Class: SDM::Query

Inherits:

Object

• Object
• SDM::Query

Defined in:

lib/models/porcelain.rb

Overview

A Query is a record of a single client request to a resource, such as a SQL query. Longer-running queries including long-running SSH commands and SSH, RDP, or Kubernetes interactive sessions will return two Query records with the same identifier, one record at the start of the query and a second record upon the completion of the query with additional detail.

Instance Attribute Summary

• #account_email ⇒ Object

  The email of the account performing this query, at the time the query was executed.

• #account_first_name ⇒ Object

  The given name of the account performing this query, at the time the query was executed.

• #account_id ⇒ Object

  Unique identifier of the Account that performed the Query.

• #account_last_name ⇒ Object

  The family name of the account performing this query, at the time the query was executed.

• #account_tags ⇒ Object

  The tags of the account accessed, at the time the query was executed.

• #authzjson ⇒ Object

  Authorization metadata associated with this query.

• #capture ⇒ Object

  For queries against SSH, Kubernetes, and RDP resources, this contains additional information about the captured query.

• #client_ip ⇒ Object

  The IP address the Query was performed from, as detected at the StrongDM control plane.

• #completed_at ⇒ Object

  The time at which the Query was completed.

• #duration ⇒ Object

  The duration of the Query.

• #egress_node_id ⇒ Object

  The unique ID of the node through which the Resource was accessed.

• #encrypted ⇒ Object

  Indicates that the body of the Query is encrypted.

• #id ⇒ Object

  Unique identifier of the Query.

• #identity_alias_username ⇒ Object

  The username of the IdentityAlias used to access the Resource.

• #query_body ⇒ Object

  The captured content of the Query.

• #query_category ⇒ Object

  The general category of Resource against which Query was performed, e.g.

• #query_hash ⇒ Object

  The hash of the body of the Query.

• #query_key ⇒ Object

  The symmetric key used to encrypt the body of this Query and its replay if replayable.

• #record_count ⇒ Object

  The number of records returned by the Query, for a database Resource.

• #remote_identity_username ⇒ Object

  The username of the RemoteIdentity used to access the Resource.

• #replayable ⇒ Object

  Indicates that the Query is replayable, e.g.

• #resource_id ⇒ Object

  Unique identifier of the Resource against which the Query was performed.

• #resource_name ⇒ Object

  The name of the resource accessed, at the time the query was executed.

• #resource_tags ⇒ Object

  The tags of the resource accessed, at the time the query was executed.

• #resource_type ⇒ Object

  The specific type of Resource against which the Query was performed, e.g.

• #source_ip ⇒ Object

  The IP address the Query was performed from, as detected at the ingress gateway.

• #target ⇒ Object

  The target destination of the query, in host:port format.

• #timestamp ⇒ Object

  The time at which the Query was started.

Instance Method Summary

• #initialize(account_email: nil, account_first_name: nil, account_id: nil, account_last_name: nil, account_tags: nil, authzjson: nil, capture: nil, client_ip: nil, completed_at: nil, duration: nil, egress_node_id: nil, encrypted: nil, id: nil, identity_alias_username: nil, query_body: nil, query_category: nil, query_hash: nil, query_key: nil, record_count: nil, remote_identity_username: nil, replayable: nil, resource_id: nil, resource_name: nil, resource_tags: nil, resource_type: nil, source_ip: nil, target: nil, timestamp: nil) ⇒ Query constructor

  A new instance of Query.

• #to_json(options = {}) ⇒ Object

Constructor Details

#initialize(account_email: nil, account_first_name: nil, account_id: nil, account_last_name: nil, account_tags: nil, authzjson: nil, capture: nil, client_ip: nil, completed_at: nil, duration: nil, egress_node_id: nil, encrypted: nil, id: nil, identity_alias_username: nil, query_body: nil, query_category: nil, query_hash: nil, query_key: nil, record_count: nil, remote_identity_username: nil, replayable: nil, resource_id: nil, resource_name: nil, resource_tags: nil, resource_type: nil, source_ip: nil, target: nil, timestamp: nil) ⇒ Query

Returns a new instance of Query.

# File 'lib/models/porcelain.rb', line 11093

def initialize(
  account_email: nil,
  account_first_name: nil,
  account_id: nil,
  account_last_name: nil,
  account_tags: nil,
  authzjson: nil,
  capture: nil,
  client_ip: nil,
  completed_at: nil,
  duration: nil,
  egress_node_id: nil,
  encrypted: nil,
  id: nil,
  identity_alias_username: nil,
  query_body: nil,
  query_category: nil,
  query_hash: nil,
  query_key: nil,
  record_count: nil,
  remote_identity_username: nil,
  replayable: nil,
  resource_id: nil,
  resource_name: nil,
  resource_tags: nil,
  resource_type: nil,
  source_ip: nil,
  target: nil,
  timestamp: nil
)
  @account_email = account_email == nil ? "" : account_email
  @account_first_name = account_first_name == nil ? "" : account_first_name
  @account_id = account_id == nil ? "" : account_id
  @account_last_name = account_last_name == nil ? "" : account_last_name
  @account_tags = account_tags == nil ? SDM::_porcelain_zero_value_tags() : account_tags
  @authzjson = authzjson == nil ? "" : authzjson
  @capture = capture == nil ? nil : capture
  @client_ip = client_ip == nil ? "" : client_ip
  @completed_at = completed_at == nil ? nil : completed_at
  @duration = duration == nil ? nil : duration
  @egress_node_id = egress_node_id == nil ? "" : egress_node_id
  @encrypted = encrypted == nil ? false : encrypted
  @id = id == nil ? "" : id
  @identity_alias_username = identity_alias_username == nil ? "" : identity_alias_username
  @query_body = query_body == nil ? "" : query_body
  @query_category = query_category == nil ? "" : query_category
  @query_hash = query_hash == nil ? "" : query_hash
  @query_key = query_key == nil ? "" : query_key
  @record_count = record_count == nil ? 0 : record_count
  @remote_identity_username = remote_identity_username == nil ? "" : remote_identity_username
  @replayable = replayable == nil ? false : replayable
  @resource_id = resource_id == nil ? "" : resource_id
  @resource_name = resource_name == nil ? "" : resource_name
  @resource_tags = resource_tags == nil ? SDM::_porcelain_zero_value_tags() : resource_tags
  @resource_type = resource_type == nil ? "" : resource_type
  @source_ip = source_ip == nil ? "" : source_ip
  @target = target == nil ? "" : target
  @timestamp = timestamp == nil ? nil : timestamp
end

Instance Attribute Details

#account_email ⇒ Object

The email of the account performing this query, at the time the query was executed. If the account email is later changed, that change will not be reflected via this field.

# File 'lib/models/porcelain.rb', line 11026

def account_email
  @account_email
end

#account_first_name ⇒ Object

The given name of the account performing this query, at the time the query was executed. If the account is later renamed, that change will not be reflected via this field.

# File 'lib/models/porcelain.rb', line 11029

def account_first_name
  @account_first_name
end

#account_id ⇒ Object

Unique identifier of the Account that performed the Query.

# File 'lib/models/porcelain.rb', line 11031

def account_id
  @account_id
end

#account_last_name ⇒ Object

The family name of the account performing this query, at the time the query was executed. If the account is later renamed, that change will not be reflected via this field.

# File 'lib/models/porcelain.rb', line 11034

def account_last_name
  @account_last_name
end

#account_tags ⇒ Object

The tags of the account accessed, at the time the query was executed. If the account tags are later changed, that change will not be reflected via this field.

# File 'lib/models/porcelain.rb', line 11037

def account_tags
  @account_tags
end

#authzjson ⇒ Object

Authorization metadata associated with this query.

# File 'lib/models/porcelain.rb', line 11039

def authzjson
  @authzjson
end

#capture ⇒ Object

For queries against SSH, Kubernetes, and RDP resources, this contains additional information about the captured query.

# File 'lib/models/porcelain.rb', line 11042

def capture
  @capture
end

#client_ip ⇒ Object

The IP address the Query was performed from, as detected at the StrongDM control plane.

# File 'lib/models/porcelain.rb', line 11044

def client_ip
  @client_ip
end

#completed_at ⇒ Object

The time at which the Query was completed. Empty if this record indicates the start of a long-running query.

# File 'lib/models/porcelain.rb', line 11047

def completed_at
  @completed_at
end

#duration ⇒ Object

The duration of the Query.

# File 'lib/models/porcelain.rb', line 11049

def duration
  @duration
end

#egress_node_id ⇒ Object

The unique ID of the node through which the Resource was accessed.

# File 'lib/models/porcelain.rb', line 11051

def egress_node_id
  @egress_node_id
end

#encrypted ⇒ Object

Indicates that the body of the Query is encrypted.

# File 'lib/models/porcelain.rb', line 11053

def encrypted
  @encrypted
end

#id ⇒ Object

Unique identifier of the Query.

# File 'lib/models/porcelain.rb', line 11055

def id
  @id
end

#identity_alias_username ⇒ Object

The username of the IdentityAlias used to access the Resource.

# File 'lib/models/porcelain.rb', line 11057

def identity_alias_username
  @identity_alias_username
end

#query_body ⇒ Object

The captured content of the Query. For queries against SSH, Kubernetes, and RDP resources, this contains a JSON representation of the QueryCapture.

# File 'lib/models/porcelain.rb', line 11060

def query_body
  @query_body
end

#query_category ⇒ Object

The general category of Resource against which Query was performed, e.g. "web" or "cloud".

# File 'lib/models/porcelain.rb', line 11062

def query_category
  @query_category
end

#query_hash ⇒ Object

The hash of the body of the Query.

# File 'lib/models/porcelain.rb', line 11064

def query_hash
  @query_hash
end

#query_key ⇒ Object

The symmetric key used to encrypt the body of this Query and its replay if replayable. If the Query is encrypted, this field contains an encrypted symmetric key in base64 encoding. This key must be decrypted with the organization's private key to obtain the symmetric key needed to decrypt the body. If the Query is not encrypted, this field is empty.

# File 'lib/models/porcelain.rb', line 11069

def query_key
  @query_key
end

#record_count ⇒ Object

The number of records returned by the Query, for a database Resource.

# File 'lib/models/porcelain.rb', line 11071

def record_count
  @record_count
end

#remote_identity_username ⇒ Object

The username of the RemoteIdentity used to access the Resource.

# File 'lib/models/porcelain.rb', line 11073

def remote_identity_username
  @remote_identity_username
end

#replayable ⇒ Object

Indicates that the Query is replayable, e.g. for some SSH or K8s sessions.

# File 'lib/models/porcelain.rb', line 11075

def replayable
  @replayable
end

#resource_id ⇒ Object

Unique identifier of the Resource against which the Query was performed.

# File 'lib/models/porcelain.rb', line 11077

def resource_id
  @resource_id
end

#resource_name ⇒ Object

The name of the resource accessed, at the time the query was executed. If the resource is later renamed, that change will not be reflected via this field.

# File 'lib/models/porcelain.rb', line 11080

def resource_name
  @resource_name
end

#resource_tags ⇒ Object

The tags of the resource accessed, at the time the query was executed. If the resource tags are later changed, that change will not be reflected via this field.

# File 'lib/models/porcelain.rb', line 11083

def resource_tags
  @resource_tags
end

#resource_type ⇒ Object

The specific type of Resource against which the Query was performed, e.g. "ssh" or "postgres".

# File 'lib/models/porcelain.rb', line 11085

def resource_type
  @resource_type
end

#source_ip ⇒ Object

The IP address the Query was performed from, as detected at the ingress gateway.

# File 'lib/models/porcelain.rb', line 11087

def source_ip
  @source_ip
end

#target ⇒ Object

The target destination of the query, in host:port format.

# File 'lib/models/porcelain.rb', line 11089

def target
  @target
end

#timestamp ⇒ Object

The time at which the Query was started.

# File 'lib/models/porcelain.rb', line 11091

def timestamp
  @timestamp
end

Instance Method Details

#to_json(options = {}) ⇒ Object

# File 'lib/models/porcelain.rb', line 11153

def to_json(options = {})
  hash = {}
  self.instance_variables.each do |var|
    hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
  end
  hash.to_json
end