From b06a88af6172c2bb4a61683264e49efad9a21fa6 Mon Sep 17 00:00:00 2001 From: Paul Tavares Date: Thu, 22 Feb 2024 15:41:23 -0500 Subject: [PATCH] update to list actions api --- .../management/api/_common-reusable-content.asciidoc | 7 +++++++ .../_response-actions-api-reusable-content.asciidoc | 9 ++------- docs/management/api/list-actions-api.asciidoc | 12 ++++++++++++ 3 files changed, 21 insertions(+), 7 deletions(-) create mode 100644 docs/management/api/_common-reusable-content.asciidoc diff --git a/docs/management/api/_common-reusable-content.asciidoc b/docs/management/api/_common-reusable-content.asciidoc new file mode 100644 index 0000000000..93fa7a26e5 --- /dev/null +++ b/docs/management/api/_common-reusable-content.asciidoc @@ -0,0 +1,7 @@ + +// tag::agent-type-accepted-values[] +Accepted values are: + +* `endpoint` (default) +* `sentinel_one` (currently in Technical Preview) +// end::agent-type-accepted-values[] diff --git a/docs/management/api/_response-actions-api-reusable-content.asciidoc b/docs/management/api/_response-actions-api-reusable-content.asciidoc index 7e7eeab1cb..d258c45531 100644 --- a/docs/management/api/_response-actions-api-reusable-content.asciidoc +++ b/docs/management/api/_response-actions-api-reusable-content.asciidoc @@ -7,13 +7,8 @@ |`endpoint_ids` |Array (String) |The IDs of endpoints where you want to issue this action. |Yes -|`agent_type` |String a| - -The type of Agent that the host is running with. Accepted values are: - -* `endpoint` (default) -* `sentinel_one` (currently in Technical Preview) - +|`agent_type` |String a|The type of Agent that the host is running with. +include::_common-reusable-content.asciidoc[tags=agent-type-accepted-values] |No |`alert_ids` |Array (String) |If this action is associated with any alerts, they can be specified here. The action will be logged in any cases associated with the specified alerts. |No |`case_ids` |Array (String) |The IDs of cases where the action taken will be logged. |No diff --git a/docs/management/api/list-actions-api.asciidoc b/docs/management/api/list-actions-api.asciidoc index d6d04539ef..5d452dfa21 100644 --- a/docs/management/api/list-actions-api.asciidoc +++ b/docs/management/api/list-actions-api.asciidoc @@ -36,7 +36,15 @@ Accepted values are: |`userIds` |string[] |A list of user IDs. | |`startDate` |string |A start date in ISO format or {ref}/common-options.html#date-math[Date Math format]. | |`endDate` |string |An end date in ISO format or {ref}/common-options.html#date-math[Date Math format]. | +|`agentTypes`|string or string[] a|List of agent types to retrieve. +include::_common-reusable-content.asciidoc[tags=agent-type-accepted-values] +| +|`withOutputs` |string or string[] |A list of action IDs that should include the complete output of the action. +| +|types |string or string[] a|A list of action types. Valid values are: +* `automated` - actions that were triggered from Rules +* `manual` - actions that were triggered manually via API | |============================================== @@ -85,6 +93,7 @@ GET /api/endpoint/action?agentIds=a123&agentIds=b456&commands=isolate&commands=k "afdc366c-e2e0-4cdb-ae1d-94575bd2d8e0" ], "command": "running-processes", + "agentType": "endpoint", "startedAt": "2022-08-08T15:24:57.402Z", "isCompleted": true, "completedAt": "2022-08-08T09:50:47.672Z", @@ -98,6 +107,7 @@ GET /api/endpoint/action?agentIds=a123&agentIds=b456&commands=isolate&commands=k "afdc366c-e2e0-4cdb-ae1d-94575bd2d8e0" ], "command": "isolate", + "agentType": "endpoint", "startedAt": "2022-08-08T15:23:37.359Z", "isCompleted": true, "completedAt": "2022-08-08T10:41:57.352Z", @@ -111,6 +121,7 @@ GET /api/endpoint/action?agentIds=a123&agentIds=b456&commands=isolate&commands=k "afdc366c-e2e0-4cdb-ae1d-94575bd2d8e0" ], "command": "kill-process", + "agentType": "endpoint", "startedAt": "2022-08-08T14:38:44.125Z", "isCompleted": true, "completedAt": "2022-08-08T09:44:50.952Z", @@ -125,6 +136,7 @@ GET /api/endpoint/action?agentIds=a123&agentIds=b456&commands=isolate&commands=k "afdc366c-e2e0-4cdb-ae1d-94575bd2d8e0" ], "command": "unisolate", + "agentType": "endpoint", "startedAt": "2022-08-08T14:38:15.391Z", "isCompleted": true, "completedAt": "2022-08-08T09:40:47.398Z",