое сканирование
ActivityStatusEnum:
type: string
enum:
- Меры приняты
- Проводятся мероприятия по реагированию
- Возобновлены мероприятия по реагированию
TlpEnum:
type: string
enum:
- TLP:WHITE
- TLP:GREEN
- TLP:AMBER
- TLP:RED
description: "TLP:WHITE - Non-confidential; TLP:GREEN - Limiting the transmissions of communicable; TLP:AMBER - Limited distribution within the organization; TLP:RED - Not for distribution;"
AffectedSystemCategoryEnum:
type: string
enum:
- Информационный ресурс не является объектом КИИ
- Объект КИИ без категории значимости
- Объект КИИ третьей категории значимости
- Объект КИИ второй категории значимости
- Объект КИИ первой категории значимости
NotificationStatusEnum:
type: string
enum:
- Проверка НКЦКИ
- Создано
- Зарегистрировано
- Требуется дополнение
- Принято решение
- Отправлено в архив
ImpactEffect:
type: string
enum:
- Высокое
- Низкое
- Отсутствует
NCIRCCNotifictionRetrive:
type: object
properties:
id:
type: integer
minimum: 1
incident:
type: string
format: uuid
description: "PK(ID) инцидента"
update_time:
type: string
format: date-time
uuid:
type: string
format: uuid
identifier:
type: string
category:
$ref: '#/components/schemas/NotificationCategoryEnum'
type:
$ref: '#/components/schemas/EventTypeEnum'
activity_status:
$ref: '#/components/schemas/ActivityStatusEnum'
tlp:
$ref: '#/components/schemas/TlpEnum'
affected_system_name:
type: string
affected_system_category:
$ref: '#/components/schemas/AffectedSystemCategoryEnum'
event_description:
type: string
affected_system_connection:
type: boolean
default: false
assistance:
type: boolean
default: false
notification_status:
$ref: '#/components/schemas/NotificationStatusEnum'
vulnerability_id:
type: string
product_category:
type: string
integrity_impact:
$ref: '#/components/schemas/ImpactEffect'
availability_impact:
$ref: '#/components/schemas/ImpactEffect'
confidentiality_impact:
$ref: '#/components/schemas/ImpactEffect'
custom_impact:
type: string
created:
type: string
format: date-time
updated:
type: string
format: date-time
sending_time:
type: string
format: date-time
readOnly: true
comments_count:
type: integer
minimum: 0
description: "Количество не прочтеных сообщений"
NCIRCCNotifictionList:
type: array
items:
$ref: '#/components/schemas/NCIRCCNotifictionRetrive'
NCIRCCCommentRetrieve:
properties:
id:
type: integer
text:
type: string
create_time:
type: string
format: date-time
login:
type: string
notification:
type: integer
minimum: 1
description: 'PK(ID) Инцидента'
id_in_ncircc:
type: integer
minimum: 1
description: 'ID сообщения на портале ГосСОПКА'
from_console:
type: boolean
default: false
description: "Отправлено ли сообщение с Консоли?"
NCIRCCCommentRetrieveList:
items:
$ref: '#/components/schemas/NCIRCCCommentRetrieve'
NCIRCCCommentCreate:
properties:
text:
type: string
NCIRCCNotificationCreateBasic:
properties:
incident:
type: string
format: uuid
description: "PK(ID) инцидента"
category:
$ref: '#/components/schemas/NotificationCategoryEnum'
activity_status:
$ref: '#/components/schemas/ActivityStatusEnum'
tlp:
$ref: '#/components/schemas/TlpEnum'
affected_system_name:
type: string
affected_system_category:
$ref: '#/components/schemas/AffectedSystemCategoryEnum'
event_description:
type: string
affected_system_connection:
type: boolean
default: false
assistance:
type: boolean
default: false
NCIRCCNotificationCreateIncident:
allOf:
- $ref: '#/components/schemas/NCIRCCNotificationCreateBasic'
- type: object
properties:
type:
$ref: '#/components/schemas/EventTypeIncidentEnum'
integrity_impact:
$ref: '#/components/schemas/ImpactEffect'
availability_impact:
$ref: '#/components/schemas/ImpactEffect'
confidentiality_impact:
$ref: '#/components/schemas/ImpactEffect'
custom_impact:
type: string
NCIRCCNotificationCreateAttack:
allOf:
- $ref: '#/components/schemas/NCIRCCNotificationCreateBasic'
- type: object
properties:
type:
$ref: '#/components/schemas/EventTypeAttackEnum'
integrity_impact:
$ref: '#/components/schemas/ImpactEffect'
availability_impact:
$ref: '#/components/schemas/ImpactEffect'
confidentiality_impact:
$ref: '#/components/schemas/ImpactEffect'
custom_impact:
type: string
NCIRCCNotificationCreateVulnerability:
allOf:
- $ref: '#/components/schemas/NCIRCCNotificationCreateBasic'
- type: object
properties:
type:
$ref: '#/components/schemas/EventTypeVulnerabilityEmum'
vulnerability_id:
type: string
product_category:
type: string
NCIRCCNotificationUpdateBasic:
properties:
activity_status:
$ref: '#/components/schemas/ActivityStatusEnum'
event_description:
type: string
affected_system_connection:
type: boolean
default: false
category:
$ref: '#/components/schemas/NotificationCategoryEnum'
type:
$ref: '#/components/schemas/EventTypeEnum'
required:
- category
- type
NCIRCCNotificationUpdateIncidentAttack:
allOf:
- $ref: '#/components/schemas/NCIRCCNotificationUpdateBasic'
- type: object
properties:
integrity_impact:
$ref: '#/components/schemas/ImpactEffect'
availability_impact:
$ref: '#/components/schemas/ImpactEffect'
confidentiality_impact:
$ref: '#/components/schemas/ImpactEffect'
custom_impact:
type: string
NCIRCCNotificationUpdateVulnerability:
allOf:
- $ref: '#/components/schemas/NCIRCCNotificationUpdateBasic'
- type: object
properties:
vulnerability_id:
type: string
product_category:
type: string
AuthSettings:
properties:
login_attempts_limit:
type: integer
default: 3
minimum: 0
maximum: 100
login_block_timeout:
description: 'Допускается только следующий формат: hh:mm:ss'
type: string
default: "00:30:00"
TLSSettings:
type: object
properties:
enabled:
type: boolean
certificate:
type: string
format: binary
nullable: true
key:
type: string
format: binary
nullable: true
RotationTypeEndpoint:
type: integer
enum:
- 1
- 2
default: 1
description: Тип ротации. 1 - по времени, 2 - по размеру
RotationTimeEndpoint:
type: integer
enum:
- 1
- 2
- 3
description: Время ротации. 1 - каждый день, 2 - каждую неделю, 3 - каждый месяц
default: 1
CreateEndpoint:
required:
- ip
- name
properties:
id:
readOnly: true
type: integer
create_input:
type: boolean
default: false
log_port:
type: integer
minimum: 1500
maximum: 65535
dc_enabled:
type: boolean
default: False
description: Enable device control
prohibit_cd_access:
type: boolean
default: False
description: Prohibit CD/DVD access. To apply this change you need to restart host machine locally
ic_enabled:
type: boolean
default: true
description: Enable integrity control
scan_folders:
type: array
items:
type: string
description: Folder for integrity control
ic_timeout:
type: integer
minimum: 0
maximum: 86400
default: 3
description: Event creation timeout. How often we can get integrity control events. Value in seconds
wl_enable:
type: boolean
description: Enable white list
default: false
wl_admin:
type: boolean
description: Local admin ignores white list
default: true
white_list:
type: array
items:
type: string
maxLength: 1024
description: Folder for white list
default:
- "%HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\SystemRoot%"
- "%HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\ProgramFilesDir%"
usb_control_enabled:
type: boolean
description: Enable USB control. To apply this change you need to restart host machine locally
default: false
usb_allowed_storage:
type: array
items:
type: object
description: Allowed USB devices. List of all allowed USB devices for this Endpoint
default: []
usb_allowed_classes:
type: array
items:
type: integer
description: Allowed USB devices classes. List of all allowed device classes for USB control
default: []
usb_hid_allow_other_subclasses:
type: boolean
default: false
description: Allowed USB devices hid subclasses
usb_hid_allowed_subclasses:
type: array
items:
type: integer
description: Allowed USB devices hid subclasses. List of all allowed USB devices hid subclasses for USB control
default: []
usb_hid_deny_subclasses:
type: array
items:
type: integer
description: Prohibited USB devices hid subclasses. List of all blocked USB devices hid subclasses for USB control
default: []
usb_connected:
type: object
description: Connected USB devices. List of all connected to Endpoint USB devices.
nullable: true
clamav_start_scan:
type: boolean
description: Initiate antivirus scan
default: false
clamav_update_db:
type: boolean
description: Initiate antivirus db update
default: false
clamav_recent_update:
type: integer
nullable: true
description: Link to data storage instance with clamav update file
clamav_enabled:
type: boolean
default: false
description: Enable antivirus. Detailed Antivirus control should be configured on host machine
clamav_scan_on_add:
type: boolean
description: Scan files for viruses on add
default: false
clamav_live_scan:
type: boolean
description: Scan executable files
default: false
clamav_stop_all_tasks:
type: boolean
description: Signal for interruption of all antivirus processes
default: false
clamav_paths:
type: array
items:
type: string
maxLength: 1024
default: []
description: Path for scanning
clamav_last_update:
type: string
format: date-time
nullable: true
description: Last antivirus database update time
clamav_last_scan_init:
type: string
format: date-time
description: Last antivirus database update time
clamav_remove_infected_files:
type: boolean
default: false
description: Remove infected files
event_rotation_type:
$ref: '#/components/schemas/RotationTypeEndpoint'
event_rotation_size:
type: integer
default: 100
minimum: 100
description: Event rotation size. Select the rotation size in KB
event_rotation_period:
$ref: '#/components/schemas/RotationTimeEndpoint'
event_rotation_time:
type: string
maximum: 1024
default: '00:00:00'
nullable: true
updated:
type: string
format: date-time
ip:
type: integer
description: Device IP address
settings_changed:
type: boolean
default: true
description: Flag to mark if Endpoint logs has been changed. Check if you want to upload settings to Endpoint
incorrect_settings:
type: boolean
default: false
description: Flag to mark if config in current console has errors. Checked if config in console for Endpoint contains errors
config_errors:
nullable: true
type: array
description: Endpoint config errors. Full list of Endpoint config errors
items:
type: string
request_config:
default: true
description: 'Flag to show if user wants to upload config from endpoint. If set to True, uploads config from endpoint, saves it'
update_db:
type: boolean
default: true
description: 'Flag to show if user wants to update clamav database. If set to True, update clamav database'
is_requested_config_correct:
type: boolean
default: true
description: 'Flag to show if config, downloaded from endpoint, has correct format. If set to False, means that last attempt to download and set up config from Endpoint has failed'
endpoint_asset:
type: integer
nullable: true
description: Endpoint Asset
InputSourceType:
type: string
enum:
- armaif
- endpoint
InputSource:
required:
- label
- type
properties:
id:
type: integer
readOnly: true
label:
type: string
type:
$ref: '#/components/schemas/InputSourceType'
can_delete:
type: boolean
readOnly: true
port:
type: integer
minimum: 1500
maximum: 65535
DeviceType:
type: string
enum:
- firewall
- endpoint
- sensor
readOnly: true
AdjustDatetime:
type: integer
enum:
- 1
- 2
description: Изменять ли время у событий, которые порождены устройством. 1 - у событий указывается локальное время, 2 - время возникновения не изменяется.
FirewallStatus:
properties:
status:
type: string
enum: [offline, online, unauthorized, error]
EndpointStatus:
properties:
status:
type: string
enum: [offline, online, config_errors]
Device:
properties:
id:
type: integer
readOnly: true
name:
type: string
description:
type: string
type:
$ref: '#/components/schemas/DeviceType'
ip:
type: string
format: ip
port:
type: integer
minimum: 1500
maximum: 65535
updated:
type: string
format: datetime
status:
oneOf:
- $ref: '#/components/schemas/FirewallStatus'
- $ref: '#/components/schemas/EndpointStatus'
group:
anyOf:
- $ref: '#/components/schemas/GroupInDevice'
- nullable: true
CreateSensorDevice:
properties:
name:
type: string
ip:
type: string
format: ip
port:
type: integer
minimum: 1500
maximum: 65535
SensorDevice:
allOf:
- $ref: "#/components/schemas/Device"
- properties:
uuid:
type: string
readOnly: true
synchronization:
type: boolean
readOnly: true
authorization_key:
type: string
readOnly: true
span_interface:
type: string
control_interface:
type: object
signature_analysis:
type: boolean
protocols_analysis:
type: boolean
ProductVersion:
properties:
product:
type: string
version:
type: string
ArmaIndustrialFirewall:
allOf:
- $ref: '#/components/schemas/Device'
- properties:
key:
type: string
secret:
type: string
comment:
type: string
website:
readOnly: true
type: string
version:
readOnly: true
type: string
remote_name:
readOnly: true
type: string
identification_number:
readOnly: true
type: string
hash_number:
readOnly: true
type: string
flavour:
readOnly: true
type: string
email:
readOnly: true
type: string
copyright_years:
readOnly: true
type: string
copyright_url:
readOnly: true
type: string
copyright_owner:
readOnly: true
type: string
architecture:
readOnly: true
type: string
abi:
readOnly: true
type: string
updated:
readOnly: true
type: string
format: date-time
EndpointDevice:
allOf:
- $ref: '#/components/schemas/Device'
properties:
whitelist_enabled:
type: boolean
whitelist_admin:
type: boolean
white_list_paths:
type: array
integrity_control_enabled:
type: boolean
integrity_control_timeout:
type: integer
minimum: 0
maximum: 86400
scan_paths:
type: array
antivirus_enabled:
type: boolean
antivirus_remove_infected_files:
type: boolean
antivirus_start_scan:
type: boolean
antivirus_paths:
type: array
device_control_enabled:
type: boolean
prohibit_cd_access:
type: boolean
usb_control_enabled:
type: boolean
config_errors:
type: object
readOnly: true
event_rotation_type:
$ref: '#/components/schemas/RotationTypeEndpoint'
event_rotation_size:
type: integer
default: 100
minimum: 100
description: Event rotation size. Select the rotation size in KB
event_rotation_period:
$ref: '#/components/schemas/RotationTimeEndpoint'
event_rotation_time:
type: string
maximum: 1024
default: '00:00:00'
nullable: true
DeviceGroup:
allOf:
- $ref: "#/components/schemas/NameDescriptionModel"
- properties:
devices:
type: array
items:
type: object
properties:
id:
type: integer
name:
type: string
CreateDeviceGroup:
allOf:
- $ref: "#/components/schemas/NameDescriptionModel"
- properties:
devices:
type: array
items:
type: integer
ManageService:
properties:
service:
type: string
enum:
- correlator
- nginx
- elasticsearch
- vector
- gunicorn
- celery
- celerybeat
- postgresql
GroupInDevice:
properties:
id:
type: integer
name:
type: string
SensorInterface:
properties:
interface:
type: string
addresses:
type: array
items:
type: object
properties:
address:
type: string
netmask:
type: string
mac:
type: string
up:
type: boolean
SensorInterfacesList:
properties:
status:
type: string
enum: [ok, error]
data:
type: array
items:
$ref: '#/components/schemas/SensorInterface'
Reference in a new issue View git blame Copy permalink