Class: DatadogAPIClient::V2::IoCIndicatorDetailed

Inherits:

Object

• Object
• DatadogAPIClient::V2::IoCIndicatorDetailed

Includes:

BaseGenericModel

Defined in:

lib/datadog_api_client/v2/models/io_c_indicator_detailed.rb

Overview

An indicator of compromise with extended context from your environment.

Instance Attribute Summary

• #additional_data ⇒ Object

  Additional domain-specific context from threat intelligence sources.

• #additional_properties ⇒ Object

  Returns the value of attribute additional_properties.

• #as_cidr_block ⇒ Object

  Autonomous system CIDR block.

• #as_geo ⇒ Object

  Geographic location information for an IP indicator.

• #as_number ⇒ Object

  Autonomous system number.

• #as_organization ⇒ Object

  Autonomous system organization name.

• #as_type ⇒ Object

  Autonomous system type.

• #benign_sources ⇒ Object

  Threat intelligence sources that flagged this indicator as benign.

• #categories ⇒ Object

  Threat categories associated with the indicator.

• #critical_assets ⇒ Object

  Critical assets associated with this indicator.

• #first_seen ⇒ Object

  Timestamp when the indicator was first seen.

• #hosts ⇒ Object

  Hosts associated with this indicator.

• #id ⇒ Object

  Unique identifier for the indicator.

• #indicator ⇒ Object

  The indicator value (for example, an IP address or domain).

• #indicator_type ⇒ Object

  Type of indicator (for example, IP address or domain).

• #last_seen ⇒ Object

  Timestamp when the indicator was last seen.

• #log_matches ⇒ Object

  Number of logs that matched this indicator.

• #log_sources ⇒ Object

  Log sources where this indicator was observed.

• #m_as_type ⇒ Object

  Effect of a scoring factor on the indicator’s threat score.

• #m_persistence ⇒ Object

  Effect of a scoring factor on the indicator’s threat score.

• #m_signal ⇒ Object

  Effect of a scoring factor on the indicator’s threat score.

• #m_sources ⇒ Object

  Effect of a scoring factor on the indicator’s threat score.

• #malicious_sources ⇒ Object

  Threat intelligence sources that flagged this indicator as malicious.

• #max_trust_score ⇒ Object

  Effect of a scoring factor on the indicator’s threat score.

• #score ⇒ Object

  Threat score for the indicator (0-100).

• #services ⇒ Object

  Services where this indicator was observed.

• #signal_matches ⇒ Object

  Number of security signals that matched this indicator.

• #signal_severity ⇒ Object

  Breakdown of security signals by severity.

• #signal_tier ⇒ Object

  Signal tier level.

• #suspicious_sources ⇒ Object

  Threat intelligence sources that flagged this indicator as suspicious.

• #tags ⇒ Object

  Tags associated with the indicator.

• #users ⇒ Object

  Users associated with this indicator, grouped by category.

Method Summary

Methods included from BaseGenericModel

included

Instance Attribute Details

#additional_data ⇒ Object

Additional domain-specific context from threat intelligence sources.

# File 'lib/datadog_api_client/v2/models/io_c_indicator_detailed.rb', line 25

def additional_data
  @additional_data
end

#additional_properties ⇒ Object

Returns the value of attribute additional_properties.

# File 'lib/datadog_api_client/v2/models/io_c_indicator_detailed.rb', line 117

def additional_properties
  @additional_properties
end

#as_cidr_block ⇒ Object

Autonomous system CIDR block.

# File 'lib/datadog_api_client/v2/models/io_c_indicator_detailed.rb', line 28

def as_cidr_block
  @as_cidr_block
end

#as_geo ⇒ Object

Geographic location information for an IP indicator.

# File 'lib/datadog_api_client/v2/models/io_c_indicator_detailed.rb', line 31

def as_geo
  @as_geo
end

#as_number ⇒ Object

Autonomous system number.

# File 'lib/datadog_api_client/v2/models/io_c_indicator_detailed.rb', line 34

def as_number
  @as_number
end

#as_organization ⇒ Object

Autonomous system organization name.

# File 'lib/datadog_api_client/v2/models/io_c_indicator_detailed.rb', line 37

def as_organization
  @as_organization
end

#as_type ⇒ Object

Autonomous system type.

# File 'lib/datadog_api_client/v2/models/io_c_indicator_detailed.rb', line 40

def as_type
  @as_type
end

#benign_sources ⇒ Object

Threat intelligence sources that flagged this indicator as benign.

# File 'lib/datadog_api_client/v2/models/io_c_indicator_detailed.rb', line 43

def benign_sources
  @benign_sources
end

#categories ⇒ Object

Threat categories associated with the indicator.

# File 'lib/datadog_api_client/v2/models/io_c_indicator_detailed.rb', line 46

def categories
  @categories
end

#critical_assets ⇒ Object

Critical assets associated with this indicator.

# File 'lib/datadog_api_client/v2/models/io_c_indicator_detailed.rb', line 49

def critical_assets
  @critical_assets
end

#first_seen ⇒ Object

Timestamp when the indicator was first seen.

# File 'lib/datadog_api_client/v2/models/io_c_indicator_detailed.rb', line 52

def first_seen
  @first_seen
end

#hosts ⇒ Object

Hosts associated with this indicator.

# File 'lib/datadog_api_client/v2/models/io_c_indicator_detailed.rb', line 55

def hosts
  @hosts
end

#id ⇒ Object

Unique identifier for the indicator.

# File 'lib/datadog_api_client/v2/models/io_c_indicator_detailed.rb', line 58

def id
  @id
end

#indicator ⇒ Object

The indicator value (for example, an IP address or domain).

# File 'lib/datadog_api_client/v2/models/io_c_indicator_detailed.rb', line 61

def indicator
  @indicator
end

#indicator_type ⇒ Object

Type of indicator (for example, IP address or domain).

# File 'lib/datadog_api_client/v2/models/io_c_indicator_detailed.rb', line 64

def indicator_type
  @indicator_type
end

#last_seen ⇒ Object

Timestamp when the indicator was last seen.

# File 'lib/datadog_api_client/v2/models/io_c_indicator_detailed.rb', line 67

def last_seen
  @last_seen
end

#log_matches ⇒ Object

Number of logs that matched this indicator.

# File 'lib/datadog_api_client/v2/models/io_c_indicator_detailed.rb', line 70

def log_matches
  @log_matches
end

#log_sources ⇒ Object

Log sources where this indicator was observed.

# File 'lib/datadog_api_client/v2/models/io_c_indicator_detailed.rb', line 73

def log_sources
  @log_sources
end

#m_as_type ⇒ Object

Effect of a scoring factor on the indicator’s threat score.

# File 'lib/datadog_api_client/v2/models/io_c_indicator_detailed.rb', line 76

def m_as_type
  @m_as_type
end

#m_persistence ⇒ Object

Effect of a scoring factor on the indicator’s threat score.

# File 'lib/datadog_api_client/v2/models/io_c_indicator_detailed.rb', line 79

def m_persistence
  @m_persistence
end

#m_signal ⇒ Object

Effect of a scoring factor on the indicator’s threat score.

# File 'lib/datadog_api_client/v2/models/io_c_indicator_detailed.rb', line 82

def m_signal
  @m_signal
end

#m_sources ⇒ Object

Effect of a scoring factor on the indicator’s threat score.

# File 'lib/datadog_api_client/v2/models/io_c_indicator_detailed.rb', line 85

def m_sources
  @m_sources
end

#malicious_sources ⇒ Object

Threat intelligence sources that flagged this indicator as malicious.

# File 'lib/datadog_api_client/v2/models/io_c_indicator_detailed.rb', line 88

def malicious_sources
  @malicious_sources
end

#max_trust_score ⇒ Object

Effect of a scoring factor on the indicator’s threat score.

# File 'lib/datadog_api_client/v2/models/io_c_indicator_detailed.rb', line 91

def max_trust_score
  @max_trust_score
end

#score ⇒ Object

Threat score for the indicator (0-100).

# File 'lib/datadog_api_client/v2/models/io_c_indicator_detailed.rb', line 94

def score
  @score
end

#services ⇒ Object

Services where this indicator was observed.

# File 'lib/datadog_api_client/v2/models/io_c_indicator_detailed.rb', line 97

def services
  @services
end

#signal_matches ⇒ Object

Number of security signals that matched this indicator.

# File 'lib/datadog_api_client/v2/models/io_c_indicator_detailed.rb', line 100

def signal_matches
  @signal_matches
end

#signal_severity ⇒ Object

Breakdown of security signals by severity.

# File 'lib/datadog_api_client/v2/models/io_c_indicator_detailed.rb', line 103

def signal_severity
  @signal_severity
end

#signal_tier ⇒ Object

Signal tier level.

# File 'lib/datadog_api_client/v2/models/io_c_indicator_detailed.rb', line 106

def signal_tier
  @signal_tier
end

#suspicious_sources ⇒ Object

Threat intelligence sources that flagged this indicator as suspicious.

# File 'lib/datadog_api_client/v2/models/io_c_indicator_detailed.rb', line 109

def suspicious_sources
  @suspicious_sources
end

#tags ⇒ Object

Tags associated with the indicator.

# File 'lib/datadog_api_client/v2/models/io_c_indicator_detailed.rb', line 112

def tags
  @tags
end

#users ⇒ Object

Users associated with this indicator, grouped by category.

# File 'lib/datadog_api_client/v2/models/io_c_indicator_detailed.rb', line 115

def users
  @users
end