Threat Intelligence Common Types

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_VARCHAR2_TBL Type

Nested table type of varchar2(32767).

Syntax

CREATE OR REPLACE NONEDITIONABLE TYPE dbms_cloud_oci_threat_intelligence_varchar2_tbl FORCE IS TABLE OF (varchar2(32767)) NOT PERSISTABLE;

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_SOURCE_SUMMARY_T Type

Information about the source of threat indicator data.

Syntax

CREATE OR REPLACE NONEDITIONABLE TYPE dbms_cloud_oci_threat_intelligence_indicator_source_summary_t FORCE AUTHID CURRENT_USER IS OBJECT (
  name varchar2(32767),
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_indicator_source_summary_t
    RETURN SELF AS RESULT,
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_indicator_source_summary_t (
    name varchar2
  ) RETURN SELF AS RESULT
) NOT PERSISTABLE;

Fields

Field	Description
`name`	(required) The name of the source.

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_DATA_VISIBILITY_T Type

The visibility level of attribution data, including its Traffic Light Protocol (TLP) color.

Syntax

CREATE OR REPLACE NONEDITIONABLE TYPE dbms_cloud_oci_threat_intelligence_data_visibility_t FORCE AUTHID CURRENT_USER IS OBJECT (
  name varchar2(32767),
  tlp_name varchar2(32767),
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_data_visibility_t
    RETURN SELF AS RESULT,
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_data_visibility_t (
    name varchar2,
    tlp_name varchar2
  ) RETURN SELF AS RESULT
) NOT PERSISTABLE;

Fields

Field Description

Field	Description
`name`	(required) The name of the visibility level.
`tlp_name`	(required) The Traffic Light Protocol (TLP) color of the visibility level. Allowed values are: 'TLP_INTERNAL_AUDIT', 'TLP_WHITE', 'TLP_GREEN', 'TLP_AMBER', 'TLP_RED'

name

(required) The name of the visibility level.

tlp_name

(required) The Traffic Light Protocol (TLP) color of the visibility level.

Allowed values are: 'TLP_INTERNAL_AUDIT', 'TLP_WHITE', 'TLP_GREEN', 'TLP_AMBER', 'TLP_RED'

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_DATA_ATTRIBUTION_T Type

The confidence, source information, and visibility for a particular sighting or observation of some data associated with a threat indicator. This associated data can be the indicator's threat type, attribute, or relationship.

Syntax

CREATE OR REPLACE NONEDITIONABLE TYPE dbms_cloud_oci_threat_intelligence_data_attribution_t FORCE AUTHID CURRENT_USER IS OBJECT (
  confidence number,
  source dbms_cloud_oci_threat_intelligence_indicator_source_summary_t,
  visibility dbms_cloud_oci_threat_intelligence_data_visibility_t,
  time_first_seen timestamp with time zone,
  time_last_seen timestamp with time zone,
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_data_attribution_t
    RETURN SELF AS RESULT,
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_data_attribution_t (
    confidence number,
    source dbms_cloud_oci_threat_intelligence_indicator_source_summary_t,
    visibility dbms_cloud_oci_threat_intelligence_data_visibility_t,
    time_first_seen timestamp with time zone,
    time_last_seen timestamp with time zone
  ) RETURN SELF AS RESULT
) NOT PERSISTABLE;

Fields

Field	Description
`confidence`	(required) An integer from 0 to 100 that provides a measure of our certainty in the maliciousness of data attributed to an indicator. For example, if the source of the data being attributed is the Tor Project, our confidence that the associated indicator is a tor exit node would be 100.
`source`	(required)
`visibility`	(required)
`time_first_seen`	(optional) The date and time the attribution data was first seen for this entity. If the data source does not provide this information, it is set to the last time it was seen. An RFC3339 formatted string.
`time_last_seen`	(required) The last date and time the attribution data was seen for this entity. An RFC3339 formatted string.

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_ENTITY_REFERENCE_T Type

A reference to a resource or other entity.

Syntax

CREATE OR REPLACE NONEDITIONABLE TYPE dbms_cloud_oci_threat_intelligence_entity_reference_t FORCE AUTHID CURRENT_USER IS OBJECT (
  l_type varchar2(32767),
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_entity_reference_t
    RETURN SELF AS RESULT,
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_entity_reference_t (
    l_type varchar2
  ) RETURN SELF AS RESULT
) NOT PERSISTABLE NOT FINAL;

Fields

Field Description

Field	Description
`l_type`	(required) The type of the referenced entity. Allowed values are: 'INDICATOR'

l_type

(required) The type of the referenced entity.

Allowed values are: 'INDICATOR'

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_ERROR_T Type

Error Information.

Syntax

CREATE OR REPLACE NONEDITIONABLE TYPE dbms_cloud_oci_threat_intelligence_error_t FORCE AUTHID CURRENT_USER IS OBJECT (
  code varchar2(32767),
  message varchar2(32767),
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_error_t
    RETURN SELF AS RESULT,
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_error_t (
    code varchar2,
    message varchar2
  ) RETURN SELF AS RESULT
) NOT PERSISTABLE;

Fields

Field	Description
`code`	(required) A short error code that defines the error, meant for programmatic parsing.
`message`	(required) A human-readable error string.

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_GEODATA_DETAILS_T Type

Geodata information for a given IP address

Syntax

CREATE OR REPLACE NONEDITIONABLE TYPE dbms_cloud_oci_threat_intelligence_geodata_details_t FORCE AUTHID CURRENT_USER IS OBJECT (
  routed_prefix varchar2(32767),
  origin varchar2(32767),
  geo_id varchar2(32767),
  country_code varchar2(32767),
  admin_div varchar2(32767),
  city varchar2(32767),
  latitude varchar2(32767),
  longitude varchar2(32767),
  label varchar2(32767),
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_geodata_details_t
    RETURN SELF AS RESULT,
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_geodata_details_t (
    routed_prefix varchar2,
    origin varchar2,
    geo_id varchar2,
    country_code varchar2,
    admin_div varchar2,
    city varchar2,
    latitude varchar2,
    longitude varchar2,
    label varchar2
  ) RETURN SELF AS RESULT
) NOT PERSISTABLE;

Fields

Field	Description
`routed_prefix`	(optional) Encompassing assigned prefix for the IP
`origin`	(required) ASN entry
`geo_id`	(optional) Unique Identifier (optional)
`country_code`	(required) Two-letter abbreviation for country of origin
`admin_div`	(required) State/Province/subdivision within the country
`city`	(required) City of origin
`latitude`	(required) Latitude
`longitude`	(required) Longitude
`label`	(required) Information on source providing the information

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_DATA_ATTRIBUTION_TBL Type

Nested table type of dbms_cloud_oci_threat_intelligence_data_attribution_t.

Syntax

CREATE OR REPLACE NONEDITIONABLE TYPE dbms_cloud_oci_threat_intelligence_data_attribution_tbl FORCE IS TABLE OF (dbms_cloud_oci_threat_intelligence_data_attribution_t) NOT PERSISTABLE;

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_THREAT_TYPE_T Type

A threat type along with attribution data that associates it to a threat indicator.

Syntax

CREATE OR REPLACE NONEDITIONABLE TYPE dbms_cloud_oci_threat_intelligence_threat_type_t FORCE AUTHID CURRENT_USER IS OBJECT (
  id varchar2(32767),
  name varchar2(32767),
  attribution dbms_cloud_oci_threat_intelligence_data_attribution_tbl,
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_threat_type_t
    RETURN SELF AS RESULT,
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_threat_type_t (
    id varchar2,
    name varchar2,
    attribution dbms_cloud_oci_threat_intelligence_data_attribution_tbl
  ) RETURN SELF AS RESULT
) NOT PERSISTABLE;

Fields

Field	Description
`id`	(required) The OCID of the threat type.
`name`	(required) The name of the threat type.
`attribution`	(required) The list of supporting attribution information.

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_ATTRIBUTE_T Type

An attribute name and list of values with attribution.

Syntax

CREATE OR REPLACE NONEDITIONABLE TYPE dbms_cloud_oci_threat_intelligence_indicator_attribute_t FORCE AUTHID CURRENT_USER IS OBJECT (
  name varchar2(32767),
  value varchar2(32767),
  attribution dbms_cloud_oci_threat_intelligence_data_attribution_tbl,
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_indicator_attribute_t
    RETURN SELF AS RESULT,
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_indicator_attribute_t (
    name varchar2,
    value varchar2,
    attribution dbms_cloud_oci_threat_intelligence_data_attribution_tbl
  ) RETURN SELF AS RESULT
) NOT PERSISTABLE;

Fields

Field	Description
`name`	(required) The name of the attribute.
`value`	(required) The value of the attribute.
`attribution`	(required) The array of attribution data that support this attribute.

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_RELATIONSHIP_T Type

A relationship name and list of releated entities.

Syntax

CREATE OR REPLACE NONEDITIONABLE TYPE dbms_cloud_oci_threat_intelligence_indicator_relationship_t FORCE AUTHID CURRENT_USER IS OBJECT (
  name varchar2(32767),
  related_entity dbms_cloud_oci_threat_intelligence_entity_reference_t,
  attribution dbms_cloud_oci_threat_intelligence_data_attribution_tbl,
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_indicator_relationship_t
    RETURN SELF AS RESULT,
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_indicator_relationship_t (
    name varchar2,
    related_entity dbms_cloud_oci_threat_intelligence_entity_reference_t,
    attribution dbms_cloud_oci_threat_intelligence_data_attribution_tbl
  ) RETURN SELF AS RESULT
) NOT PERSISTABLE;

Fields

Field	Description
`name`	(required) The name of the attribute.
`related_entity`	(required)
`attribution`	(required) The array of attribution data that support this relationship.

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_THREAT_TYPE_TBL Type

Nested table type of dbms_cloud_oci_threat_intelligence_threat_type_t.

Syntax

CREATE OR REPLACE NONEDITIONABLE TYPE dbms_cloud_oci_threat_intelligence_threat_type_tbl FORCE IS TABLE OF (dbms_cloud_oci_threat_intelligence_threat_type_t) NOT PERSISTABLE;

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_ATTRIBUTE_TBL Type

Nested table type of dbms_cloud_oci_threat_intelligence_indicator_attribute_t.

Syntax

CREATE OR REPLACE NONEDITIONABLE TYPE dbms_cloud_oci_threat_intelligence_indicator_attribute_tbl FORCE IS TABLE OF (dbms_cloud_oci_threat_intelligence_indicator_attribute_t) NOT PERSISTABLE;

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_RELATIONSHIP_TBL Type

Nested table type of dbms_cloud_oci_threat_intelligence_indicator_relationship_t.

Syntax

CREATE OR REPLACE NONEDITIONABLE TYPE dbms_cloud_oci_threat_intelligence_indicator_relationship_tbl FORCE IS TABLE OF (dbms_cloud_oci_threat_intelligence_indicator_relationship_t) NOT PERSISTABLE;

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_T Type

A data signature observed on a network or host that indicates a potential security threat. Indicators can be plain text or computed (hashed) values.

Syntax

CREATE OR REPLACE NONEDITIONABLE TYPE dbms_cloud_oci_threat_intelligence_indicator_t FORCE AUTHID CURRENT_USER IS OBJECT (
  id varchar2(32767),
  l_type varchar2(32767),
  value varchar2(32767),
  confidence number,
  compartment_id varchar2(32767),
  threat_types dbms_cloud_oci_threat_intelligence_threat_type_tbl,
  attributes dbms_cloud_oci_threat_intelligence_indicator_attribute_tbl,
  relationships dbms_cloud_oci_threat_intelligence_indicator_relationship_tbl,
  lifecycle_state varchar2(32767),
  time_created timestamp with time zone,
  time_updated timestamp with time zone,
  time_last_seen timestamp with time zone,
  geodata dbms_cloud_oci_threat_intelligence_geodata_details_t,
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_indicator_t
    RETURN SELF AS RESULT,
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_indicator_t (
    id varchar2,
    l_type varchar2,
    value varchar2,
    confidence number,
    compartment_id varchar2,
    threat_types dbms_cloud_oci_threat_intelligence_threat_type_tbl,
    attributes dbms_cloud_oci_threat_intelligence_indicator_attribute_tbl,
    relationships dbms_cloud_oci_threat_intelligence_indicator_relationship_tbl,
    lifecycle_state varchar2,
    time_created timestamp with time zone,
    time_updated timestamp with time zone,
    time_last_seen timestamp with time zone,
    geodata dbms_cloud_oci_threat_intelligence_geodata_details_t
  ) RETURN SELF AS RESULT
) NOT PERSISTABLE;

Fields

Field	Description
`id`	(required) The OCID of the indicator.
`l_type`	(required) The type of indicator. Allowed values are: 'DOMAIN_NAME', 'FILE_NAME', 'MD5_HASH', 'SHA1_HASH', 'SHA256_HASH', 'IP_ADDRESS', 'URL'
`value`	(required) The value for this indicator. The value's format is dependent upon its `type`. Examples: DOMAIN_NAME \"evil.example.com\" MD5_HASH \"44d88612fea8a8f36de82e1278abb02f\" IP_ADDRESS \"2001:db8::1\"
`confidence`	(optional) An integer from 0 to 100 that represents how certain we are that the indicator is malicious and a potential threat if it is detected communicating with your cloud resources. This confidence value is aggregated from the confidence in the threat types, attributes, and relationships to create an overall value for the indicator.
`compartment_id`	(optional) The OCID of the compartment that contains this indicator.
`threat_types`	(required) Characteristics of the threat indicator based on previous observations or behavior. May include related tactics, techniques, and procedures.
`attributes`	(required) A map of attributes with additional information about the indicator. Each attribute has a name (string), value (string), and attribution (supporting data).
`relationships`	(required) A map of relationships between the indicator and other entities. Each relationship has a name (string), related entity, and attribution (supporting data).
`lifecycle_state`	(optional) The state of the indicator. It will always be `ACTIVE`. Allowed values are: 'ACTIVE', 'DELETED'
`time_created`	(required) The date and time that the indicator was first detected. An RFC3339 formatted string.
`time_updated`	(required) The date and time that this indicator was last updated. The value is the same as `timeCreated` for a new indicator. An RFC3339 formatted string.
`time_last_seen`	(required) The date and time that this indicator was last seen. The value is the same as `timeCreated` for a new indicator. An RFC3339 formatted string.
`geodata`	(required)

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_ATTRIBUTE_SUMMARY_T Type

An attribute name and list of values.

Syntax

CREATE OR REPLACE NONEDITIONABLE TYPE dbms_cloud_oci_threat_intelligence_indicator_attribute_summary_t FORCE AUTHID CURRENT_USER IS OBJECT (
  name varchar2(32767),
  value varchar2(32767),
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_indicator_attribute_summary_t
    RETURN SELF AS RESULT,
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_indicator_attribute_summary_t (
    name varchar2,
    value varchar2
  ) RETURN SELF AS RESULT
) NOT PERSISTABLE;

Fields

Field	Description
`name`	(required) The name of the attribute.
`value`	(required) The value of the attribute.

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_COUNT_DIMENSIONS_T Type

The indicator dimension that was counted, such as the indicator type.

Syntax

CREATE OR REPLACE NONEDITIONABLE TYPE dbms_cloud_oci_threat_intelligence_indicator_count_dimensions_t FORCE AUTHID CURRENT_USER IS OBJECT (
  compartment_id varchar2(32767),
  l_type varchar2(32767),
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_indicator_count_dimensions_t
    RETURN SELF AS RESULT,
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_indicator_count_dimensions_t (
    compartment_id varchar2,
    l_type varchar2
  ) RETURN SELF AS RESULT
) NOT PERSISTABLE;

Fields

Field Description

Field	Description
`compartment_id`	(optional) The compartment OCID that contains the indicator type.
`l_type`	(optional) The indicator type that was counted. Allowed values are: 'DOMAIN_NAME', 'FILE_NAME', 'MD5_HASH', 'SHA1_HASH', 'SHA256_HASH', 'IP_ADDRESS', 'URL'

compartment_id

(optional) The compartment OCID that contains the indicator type.

l_type

(optional) The indicator type that was counted.

Allowed values are: 'DOMAIN_NAME', 'FILE_NAME', 'MD5_HASH', 'SHA1_HASH', 'SHA256_HASH', 'IP_ADDRESS', 'URL'

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_COUNT_SUMMARY_T Type

A group of indicators with the same dimensions, such as the same indicator type.

Syntax

CREATE OR REPLACE NONEDITIONABLE TYPE dbms_cloud_oci_threat_intelligence_indicator_count_summary_t FORCE AUTHID CURRENT_USER IS OBJECT (
  dimensions dbms_cloud_oci_threat_intelligence_indicator_count_dimensions_t,
  l_count number,
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_indicator_count_summary_t
    RETURN SELF AS RESULT,
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_indicator_count_summary_t (
    dimensions dbms_cloud_oci_threat_intelligence_indicator_count_dimensions_t,
    l_count number
  ) RETURN SELF AS RESULT
) NOT PERSISTABLE;

Fields

Field	Description
`dimensions`	(required)
`l_count`	(required) The count of indicators in the group.

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_COUNT_SUMMARY_TBL Type

Nested table type of dbms_cloud_oci_threat_intelligence_indicator_count_summary_t.

Syntax

CREATE OR REPLACE NONEDITIONABLE TYPE dbms_cloud_oci_threat_intelligence_indicator_count_summary_tbl FORCE IS TABLE OF (dbms_cloud_oci_threat_intelligence_indicator_count_summary_t) NOT PERSISTABLE;

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_COUNT_COLLECTION_T Type

A list of indicator counts by indicator type.

Syntax

CREATE OR REPLACE NONEDITIONABLE TYPE dbms_cloud_oci_threat_intelligence_indicator_count_collection_t FORCE AUTHID CURRENT_USER IS OBJECT (
  items dbms_cloud_oci_threat_intelligence_indicator_count_summary_tbl,
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_indicator_count_collection_t
    RETURN SELF AS RESULT,
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_indicator_count_collection_t (
    items dbms_cloud_oci_threat_intelligence_indicator_count_summary_tbl
  ) RETURN SELF AS RESULT
) NOT PERSISTABLE;

Fields

Field	Description
`items`	(required) The list of aggregated indicator counts.

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_REFERENCE_T Type

A reference to a threat indicator resource.

Syntax

CREATE OR REPLACE NONEDITIONABLE TYPE dbms_cloud_oci_threat_intelligence_indicator_reference_t FORCE AUTHID CURRENT_USER UNDER dbms_cloud_oci_threat_intelligence_entity_reference_t (
  indicator_id varchar2(32767),
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_indicator_reference_t
    RETURN SELF AS RESULT,
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_indicator_reference_t (
    l_type varchar2,
    indicator_id varchar2
  ) RETURN SELF AS RESULT
);

dbms_cloud_oci_threat_intelligence_indicator_reference_t is a subtype of the dbms_cloud_oci_threat_intelligence_entity_reference_t type.

Fields

Field	Description
`indicator_id`	(required) The unique OCID of the referenced threat indicator.

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_ATTRIBUTE_SUMMARY_TBL Type

Nested table type of dbms_cloud_oci_threat_intelligence_indicator_attribute_summary_t.

Syntax

CREATE OR REPLACE NONEDITIONABLE TYPE dbms_cloud_oci_threat_intelligence_indicator_attribute_summary_tbl FORCE IS TABLE OF (dbms_cloud_oci_threat_intelligence_indicator_attribute_summary_t) NOT PERSISTABLE;

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_SUMMARY_T Type

Summary of a data signature observed on a network or host that indicates a potential security threat.

Syntax

CREATE OR REPLACE NONEDITIONABLE TYPE dbms_cloud_oci_threat_intelligence_indicator_summary_t FORCE AUTHID CURRENT_USER IS OBJECT (
  id varchar2(32767),
  l_type varchar2(32767),
  value varchar2(32767),
  confidence number,
  compartment_id varchar2(32767),
  threat_types dbms_cloud_oci_threat_intelligence_varchar2_tbl,
  attributes dbms_cloud_oci_threat_intelligence_indicator_attribute_summary_tbl,
  lifecycle_state varchar2(32767),
  time_created timestamp with time zone,
  time_updated timestamp with time zone,
  time_last_seen timestamp with time zone,
  geodata dbms_cloud_oci_threat_intelligence_geodata_details_t,
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_indicator_summary_t
    RETURN SELF AS RESULT,
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_indicator_summary_t (
    id varchar2,
    l_type varchar2,
    value varchar2,
    confidence number,
    compartment_id varchar2,
    threat_types dbms_cloud_oci_threat_intelligence_varchar2_tbl,
    attributes dbms_cloud_oci_threat_intelligence_indicator_attribute_summary_tbl,
    lifecycle_state varchar2,
    time_created timestamp with time zone,
    time_updated timestamp with time zone,
    time_last_seen timestamp with time zone,
    geodata dbms_cloud_oci_threat_intelligence_geodata_details_t
  ) RETURN SELF AS RESULT
) NOT PERSISTABLE;

Fields

Field	Description
`id`	(required) The OCID of the indicator.
`l_type`	(required) The type of indicator. Allowed values are: 'DOMAIN_NAME', 'FILE_NAME', 'MD5_HASH', 'SHA1_HASH', 'SHA256_HASH', 'IP_ADDRESS', 'URL'
`value`	(required) The indicator data value.
`confidence`	(optional) An integer from 0 to 100 that represents how certain we are that the indicator is malicious and a potential threat if it is detected communicating with your cloud resources. This confidence value is aggregated from the confidence in the threat types, attributes, and relationships to create an overall value for the indicator.
`compartment_id`	(optional) The OCID of the compartment that contains this indicator.
`threat_types`	(required) Characteristics of the threat indicator based on previous observations or behavior. May include related tactics, techniques, and procedures.
`attributes`	(required) A map of attributes with additional information about the indicator. Each attribute has a name (string), value (string), and attribution (supporting data).
`lifecycle_state`	(optional) The state of the indicator. It will always be `ACTIVE`. Allowed values are: 'ACTIVE', 'DELETED'
`time_created`	(required) The date and time that the indicator was first detected. An RFC3339 formatted string.
`time_updated`	(required) The date and time that this indicator was last updated by the system. Updates can include new reports or regular updates in confidence. The value is the same as `timeCreated` for a new indicator. An RFC3339 formatted string.
`time_last_seen`	(required) The date and time that this indicator was last seen. The value is the same as `timeCreated` for a new indicator. An RFC3339 formatted string.
`geodata`	(required)

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_SUMMARY_TBL Type

Nested table type of dbms_cloud_oci_threat_intelligence_indicator_summary_t.

Syntax

CREATE OR REPLACE NONEDITIONABLE TYPE dbms_cloud_oci_threat_intelligence_indicator_summary_tbl FORCE IS TABLE OF (dbms_cloud_oci_threat_intelligence_indicator_summary_t) NOT PERSISTABLE;

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_SUMMARY_COLLECTION_T Type

List of indicator summary objects.

Syntax

CREATE OR REPLACE NONEDITIONABLE TYPE dbms_cloud_oci_threat_intelligence_indicator_summary_collection_t FORCE AUTHID CURRENT_USER IS OBJECT (
  items dbms_cloud_oci_threat_intelligence_indicator_summary_tbl,
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_indicator_summary_collection_t
    RETURN SELF AS RESULT,
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_indicator_summary_collection_t (
    items dbms_cloud_oci_threat_intelligence_indicator_summary_tbl
  ) RETURN SELF AS RESULT
) NOT PERSISTABLE;

Fields

Field	Description
`items`	(required) The list of indicator summaries.

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_SUMMARIZE_INDICATORS_DETAILS_T Type

Query parameters to filter indicators

Syntax

CREATE OR REPLACE NONEDITIONABLE TYPE dbms_cloud_oci_threat_intelligence_summarize_indicators_details_t FORCE AUTHID CURRENT_USER IS OBJECT (
  indicator_type varchar2(32767),
  indicator_value varchar2(32767),
  threat_types dbms_cloud_oci_threat_intelligence_varchar2_tbl,
  confidence_greater_than_or_equal_to number,
  time_updated_greater_than_or_equal_to timestamp with time zone,
  time_updated_less_than timestamp with time zone,
  time_last_seen_greater_than_or_equal_to timestamp with time zone,
  time_last_seen_less_than timestamp with time zone,
  time_created_greater_than_or_equal_to timestamp with time zone,
  time_created_less_than timestamp with time zone,
  indicator_seen_by varchar2(32767),
  malware varchar2(32767),
  threat_actor varchar2(32767),
  sort_order varchar2(32767),
  sort_by varchar2(32767),
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_summarize_indicators_details_t
    RETURN SELF AS RESULT,
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_summarize_indicators_details_t (
    indicator_type varchar2,
    indicator_value varchar2,
    threat_types dbms_cloud_oci_threat_intelligence_varchar2_tbl,
    confidence_greater_than_or_equal_to number,
    time_updated_greater_than_or_equal_to timestamp with time zone,
    time_updated_less_than timestamp with time zone,
    time_last_seen_greater_than_or_equal_to timestamp with time zone,
    time_last_seen_less_than timestamp with time zone,
    time_created_greater_than_or_equal_to timestamp with time zone,
    time_created_less_than timestamp with time zone,
    indicator_seen_by varchar2,
    malware varchar2,
    threat_actor varchar2,
    sort_order varchar2,
    sort_by varchar2
  ) RETURN SELF AS RESULT
) NOT PERSISTABLE;

Fields

Field	Description
`indicator_type`	(optional) The type of indicator this is Allowed values are: 'DOMAIN_NAME', 'FILE_NAME', 'MD5_HASH', 'SHA1_HASH', 'SHA256_HASH', 'IP_ADDRESS', 'URL'
`indicator_value`	(optional) The value for the type of indicator this is
`threat_types`	(optional) The threat type of entites to be returned.
`confidence_greater_than_or_equal_to`	(optional) The minimum level of confidence to return
`time_updated_greater_than_or_equal_to`	(optional) The oldest update time of entities to be returned.
`time_updated_less_than`	(optional) The newest update time of entities to be returned.
`time_last_seen_greater_than_or_equal_to`	(optional) The oldest last seen time of entities to be returned.
`time_last_seen_less_than`	(optional) The newest last seen time of entities to be returned.
`time_created_greater_than_or_equal_to`	(optional) The oldest creation time of entities to be returned.
`time_created_less_than`	(optional) The newest creation time of entities to be returned.
`indicator_seen_by`	(optional) Filter to include indicators that have been seen by the provided source.
`malware`	(optional) Filter to include indicators associated with the provided malware.
`threat_actor`	(optional) Filter to included indicators associated with the provided threat actor.
`sort_order`	(optional) The sort order to use, either 'ASC' or 'DESC'. Allowed values are: 'ASC', 'DESC'
`sort_by`	(optional) The field to sort by. Only one field to sort by may be provided Allowed values are: 'CONFIDENCE', 'TIMECREATED', 'TIMEUPDATED', 'TIMELASTSEEN'

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_THREAT_TYPE_SUMMARY_T Type

The name of a threat type and its ID.

Syntax

CREATE OR REPLACE NONEDITIONABLE TYPE dbms_cloud_oci_threat_intelligence_threat_type_summary_t FORCE AUTHID CURRENT_USER IS OBJECT (
  id varchar2(32767),
  name varchar2(32767),
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_threat_type_summary_t
    RETURN SELF AS RESULT,
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_threat_type_summary_t (
    id varchar2,
    name varchar2
  ) RETURN SELF AS RESULT
) NOT PERSISTABLE;

Fields

Field	Description
`id`	(required) The OCID of the threat type
`name`	(required) The name of the threat type

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_THREAT_TYPE_SUMMARY_TBL Type

Nested table type of dbms_cloud_oci_threat_intelligence_threat_type_summary_t.

Syntax

CREATE OR REPLACE NONEDITIONABLE TYPE dbms_cloud_oci_threat_intelligence_threat_type_summary_tbl FORCE IS TABLE OF (dbms_cloud_oci_threat_intelligence_threat_type_summary_t) NOT PERSISTABLE;

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_THREAT_TYPES_COLLECTION_T Type

List of threat types that can be associated with threat indicators.

Syntax

CREATE OR REPLACE NONEDITIONABLE TYPE dbms_cloud_oci_threat_intelligence_threat_types_collection_t FORCE AUTHID CURRENT_USER IS OBJECT (
  items dbms_cloud_oci_threat_intelligence_threat_type_summary_tbl,
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_threat_types_collection_t
    RETURN SELF AS RESULT,
  CONSTRUCTOR FUNCTION dbms_cloud_oci_threat_intelligence_threat_types_collection_t (
    items dbms_cloud_oci_threat_intelligence_threat_type_summary_tbl
  ) RETURN SELF AS RESULT
) NOT PERSISTABLE;

Fields

Field	Description
`items`	(required) The list of threat types that can be used to search for threat indicators.

Oracle Cloud Infrastructure Documentation Try Free Tier

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_VARCHAR2_TBL Type 🔗

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_SOURCE_SUMMARY_T Type 🔗

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_DATA_VISIBILITY_T Type 🔗

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_DATA_ATTRIBUTION_T Type 🔗

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_ENTITY_REFERENCE_T Type 🔗

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_ERROR_T Type 🔗

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_GEODATA_DETAILS_T Type 🔗

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_DATA_ATTRIBUTION_TBL Type 🔗

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_THREAT_TYPE_T Type 🔗

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_ATTRIBUTE_T Type 🔗

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_RELATIONSHIP_T Type 🔗

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_THREAT_TYPE_TBL Type 🔗

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_ATTRIBUTE_TBL Type 🔗

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_RELATIONSHIP_TBL Type 🔗

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_T Type 🔗

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_ATTRIBUTE_SUMMARY_T Type 🔗

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_COUNT_DIMENSIONS_T Type 🔗

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_COUNT_SUMMARY_T Type 🔗

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_COUNT_SUMMARY_TBL Type 🔗

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_COUNT_COLLECTION_T Type 🔗

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_REFERENCE_T Type 🔗

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_ATTRIBUTE_SUMMARY_TBL Type 🔗

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_SUMMARY_T Type 🔗

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_SUMMARY_TBL Type 🔗

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_SUMMARY_COLLECTION_T Type 🔗

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_SUMMARIZE_INDICATORS_DETAILS_T Type 🔗

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_THREAT_TYPE_SUMMARY_T Type 🔗

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_THREAT_TYPE_SUMMARY_TBL Type 🔗

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_THREAT_TYPES_COLLECTION_T Type 🔗

Oracle Cloud Infrastructure Documentation
Try Free Tier

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_VARCHAR2_TBL Type

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_SOURCE_SUMMARY_T Type

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_DATA_VISIBILITY_T Type

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_DATA_ATTRIBUTION_T Type

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_ENTITY_REFERENCE_T Type

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_ERROR_T Type

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_GEODATA_DETAILS_T Type

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_DATA_ATTRIBUTION_TBL Type

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_THREAT_TYPE_T Type

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_ATTRIBUTE_T Type

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_RELATIONSHIP_T Type

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_THREAT_TYPE_TBL Type

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_ATTRIBUTE_TBL Type

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_RELATIONSHIP_TBL Type

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_T Type

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_ATTRIBUTE_SUMMARY_T Type

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_COUNT_DIMENSIONS_T Type

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_COUNT_SUMMARY_T Type

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_COUNT_SUMMARY_TBL Type

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_COUNT_COLLECTION_T Type

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_REFERENCE_T Type

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_ATTRIBUTE_SUMMARY_TBL Type

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_SUMMARY_T Type

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_SUMMARY_TBL Type

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_INDICATOR_SUMMARY_COLLECTION_T Type

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_SUMMARIZE_INDICATORS_DETAILS_T Type

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_THREAT_TYPE_SUMMARY_T Type

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_THREAT_TYPE_SUMMARY_TBL Type

DBMS_CLOUD_OCI_THREAT_INTELLIGENCE_THREAT_TYPES_COLLECTION_T Type