/**
 * IoC type for advanced search
 */
export type AdvancedSearchIoCType = 'file' | 'ip' | 'domain';
/**
 * Options for advanced search request
 */
export interface AdvancedSearchRequestOptions {
    /** IoC type to search for */
    iocType: AdvancedSearchIoCType;
    /** Query string using CTX query syntax (AND, OR, NOT operators) */
    query: string;
    /** Cursor for pagination (from previous response) */
    cursor?: string;
}
/**
 * File hash information in search results
 */
export interface SearchResultFileHash {
    sha256: string;
    md5: string;
    sha1: string;
}
/**
 * File search result item
 */
export interface SearchResultFile {
    hash: SearchResultFileHash;
    fileSize: number;
    fileType: string;
    tags: string[];
    detect: string;
    firstSeen: string;
    lastSeen: string;
    threatTypes: string[];
}
/**
 * IP search result item
 */
export interface SearchResultIP {
    ipv4: string;
    firstSeen: string;
    lastSeen: string;
    countryCode: string;
    detect: string;
}
/**
 * Domain search result item
 */
export interface SearchResultDomain {
    domain: string;
    firstSeen: string;
    lastSeen: string;
    detect: string;
}
/**
 * Advanced Search Request Result
 * Returns request ID for fetching results via Response API
 */
export interface AdvancedSearchRequestResult {
    /** Request ID for fetching results */
    reqId: string;
    /** Total count of matching results */
    totalCount: number;
    /** Cursor for next page (if more results available) */
    cursor: string;
    /** File results (when ioc_type is 'file') */
    files: SearchResultFile[];
    /** IP results (when ioc_type is 'ip') */
    ips: SearchResultIP[];
    /** Domain results (when ioc_type is 'domain') */
    domains: SearchResultDomain[];
}
/**
 * APT Campaign victim information
 */
export interface SearchResponseAPTVictims {
    countries: string[];
    industries: string[];
}
/**
 * APT Campaign information in search response
 */
export interface SearchResponseAPTCampaign {
    threatActors: string[];
    attackerCountryCodes: string[];
    threatVictims: SearchResponseAPTVictims;
}
/**
 * APT Campaign statistics in search response
 */
export interface SearchResponseAPTStatistics {
    urls: number;
    threatActorCount: number;
    campaignCountTotal: number;
    files: number;
    domains: number;
    ips: number;
}
/**
 * IP result item in search response (with APT info)
 */
export interface SearchResponseIPItem {
    firstSeen: string;
    lastSeen: string;
    ipv4: string;
    countryCode: string;
    countryName: string;
    detect: string;
    aptCampaign: SearchResponseAPTCampaign;
    aptCampaignStatistics: SearchResponseAPTStatistics;
}
/**
 * File result item in search response (with APT info)
 */
export interface SearchResponseFileItem {
    firstSeen: string;
    lastSeen: string;
    hash: SearchResultFileHash;
    fileSize: number;
    fileType: string;
    tags: string[];
    detect: string;
    threatTypes: string[];
    aptCampaign: SearchResponseAPTCampaign;
    aptCampaignStatistics: SearchResponseAPTStatistics;
}
/**
 * Domain result item in search response (with APT info)
 */
export interface SearchResponseDomainItem {
    firstSeen: string;
    lastSeen: string;
    domain: string;
    detect: string;
    aptCampaign: SearchResponseAPTCampaign;
    aptCampaignStatistics: SearchResponseAPTStatistics;
}
/**
 * Advanced Search Response Result
 * Retrieved using req_id from Request API
 */
export interface AdvancedSearchResponseResult {
    /** Total count of matching results */
    totalCount: number;
    /** Cursor for next page */
    cursor: string;
    /** List of results (IP, File, or Domain items depending on query) */
    list: (SearchResponseIPItem | SearchResponseFileItem | SearchResponseDomainItem)[];
}
//# sourceMappingURL=types.d.ts.map