-
Notifications
You must be signed in to change notification settings - Fork 1
/
reports.go
169 lines (125 loc) · 4.01 KB
/
reports.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
package trustar
import (
"bytes"
"encoding/json"
"fmt"
"io/ioutil"
"net/http"
"net/url"
"strings"
)
// Reference: https://docs.trustar.co/api/v13/reports/index.html
// GetReports Returns a page of incident reports matching the specified filters. All parameters are optional: if nothing is specified, the latest 25 reports accessible by the user will be returned.
//
// Endpoint: GET /1.3/reports
func (c *Client) GetReports(v url.Values) (ReportResponse, error) {
var rr ReportResponse
url := fmt.Sprintf("%s%s", c.APIBase, fmt.Sprintf("reports?%s", v.Encode()))
req, err := http.NewRequest("GET", url, nil)
if err != nil {
return rr, err
}
if err = c.SendWithAuth(req, &rr); err != nil {
return rr, err
}
return rr, nil
}
// GetReportIndicators Returns a paginated list of all indicators contained in a specified report.
//
// Endpoint: GET /1.3/reports/{id}/indicators
func (c *Client) GetReportIndicators(id string, v url.Values) (ReportIndicatorsResponse, error) {
var rir ReportIndicatorsResponse
url := fmt.Sprintf("%s%s", c.APIBase, fmt.Sprintf("reports/%s/indicators?%s", id, v.Encode()))
req, err := http.NewRequest("GET", url, nil)
if err != nil {
return rir, err
}
if err = c.SendWithAuth(req, &rir); err != nil {
return rir, err
}
return rir, nil
}
// FindCorrelatedReports Returns a paginated list of all reports that contain any of the provided indicator values.
//
// Endpoint: GET /1.3/reports/correlated
func (c *Client) FindCorrelatedReports(v url.Values) (CorrelatedReportResponse, error) {
var crr CorrelatedReportResponse
url := fmt.Sprintf("%s%s", c.APIBase, fmt.Sprintf("reports/correlated?%s", v.Encode()))
req, err := http.NewRequest("GET", url, nil)
if err != nil {
return crr, err
}
if err = c.SendWithAuth(req, &crr); err != nil {
return crr, err
}
return crr, nil
}
// SubmitReport Submit a new incident report, and receive the ID it has been assigned in TruSTAR’s system.
//
// Endpoint: POST /1.3/reports
func (c *Client) SubmitReport(report ReportSubmission) (string, error) {
var guid strings.Builder
i, _ := json.Marshal(report)
url := fmt.Sprintf("%s%s", c.APIBase, "reports")
req, err := http.NewRequest("POST", url, bytes.NewReader(i))
if err != nil {
return "", err
}
if err = c.SendWithAuth(req, &guid); err != nil {
return "", err
}
return guid.String(), nil
}
// UpdateReport Update the report with the specified Trustar report ID.
//
// Endpoint: PUT /1.3/reports/{ID}
func (c *Client) UpdateReport(id string, report ReportSubmission) error {
i, _ := json.Marshal(report)
url := fmt.Sprintf("%s%s", c.APIBase, fmt.Sprintf("reports/%s", id))
req, err := http.NewRequest("PUT", url, bytes.NewReader(i))
if err != nil {
return err
}
return c.SendWithAuth(req, ioutil.Discard)
}
// GetReportDetails Gets the details for a report for the specified Trustar report id
//
// Endpoint: GET /1.3/reports/{ID}
func (c *Client) GetReportDetails(id string) (ReportDetails, error) {
var rd ReportDetails
url := fmt.Sprintf("%s%s", c.APIBase, fmt.Sprintf("reports/%s", id))
req, err := http.NewRequest("GET", url, nil)
if err != nil {
return rd, err
}
if err = c.SendWithAuth(req, &rd); err != nil {
return rd, err
}
return rd, nil
}
// DeleteReport Delete a report with the specified Trustar report ID.
//
// Endpoint: DELETE /1.3/reports/{ID}
func (c *Client) DeleteReport(id string) error {
url := fmt.Sprintf("%s%s", c.APIBase, fmt.Sprintf("reports/%s", id))
req, err := http.NewRequest("DELETE", url, nil)
if err != nil {
return err
}
return c.SendWithAuth(req, ioutil.Discard)
}
// SearchReports Searches for all reports that contain the given search term.
//
// Endpoint: GET /1.3/reports/search
func (c *Client) SearchReports(v url.Values) (ReportResponse, error) {
var rr ReportResponse
url := fmt.Sprintf("%s%s", c.APIBase, fmt.Sprintf("reports/search?%s", v.Encode()))
req, err := http.NewRequest("GET", url, nil)
if err != nil {
return rr, err
}
if err = c.SendWithAuth(req, &rr); err != nil {
return rr, err
}
return rr, nil
}