Module Values.IndicatorSource

Contains information about the indicators that include a set of signals observed in an attack sequence.

Sourcetype nonrec t = {
  1. key : IndicatorType.t option;
    (*

    Specific indicator keys observed in the attack sequence. For description of the valid values for key, see Attack sequence finding details in the Amazon GuardDuty User Guide.

    *)
  2. values : IndicatorValues.t option;
    (*

    Values associated with each indicator key. For example, if the indicator key is SUSPICIOUS_NETWORK, then the value will be the name of the network. If the indicator key is ATTACK_TACTIC, then the value will be one of the MITRE tactics.

    *)
  3. title : IndicatorTitle.t option;
    (*

    Title describing the indicator.

    *)
}
Sourceval make : ?key:??? -> ?values:??? -> ?title:??? -> unit -> t
Sourceval to_value : t -> [> `Structure of (string * [> `Enum of string | `List of [> `String of IndicatorValueString.t ] list | `String of IndicatorTitle.t ]) list ]
Sourceval to_query : t -> Awso.Client.Query.t
Sourceval of_xml : Awso.Xml.t -> t
Sourceval of_string : string -> t
Sourceval of_json : Yojson.Safe.t -> t
Sourceval to_json : t -> Yojson.Safe.t