Class: SDM::Query

Inherits:

Object

• Object
• SDM::Query

Defined in:

lib/models/porcelain.rb

Overview

A Query is a record of a single client request to a resource, such as a SQL query. Longer-running queries including long-running SSH commands and SSH, RDP, or Kubernetes interactive sessions will return two Query records with the same identifier, one record at the start of the query and a second record upon the completion of the query with additional detail.

Instance Attribute Summary

• #account_email ⇒ Object

  The email of the account performing this query, at the time the query was executed.

• #account_first_name ⇒ Object

  The given name of the account performing this query, at the time the query was executed.

• #account_id ⇒ Object

  Unique identifier of the Account that performed the Query.

• #account_last_name ⇒ Object

  The family name of the account performing this query, at the time the query was executed.

• #account_tags ⇒ Object

  The tags of the account accessed, at the time the query was executed.

• #authzjson ⇒ Object

  Authorization metadata associated with this query.

• #capture ⇒ Object

  For queries against SSH, Kubernetes, and RDP resources, this contains additional information about the captured query.

• #client_ip ⇒ Object

  The IP address the Query was performed from, as detected at the StrongDM control plane.

• #completed_at ⇒ Object

  The time at which the Query was completed.

• #duration ⇒ Object

  The duration of the Query.

• #egress_node_id ⇒ Object

  The unique ID of the node through which the Resource was accessed.

• #encrypted ⇒ Object

  Indicates that the body of the Query is encrypted.

• #id ⇒ Object

  Unique identifier of the Query.

• #identity_alias_username ⇒ Object

  The username of the IdentityAlias used to access the Resource.

• #query_body ⇒ Object

  The captured content of the Query.

• #query_category ⇒ Object

  The general category of Resource against which Query was performed, e.g.

• #query_hash ⇒ Object

  The hash of the body of the Query.

• #query_key ⇒ Object

  The symmetric key used to encrypt the body of this Query and its replay if replayable.

• #record_count ⇒ Object

  The number of records returned by the Query, for a database Resource.

• #remote_identity_username ⇒ Object

  The username of the RemoteIdentity used to access the Resource.

• #replayable ⇒ Object

  Indicates that the Query is replayable, e.g.

• #resource_id ⇒ Object

  Unique identifier of the Resource against which the Query was performed.

• #resource_name ⇒ Object

  The name of the resource accessed, at the time the query was executed.

• #resource_tags ⇒ Object

  The tags of the resource accessed, at the time the query was executed.

• #resource_type ⇒ Object

  The specific type of Resource against which the Query was performed, e.g.

• #source_ip ⇒ Object

  The IP address the Query was performed from, as detected at the ingress gateway.

• #target ⇒ Object

  The target destination of the query, in host:port format.

• #timestamp ⇒ Object

  The time at which the Query was started.

Instance Method Summary

• #initialize(account_email: nil, account_first_name: nil, account_id: nil, account_last_name: nil, account_tags: nil, authzjson: nil, capture: nil, client_ip: nil, completed_at: nil, duration: nil, egress_node_id: nil, encrypted: nil, id: nil, identity_alias_username: nil, query_body: nil, query_category: nil, query_hash: nil, query_key: nil, record_count: nil, remote_identity_username: nil, replayable: nil, resource_id: nil, resource_name: nil, resource_tags: nil, resource_type: nil, source_ip: nil, target: nil, timestamp: nil) ⇒ Query constructor

  A new instance of Query.

• #to_json(options = {}) ⇒ Object

Constructor Details

#initialize(account_email: nil, account_first_name: nil, account_id: nil, account_last_name: nil, account_tags: nil, authzjson: nil, capture: nil, client_ip: nil, completed_at: nil, duration: nil, egress_node_id: nil, encrypted: nil, id: nil, identity_alias_username: nil, query_body: nil, query_category: nil, query_hash: nil, query_key: nil, record_count: nil, remote_identity_username: nil, replayable: nil, resource_id: nil, resource_name: nil, resource_tags: nil, resource_type: nil, source_ip: nil, target: nil, timestamp: nil) ⇒ Query

Returns a new instance of Query.

# File 'lib/models/porcelain.rb', line 9805

def initialize(
  account_email: nil,
  account_first_name: nil,
  account_id: nil,
  account_last_name: nil,
  account_tags: nil,
  authzjson: nil,
  capture: nil,
  client_ip: nil,
  completed_at: nil,
  duration: nil,
  egress_node_id: nil,
  encrypted: nil,
  id: nil,
  identity_alias_username: nil,
  query_body: nil,
  query_category: nil,
  query_hash: nil,
  query_key: nil,
  record_count: nil,
  remote_identity_username: nil,
  replayable: nil,
  resource_id: nil,
  resource_name: nil,
  resource_tags: nil,
  resource_type: nil,
  source_ip: nil,
  target: nil,
  timestamp: nil
)
  @account_email = account_email == nil ? "" : account_email
  @account_first_name = account_first_name == nil ? "" : account_first_name
  @account_id = account_id == nil ? "" : account_id
  @account_last_name = account_last_name == nil ? "" : account_last_name
  @account_tags = account_tags == nil ? SDM::_porcelain_zero_value_tags() : account_tags
  @authzjson = authzjson == nil ? "" : authzjson
  @capture = capture == nil ? nil : capture
  @client_ip = client_ip == nil ? "" : client_ip
  @completed_at = completed_at == nil ? nil : completed_at
  @duration = duration == nil ? nil : duration
  @egress_node_id = egress_node_id == nil ? "" : egress_node_id
  @encrypted = encrypted == nil ? false : encrypted
  @id = id == nil ? "" : id
  @identity_alias_username = identity_alias_username == nil ? "" : identity_alias_username
  @query_body = query_body == nil ? "" : query_body
  @query_category = query_category == nil ? "" : query_category
  @query_hash = query_hash == nil ? "" : query_hash
  @query_key = query_key == nil ? "" : query_key
  @record_count = record_count == nil ? 0 : record_count
  @remote_identity_username = remote_identity_username == nil ? "" : remote_identity_username
  @replayable = replayable == nil ? false : replayable
  @resource_id = resource_id == nil ? "" : resource_id
  @resource_name = resource_name == nil ? "" : resource_name
  @resource_tags = resource_tags == nil ? SDM::_porcelain_zero_value_tags() : resource_tags
  @resource_type = resource_type == nil ? "" : resource_type
  @source_ip = source_ip == nil ? "" : source_ip
  @target = target == nil ? "" : target
  @timestamp = timestamp == nil ? nil : timestamp
end

Instance Attribute Details

#account_email ⇒ Object

The email of the account performing this query, at the time the query was executed. If the account email is later changed, that change will not be reflected via this field.

# File 'lib/models/porcelain.rb', line 9738

def account_email
  @account_email
end

#account_first_name ⇒ Object

The given name of the account performing this query, at the time the query was executed. If the account is later renamed, that change will not be reflected via this field.

# File 'lib/models/porcelain.rb', line 9741

def account_first_name
  @account_first_name
end

#account_id ⇒ Object

Unique identifier of the Account that performed the Query.

# File 'lib/models/porcelain.rb', line 9743

def account_id
  @account_id
end

#account_last_name ⇒ Object

The family name of the account performing this query, at the time the query was executed. If the account is later renamed, that change will not be reflected via this field.

# File 'lib/models/porcelain.rb', line 9746

def account_last_name
  @account_last_name
end

#account_tags ⇒ Object

The tags of the account accessed, at the time the query was executed. If the account tags are later changed, that change will not be reflected via this field.

# File 'lib/models/porcelain.rb', line 9749

def account_tags
  @account_tags
end

#authzjson ⇒ Object

Authorization metadata associated with this query.

# File 'lib/models/porcelain.rb', line 9751

def authzjson
  @authzjson
end

#capture ⇒ Object

For queries against SSH, Kubernetes, and RDP resources, this contains additional information about the captured query.

# File 'lib/models/porcelain.rb', line 9754

def capture
  @capture
end

#client_ip ⇒ Object

The IP address the Query was performed from, as detected at the StrongDM control plane.

# File 'lib/models/porcelain.rb', line 9756

def client_ip
  @client_ip
end

#completed_at ⇒ Object

The time at which the Query was completed. Empty if this record indicates the start of a long-running query.

# File 'lib/models/porcelain.rb', line 9759

def completed_at
  @completed_at
end

#duration ⇒ Object

The duration of the Query.

# File 'lib/models/porcelain.rb', line 9761

def duration
  @duration
end

#egress_node_id ⇒ Object

The unique ID of the node through which the Resource was accessed.

# File 'lib/models/porcelain.rb', line 9763

def egress_node_id
  @egress_node_id
end

#encrypted ⇒ Object

Indicates that the body of the Query is encrypted.

# File 'lib/models/porcelain.rb', line 9765

def encrypted
  @encrypted
end

#id ⇒ Object

Unique identifier of the Query.

# File 'lib/models/porcelain.rb', line 9767

def id
  @id
end

#identity_alias_username ⇒ Object

The username of the IdentityAlias used to access the Resource.

# File 'lib/models/porcelain.rb', line 9769

def identity_alias_username
  @identity_alias_username
end

#query_body ⇒ Object

The captured content of the Query. For queries against SSH, Kubernetes, and RDP resources, this contains a JSON representation of the QueryCapture.

# File 'lib/models/porcelain.rb', line 9772

def query_body
  @query_body
end

#query_category ⇒ Object

The general category of Resource against which Query was performed, e.g. "web" or "cloud".

# File 'lib/models/porcelain.rb', line 9774

def query_category
  @query_category
end

#query_hash ⇒ Object

The hash of the body of the Query.

# File 'lib/models/porcelain.rb', line 9776

def query_hash
  @query_hash
end

#query_key ⇒ Object

The symmetric key used to encrypt the body of this Query and its replay if replayable. If the Query is encrypted, this field contains an encrypted symmetric key in base64 encoding. This key must be decrypted with the organization's private key to obtain the symmetric key needed to decrypt the body. If the Query is not encrypted, this field is empty.

# File 'lib/models/porcelain.rb', line 9781

def query_key
  @query_key
end

#record_count ⇒ Object

The number of records returned by the Query, for a database Resource.

# File 'lib/models/porcelain.rb', line 9783

def record_count
  @record_count
end

#remote_identity_username ⇒ Object

The username of the RemoteIdentity used to access the Resource.

# File 'lib/models/porcelain.rb', line 9785

def remote_identity_username
  @remote_identity_username
end

#replayable ⇒ Object

Indicates that the Query is replayable, e.g. for some SSH or K8s sessions.

# File 'lib/models/porcelain.rb', line 9787

def replayable
  @replayable
end

#resource_id ⇒ Object

Unique identifier of the Resource against which the Query was performed.

# File 'lib/models/porcelain.rb', line 9789

def resource_id
  @resource_id
end

#resource_name ⇒ Object

The name of the resource accessed, at the time the query was executed. If the resource is later renamed, that change will not be reflected via this field.

# File 'lib/models/porcelain.rb', line 9792

def resource_name
  @resource_name
end

#resource_tags ⇒ Object

The tags of the resource accessed, at the time the query was executed. If the resource tags are later changed, that change will not be reflected via this field.

# File 'lib/models/porcelain.rb', line 9795

def resource_tags
  @resource_tags
end

#resource_type ⇒ Object

The specific type of Resource against which the Query was performed, e.g. "ssh" or "postgres".

# File 'lib/models/porcelain.rb', line 9797

def resource_type
  @resource_type
end

#source_ip ⇒ Object

The IP address the Query was performed from, as detected at the ingress gateway.

# File 'lib/models/porcelain.rb', line 9799

def source_ip
  @source_ip
end

#target ⇒ Object

The target destination of the query, in host:port format.

# File 'lib/models/porcelain.rb', line 9801

def target
  @target
end

#timestamp ⇒ Object

The time at which the Query was started.

# File 'lib/models/porcelain.rb', line 9803

def timestamp
  @timestamp
end

Instance Method Details

#to_json(options = {}) ⇒ Object

# File 'lib/models/porcelain.rb', line 9865

def to_json(options = {})
  hash = {}
  self.instance_variables.each do |var|
    hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
  end
  hash.to_json
end