Struct ALResults 

pub struct ALResults {

    pub attrib: Vec<String>,
    pub av: Vec<String>,
    pub behavior: Vec<String>,
    pub detailed: DetailedResults,
    pub domain: Vec<Domain>,
    pub domain_dynamic: Vec<Domain>,
    pub domain_static: Vec<Domain>,
    pub ip: Vec<IpAddr>,
    pub ip_dynamic: Vec<IpAddr>,
    pub ip_static: Vec<IpAddr>,
    pub request_end_time: DateTime<Utc>,
    pub score: i32,
    pub uri: Vec<Uri>,
    pub uri_dynamic: Vec<Uri>,
    pub uri_static: Vec<Uri>,
    pub yara: Vec<String>,
}

Assemblyline Results Block

Fields

attrib: Vec<String>

List of attribution

av: Vec<String>

List of AV hits

behavior: Vec<String>

List of behaviors for the alert

detailed: DetailedResults

Assemblyline Detailed result block

domain: Vec<Domain>

List of all domains

domain_dynamic: Vec<Domain>

List of domains found during Dynamic Analysis

domain_static: Vec<Domain>

List of domains found during Static Analysis

ip: Vec<IpAddr>

List of all IPs

ip_dynamic: Vec<IpAddr>

List of IPs found during Dynamic Analysis

ip_static: Vec<IpAddr>

List of IPs found during Static Analysis

request_end_time: DateTime<Utc>

Finish time of the Assemblyline submission

score: i32

Maximum score found in the submission

uri: Vec<Uri>

List of all URIs

uri_dynamic: Vec<Uri>

List of URIs found during Dynamic Analysis

uri_static: Vec<Uri>

List of URIs found during Static Analysis

yara: Vec<String>

List of YARA rule hits

Trait Implementations

impl Described<ElasticMeta> for ALResults

fn metadata() -> Descriptor<ElasticMeta>

Get self description of this type

impl<'de> Deserialize<'de> for ALResults

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>

where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer.

impl Serialize for ALResults

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>

where __S: Serializer,

Serialize this value into the given Serde serializer.