Class: Aws::SecurityHub::Types::Sequence

Inherits:

Struct

• Object
• Struct
• Aws::SecurityHub::Types::Sequence

Includes:

Aws::Structure

Defined in:

lib/aws-sdk-securityhub/types.rb

Overview

Contains information about an Amazon GuardDuty Extended Threat Detection attack sequence finding. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub CSPM, you must have GuardDuty enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #actors ⇒ Array<Types::Actor>

  Provides information about the actors involved in the attack sequence.

• #endpoints ⇒ Array<Types::NetworkEndpoint>

  Contains information about the network endpoints that were used in the attack sequence.

• #sequence_indicators ⇒ Array<Types::Indicator>

  Contains information about the indicators observed in the attack sequence.

• #signals ⇒ Array<Types::Signal>

  Contains information about the signals involved in the attack sequence.

• #uid ⇒ String

  Unique identifier of the attack sequence.

Instance Attribute Details

#actors ⇒ Array<Types::Actor>

Provides information about the actors involved in the attack sequence.

Returns:

• (Array<Types::Actor>)

# File 'lib/aws-sdk-securityhub/types.rb', line 31520

class Sequence < Struct.new(
  :uid,
  :actors,
  :endpoints,
  :signals,
  :sequence_indicators)
  SENSITIVE = []
  include Aws::Structure
end

#endpoints ⇒ Array<Types::NetworkEndpoint>

Contains information about the network endpoints that were used in the attack sequence.

Returns:

• (Array<Types::NetworkEndpoint>)

# File 'lib/aws-sdk-securityhub/types.rb', line 31520

class Sequence < Struct.new(
  :uid,
  :actors,
  :endpoints,
  :signals,
  :sequence_indicators)
  SENSITIVE = []
  include Aws::Structure
end

#sequence_indicators ⇒ Array<Types::Indicator>

Contains information about the indicators observed in the attack sequence. The values for SignalIndicators are a subset of the values for SequenceIndicators, but the values for these fields don't always match 1:1.

Returns:

• (Array<Types::Indicator>)

# File 'lib/aws-sdk-securityhub/types.rb', line 31520

class Sequence < Struct.new(
  :uid,
  :actors,
  :endpoints,
  :signals,
  :sequence_indicators)
  SENSITIVE = []
  include Aws::Structure
end

#signals ⇒ Array<Types::Signal>

Contains information about the signals involved in the attack sequence.

Returns:

• (Array<Types::Signal>)

# File 'lib/aws-sdk-securityhub/types.rb', line 31520

class Sequence < Struct.new(
  :uid,
  :actors,
  :endpoints,
  :signals,
  :sequence_indicators)
  SENSITIVE = []
  include Aws::Structure
end

#uid ⇒ String

Unique identifier of the attack sequence.

Returns:

• (String)

# File 'lib/aws-sdk-securityhub/types.rb', line 31520

class Sequence < Struct.new(
  :uid,
  :actors,
  :endpoints,
  :signals,
  :sequence_indicators)
  SENSITIVE = []
  include Aws::Structure
end