Class: OTX::Indicators

Inherits:

Type::Base

• Object
• Type::Base
• OTX::Indicators

Defined in:

lib/otx_ruby/types/indicators.rb

Overview

Pulse Indicator of Compromise (IoC) records

Indicator of Compromise types:

IPv4 - An IPv4 address indicating the online location of a server or other computer.
IPv6 - An IPv6 address indicating the online location of a server or other computer.
domain - A domain name for a website or server. Domains encompass a series of hostnames.
hostname - The hostname for a server located within a domain.
email - An email associated with suspicious activity.
URL - Uniform Resource Location (URL) summarizing the online location of a file or resource.
URI - Uniform Resource Indicator (URI) describing the explicit path to a file hosted online.
FileHash-MD5 - A MD5-format hash that summarizes the architecture and content of a file.
FileHash-SHA1 - A SHA-format hash that summarizes the architecture and content of a file.
FileHash-SHA256 - A SHA-256-format hash that summarizes the architecture and content of a file.
FileHash-PEHASH - A PEPHASH-format hash that summarizes the architecture and content of a file.
FileHash-IMPHASH - An IMPHASH-format hash that summarizes the architecture and content of a file.
CIDR - Classless Inter-Domain Routing (CIDR) address, which describes both a server's IP address and the network architecture (routing path) surrounding that server.
FilePath - A unique location in a file system.
Mutex - The name of a mutex resource describing the execution architecture of a file.
CVE - Common Vulnerability and Exposure (CVE) entry describing a software vulnerability that can be exploited to engage in malicious activity.

Instance Attribute Summary

• #_id ⇒ String

  IoC record ID value.

• #access_groups ⇒ Array

  The current value of access_groups.

• #access_reason ⇒ String

  The current value of access_reason.

• #access_type ⇒ String

  The current value of access_type.

• #content ⇒ String

  The current value of content.

• #description ⇒ String

  Description associated with the IoC.

• #expiration ⇒ String

  The current value of expiration.

• #id ⇒ String

  IoC record ID value.

• #indicator ⇒ String

  Value of the indicator type.

• #is_active ⇒ String

  value 0 or 1 if active.

• #observations ⇒ String

  The current value of observations.

• #role ⇒ String

  The current value of role.

• #title ⇒ String

  The current value of title.

• #type ⇒ String

  Type of IoC.

Attributes inherited from Type::Base

#created, #modified

Method Summary

Methods inherited from Type::Base

#initialize

Constructor Details

This class inherits a constructor from OTX::Type::Base

Instance Attribute Details

#_id ⇒ String

IoC record ID value

Returns:

• (String) —

  the current value of _id

# File 'lib/otx_ruby/types/indicators.rb', line 38

def _id
  @_id
end

#access_groups ⇒ Array

Returns the current value of access_groups.

Returns:

• (Array) —

  the current value of access_groups

# File 'lib/otx_ruby/types/indicators.rb', line 38

def access_groups
  @access_groups
end

#access_reason ⇒ String

Returns the current value of access_reason.

Returns:

• (String) —

  the current value of access_reason

# File 'lib/otx_ruby/types/indicators.rb', line 38

def access_reason
  @access_reason
end

#access_type ⇒ String

Returns the current value of access_type.

Returns:

• (String) —

  the current value of access_type

# File 'lib/otx_ruby/types/indicators.rb', line 38

def access_type
  @access_type
end

#content ⇒ String

Returns the current value of content.

Returns:

• (String) —

  the current value of content

# File 'lib/otx_ruby/types/indicators.rb', line 38

def content
  @content
end

#description ⇒ String

Description associated with the IoC

Returns:

• (String) —

  the current value of description

# File 'lib/otx_ruby/types/indicators.rb', line 38

def description
  @description
end

#expiration ⇒ String

Returns the current value of expiration.

Returns:

• (String) —

  the current value of expiration

# File 'lib/otx_ruby/types/indicators.rb', line 38

def expiration
  @expiration
end

#id ⇒ String

IoC record ID value

Returns:

• (String) —

  the current value of id

# File 'lib/otx_ruby/types/indicators.rb', line 38

def id
  @id
end

#indicator ⇒ String

Value of the indicator type

Returns:

• (String) —

  the current value of indicator

# File 'lib/otx_ruby/types/indicators.rb', line 38

def indicator
  @indicator
end

#is_active ⇒ String

value 0 or 1 if active

Returns:

• (String) —

  the current value of is_active

# File 'lib/otx_ruby/types/indicators.rb', line 38

def is_active
  @is_active
end

#observations ⇒ String

Returns the current value of observations.

Returns:

• (String) —

  the current value of observations

# File 'lib/otx_ruby/types/indicators.rb', line 38

def observations
  @observations
end

#role ⇒ String

Returns the current value of role.

Returns:

• (String) —

  the current value of role

# File 'lib/otx_ruby/types/indicators.rb', line 38

def role
  @role
end

#title ⇒ String

Returns the current value of title.

Returns:

• (String) —

  the current value of title

# File 'lib/otx_ruby/types/indicators.rb', line 38

def title
  @title
end

#type ⇒ String

Type of IoC

Returns:

• (String) —

  the current value of type

# File 'lib/otx_ruby/types/indicators.rb', line 38

def type
  @type
end