You are viewing documentation for version 2 of the AWS SDK for Ruby. Version 3 documentation can be found here.
Class: Aws::SecurityHub::Types::ThreatIntelIndicator
- Inherits:
-
Struct
- Object
- Struct
- Aws::SecurityHub::Types::ThreatIntelIndicator
- Defined in:
- (unknown)
Overview
When passing ThreatIntelIndicator as input to an Aws::Client method, you can use a vanilla Hash:
{
type: "DOMAIN", # accepts DOMAIN, EMAIL_ADDRESS, HASH_MD5, HASH_SHA1, HASH_SHA256, HASH_SHA512, IPV4_ADDRESS, IPV6_ADDRESS, MUTEX, PROCESS, URL
value: "NonEmptyString",
category: "BACKDOOR", # accepts BACKDOOR, CARD_STEALER, COMMAND_AND_CONTROL, DROP_SITE, EXPLOIT_SITE, KEYLOGGER
last_observed_at: "NonEmptyString",
source: "NonEmptyString",
source_url: "NonEmptyString",
}
Details about the threat intelligence related to a finding.
Instance Attribute Summary collapse
-
#category ⇒ String
The category of a threat intelligence indicator.
-
#last_observed_at ⇒ String
Indicates when the most recent instance of a threat intelligence indicator was observed.
-
#source ⇒ String
The source of the threat intelligence indicator.
-
#source_url ⇒ String
The URL to the page or site where you can get more information about the threat intelligence indicator.
-
#type ⇒ String
The type of threat intelligence indicator.
-
#value ⇒ String
The value of a threat intelligence indicator.
Instance Attribute Details
#category ⇒ String
The category of a threat intelligence indicator.
Possible values:
- BACKDOOR
- CARD_STEALER
- COMMAND_AND_CONTROL
- DROP_SITE
- EXPLOIT_SITE
- KEYLOGGER
#last_observed_at ⇒ String
Indicates when the most recent instance of a threat intelligence indicator was observed.
Uses the date-time
format specified in RFC 3339 section 5.6, Internet
Date/Time Format. The value cannot contain spaces. For example,
2020-03-22T13:22:13.933Z
.
#source ⇒ String
The source of the threat intelligence indicator.
#source_url ⇒ String
The URL to the page or site where you can get more information about the threat intelligence indicator.
#type ⇒ String
The type of threat intelligence indicator.
Possible values:
- DOMAIN
- EMAIL_ADDRESS
- HASH_MD5
- HASH_SHA1
- HASH_SHA256
- HASH_SHA512
- IPV4_ADDRESS
- IPV6_ADDRESS
- MUTEX
- PROCESS
- URL
#value ⇒ String
The value of a threat intelligence indicator.