Get Tagging Timeline for Destination - Cloud Security API

{"type":"api","title":"Get Tagging Timeline for Destination","meta":{"id":"/apps/pubhub/media/cloud-security-apis-in-eft/9d37d008417d562ab46d4b67547a68457ce288d2/570121d2-76a9-3f3f-bf01-6671496640c5","info":{"title":"Cisco Secure Access Investigate API","description":"The Secure Access Investigate API provides a complete view of domains in relation to IP and autonomous system number (ASN) information.\nYou can get the following domain information:\n\n* Domain status, risk score, and geolocation\n* Number of domain searches\n* Co-occurring domains\n* Subdomains of a domain\n* Tagged timeline of a domain, IP, or URL\n* Security reputation of a domain\n* Top accessed domains\n* WHOIS information for the domain\n* Threat intelligence data for domains, IPs, and URLs\n* Threat intelligence samples by file hash","version":"2.0.0","contact":{"name":"Cloud Security Developer Community"}},"security":[{"oauthFlow":[]}],"tags":[{"name":"Domain Status and Categorization"},{"name":"Domain Volume"},{"name":"Co-occurrences for a Domain"},{"name":"Passive DNS"},{"name":"Tagging Timeline"},{"name":"Subdomains for a Domain"},{"name":"Related Domains for a Domain"},{"name":"Security Information for a Domain"},{"name":"AS Information for a Domain"},{"name":"WHOIS Information for a Domain"},{"name":"Popularity List-Top Million Domains"},{"name":"Search Domain"},{"name":"Cisco Secure Malware Analytics Integration"},{"name":"Secure Access"}],"x-parser-conf":{"overview":{"markdownPath":"secure-access/reference/investigate/investigate-overview.md","uri":"secure-access-api-reference-investigate-api-overview"}},"openapi":"3.0.0","servers":[{"url":"https://api.sse.cisco.com/{basePath}","variables":{"basePath":{"default":"investigate/v2"}}}],"securitySchemes":{"oauthFlow":{"type":"oauth2","description":"The client credential flow.","flows":{"clientCredentials":{"scopes":{"investigate.investigate:read":"Investigate read access","investigate.bulk:read":"Investigate bulk read access"},"tokenUrl":"https://api.sse.cisco.com/auth/v2/token"}}}}},"spec":{"operationId":"getTimeline","tags":["Tagging Timeline","Secure Access"],"summary":"Get Tagging Timeline for Destination","description":"List the historical tagging timeline for a given IP, domain, or URL.\nInvestigate sorts the timeline items in descending order using the timestamp field.\nEach timeline item includes lists of security category,\nattack, or threat type associated with the destination.\nUse the Tagging Timeline endpoint to verify when Secure Access assigned or removed\na security category, attack, or threat type.\nIf the current timeline item contains the security category, type of attack,\nor threat type not found in the previous timeline item,\nSecure Access updated the current timeline item.\nIf the current timeline item does not contain the security category, attack,\nor threat type found in the previous timeline item,\nSecure Access removed the security category, type of attack,\nor threat type.\n","parameters":[{"name":"name","in":"path","required":true,"description":"An IP, domain, or URL.","schema":{"type":"string"},"example":"https://cisco.com"}],"security":[{"oauthFlow":["investigate.investigate:read"]}],"responses":{"200":{"description":"OK","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"array","items":{"type":"object","properties":{"categories":{"type":"array","items":{"type":"string","description":"The security category assigned at this date and time on the domain, IP, or URL. "},"description":"The list of security categories assigned at this date and time on the domain, IP, or URL.\nIf no security categories are assigned, Investigate returns an empty array.","example":["Command and Control","Phishing"]},"attacks":{"type":"array","items":{"type":"string","description":"The security threat assigned at this date and time on the domain, IP, or URL. "},"description":"The list of threats assigned at this date and time on the domain, IP, or URL.\nIf no threats are assigned, Investigate returns an empty array.","example":["Malware"]},"threatTypes":{"type":"array","items":{"type":"string","description":"The type of security threats assigned at this date and time on the domain, IP, or URL. "},"description":"The list of threat types assigned at this date and time on the domain, IP, or URL.\nIf no threat types are tagged, Investigate returns an empty array.","example":["Bot"]},"timestamp":{"type":"integer","format":"int64","description":"The date and time of the tagging of the domain, IP, or URL.\nThe date and time is specified in milliseconds elapsed since the Unix epoch.","example":1615427410000}},"$$ref":"#/components/schemas/TimelineItem"}},"example":[{"categories":["Malware"],"attacks":["Trojan"],"threatTypes":[],"timestamp":1561574807853},{"categories":["8","150"],"attacks":["Trojan"],"threatTypes":[],"timestamp":1559545774604}]}}},"400":{"description":"Bad Request","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","properties":{"message":{"type":"string"}}}}},"$$ref":"#/components/responses/400Error"},"401":{"description":"Unauthorized","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","properties":{"message":{"type":"string"}}}}},"$$ref":"#/components/responses/401Error"},"403":{"description":"Forbidden","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","properties":{"message":{"type":"string"}}}}},"$$ref":"#/components/responses/403Error"},"404":{"description":"Not Found","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","properties":{"message":{"type":"string"}}}}},"$$ref":"#/components/responses/404Error"},"500":{"description":"Internal Server Error","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","properties":{"message":{"type":"string"}}}}},"$$ref":"#/components/responses/500Error"}},"__originalOperationId":"getTimeline","method":"get","path":"/timeline/{name}"}}