Class: Google::Apis::SecuritycenterV1::Indicator

Inherits:

Object

• Object
• Google::Apis::SecuritycenterV1::Indicator

Includes:

Core::Hashable, Core::JsonObjectSupport

Defined in:

lib/google/apis/securitycenter_v1/classes.rb,
lib/google/apis/securitycenter_v1/representations.rb,
lib/google/apis/securitycenter_v1/representations.rb

Overview

Represents what's commonly known as an indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. For more information, see Indicator of compromise.

Instance Attribute Summary

• #domains ⇒ Array<String>

  List of domains associated to the Finding.

• #ip_addresses ⇒ Array<String>

  The list of IP addresses that are associated with the finding.

• #signatures ⇒ Array<Google::Apis::SecuritycenterV1::ProcessSignature>

  The list of matched signatures indicating that the given process is present in the environment.

• #uris ⇒ Array<String>

  The list of URIs associated to the Findings.

Instance Method Summary

• #initialize(**args) ⇒ Indicator constructor

  A new instance of Indicator.

• #update!(**args) ⇒ Object

  Update properties of this object.

Constructor Details

#initialize(**args) ⇒ Indicator

Returns a new instance of Indicator.

# File 'lib/google/apis/securitycenter_v1/classes.rb', line 8494

def initialize(**args)
   update!(**args)
end

Instance Attribute Details

#domains ⇒ Array<String>

List of domains associated to the Finding. Corresponds to the JSON property domains

Returns:

• (Array<String>)

# File 'lib/google/apis/securitycenter_v1/classes.rb', line 8476

def domains
  @domains
end

#ip_addresses ⇒ Array<String>

The list of IP addresses that are associated with the finding. Corresponds to the JSON property ipAddresses

Returns:

• (Array<String>)

# File 'lib/google/apis/securitycenter_v1/classes.rb', line 8481

def ip_addresses
  @ip_addresses
end

#signatures ⇒ Array<Google::Apis::SecuritycenterV1::ProcessSignature>

The list of matched signatures indicating that the given process is present in the environment. Corresponds to the JSON property signatures

Returns:

• (Array<Google::Apis::SecuritycenterV1::ProcessSignature>)

# File 'lib/google/apis/securitycenter_v1/classes.rb', line 8487

def signatures
  @signatures
end

#uris ⇒ Array<String>

The list of URIs associated to the Findings. Corresponds to the JSON property uris

Returns:

• (Array<String>)

# File 'lib/google/apis/securitycenter_v1/classes.rb', line 8492

def uris
  @uris
end

Instance Method Details

#update!(**args) ⇒ Object

Update properties of this object

# File 'lib/google/apis/securitycenter_v1/classes.rb', line 8499

def update!(**args)
  @domains = args[:domains] if args.key?(:domains)
  @ip_addresses = args[:ip_addresses] if args.key?(:ip_addresses)
  @signatures = args[:signatures] if args.key?(:signatures)
  @uris = args[:uris] if args.key?(:uris)
end