Sighting¶

class oci.cloud_guard.models.Sighting(**kwargs)¶

Bases: object

Sighting details.

Attributes

`CLASSIFICATION_STATUS_FALSE_NEGATIVE`	A constant which can be used with the classification_status property of a Sighting.
`CLASSIFICATION_STATUS_FALSE_POSITIVE`	A constant which can be used with the classification_status property of a Sighting.
`CLASSIFICATION_STATUS_NOT_CLASSIFIED`	A constant which can be used with the classification_status property of a Sighting.
`CLASSIFICATION_STATUS_TRUE_NEGATIVE`	A constant which can be used with the classification_status property of a Sighting.
`CLASSIFICATION_STATUS_TRUE_POSITIVE`	A constant which can be used with the classification_status property of a Sighting.
`CONFIDENCE_CRITICAL`	A constant which can be used with the confidence property of a Sighting.
`CONFIDENCE_HIGH`	A constant which can be used with the confidence property of a Sighting.
`CONFIDENCE_LOW`	A constant which can be used with the confidence property of a Sighting.
`CONFIDENCE_MEDIUM`	A constant which can be used with the confidence property of a Sighting.
`CONFIDENCE_MINOR`	A constant which can be used with the confidence property of a Sighting.
`SEVERITY_CRITICAL`	A constant which can be used with the severity property of a Sighting.
`SEVERITY_HIGH`	A constant which can be used with the severity property of a Sighting.
`SEVERITY_LOW`	A constant which can be used with the severity property of a Sighting.
`SEVERITY_MEDIUM`	A constant which can be used with the severity property of a Sighting.
`SEVERITY_MINOR`	A constant which can be used with the severity property of a Sighting.
`actor_principal_id`	Gets the actor_principal_id of this Sighting.
`actor_principal_name`	Gets the actor_principal_name of this Sighting.
`actor_principal_type`	Gets the actor_principal_type of this Sighting.
`additional_details`	Gets the additional_details of this Sighting.
`classification_status`	[Required] Gets the classification_status of this Sighting.
`compartment_id`	[Required] Gets the compartment_id of this Sighting.
`confidence`	[Required] Gets the confidence of this Sighting.
`description`	[Required] Gets the description of this Sighting.
`id`	[Required] Gets the id of this Sighting.
`locks`	Gets the locks of this Sighting.
`problem_id`	Gets the problem_id of this Sighting.
`regions`	[Required] Gets the regions of this Sighting.
`severity`	[Required] Gets the severity of this Sighting.
`sighting_score`	[Required] Gets the sighting_score of this Sighting.
`sighting_type`	[Required] Gets the sighting_type of this Sighting.
`sighting_type_display_name`	[Required] Gets the sighting_type_display_name of this Sighting.
`tactic_name`	[Required] Gets the tactic_name of this Sighting.
`technique_name`	[Required] Gets the technique_name of this Sighting.
`time_first_detected`	[Required] Gets the time_first_detected of this Sighting.
`time_first_occurred`	Gets the time_first_occurred of this Sighting.
`time_last_detected`	[Required] Gets the time_last_detected of this Sighting.
`time_last_occurred`	Gets the time_last_occurred of this Sighting.

Methods

__init__(**kwargs) Initializes a new Sighting object with values from keyword arguments.

CLASSIFICATION_STATUS_FALSE_NEGATIVE = 'FALSE_NEGATIVE'¶: A constant which can be used with the classification_status property of a Sighting. This constant has a value of “FALSE_NEGATIVE”

CLASSIFICATION_STATUS_FALSE_POSITIVE = 'FALSE_POSITIVE'¶: A constant which can be used with the classification_status property of a Sighting. This constant has a value of “FALSE_POSITIVE”

CLASSIFICATION_STATUS_NOT_CLASSIFIED = 'NOT_CLASSIFIED'¶: A constant which can be used with the classification_status property of a Sighting. This constant has a value of “NOT_CLASSIFIED”

CLASSIFICATION_STATUS_TRUE_NEGATIVE = 'TRUE_NEGATIVE'¶: A constant which can be used with the classification_status property of a Sighting. This constant has a value of “TRUE_NEGATIVE”

CLASSIFICATION_STATUS_TRUE_POSITIVE = 'TRUE_POSITIVE'¶: A constant which can be used with the classification_status property of a Sighting. This constant has a value of “TRUE_POSITIVE”

CONFIDENCE_CRITICAL = 'CRITICAL'¶: A constant which can be used with the confidence property of a Sighting. This constant has a value of “CRITICAL”

CONFIDENCE_HIGH = 'HIGH'¶: A constant which can be used with the confidence property of a Sighting. This constant has a value of “HIGH”

CONFIDENCE_LOW = 'LOW'¶: A constant which can be used with the confidence property of a Sighting. This constant has a value of “LOW”

CONFIDENCE_MEDIUM = 'MEDIUM'¶: A constant which can be used with the confidence property of a Sighting. This constant has a value of “MEDIUM”

CONFIDENCE_MINOR = 'MINOR'¶: A constant which can be used with the confidence property of a Sighting. This constant has a value of “MINOR”

SEVERITY_CRITICAL = 'CRITICAL'¶: A constant which can be used with the severity property of a Sighting. This constant has a value of “CRITICAL”

SEVERITY_HIGH = 'HIGH'¶: A constant which can be used with the severity property of a Sighting. This constant has a value of “HIGH”

SEVERITY_LOW = 'LOW'¶: A constant which can be used with the severity property of a Sighting. This constant has a value of “LOW”

SEVERITY_MEDIUM = 'MEDIUM'¶: A constant which can be used with the severity property of a Sighting. This constant has a value of “MEDIUM”

SEVERITY_MINOR = 'MINOR'¶: A constant which can be used with the severity property of a Sighting. This constant has a value of “MINOR”

__init__(**kwargs)¶

Initializes a new Sighting object with values from keyword arguments. The following keyword arguments are supported (corresponding to the getters/setters of this class):

Parameters:

id (str) – The value to assign to the id property of this Sighting.
description (str) – The value to assign to the description property of this Sighting.
problem_id (str) – The value to assign to the problem_id property of this Sighting.
compartment_id (str) – The value to assign to the compartment_id property of this Sighting.
actor_principal_id (str) – The value to assign to the actor_principal_id property of this Sighting.
actor_principal_name (str) – The value to assign to the actor_principal_name property of this Sighting.
actor_principal_type (str) – The value to assign to the actor_principal_type property of this Sighting.
classification_status (str) – The value to assign to the classification_status property of this Sighting. Allowed values for this property are: “FALSE_NEGATIVE”, “TRUE_NEGATIVE”, “FALSE_POSITIVE”, “TRUE_POSITIVE”, “NOT_CLASSIFIED”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.
sighting_type (str) – The value to assign to the sighting_type property of this Sighting.
sighting_type_display_name (str) – The value to assign to the sighting_type_display_name property of this Sighting.
tactic_name (str) – The value to assign to the tactic_name property of this Sighting.
technique_name (str) – The value to assign to the technique_name property of this Sighting.
sighting_score (int) – The value to assign to the sighting_score property of this Sighting.
severity (str) – The value to assign to the severity property of this Sighting. Allowed values for this property are: “CRITICAL”, “HIGH”, “MEDIUM”, “LOW”, “MINOR”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.
confidence (str) – The value to assign to the confidence property of this Sighting. Allowed values for this property are: “CRITICAL”, “HIGH”, “MEDIUM”, “LOW”, “MINOR”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.
time_first_detected (datetime) – The value to assign to the time_first_detected property of this Sighting.
time_last_detected (datetime) – The value to assign to the time_last_detected property of this Sighting.
time_first_occurred (datetime) – The value to assign to the time_first_occurred property of this Sighting.
time_last_occurred (datetime) – The value to assign to the time_last_occurred property of this Sighting.
regions (list[str]) – The value to assign to the regions property of this Sighting.
additional_details (dict(str, str)) – The value to assign to the additional_details property of this Sighting.
locks (list[oci.cloud_guard.models.ResourceLock]) – The value to assign to the locks property of this Sighting.

actor_principal_id¶

Gets the actor_principal_id of this Sighting. Unique identifier for principal actor

Returns:	The actor_principal_id of this Sighting.
Return type:	str

actor_principal_name¶

Gets the actor_principal_name of this Sighting. Name of the principal actor

Returns:	The actor_principal_name of this Sighting.
Return type:	str

actor_principal_type¶

Gets the actor_principal_type of this Sighting. Type of the principal actor

Returns:	The actor_principal_type of this Sighting.
Return type:	str

additional_details¶

Gets the additional_details of this Sighting. The additional details for the sighting

Returns:	The additional_details of this Sighting.
Return type:	dict(str, str)

classification_status¶

[Required] Gets the classification_status of this Sighting. Classification status of the sighting

Allowed values for this property are: “FALSE_NEGATIVE”, “TRUE_NEGATIVE”, “FALSE_POSITIVE”, “TRUE_POSITIVE”, “NOT_CLASSIFIED”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.

Returns:	The classification_status of this Sighting.
Return type:	str

compartment_id¶

[Required] Gets the compartment_id of this Sighting. Compartment OCID where the resource is created

Returns:	The compartment_id of this Sighting.
Return type:	str

confidence¶

[Required] Gets the confidence of this Sighting. Level of confidence that the sighting is not a false positive

Allowed values for this property are: “CRITICAL”, “HIGH”, “MEDIUM”, “LOW”, “MINOR”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.

Returns:	The confidence of this Sighting.
Return type:	str

description¶

[Required] Gets the description of this Sighting. Description of the sighting

Returns:	The description of this Sighting.
Return type:	str

id¶

[Required] Gets the id of this Sighting. Unique identifier for the sighting

Returns:	The id of this Sighting.
Return type:	str

locks¶

Gets the locks of this Sighting. Locks associated with this resource.

Returns:	The locks of this Sighting.
Return type:	list[oci.cloud_guard.models.ResourceLock]

problem_id¶

Gets the problem_id of this Sighting. Problem ID associated the sighting

Returns:	The problem_id of this Sighting.
Return type:	str

regions¶

[Required] Gets the regions of this Sighting. List of regions involved in the sighting

Returns:	The regions of this Sighting.
Return type:	list[str]

severity¶

[Required] Gets the severity of this Sighting. Severity of the sighting

Allowed values for this property are: “CRITICAL”, “HIGH”, “MEDIUM”, “LOW”, “MINOR”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.

Returns:	The severity of this Sighting.
Return type:	str

sighting_score¶

[Required] Gets the sighting_score of this Sighting. Score for the sighting

Returns:	The sighting_score of this Sighting.
Return type:	int

sighting_type¶

[Required] Gets the sighting_type of this Sighting. Type of sighting

Returns:	The sighting_type of this Sighting.
Return type:	str

sighting_type_display_name¶

[Required] Gets the sighting_type_display_name of this Sighting. Display name of the sighting type

Returns:	The sighting_type_display_name of this Sighting.
Return type:	str

tactic_name¶

[Required] Gets the tactic_name of this Sighting. Name of the MITRE ATT@CK framework tactic

Returns:	The tactic_name of this Sighting.
Return type:	str

technique_name¶

[Required] Gets the technique_name of this Sighting. Name of the MITRE ATT@CK framework technique

Returns:	The technique_name of this Sighting.
Return type:	str

time_first_detected¶

[Required] Gets the time_first_detected of this Sighting. Time the activities were first detected. Format defined by RFC3339.

Returns:	The time_first_detected of this Sighting.
Return type:	datetime

time_first_occurred¶

Gets the time_first_occurred of this Sighting. Time the activities were first performed. Format defined by RFC3339.

Returns:	The time_first_occurred of this Sighting.
Return type:	datetime

time_last_detected¶

[Required] Gets the time_last_detected of this Sighting. Time the activities were last detected. Format defined by RFC3339.

Returns:	The time_last_detected of this Sighting.
Return type:	datetime

time_last_occurred¶

Gets the time_last_occurred of this Sighting. Time the activities were last performed. Format defined by RFC3339.

Returns:	The time_last_occurred of this Sighting.
Return type:	datetime