Class: Falcon::SampleUploads

Inherits:

Object

Object
Falcon::SampleUploads

show all

Defined in:: lib/crimson-falcon/api/sample_uploads.rb

Instance Attribute Summary collapse

#api_client ⇒ Object

Returns the value of attribute api_client.

Instance Method Summary collapse

#archive_delete_v1(id, opts = {}) ⇒ nil

Delete an archive that was uploaded previously.
#archive_delete_v1_with_http_info(id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

Delete an archive that was uploaded previously.
#archive_get_v1(id, opts = {}) ⇒ ClientArchiveCreateResponseV1

Retrieves the archives upload operation statuses.
#archive_get_v1_with_http_info(id, opts = {}) ⇒ Array<(ClientArchiveCreateResponseV1, Integer, Hash)>

Retrieves the archives upload operation statuses.
#archive_list_v1(id, opts = {}) ⇒ ClientArchiveListFilesResponseV1

Retrieves the archives files in chunks.
#archive_list_v1_with_http_info(id, opts = {}) ⇒ Array<(ClientArchiveListFilesResponseV1, Integer, Hash)>

Retrieves the archives files in chunks.
#archive_upload_v1(name, body, opts = {}) ⇒ ClientArchiveCreateResponseV1

Uploads an archive and extracts files list from it.
#archive_upload_v1_with_http_info(name, body, opts = {}) ⇒ Array<(ClientArchiveCreateResponseV1, Integer, Hash)>

Uploads an archive and extracts files list from it.
#archive_upload_v2(file, name, opts = {}) ⇒ ClientArchiveCreateResponseV1

Uploads an archive and extracts files list from it.
#archive_upload_v2_with_http_info(file, name, opts = {}) ⇒ Array<(ClientArchiveCreateResponseV1, Integer, Hash)>

Uploads an archive and extracts files list from it.
#delete_sample_v3(ids, opts = {}) ⇒ MsaQueryResponse

Removes a sample, including file, meta and submissions from the collection.
#delete_sample_v3_with_http_info(ids, opts = {}) ⇒ Array<(MsaQueryResponse, Integer, Hash)>

Removes a sample, including file, meta and submissions from the collection.
#extraction_create_v1(body, opts = {}) ⇒ ClientExtractionCreateResponseV1

Extracts files from an uploaded archive and copies them to internal storage making it available for content analysis.
#extraction_create_v1_with_http_info(body, opts = {}) ⇒ Array<(ClientExtractionCreateResponseV1, Integer, Hash)>

Extracts files from an uploaded archive and copies them to internal storage making it available for content analysis.
#extraction_get_v1(id, opts = {}) ⇒ ClientExtractionCreateResponseV1

Retrieves the files extraction operation statuses.
#extraction_get_v1_with_http_info(id, opts = {}) ⇒ Array<(ClientExtractionCreateResponseV1, Integer, Hash)>

Retrieves the files extraction operation statuses.
#extraction_list_v1(id, opts = {}) ⇒ ClientExtractionListFilesResponseV1

Retrieves the files extractions in chunks.
#extraction_list_v1_with_http_info(id, opts = {}) ⇒ Array<(ClientExtractionListFilesResponseV1, Integer, Hash)>

Retrieves the files extractions in chunks.
#get_sample_v3(ids, opts = {}) ⇒ String

Retrieves the file associated with the given ID (SHA256).
#get_sample_v3_with_http_info(ids, opts = {}) ⇒ Array<(String, Integer, Hash)>

Retrieves the file associated with the given ID (SHA256).
#initialize(api_client = ApiClient.default) ⇒ SampleUploads constructor

A new instance of SampleUploads.
#upload_sample_v3(sample, file_name, opts = {}) ⇒ ClientSampleMetadataResponseV2

Upload a file for further cloud analysis.
#upload_sample_v3_with_http_info(sample, file_name, opts = {}) ⇒ Array<(ClientSampleMetadataResponseV2, Integer, Hash)>

Upload a file for further cloud analysis.

Constructor Details

#initialize(api_client = ApiClient.default) ⇒ `SampleUploads`

Returns a new instance of SampleUploads.



36
37
38

# File 'lib/crimson-falcon/api/sample_uploads.rb', line 36

def initialize(api_client = ApiClient.default)
  @api_client = api_client
end

Instance Attribute Details

#api_client ⇒ `Object`

Returns the value of attribute api_client.



34
35
36

# File 'lib/crimson-falcon/api/sample_uploads.rb', line 34

def api_client
  @api_client
end

Instance Method Details

#archive_delete_v1(id, opts = {}) ⇒ `nil`

Delete an archive that was uploaded previously

Parameters:

id (String) —

The archive SHA256.
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(nil)

# File 'lib/crimson-falcon/api/sample_uploads.rb', line 43

def archive_delete_v1(id, opts = {})
  archive_delete_v1_with_http_info(id, opts)
  nil
end

#archive_delete_v1_with_http_info(id, opts = {}) ⇒ `Array<(nil, Integer, Hash)>`

Delete an archive that was uploaded previously

Parameters:

id (String) —

The archive SHA256.
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(Array<(nil, Integer, Hash)>) —

nil, response status code and response headers

# File 'lib/crimson-falcon/api/sample_uploads.rb', line 52

def archive_delete_v1_with_http_info(id, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SampleUploads.archive_delete_v1 ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling SampleUploads.archive_delete_v1"
  end
  # resource path
  local_var_path = '/archives/entities/archives/v1'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'id'] = id

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type]

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"SampleUploads.archive_delete_v1",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SampleUploads#archive_delete_v1\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#archive_get_v1(id, opts = {}) ⇒ `ClientArchiveCreateResponseV1`

Retrieves the archives upload operation statuses. Status ‘done` means that archive was processed successfully. Status `error` means that archive was not processed successfully.

Parameters:

id (String) —

The archive SHA256.
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:include_files (Boolean) —

If `true` includes processed archive files in response. (default to false)

Returns:

(ClientArchiveCreateResponseV1)

# File 'lib/crimson-falcon/api/sample_uploads.rb', line 106

def archive_get_v1(id, opts = {})
  data, _status_code, _headers = archive_get_v1_with_http_info(id, opts)
  data
end

#archive_get_v1_with_http_info(id, opts = {}) ⇒ `Array<(ClientArchiveCreateResponseV1, Integer, Hash)>`

Retrieves the archives upload operation statuses. Status `done` means that archive was processed successfully. Status `error` means that archive was not processed successfully.

Parameters:

id (String) —

The archive SHA256.
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:include_files (Boolean) —

If `true` includes processed archive files in response. (default to false)

Returns:

(Array<(ClientArchiveCreateResponseV1, Integer, Hash)>) —

ClientArchiveCreateResponseV1 data, response status code and response headers

# File 'lib/crimson-falcon/api/sample_uploads.rb', line 116

def archive_get_v1_with_http_info(id, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SampleUploads.archive_get_v1 ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling SampleUploads.archive_get_v1"
  end
  # resource path
  local_var_path = '/archives/entities/archives/v1'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'id'] = id
  query_params[:'include_files'] = opts[:'include_files'] if !opts[:'include_files'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ClientArchiveCreateResponseV1'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"SampleUploads.archive_get_v1",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SampleUploads#archive_get_v1\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#archive_list_v1(id, opts = {}) ⇒ `ClientArchiveListFilesResponseV1`

Retrieves the archives files in chunks.

Parameters:

id (String) —

The archive SHA256.
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:limit (Integer) —

Max number of files to retrieve. (default to 100)
:offset (String) —

Offset from where to get files.

Returns:

(ClientArchiveListFilesResponseV1)

# File 'lib/crimson-falcon/api/sample_uploads.rb', line 172

def archive_list_v1(id, opts = {})
  data, _status_code, _headers = archive_list_v1_with_http_info(id, opts)
  data
end

#archive_list_v1_with_http_info(id, opts = {}) ⇒ `Array<(ClientArchiveListFilesResponseV1, Integer, Hash)>`

Retrieves the archives files in chunks.

Parameters:

id (String) —

The archive SHA256.
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:limit (Integer) —

Max number of files to retrieve. (default to 100)
:offset (String) —

Offset from where to get files.

Returns:

(Array<(ClientArchiveListFilesResponseV1, Integer, Hash)>) —

ClientArchiveListFilesResponseV1 data, response status code and response headers

# File 'lib/crimson-falcon/api/sample_uploads.rb', line 183

def archive_list_v1_with_http_info(id, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SampleUploads.archive_list_v1 ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling SampleUploads.archive_list_v1"
  end
  # resource path
  local_var_path = '/archives/entities/archive-files/v1'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'id'] = id
  query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil?
  query_params[:'offset'] = opts[:'offset'] if !opts[:'offset'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ClientArchiveListFilesResponseV1'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"SampleUploads.archive_list_v1",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SampleUploads#archive_list_v1\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#archive_upload_v1(name, body, opts = {}) ⇒ `ClientArchiveCreateResponseV1`

Uploads an archive and extracts files list from it. Operation is asynchronous use ‘/archives/entities/archives/v1` to check the status. After uploading, use `/archives/entities/extractions/v1` to copy the file to internal storage making it available for content analysis. This method is deprecated in favor of `/archives/entities/archives/v2`

Parameters:

name (String) —

Name of the archive.
body (Array<Integer>) —

Content of the uploaded archive in binary format. For example, use `–data-binary @$FILE_PATH` when using cURL. Max file size: 100 MB. Accepted file formats: - Portable executables: `.zip`, `.7z`.
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:password (String) —

Archive password.
:is_confidential (Boolean) —

Defines visibility of this file, either via the API or the Falcon console. - `true`: File is only shown to users within your customer account - `false`: File can be seen by other CrowdStrike customers Default: `true`. (default to true)
:comment (String) —

A descriptive comment to identify the file for other users.

Returns:

(ClientArchiveCreateResponseV1)

# File 'lib/crimson-falcon/api/sample_uploads.rb', line 242

def archive_upload_v1(name, body, opts = {})
  data, _status_code, _headers = archive_upload_v1_with_http_info(name, body, opts)
  data
end

#archive_upload_v1_with_http_info(name, body, opts = {}) ⇒ `Array<(ClientArchiveCreateResponseV1, Integer, Hash)>`

Uploads an archive and extracts files list from it. Operation is asynchronous use `/archives/entities/archives/v1` to check the status. After uploading, use `/archives/entities/extractions/v1` to copy the file to internal storage making it available for content analysis. This method is deprecated in favor of `/archives/entities/archives/v2`

Parameters:

name (String) —

Name of the archive.
body (Array<Integer>) —

Content of the uploaded archive in binary format. For example, use `–data-binary @$FILE_PATH` when using cURL. Max file size: 100 MB. Accepted file formats: - Portable executables: `.zip`, `.7z`.
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:password (String) —

Archive password.
:is_confidential (Boolean) —

Defines visibility of this file, either via the API or the Falcon console. - `true`: File is only shown to users within your customer account - `false`: File can be seen by other CrowdStrike customers Default: `true`. (default to true)
:comment (String) —

A descriptive comment to identify the file for other users.

Returns:

(Array<(ClientArchiveCreateResponseV1, Integer, Hash)>) —

ClientArchiveCreateResponseV1 data, response status code and response headers

# File 'lib/crimson-falcon/api/sample_uploads.rb', line 255

def archive_upload_v1_with_http_info(name, body, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SampleUploads.archive_upload_v1 ...'
  end
  # verify the required parameter 'name' is set
  if @api_client.config.client_side_validation && name.nil?
    fail ArgumentError, "Missing the required parameter 'name' when calling SampleUploads.archive_upload_v1"
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SampleUploads.archive_upload_v1"
  end
  # resource path
  local_var_path = '/archives/entities/archives/v1'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'name'] = name
  query_params[:'password'] = opts[:'password'] if !opts[:'password'].nil?
  query_params[:'is_confidential'] = opts[:'is_confidential'] if !opts[:'is_confidential'].nil?
  query_params[:'comment'] = opts[:'comment'] if !opts[:'comment'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['application/octet-stream', 'application/zip', 'application/x-7z-compressed', 'application/x-zip-compressed'])
  if !content_type.nil?
    header_params['Content-Type'] = content_type
  end

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'ClientArchiveCreateResponseV1'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"SampleUploads.archive_upload_v1",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SampleUploads#archive_upload_v1\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#archive_upload_v2(file, name, opts = {}) ⇒ `ClientArchiveCreateResponseV1`

Parameters:

file (File) —

Content of the uploaded archive. For example, use `–form file=@$FILE_PATH;type=` when using cURL. Supported file types are `application/zip` and `application/x-7z-compressed`.
name (String) —

Name of the archive. For example, use `–form name=` when using cURL.
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:password (String) —

Archive password. For example, use `–form password=` when using cURL.
:is_confidential (Boolean) —

Defines visibility of this file in Falcon MalQuery, either via the API or the Falcon console. For example, use `–form is_confidential=` when using cURL. - `true`: File is only shown to users within your customer account - `false`: File can be seen by other CrowdStrike customers Default: `true`. (default to true)
:comment (String) —

A descriptive comment to identify the file for other users. For example, use `–form comment=` when using cURL.

Returns:

(ClientArchiveCreateResponseV1)

# File 'lib/crimson-falcon/api/sample_uploads.rb', line 324

def archive_upload_v2(file, name, opts = {})
  data, _status_code, _headers = archive_upload_v2_with_http_info(file, name, opts)
  data
end

#archive_upload_v2_with_http_info(file, name, opts = {}) ⇒ `Array<(ClientArchiveCreateResponseV1, Integer, Hash)>`

Parameters:

file (File) —

Content of the uploaded archive. For example, use `–form file=@$FILE_PATH;type=` when using cURL. Supported file types are `application/zip` and `application/x-7z-compressed`.
name (String) —

Name of the archive. For example, use `–form name=` when using cURL.
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:password (String) —

Archive password. For example, use `–form password=` when using cURL.
:is_confidential (Boolean) —

Defines visibility of this file in Falcon MalQuery, either via the API or the Falcon console. For example, use `–form is_confidential=` when using cURL. - `true`: File is only shown to users within your customer account - `false`: File can be seen by other CrowdStrike customers Default: `true`. (default to true)
:comment (String) —

A descriptive comment to identify the file for other users. For example, use `–form comment=` when using cURL.

Returns:

(Array<(ClientArchiveCreateResponseV1, Integer, Hash)>) —

ClientArchiveCreateResponseV1 data, response status code and response headers

# File 'lib/crimson-falcon/api/sample_uploads.rb', line 337

def archive_upload_v2_with_http_info(file, name, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SampleUploads.archive_upload_v2 ...'
  end
  # verify the required parameter 'file' is set
  if @api_client.config.client_side_validation && file.nil?
    fail ArgumentError, "Missing the required parameter 'file' when calling SampleUploads.archive_upload_v2"
  end
  # verify the required parameter 'name' is set
  if @api_client.config.client_side_validation && name.nil?
    fail ArgumentError, "Missing the required parameter 'name' when calling SampleUploads.archive_upload_v2"
  end
  # resource path
  local_var_path = '/archives/entities/archives/v2'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['multipart/form-data'])
  if !content_type.nil?
    header_params['Content-Type'] = content_type
  end

  # form parameters
  form_params = opts[:form_params] || {}
  form_params['file'] = file
  form_params['name'] = name
  form_params['password'] = opts[:'password'] if !opts[:'password'].nil?
  form_params['is_confidential'] = opts[:'is_confidential'] if !opts[:'is_confidential'].nil?
  form_params['comment'] = opts[:'comment'] if !opts[:'comment'].nil?

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ClientArchiveCreateResponseV1'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"SampleUploads.archive_upload_v2",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SampleUploads#archive_upload_v2\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#delete_sample_v3(ids, opts = {}) ⇒ `MsaQueryResponse`

Removes a sample, including file, meta and submissions from the collection

Parameters:

ids (String) —

The file SHA256.
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(MsaQueryResponse)

# File 'lib/crimson-falcon/api/sample_uploads.rb', line 403

def delete_sample_v3(ids, opts = {})
  data, _status_code, _headers = delete_sample_v3_with_http_info(ids, opts)
  data
end

#delete_sample_v3_with_http_info(ids, opts = {}) ⇒ `Array<(MsaQueryResponse, Integer, Hash)>`

Removes a sample, including file, meta and submissions from the collection

Parameters:

ids (String) —

The file SHA256.
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(Array<(MsaQueryResponse, Integer, Hash)>) —

MsaQueryResponse data, response status code and response headers

# File 'lib/crimson-falcon/api/sample_uploads.rb', line 412

def delete_sample_v3_with_http_info(ids, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SampleUploads.delete_sample_v3 ...'
  end
  # verify the required parameter 'ids' is set
  if @api_client.config.client_side_validation && ids.nil?
    fail ArgumentError, "Missing the required parameter 'ids' when calling SampleUploads.delete_sample_v3"
  end
  # resource path
  local_var_path = '/samples/entities/samples/v3'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'ids'] = ids

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'MsaQueryResponse'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"SampleUploads.delete_sample_v3",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:DELETE, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SampleUploads#delete_sample_v3\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#extraction_create_v1(body, opts = {}) ⇒ `ClientExtractionCreateResponseV1`

Extracts files from an uploaded archive and copies them to internal storage making it available for content analysis.

Parameters:

body (ClientExtractionCreateRequestV1)
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(ClientExtractionCreateResponseV1)

# File 'lib/crimson-falcon/api/sample_uploads.rb', line 465

def extraction_create_v1(body, opts = {})
  data, _status_code, _headers = extraction_create_v1_with_http_info(body, opts)
  data
end

#extraction_create_v1_with_http_info(body, opts = {}) ⇒ `Array<(ClientExtractionCreateResponseV1, Integer, Hash)>`

Extracts files from an uploaded archive and copies them to internal storage making it available for content analysis.

Parameters:

body (ClientExtractionCreateRequestV1)
opts (Hash) (defaults to: {}) —

the optional parameters

Returns:

(Array<(ClientExtractionCreateResponseV1, Integer, Hash)>) —

ClientExtractionCreateResponseV1 data, response status code and response headers

# File 'lib/crimson-falcon/api/sample_uploads.rb', line 474

def extraction_create_v1_with_http_info(body, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SampleUploads.extraction_create_v1 ...'
  end
  # verify the required parameter 'body' is set
  if @api_client.config.client_side_validation && body.nil?
    fail ArgumentError, "Missing the required parameter 'body' when calling SampleUploads.extraction_create_v1"
  end
  # resource path
  local_var_path = '/archives/entities/extractions/v1'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['application/json'])
  if !content_type.nil?
    header_params['Content-Type'] = content_type
  end

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body] || @api_client.object_to_http_body(body)

  # return_type
  return_type = opts[:debug_return_type] || 'ClientExtractionCreateResponseV1'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"SampleUploads.extraction_create_v1",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SampleUploads#extraction_create_v1\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#extraction_get_v1(id, opts = {}) ⇒ `ClientExtractionCreateResponseV1`

Retrieves the files extraction operation statuses. Status ‘done` means that all files were processed successfully. Status `error` means that at least one of the file could not be processed.

Parameters:

id (String) —

The extraction operation ID.
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:include_files (Boolean) —

If `true` includes processed archive files in response. (default to false)

Returns:

(ClientExtractionCreateResponseV1)

# File 'lib/crimson-falcon/api/sample_uploads.rb', line 532

def extraction_get_v1(id, opts = {})
  data, _status_code, _headers = extraction_get_v1_with_http_info(id, opts)
  data
end

#extraction_get_v1_with_http_info(id, opts = {}) ⇒ `Array<(ClientExtractionCreateResponseV1, Integer, Hash)>`

Retrieves the files extraction operation statuses. Status `done` means that all files were processed successfully. Status `error` means that at least one of the file could not be processed.

Parameters:

id (String) —

The extraction operation ID.
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:include_files (Boolean) —

If `true` includes processed archive files in response. (default to false)

Returns:

(Array<(ClientExtractionCreateResponseV1, Integer, Hash)>) —

ClientExtractionCreateResponseV1 data, response status code and response headers

# File 'lib/crimson-falcon/api/sample_uploads.rb', line 542

def extraction_get_v1_with_http_info(id, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SampleUploads.extraction_get_v1 ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling SampleUploads.extraction_get_v1"
  end
  # resource path
  local_var_path = '/archives/entities/extractions/v1'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'id'] = id
  query_params[:'include_files'] = opts[:'include_files'] if !opts[:'include_files'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ClientExtractionCreateResponseV1'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"SampleUploads.extraction_get_v1",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SampleUploads#extraction_get_v1\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#extraction_list_v1(id, opts = {}) ⇒ `ClientExtractionListFilesResponseV1`

Retrieves the files extractions in chunks. Status ‘done` means that all files were processed successfully. Status `error` means that at least one of the file could not be processed.

Parameters:

id (String) —

The extraction operation ID.
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:limit (Integer) —

Max number of file extractions to retrieve. (default to 0)
:offset (String) —

Offset from where to get file extractions.

Returns:

(ClientExtractionListFilesResponseV1)

# File 'lib/crimson-falcon/api/sample_uploads.rb', line 598

def extraction_list_v1(id, opts = {})
  data, _status_code, _headers = extraction_list_v1_with_http_info(id, opts)
  data
end

#extraction_list_v1_with_http_info(id, opts = {}) ⇒ `Array<(ClientExtractionListFilesResponseV1, Integer, Hash)>`

Retrieves the files extractions in chunks. Status `done` means that all files were processed successfully. Status `error` means that at least one of the file could not be processed.

Parameters:

id (String) —

The extraction operation ID.
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:limit (Integer) —

Max number of file extractions to retrieve. (default to 0)
:offset (String) —

Offset from where to get file extractions.

Returns:

(Array<(ClientExtractionListFilesResponseV1, Integer, Hash)>) —

ClientExtractionListFilesResponseV1 data, response status code and response headers

# File 'lib/crimson-falcon/api/sample_uploads.rb', line 609

def extraction_list_v1_with_http_info(id, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SampleUploads.extraction_list_v1 ...'
  end
  # verify the required parameter 'id' is set
  if @api_client.config.client_side_validation && id.nil?
    fail ArgumentError, "Missing the required parameter 'id' when calling SampleUploads.extraction_list_v1"
  end
  # resource path
  local_var_path = '/archives/entities/extraction-files/v1'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'id'] = id
  query_params[:'limit'] = opts[:'limit'] if !opts[:'limit'].nil?
  query_params[:'offset'] = opts[:'offset'] if !opts[:'offset'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ClientExtractionListFilesResponseV1'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"SampleUploads.extraction_list_v1",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SampleUploads#extraction_list_v1\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#get_sample_v3(ids, opts = {}) ⇒ `String`

Retrieves the file associated with the given ID (SHA256)

Parameters:

ids (String) —

The file SHA256.
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:password_protected (Boolean) —

Flag whether the sample should be zipped and password protected with pass='infected' (default to false)

Returns:

(String)

# File 'lib/crimson-falcon/api/sample_uploads.rb', line 665

def get_sample_v3(ids, opts = {})
  data, _status_code, _headers = get_sample_v3_with_http_info(ids, opts)
  data
end

#get_sample_v3_with_http_info(ids, opts = {}) ⇒ `Array<(String, Integer, Hash)>`

Retrieves the file associated with the given ID (SHA256)

Parameters:

ids (String) —

The file SHA256.
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:password_protected (Boolean) —

Flag whether the sample should be zipped and password protected with pass='infected' (default to false)

Returns:

(Array<(String, Integer, Hash)>) —

String data, response status code and response headers

# File 'lib/crimson-falcon/api/sample_uploads.rb', line 675

def get_sample_v3_with_http_info(ids, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SampleUploads.get_sample_v3 ...'
  end
  # verify the required parameter 'ids' is set
  if @api_client.config.client_side_validation && ids.nil?
    fail ArgumentError, "Missing the required parameter 'ids' when calling SampleUploads.get_sample_v3"
  end
  # resource path
  local_var_path = '/samples/entities/samples/v3'

  # query parameters
  query_params = opts[:query_params] || {}
  query_params[:'ids'] = ids
  query_params[:'password_protected'] = opts[:'password_protected'] if !opts[:'password_protected'].nil?

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/octet-stream', 'application/json'])

  # form parameters
  form_params = opts[:form_params] || {}

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'String'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"SampleUploads.get_sample_v3",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:GET, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SampleUploads#get_sample_v3\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

#upload_sample_v3(sample, file_name, opts = {}) ⇒ `ClientSampleMetadataResponseV2`

Upload a file for further cloud analysis. After uploading, call the specific analysis API endpoint.

Parameters:

sample (File) —

Content of the uploaded sample in binary format. For example, use `–data-binary @$FILE_PATH` when using cURL. Max file size: 256 MB. Accepted file formats: - Portable executables: `.exe`, `.scr`, `.pif`, `.dll`, `.com`, `.cpl`, etc. - Office documents: `.doc`, `.docx`, `.ppt`, `.pps`, `.pptx`, `.ppsx`, `.xls`, `.xlsx`, `.rtf`, `.pub` - PDF - APK - Executable JAR - Windows script component: `.sct` - Windows shortcut: `.lnk` - Windows help: `.chm` - HTML application: `.hta` - Windows script file: `.wsf` - Javascript: `.js` - Visual Basic: `.vbs`, `.vbe` - Shockwave Flash: `.swf` - Perl: `.pl` - Powershell: `.ps1`, `.psd1`, `.psm1` - Scalable vector graphics: `.svg` - Python: `.py` - Linux ELF executables - Email files: MIME RFC 822 `.eml`, Outlook `.msg`.
file_name (String) —

Name of the file.
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:comment (String) —

A descriptive comment to identify the file for other users.
:is_confidential (Boolean) —

Defines visibility of this file in Falcon MalQuery, either via the API or the Falcon console. - `true`: File is only shown to users within your customer account - `false`: File can be seen by other CrowdStrike customers Default: `true`. (default to true)

Returns:

(ClientSampleMetadataResponseV2)

# File 'lib/crimson-falcon/api/sample_uploads.rb', line 732

def upload_sample_v3(sample, file_name, opts = {})
  data, _status_code, _headers = upload_sample_v3_with_http_info(sample, file_name, opts)
  data
end

#upload_sample_v3_with_http_info(sample, file_name, opts = {}) ⇒ `Array<(ClientSampleMetadataResponseV2, Integer, Hash)>`

Upload a file for further cloud analysis. After uploading, call the specific analysis API endpoint.

Parameters:

sample (File) —

Content of the uploaded sample in binary format. For example, use `–data-binary @$FILE_PATH` when using cURL. Max file size: 256 MB. Accepted file formats: - Portable executables: `.exe`, `.scr`, `.pif`, `.dll`, `.com`, `.cpl`, etc. - Office documents: `.doc`, `.docx`, `.ppt`, `.pps`, `.pptx`, `.ppsx`, `.xls`, `.xlsx`, `.rtf`, `.pub` - PDF - APK - Executable JAR - Windows script component: `.sct` - Windows shortcut: `.lnk` - Windows help: `.chm` - HTML application: `.hta` - Windows script file: `.wsf` - Javascript: `.js` - Visual Basic: `.vbs`, `.vbe` - Shockwave Flash: `.swf` - Perl: `.pl` - Powershell: `.ps1`, `.psd1`, `.psm1` - Scalable vector graphics: `.svg` - Python: `.py` - Linux ELF executables - Email files: MIME RFC 822 `.eml`, Outlook `.msg`.
file_name (String) —

Name of the file.
opts (Hash) (defaults to: {}) —

the optional parameters

Options Hash (opts):

:comment (String) —

A descriptive comment to identify the file for other users.
:is_confidential (Boolean) —

Defines visibility of this file in Falcon MalQuery, either via the API or the Falcon console. - `true`: File is only shown to users within your customer account - `false`: File can be seen by other CrowdStrike customers Default: `true`. (default to true)

Returns:

(Array<(ClientSampleMetadataResponseV2, Integer, Hash)>) —

ClientSampleMetadataResponseV2 data, response status code and response headers

# File 'lib/crimson-falcon/api/sample_uploads.rb', line 744

def upload_sample_v3_with_http_info(sample, file_name, opts = {})
  if @api_client.config.debugging
    @api_client.config.logger.debug 'Calling API: SampleUploads.upload_sample_v3 ...'
  end
  # verify the required parameter 'sample' is set
  if @api_client.config.client_side_validation && sample.nil?
    fail ArgumentError, "Missing the required parameter 'sample' when calling SampleUploads.upload_sample_v3"
  end
  # verify the required parameter 'file_name' is set
  if @api_client.config.client_side_validation && file_name.nil?
    fail ArgumentError, "Missing the required parameter 'file_name' when calling SampleUploads.upload_sample_v3"
  end
  # resource path
  local_var_path = '/samples/entities/samples/v3'

  # query parameters
  query_params = opts[:query_params] || {}

  # header parameters
  header_params = opts[:header_params] || {}
  # HTTP header 'Accept' (if needed)
  header_params['Accept'] = @api_client.select_header_accept(['application/json'])
  # HTTP header 'Content-Type'
  content_type = @api_client.select_header_content_type(['multipart/form-data', 'application/octet-stream'])
  if !content_type.nil?
    header_params['Content-Type'] = content_type
  end

  # form parameters
  form_params = opts[:form_params] || {}
  form_params['sample'] = sample
  form_params['file_name'] = file_name
  form_params['comment'] = opts[:'comment'] if !opts[:'comment'].nil?
  form_params['is_confidential'] = opts[:'is_confidential'] if !opts[:'is_confidential'].nil?

  # http body (model)
  post_body = opts[:debug_body]

  # return_type
  return_type = opts[:debug_return_type] || 'ClientSampleMetadataResponseV2'

  # auth_names
  auth_names = opts[:debug_auth_names] || ['oauth2']

  new_options = opts.merge(
    :operation => :"SampleUploads.upload_sample_v3",
    :header_params => header_params,
    :query_params => query_params,
    :form_params => form_params,
    :body => post_body,
    :auth_names => auth_names,
    :return_type => return_type
  )

  data, status_code, headers = @api_client.call_api(:POST, local_var_path, new_options)
  if @api_client.config.debugging
    @api_client.config.logger.debug "API called: SampleUploads#upload_sample_v3\nData: #{data.inspect}\nStatus code: #{status_code}\nHeaders: #{headers}"
  end
  return data, status_code, headers
end

Class: Falcon::SampleUploads

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(api_client = ApiClient.default) ⇒ SampleUploads

Instance Attribute Details

#api_client ⇒ Object

Instance Method Details

#archive_delete_v1(id, opts = {}) ⇒ nil

#archive_delete_v1_with_http_info(id, opts = {}) ⇒ Array<(nil, Integer, Hash)>

#archive_get_v1(id, opts = {}) ⇒ ClientArchiveCreateResponseV1

#archive_get_v1_with_http_info(id, opts = {}) ⇒ Array<(ClientArchiveCreateResponseV1, Integer, Hash)>

#archive_list_v1(id, opts = {}) ⇒ ClientArchiveListFilesResponseV1

#archive_list_v1_with_http_info(id, opts = {}) ⇒ Array<(ClientArchiveListFilesResponseV1, Integer, Hash)>

#archive_upload_v1(name, body, opts = {}) ⇒ ClientArchiveCreateResponseV1

#archive_upload_v1_with_http_info(name, body, opts = {}) ⇒ Array<(ClientArchiveCreateResponseV1, Integer, Hash)>

#archive_upload_v2(file, name, opts = {}) ⇒ ClientArchiveCreateResponseV1

#archive_upload_v2_with_http_info(file, name, opts = {}) ⇒ Array<(ClientArchiveCreateResponseV1, Integer, Hash)>

#delete_sample_v3(ids, opts = {}) ⇒ MsaQueryResponse

#delete_sample_v3_with_http_info(ids, opts = {}) ⇒ Array<(MsaQueryResponse, Integer, Hash)>

#extraction_create_v1(body, opts = {}) ⇒ ClientExtractionCreateResponseV1

#extraction_create_v1_with_http_info(body, opts = {}) ⇒ Array<(ClientExtractionCreateResponseV1, Integer, Hash)>

#extraction_get_v1(id, opts = {}) ⇒ ClientExtractionCreateResponseV1

#extraction_get_v1_with_http_info(id, opts = {}) ⇒ Array<(ClientExtractionCreateResponseV1, Integer, Hash)>

#extraction_list_v1(id, opts = {}) ⇒ ClientExtractionListFilesResponseV1

#extraction_list_v1_with_http_info(id, opts = {}) ⇒ Array<(ClientExtractionListFilesResponseV1, Integer, Hash)>

#get_sample_v3(ids, opts = {}) ⇒ String

#get_sample_v3_with_http_info(ids, opts = {}) ⇒ Array<(String, Integer, Hash)>

#upload_sample_v3(sample, file_name, opts = {}) ⇒ ClientSampleMetadataResponseV2

#upload_sample_v3_with_http_info(sample, file_name, opts = {}) ⇒ Array<(ClientSampleMetadataResponseV2, Integer, Hash)>

#initialize(api_client = ApiClient.default) ⇒ `SampleUploads`

#api_client ⇒ `Object`

#archive_delete_v1(id, opts = {}) ⇒ `nil`

#archive_delete_v1_with_http_info(id, opts = {}) ⇒ `Array<(nil, Integer, Hash)>`

#archive_get_v1(id, opts = {}) ⇒ `ClientArchiveCreateResponseV1`

#archive_get_v1_with_http_info(id, opts = {}) ⇒ `Array<(ClientArchiveCreateResponseV1, Integer, Hash)>`

#archive_list_v1(id, opts = {}) ⇒ `ClientArchiveListFilesResponseV1`

#archive_list_v1_with_http_info(id, opts = {}) ⇒ `Array<(ClientArchiveListFilesResponseV1, Integer, Hash)>`

#archive_upload_v1(name, body, opts = {}) ⇒ `ClientArchiveCreateResponseV1`

#archive_upload_v1_with_http_info(name, body, opts = {}) ⇒ `Array<(ClientArchiveCreateResponseV1, Integer, Hash)>`

#archive_upload_v2(file, name, opts = {}) ⇒ `ClientArchiveCreateResponseV1`

#archive_upload_v2_with_http_info(file, name, opts = {}) ⇒ `Array<(ClientArchiveCreateResponseV1, Integer, Hash)>`

#delete_sample_v3(ids, opts = {}) ⇒ `MsaQueryResponse`

#delete_sample_v3_with_http_info(ids, opts = {}) ⇒ `Array<(MsaQueryResponse, Integer, Hash)>`

#extraction_create_v1(body, opts = {}) ⇒ `ClientExtractionCreateResponseV1`

#extraction_create_v1_with_http_info(body, opts = {}) ⇒ `Array<(ClientExtractionCreateResponseV1, Integer, Hash)>`

#extraction_get_v1(id, opts = {}) ⇒ `ClientExtractionCreateResponseV1`

#extraction_get_v1_with_http_info(id, opts = {}) ⇒ `Array<(ClientExtractionCreateResponseV1, Integer, Hash)>`

#extraction_list_v1(id, opts = {}) ⇒ `ClientExtractionListFilesResponseV1`

#extraction_list_v1_with_http_info(id, opts = {}) ⇒ `Array<(ClientExtractionListFilesResponseV1, Integer, Hash)>`

#get_sample_v3(ids, opts = {}) ⇒ `String`

#get_sample_v3_with_http_info(ids, opts = {}) ⇒ `Array<(String, Integer, Hash)>`

#upload_sample_v3(sample, file_name, opts = {}) ⇒ `ClientSampleMetadataResponseV2`

#upload_sample_v3_with_http_info(sample, file_name, opts = {}) ⇒ `Array<(ClientSampleMetadataResponseV2, Integer, Hash)>`