CyOptics.ps1

<#
.SYNOPSIS
    Gets a list of all detections from the console.
 
.PARAMETER API
    Optional. API Handle (use only when not using session scope).
#>

function Get-CyDetectionList {
    Param (
        [parameter(Mandatory=$false)]
        [CylanceAPIHandle]$API = $GlobalCyAPIHandle
        )

    Read-CyData -API $API -Uri "$($API.BaseUrl)/detections/v2"
}

<#
.SYNOPSIS
    Gets a list of all detections from the console.
 
.PARAMETER API
    Optional. API Handle (use only when not using session scope).
#>

function Get-CyDetectionDetail {
    Param (
        [parameter(Mandatory=$false)]
        [CylanceAPIHandle]$API = $GlobalCyAPIHandle,
        [parameter(Mandatory=$true,
            ValueFromPipeline=$true,
            ValueFromPipelineByPropertyName=$true)]
        [object]$Detection
        )

    Begin
    {

    }

    Process
    {
        Invoke-CyRestMethod -API $API -Method GET -Uri  "$($API.BaseUrl)/detections/v2/$($Detection.id)/details" | Convert-CyObject
    }
}

<#
.SYNOPSIS
    Deletes a detection.
 
.PARAMETER API
    Optional. API Handle (use only when not using session scope).
 
.PARAMETER Detection
    The detection object to delete.
#>

function Remove-CyDetection {
    Param (
        [parameter(Mandatory=$false)]
        [ValidateNotNullOrEmpty()]
        [CylanceAPIHandle]$API = $GlobalCyAPIHandle,
        [Parameter(
            Mandatory=$true, 
            ValueFromPipeline=$true,
            ValueFromPipelineByPropertyName=$true)]
        [object]$Detection
    )

    Begin {
    }

    Process {
        # remain silent
        switch ($PSCmdlet.ParameterSetName) {
            "ByDeviceId" {
                $devices += $DeviceId
            }
            "ByDevice" {
                $devices += $Device.id
            }
        }
    }

    End {
        $updateMap = @{
            "device_ids" = $devices
        }

        if (![String]::IsNullOrEmpty($CallbackUrl)) {
            $updateMap += @{ "url" = $CallbackUrl }
        }

        $json = $updateMap | ConvertTo-Json
        Write-verbose "Update Map: $($json)"
        # remain silent
        $null = Invoke-CyRestMethod -API $API -Method DELETE -Uri "$($API.BaseUrl)/devices/v2" -ContentType "application/json; charset=utf-8" -Body $json
    }
}


<#
.SYNOPSIS
    Updates a detection's fields.
 
.PARAMETER API
    Optional. API Handle (use only when not using session scope).
#>

function Update-CyDetection {
    Param (
        [parameter(Mandatory=$false)]
        [CylanceAPIHandle]$API = $GlobalCyAPIHandle,
        [parameter(Mandatory=$false)]
        [ValidateSet ("New", "False Positive", "Follow Up", "In Progress", "Reviewed", "Done")]
        [string]$Status,
        [parameter(Mandatory=$false)]
        [string]$Comment,
        [parameter(Mandatory=$true,
            ValueFromPipeline=$true,
            ValueFromPipelineByPropertyName=$true)]
        [object]$Detection
        )

    Begin {
        $updateFields = @{}
        if (![String]::IsNullOrEmpty($Status)) {
            $updateFields.status = $Status
        }
        if (![String]::IsNullOrEmpty($Comment)) {
            $updateFields.comment = $Comment
        }
    }

    Process {
        $transaction = @(
            @{
                "detection_id" = $Detection.Id;
                "field_to_update" = $updateFields;
            }
        )
        $json = ConvertTo-Json $transaction
        Write-Verbose "$($json)"
        Invoke-CyRestMethod -API $API -Method POST -Uri "$($API.BaseUrl)/detections/v2/update/" -Body $json
    }
}