IndicatorSummary¶

class oci.threat_intelligence.models.IndicatorSummary(**kwargs)¶

Bases: object

Summary of a data signature observed on a network or host that indicates a potential security threat.

Attributes

`LIFECYCLE_STATE_ACTIVE`	A constant which can be used with the lifecycle_state property of a IndicatorSummary.
`LIFECYCLE_STATE_DELETED`	A constant which can be used with the lifecycle_state property of a IndicatorSummary.
`TYPE_DOMAIN_NAME`	A constant which can be used with the type property of a IndicatorSummary.
`TYPE_FILE_NAME`	A constant which can be used with the type property of a IndicatorSummary.
`TYPE_IP_ADDRESS`	A constant which can be used with the type property of a IndicatorSummary.
`TYPE_MD5_HASH`	A constant which can be used with the type property of a IndicatorSummary.
`TYPE_SHA1_HASH`	A constant which can be used with the type property of a IndicatorSummary.
`TYPE_SHA256_HASH`	A constant which can be used with the type property of a IndicatorSummary.
`TYPE_URL`	A constant which can be used with the type property of a IndicatorSummary.
`attributes`	[Required] Gets the attributes of this IndicatorSummary.
`compartment_id`	Gets the compartment_id of this IndicatorSummary.
`confidence`	Gets the confidence of this IndicatorSummary.
`geodata`	[Required] Gets the geodata of this IndicatorSummary.
`id`	[Required] Gets the id of this IndicatorSummary.
`lifecycle_state`	Gets the lifecycle_state of this IndicatorSummary.
`threat_types`	[Required] Gets the threat_types of this IndicatorSummary.
`time_created`	[Required] Gets the time_created of this IndicatorSummary.
`time_last_seen`	[Required] Gets the time_last_seen of this IndicatorSummary.
`time_updated`	[Required] Gets the time_updated of this IndicatorSummary.
`type`	[Required] Gets the type of this IndicatorSummary.
`value`	[Required] Gets the value of this IndicatorSummary.

Methods

__init__(**kwargs) Initializes a new IndicatorSummary object with values from keyword arguments.

LIFECYCLE_STATE_ACTIVE = 'ACTIVE'¶: A constant which can be used with the lifecycle_state property of a IndicatorSummary. This constant has a value of “ACTIVE”

LIFECYCLE_STATE_DELETED = 'DELETED'¶: A constant which can be used with the lifecycle_state property of a IndicatorSummary. This constant has a value of “DELETED”

TYPE_DOMAIN_NAME = 'DOMAIN_NAME'¶: A constant which can be used with the type property of a IndicatorSummary. This constant has a value of “DOMAIN_NAME”

TYPE_FILE_NAME = 'FILE_NAME'¶: A constant which can be used with the type property of a IndicatorSummary. This constant has a value of “FILE_NAME”

TYPE_IP_ADDRESS = 'IP_ADDRESS'¶: A constant which can be used with the type property of a IndicatorSummary. This constant has a value of “IP_ADDRESS”

TYPE_MD5_HASH = 'MD5_HASH'¶: A constant which can be used with the type property of a IndicatorSummary. This constant has a value of “MD5_HASH”

TYPE_SHA1_HASH = 'SHA1_HASH'¶: A constant which can be used with the type property of a IndicatorSummary. This constant has a value of “SHA1_HASH”

TYPE_SHA256_HASH = 'SHA256_HASH'¶: A constant which can be used with the type property of a IndicatorSummary. This constant has a value of “SHA256_HASH”

TYPE_URL = 'URL'¶: A constant which can be used with the type property of a IndicatorSummary. This constant has a value of “URL”

__init__(**kwargs)¶

Initializes a new IndicatorSummary object with values from keyword arguments. The following keyword arguments are supported (corresponding to the getters/setters of this class):

Parameters:

id (str) – The value to assign to the id property of this IndicatorSummary.
type (str) – The value to assign to the type property of this IndicatorSummary. Allowed values for this property are: “DOMAIN_NAME”, “FILE_NAME”, “MD5_HASH”, “SHA1_HASH”, “SHA256_HASH”, “IP_ADDRESS”, “URL”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.
value (str) – The value to assign to the value property of this IndicatorSummary.
confidence (int) – The value to assign to the confidence property of this IndicatorSummary.
compartment_id (str) – The value to assign to the compartment_id property of this IndicatorSummary.
threat_types (list[str]) – The value to assign to the threat_types property of this IndicatorSummary.
attributes (list[oci.threat_intelligence.models.IndicatorAttributeSummary]) – The value to assign to the attributes property of this IndicatorSummary.
lifecycle_state (str) – The value to assign to the lifecycle_state property of this IndicatorSummary. Allowed values for this property are: “ACTIVE”, “DELETED”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.
time_created (datetime) – The value to assign to the time_created property of this IndicatorSummary.
time_updated (datetime) – The value to assign to the time_updated property of this IndicatorSummary.
time_last_seen (datetime) – The value to assign to the time_last_seen property of this IndicatorSummary.
geodata (oci.threat_intelligence.models.GeodataDetails) – The value to assign to the geodata property of this IndicatorSummary.

attributes¶

[Required] Gets the attributes of this IndicatorSummary. A map of attributes with additional information about the indicator. Each attribute has a name (string), value (string), and attribution (supporting data).

Returns:	The attributes of this IndicatorSummary.
Return type:	list[oci.threat_intelligence.models.IndicatorAttributeSummary]

compartment_id¶

Gets the compartment_id of this IndicatorSummary. The OCID of the compartment that contains this indicator.

Returns:	The compartment_id of this IndicatorSummary.
Return type:	str

confidence¶

Gets the confidence of this IndicatorSummary. An integer from 0 to 100 that represents how certain we are that the indicator is malicious and a potential threat if it is detected communicating with your cloud resources. This confidence value is aggregated from the confidence in the threat types, attributes, and relationships to create an overall value for the indicator.

Returns:	The confidence of this IndicatorSummary.
Return type:	int

geodata¶

[Required] Gets the geodata of this IndicatorSummary.

Returns:	The geodata of this IndicatorSummary.
Return type:	oci.threat_intelligence.models.GeodataDetails

id¶

[Required] Gets the id of this IndicatorSummary. The OCID of the indicator.

Returns:	The id of this IndicatorSummary.
Return type:	str

lifecycle_state¶

Gets the lifecycle_state of this IndicatorSummary. The state of the indicator. It will always be ACTIVE.

Allowed values for this property are: “ACTIVE”, “DELETED”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.

Returns:	The lifecycle_state of this IndicatorSummary.
Return type:	str

threat_types¶

[Required] Gets the threat_types of this IndicatorSummary. Characteristics of the threat indicator based on previous observations or behavior. May include related tactics, techniques, and procedures.

Returns:	The threat_types of this IndicatorSummary.
Return type:	list[str]

time_created¶

[Required] Gets the time_created of this IndicatorSummary. The date and time that the indicator was first detected. An RFC3339 formatted string.

Returns:	The time_created of this IndicatorSummary.
Return type:	datetime

time_last_seen¶

[Required] Gets the time_last_seen of this IndicatorSummary. The date and time that this indicator was last seen. The value is the same as timeCreated for a new indicator. An RFC3339 formatted string.

Returns:	The time_last_seen of this IndicatorSummary.
Return type:	datetime

time_updated¶

[Required] Gets the time_updated of this IndicatorSummary. The date and time that this indicator was last updated by the system. Updates can include new reports or regular updates in confidence. The value is the same as timeCreated for a new indicator. An RFC3339 formatted string.

Returns:	The time_updated of this IndicatorSummary.
Return type:	datetime

type¶

[Required] Gets the type of this IndicatorSummary. The type of indicator.

Allowed values for this property are: “DOMAIN_NAME”, “FILE_NAME”, “MD5_HASH”, “SHA1_HASH”, “SHA256_HASH”, “IP_ADDRESS”, “URL”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.

Returns:	The type of this IndicatorSummary.
Return type:	str

value¶

[Required] Gets the value of this IndicatorSummary. The indicator data value.

Returns:	The value of this IndicatorSummary.
Return type:	str