SightingSummary

class oci.cloud_guard.models.SightingSummary(**kwargs)

Bases: object

Sighting summary definition.

Attributes

CLASSIFICATION_STATUS_FALSE_NEGATIVE A constant which can be used with the classification_status property of a SightingSummary.
CLASSIFICATION_STATUS_FALSE_POSITIVE A constant which can be used with the classification_status property of a SightingSummary.
CLASSIFICATION_STATUS_NOT_CLASSIFIED A constant which can be used with the classification_status property of a SightingSummary.
CLASSIFICATION_STATUS_TRUE_NEGATIVE A constant which can be used with the classification_status property of a SightingSummary.
CLASSIFICATION_STATUS_TRUE_POSITIVE A constant which can be used with the classification_status property of a SightingSummary.
CONFIDENCE_CRITICAL A constant which can be used with the confidence property of a SightingSummary.
CONFIDENCE_HIGH A constant which can be used with the confidence property of a SightingSummary.
CONFIDENCE_LOW A constant which can be used with the confidence property of a SightingSummary.
CONFIDENCE_MEDIUM A constant which can be used with the confidence property of a SightingSummary.
CONFIDENCE_MINOR A constant which can be used with the confidence property of a SightingSummary.
SEVERITY_CRITICAL A constant which can be used with the severity property of a SightingSummary.
SEVERITY_HIGH A constant which can be used with the severity property of a SightingSummary.
SEVERITY_LOW A constant which can be used with the severity property of a SightingSummary.
SEVERITY_MEDIUM A constant which can be used with the severity property of a SightingSummary.
SEVERITY_MINOR A constant which can be used with the severity property of a SightingSummary.
actor_principal_id Gets the actor_principal_id of this SightingSummary.
actor_principal_name Gets the actor_principal_name of this SightingSummary.
actor_principal_type Gets the actor_principal_type of this SightingSummary.
classification_status [Required] Gets the classification_status of this SightingSummary.
compartment_id [Required] Gets the compartment_id of this SightingSummary.
confidence [Required] Gets the confidence of this SightingSummary.
detector_rule_id [Required] Gets the detector_rule_id of this SightingSummary.
id [Required] Gets the id of this SightingSummary.
problem_id Gets the problem_id of this SightingSummary.
regions [Required] Gets the regions of this SightingSummary.
severity [Required] Gets the severity of this SightingSummary.
sighting_score [Required] Gets the sighting_score of this SightingSummary.
sighting_type [Required] Gets the sighting_type of this SightingSummary.
sighting_type_display_name [Required] Gets the sighting_type_display_name of this SightingSummary.
tactic_name [Required] Gets the tactic_name of this SightingSummary.
technique_name [Required] Gets the technique_name of this SightingSummary.
time_first_detected [Required] Gets the time_first_detected of this SightingSummary.
time_first_occurred Gets the time_first_occurred of this SightingSummary.
time_last_detected [Required] Gets the time_last_detected of this SightingSummary.
time_last_occurred Gets the time_last_occurred of this SightingSummary.

Methods

__init__(**kwargs) Initializes a new SightingSummary object with values from keyword arguments.
CLASSIFICATION_STATUS_FALSE_NEGATIVE = 'FALSE_NEGATIVE'

A constant which can be used with the classification_status property of a SightingSummary. This constant has a value of “FALSE_NEGATIVE”

CLASSIFICATION_STATUS_FALSE_POSITIVE = 'FALSE_POSITIVE'

A constant which can be used with the classification_status property of a SightingSummary. This constant has a value of “FALSE_POSITIVE”

CLASSIFICATION_STATUS_NOT_CLASSIFIED = 'NOT_CLASSIFIED'

A constant which can be used with the classification_status property of a SightingSummary. This constant has a value of “NOT_CLASSIFIED”

CLASSIFICATION_STATUS_TRUE_NEGATIVE = 'TRUE_NEGATIVE'

A constant which can be used with the classification_status property of a SightingSummary. This constant has a value of “TRUE_NEGATIVE”

CLASSIFICATION_STATUS_TRUE_POSITIVE = 'TRUE_POSITIVE'

A constant which can be used with the classification_status property of a SightingSummary. This constant has a value of “TRUE_POSITIVE”

CONFIDENCE_CRITICAL = 'CRITICAL'

A constant which can be used with the confidence property of a SightingSummary. This constant has a value of “CRITICAL”

CONFIDENCE_HIGH = 'HIGH'

A constant which can be used with the confidence property of a SightingSummary. This constant has a value of “HIGH”

CONFIDENCE_LOW = 'LOW'

A constant which can be used with the confidence property of a SightingSummary. This constant has a value of “LOW”

CONFIDENCE_MEDIUM = 'MEDIUM'

A constant which can be used with the confidence property of a SightingSummary. This constant has a value of “MEDIUM”

CONFIDENCE_MINOR = 'MINOR'

A constant which can be used with the confidence property of a SightingSummary. This constant has a value of “MINOR”

SEVERITY_CRITICAL = 'CRITICAL'

A constant which can be used with the severity property of a SightingSummary. This constant has a value of “CRITICAL”

SEVERITY_HIGH = 'HIGH'

A constant which can be used with the severity property of a SightingSummary. This constant has a value of “HIGH”

SEVERITY_LOW = 'LOW'

A constant which can be used with the severity property of a SightingSummary. This constant has a value of “LOW”

SEVERITY_MEDIUM = 'MEDIUM'

A constant which can be used with the severity property of a SightingSummary. This constant has a value of “MEDIUM”

SEVERITY_MINOR = 'MINOR'

A constant which can be used with the severity property of a SightingSummary. This constant has a value of “MINOR”

__init__(**kwargs)

Initializes a new SightingSummary object with values from keyword arguments. The following keyword arguments are supported (corresponding to the getters/setters of this class):

Parameters:
  • id (str) – The value to assign to the id property of this SightingSummary.
  • compartment_id (str) – The value to assign to the compartment_id property of this SightingSummary.
  • problem_id (str) – The value to assign to the problem_id property of this SightingSummary.
  • actor_principal_id (str) – The value to assign to the actor_principal_id property of this SightingSummary.
  • actor_principal_name (str) – The value to assign to the actor_principal_name property of this SightingSummary.
  • actor_principal_type (str) – The value to assign to the actor_principal_type property of this SightingSummary.
  • detector_rule_id (str) – The value to assign to the detector_rule_id property of this SightingSummary.
  • classification_status (str) – The value to assign to the classification_status property of this SightingSummary. Allowed values for this property are: “FALSE_NEGATIVE”, “TRUE_NEGATIVE”, “FALSE_POSITIVE”, “TRUE_POSITIVE”, “NOT_CLASSIFIED”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.
  • sighting_type (str) – The value to assign to the sighting_type property of this SightingSummary.
  • sighting_type_display_name (str) – The value to assign to the sighting_type_display_name property of this SightingSummary.
  • tactic_name (str) – The value to assign to the tactic_name property of this SightingSummary.
  • technique_name (str) – The value to assign to the technique_name property of this SightingSummary.
  • sighting_score (int) – The value to assign to the sighting_score property of this SightingSummary.
  • severity (str) – The value to assign to the severity property of this SightingSummary. Allowed values for this property are: “CRITICAL”, “HIGH”, “MEDIUM”, “LOW”, “MINOR”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.
  • confidence (str) – The value to assign to the confidence property of this SightingSummary. Allowed values for this property are: “CRITICAL”, “HIGH”, “MEDIUM”, “LOW”, “MINOR”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.
  • time_first_detected (datetime) – The value to assign to the time_first_detected property of this SightingSummary.
  • time_last_detected (datetime) – The value to assign to the time_last_detected property of this SightingSummary.
  • time_first_occurred (datetime) – The value to assign to the time_first_occurred property of this SightingSummary.
  • time_last_occurred (datetime) – The value to assign to the time_last_occurred property of this SightingSummary.
  • regions (list[str]) – The value to assign to the regions property of this SightingSummary.
actor_principal_id

Gets the actor_principal_id of this SightingSummary. Unique identifier for principal actor

Returns:The actor_principal_id of this SightingSummary.
Return type:str
actor_principal_name

Gets the actor_principal_name of this SightingSummary. Name of principal actor

Returns:The actor_principal_name of this SightingSummary.
Return type:str
actor_principal_type

Gets the actor_principal_type of this SightingSummary. Type of principal actor

Returns:The actor_principal_type of this SightingSummary.
Return type:str
classification_status

[Required] Gets the classification_status of this SightingSummary. Classification status of the sighting

Allowed values for this property are: “FALSE_NEGATIVE”, “TRUE_NEGATIVE”, “FALSE_POSITIVE”, “TRUE_POSITIVE”, “NOT_CLASSIFIED”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.

Returns:The classification_status of this SightingSummary.
Return type:str
compartment_id

[Required] Gets the compartment_id of this SightingSummary. Compartment OCID where the impacted resource is created

Returns:The compartment_id of this SightingSummary.
Return type:str
confidence

[Required] Gets the confidence of this SightingSummary. Confidence level that the sighting is not a false positive

Allowed values for this property are: “CRITICAL”, “HIGH”, “MEDIUM”, “LOW”, “MINOR”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.

Returns:The confidence of this SightingSummary.
Return type:str
detector_rule_id

[Required] Gets the detector_rule_id of this SightingSummary. Unique identifier of the detector rule that was triggered

Returns:The detector_rule_id of this SightingSummary.
Return type:str
id

[Required] Gets the id of this SightingSummary. Unique identifier for sighting

Returns:The id of this SightingSummary.
Return type:str
problem_id

Gets the problem_id of this SightingSummary. Problem ID associated with sighting

Returns:The problem_id of this SightingSummary.
Return type:str
regions

[Required] Gets the regions of this SightingSummary. List of regions involved in the sighting

Returns:The regions of this SightingSummary.
Return type:list[str]
severity

[Required] Gets the severity of this SightingSummary. Severity of the sighting

Allowed values for this property are: “CRITICAL”, “HIGH”, “MEDIUM”, “LOW”, “MINOR”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.

Returns:The severity of this SightingSummary.
Return type:str
sighting_score

[Required] Gets the sighting_score of this SightingSummary. Score for the sighting

Returns:The sighting_score of this SightingSummary.
Return type:int
sighting_type

[Required] Gets the sighting_type of this SightingSummary. Type of sighting

Returns:The sighting_type of this SightingSummary.
Return type:str
sighting_type_display_name

[Required] Gets the sighting_type_display_name of this SightingSummary. Display name of the sighting type

Returns:The sighting_type_display_name of this SightingSummary.
Return type:str
tactic_name

[Required] Gets the tactic_name of this SightingSummary. Name of the MITRE ATT@CK framework tactic

Returns:The tactic_name of this SightingSummary.
Return type:str
technique_name

[Required] Gets the technique_name of this SightingSummary. Name of the MITRE ATT@CK framework technique

Returns:The technique_name of this SightingSummary.
Return type:str
time_first_detected

[Required] Gets the time_first_detected of this SightingSummary. Time the activities were first detected. Format defined by RFC3339.

Returns:The time_first_detected of this SightingSummary.
Return type:datetime
time_first_occurred

Gets the time_first_occurred of this SightingSummary. Time the activities were first performed. Format defined by RFC3339.

Returns:The time_first_occurred of this SightingSummary.
Return type:datetime
time_last_detected

[Required] Gets the time_last_detected of this SightingSummary. Time the activities were last detected. Format defined by RFC3339.

Returns:The time_last_detected of this SightingSummary.
Return type:datetime
time_last_occurred

Gets the time_last_occurred of this SightingSummary. Time the activities were last performed. Format defined by RFC3339.

Returns:The time_last_occurred of this SightingSummary.
Return type:datetime