Class: Aws::SecurityHub::Types::ThreatIntelIndicator
- Inherits:
-
Struct
- Object
- Struct
- Aws::SecurityHub::Types::ThreatIntelIndicator
- Defined in:
- gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb
Overview
When making an API call, you may pass ThreatIntelIndicator data as a hash:
{
type: "DOMAIN", # accepts DOMAIN, EMAIL_ADDRESS, HASH_MD5, HASH_SHA1, HASH_SHA256, HASH_SHA512, IPV4_ADDRESS, IPV6_ADDRESS, MUTEX, PROCESS, URL
value: "NonEmptyString",
category: "BACKDOOR", # accepts BACKDOOR, CARD_STEALER, COMMAND_AND_CONTROL, DROP_SITE, EXPLOIT_SITE, KEYLOGGER
last_observed_at: "NonEmptyString",
source: "NonEmptyString",
source_url: "NonEmptyString",
}
Details about the threat intelligence related to a finding.
Constant Summary collapse
- SENSITIVE =
[]
Instance Attribute Summary collapse
-
#category ⇒ String
The category of a threat intelligence indicator.
-
#last_observed_at ⇒ String
Indicates when the most recent instance of a threat intelligence indicator was observed.
-
#source ⇒ String
The source of the threat intelligence indicator.
-
#source_url ⇒ String
The URL to the page or site where you can get more information about the threat intelligence indicator.
-
#type ⇒ String
The type of threat intelligence indicator.
-
#value ⇒ String
The value of a threat intelligence indicator.
Instance Attribute Details
#category ⇒ String
The category of a threat intelligence indicator.
42962 42963 42964 42965 42966 42967 42968 42969 42970 42971 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 42962 class ThreatIntelIndicator < Struct.new( :type, :value, :category, :last_observed_at, :source, :source_url) SENSITIVE = [] include Aws::Structure end |
#last_observed_at ⇒ String
Indicates when the most recent instance of a threat intelligence indicator was observed.
Uses the date-time format specified in RFC 3339 section 5.6,
Internet Date/Time Format. The value cannot contain spaces. For
example, 2020-03-22T13:22:13.933Z.
42962 42963 42964 42965 42966 42967 42968 42969 42970 42971 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 42962 class ThreatIntelIndicator < Struct.new( :type, :value, :category, :last_observed_at, :source, :source_url) SENSITIVE = [] include Aws::Structure end |
#source ⇒ String
The source of the threat intelligence indicator.
42962 42963 42964 42965 42966 42967 42968 42969 42970 42971 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 42962 class ThreatIntelIndicator < Struct.new( :type, :value, :category, :last_observed_at, :source, :source_url) SENSITIVE = [] include Aws::Structure end |
#source_url ⇒ String
The URL to the page or site where you can get more information about the threat intelligence indicator.
42962 42963 42964 42965 42966 42967 42968 42969 42970 42971 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 42962 class ThreatIntelIndicator < Struct.new( :type, :value, :category, :last_observed_at, :source, :source_url) SENSITIVE = [] include Aws::Structure end |
#type ⇒ String
The type of threat intelligence indicator.
42962 42963 42964 42965 42966 42967 42968 42969 42970 42971 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 42962 class ThreatIntelIndicator < Struct.new( :type, :value, :category, :last_observed_at, :source, :source_url) SENSITIVE = [] include Aws::Structure end |
#value ⇒ String
The value of a threat intelligence indicator.
42962 42963 42964 42965 42966 42967 42968 42969 42970 42971 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 42962 class ThreatIntelIndicator < Struct.new( :type, :value, :category, :last_observed_at, :source, :source_url) SENSITIVE = [] include Aws::Structure end |