Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Falcon::ReportExecutionsApi#report_executions_download_get raise NoMethodError exception #35

Closed
hiboma opened this issue Jul 1, 2024 · 1 comment · Fixed by #39
Closed

Falcon::ReportExecutionsApi#report_executions_download_get raise NoMethodError exception #35

hiboma opened this issue Jul 1, 2024 · 1 comment · Fixed by #39
Assignees
@carlosmmatos
Labels
bug Something isn't working
Milestone
0.5.0

Comments

@hiboma
Copy link

hiboma commented Jul 1, 2024

Hello.

True to the title of the issue, I encountered Falcon::ReportExecutionsApi#report_executions_download_get raising an NoMethodError exception.

How to reproduce

Version (crimson-falcon)

0.4.1

Script

#!/usr/bin/env ruby

require 'dotenv'
require 'crimson-falcon'

Dotenv.load!

Falcon.configure do |config|
  config.client_id     = ENV["FALCON_CLIENT_ID"]
  config.client_secret = ENV["FALCON_CLIENT_SECRET"]
end

id = "1c22d83d74ae4ee9bac3208b8015eb58"

client = Falcon::ReportExecutionsApi.new
results = client.report_executions_download_get([id])
pp results

Exception

/private/tmp/falcon/vendor/bundle/ruby/3.3.0/gems/crimson-falcon-0.4.1/lib/crimson-falcon/api_client.rb:414:in `convert_to_type': undefined method `to_i' for an instance of Hash (NoMethodError)

        data.to_i
            ^^^^^
Did you mean?  to_s
               to_a
               to_h
	from /private/tmp/falcon/vendor/bundle/ruby/3.3.0/gems/crimson-falcon-0.4.1/lib/crimson-falcon/api_client.rb:431:in `block in convert_to_type'
	from /private/tmp/falcon/vendor/bundle/ruby/3.3.0/gems/crimson-falcon-0.4.1/lib/crimson-falcon/api_client.rb:431:in `map'
	from /private/tmp/falcon/vendor/bundle/ruby/3.3.0/gems/crimson-falcon-0.4.1/lib/crimson-falcon/api_client.rb:431:in `convert_to_type'
	from /private/tmp/falcon/vendor/bundle/ruby/3.3.0/gems/crimson-falcon-0.4.1/lib/crimson-falcon/api_client.rb:401:in `deserialize'
	from /private/tmp/falcon/vendor/bundle/ruby/3.3.0/gems/crimson-falcon-0.4.1/lib/crimson-falcon/api_client.rb:91:in `call_api'
	from /private/tmp/falcon/vendor/bundle/ruby/3.3.0/gems/crimson-falcon-0.4.1/lib/crimson-falcon/api/report_executions_api.rb:94:in `report_executions_download_get_with_http_info'
	from /private/tmp/falcon/vendor/bundle/ruby/3.3.0/gems/crimson-falcon-0.4.1/lib/crimson-falcon/api/report_executions_api.rb:44:in `report_executions_download_get'
	from bug.rb:17:in `<main>'

Debug Response

( Sensitive information is masked *** )

D, [2024-06-24T15:39:12.799687 #56275] DEBUG -- : Calling API: ReportExecutionsApi.report_executions_download_get ...
{:method=>:get, :headers=>{"Content-Type"=>"application/json", "User-Agent"=>"crowdstrike-crimson/0.4.1", "Accept"=>"*/*", "Authorization"=>"Bearer ***"}, :params=>{:ids=>["1c22d83d74ae4ee9bac3208b8015eb58"]}, :params_encoding=>:multi, :timeout=>0, :ssl_verifypeer=>true, :ssl_verifyhost=>2, :sslcert=>nil, :sslkey=>nil, :verbose=>true, :followlocation=>false}
https://api.crowdstrike.com/reports/entities/report-executions-download/v1
Found bundle for host: 0x600000d9ab80 [serially]
Can not multiplex, even if we wanted to
Re-using existing connection with host api.crowdstrike.com
GET /reports/entities/report-executions-download/v1?ids=1c22d83d74ae4ee9bac3208b8015eb58 HTTP/1.1
Host: api.crowdstrike.com
User-Agent: crowdstrike-crimson/0.4.1
Content-Type: application/json
Accept: */*
Authorization: Bearer ***

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Jun 2024 06:39:13 GMT
Content-Type: application/json
Content-Length: 295
Connection: keep-alive
Accept-Ranges: bytes
Content-Disposition: attachment;filename=IP_2024_June_24_61519_74136.json
Etag: "62efa676e8d523e837e6770b8f5cfe04"
Last-Modified: Mon, 24 Jun 2024 06:15:38 GMT
Strict-Transport-Security: max-age=15724800; includeSubDomains
X-Amz-Expiration: expiry-date="Thu, 25 Jul 2024 00:00:00 GMT", rule-id="ZmI0YzJhNmQtYzJkMS00OTU4LWJmY2QtOWYxNTkxMzRlNjJl"
X-Amz-Id-2: ***
X-Amz-Request-Id: ***
X-Amz-Server-Side-Encryption: AES256
X-Cs-Region: ***
X-Cs-Traceid: ***
X-Ratelimit-Limit: 6000
X-Ratelimit-Remaining: 5999
Strict-Transport-Security: max-age=31536000; includeSubDomains

Connection #0 to host api.crowdstrike.com left intact
D, [2024-06-24T15:39:13.084426 #56275] DEBUG -- : HTTP response body ~BEGIN~
[{"ComputerName":"***","ConnectionDirection":"1","ContextBaseFileName":"ControlCenter","Event_Name":"NetworkReceiveAcceptIP4","Global_IP":"***","LPort":"7000","Local_IP4":"***","Platform":"Mac","RPort":"53982","Remote_IP4":"***","timestamp":"1719209547865"}]
@hiboma
Copy link
Author

hiboma commented Jul 1, 2024
edited
Loading

I have tried and found that specifying debug_return_type: Object avoids the exception.

client.report_executions_download_get([id], opts = { debug_return_type: "Object"} )

@carlosmmatos carlosmmatos self-assigned this Sep 16, 2024
@carlosmmatos carlosmmatos added the bug Something isn't working label Sep 16, 2024
@carlosmmatos carlosmmatos added this to the 0.5.0 milestone Sep 16, 2024
carlosmmatos added a commit to carlosmmatos/crimson-falcon that referenced this issue Nov 15, 2024
@carlosmmatos
fix: update swagger endpoints to fix common issues
25578ed 
Fixes CrowdStrike#33
Adds block execute to definition. This should be finally fixed upstream
as well.

Fixes CrowdStrike#35
Updates endpoint response to be of type Object. This one is interesting
because it seems like it should actually be returning a binary object
but instead it returns either a CSV string or JSON object depending on
the type of scheduled report that was chosen. When this is updated
upstream we will treat this as a binary download such as downloading a
sensor.
carlosmmatos added a commit to carlosmmatos/crimson-falcon that referenced this issue Nov 15, 2024
@carlosmmatos
fix: return string for text/ return types
9525ed4 
This was found in CrowdStrike#35 when working with CSV return types. For now, we
will treat these are strings.
carlosmmatos added a commit to carlosmmatos/crimson-falcon that referenced this issue Nov 15, 2024
@carlosmmatos
fix: update swagger issues and update generation flow
8587c5e 
Fixes CrowdStrike#33
Adds block execute to definition. This should be finally fixed upstream
as well.

Fixes CrowdStrike#35
Updates endpoint response to be of type Object. This one is interesting
because it seems like it should actually be returning a binary object
but instead it returns either a CSV string or JSON object depending on
the type of scheduled report that was chosen. When this is updated
upstream we will treat this as a binary download such as downloading a
sensor.

This also fixes dealing with text/* returns such as csv. Now we just
return it as a string instead of failing.

The Makefile has been updated to make use of the transformation.jq file
to ensure our swagger spec file has fixes needed while we wait for
upstream support.
@carlosmmatos carlosmmatos mentioned this issue Nov 15, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@carlosmmatos carlosmmatos

Labels
bug Something isn't working
Projects
None yet
Milestone
0.5.0
Development

Successfully merging a pull request may close this issue.

fix: update swagger issues and update generation flow carlosmmatos/crimson-falcon
2 participants
@hiboma @carlosmmatos