ThreatIntelligenceIndicatorProperties Class

Describes threat intelligence entity properties.

Variables are only populated by the server, and will be ignored when sending a request.

Inheritance

azure.mgmt.securityinsight.models._models_py3.EntityCommonProperties

ThreatIntelligenceIndicatorProperties

Constructor

ThreatIntelligenceIndicatorProperties(*, threat_intelligence_tags: Optional[List[str]] = None, last_updated_time_utc: Optional[str] = None, source: Optional[str] = None, display_name: Optional[str] = None, description: Optional[str] = None, indicator_types: Optional[List[str]] = None, pattern: Optional[str] = None, pattern_type: Optional[str] = None, pattern_version: Optional[str] = None, kill_chain_phases: Optional[List[azure.mgmt.securityinsight.models._models_py3.ThreatIntelligenceKillChainPhase]] = None, parsed_pattern: Optional[List[azure.mgmt.securityinsight.models._models_py3.ThreatIntelligenceParsedPattern]] = None, external_id: Optional[str] = None, created_by_ref: Optional[str] = None, defanged: Optional[bool] = None, external_last_updated_time_utc: Optional[str] = None, external_references: Optional[List[azure.mgmt.securityinsight.models._models_py3.ThreatIntelligenceExternalReference]] = None, granular_markings: Optional[List[azure.mgmt.securityinsight.models._models_py3.ThreatIntelligenceGranularMarkingModel]] = None, labels: Optional[List[str]] = None, revoked: Optional[bool] = None, confidence: Optional[int] = None, object_marking_refs: Optional[List[str]] = None, language: Optional[str] = None, threat_types: Optional[List[str]] = None, valid_from: Optional[str] = None, valid_until: Optional[str] = None, created: Optional[str] = None, modified: Optional[str] = None, extensions: Optional[Dict[str, Any]] = None, **kwargs)

Variables

additional_data

dict[str, any]

A bag of custom fields that should be part of the entity and will be presented to the user.

friendly_name

str

The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated.

threat_intelligence_tags

list[str]

List of tags.

last_updated_time_utc

str

Last updated time in UTC.

source

str

Source of a threat intelligence entity.

display_name

str

Display name of a threat intelligence entity.

description

str

Description of a threat intelligence entity.

indicator_types

list[str]

Indicator types of threat intelligence entities.

pattern

str

Pattern of a threat intelligence entity.

pattern_type

str

Pattern type of a threat intelligence entity.

pattern_version

str

Pattern version of a threat intelligence entity.

kill_chain_phases

list[ThreatIntelligenceKillChainPhase]

Kill chain phases.

parsed_pattern

list[ThreatIntelligenceParsedPattern]

Parsed patterns.

external_id

str

External ID of threat intelligence entity.

created_by_ref

str

Created by reference of threat intelligence entity.

defanged

bool

Is threat intelligence entity defanged.

external_last_updated_time_utc

str

External last updated time in UTC.

external_references

list[ThreatIntelligenceExternalReference]

External References.

granular_markings

list[ThreatIntelligenceGranularMarkingModel]

Granular Markings.

labels

list[str]

Labels of threat intelligence entity.

revoked

bool

Is threat intelligence entity revoked.

confidence

int

Confidence of threat intelligence entity.

object_marking_refs

list[str]

Threat intelligence entity object marking references.

language

str

Language of threat intelligence entity.

threat_types

list[str]

Threat types.

valid_from

str

Valid from.

valid_until

str

Valid until.

created

str

Created by.

modified

str

Modified by.

extensions

dict[str, any]

Extensions map.