Class IndicatorDetail

java.lang.Object
software.amazon.awssdk.services.detective.model.IndicatorDetail
All Implemented Interfaces:
Serializable, SdkPojo, ToCopyableBuilder<IndicatorDetail.Builder,IndicatorDetail>
@Generated("software.amazon.awssdk:codegen") public final class IndicatorDetail extends Object implements SdkPojo, Serializable, ToCopyableBuilder<IndicatorDetail.Builder,IndicatorDetail>

Details about the indicators of compromise which are used to determine if a resource is involved in a security incident. An indicator of compromise (IOC) is an artifact observed in or on a network, system, or environment that can (with a high level of confidence) identify malicious activity or a security incident. For the list of indicators of compromise that are generated by Detective investigations, see Detective investigations.

See Also:

  • Method Details

    • ttPsObservedDetail

      public final TTPsObservedDetail ttPsObservedDetail()

      Details about the indicator of compromise.

      Returns:
      Details about the indicator of compromise.

    • impossibleTravelDetail

      public final ImpossibleTravelDetail impossibleTravelDetail()

      Identifies unusual and impossible user activity for an account.

      Returns:
      Identifies unusual and impossible user activity for an account.

    • flaggedIpAddressDetail

      public final FlaggedIpAddressDetail flaggedIpAddressDetail()

      Suspicious IP addresses that are flagged, which indicates critical or severe threats based on threat intelligence by Detective. This indicator is derived from Amazon Web Services threat intelligence.

      Returns:
      Suspicious IP addresses that are flagged, which indicates critical or severe threats based on threat intelligence by Detective. This indicator is derived from Amazon Web Services threat intelligence.

    • newGeolocationDetail

      public final NewGeolocationDetail newGeolocationDetail()

      Contains details about the new geographic location.

      Returns:
      Contains details about the new geographic location.

    • newAsoDetail

      public final NewAsoDetail newAsoDetail()

      Contains details about the new Autonomous System Organization (ASO).

      Returns:
      Contains details about the new Autonomous System Organization (ASO).

    • newUserAgentDetail

      public final NewUserAgentDetail newUserAgentDetail()

      Contains details about the new user agent.

      Returns:
      Contains details about the new user agent.

    • relatedFindingDetail

      public final RelatedFindingDetail relatedFindingDetail()

      Contains details about related findings.

      Returns:
      Contains details about related findings.

    • relatedFindingGroupDetail

      public final RelatedFindingGroupDetail relatedFindingGroupDetail()

      Contains details about related finding groups.

      Returns:
      Contains details about related finding groups.

    • toBuilder

      public IndicatorDetail.Builder toBuilder()
      Description copied from interface: ToCopyableBuilder
      Take this object and create a builder that contains all of the current property values of this object.
      Specified by:
      toBuilder in interface ToCopyableBuilder<IndicatorDetail.Builder,IndicatorDetail>
      Returns:
      a builder for type T

    • builder

      public static IndicatorDetail.Builder builder()

    • serializableBuilderClass

      public static Class<? extends IndicatorDetail.Builder> serializableBuilderClass()

    • hashCode

      public final int hashCode()
      Overrides:
      hashCode in class Object

    • equals

      public final boolean equals(Object obj)
      Overrides:
      equals in class Object

    • equalsBySdkFields

      public final boolean equalsBySdkFields(Object obj)
      Description copied from interface: SdkPojo
      Indicates whether some other object is "equal to" this one by SDK fields. An SDK field is a modeled, non-inherited field in an SdkPojo class, and is generated based on a service model.

      If an SdkPojo class does not have any inherited fields, equalsBySdkFields and equals are essentially the same.

      Specified by:
      equalsBySdkFields in interface SdkPojo
      Parameters:
      obj - the object to be compared with
      Returns:
      true if the other object equals to this object by sdk fields, false otherwise.

    • toString

      public final String toString()
      Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be redacted from this string using a placeholder value.
      Overrides:
      toString in class Object

    • getValueForField

      public final <T> Optional<T> getValueForField(String fieldName, Class<T> clazz)

    • sdkFields

      public final List<SdkField<?>> sdkFields()
      Specified by:
      sdkFields in interface SdkPojo
      Returns:
      List of SdkField in this POJO. May be empty list but should never be null.