README
¶
api
The API is a library with some structs and a request wrapper. Also a work in progress.
Exported Functions and Types
The TS CLI exports a few Go functions and types - those are available under the api directory.
Here's an example of how you could call the API on your own.
package main
import (
"fmt"
"io/ioutil"
"log"
"net/http"
"os"
tsapi "github.com/threatstack/ts/api"
)
func main() {
config := tsapi.Config{
User: "USER_ID",
Key: "API_KEY",
Org: "ORG_ID",
}
client := &http.Client{}
agentEndpoint := "/v2/agents/d1230d0f-392b-1ee9-b92a-5b6ae75feb22"
req, err := tsapi.Request(config, "GET", agentEndpoint, nil)
resp, err := client.Do(req)
if err != nil {
log.Fatalln(err)
}
defer resp.Body.Close()
if resp.StatusCode == 200 {
body, err := ioutil.ReadAll(resp.Body)
if err != nil {
log.Fatalln(err)
}
fmt.Printf("%s\n", body)
} else {
fmt.Printf("Unable to GET %s - API responded with an HTTP/%d", agentEndpoint, resp.StatusCode)
os.Exit(1)
}
}
Documentation
¶
Index ¶
- func Request(config Config, method string, url string, payload []byte) (*http.Request, error)
- type Agent
- type AgentIPInfo
- type AgentResponseRaw
- type AgentTagInfo
- type Alert
- type AlertAggregate
- type AlertResponseRaw
- type AlertSeverityCount
- type AuditRecord
- type AuditResponseRaw
- type Config
- type DismissAlertsByID
- type DismissAlertsByQueryParameters
- type DismissReason
- type Error
- type InvitePost
- type InviteResponse
- type Member
- type MembersResponseRaw
- type S3ExportDelete
- type S3ExportEnrollment
- type S3ExportEnrollmentResponse
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Agent ¶
type Agent struct {
ID string `json:"id"`
InstanceID string `json:"instanceId"`
Status string `json:"status"`
CreatedAt string `json:"createdAt"`
LastReportedAt string `json:"LastReportedAt"`
Version string `json:"version"`
Name string `json:"name"`
Description string `json:"description"`
Hostname string `json:"hostname"`
IPAddresses AgentIPInfo `json:"ipAddresses"`
Tags []AgentTagInfo `json:"tags"`
AgentType string `json:"agentType"`
OSVersion string `json:"osVersion"`
Kernel string `json:"kernel"`
}
Agent is the object for an actual agent.
type AgentIPInfo ¶
type AgentIPInfo struct {
Private []string `json:"private"`
LinkLocal []string `json:"link_local"`
Public []string `json:"public"`
}
AgentIPInfo contains information about interfaces.
type AgentResponseRaw ¶
AgentResponseRaw is the raw result returned from the API
type AgentTagInfo ¶
type AgentTagInfo struct {
Source string `json:"source"`
Key string `json:"key"`
Value string `json:"value"`
}
AgentTagInfo contains information about cloud provider tags.
type Alert ¶
type Alert struct {
ID string `json:"id"`
Title string `json:"title"`
DataSource string `json:"dataSource"`
CreatedAt string `json:"createdAt"`
IsDismissed bool `json:"isDismissed"`
DismissedAt string `json:"dismissedAt"`
DismissReason DismissReason `json:"dismissReason"`
DismissReasonText string `json:"dismissReasonText"`
DismissedBy string `json:"dismissedBy"`
Severity int `json:"severity"`
AgentID string `json:"agentId"`
RuleID string `json:"ruleId"`
RulesetID string `json:"rulesetId"`
Aggregates []AlertAggregate `json:"aggregates"`
}
Alert stores information related to an individual alert
type AlertAggregate ¶
type AlertAggregate struct {
FieldName string `json:"fieldName"`
}
AlertAggregate is part of an Alert.
type AlertResponseRaw ¶
AlertResponseRaw is the raw result returned from the API
type AlertSeverityCount ¶
AlertSeverityCount is the data model for alerts by severity
type AuditRecord ¶
type AuditRecord struct {
ID string `json:"id"`
UserEmail string `json:"userEmail"`
UserID string `json:"userId"`
OrgnanizationID string `json:"organizationId"`
Result string `json:"result"`
CRUD string `json:"crud"`
Action string `json:"action"`
Source string `json:"source"`
Description string `json:"description"`
EventTime string `json:"eventTime"`
Context interface{} `json:"context"`
}
AuditRecord is an actual audit record
type AuditResponseRaw ¶
type AuditResponseRaw struct {
Recs []AuditRecord `json:"recs"`
Token string `json:"token"`
}
AuditResponseRaw is the raw result returned from the API
type DismissAlertsByID ¶
type DismissAlertsByID struct {
IDs []string `json:"ids"`
DismissReason DismissReason `json:"dismissReason"`
DismissReasonText string `json:"dismissReasonText,omitempty"`
}
DismissAlertsByID is the data model for dismissing an alert or 512.
type DismissAlertsByQueryParameters ¶
type DismissAlertsByQueryParameters struct {
From string `json:"from"`
Until string `json:"until"`
Severity int `json:"severity,omitempty"`
RuleID string `json:"ruleID,omitempty"`
AgentID string `json:"agentID,omitempty"`
DismissReason DismissReason `json:"dismissReason"`
DismissReasonText string `json:"dismissReasonText"`
}
DismissAlertByQueryParameters is the data model for dismissing an alert by a query vs. specific IDs.
type DismissReason ¶
type DismissReason string
DismissReason stores different reasons for dismissing an alert
const ( // DismissBusinessOp - Required for Business Operations DismissBusinessOp DismissReason = "BUSINESS_OP" // DismissCompanyPolicy - Normal per Company Policy DismissCompanyPolicy DismissReason = "COMPANY_POLICY" // DismissMaintenance - Required Temporarily, for Testing and Maintenance DismissMaintenance DismissReason = "MAINTENANCE" // DismissOther - Other DismissOther DismissReason = "OTHER" )
type InvitePost ¶
invite Post
type InviteResponse ¶
type Member ¶
type Member struct {
Role string `json:"role"`
SSOEnabled bool `json:"ssoEnabled"`
DisplayName string `json:"displayName"`
UserEnabled bool `json:"userEnabled"`
LastAuthenticatedAt int `json:"lastAuthenticatedAt"`
MFAEnabled bool `json:"mfaEnabled"`
ID string `json:"id"`
Email string `json:"email"`
}
Members is the model response
type MembersResponseRaw ¶
type MembersResponseRaw struct {
Members []Member `json:"members"`
}
type S3ExportDelete ¶
type S3ExportDelete struct {
S3Bucket string `json:"s3Bucket"`
}
S3ExportDelete is the model for an S3 Enrollment Delete
type S3ExportEnrollment ¶
type S3ExportEnrollment struct {
S3Bucket string `json:"s3Bucket"`
IAMRoleARN string `json:"iamRoleArn"`
IAMRoleARNExternalID string `json:"iamRoleArnExternalId"`
Region string `json:"region"`
Prefix string `json:"prefix"`
Enabled bool `json:"enabled"`
}
S3ExportEnrollment is the model for sending a new enrollment up
type S3ExportEnrollmentResponse ¶
type S3ExportEnrollmentResponse struct {
OrganizationID string `json:"organization_id"`
S3Bucket string `json:"s3Bucket"`
IAMRoleARN string `json:"iamRoleArn"`
IAMRoleARNExternalID string `json:"iamRoleArnExternalId"`
Region string `json:"region"`
Prefix string `json:"prefix"`
EnrolledAt string `json:"enrolledAt"`
Enabled bool `json:"enabled"`
}
S3ExportEnrollmentResponse is the model for an S3 Enrollment GET
Source Files
Click to show internal directories.
Click to hide internal directories.