Class: SDM::Query

Inherits:
Object
  • Object
show all
Defined in:
lib/models/porcelain.rb

Overview

A Query is a record of a single client request to a resource, such as a SQL query. Longer-running queries including long-running SSH commands and SSH, RDP, or Kubernetes interactive sessions will return two Query records with the same identifier, one record at the start of the query and a second record upon the completion of the query with additional detail.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(account_email: nil, account_first_name: nil, account_id: nil, account_last_name: nil, account_tags: nil, authzjson: nil, capture: nil, client_ip: nil, completed_at: nil, duration: nil, egress_node_id: nil, encrypted: nil, id: nil, identity_alias_username: nil, query_body: nil, query_category: nil, query_hash: nil, query_key: nil, record_count: nil, remote_identity_username: nil, replayable: nil, resource_id: nil, resource_name: nil, resource_tags: nil, resource_type: nil, source_ip: nil, target: nil, timestamp: nil) ⇒ Query

Returns a new instance of Query.



9351
9352
9353
9354
9355
9356
9357
9358
9359
9360
9361
9362
9363
9364
9365
9366
9367
9368
9369
9370
9371
9372
9373
9374
9375
9376
9377
9378
9379
9380
9381
9382
9383
9384
9385
9386
9387
9388
9389
9390
9391
9392
9393
9394
9395
9396
9397
9398
9399
9400
9401
9402
9403
9404
9405
9406
9407
9408
9409
 
# File 'lib/models/porcelain.rb', line 9351

def initialize(
  account_email: nil,
  account_first_name: nil,
  account_id: nil,
  account_last_name: nil,
  account_tags: nil,
  authzjson: nil,
  capture: nil,
  client_ip: nil,
  completed_at: nil,
  duration: nil,
  egress_node_id: nil,
  encrypted: nil,
  id: nil,
  identity_alias_username: nil,
  query_body: nil,
  query_category: nil,
  query_hash: nil,
  query_key: nil,
  record_count: nil,
  remote_identity_username: nil,
  replayable: nil,
  resource_id: nil,
  resource_name: nil,
  resource_tags: nil,
  resource_type: nil,
  source_ip: nil,
  target: nil,
  timestamp: nil
)
  @account_email =  == nil ? "" : 
  @account_first_name =  == nil ? "" : 
  @account_id =  == nil ? "" : 
  @account_last_name =  == nil ? "" : 
  @account_tags =  == nil ? SDM::_porcelain_zero_value_tags() : 
  @authzjson = authzjson == nil ? "" : authzjson
  @capture = capture == nil ? nil : capture
  @client_ip = client_ip == nil ? "" : client_ip
  @completed_at = completed_at == nil ? nil : completed_at
  @duration = duration == nil ? nil : duration
  @egress_node_id = egress_node_id == nil ? "" : egress_node_id
  @encrypted = encrypted == nil ? false : encrypted
  @id = id == nil ? "" : id
  @identity_alias_username = identity_alias_username == nil ? "" : identity_alias_username
  @query_body = query_body == nil ? "" : query_body
  @query_category = query_category == nil ? "" : query_category
  @query_hash = query_hash == nil ? "" : query_hash
  @query_key = query_key == nil ? "" : query_key
  @record_count = record_count == nil ? 0 : record_count
  @remote_identity_username = remote_identity_username == nil ? "" : remote_identity_username
  @replayable = replayable == nil ? false : replayable
  @resource_id = resource_id == nil ? "" : resource_id
  @resource_name = resource_name == nil ? "" : resource_name
  @resource_tags = resource_tags == nil ? SDM::_porcelain_zero_value_tags() : resource_tags
  @resource_type = resource_type == nil ? "" : resource_type
  @source_ip = source_ip == nil ? "" : source_ip
  @target = target == nil ? "" : target
  @timestamp = timestamp == nil ? nil : timestamp
end

Instance Attribute Details

#account_emailObject

The email of the account performing this query, at the time the query was executed. If the account email is later changed, that change will not be reflected via this field.



9284
9285
9286
 
# File 'lib/models/porcelain.rb', line 9284

def 
  @account_email
end

#account_first_nameObject

The given name of the account performing this query, at the time the query was executed. If the account is later renamed, that change will not be reflected via this field.



9287
9288
9289
 
# File 'lib/models/porcelain.rb', line 9287

def 
  @account_first_name
end

#account_idObject

Unique identifier of the Account that performed the Query.



9289
9290
9291
 
# File 'lib/models/porcelain.rb', line 9289

def 
  @account_id
end

#account_last_nameObject

The family name of the account performing this query, at the time the query was executed. If the account is later renamed, that change will not be reflected via this field.



9292
9293
9294
 
# File 'lib/models/porcelain.rb', line 9292

def 
  @account_last_name
end

#account_tagsObject

The tags of the account accessed, at the time the query was executed. If the account tags are later changed, that change will not be reflected via this field.



9295
9296
9297
 
# File 'lib/models/porcelain.rb', line 9295

def 
  @account_tags
end

#authzjsonObject

Authorization metadata associated with this query.



9297
9298
9299
 
# File 'lib/models/porcelain.rb', line 9297

def authzjson
  @authzjson
end

#captureObject

For queries against SSH, Kubernetes, and RDP resources, this contains additional information about the captured query.



9300
9301
9302
 
# File 'lib/models/porcelain.rb', line 9300

def capture
  @capture
end

#client_ipObject

The IP address the Query was performed from, as detected at the StrongDM control plane.



9302
9303
9304
 
# File 'lib/models/porcelain.rb', line 9302

def client_ip
  @client_ip
end

#completed_atObject

The time at which the Query was completed. Empty if this record indicates the start of a long-running query.



9305
9306
9307
 
# File 'lib/models/porcelain.rb', line 9305

def completed_at
  @completed_at
end

#durationObject

The duration of the Query.



9307
9308
9309
 
# File 'lib/models/porcelain.rb', line 9307

def duration
  @duration
end

#egress_node_idObject

The unique ID of the node through which the Resource was accessed.



9309
9310
9311
 
# File 'lib/models/porcelain.rb', line 9309

def egress_node_id
  @egress_node_id
end

#encryptedObject

Indicates that the body of the Query is encrypted.



9311
9312
9313
 
# File 'lib/models/porcelain.rb', line 9311

def encrypted
  @encrypted
end

#idObject

Unique identifier of the Query.



9313
9314
9315
 
# File 'lib/models/porcelain.rb', line 9313

def id
  @id
end

#identity_alias_usernameObject

The username of the IdentityAlias used to access the Resource.



9315
9316
9317
 
# File 'lib/models/porcelain.rb', line 9315

def identity_alias_username
  @identity_alias_username
end

#query_bodyObject

The captured content of the Query. For queries against SSH, Kubernetes, and RDP resources, this contains a JSON representation of the QueryCapture.



9318
9319
9320
 
# File 'lib/models/porcelain.rb', line 9318

def query_body
  @query_body
end

#query_categoryObject

The general category of Resource against which Query was performed, e.g. "web" or "cloud".



9320
9321
9322
 
# File 'lib/models/porcelain.rb', line 9320

def query_category
  @query_category
end

#query_hashObject

The hash of the body of the Query.



9322
9323
9324
 
# File 'lib/models/porcelain.rb', line 9322

def query_hash
  @query_hash
end

#query_keyObject

The symmetric key used to encrypt the body of this Query and its replay if replayable. If the Query is encrypted, this field contains an encrypted symmetric key in base64 encoding. This key must be decrypted with the organization's private key to obtain the symmetric key needed to decrypt the body. If the Query is not encrypted, this field is empty.



9327
9328
9329
 
# File 'lib/models/porcelain.rb', line 9327

def query_key
  @query_key
end

#record_countObject

The number of records returned by the Query, for a database Resource.



9329
9330
9331
 
# File 'lib/models/porcelain.rb', line 9329

def record_count
  @record_count
end

#remote_identity_usernameObject

The username of the RemoteIdentity used to access the Resource.



9331
9332
9333
 
# File 'lib/models/porcelain.rb', line 9331

def remote_identity_username
  @remote_identity_username
end

#replayableObject

Indicates that the Query is replayable, e.g. for some SSH or K8s sessions.



9333
9334
9335
 
# File 'lib/models/porcelain.rb', line 9333

def replayable
  @replayable
end

#resource_idObject

Unique identifier of the Resource against which the Query was performed.



9335
9336
9337
 
# File 'lib/models/porcelain.rb', line 9335

def resource_id
  @resource_id
end

#resource_nameObject

The name of the resource accessed, at the time the query was executed. If the resource is later renamed, that change will not be reflected via this field.



9338
9339
9340
 
# File 'lib/models/porcelain.rb', line 9338

def resource_name
  @resource_name
end

#resource_tagsObject

The tags of the resource accessed, at the time the query was executed. If the resource tags are later changed, that change will not be reflected via this field.



9341
9342
9343
 
# File 'lib/models/porcelain.rb', line 9341

def resource_tags
  @resource_tags
end

#resource_typeObject

The specific type of Resource against which the Query was performed, e.g. "ssh" or "postgres".



9343
9344
9345
 
# File 'lib/models/porcelain.rb', line 9343

def resource_type
  @resource_type
end

#source_ipObject

The IP address the Query was performed from, as detected at the ingress gateway.



9345
9346
9347
 
# File 'lib/models/porcelain.rb', line 9345

def source_ip
  @source_ip
end

#targetObject

The target destination of the query, in host:port format.



9347
9348
9349
 
# File 'lib/models/porcelain.rb', line 9347

def target
  @target
end

#timestampObject

The time at which the Query was started.



9349
9350
9351
 
# File 'lib/models/porcelain.rb', line 9349

def timestamp
  @timestamp
end

Instance Method Details

#to_json(options = {}) ⇒ Object 



9411
9412
9413
9414
9415
9416
9417
 
# File 'lib/models/porcelain.rb', line 9411

def to_json(options = {})
  hash = {}
  self.instance_variables.each do |var|
    hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
  end
  hash.to_json
end