worldmonitor/docs/api/CyberService.openapi.json at main · gavinlovespython/worldmonitor · GitHub

1
{"components":{"schemas":{"CyberThreat":{"description":"CyberThreat represents a cyber threat indicator aggregated from multiple sources.\n Sources include Feodo Tracker, URLhaus, OTX, AbuseIPDB, and C2Intel.","properties":{"country":{"description":"Country of origin (ISO 3166-1 alpha-2).","type":"string"},"firstSeenAt":{"description":"First seen time, as Unix epoch milliseconds.. Warning: Values \u003e 2^53 may lose precision in JavaScript","format":"int64","type":"integer"},"id":{"description":"Unique threat identifier.","minLength":1,"type":"string"},"indicator":{"description":"Threat indicator value (IP, domain, or URL).","type":"string"},"indicatorType":{"description":"CyberThreatIndicatorType represents the type of threat indicator.\n Maps to TS union: 'ip' | 'domain' | 'url'.","enum":["CYBER_THREAT_INDICATOR_TYPE_UNSPECIFIED","CYBER_THREAT_INDICATOR_TYPE_IP","CYBER_THREAT_INDICATOR_TYPE_DOMAIN","CYBER_THREAT_INDICATOR_TYPE_URL"],"type":"string"},"lastSeenAt":{"description":"Last seen time, as Unix epoch milliseconds.. Warning: Values \u003e 2^53 may lose precision in JavaScript","format":"int64","type":"integer"},"location":{"$ref":"#/components/schemas/GeoCoordinates"},"malwareFamily":{"description":"Associated malware family, if known.","type":"string"},"severity":{"description":"CriticalityLevel represents a four-tier criticality classification for cyber and risk domains.\n Maps to existing TS union: 'low' | 'medium' | 'high' | 'critical'.","enum":["CRITICALITY_LEVEL_UNSPECIFIED","CRITICALITY_LEVEL_LOW","CRITICALITY_LEVEL_MEDIUM","CRITICALITY_LEVEL_HIGH","CRITICALITY_LEVEL_CRITICAL"],"type":"string"},"source":{"description":"CyberThreatSource represents the intelligence source of a cyber threat.\n Maps to TS union: 'feodo' | 'urlhaus' | 'c2intel' | 'otx' | 'abuseipdb'.","enum":["CYBER_THREAT_SOURCE_UNSPECIFIED","CYBER_THREAT_SOURCE_FEODO","CYBER_THREAT_SOURCE_URLHAUS","CYBER_THREAT_SOURCE_C2INTEL","CYBER_THREAT_SOURCE_OTX","CYBER_THREAT_SOURCE_ABUSEIPDB"],"type":"string"},"tags":{"items":{"description":"Descriptive tags.","type":"string"},"type":"array"},"type":{"description":"CyberThreatType represents the classification of a cyber threat.\n Maps to TS union: 'c2_server' | 'malware_host' | 'phishing' | 'malicious_url'.","enum":["CYBER_THREAT_TYPE_UNSPECIFIED","CYBER_THREAT_TYPE_C2_SERVER","CYBER_THREAT_TYPE_MALWARE_HOST","CYBER_THREAT_TYPE_PHISHING","CYBER_THREAT_TYPE_MALICIOUS_URL"],"type":"string"}},"required":["id"],"type":"object"},"Error":{"description":"Error is returned when a handler encounters an error. It contains a simple error message that the developer can customize.","properties":{"message":{"description":"Error message (e.g., 'user not found', 'database connection failed')","type":"string"}},"type":"object"},"FieldViolation":{"description":"FieldViolation describes a single validation error for a specific field.","properties":{"description":{"description":"Human-readable description of the validation violation (e.g., 'must be a valid email address', 'required field missing')","type":"string"},"field":{"description":"The field path that failed validation (e.g., 'user.email' for nested fields). For header validation, this will be the header name (e.g., 'X-API-Key')","type":"string"}},"required":["field","description"],"type":"object"},"GeoCoordinates":{"description":"GeoCoordinates represents a geographic location using WGS84 coordinates.","properties":{"latitude":{"description":"Latitude in decimal degrees (-90 to 90).","format":"double","maximum":90,"minimum":-90,"type":"number"},"longitude":{"description":"Longitude in decimal degrees (-180 to 180).","format":"double","maximum":180,"minimum":-180,"type":"number"}},"type":"object"},"ListCyberThreatsRequest":{"description":"ListCyberThreatsRequest specifies filters for retrieving cyber threat indicators.","properties":{"cursor":{"description":"Cursor for next page.","type":"string"},"end":{"description":"End of time range (inclusive), Unix epoch milliseconds.. Warning: Values \u003e 2^53 may lose precision in JavaScript","format":"int64","type":"integer"},"minSeverity":{"description":"CriticalityLevel represents a four-tier criticality classification for cyber and risk domains.\n Maps to existing TS union: 'low' | 'medium' | 'high' | 'critical'.","enum":["CRITICALITY_LEVEL_UNSPECIFIED","CRITICALITY_LEVEL_LOW","CRITICALITY_LEVEL_MEDIUM","CRITICALITY_LEVEL_HIGH","CRITICALITY_LEVEL_CRITICAL"],"type":"string"},"pageSize":{"description":"Maximum items per page (1-100).","format":"int32","type":"integer"},"source":{"description":"CyberThreatSource represents the intelligence source of a cyber threat.\n Maps to TS union: 'feodo' | 'urlhaus' | 'c2intel' | 'otx' | 'abuseipdb'.","enum":["CYBER_THREAT_SOURCE_UNSPECIFIED","CYBER_THREAT_SOURCE_FEODO","CYBER_THREAT_SOURCE_URLHAUS","CYBER_THREAT_SOURCE_C2INTEL","CYBER_THREAT_SOURCE_OTX","CYBER_THREAT_SOURCE_ABUSEIPDB"],"type":"string"},"start":{"description":"Start of time range (inclusive), Unix epoch milliseconds.. Warning: Values \u003e 2^53 may lose precision in JavaScript","format":"int64","type":"integer"},"type":{"description":"CyberThreatType represents the classification of a cyber threat.\n Maps to TS union: 'c2_server' | 'malware_host' | 'phishing' | 'malicious_url'.","enum":["CYBER_THREAT_TYPE_UNSPECIFIED","CYBER_THREAT_TYPE_C2_SERVER","CYBER_THREAT_TYPE_MALWARE_HOST","CYBER_THREAT_TYPE_PHISHING","CYBER_THREAT_TYPE_MALICIOUS_URL"],"type":"string"}},"type":"object"},"ListCyberThreatsResponse":{"description":"ListCyberThreatsResponse contains cyber threats matching the request.","properties":{"pagination":{"$ref":"#/components/schemas/PaginationResponse"},"threats":{"items":{"$ref":"#/components/schemas/CyberThreat"},"type":"array"}},"type":"object"},"PaginationResponse":{"description":"PaginationResponse contains pagination metadata returned alongside list results.","properties":{"nextCursor":{"description":"Cursor for fetching the next page. Empty string indicates no more pages.","type":"string"},"totalCount":{"description":"Total count of items matching the query, if known. Zero if the total is unknown.","format":"int32","type":"integer"}},"type":"object"},"ValidationError":{"description":"ValidationError is returned when request validation fails. It contains a list of field violations describing what went wrong.","properties":{"violations":{"description":"List of validation violations","items":{"$ref":"#/components/schemas/FieldViolation"},"type":"array"}},"required":["violations"],"type":"object"}}},"info":{"title":"CyberService API","version":"1.0.0"},"openapi":"3.1.0","paths":{"/api/cyber/v1/list-cyber-threats":{"get":{"description":"ListCyberThreats retrieves threat indicators from multiple intelligence sources.","operationId":"ListCyberThreats","parameters":[{"description":"Start of time range (inclusive), Unix epoch milliseconds.","in":"query","name":"start","required":false,"schema":{"format":"int64","type":"string"}},{"description":"End of time range (inclusive), Unix epoch milliseconds.","in":"query","name":"end","required":false,"schema":{"format":"int64","type":"string"}},{"description":"Maximum items per page (1-100).","in":"query","name":"page_size","required":false,"schema":{"format":"int32","type":"integer"}},{"description":"Cursor for next page.","in":"query","name":"cursor","required":false,"schema":{"type":"string"}},{"description":"Optional threat type filter.","in":"query","name":"type","required":false,"schema":{"type":"string"}},{"description":"Optional source filter.","in":"query","name":"source","required":false,"schema":{"type":"string"}},{"description":"Optional minimum criticality filter.","in":"query","name":"min_severity","required":false,"schema":{"type":"string"}}],"responses":{"200":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ListCyberThreatsResponse"}}},"description":"Successful response"},"400":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ValidationError"}}},"description":"Validation error"},"default":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/Error"}}},"description":"Error response"}},"summary":"ListCyberThreats","tags":["CyberService"]}}}}