Struct aws_sdk_detective::types::IndicatorDetail

source · 
#[non_exhaustive]
pub struct IndicatorDetail {
    pub ttps_observed_detail: Option<TtPsObservedDetail>,
    pub impossible_travel_detail: Option<ImpossibleTravelDetail>,
    pub flagged_ip_address_detail: Option<FlaggedIpAddressDetail>,
    pub new_geolocation_detail: Option<NewGeolocationDetail>,
    pub new_aso_detail: Option<NewAsoDetail>,
    pub new_user_agent_detail: Option<NewUserAgentDetail>,
    pub related_finding_detail: Option<RelatedFindingDetail>,
    pub related_finding_group_detail: Option<RelatedFindingGroupDetail>,
}
Expand description

Details about the indicators of compromise which are used to determine if a resource is involved in a security incident. An indicator of compromise (IOC) is an artifact observed in or on a network, system, or environment that can (with a high level of confidence) identify malicious activity or a security incident. For the list of indicators of compromise that are generated by Detective investigations, see Detective investigations.

Fields (Non-exhaustive)§

This struct is marked as non-exhaustive
Non-exhaustive structs could have additional fields added in future. Therefore, non-exhaustive structs cannot be constructed in external crates using the traditional Struct { .. } syntax; cannot be matched against without a wildcard ..; and struct update syntax will not work.
§ttps_observed_detail: Option<TtPsObservedDetail>

Details about the indicator of compromise.

§impossible_travel_detail: Option<ImpossibleTravelDetail>

Identifies unusual and impossible user activity for an account.

§flagged_ip_address_detail: Option<FlaggedIpAddressDetail>

Suspicious IP addresses that are flagged, which indicates critical or severe threats based on threat intelligence by Detective. This indicator is derived from Amazon Web Services threat intelligence.

§new_geolocation_detail: Option<NewGeolocationDetail>

Contains details about the new geographic location.

§new_aso_detail: Option<NewAsoDetail>

Contains details about the new Autonomous System Organization (ASO).

§new_user_agent_detail: Option<NewUserAgentDetail>

Contains details about the new user agent.

§related_finding_detail: Option<RelatedFindingDetail>

Contains details about related findings.

§related_finding_group_detail: Option<RelatedFindingGroupDetail>

Contains details about related finding groups.

Implementations§

source§

impl IndicatorDetail

source

pub fn ttps_observed_detail(&self) -> Option<&TtPsObservedDetail>

Details about the indicator of compromise.

source

pub fn impossible_travel_detail(&self) -> Option<&ImpossibleTravelDetail>

Identifies unusual and impossible user activity for an account.

source

pub fn flagged_ip_address_detail(&self) -> Option<&FlaggedIpAddressDetail>

Suspicious IP addresses that are flagged, which indicates critical or severe threats based on threat intelligence by Detective. This indicator is derived from Amazon Web Services threat intelligence.

source

pub fn new_geolocation_detail(&self) -> Option<&NewGeolocationDetail>

Contains details about the new geographic location.

source

pub fn new_aso_detail(&self) -> Option<&NewAsoDetail>

Contains details about the new Autonomous System Organization (ASO).

source

pub fn new_user_agent_detail(&self) -> Option<&NewUserAgentDetail>

Contains details about the new user agent.

source

pub fn related_finding_detail(&self) -> Option<&RelatedFindingDetail>

Contains details about related findings.

source

pub fn related_finding_group_detail(&self) -> Option<&RelatedFindingGroupDetail>

Contains details about related finding groups.

source§

impl IndicatorDetail

source

pub fn builder() -> IndicatorDetailBuilder

Creates a new builder-style object to manufacture IndicatorDetail.

Trait Implementations§

source§

impl Clone for IndicatorDetail

source§

fn clone(&self) -> IndicatorDetail

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl Debug for IndicatorDetail

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl PartialEq for IndicatorDetail

source§

fn eq(&self, other: &IndicatorDetail) -> bool

This method tests for self and other values to be equal, and is used by ==.
1.0.0 · source§

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
source§

impl StructuralPartialEq for IndicatorDetail

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T> Instrument for T

source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> IntoEither for T

source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
source§

impl<Unshared, Shared> IntoShared<Shared> for Unshared
where Shared: FromUnshared<Unshared>,

source§

fn into_shared(self) -> Shared

Creates a shared type from an unshared type.
source§

impl<T> Same for T

§

type Output = T

Should always be Self
source§

impl<T> ToOwned for T
where T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
source§

impl<T> WithSubscriber for T

source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more