Module Values.IndicatorSource

Detective investigations triages indicators of compromises such as a finding and surfaces only the most critical and suspicious issues, so you can focus on high-level investigations. An Indicator lets you determine if an Amazon Web Services resource is involved in unusual activity that could indicate malicious behavior and its impact.

Sourcetype nonrec t = {
  1. indicatorType : IndicatorType.t option;
    (*

    The type of indicator.

    *)
  2. indicatorDetail : IndicatorDetail.t option;
    (*

    Details about the indicators of compromise that are used to determine if a resource is involved in a security incident. An indicator of compromise (IOC) is an artifact observed in or on a network, system, or environment that can (with a high level of confidence) identify malicious activity or a security incident.

    *)
}
Sourceval make : ?indicatorType:??? -> ?indicatorDetail:??? -> unit -> t
Sourceval to_value : t -> [> `Structure of (string * [> `Enum of string | `Structure of (string * [> `Structure of (string * [> `Boolean of IsNewForEntireAccount.t | `Enum of string | `Integer of HourlyTimeDelta.t | `Long of APISuccessCount.t | `String of Tactic.t ]) list ]) list ]) list ]
Sourceval to_query : t -> Awso.Client.Query.t
Sourceval of_xml : Awso.Xml.t -> t
Sourceval of_string : string -> t
Sourceval of_json : Yojson.Safe.t -> t
Sourceval to_json : t -> Yojson.Safe.t