sysdiglabs
diff --git a/‎.gitignore
+8-10 b/‎.gitignore
+8-10
diff --git a/‎.openapi-generator-ignore
+23 b/‎.openapi-generator-ignore
+23
diff --git a/‎.openapi-generator/FILES
+144 b/‎.openapi-generator/FILES
+144
diff --git a/‎.openapi-generator/VERSION
+1 b/‎.openapi-generator/VERSION
+1
diff --git a/‎README.md
+1 b/‎README.md
+1
diff --git a/‎docs/reference/Action.md
+35 b/‎docs/reference/Action.md
+35
diff --git a/‎docs/reference/ActionType.md
+23 b/‎docs/reference/ActionType.md
+23
diff --git a/‎docs/reference/AgentlessMlRuntimeDetectionContent.md
+36 b/‎docs/reference/AgentlessMlRuntimeDetectionContent.md
+36
diff --git a/‎docs/reference/AgentlessMlRuntimeDetectionContentAllOfFields.md
+28 b/‎docs/reference/AgentlessMlRuntimeDetectionContentAllOfFields.md
+28
diff --git a/‎docs/reference/AgentlessRuntimeDetectionContent.md
+41 b/‎docs/reference/AgentlessRuntimeDetectionContent.md
+41
@@ -1,6 +1,7 @@
 # Byte-compiled / optimized / DLL files
 __pycache__/
 *.py[cod]
+*$py.class
 
 # C extensions
 *.so
@@ -42,6 +43,11 @@ htmlcov/
 nosetests.xml
 coverage.xml
 *,cover
+.hypothesis/
+venv/
+.venv/
+.python-version
+.pytest_cache
 
 # Translations
 *.mo
@@ -56,13 +62,5 @@ docs/_build/
 # PyBuilder
 target/
 
-# virtualenv
-venv/
-
-# Direnv
-.envrc
-
-# IntelliJ projects
-.idea/
-
-coverage/
+#Ipython Notebook
+.ipynb_checkpoints
@@ -0,0 +1,23 @@
+# OpenAPI Generator Ignore
+# Generated by openapi-generator https://github.com/openapitools/openapi-generator
+
+# Use this file to prevent files from being overwritten by the generator.
+# The patterns follow closely to .gitignore or .dockerignore.
+
+# As an example, the C# client generator defines ApiClient.cs.
+# You can make changes and tell OpenAPI Generator to ignore just this file by uncommenting the following line:
+#ApiClient.cs
+
+# You can match any string of characters against a directory, file or extension with a single asterisk (*):
+#foo/*/qux
+# The above matches foo/bar/qux and foo/baz/qux, but not foo/bar/baz/qux
+
+# You can recursively match patterns against a directory, file or extension with a double asterisk (**):
+#foo/**/qux
+# This matches foo/bar/qux, foo/baz/qux, and foo/bar/baz/qux
+
+# You can also negate patterns with an exclamation (!).
+# For example, you can ignore all files in a docs folder with the file extension .md:
+#docs/*.md
+# Then explicitly reverse the ignore rule for a single file:
+#!docs/README.md
@@ -0,0 +1,144 @@
+.github/workflows/python.yml
+.gitignore
+.gitlab-ci.yml
+.travis.yml
+README.md
+docs/Action.md
+docs/ActionType.md
+docs/AgentlessMlRuntimeDetectionContent.md
+docs/AgentlessMlRuntimeDetectionContentAllOfFields.md
+docs/AgentlessRuntimeDetectionContent.md
+docs/AgentlessRuntimeDetectionContentAllOfFields.md
+docs/BaseAction.md
+docs/BaseContent.md
+docs/CaptureAction.md
+docs/Category.md
+docs/ContainerKilledAction.md
+docs/ContainerPausedAction.md
+docs/ContainerStoppedAction.md
+docs/DriftPreventedAction.md
+docs/Error.md
+docs/Event.md
+docs/EventContent.md
+docs/EventContentType.md
+docs/EventsFeedPage.md
+docs/K8sAdmissionReviewContent.md
+docs/K8sAdmissionReviewContentAllOfScanResult.md
+docs/ListEventsResponse.md
+docs/MalwarePreventedAction.md
+docs/Operand.md
+docs/Originator.md
+docs/PolicyOrigin.md
+docs/ProcessKilledAction.md
+docs/SecureEventsApi.md
+docs/SequenceInner.md
+docs/Source.md
+docs/SourceDetails.md
+docs/StatefulDetectionsContent.md
+docs/StatefulDetectionsContentAllOfFields.md
+docs/StatsInner.md
+docs/SupportedFilter.md
+docs/SupportedFilterType.md
+docs/SupportedFiltersResponse.md
+docs/WorkloadMlRuntimeDetectionContent.md
+docs/WorkloadRuntimeDetectionContent.md
+docs/WorkloadRuntimeDetectionContentAllOfFields.md
+docs/Zone.md
+git_push.sh
+pyproject.toml
+requirements.txt
+setup.cfg
+setup.py
+sysdig_client/__init__.py
+sysdig_client/api/__init__.py
+sysdig_client/api/secure_events_api.py
+sysdig_client/api_client.py
+sysdig_client/api_response.py
+sysdig_client/configuration.py
+sysdig_client/exceptions.py
+sysdig_client/models/__init__.py
+sysdig_client/models/action.py
+sysdig_client/models/action_type.py
+sysdig_client/models/agentless_ml_runtime_detection_content.py
+sysdig_client/models/agentless_ml_runtime_detection_content_all_of_fields.py
+sysdig_client/models/agentless_runtime_detection_content.py
+sysdig_client/models/agentless_runtime_detection_content_all_of_fields.py
+sysdig_client/models/base_action.py
+sysdig_client/models/base_content.py
+sysdig_client/models/capture_action.py
+sysdig_client/models/category.py
+sysdig_client/models/container_killed_action.py
+sysdig_client/models/container_paused_action.py
+sysdig_client/models/container_stopped_action.py
+sysdig_client/models/drift_prevented_action.py
+sysdig_client/models/error.py
+sysdig_client/models/event.py
+sysdig_client/models/event_content.py
+sysdig_client/models/event_content_type.py
+sysdig_client/models/events_feed_page.py
+sysdig_client/models/k8s_admission_review_content.py
+sysdig_client/models/k8s_admission_review_content_all_of_scan_result.py
+sysdig_client/models/list_events_response.py
+sysdig_client/models/malware_prevented_action.py
+sysdig_client/models/operand.py
+sysdig_client/models/originator.py
+sysdig_client/models/policy_origin.py
+sysdig_client/models/process_killed_action.py
+sysdig_client/models/sequence_inner.py
+sysdig_client/models/source.py
+sysdig_client/models/source_details.py
+sysdig_client/models/stateful_detections_content.py
+sysdig_client/models/stateful_detections_content_all_of_fields.py
+sysdig_client/models/stats_inner.py
+sysdig_client/models/supported_filter.py
+sysdig_client/models/supported_filter_type.py
+sysdig_client/models/supported_filters_response.py
+sysdig_client/models/workload_ml_runtime_detection_content.py
+sysdig_client/models/workload_runtime_detection_content.py
+sysdig_client/models/workload_runtime_detection_content_all_of_fields.py
+sysdig_client/models/zone.py
+sysdig_client/py.typed
+sysdig_client/rest.py
+test-requirements.txt
+test/__init__.py
+test/test_action.py
+test/test_action_type.py
+test/test_agentless_ml_runtime_detection_content.py
+test/test_agentless_ml_runtime_detection_content_all_of_fields.py
+test/test_agentless_runtime_detection_content.py
+test/test_agentless_runtime_detection_content_all_of_fields.py
+test/test_base_action.py
+test/test_base_content.py
+test/test_capture_action.py
+test/test_category.py
+test/test_container_killed_action.py
+test/test_container_paused_action.py
+test/test_container_stopped_action.py
+test/test_drift_prevented_action.py
+test/test_event.py
+test/test_event_content.py
+test/test_event_content_type.py
+test/test_events_feed_page.py
+test/test_k8s_admission_review_content.py
+test/test_k8s_admission_review_content_all_of_scan_result.py
+test/test_list_events_response.py
+test/test_malware_prevented_action.py
+test/test_operand.py
+test/test_originator.py
+test/test_policy_origin.py
+test/test_process_killed_action.py
+test/test_secure_events_api.py
+test/test_sequence_inner.py
+test/test_source.py
+test/test_source_details.py
+test/test_stateful_detections_content.py
+test/test_stateful_detections_content_all_of_fields.py
+test/test_stats_inner.py
+test/test_supported_filter.py
+test/test_supported_filter_type.py
+test/test_supported_filters_response.py
+test/test_workload_ml_runtime_detection_content.py
+test/test_workload_runtime_detection_content.py
+test/test_workload_runtime_detection_content_all_of_fields.py
+test/test_zone.py
+tox.ini
@@ -0,0 +1 @@
+7.9.0
@@ -15,6 +15,7 @@ Installation
 ------------
 #### Automatic with PyPI
     pip install sdcclient
+    # pip install ../path/to/this/repo
 
 #### Manual (development only)
 
 
@@ -0,0 +1,35 @@
+# Action
+
+Action performed when the event happened.
+
+## Properties
+
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**type** | [**ActionType**](ActionType.md) |  | 
+**is_successful** | **bool** | Whether or not the action was completed successfully. | [optional] 
+**err_msg** | **str** | When &#x60;isSuccessful&#x60; is &#x60;false&#x60;, details on why the action failed.  | [optional] 
+**token** | **str** | Token to retrieve the related capture. | [optional] 
+**after_event_ns** | **int** | Amount of nanoseconds after the event the Capture spans.  | [optional] 
+**before_event_ns** | **int** | Amount of nanoseconds before the event the Capture spans.  | [optional] 
+
+## Example
+
+```python
+from sysdig_client.models.action import Action
+
+# TODO update the JSON string below
+json = "{}"
+# create an instance of Action from a JSON string
+action_instance = Action.from_json(json)
+# print the JSON string representation of the object
+print(Action.to_json())
+
+# convert the object into a dict
+action_dict = action_instance.to_dict()
+# create an instance of Action from a dict
+action_from_dict = Action.from_dict(action_dict)
+```
+[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md)
+
+
@@ -0,0 +1,23 @@
+# ActionType
+
+Action type.
+
+## Enum
+
+* `CAPTURE` (value: `'capture'`)
+
+* `CONTAINER_KILLED` (value: `'container_killed'`)
+
+* `CONTAINER_PAUSED` (value: `'container_paused'`)
+
+* `CONTAINER_STOPPED` (value: `'container_stopped'`)
+
+* `DRIFT_PREVENTED` (value: `'drift_prevented'`)
+
+* `MALWARE_PREVENTED` (value: `'malware_prevented'`)
+
+* `PROCESS_KILLED` (value: `'process_killed'`)
+
+[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md)
+
+
@@ -0,0 +1,36 @@
+# AgentlessMlRuntimeDetectionContent
+
+Agentless ML event content
+
+## Properties
+
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**type** | [**EventContentType**](EventContentType.md) |  | 
+**policy_id** | **int** | ID of the policy that generated the event | [optional] 
+**policy_origin** | [**PolicyOrigin**](PolicyOrigin.md) |  | 
+**policy_notification_channel_ids** | **List[int]** | The list of notification channels where an alert is sent after event is generated. Doesn&#39;t account for aggregations and eventual thresholds.  | [optional] 
+**rule_name** | **str** | Name of the rule the event is generated after | 
+**rule_type** | **int** | Rule type: - 1 - List matching - process - 2 - List matching - container - 3 - List matching - file - 4 - List matching - network - 5 - List matching - syscall - 6 - Falco - 7 - Drift detection - 8 - Malware detection - 11 - ML - Cryptominer detection - 13 - ML - AWS anomalous login - 14 - ML - Okta anomalous login  | 
+**fields** | [**AgentlessMlRuntimeDetectionContentAllOfFields**](AgentlessMlRuntimeDetectionContentAllOfFields.md) |  | 
+
+## Example
+
+```python
+from sysdig_client.models.agentless_ml_runtime_detection_content import AgentlessMlRuntimeDetectionContent
+
+# TODO update the JSON string below
+json = "{}"
+# create an instance of AgentlessMlRuntimeDetectionContent from a JSON string
+agentless_ml_runtime_detection_content_instance = AgentlessMlRuntimeDetectionContent.from_json(json)
+# print the JSON string representation of the object
+print(AgentlessMlRuntimeDetectionContent.to_json())
+
+# convert the object into a dict
+agentless_ml_runtime_detection_content_dict = agentless_ml_runtime_detection_content_instance.to_dict()
+# create an instance of AgentlessMlRuntimeDetectionContent from a dict
+agentless_ml_runtime_detection_content_from_dict = AgentlessMlRuntimeDetectionContent.from_dict(agentless_ml_runtime_detection_content_dict)
+```
+[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md)
+
+
@@ -0,0 +1,28 @@
+# AgentlessMlRuntimeDetectionContentAllOfFields
+
+
+## Properties
+
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+
+## Example
+
+```python
+from sysdig_client.models.agentless_ml_runtime_detection_content_all_of_fields import AgentlessMlRuntimeDetectionContentAllOfFields
+
+# TODO update the JSON string below
+json = "{}"
+# create an instance of AgentlessMlRuntimeDetectionContentAllOfFields from a JSON string
+agentless_ml_runtime_detection_content_all_of_fields_instance = AgentlessMlRuntimeDetectionContentAllOfFields.from_json(json)
+# print the JSON string representation of the object
+print(AgentlessMlRuntimeDetectionContentAllOfFields.to_json())
+
+# convert the object into a dict
+agentless_ml_runtime_detection_content_all_of_fields_dict = agentless_ml_runtime_detection_content_all_of_fields_instance.to_dict()
+# create an instance of AgentlessMlRuntimeDetectionContentAllOfFields from a dict
+agentless_ml_runtime_detection_content_all_of_fields_from_dict = AgentlessMlRuntimeDetectionContentAllOfFields.from_dict(agentless_ml_runtime_detection_content_all_of_fields_dict)
+```
+[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md)
+
+
@@ -0,0 +1,41 @@
+# AgentlessRuntimeDetectionContent
+
+Agentless CDR event content
+
+## Properties
+
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**type** | [**EventContentType**](EventContentType.md) |  | 
+**integration_id** | **str** | The unique identifier of the integration that generated the event. | 
+**integration_type** | **str** | The type of integration that generated the event. | 
+**rule_name** | **str** | Name of the rule the event is generated after | 
+**rule_type** | **int** | Rule type: - 1 - List matching - process - 2 - List matching - container - 3 - List matching - file - 4 - List matching - network - 5 - List matching - syscall - 6 - Falco - 7 - Drift detection - 8 - Malware detection - 11 - ML - Cryptominer detection - 13 - ML - AWS anomalous login - 14 - ML - Okta anomalous login  | 
+**rule_tags** | **List[str]** | The tags attached to the rule | [optional] 
+**policy_id** | **int** | ID of the policy that generated the event | 
+**policy_origin** | [**PolicyOrigin**](PolicyOrigin.md) |  | 
+**policy_notification_channel_ids** | **List[int]** | The list of notification channels where an alert is sent after event is generated. Doesn&#39;t account for aggregations and eventual thresholds.  | [optional] 
+**priority** | **str** | Rule priority | [optional] 
+**output** | **str** | Event output, generated after the configured rule | [optional] 
+**fields** | [**AgentlessRuntimeDetectionContentAllOfFields**](AgentlessRuntimeDetectionContentAllOfFields.md) |  | [optional] 
+
+## Example
+
+```python
+from sysdig_client.models.agentless_runtime_detection_content import AgentlessRuntimeDetectionContent
+
+# TODO update the JSON string below
+json = "{}"
+# create an instance of AgentlessRuntimeDetectionContent from a JSON string
+agentless_runtime_detection_content_instance = AgentlessRuntimeDetectionContent.from_json(json)
+# print the JSON string representation of the object
+print(AgentlessRuntimeDetectionContent.to_json())
+
+# convert the object into a dict
+agentless_runtime_detection_content_dict = agentless_runtime_detection_content_instance.to_dict()
+# create an instance of AgentlessRuntimeDetectionContent from a dict
+agentless_runtime_detection_content_from_dict = AgentlessRuntimeDetectionContent.from_dict(agentless_runtime_detection_content_dict)
+```
+[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md)
+
+