com.tencentcloudapi.tcss.v20201101.models

Class AbnormalProcessEventInfo

java.lang.Object

com.tencentcloudapi.common.AbstractModel

com.tencentcloudapi.tcss.v20201101.models.AbnormalProcessEventInfo

public class AbnormalProcessEventInfo
extends AbstractModel

Field Summary

Fields inherited from class com.tencentcloudapi.common.AbstractModel

header, skipSign

Constructor Summary

Constructors

Constructor and Description
AbnormalProcessEventInfo()
AbnormalProcessEventInfo(AbnormalProcessEventInfo source) NOTE: Any ambiguous key set via .set("AnyKey", "value") will be a shallow copy, and any explicit key, i.e Foo, set via .setFoo("value") will be a deep copy.

Method Summary

Modifier and Type	Method and Description
String	getBehavior() Get Action execution result.
String	getClusterID() Get Cluster ID
String	getClusterName() Get Cluster name
String	getContainerId() Get Container ID, which is used for redirect.
String	getContainerIsolateOperationSrc() Get Container isolation operation source Note: This field may return null, indicating that no valid values can be obtained.
String	getContainerName() Get Container name
String	getContainerNetStatus() Get Network status `NORMAL`: Not isolated.
String	getContainerNetSubStatus() Get Sub-status of the container "AGENT_OFFLINE" // The agent is offline.
String	getContainerStatus() Get Container status `RUNNING`: Running.
String	getDescription() Get Event description
Long	getEventCount() Get Number of events
String	getEventType() Get Event type.
String	getFoundTime() Get Generation time
String	getHostID() Get uuid
String	getHostIP() Get Private IP of the node
String	getId() Get Unique event ID
String	getImageId() Get Image ID, which is used for redirect.
String	getImageName() Get Image name
String	getLatestFoundTime() Get Last generation time
String	getMatchAction() Get Action of the hit rule: `RULE_MODE_RELEASE`: Allow.
String	getMatchGroupName() Get Name of the hit policy.
String	getMatchProcessPath() Get Information of the process that hits the rule
String	getMatchRuleId() Get Hit policy ID
String	getMatchRuleLevel() Get Level of the hit rule.
String	getMatchRuleName() Get Name of the hit rule.
String	getNodeID() Get Node ID
String	getNodeName() Get Node name
String	getNodeType() Get Node type.
String	getNodeUniqueID() Get Cluster ID
String	getPodIP() Get Pod IP
String	getPodName() Get Pod name
String	getProcessPath() Get Process directory
String	getPublicIP() Get Node public IP
Boolean	getRuleExist() Get Whether the rule exists
String	getRuleId() Get Rule group ID
String	getSolution() Get Event solution
String	getStatus() Get Status.
void	setBehavior(String Behavior) Set Action execution result.
void	setClusterID(String ClusterID) Set Cluster ID
void	setClusterName(String ClusterName) Set Cluster name
void	setContainerId(String ContainerId) Set Container ID, which is used for redirect.
void	setContainerIsolateOperationSrc(String ContainerIsolateOperationSrc) Set Container isolation operation source Note: This field may return null, indicating that no valid values can be obtained.
void	setContainerName(String ContainerName) Set Container name
void	setContainerNetStatus(String ContainerNetStatus) Set Network status `NORMAL`: Not isolated.
void	setContainerNetSubStatus(String ContainerNetSubStatus) Set Sub-status of the container "AGENT_OFFLINE" // The agent is offline.
void	setContainerStatus(String ContainerStatus) Set Container status `RUNNING`: Running.
void	setDescription(String Description) Set Event description
void	setEventCount(Long EventCount) Set Number of events
void	setEventType(String EventType) Set Event type.
void	setFoundTime(String FoundTime) Set Generation time
void	setHostID(String HostID) Set uuid
void	setHostIP(String HostIP) Set Private IP of the node
void	setId(String Id) Set Unique event ID
void	setImageId(String ImageId) Set Image ID, which is used for redirect.
void	setImageName(String ImageName) Set Image name
void	setLatestFoundTime(String LatestFoundTime) Set Last generation time
void	setMatchAction(String MatchAction) Set Action of the hit rule: `RULE_MODE_RELEASE`: Allow.
void	setMatchGroupName(String MatchGroupName) Set Name of the hit policy.
void	setMatchProcessPath(String MatchProcessPath) Set Information of the process that hits the rule
void	setMatchRuleId(String MatchRuleId) Set Hit policy ID
void	setMatchRuleLevel(String MatchRuleLevel) Set Level of the hit rule.
void	setMatchRuleName(String MatchRuleName) Set Name of the hit rule.
void	setNodeID(String NodeID) Set Node ID
void	setNodeName(String NodeName) Set Node name
void	setNodeType(String NodeType) Set Node type.
void	setNodeUniqueID(String NodeUniqueID) Set Cluster ID
void	setPodIP(String PodIP) Set Pod IP
void	setPodName(String PodName) Set Pod name
void	setProcessPath(String ProcessPath) Set Process directory
void	setPublicIP(String PublicIP) Set Node public IP
void	setRuleExist(Boolean RuleExist) Set Whether the rule exists
void	setRuleId(String RuleId) Set Rule group ID
void	setSolution(String Solution) Set Event solution
void	setStatus(String Status) Set Status.
void	toMap(HashMap<String,String> map, String prefix) Internal implementation, normal users should not use it.

Methods inherited from class com.tencentcloudapi.common.AbstractModel

any, fromJsonString, getBinaryParams, GetHeader, getMultipartRequestParams, getSkipSign, set, SetHeader, setParamArrayObj, setParamArraySimple, setParamObj, setParamSimple, setSkipSign, toJsonString

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AbnormalProcessEventInfo

public AbnormalProcessEventInfo()

AbnormalProcessEventInfo

public AbnormalProcessEventInfo(AbnormalProcessEventInfo source)

NOTE: Any ambiguous key set via .set("AnyKey", "value") will be a shallow copy, and any explicit key, i.e Foo, set via .setFoo("value") will be a deep copy.

Method Detail

getProcessPath

public String getProcessPath()

Get Process directory

Returns:

ProcessPath Process directory

setProcessPath

public void setProcessPath(String ProcessPath)

Set Process directory

Parameters:

ProcessPath - Process directory

getEventType

public String getEventType()

Get Event type. `MALICE_PROCESS_START`: Malicious process startup.

Returns:

EventType Event type. `MALICE_PROCESS_START`: Malicious process startup.

setEventType

public void setEventType(String EventType)

Set Event type. `MALICE_PROCESS_START`: Malicious process startup.

Parameters:

EventType - Event type. `MALICE_PROCESS_START`: Malicious process startup.

getMatchRuleName

public String getMatchRuleName()

Get Name of the hit rule. Valid values: `PROXY_TOOL` (proxy); `TRANSFER_CONTROL` (lateral movement); `ATTACK_CMD` (malicious command); `REVERSE_SHELL` (reverse shell); `FILELESS` (fileless execution); `RISK_CMD` (high-risk command); `ABNORMAL_CHILD_PROC` (unusual start found in the child process of the sensitive service); `USER_DEFINED_RULE` (custom rule).

Returns:

MatchRuleName Name of the hit rule. Valid values: `PROXY_TOOL` (proxy); `TRANSFER_CONTROL` (lateral movement); `ATTACK_CMD` (malicious command); `REVERSE_SHELL` (reverse shell); `FILELESS` (fileless execution); `RISK_CMD` (high-risk command); `ABNORMAL_CHILD_PROC` (unusual start found in the child process of the sensitive service); `USER_DEFINED_RULE` (custom rule).

setMatchRuleName

public void setMatchRuleName(String MatchRuleName)

Set Name of the hit rule. Valid values: `PROXY_TOOL` (proxy); `TRANSFER_CONTROL` (lateral movement); `ATTACK_CMD` (malicious command); `REVERSE_SHELL` (reverse shell); `FILELESS` (fileless execution); `RISK_CMD` (high-risk command); `ABNORMAL_CHILD_PROC` (unusual start found in the child process of the sensitive service); `USER_DEFINED_RULE` (custom rule).

Parameters:

MatchRuleName - Name of the hit rule. Valid values: `PROXY_TOOL` (proxy); `TRANSFER_CONTROL` (lateral movement); `ATTACK_CMD` (malicious command); `REVERSE_SHELL` (reverse shell); `FILELESS` (fileless execution); `RISK_CMD` (high-risk command); `ABNORMAL_CHILD_PROC` (unusual start found in the child process of the sensitive service); `USER_DEFINED_RULE` (custom rule).

getFoundTime

public String getFoundTime()

Get Generation time

Returns:

FoundTime Generation time

setFoundTime

public void setFoundTime(String FoundTime)

Set Generation time

Parameters:

FoundTime - Generation time

getContainerName

public String getContainerName()

Get Container name

Returns:

ContainerName Container name

setContainerName

public void setContainerName(String ContainerName)

Set Container name

Parameters:

ContainerName - Container name

getImageName

public String getImageName()

Get Image name

Returns:

ImageName Image name

setImageName

public void setImageName(String ImageName)

Set Image name

Parameters:

ImageName - Image name

getBehavior

public String getBehavior()

Get Action execution result. `BEHAVIOR_NONE`: None. `BEHAVIOR_ALERT`: Alert. `BEHAVIOR_RELEASE`: Allow. `BEHAVIOR_HOLDUP_FAILED`: Failed to block. `BEHAVIOR_HOLDUP_SUCCESSED`: Blocked.

Returns:

Behavior Action execution result. `BEHAVIOR_NONE`: None. `BEHAVIOR_ALERT`: Alert. `BEHAVIOR_RELEASE`: Allow. `BEHAVIOR_HOLDUP_FAILED`: Failed to block. `BEHAVIOR_HOLDUP_SUCCESSED`: Blocked.

setBehavior

public void setBehavior(String Behavior)

Set Action execution result. `BEHAVIOR_NONE`: None. `BEHAVIOR_ALERT`: Alert. `BEHAVIOR_RELEASE`: Allow. `BEHAVIOR_HOLDUP_FAILED`: Failed to block. `BEHAVIOR_HOLDUP_SUCCESSED`: Blocked.

Parameters:

Behavior - Action execution result. `BEHAVIOR_NONE`: None. `BEHAVIOR_ALERT`: Alert. `BEHAVIOR_RELEASE`: Allow. `BEHAVIOR_HOLDUP_FAILED`: Failed to block. `BEHAVIOR_HOLDUP_SUCCESSED`: Blocked.

getStatus

public String getStatus()

Get Status. `EVENT_UNDEAL`: Pending. `EVENT_DEALED`: Processed. `EVENT_INGNORE`: Ignored.

Returns:

Status Status. `EVENT_UNDEAL`: Pending. `EVENT_DEALED`: Processed. `EVENT_INGNORE`: Ignored.

setStatus

public void setStatus(String Status)

Set Status. `EVENT_UNDEAL`: Pending. `EVENT_DEALED`: Processed. `EVENT_INGNORE`: Ignored.

Parameters:

Status - Status. `EVENT_UNDEAL`: Pending. `EVENT_DEALED`: Processed. `EVENT_INGNORE`: Ignored.

getId

public String getId()

Get Unique event ID

Returns:

Id Unique event ID

setId

public void setId(String Id)

Set Unique event ID

Parameters:

Id - Unique event ID

getImageId

public String getImageId()

Get Image ID, which is used for redirect.

Returns:

ImageId Image ID, which is used for redirect.

setImageId

public void setImageId(String ImageId)

Set Image ID, which is used for redirect.

Parameters:

ImageId - Image ID, which is used for redirect.

getContainerId

public String getContainerId()

Get Container ID, which is used for redirect.

Returns:

ContainerId Container ID, which is used for redirect.

setContainerId

public void setContainerId(String ContainerId)

Set Container ID, which is used for redirect.

Parameters:

ContainerId - Container ID, which is used for redirect.

getSolution

public String getSolution()

Get Event solution

Returns:

Solution Event solution

setSolution

public void setSolution(String Solution)

Set Event solution

Parameters:

Solution - Event solution

getDescription

public String getDescription()

Get Event description

Returns:

Description Event description

setDescription

public void setDescription(String Description)

Set Event description

Parameters:

Description - Event description

getMatchRuleId

public String getMatchRuleId()

Get Hit policy ID

Returns:

MatchRuleId Hit policy ID

setMatchRuleId

public void setMatchRuleId(String MatchRuleId)

Set Hit policy ID

Parameters:

MatchRuleId - Hit policy ID

getMatchAction

public String getMatchAction()

Get Action of the hit rule: `RULE_MODE_RELEASE`: Allow. `RULE_MODE_ALERT`: Alert. `RULE_MODE_HOLDUP`: Block.

Returns:

MatchAction Action of the hit rule: `RULE_MODE_RELEASE`: Allow. `RULE_MODE_ALERT`: Alert. `RULE_MODE_HOLDUP`: Block.

setMatchAction

public void setMatchAction(String MatchAction)

Set Action of the hit rule: `RULE_MODE_RELEASE`: Allow. `RULE_MODE_ALERT`: Alert. `RULE_MODE_HOLDUP`: Block.

Parameters:

MatchAction - Action of the hit rule: `RULE_MODE_RELEASE`: Allow. `RULE_MODE_ALERT`: Alert. `RULE_MODE_HOLDUP`: Block.

getMatchProcessPath

public String getMatchProcessPath()

Get Information of the process that hits the rule

Returns:

MatchProcessPath Information of the process that hits the rule

setMatchProcessPath

public void setMatchProcessPath(String MatchProcessPath)

Set Information of the process that hits the rule

Parameters:

MatchProcessPath - Information of the process that hits the rule

getRuleExist

public Boolean getRuleExist()

Get Whether the rule exists

Returns:

RuleExist Whether the rule exists

setRuleExist

public void setRuleExist(Boolean RuleExist)

Set Whether the rule exists

Parameters:

RuleExist - Whether the rule exists

getEventCount

public Long getEventCount()

Get Number of events

Returns:

EventCount Number of events

setEventCount

public void setEventCount(Long EventCount)

Set Number of events

Parameters:

EventCount - Number of events

getLatestFoundTime

public String getLatestFoundTime()

Get Last generation time

Returns:

LatestFoundTime Last generation time

setLatestFoundTime

public void setLatestFoundTime(String LatestFoundTime)

Set Last generation time

Parameters:

LatestFoundTime - Last generation time

getRuleId

public String getRuleId()

Get Rule group ID

Returns:

RuleId Rule group ID

setRuleId

public void setRuleId(String RuleId)

Set Rule group ID

Parameters:

RuleId - Rule group ID

getMatchGroupName

public String getMatchGroupName()

Get Name of the hit policy. Valid values: `SYSTEM_DEFINED_RULE` (preset policy); name of the custom policy.

Returns:

MatchGroupName Name of the hit policy. Valid values: `SYSTEM_DEFINED_RULE` (preset policy); name of the custom policy.

setMatchGroupName

public void setMatchGroupName(String MatchGroupName)

Set Name of the hit policy. Valid values: `SYSTEM_DEFINED_RULE` (preset policy); name of the custom policy.

Parameters:

MatchGroupName - Name of the hit policy. Valid values: `SYSTEM_DEFINED_RULE` (preset policy); name of the custom policy.

getMatchRuleLevel

public String getMatchRuleLevel()

Get Level of the hit rule. Valid values: `HIGH` (high); `MIDDLE` (medium); `LOW` (low).

Returns:

MatchRuleLevel Level of the hit rule. Valid values: `HIGH` (high); `MIDDLE` (medium); `LOW` (low).

setMatchRuleLevel

public void setMatchRuleLevel(String MatchRuleLevel)

Set Level of the hit rule. Valid values: `HIGH` (high); `MIDDLE` (medium); `LOW` (low).

Parameters:

MatchRuleLevel - Level of the hit rule. Valid values: `HIGH` (high); `MIDDLE` (medium); `LOW` (low).

getContainerNetStatus

public String getContainerNetStatus()

Get Network status `NORMAL`: Not isolated. `ISOLATED`: Isolated. `ISOLATING`: Isolating. `ISOLATE_FAILED`: Isolation failed. `RESTORING`: Recovering. `RESTORE_FAILED`: Recovery failed. Note: This field may return null, indicating that no valid values can be obtained.

Returns:

ContainerNetStatus Network status `NORMAL`: Not isolated. `ISOLATED`: Isolated. `ISOLATING`: Isolating. `ISOLATE_FAILED`: Isolation failed. `RESTORING`: Recovering. `RESTORE_FAILED`: Recovery failed. Note: This field may return null, indicating that no valid values can be obtained.

setContainerNetStatus

public void setContainerNetStatus(String ContainerNetStatus)

Set Network status `NORMAL`: Not isolated. `ISOLATED`: Isolated. `ISOLATING`: Isolating. `ISOLATE_FAILED`: Isolation failed. `RESTORING`: Recovering. `RESTORE_FAILED`: Recovery failed. Note: This field may return null, indicating that no valid values can be obtained.

Parameters:

ContainerNetStatus - Network status `NORMAL`: Not isolated. `ISOLATED`: Isolated. `ISOLATING`: Isolating. `ISOLATE_FAILED`: Isolation failed. `RESTORING`: Recovering. `RESTORE_FAILED`: Recovery failed. Note: This field may return null, indicating that no valid values can be obtained.

getContainerNetSubStatus

public String getContainerNetSubStatus()

Get Sub-status of the container "AGENT_OFFLINE" // The agent is offline. "NODE_DESTROYED" // The node is terminated. "CONTAINER_EXITED" // The container exited. "CONTAINER_DESTROYED" // The container was terminated. "SHARED_HOST" // The container shares the network with the server. "RESOURCE_LIMIT" // The number of resources to be isolated exceeds the limit. "UNKNOW" // The reason is unknown. Note: This field may return null, indicating that no valid values can be obtained.

Returns:

ContainerNetSubStatus Sub-status of the container "AGENT_OFFLINE" // The agent is offline. "NODE_DESTROYED" // The node is terminated. "CONTAINER_EXITED" // The container exited. "CONTAINER_DESTROYED" // The container was terminated. "SHARED_HOST" // The container shares the network with the server. "RESOURCE_LIMIT" // The number of resources to be isolated exceeds the limit. "UNKNOW" // The reason is unknown. Note: This field may return null, indicating that no valid values can be obtained.

setContainerNetSubStatus

public void setContainerNetSubStatus(String ContainerNetSubStatus)

Set Sub-status of the container "AGENT_OFFLINE" // The agent is offline. "NODE_DESTROYED" // The node is terminated. "CONTAINER_EXITED" // The container exited. "CONTAINER_DESTROYED" // The container was terminated. "SHARED_HOST" // The container shares the network with the server. "RESOURCE_LIMIT" // The number of resources to be isolated exceeds the limit. "UNKNOW" // The reason is unknown. Note: This field may return null, indicating that no valid values can be obtained.

Parameters:

ContainerNetSubStatus - Sub-status of the container "AGENT_OFFLINE" // The agent is offline. "NODE_DESTROYED" // The node is terminated. "CONTAINER_EXITED" // The container exited. "CONTAINER_DESTROYED" // The container was terminated. "SHARED_HOST" // The container shares the network with the server. "RESOURCE_LIMIT" // The number of resources to be isolated exceeds the limit. "UNKNOW" // The reason is unknown. Note: This field may return null, indicating that no valid values can be obtained.

getContainerIsolateOperationSrc

public String getContainerIsolateOperationSrc()

Get Container isolation operation source Note: This field may return null, indicating that no valid values can be obtained.

Returns:

ContainerIsolateOperationSrc Container isolation operation source Note: This field may return null, indicating that no valid values can be obtained.

setContainerIsolateOperationSrc

public void setContainerIsolateOperationSrc(String ContainerIsolateOperationSrc)

Set Container isolation operation source Note: This field may return null, indicating that no valid values can be obtained.

Parameters:

ContainerIsolateOperationSrc - Container isolation operation source Note: This field may return null, indicating that no valid values can be obtained.

getContainerStatus

public String getContainerStatus()

Get Container status `RUNNING`: Running. `PAUSED`: Paused. `STOPPED`: Stopped. `CREATED`: Created. `DESTROYED`: Terminated. `RESTARTING`: Restarting. `REMOVING`: Removing.

Returns:

ContainerStatus Container status `RUNNING`: Running. `PAUSED`: Paused. `STOPPED`: Stopped. `CREATED`: Created. `DESTROYED`: Terminated. `RESTARTING`: Restarting. `REMOVING`: Removing.

setContainerStatus

public void setContainerStatus(String ContainerStatus)

Set Container status `RUNNING`: Running. `PAUSED`: Paused. `STOPPED`: Stopped. `CREATED`: Created. `DESTROYED`: Terminated. `RESTARTING`: Restarting. `REMOVING`: Removing.

Parameters:

ContainerStatus - Container status `RUNNING`: Running. `PAUSED`: Paused. `STOPPED`: Stopped. `CREATED`: Created. `DESTROYED`: Terminated. `RESTARTING`: Restarting. `REMOVING`: Removing.

getClusterID

public String getClusterID()

Get Cluster ID

Returns:

ClusterID Cluster ID

setClusterID

public void setClusterID(String ClusterID)

Set Cluster ID

Parameters:

ClusterID - Cluster ID

getNodeType

public String getNodeType()

Get Node type. Values: `NORMAL` (general node), `SUPER` (super node).

Returns:

NodeType Node type. Values: `NORMAL` (general node), `SUPER` (super node).

setNodeType

public void setNodeType(String NodeType)

Set Node type. Values: `NORMAL` (general node), `SUPER` (super node).

Parameters:

NodeType - Node type. Values: `NORMAL` (general node), `SUPER` (super node).

getPodName

public String getPodName()

Get Pod name

Returns:

PodName Pod name

setPodName

public void setPodName(String PodName)

Set Pod name

Parameters:

PodName - Pod name

getPodIP

public String getPodIP()

Get Pod IP

Returns:

PodIP Pod IP

setPodIP

public void setPodIP(String PodIP)

Set Pod IP

Parameters:

PodIP - Pod IP

getNodeUniqueID

public String getNodeUniqueID()

Get Cluster ID

Returns:

NodeUniqueID Cluster ID

setNodeUniqueID

public void setNodeUniqueID(String NodeUniqueID)

Set Cluster ID

Parameters:

NodeUniqueID - Cluster ID

getPublicIP

public String getPublicIP()

Get Node public IP

Returns:

PublicIP Node public IP

setPublicIP

public void setPublicIP(String PublicIP)

Set Node public IP

Parameters:

PublicIP - Node public IP

getNodeName

public String getNodeName()

Get Node name

Returns:

NodeName Node name

setNodeName

public void setNodeName(String NodeName)

Set Node name

Parameters:

NodeName - Node name

getNodeID

public String getNodeID()

Get Node ID

Returns:

NodeID Node ID

setNodeID

public void setNodeID(String NodeID)

Set Node ID

Parameters:

NodeID - Node ID

getHostID

public String getHostID()

Get uuid

Returns:

HostID uuid

setHostID

public void setHostID(String HostID)

Set uuid

Parameters:

HostID - uuid

getHostIP

public String getHostIP()

Get Private IP of the node

Returns:

HostIP Private IP of the node

setHostIP

public void setHostIP(String HostIP)

Set Private IP of the node

Parameters:

HostIP - Private IP of the node

getClusterName

public String getClusterName()

Get Cluster name

Returns:

ClusterName Cluster name

setClusterName

public void setClusterName(String ClusterName)

Set Cluster name

Parameters:

ClusterName - Cluster name

toMap

public void toMap(HashMap<String,String> map,
                  String prefix)

Internal implementation, normal users should not use it.

Specified by:

toMap in class AbstractModel