README
¶
Rapid7 Go Client
Documentation
¶
Overview ¶
See https://help.rapid7.com/insightvm/en-us/api/integrations.html
Index ¶
- Variables
- type APIError
- type AssetCountQuery
- type Assignee
- type Client
- type CommentAttachment
- type Creator
- type GraphQLClient
- type IDR
- func (idr *IDR) AssetCount(orgID string) (uint64, error)
- func (idr *IDR) AssetSearch(index int32, search ...IDRAssetSearchQuery) (*Rapid7PagedResponse[IDRAsset], error)
- func (idr *IDR) Assets(search ...IDRAssetSearchQuery) ([]*IDRAsset, error)
- func (idr *IDR) Investigation(id string) (investigation *Investigation, err error)
- func (idr *IDR) InvestigationComments(inv *Investigation) (comments *InvestigationComments, err error)
- func (idr *IDR) Investigations(q ...*InvestigationsQuery) ([]*Investigation, error)
- func (idr *IDR) InvestigationsAll(q ...*InvestigationsQuery) ([]*Investigation, error)
- func (idr *IDR) InvestigationsResponse(q ...*InvestigationsQuery) (*InvestigationsResponse, error)
- func (idr *IDR) URL(paths ...string) string
- func (idr *IDR) UpdateInvestigation(id string, update *InvestigationUpdateRequest) (*Investigation, error)
- type IDRAsset
- type IDRAssetQueryParams
- type IDRAssetRequest
- type IDRAssetSearchPageSize
- type IDRAssetSearchQuery
- type IDRAssetSortQuery
- type Investigation
- type InvestigationAssignee
- type InvestigationCommentData
- type InvestigationComments
- type InvestigationDisposition
- type InvestigationPriority
- type InvestigationSource
- type InvestigationStatus
- type InvestigationUpdateRequest
- type InvestigationsQuery
- type InvestigationsResponse
- type Metadata
- type RRN
- type Rapid7PagedResponse
- type Rapid7VMPagedResponse
- type SearchOperator
- type SortDirection
- type SortField
- type VM
- type VMAsset
- type VMAssetSearchPageSize
- type VMAssetSearchQuery
- type VMAssetSearchRequest
- type VMAssetTag
- type VMCredentialAssessment
- type VMLink
- type VMMetadata
- type VMType
- type VMUniqueIdentifier
- type VMVulnerability
- type VMVulnerabilityStatus
Constants ¶
This section is empty.
Variables ¶
View Source
var DefaultAssetCountMax int = 10_000
View Source
var RequestTimeout time.Duration = time.Second * 15
Functions ¶
This section is empty.
Types ¶
type AssetCountQuery ¶ added in v0.0.14
type CommentAttachment ¶ added in v0.0.3
type GraphQLClient ¶ added in v0.0.14
type GraphQLClient struct {
// contains filtered or unexported fields
}
func NewGraphQLClient ¶ added in v0.0.14
func NewGraphQLClient(region, apiKey string) (*GraphQLClient, error)
func (*GraphQLClient) AssetCount ¶ added in v0.0.14
func (gql *GraphQLClient) AssetCount(orgID string) (*AssetCountQuery, error)
type IDR ¶
func (*IDR) AssetSearch ¶ added in v0.0.13
func (idr *IDR) AssetSearch(index int32, search ...IDRAssetSearchQuery) (*Rapid7PagedResponse[IDRAsset], error)
func (*IDR) Assets ¶ added in v0.0.13
func (idr *IDR) Assets(search ...IDRAssetSearchQuery) ([]*IDRAsset, error)
func (*IDR) Investigation ¶
func (idr *IDR) Investigation(id string) (investigation *Investigation, err error)
func (*IDR) InvestigationComments ¶ added in v0.0.3
func (idr *IDR) InvestigationComments(inv *Investigation) (comments *InvestigationComments, err error)
func (*IDR) Investigations ¶
func (idr *IDR) Investigations(q ...*InvestigationsQuery) ([]*Investigation, error)
func (*IDR) InvestigationsAll ¶ added in v0.0.11
func (idr *IDR) InvestigationsAll(q ...*InvestigationsQuery) ([]*Investigation, error)
func (*IDR) InvestigationsResponse ¶ added in v0.0.11
func (idr *IDR) InvestigationsResponse(q ...*InvestigationsQuery) (*InvestigationsResponse, error)
func (*IDR) UpdateInvestigation ¶ added in v0.0.8
func (idr *IDR) UpdateInvestigation(id string, update *InvestigationUpdateRequest) (*Investigation, error)
type IDRAssetQueryParams ¶ added in v0.0.13
type IDRAssetRequest ¶ added in v0.0.13
type IDRAssetRequest struct {
Search []IDRAssetSearchQuery `json:"search"`
Sort []IDRAssetSortQuery `json:"sort,omitempty"`
}
type IDRAssetSearchPageSize ¶ added in v0.0.13
type IDRAssetSearchPageSize int32
var IDR_ASSET_SEARCH_PAGE_SIZE IDRAssetSearchPageSize = 100
func (IDRAssetSearchPageSize) String ¶ added in v0.0.13
func (s IDRAssetSearchPageSize) String() string
type IDRAssetSearchQuery ¶ added in v0.0.13
type IDRAssetSearchQuery struct {
Field string `json:"field"`
Operator SearchOperator `json:"operator"`
Value string `json:"value"`
}
type IDRAssetSortQuery ¶ added in v0.0.13
type IDRAssetSortQuery struct {
Field string `json:"field"`
Order SortDirection `json:"order"`
}
type Investigation ¶
type Investigation struct {
Assignee *Assignee `json:"assignee"`
CreatedTime time.Time `json:"created_time"`
Disposition InvestigationDisposition `json:"disposition"`
FirstAlertTime *time.Time `json:"first_alert_time"`
LastAccessed time.Time `json:"last_accessed"`
LatestAlertTime *time.Time `json:"latest_alert_time"`
OrganizationID string `json:"organization_id"`
Priority InvestigationPriority `json:"priority"`
Responsibility string `json:"responsibility"`
RRN string `json:"rrn"`
Source InvestigationSource `json:"source"`
Status InvestigationStatus `json:"status"`
Tags []string `json:"tags"`
Title string `json:"title"`
}
type InvestigationAssignee ¶ added in v0.0.8
type InvestigationAssignee struct {
Email string `json:"email"`
}
type InvestigationCommentData ¶ added in v0.0.3
type InvestigationComments ¶ added in v0.0.3
type InvestigationComments struct {
Data []InvestigationCommentData `json:"data"`
Metadata Metadata `json:"metadata"`
}
type InvestigationDisposition ¶ added in v0.0.2
type InvestigationDisposition string
BENIGN, MALICIOUS, NOT_APPLICABLE, UNDECIDED
const BENIGN InvestigationDisposition = "BENIGN"
const MALICIOUS InvestigationDisposition = "MALICIOUS"
const NOT_APPLICABLE InvestigationDisposition = "NOT_APPLICABLE"
const UNDECIDED InvestigationDisposition = "UNDECIDED"
func (InvestigationDisposition) String ¶ added in v0.0.6
func (i InvestigationDisposition) String() string
type InvestigationPriority ¶ added in v0.0.2
type InvestigationPriority string
CRITICAL, HIGH, MEDIUM, LOW, UNSPECIFIED
const CRITICAL InvestigationPriority = "CRITICAL"
const HIGH InvestigationPriority = "HIGH"
const LOW InvestigationPriority = "LOW"
const MEDIUM InvestigationPriority = "MEDIUM"
const UNSPECIFIED InvestigationPriority = "UNSPECIFIED"
func (InvestigationPriority) String ¶ added in v0.0.6
func (i InvestigationPriority) String() string
type InvestigationSource ¶ added in v0.0.2
type InvestigationSource string
MANUAL, HUNT, ALERT
const ALERT InvestigationSource = "ALERT"
const HUNT InvestigationSource = "HUNT"
const MANUAL InvestigationSource = "MANUAL"
func (InvestigationSource) String ¶ added in v0.0.6
func (i InvestigationSource) String() string
type InvestigationStatus ¶ added in v0.0.2
type InvestigationStatus string
OPEN, WAITING, INVESTIGATING, CLOSED
const CLOSED InvestigationStatus = "CLOSED"
const INVESTIGATING InvestigationStatus = "INVESTIGATING"
const OPEN InvestigationStatus = "OPEN"
const WAITING InvestigationStatus = "WAITING"
func (InvestigationStatus) String ¶ added in v0.0.6
func (i InvestigationStatus) String() string
type InvestigationUpdateRequest ¶ added in v0.0.8
type InvestigationUpdateRequest struct {
Assignee *InvestigationAssignee `json:"assignee,omitempty"`
Disposition InvestigationDisposition `json:"disposition,omitempty"`
Priority InvestigationPriority `json:"priority,omitempty"`
Status InvestigationStatus `json:"status,omitempty"`
Title string `json:"title,omitempty"`
}
type InvestigationsQuery ¶
type InvestigationsQuery struct {
// A user's email address. Only investigations assigned to that user will be included.
AssigneeEmail string `url:"assignee.email,omitempty"`
// The time an investigation is closed. Only investigations whose created_time is before this
// date will be returned by the API. Must be an ISO-formatted timestamp.
EndTime time.Time `url:"end_time,omitempty"`
// The 0-based index of the first page to retrieve. Must be an integer greater than 0.
//
// Default: 0
Index int32 `url:"index,omitempty"`
// Indicates whether the requester has multi-customer access. If set to true, a user API key
// must be provided. Investigations will be returned from all organizations the calling user
// has access to.
//
// Default: false
MultiCustomer bool `url:"multi-customer,omitempty"`
// A comma-separated list of investigation priorities to include in the result.
Priorities []InvestigationPriority `url:"priorities,omitempty,comma"`
// The maximum number of investigations to retrieve. Must be an integer greater than 0, or less
// than or equal to 100.
//
// Default: 20
Size int32 `url:"size,omitempty"`
// Sort investigations by field and direction, separated by a comma. Sortable fields are
// `created_time`, `priority`, `rrn`, `alerts_most_recent_created_time`, and
// `alerts_most_recent_detection_created_time`.
//
// Default: "priority,DESC"
Sort string `url:"sort,omitempty"`
// A comma-separated list of investigation sources to include in the result.
Sources []string `url:"sources,omitempty,comma"`
// The time an investigation is opened. Only investigations whose created_time is after this
// date will be returned by the API. Must be an ISO-formatted timestamp.
//
// Default: 28 days prior to current time.
StartTime time.Time `url:"start_time,omitempty,comma"`
// A comma-separated list of investigation statuses to include in the result.
Statuses []InvestigationStatus `url:"statuses,omitempty,comma"`
// A comma-separated list of tags to include in the result. Only investigations who have all
// specified tags will be included.
Tags []string `url:"tags,omitempty,comma"`
}
func (*InvestigationsQuery) SortBy ¶ added in v0.0.11
func (q *InvestigationsQuery) SortBy(field SortField, direction SortDirection)
type InvestigationsResponse ¶
type InvestigationsResponse = Rapid7PagedResponse[Investigation]
type Metadata ¶ added in v0.0.3
type Metadata struct {
// The current page, starting from 0. This value will always be provided.
Index int32 `json:"index"`
// The number of data items in the current page. This value will always be provided.
Size int32 `json:"size"`
// The attributes used to sort the complete response. This will be provided if the response is sorted.
Sort string `json:"sort,omitempty"`
// The total number of data items that make up the complete response. This will be provided if possible.
TotalData int64 `json:"total_data,omitempty"`
// The total number of pages that make up the complete response. This will be provided if possible.
TotalPages int32 `json:"total_pages,omitempty"`
}
type Rapid7PagedResponse ¶ added in v0.0.2
type Rapid7VMPagedResponse ¶ added in v0.0.14
type Rapid7VMPagedResponse[T any] struct { Data []T `json:"data"` Links []VMLink `json:"links"` Metadata *VMMetadata `json:"metadata"` }
type SearchOperator ¶ added in v0.0.13
type SearchOperator string
EQUALS, CONTAINS, IN
const CONTAINS SearchOperator = "CONTAINS"
const EQUALS SearchOperator = "EQUALS"
const IN SearchOperator = "IN"
func (SearchOperator) String ¶ added in v0.0.13
func (s SearchOperator) String() string
type SortDirection ¶ added in v0.0.11
type SortDirection string
ASC, DESC
const SORT_ASCENDING SortDirection = "ASC"
const SORT_DESCENDING SortDirection = "DESC"
func (SortDirection) String ¶ added in v0.0.11
func (s SortDirection) String() string
type SortField ¶ added in v0.0.11
type SortField string
`created_time`, `priority`, `rrn`, `alerts_most_recent_created_time`, or `alerts_most_recent_detection_created_time`.
const SORT_CREATED_TIME SortField = "created_time"
const SORT_MOST_RECENT_CREATED_TIME SortField = "alerts_most_recent_created_time"
const SORT_MOST_RECENT_DETECTION_TIME SortField = "alerts_most_recent_detection_created_time"
const SORT_PRIORITY SortField = "priority"
const SORT_RRN SortField = "rrn"
type VM ¶ added in v0.0.13
func (*VM) AssetCount ¶ added in v0.0.14
func (*VM) AssetSearch ¶ added in v0.0.13
func (vm *VM) AssetSearch(search ...VMAssetSearchQuery) (*Rapid7VMPagedResponse[VMAsset], error)
type VMAsset ¶ added in v0.0.13
type VMAsset struct {
AssessedForPolicies bool `json:"assessed_for_policies"`
AssessedForVulnerabilities bool `json:"assessed_for_vulnerabilities"`
CredentialAssessments []VMCredentialAssessment `json:"credential_assessments"`
CriticalVulnerabilities int32 `json:"critical_vulnerabilities"`
Exploits int32 `json:"exploits"`
HostName string `json:"host_name"`
ID string `json:"id"`
IP string `json:"ip"`
LastAssessedForVulnerabilities time.Time `json:"last_assessed_for_vulnerabilities"`
LastScanEnd time.Time `json:"last_scan_end"`
LastScanStart time.Time `json:"last_scan_start"`
MAC string `json:"mac"`
MalwareKits int32 `json:"malware_kits"`
ModerateVulnerabilities int32 `json:"moderate_vulnerabilities"`
New []VMVulnerability `json:"new"`
OSArchitecture string `json:"os_architecture"`
OSDescription string `json:"os_description"`
OSFamily string `json:"os_family"`
OSName string `json:"os_name"`
OSSystemName string `json:"os_system_name"`
OSType string `json:"os_type"`
OSVendor string `json:"os_vendor"`
OSVersion string `json:"os_version"`
Remediated []VMVulnerability `json:"remediated"`
RiskScore float32 `json:"risk_score"`
Same []VMVulnerability `json:"same"`
SevereVulnerabilities int32 `json:"severe_vulnerabilities"`
Tags []VMAssetTag `json:"tags"`
TotalVulnerabilities int32 `json:"total_vulnerabilities"`
Type VMType `json:"type"`
UniqueIdentifiers []VMUniqueIdentifier `json:"unique_identifiers"`
}
type VMAssetSearchPageSize ¶ added in v0.0.13
type VMAssetSearchPageSize int
var VM_ASSET_SEARCH_PAGE_SIZE VMAssetSearchPageSize = 100
func (VMAssetSearchPageSize) String ¶ added in v0.0.13
func (s VMAssetSearchPageSize) String() string
type VMAssetSearchQuery ¶ added in v0.0.13
type VMAssetSearchQuery struct {
Cursor string `json:"cursor,omitempty"`
CurrentTime time.Time `json:"currentTime,omitempty"`
ComparisonTime time.Time `json:"comparisonTime,omitempty"`
IncludeSame bool `json:"includeSame,omitempty"`
IncludeUniqueIdentifiers bool `json:"includeUniqueIdentifiers,omitempty"`
Page int `json:"page,omitempty"`
Size int `json:"size,omitempty"`
Sort SortDirection `json:"sort,omitempty"`
}
func (VMAssetSearchQuery) Map ¶ added in v0.0.13
func (q VMAssetSearchQuery) Map() map[string]string
type VMAssetSearchRequest ¶ added in v0.0.13
type VMAssetTag ¶ added in v0.0.13
type VMCredentialAssessment ¶ added in v0.0.13
type VMMetadata ¶ added in v0.0.14
type VMMetadata struct {
// The index (zero-based) of the current page returned.
Number int64 `json:"number"`
// The maximum size of the page returned.
Size int64 `json:"size"`
// The stateless cursor associated with the series of page requests being made.
Cursor string `json:"cursor"`
// The total number of resources available across all pages.
TotalResources int64 `json:"totalResources"`
// The total number of pages available.
TotalPages int64 `json:"totalPages"`
}
type VMUniqueIdentifier ¶ added in v0.0.13
type VMVulnerability ¶ added in v0.0.13
type VMVulnerability struct {
CheckID string `json:"check_id"`
FirstFound time.Time `json:"first_found"`
Key string `json:"key"`
LastFound time.Time `json:"last_found"`
NIC string `json:"nic"`
Port int32 `json:"port"`
Proof string `json:"proof"`
Protocol string `json:"protocol"`
SolutionFix string `json:"solution_fix"`
SolutionID string `json:"solution_id"`
SolutionSummary string `json:"solution_summary"`
SolutionType string `json:"solution_type"`
Status VMVulnerabilityStatus `json:"status"`
VulnerabilityID string `json:"vulnerability_id"`
}
type VMVulnerabilityStatus ¶ added in v0.0.13
type VMVulnerabilityStatus string
const ( VMExceptionVulnExpl VMVulnerabilityStatus = "EXCEPTION_VULN_EXPL" VMUnexpectedErr VMVulnerabilityStatus = "UNEXPECTED_ERR" VMNotVulnDontStore VMVulnerabilityStatus = "NOT_VULN_DONT_STORE" VMSuperseded VMVulnerabilityStatus = "SUPERSEDED" VMExceptionVulnPotl VMVulnerabilityStatus = "EXCEPTION_VULN_POTL" VMVulnerableExpl VMVulnerabilityStatus = "VULNERABLE_EXPL" VMOverriddenVulnVers VMVulnerabilityStatus = "OVERRIDDEN_VULN_VERS" VMSkippedDisabled VMVulnerabilityStatus = "SKIPPED_DISABLED" VMVulnerableVers VMVulnerabilityStatus = "VULNERABLE_VERS" VMVulnerablePotential VMVulnerabilityStatus = "VULNERABLE_POTENTIAL" VMSkippedVers VMVulnerabilityStatus = "SKIPPED_VERS" VMExceptionVulnVers VMVulnerabilityStatus = "EXCEPTION_VULN_VERS" VMNotVulnerable VMVulnerabilityStatus = "NOT_VULNERABLE" VMUnknownStatus VMVulnerabilityStatus = "UNKNOWN" VMSkippedDOS VMVulnerabilityStatus = "SKIPPED_DOS" )
func (VMVulnerabilityStatus) String ¶ added in v0.0.13
func (v VMVulnerabilityStatus) String() string
Source Files
¶
Click to show internal directories.
Click to hide internal directories.