com.tencentcloudapi.tcss.v20201101.models

Class AbnormalProcessSystemChildRuleInfo

java.lang.Object

com.tencentcloudapi.common.AbstractModel

com.tencentcloudapi.tcss.v20201101.models.AbnormalProcessSystemChildRuleInfo

public class AbnormalProcessSystemChildRuleInfo
extends AbstractModel

Constructor Summary

Constructors

Constructor and Description
AbnormalProcessSystemChildRuleInfo()
AbnormalProcessSystemChildRuleInfo(AbnormalProcessSystemChildRuleInfo source) NOTE: Any ambiguous key set via .set("AnyKey", "value") will be a shallow copy, and any explicit key, i.e Foo, set via .setFoo("value") will be a deep copy.

Method Summary

Modifier and Type	Method and Description
Boolean	getIsEnable() Get Sub-policy status.
String	getRuleId() Get Sub-policy ID
String	getRuleLevel() Get Severity.
String	getRuleMode() Get Policy mode.
String	getRuleType() Get Behavior type detected by the sub-policy `PROXY_TOOL`: Proxy.
void	setIsEnable(Boolean IsEnable) Set Sub-policy status.
void	setRuleId(String RuleId) Set Sub-policy ID
void	setRuleLevel(String RuleLevel) Set Severity.
void	setRuleMode(String RuleMode) Set Policy mode.
void	setRuleType(String RuleType) Set Behavior type detected by the sub-policy `PROXY_TOOL`: Proxy.
void	toMap(HashMap<String,String> map, String prefix) Internal implementation, normal users should not use it.

Methods inherited from class com.tencentcloudapi.common.AbstractModel

any, fromJsonString, getBinaryParams, getMultipartRequestParams, set, setParamArrayObj, setParamArraySimple, setParamObj, setParamSimple, toJsonString

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AbnormalProcessSystemChildRuleInfo

public AbnormalProcessSystemChildRuleInfo()

AbnormalProcessSystemChildRuleInfo

public AbnormalProcessSystemChildRuleInfo(AbnormalProcessSystemChildRuleInfo source)

NOTE: Any ambiguous key set via .set("AnyKey", "value") will be a shallow copy, and any explicit key, i.e Foo, set via .setFoo("value") will be a deep copy.

Method Detail

getRuleId

public String getRuleId()

Get Sub-policy ID

Returns:

RuleId Sub-policy ID

setRuleId

public void setRuleId(String RuleId)

Set Sub-policy ID

Parameters:

RuleId - Sub-policy ID

getIsEnable

public Boolean getIsEnable()

Get Sub-policy status. Valid values: `true` (enabled); `false` (disabled).

Returns:

IsEnable Sub-policy status. Valid values: `true` (enabled); `false` (disabled).

setIsEnable

public void setIsEnable(Boolean IsEnable)

Set Sub-policy status. Valid values: `true` (enabled); `false` (disabled).

Parameters:

IsEnable - Sub-policy status. Valid values: `true` (enabled); `false` (disabled).

getRuleMode

public String getRuleMode()

Get Policy mode. `RULE_MODE_RELEASE`: Allow. `RULE_MODE_ALERT`: Alert. `RULE_MODE_HOLDUP`: Block.

Returns:

RuleMode Policy mode. `RULE_MODE_RELEASE`: Allow. `RULE_MODE_ALERT`: Alert. `RULE_MODE_HOLDUP`: Block.

setRuleMode

public void setRuleMode(String RuleMode)

Set Policy mode. `RULE_MODE_RELEASE`: Allow. `RULE_MODE_ALERT`: Alert. `RULE_MODE_HOLDUP`: Block.

Parameters:

RuleMode - Policy mode. `RULE_MODE_RELEASE`: Allow. `RULE_MODE_ALERT`: Alert. `RULE_MODE_HOLDUP`: Block.

getRuleType

public String getRuleType()

Get Behavior type detected by the sub-policy `PROXY_TOOL`: Proxy. `TRANSFER_CONTROL`: Lateral movement. `ATTACK_CMD`: Malicious command. `REVERSE_SHELL`: Reverse shell. `FILELESS`: Fileless execution. `RISK_CMD`: High-risk command. `ABNORMAL_CHILD_PROC`: Unusual start found in the child process of the sensitive service.

Returns:

RuleType Behavior type detected by the sub-policy `PROXY_TOOL`: Proxy. `TRANSFER_CONTROL`: Lateral movement. `ATTACK_CMD`: Malicious command. `REVERSE_SHELL`: Reverse shell. `FILELESS`: Fileless execution. `RISK_CMD`: High-risk command. `ABNORMAL_CHILD_PROC`: Unusual start found in the child process of the sensitive service.

setRuleType

public void setRuleType(String RuleType)

Set Behavior type detected by the sub-policy `PROXY_TOOL`: Proxy. `TRANSFER_CONTROL`: Lateral movement. `ATTACK_CMD`: Malicious command. `REVERSE_SHELL`: Reverse shell. `FILELESS`: Fileless execution. `RISK_CMD`: High-risk command. `ABNORMAL_CHILD_PROC`: Unusual start found in the child process of the sensitive service.

Parameters:

RuleType - Behavior type detected by the sub-policy `PROXY_TOOL`: Proxy. `TRANSFER_CONTROL`: Lateral movement. `ATTACK_CMD`: Malicious command. `REVERSE_SHELL`: Reverse shell. `FILELESS`: Fileless execution. `RISK_CMD`: High-risk command. `ABNORMAL_CHILD_PROC`: Unusual start found in the child process of the sensitive service.

getRuleLevel

public String getRuleLevel()

Get Severity. Valid values: `HIGH` (high); `MIDDLE` (medium); `LOW` (low). Note: This field may return null, indicating that no valid values can be obtained.

Returns:

RuleLevel Severity. Valid values: `HIGH` (high); `MIDDLE` (medium); `LOW` (low). Note: This field may return null, indicating that no valid values can be obtained.

setRuleLevel

public void setRuleLevel(String RuleLevel)

Set Severity. Valid values: `HIGH` (high); `MIDDLE` (medium); `LOW` (low). Note: This field may return null, indicating that no valid values can be obtained.

Parameters:

RuleLevel - Severity. Valid values: `HIGH` (high); `MIDDLE` (medium); `LOW` (low). Note: This field may return null, indicating that no valid values can be obtained.

toMap

public void toMap(HashMap<String,String> map,
                  String prefix)

Internal implementation, normal users should not use it.

Specified by:

toMap in class AbstractModel