Class ProcessSignature (1.30.0)

ProcessSignature(mapping=None, *, ignore_unknown_fields=False, **kwargs)

Indicates what signature matched this process.

This message has oneof_ fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.

.. _oneof: https://proto-plus-python.readthedocs.io/en/stable/fields.html#oneofs-mutually-exclusive-fields

Attributes

NameDescription
memory_hash_signature google.cloud.securitycenter_v1.types.Indicator.ProcessSignature.MemoryHashSignature
Signature indicating that a binary family was matched. This field is a member of oneof_ signature.
yara_rule_signature google.cloud.securitycenter_v1.types.Indicator.ProcessSignature.YaraRuleSignature
Signature indicating that a YARA rule was matched. This field is a member of oneof_ signature.
signature_type google.cloud.securitycenter_v1.types.Indicator.ProcessSignature.SignatureType
Describes the type of resource associated with the signature.

Classes

MemoryHashSignature

MemoryHashSignature(mapping=None, *, ignore_unknown_fields=False, **kwargs)

A signature corresponding to memory page hashes.

SignatureType

SignatureType(value)

Possible resource types to be associated with a signature.

Values: SIGNATURE_TYPE_UNSPECIFIED (0): The default signature type. SIGNATURE_TYPE_PROCESS (1): Used for signatures concerning processes. SIGNATURE_TYPE_FILE (2): Used for signatures concerning disks.

YaraRuleSignature

YaraRuleSignature(mapping=None, *, ignore_unknown_fields=False, **kwargs)

A signature corresponding to a YARA rule.