Sighting

class oci.cloud_guard.models.Sighting(**kwargs)

Bases: object

Sighting details.

Attributes

CLASSIFICATION_STATUS_FALSE_NEGATIVE A constant which can be used with the classification_status property of a Sighting.
CLASSIFICATION_STATUS_FALSE_POSITIVE A constant which can be used with the classification_status property of a Sighting.
CLASSIFICATION_STATUS_NOT_CLASSIFIED A constant which can be used with the classification_status property of a Sighting.
CLASSIFICATION_STATUS_TRUE_NEGATIVE A constant which can be used with the classification_status property of a Sighting.
CLASSIFICATION_STATUS_TRUE_POSITIVE A constant which can be used with the classification_status property of a Sighting.
CONFIDENCE_CRITICAL A constant which can be used with the confidence property of a Sighting.
CONFIDENCE_HIGH A constant which can be used with the confidence property of a Sighting.
CONFIDENCE_LOW A constant which can be used with the confidence property of a Sighting.
CONFIDENCE_MEDIUM A constant which can be used with the confidence property of a Sighting.
CONFIDENCE_MINOR A constant which can be used with the confidence property of a Sighting.
SEVERITY_CRITICAL A constant which can be used with the severity property of a Sighting.
SEVERITY_HIGH A constant which can be used with the severity property of a Sighting.
SEVERITY_LOW A constant which can be used with the severity property of a Sighting.
SEVERITY_MEDIUM A constant which can be used with the severity property of a Sighting.
SEVERITY_MINOR A constant which can be used with the severity property of a Sighting.
actor_principal_id Gets the actor_principal_id of this Sighting.
actor_principal_name Gets the actor_principal_name of this Sighting.
actor_principal_type Gets the actor_principal_type of this Sighting.
additional_details Gets the additional_details of this Sighting.
classification_status [Required] Gets the classification_status of this Sighting.
compartment_id [Required] Gets the compartment_id of this Sighting.
confidence [Required] Gets the confidence of this Sighting.
description [Required] Gets the description of this Sighting.
id [Required] Gets the id of this Sighting.
locks Gets the locks of this Sighting.
problem_id Gets the problem_id of this Sighting.
regions [Required] Gets the regions of this Sighting.
severity [Required] Gets the severity of this Sighting.
sighting_score [Required] Gets the sighting_score of this Sighting.
sighting_type [Required] Gets the sighting_type of this Sighting.
sighting_type_display_name [Required] Gets the sighting_type_display_name of this Sighting.
tactic_name [Required] Gets the tactic_name of this Sighting.
technique_name [Required] Gets the technique_name of this Sighting.
time_first_detected [Required] Gets the time_first_detected of this Sighting.
time_first_occurred Gets the time_first_occurred of this Sighting.
time_last_detected [Required] Gets the time_last_detected of this Sighting.
time_last_occurred Gets the time_last_occurred of this Sighting.

Methods

__init__(**kwargs) Initializes a new Sighting object with values from keyword arguments.
CLASSIFICATION_STATUS_FALSE_NEGATIVE = 'FALSE_NEGATIVE'

A constant which can be used with the classification_status property of a Sighting. This constant has a value of “FALSE_NEGATIVE”

CLASSIFICATION_STATUS_FALSE_POSITIVE = 'FALSE_POSITIVE'

A constant which can be used with the classification_status property of a Sighting. This constant has a value of “FALSE_POSITIVE”

CLASSIFICATION_STATUS_NOT_CLASSIFIED = 'NOT_CLASSIFIED'

A constant which can be used with the classification_status property of a Sighting. This constant has a value of “NOT_CLASSIFIED”

CLASSIFICATION_STATUS_TRUE_NEGATIVE = 'TRUE_NEGATIVE'

A constant which can be used with the classification_status property of a Sighting. This constant has a value of “TRUE_NEGATIVE”

CLASSIFICATION_STATUS_TRUE_POSITIVE = 'TRUE_POSITIVE'

A constant which can be used with the classification_status property of a Sighting. This constant has a value of “TRUE_POSITIVE”

CONFIDENCE_CRITICAL = 'CRITICAL'

A constant which can be used with the confidence property of a Sighting. This constant has a value of “CRITICAL”

CONFIDENCE_HIGH = 'HIGH'

A constant which can be used with the confidence property of a Sighting. This constant has a value of “HIGH”

CONFIDENCE_LOW = 'LOW'

A constant which can be used with the confidence property of a Sighting. This constant has a value of “LOW”

CONFIDENCE_MEDIUM = 'MEDIUM'

A constant which can be used with the confidence property of a Sighting. This constant has a value of “MEDIUM”

CONFIDENCE_MINOR = 'MINOR'

A constant which can be used with the confidence property of a Sighting. This constant has a value of “MINOR”

SEVERITY_CRITICAL = 'CRITICAL'

A constant which can be used with the severity property of a Sighting. This constant has a value of “CRITICAL”

SEVERITY_HIGH = 'HIGH'

A constant which can be used with the severity property of a Sighting. This constant has a value of “HIGH”

SEVERITY_LOW = 'LOW'

A constant which can be used with the severity property of a Sighting. This constant has a value of “LOW”

SEVERITY_MEDIUM = 'MEDIUM'

A constant which can be used with the severity property of a Sighting. This constant has a value of “MEDIUM”

SEVERITY_MINOR = 'MINOR'

A constant which can be used with the severity property of a Sighting. This constant has a value of “MINOR”

__init__(**kwargs)

Initializes a new Sighting object with values from keyword arguments. The following keyword arguments are supported (corresponding to the getters/setters of this class):

Parameters:
  • id (str) – The value to assign to the id property of this Sighting.
  • description (str) – The value to assign to the description property of this Sighting.
  • problem_id (str) – The value to assign to the problem_id property of this Sighting.
  • compartment_id (str) – The value to assign to the compartment_id property of this Sighting.
  • actor_principal_id (str) – The value to assign to the actor_principal_id property of this Sighting.
  • actor_principal_name (str) – The value to assign to the actor_principal_name property of this Sighting.
  • actor_principal_type (str) – The value to assign to the actor_principal_type property of this Sighting.
  • classification_status (str) – The value to assign to the classification_status property of this Sighting. Allowed values for this property are: “FALSE_NEGATIVE”, “TRUE_NEGATIVE”, “FALSE_POSITIVE”, “TRUE_POSITIVE”, “NOT_CLASSIFIED”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.
  • sighting_type (str) – The value to assign to the sighting_type property of this Sighting.
  • sighting_type_display_name (str) – The value to assign to the sighting_type_display_name property of this Sighting.
  • tactic_name (str) – The value to assign to the tactic_name property of this Sighting.
  • technique_name (str) – The value to assign to the technique_name property of this Sighting.
  • sighting_score (int) – The value to assign to the sighting_score property of this Sighting.
  • severity (str) – The value to assign to the severity property of this Sighting. Allowed values for this property are: “CRITICAL”, “HIGH”, “MEDIUM”, “LOW”, “MINOR”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.
  • confidence (str) – The value to assign to the confidence property of this Sighting. Allowed values for this property are: “CRITICAL”, “HIGH”, “MEDIUM”, “LOW”, “MINOR”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.
  • time_first_detected (datetime) – The value to assign to the time_first_detected property of this Sighting.
  • time_last_detected (datetime) – The value to assign to the time_last_detected property of this Sighting.
  • time_first_occurred (datetime) – The value to assign to the time_first_occurred property of this Sighting.
  • time_last_occurred (datetime) – The value to assign to the time_last_occurred property of this Sighting.
  • regions (list[str]) – The value to assign to the regions property of this Sighting.
  • additional_details (dict(str, str)) – The value to assign to the additional_details property of this Sighting.
  • locks (list[oci.cloud_guard.models.ResourceLock]) – The value to assign to the locks property of this Sighting.
actor_principal_id

Gets the actor_principal_id of this Sighting. Unique identifier for principal actor

Returns:The actor_principal_id of this Sighting.
Return type:str
actor_principal_name

Gets the actor_principal_name of this Sighting. Name of the principal actor

Returns:The actor_principal_name of this Sighting.
Return type:str
actor_principal_type

Gets the actor_principal_type of this Sighting. Type of the principal actor

Returns:The actor_principal_type of this Sighting.
Return type:str
additional_details

Gets the additional_details of this Sighting. The additional details for the sighting

Returns:The additional_details of this Sighting.
Return type:dict(str, str)
classification_status

[Required] Gets the classification_status of this Sighting. Classification status of the sighting

Allowed values for this property are: “FALSE_NEGATIVE”, “TRUE_NEGATIVE”, “FALSE_POSITIVE”, “TRUE_POSITIVE”, “NOT_CLASSIFIED”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.

Returns:The classification_status of this Sighting.
Return type:str
compartment_id

[Required] Gets the compartment_id of this Sighting. Compartment OCID where the resource is created

Returns:The compartment_id of this Sighting.
Return type:str
confidence

[Required] Gets the confidence of this Sighting. Level of confidence that the sighting is not a false positive

Allowed values for this property are: “CRITICAL”, “HIGH”, “MEDIUM”, “LOW”, “MINOR”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.

Returns:The confidence of this Sighting.
Return type:str
description

[Required] Gets the description of this Sighting. Description of the sighting

Returns:The description of this Sighting.
Return type:str
id

[Required] Gets the id of this Sighting. Unique identifier for the sighting

Returns:The id of this Sighting.
Return type:str
locks

Gets the locks of this Sighting. Locks associated with this resource.

Returns:The locks of this Sighting.
Return type:list[oci.cloud_guard.models.ResourceLock]
problem_id

Gets the problem_id of this Sighting. Problem ID associated the sighting

Returns:The problem_id of this Sighting.
Return type:str
regions

[Required] Gets the regions of this Sighting. List of regions involved in the sighting

Returns:The regions of this Sighting.
Return type:list[str]
severity

[Required] Gets the severity of this Sighting. Severity of the sighting

Allowed values for this property are: “CRITICAL”, “HIGH”, “MEDIUM”, “LOW”, “MINOR”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.

Returns:The severity of this Sighting.
Return type:str
sighting_score

[Required] Gets the sighting_score of this Sighting. Score for the sighting

Returns:The sighting_score of this Sighting.
Return type:int
sighting_type

[Required] Gets the sighting_type of this Sighting. Type of sighting

Returns:The sighting_type of this Sighting.
Return type:str
sighting_type_display_name

[Required] Gets the sighting_type_display_name of this Sighting. Display name of the sighting type

Returns:The sighting_type_display_name of this Sighting.
Return type:str
tactic_name

[Required] Gets the tactic_name of this Sighting. Name of the MITRE ATT@CK framework tactic

Returns:The tactic_name of this Sighting.
Return type:str
technique_name

[Required] Gets the technique_name of this Sighting. Name of the MITRE ATT@CK framework technique

Returns:The technique_name of this Sighting.
Return type:str
time_first_detected

[Required] Gets the time_first_detected of this Sighting. Time the activities were first detected. Format defined by RFC3339.

Returns:The time_first_detected of this Sighting.
Return type:datetime
time_first_occurred

Gets the time_first_occurred of this Sighting. Time the activities were first performed. Format defined by RFC3339.

Returns:The time_first_occurred of this Sighting.
Return type:datetime
time_last_detected

[Required] Gets the time_last_detected of this Sighting. Time the activities were last detected. Format defined by RFC3339.

Returns:The time_last_detected of this Sighting.
Return type:datetime
time_last_occurred

Gets the time_last_occurred of this Sighting. Time the activities were last performed. Format defined by RFC3339.

Returns:The time_last_occurred of this Sighting.
Return type:datetime