Class: Aws::SecurityHub::Types::NetworkEndpoint

Inherits:

Struct

• Object
• Struct
• Aws::SecurityHub::Types::NetworkEndpoint

Includes:

Aws::Structure

Defined in:

lib/aws-sdk-securityhub/types.rb

Overview

Contains information about network endpoints involved in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you must have GuardDuty and GuardDuty S3 Protection enabled. For more information, see [GuardDuty Extended Threat Detection ][1] in the *Amazon GuardDuty User Guide*.

This field can provide information about the network endpoints associated with the resource in the attack sequence finding, or about a specific network endpoint used for the attack.

[1]: docs.aws.amazon.com/guardduty/latest/ug/guardduty-extended-threat-detection.html

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #autonomous_system ⇒ Types::NetworkAutonomousSystem

  The Autonomous System Number (ASN) of the network endpoint.

• #connection ⇒ Types::NetworkConnection

  Information about the network connection.

• #domain ⇒ String

  The domain information for the network endpoint.

• #id ⇒ String

  The identifier of the network endpoint involved in the attack sequence.

• #ip ⇒ String

  The IP address used in the network endpoint.

• #location ⇒ Types::NetworkGeoLocation

  Information about the location of the network endpoint.

• #port ⇒ Integer

  The port number associated with the network endpoint.

Instance Attribute Details

#autonomous_system ⇒ Types::NetworkAutonomousSystem

The Autonomous System Number (ASN) of the network endpoint.

Returns:

• (Types::NetworkAutonomousSystem)

# File 'lib/aws-sdk-securityhub/types.rb', line 27386

class NetworkEndpoint < Struct.new(
  :id,
  :ip,
  :domain,
  :port,
  :location,
  :autonomous_system,
  :connection)
  SENSITIVE = []
  include Aws::Structure
end

#connection ⇒ Types::NetworkConnection

Information about the network connection.

Returns:

• (Types::NetworkConnection)

# File 'lib/aws-sdk-securityhub/types.rb', line 27386

class NetworkEndpoint < Struct.new(
  :id,
  :ip,
  :domain,
  :port,
  :location,
  :autonomous_system,
  :connection)
  SENSITIVE = []
  include Aws::Structure
end

#domain ⇒ String

The domain information for the network endpoint.

Returns:

• (String)

# File 'lib/aws-sdk-securityhub/types.rb', line 27386

class NetworkEndpoint < Struct.new(
  :id,
  :ip,
  :domain,
  :port,
  :location,
  :autonomous_system,
  :connection)
  SENSITIVE = []
  include Aws::Structure
end

#id ⇒ String

The identifier of the network endpoint involved in the attack sequence.

Returns:

• (String)

# File 'lib/aws-sdk-securityhub/types.rb', line 27386

class NetworkEndpoint < Struct.new(
  :id,
  :ip,
  :domain,
  :port,
  :location,
  :autonomous_system,
  :connection)
  SENSITIVE = []
  include Aws::Structure
end

#ip ⇒ String

The IP address used in the network endpoint.

Returns:

• (String)

# File 'lib/aws-sdk-securityhub/types.rb', line 27386

class NetworkEndpoint < Struct.new(
  :id,
  :ip,
  :domain,
  :port,
  :location,
  :autonomous_system,
  :connection)
  SENSITIVE = []
  include Aws::Structure
end

#location ⇒ Types::NetworkGeoLocation

Information about the location of the network endpoint.

Returns:

• (Types::NetworkGeoLocation)

# File 'lib/aws-sdk-securityhub/types.rb', line 27386

class NetworkEndpoint < Struct.new(
  :id,
  :ip,
  :domain,
  :port,
  :location,
  :autonomous_system,
  :connection)
  SENSITIVE = []
  include Aws::Structure
end

#port ⇒ Integer

The port number associated with the network endpoint.

Returns:

• (Integer)

# File 'lib/aws-sdk-securityhub/types.rb', line 27386

class NetworkEndpoint < Struct.new(
  :id,
  :ip,
  :domain,
  :port,
  :location,
  :autonomous_system,
  :connection)
  SENSITIVE = []
  include Aws::Structure
end