ThreatIntelligenceIndicatorModel interface

Package:

@azure/arm-securityinsight

Threat intelligence indicator entity.

Extends

ThreatIntelligenceInformation

Properties

additionalData	A bag of custom fields that should be part of the entity and will be presented to the user. NOTE: This property will not be serialized. It can only be populated by the server.
confidence	Confidence of threat intelligence entity
created	Created by
createdByRef	Created by reference of threat intelligence entity
defanged	Is threat intelligence entity defanged
description	Description of a threat intelligence entity
displayName	Display name of a threat intelligence entity
extensions	Extensions map
externalId	External ID of threat intelligence entity
externalLastUpdatedTimeUtc	External last updated time in UTC
externalReferences	External References
friendlyName	The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. NOTE: This property will not be serialized. It can only be populated by the server.
granularMarkings	Granular Markings
indicatorTypes	Indicator types of threat intelligence entities
killChainPhases	Kill chain phases
kind	Polymorphic discriminator, which specifies the different types this object can be
labels	Labels of threat intelligence entity
language	Language of threat intelligence entity
lastUpdatedTimeUtc	Last updated time in UTC
modified	Modified by
objectMarkingRefs	Threat intelligence entity object marking references
parsedPattern	Parsed patterns
pattern	Pattern of a threat intelligence entity
patternType	Pattern type of a threat intelligence entity
patternVersion	Pattern version of a threat intelligence entity
revoked	Is threat intelligence entity revoked
source	Source of a threat intelligence entity
threatIntelligenceTags	List of tags
threatTypes	Threat types
validFrom	Valid from
validUntil	Valid until

Inherited Properties

etag	Etag of the azure resource
id	Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} NOTE: This property will not be serialized. It can only be populated by the server.
name	The name of the resource NOTE: This property will not be serialized. It can only be populated by the server.
systemData	Azure Resource Manager metadata containing createdBy and modifiedBy information. NOTE: This property will not be serialized. It can only be populated by the server.
type	The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" NOTE: This property will not be serialized. It can only be populated by the server.

Property Details

additionalData

A bag of custom fields that should be part of the entity and will be presented to the user. NOTE: This property will not be serialized. It can only be populated by the server.

additionalData?: {[propertyName: string]: Record<string, unknown>}

Property Value

{[propertyName: string]: Record<string, unknown>}

confidence

Confidence of threat intelligence entity

confidence?: number

Property Value

number

created

Created by

created?: string

Property Value

string

createdByRef

Created by reference of threat intelligence entity

createdByRef?: string

Property Value

string

defanged

Is threat intelligence entity defanged

defanged?: boolean

Property Value

boolean

description

Description of a threat intelligence entity

description?: string

Property Value

string

displayName

Display name of a threat intelligence entity

displayName?: string

Property Value

string

extensions

Extensions map

extensions?: {[propertyName: string]: any}

Property Value

{[propertyName: string]: any}

externalId

External ID of threat intelligence entity

externalId?: string

Property Value

string

externalLastUpdatedTimeUtc

External last updated time in UTC

externalLastUpdatedTimeUtc?: string

Property Value

string

externalReferences

External References

externalReferences?: ThreatIntelligenceExternalReference[]

Property Value

ThreatIntelligenceExternalReference[]

friendlyName

The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. NOTE: This property will not be serialized. It can only be populated by the server.

friendlyName?: string

Property Value

string

granularMarkings

Granular Markings

granularMarkings?: ThreatIntelligenceGranularMarkingModel[]

Property Value

ThreatIntelligenceGranularMarkingModel[]

indicatorTypes

Indicator types of threat intelligence entities

indicatorTypes?: string[]

Property Value

string[]

killChainPhases

Kill chain phases

killChainPhases?: ThreatIntelligenceKillChainPhase[]

Property Value

ThreatIntelligenceKillChainPhase[]

kind

Polymorphic discriminator, which specifies the different types this object can be

kind: "indicator"

Property Value

"indicator"

labels

Labels of threat intelligence entity

labels?: string[]

Property Value

string[]

language

Language of threat intelligence entity

language?: string

Property Value

string

lastUpdatedTimeUtc

Last updated time in UTC

lastUpdatedTimeUtc?: string

Property Value

string

modified

Modified by

modified?: string

Property Value

string

objectMarkingRefs

Threat intelligence entity object marking references

objectMarkingRefs?: string[]

Property Value

string[]

parsedPattern

Parsed patterns

parsedPattern?: ThreatIntelligenceParsedPattern[]

Property Value

ThreatIntelligenceParsedPattern[]

pattern

Pattern of a threat intelligence entity

pattern?: string

Property Value

string

patternType

Pattern type of a threat intelligence entity

patternType?: string

Property Value

string

patternVersion

Pattern version of a threat intelligence entity

patternVersion?: string

Property Value

string

revoked

Is threat intelligence entity revoked

revoked?: boolean

Property Value

boolean

source

Source of a threat intelligence entity

source?: string

Property Value

string

threatIntelligenceTags

List of tags

threatIntelligenceTags?: string[]

Property Value

string[]

threatTypes

Threat types

threatTypes?: string[]

Property Value

string[]

validFrom

Valid from

validFrom?: string

Property Value

string

validUntil

Valid until

validUntil?: string

Property Value

string

Inherited Property Details

etag

Etag of the azure resource

etag?: string

Property Value

string

Inherited From ThreatIntelligenceInformation.etag

id

Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} NOTE: This property will not be serialized. It can only be populated by the server.

id?: string

Property Value

string

Inherited From ThreatIntelligenceInformation.id

name

The name of the resource NOTE: This property will not be serialized. It can only be populated by the server.

name?: string

Property Value

string

Inherited From ThreatIntelligenceInformation.name

systemData

Azure Resource Manager metadata containing createdBy and modifiedBy information. NOTE: This property will not be serialized. It can only be populated by the server.

systemData?: SystemData

Property Value

SystemData

Inherited From ThreatIntelligenceInformation.systemData

type

The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" NOTE: This property will not be serialized. It can only be populated by the server.

type?: string

Property Value

string

Inherited From ThreatIntelligenceInformation.type