/*
* CrowdStrike API Specification
*
* Use this API specification as a reference for the API endpoints you can use to interact with your Falcon environment. These endpoints support authentication via OAuth2 and interact with detections and network containment. For detailed usage guides and examples, see our [documentation inside the Falcon console](https://falcon.crowdstrike.com/support/documentation). To use the APIs described below, combine the base URL with the path shown for each API endpoint. For commercial cloud customers, your base URL is `https://api.crowdstrike.com`. Each API endpoint requires authorization via an OAuth2 token. Your first API request should retrieve an OAuth2 token using the `oauth2/token` endpoint, such as `https://api.crowdstrike.com/oauth2/token`. For subsequent requests, include the OAuth2 token in an HTTP authorization header. Tokens expire after 30 minutes, after which you should make a new token request to continue making API requests.
*
* The version of the OpenAPI document: rolling
*
* Generated by: https://openapi-generator.tech
*/
use crate::models;
#[derive(Clone, Default, Debug, PartialEq, Serialize, Deserialize)]
pub struct FigapiIndicator {
#[serde(rename = "Adversaries", skip_serializing_if = "Option::is_none")]
pub adversaries: Option<Vec<models::FigapiAdversary>>,
/// Total range of customers affected by this indicator
#[serde(rename = "AffectedCustomers", skip_serializing_if = "Option::is_none")]
pub affected_customers: Option<String>,
#[serde(rename = "Certificates", skip_serializing_if = "Option::is_none")]
pub certificates: Option<Vec<models::FigapiX509Certificate>>,
#[serde(rename = "CoinAddressDetails", skip_serializing_if = "Option::is_none")]
pub coin_address_details: Option<Box<models::FigapiCoinAddress>>,
#[serde(rename = "Countries", skip_serializing_if = "Option::is_none")]
pub countries: Option<Vec<models::FigapiCountry>>,
#[serde(rename = "CredentialsDetails", skip_serializing_if = "Option::is_none")]
pub credentials_details: Option<Box<models::FigapiCredentials>>,
#[serde(rename = "DomainDetails", skip_serializing_if = "Option::is_none")]
pub domain_details: Option<Box<models::FigapiDomain>>,
#[serde(
rename = "EmailAddressDetails",
skip_serializing_if = "Option::is_none"
)]
pub email_address_details: Option<Box<models::FigapiEmailAddressDetails>>,
#[serde(rename = "FileDetails", skip_serializing_if = "Option::is_none")]
pub file_details: Option<Box<models::FigapiFile>>,
/// Indicators first seen
#[serde(rename = "FirstSeen", skip_serializing_if = "Option::is_none")]
pub first_seen: Option<String>,
/// The indicator ID. Concatenation of type and indicator fields. Based on the CKB2 vertex ID.
#[serde(rename = "ID", skip_serializing_if = "Option::is_none")]
pub id: Option<String>,
#[serde(rename = "IPv4Details", skip_serializing_if = "Option::is_none")]
pub ipv4_details: Option<Box<models::FigapiIpv4>>,
#[serde(rename = "IPv6Details", skip_serializing_if = "Option::is_none")]
pub ipv6_details: Option<Box<models::FigapiIpv6>>,
/// Multi field property describing indicators kill-chain, possible properties: `ActionOnObjectives`, `C2`, `Delivery`, `Exploitation`, `Installation`, `Reconnaissance`, `Weaponization`
#[serde(rename = "KillChain", skip_serializing_if = "Option::is_none")]
pub kill_chain: Option<Vec<String>>,
/// Indicators last seen
#[serde(rename = "LastSeen", skip_serializing_if = "Option::is_none")]
pub last_seen: Option<String>,
#[serde(rename = "LastUpdated", skip_serializing_if = "Option::is_none")]
pub last_updated: Option<String>,
/// Indicates a confidence level by which an indicator is considered to be malicious, this can be one of: `Low`, `Medium`, `High`
#[serde(
rename = "MaliciousConfidence",
skip_serializing_if = "Option::is_none"
)]
pub malicious_confidence: Option<String>,
/// Indicates when was the confidence was last set
#[serde(
rename = "MaliciousConfidenceValidatedTime",
skip_serializing_if = "Option::is_none"
)]
pub malicious_confidence_validated_time: Option<String>,
#[serde(rename = "PublishDate", skip_serializing_if = "Option::is_none")]
pub publish_date: Option<String>,
#[serde(rename = "Reports", skip_serializing_if = "Option::is_none")]
pub reports: Option<Vec<models::FigapiReport>>,
#[serde(rename = "Sectors", skip_serializing_if = "Option::is_none")]
pub sectors: Option<Vec<models::FigapiSector>>,
#[serde(rename = "ThreatTypes", skip_serializing_if = "Option::is_none")]
pub threat_types: Option<Vec<String>>,
#[serde(rename = "Threats", skip_serializing_if = "Option::is_none")]
pub threats: Option<Vec<models::FigapiThreat>>,
/// Type of the indicator, this can be one of: `File`, `Domain`, `IPv4`, `IPv6`, `URL`
#[serde(rename = "Type", skip_serializing_if = "Option::is_none")]
pub r#type: Option<String>,
#[serde(rename = "URLDetails", skip_serializing_if = "Option::is_none")]
pub url_details: Option<Box<models::FigapiUrl>>,
#[serde(
rename = "UniqueIdentifierDetails",
skip_serializing_if = "Option::is_none"
)]
pub unique_identifier_details: Option<Box<models::FigapiUniqueIdentifier>>,
#[serde(rename = "Vulnerabilities", skip_serializing_if = "Option::is_none")]
pub vulnerabilities: Option<Vec<models::FigapiVulnerability>>,
}
impl FigapiIndicator {
pub fn new() -> FigapiIndicator {
FigapiIndicator {
adversaries: None,
affected_customers: None,
certificates: None,
coin_address_details: None,
countries: None,
credentials_details: None,
domain_details: None,
email_address_details: None,
file_details: None,
first_seen: None,
id: None,
ipv4_details: None,
ipv6_details: None,
kill_chain: None,
last_seen: None,
last_updated: None,
malicious_confidence: None,
malicious_confidence_validated_time: None,
publish_date: None,
reports: None,
sectors: None,
threat_types: None,
threats: None,
r#type: None,
url_details: None,
unique_identifier_details: None,
vulnerabilities: None,
}
}
}