Struct aws_sdk_detective::types::IndicatorDetail
source · #[non_exhaustive]pub struct IndicatorDetail {
pub ttps_observed_detail: Option<TtPsObservedDetail>,
pub impossible_travel_detail: Option<ImpossibleTravelDetail>,
pub flagged_ip_address_detail: Option<FlaggedIpAddressDetail>,
pub new_geolocation_detail: Option<NewGeolocationDetail>,
pub new_aso_detail: Option<NewAsoDetail>,
pub new_user_agent_detail: Option<NewUserAgentDetail>,
pub related_finding_detail: Option<RelatedFindingDetail>,
pub related_finding_group_detail: Option<RelatedFindingGroupDetail>,
}
Expand description
Details about the indicators of compromise which are used to determine if a resource is involved in a security incident. An indicator of compromise (IOC) is an artifact observed in or on a network, system, or environment that can (with a high level of confidence) identify malicious activity or a security incident. For the list of indicators of compromise that are generated by Detective investigations, see Detective investigations.
Fields (Non-exhaustive)§
This struct is marked as non-exhaustive
Struct { .. }
syntax; cannot be matched against without a wildcard ..
; and struct update syntax will not work.ttps_observed_detail: Option<TtPsObservedDetail>
Details about the indicator of compromise.
impossible_travel_detail: Option<ImpossibleTravelDetail>
Identifies unusual and impossible user activity for an account.
flagged_ip_address_detail: Option<FlaggedIpAddressDetail>
Suspicious IP addresses that are flagged, which indicates critical or severe threats based on threat intelligence by Detective. This indicator is derived from Amazon Web Services threat intelligence.
new_geolocation_detail: Option<NewGeolocationDetail>
Contains details about the new geographic location.
new_aso_detail: Option<NewAsoDetail>
Contains details about the new Autonomous System Organization (ASO).
new_user_agent_detail: Option<NewUserAgentDetail>
Contains details about the new user agent.
Contains details about related findings.
Contains details about related finding groups.
Implementations§
source§impl IndicatorDetail
impl IndicatorDetail
sourcepub fn ttps_observed_detail(&self) -> Option<&TtPsObservedDetail>
pub fn ttps_observed_detail(&self) -> Option<&TtPsObservedDetail>
Details about the indicator of compromise.
sourcepub fn impossible_travel_detail(&self) -> Option<&ImpossibleTravelDetail>
pub fn impossible_travel_detail(&self) -> Option<&ImpossibleTravelDetail>
Identifies unusual and impossible user activity for an account.
sourcepub fn flagged_ip_address_detail(&self) -> Option<&FlaggedIpAddressDetail>
pub fn flagged_ip_address_detail(&self) -> Option<&FlaggedIpAddressDetail>
Suspicious IP addresses that are flagged, which indicates critical or severe threats based on threat intelligence by Detective. This indicator is derived from Amazon Web Services threat intelligence.
sourcepub fn new_geolocation_detail(&self) -> Option<&NewGeolocationDetail>
pub fn new_geolocation_detail(&self) -> Option<&NewGeolocationDetail>
Contains details about the new geographic location.
sourcepub fn new_aso_detail(&self) -> Option<&NewAsoDetail>
pub fn new_aso_detail(&self) -> Option<&NewAsoDetail>
Contains details about the new Autonomous System Organization (ASO).
sourcepub fn new_user_agent_detail(&self) -> Option<&NewUserAgentDetail>
pub fn new_user_agent_detail(&self) -> Option<&NewUserAgentDetail>
Contains details about the new user agent.
Contains details about related findings.
Contains details about related finding groups.
source§impl IndicatorDetail
impl IndicatorDetail
sourcepub fn builder() -> IndicatorDetailBuilder
pub fn builder() -> IndicatorDetailBuilder
Creates a new builder-style object to manufacture IndicatorDetail
.
Trait Implementations§
source§impl Clone for IndicatorDetail
impl Clone for IndicatorDetail
source§fn clone(&self) -> IndicatorDetail
fn clone(&self) -> IndicatorDetail
1.0.0 · source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source
. Read moresource§impl Debug for IndicatorDetail
impl Debug for IndicatorDetail
source§impl PartialEq for IndicatorDetail
impl PartialEq for IndicatorDetail
source§fn eq(&self, other: &IndicatorDetail) -> bool
fn eq(&self, other: &IndicatorDetail) -> bool
self
and other
values to be equal, and is used
by ==
.impl StructuralPartialEq for IndicatorDetail
Auto Trait Implementations§
impl Freeze for IndicatorDetail
impl RefUnwindSafe for IndicatorDetail
impl Send for IndicatorDetail
impl Sync for IndicatorDetail
impl Unpin for IndicatorDetail
impl UnwindSafe for IndicatorDetail
Blanket Implementations§
source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
source§impl<T> Instrument for T
impl<T> Instrument for T
source§fn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
source§fn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
source§impl<T> IntoEither for T
impl<T> IntoEither for T
source§fn into_either(self, into_left: bool) -> Either<Self, Self>
fn into_either(self, into_left: bool) -> Either<Self, Self>
self
into a Left
variant of Either<Self, Self>
if into_left
is true
.
Converts self
into a Right
variant of Either<Self, Self>
otherwise. Read moresource§fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
self
into a Left
variant of Either<Self, Self>
if into_left(&self)
returns true
.
Converts self
into a Right
variant of Either<Self, Self>
otherwise. Read more