Class: Aws::SecurityHub::Types::ThreatIntelIndicator

Inherits:
Struct
  • Object
show all
Defined in:
gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb

Overview

Note:

When making an API call, you may pass ThreatIntelIndicator data as a hash:

{
  type: "DOMAIN", # accepts DOMAIN, EMAIL_ADDRESS, HASH_MD5, HASH_SHA1, HASH_SHA256, HASH_SHA512, IPV4_ADDRESS, IPV6_ADDRESS, MUTEX, PROCESS, URL
  value: "NonEmptyString",
  category: "BACKDOOR", # accepts BACKDOOR, CARD_STEALER, COMMAND_AND_CONTROL, DROP_SITE, EXPLOIT_SITE, KEYLOGGER
  last_observed_at: "NonEmptyString",
  source: "NonEmptyString",
  source_url: "NonEmptyString",
}

Details about the threat intelligence related to a finding.

Constant Summary collapse

SENSITIVE =
[]

Instance Attribute Summary collapse

Instance Attribute Details

#categoryString

The category of a threat intelligence indicator.

Returns:

  • (String)


10980
10981
10982
10983
10984
10985
10986
10987
10988
10989
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 10980

class ThreatIntelIndicator < Struct.new(
  :type,
  :value,
  :category,
  :last_observed_at,
  :source,
  :source_url)
  SENSITIVE = []
  include Aws::Structure
end

#last_observed_atString

The date and time when the most recent instance of a threat intelligence indicator was observed.

Returns:

  • (String)


10980
10981
10982
10983
10984
10985
10986
10987
10988
10989
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 10980

class ThreatIntelIndicator < Struct.new(
  :type,
  :value,
  :category,
  :last_observed_at,
  :source,
  :source_url)
  SENSITIVE = []
  include Aws::Structure
end

#sourceString

The source of the threat intelligence indicator.

Returns:

  • (String)


10980
10981
10982
10983
10984
10985
10986
10987
10988
10989
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 10980

class ThreatIntelIndicator < Struct.new(
  :type,
  :value,
  :category,
  :last_observed_at,
  :source,
  :source_url)
  SENSITIVE = []
  include Aws::Structure
end

#source_urlString

The URL to the page or site where you can get more information about the threat intelligence indicator.

Returns:

  • (String)


10980
10981
10982
10983
10984
10985
10986
10987
10988
10989
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 10980

class ThreatIntelIndicator < Struct.new(
  :type,
  :value,
  :category,
  :last_observed_at,
  :source,
  :source_url)
  SENSITIVE = []
  include Aws::Structure
end

#typeString

The type of threat intelligence indicator.

Returns:

  • (String)


10980
10981
10982
10983
10984
10985
10986
10987
10988
10989
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 10980

class ThreatIntelIndicator < Struct.new(
  :type,
  :value,
  :category,
  :last_observed_at,
  :source,
  :source_url)
  SENSITIVE = []
  include Aws::Structure
end

#valueString

The value of a threat intelligence indicator.

Returns:

  • (String)


10980
10981
10982
10983
10984
10985
10986
10987
10988
10989
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 10980

class ThreatIntelIndicator < Struct.new(
  :type,
  :value,
  :category,
  :last_observed_at,
  :source,
  :source_url)
  SENSITIVE = []
  include Aws::Structure
end