{"type":"model","meta":{"id":"/apps/pubhub/media/cisco-xdr-api-docs/f4e065ff5977829c89df289df08411f83205f526/b8e2f317-fdde-3c60-a473-916add6130ca","info":{"title":"XDR Findings Container API","version":"1.0.0"},"tags":[{"description":"Operations related to service healthcheck","name":"Healthcheck"},{"description":"Operations for internal use only","name":"Internal"}],"x-parser-conf":{"serverConfig":"select","overview":{"markdownPath":"reference/findings-intake/overview.md","uri":"findings-intake-api-guide"},"disableAuthEditing":true,"exampleAsDefault":true,"oAuth2":{"clientId":"client-546e34fc-c6bf-4951-ac69-f6d7987a7814","clientSecret":"MYw4_E_tBdFwUwrX6WFYKVD5LQrG2k7XrJ5J046wWE0s1gAKCxJ8VA","proxyEnabled":false},"meta":{"useProxy":true}},"openapi":"3.1.0","servers":[{"url":"https://findings.us.security.cisco.com"}],"securitySchemes":{"bearer":{"bearerFormat":"JWT","scheme":"bearer","type":"http"}}},"spec":{"additionalProperties":false,"properties":{"activity_name":{"enum":["Unknown","Open","Close","Reset","Fail","Refuse","Traffic","Listen"],"type":"string"},"actor":{"additionalProperties":false,"properties":{"user":{"additionalProperties":false,"properties":{"email_addr":{"type":["string","null"]},"name":{"type":"string"}},"type":"object","$$ref":"#/components/schemas/User"}},"type":"object","$$ref":"#/components/schemas/Actor"},"connection_info":{"additionalProperties":false,"properties":{"direction":{"enum":["Unknown","Inbound","Outbound","Lateral","Other"],"type":"string"},"protocol_num":{"description":"Protocol Number","enum":[1,2,4,6,17,41],"format":"int64","type":"integer"},"protocol_ver_id":{"description":"Protocol Version","enum":[0,4,6],"format":"int64","type":"integer"}},"type":"object","$$ref":"#/components/schemas/NetworkConnectionInfo"},"dispositions":{"items":{"additionalProperties":false,"properties":{"disposition":{"description":"Disposition","enum":["Unknown","Allowed","Blocked","Quarantined","Isolated","Deleted","Dropped","Custom Action","Approved","Restored","Exonerated","Corrected","Partially Corrected","Uncorrected","Delayed","Detected","No Action","Logged","Tagged","Alert","Count","Reset","Captcha","Challenge","Access Revoked","Rejected","Unauthorized","Error","Other","Terminated","Parent Process Terminated","Suspend Process","Suspend Parent Process"],"type":"string"},"disposition_status":{"description":"Disposition Status","enum":["Unknown","Disabled by Policy","Action Failure","Unsupported Action","Other Error","Audit Mode","Already Applied","Other"],"type":"string"}},"type":"object","$$ref":"#/components/schemas/CiscoDisposition"},"type":["array","null"]},"dst_endpoint":{"description":"Either DstEndpoint or SrcEndpoint must be specified","additionalProperties":false,"properties":{"hostname":{"format":"hostname","type":"string"},"ip":{"description":"IP address of the endpoint, either IPv4 or IPv6.","type":["string","null"]},"mac":{"pattern":"^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$","type":"string"},"port":{"format":"int64","maximum":65535,"minimum":1,"type":"integer"},"proxy_endpoint":{"additionalProperties":false,"properties":{"ip":{"description":"IP address of the proxy endpont, either IPv4 or IPv6.","type":["string","null"]}},"type":"object","$$ref":"#/components/schemas/NetworkProxy"}},"type":"object","$$ref":"#/components/schemas/NetworkEndpoint"},"src_endpoint":{"description":"Either DstEndpoint or SrcEndpoint must be specified","additionalProperties":false,"properties":{"hostname":{"format":"hostname","type":"string"},"ip":{"description":"IP address of the endpoint, either IPv4 or IPv6.","type":["string","null"]},"mac":{"pattern":"^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$","type":"string"},"port":{"format":"int64","maximum":65535,"minimum":1,"type":"integer"},"proxy_endpoint":{"additionalProperties":false,"properties":{"ip":{"description":"IP address of the proxy endpont, either IPv4 or IPv6.","type":["string","null"]}},"type":"object","$$ref":"#/components/schemas/NetworkProxy"}},"type":"object","$$ref":"#/components/schemas/NetworkEndpoint"},"time":{"description":"Unix timestamp in milliseconds","format":"int64","maximum":4102444800000,"minimum":946684800000,"type":"integer"},"traffic":{"additionalProperties":false,"properties":{"bytes_in":{"format":"int64","minimum":0,"type":"integer"},"bytes_out":{"format":"int64","minimum":0,"type":"integer"},"packets_in":{"format":"int64","minimum":0,"type":"integer"},"packets_out":{"format":"int64","minimum":0,"type":"integer"}},"type":"object","$$ref":"#/components/schemas/NetworkTraffic"},"url":{"format":"uri","type":"string"}},"required":["time"],"type":"object","$$ref":"#/components/schemas/NetworkActivity","title":"NetworkActivity"}}