Feedback Edit

ThreatIntelligenceIndicatorModel Class

  • Reference

Threat intelligence indicator entity.

Variables are only populated by the server, and will be ignored when sending a request.

All required parameters must be populated in order to send to Azure.

Inheritance
azure.mgmt.securityinsight.models._models_py3.ThreatIntelligenceInformation
ThreatIntelligenceIndicatorModel

Constructor

ThreatIntelligenceIndicatorModel(*, etag: Optional[str] = None, threat_intelligence_tags: Optional[List[str]] = None, last_updated_time_utc: Optional[str] = None, source: Optional[str] = None, display_name: Optional[str] = None, description: Optional[str] = None, indicator_types: Optional[List[str]] = None, pattern: Optional[str] = None, pattern_type: Optional[str] = None, pattern_version: Optional[str] = None, kill_chain_phases: Optional[List[azure.mgmt.securityinsight.models._models_py3.ThreatIntelligenceKillChainPhase]] = None, parsed_pattern: Optional[List[azure.mgmt.securityinsight.models._models_py3.ThreatIntelligenceParsedPattern]] = None, external_id: Optional[str] = None, created_by_ref: Optional[str] = None, defanged: Optional[bool] = None, external_last_updated_time_utc: Optional[str] = None, external_references: Optional[List[azure.mgmt.securityinsight.models._models_py3.ThreatIntelligenceExternalReference]] = None, granular_markings: Optional[List[azure.mgmt.securityinsight.models._models_py3.ThreatIntelligenceGranularMarkingModel]] = None, labels: Optional[List[str]] = None, revoked: Optional[bool] = None, confidence: Optional[int] = None, object_marking_refs: Optional[List[str]] = None, language: Optional[str] = None, threat_types: Optional[List[str]] = None, valid_from: Optional[str] = None, valid_until: Optional[str] = None, created: Optional[str] = None, modified: Optional[str] = None, extensions: Optional[Dict[str, Any]] = None, **kwargs)

Variables

id
str

Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}.

name
str

The name of the resource.

type
str

The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts".

system_data
SystemData

Azure Resource Manager metadata containing createdBy and modifiedBy information.

etag
str

Etag of the azure resource.

kind
str or ThreatIntelligenceResourceKindEnum

Required. The kind of the entity.Constant filled by server. Possible values include: "indicator".

additional_data
dict[str, any]

A bag of custom fields that should be part of the entity and will be presented to the user.

friendly_name
str

The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated.

threat_intelligence_tags
list[str]

List of tags.

last_updated_time_utc
str

Last updated time in UTC.

source
str

Source of a threat intelligence entity.

display_name
str

Display name of a threat intelligence entity.

description
str

Description of a threat intelligence entity.

indicator_types
list[str]

Indicator types of threat intelligence entities.

pattern
str

Pattern of a threat intelligence entity.

pattern_type
str

Pattern type of a threat intelligence entity.

pattern_version
str

Pattern version of a threat intelligence entity.

kill_chain_phases
list[ThreatIntelligenceKillChainPhase]

Kill chain phases.

parsed_pattern
list[ThreatIntelligenceParsedPattern]

Parsed patterns.

external_id
str

External ID of threat intelligence entity.

created_by_ref
str

Created by reference of threat intelligence entity.

defanged
bool

Is threat intelligence entity defanged.

external_last_updated_time_utc
str

External last updated time in UTC.

external_references
list[ThreatIntelligenceExternalReference]

External References.

granular_markings
list[ThreatIntelligenceGranularMarkingModel]

Granular Markings.

labels
list[str]

Labels of threat intelligence entity.

revoked
bool

Is threat intelligence entity revoked.

confidence
int

Confidence of threat intelligence entity.

object_marking_refs
list[str]

Threat intelligence entity object marking references.

language
str

Language of threat intelligence entity.

threat_types
list[str]

Threat types.

valid_from
str

Valid from.

valid_until
str

Valid until.

created
str

Created by.

modified
str

Modified by.

extensions
dict[str, any]

Extensions map.