Class Indicator (1.19.0)

Indicator(mapping=None, *, ignore_unknown_fields=False, **kwargs)

Represents what's commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise

Attributes

NameDescription
ip_addresses MutableSequence[str]
List of ip addresses associated to the Finding.
domains MutableSequence[str]
List of domains associated to the Finding.
signatures MutableSequence[google.cloud.securitycenter_v1.types.Indicator.ProcessSignature]
The list of matched signatures indicating that the given process is present in the environment.
uris MutableSequence[str]
The list of URIs associated to the Findings.

Classes

ProcessSignature

ProcessSignature(mapping=None, *, ignore_unknown_fields=False, **kwargs)

Indicates what signature matched this process.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields