HuntProperties Class

Describes hunt properties.

Constructor

HuntProperties(*args: Any, **kwargs: Any)

Variables

Name Description
display_name
str

The display name of the hunt. Required.
description
str

The description of the hunt. Required.
status
str or Status

The status of the hunt. Known values are: "New", "Active", "Closed", "Backlog", "Approved", "Succeeded", "Failed", and "InProgress".
hypothesis_status
str or HypothesisStatus

The hypothesis status of the hunt. Known values are: "Unknown", "Invalidated", and "Validated".
attack_tactics
list[str or AttackTactic]

A list of mitre attack tactics the hunt is associated with.
attack_techniques
list[str]

A list of a mitre attack techniques the hunt is associated with.
labels
list[str]

List of labels relevant to this hunt.
owner
HuntOwner

Describes a user that the hunt is assigned to.

Attributes

attack_tactics

A list of mitre attack tactics the hunt is associated with.

attack_tactics: list[typing.Union[str, ForwardRef('_models.AttackTactic')]] | None

attack_techniques

A list of a mitre attack techniques the hunt is associated with.

attack_techniques: list[str] | None

description

The description of the hunt. Required.

description: str

display_name

The display name of the hunt. Required.

display_name: str

hypothesis_status

"Unknown", "Invalidated", and "Validated".

hypothesis_status: str | _models.HypothesisStatus | None

labels

List of labels relevant to this hunt.

labels: list[str] | None

owner

Describes a user that the hunt is assigned to.

owner: _models.HuntOwner | None

status

"New", "Active", "Closed", "Backlog", "Approved", "Succeeded", "Failed", and "InProgress".

status: str | _models.Status | None