Get Resource Records for Raw Data - Cloud Security API

{"type":"api","title":"Get Resource Records for Raw Data","meta":{"id":"/apps/pubhub/media/cloud-security-apis-in-eft/d2a1854d5c0ed9069a7f0bc54a9b813f3075ddc9/570121d2-76a9-3f3f-bf01-6671496640c5","info":{"title":"Cisco Secure Access Investigate API","description":"The Secure Access Investigate API provides a complete view of domains in relation to IP and autonomous system number (ASN) information.\nYou can get the following domain information:\n\n* Domain status, risk score, and geolocation\n* Number of domain searches\n* Co-occurring domains\n* Subdomains of a domain\n* Tagged timeline of a domain, IP, or URL\n* Security reputation of a domain\n* Top accessed domains\n* WHOIS information for the domain\n* Threat intelligence data for domains, IPs, and URLs\n* Threat intelligence samples by file hash","version":"2.0.0","contact":{"name":"Cloud Security Developer Community"}},"security":[{"oauthFlow":[]}],"tags":[{"name":"Domain Status and Categorization"},{"name":"Domain Volume"},{"name":"Co-occurrences for a Domain"},{"name":"Passive DNS"},{"name":"Tagging Timeline"},{"name":"Subdomains for a Domain"},{"name":"Related Domains for a Domain"},{"name":"Security Information for a Domain"},{"name":"AS Information for a Domain"},{"name":"WHOIS Information for a Domain"},{"name":"Popularity List-Top Million Domains"},{"name":"Search Domain"},{"name":"Cisco Secure Malware Analytics Integration"},{"name":"Secure Access"}],"x-parser-conf":{"overview":{"markdownPath":"secure-access/reference/investigate/investigate-overview.md","uri":"secure-access-api-reference-investigate-api-overview"}},"openapi":"3.0.0","servers":[{"url":"https://api.sse.cisco.com/{basePath}","variables":{"basePath":{"default":"investigate/v2"}}}],"securitySchemes":{"oauthFlow":{"type":"oauth2","description":"The client credential flow.","flows":{"clientCredentials":{"scopes":{"investigate.investigate:read":"Investigate read access","investigate.bulk:read":"Investigate bulk read access"},"tokenUrl":"https://api.sse.cisco.com/auth/v2/token"}}}}},"spec":{"summary":"Get Resource Records for Raw Data","operationId":"getPassiveDNSRaw","tags":["Passive DNS","Secure Access"],"description":"Get the Resource Record (RR) data for DNS responses, and categorization data, where the answer (or rdata) could be anything.","parameters":[{"name":"anystring","in":"path","required":true,"description":"The text representation of the data. When querying TXT records, add quotes around the text.\nFor example, to search for the 'abc', provide the string as a path parameter\nin an API request: 'https://api.sse.cisco.com/investigate/v2/pdns/raw/%22abc%22'.","schema":{"type":"string"},"example":"%22abc%22"},{"name":"limit","in":"query","required":false,"description":"The number of records to return in the collection.\nThe default limit is 500 records. The maximum number of records\nreturned for all requests to the endpoint is 10,000.\n","schema":{"type":"integer","default":500,"maximum":10000},"example":1000,"$$ref":"#/components/parameters/limitRecordsParam"},{"name":"offset","in":"query","required":false,"description":"A number that represents an index in the collection. By default, the offset is 0 (the first record).","schema":{"type":"integer","default":0},"example":2,"$$ref":"#/components/parameters/offsetParam"},{"name":"sortorder","in":"query","required":false,"description":"Sort records by ascending (`asc`) or descending (`desc`) order. By default, the records are returned in descending order.","schema":{"type":"string","enum":["asc","desc"],"default":"desc"},"example":"asc","$$ref":"#/components/parameters/sortorderParam"},{"name":"sortby","in":"query","required":false,"description":"Sort records by one of the following fields: `minTtl`, `maxTtl`, `firstSeen`, or `lastSeen`.","schema":{"type":"string","enum":["minTtl","maxTtl","firstSeen","lastSeen"]},"example":"minTtl","$$ref":"#/components/parameters/sortbyParam"},{"name":"recordType","in":"query","required":false,"description":"The type of records. For example: 'A', 'CNAME', 'NS', 'MX'.\nUse commas to separate multiple types of record.","schema":{"type":"string"},"example":"A, CNAME","$$ref":"#/components/parameters/recordTypeParam"},{"name":"includefeatures","in":"query","required":false,"description":"Specify whether to add the feature sections to the response. The default value is 'false'.","schema":{"type":"boolean"},"example":true,"$$ref":"#/components/parameters/includeFeaturesParam"},{"name":"minFirstSeen","in":"query","required":false,"description":"Only returns records with the value of `firstSeen` \u003e= the value of `minFirstSeen`.","schema":{"type":"integer","format":"int64"},"$$ref":"#/components/parameters/minFirstSeenParam"},{"name":"maxFirstSeen","in":"query","required":false,"description":"Only returns records with the value of `firstSeen` \u003c= the value of `maxFirstSeen`.","schema":{"type":"integer","format":"int64"},"$$ref":"#/components/parameters/maxFirstSeenParam"},{"name":"minLastSeen","in":"query","required":false,"description":"Only returns records with the value of `lastSeen` \u003e= the value of `minLastSeen`.","schema":{"type":"integer","format":"int64"},"$$ref":"#/components/parameters/minLastSeenParam"},{"name":"maxLastSeen","in":"query","required":false,"description":"Only returns records with the value of `lastSeen` \u003c= the value of `maxLastSeen`.","schema":{"type":"integer","format":"int64"},"$$ref":"#/components/parameters/maxLastSeenParam"},{"name":"sortCategories","in":"query","required":false,"description":"Sort the records by the specified security categories or all security categories (`All`).\nThe case-sensitive security category strings are: Drive-by Downloads/Exploits, Mobile Threats,\nDynamic DNS, High Risk Sites and Locations, Command and Control, Malware, Phishing,\nNewly Seen Domains, Potentially Harmful,\nDNS Tunneling VPN, and Cryptomining. Use commas to separate multiple security category strings.\n\nInvestigate lists the records that have at least one of these security categories at the top of the list.\nThe rest of the sorting parameters are applied within the records with and without any of\nthe security categories.","schema":{"type":"string"},"example":"All","$$ref":"#/components/parameters/sortCategoriesParam"},{"name":"requiredCategories","in":"query","required":false,"description":"Filter for records that are assigned the specified security categories.\nThe case-sensitive security category strings are: Drive-by Downloads/Exploits, Mobile Threats,\nDynamic DNS, High Risk Sites and Locations, Command and Control, Malware, Phishing,\nNewly Seen Domains, Potentially Harmful,\nDNS Tunneling VPN, and Cryptomining. Use commas to separate multiple security category strings.","schema":{"type":"string"},"example":"Mobile Threats, Phishing","$$ref":"#/components/parameters/requiredCategoriesParam"}],"security":[{"oauthFlow":["investigate.investigate:read"]}],"responses":{"200":{"description":"OK","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"array","description":"The list of records.","items":{"type":"object","description":"The information about the record.","properties":{"minTtl":{"type":"integer","format":"int64","description":"The minimum TTL for the record in seconds."},"maxTtl":{"type":"integer","format":"int64","description":"The maximum TTL for the record in seconds."},"firstSeen":{"type":"integer","format":"int64","description":"The first time Secure Access related the domain for the resource record, specified\nin Unix Epoch time.","example":1615427410,"$$ref":"#/components/schemas/firstSeen"},"lastSeen":{"type":"integer","format":"int64","description":"The last time Secure Access related the domain for the resource record, specified\nin Unix Epoch time."},"name":{"type":"string","description":"The name of the query."},"type":{"type":"string","description":"The DNS record type. For example: A, CNAME, NS, MX."},"securityCategories":{"type":"array","items":{"type":"string"},"description":"The Secure Access security categories, if any, that match the domain."},"contentCategories":{"type":"array","items":{"type":"string"},"description":"The Secure Access content categories, if any, that match the domain."},"firstSeenISO":{"type":"string","format":"date-time","description":"The first time Secure Access related the domain for the resource record,\nspecified in ISO date and time format.","example":"2015-05-22T21:42:07.421Z","$$ref":"#/components/schemas/firstSeenISO"},"lastSeenISO":{"type":"string","description":"The last time Secure Access related the domain for the resource record,\nspecified in ISO date and time format.","example":"2015-05-22T21:42:07.421Z","$$ref":"#/components/schemas/lastSeenISO"}},"$$ref":"#/components/schemas/Record"},"$$ref":"#/components/schemas/Records"},"example":[{"minTtl":3600,"maxTtl":3600,"firstSeen":1544386020000,"lastSeen":1555327199000,"name":"926723159-3188410","type":"TXT","rr":"cisco.com","securityCategories":["Malware","Cryptomining"],"contentCategories":["Software/Technology","Business Services"],"firstSeenISO":"2018-12-09T20:07:00Z","lastSeenISO":"2019-04-15T11:19Z"}]}}},"400":{"description":"Bad Request","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","properties":{"message":{"type":"string"}}}}},"$$ref":"#/components/responses/400Error"},"401":{"description":"Unauthorized","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","properties":{"message":{"type":"string"}}}}},"$$ref":"#/components/responses/401Error"},"403":{"description":"Forbidden","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","properties":{"message":{"type":"string"}}}}},"$$ref":"#/components/responses/403Error"},"404":{"description":"Not Found","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","properties":{"message":{"type":"string"}}}}},"$$ref":"#/components/responses/404Error"},"500":{"description":"Internal Server Error","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","properties":{"message":{"type":"string"}}}}},"$$ref":"#/components/responses/500Error"}},"__originalOperationId":"getPassiveDNSRaw","method":"get","path":"/pdns/raw/{anystring}"}}