Class: DatadogAPIClient::V2::ThreatHuntingJobOptions

Inherits:

Object

• Object
• DatadogAPIClient::V2::ThreatHuntingJobOptions

Includes:

BaseGenericModel

Defined in:

lib/datadog_api_client/v2/models/threat_hunting_job_options.rb

Overview

Job options.

Instance Attribute Summary

• #additional_properties ⇒ Object

  Returns the value of attribute additional_properties.

• #anomaly_detection_options ⇒ Object

  Options on anomaly detection method.

• #detection_method ⇒ Object

  The detection method.

• #evaluation_window ⇒ Object

  A time window is specified to match when at least one of the cases matches true.

• #impossible_travel_options ⇒ Object

  Options on impossible travel detection method.

• #keep_alive ⇒ Object

  Once a signal is generated, the signal will remain "open" if a case is matched at least once within this keep alive window.

• #max_signal_duration ⇒ Object

  A signal will "close" regardless of the query being matched once the time exceeds the maximum duration.

• #new_value_options ⇒ Object

  Options on new value detection method.

• #sequence_detection_options ⇒ Object

  Options on sequence detection method.

• #third_party_rule_options ⇒ Object

  Options on third party detection method.

Method Summary

Methods included from BaseGenericModel

included

Instance Attribute Details

#additional_properties ⇒ Object

Returns the value of attribute additional_properties.

# File 'lib/datadog_api_client/v2/models/threat_hunting_job_options.rb', line 54

def additional_properties
  @additional_properties
end

#anomaly_detection_options ⇒ Object

Options on anomaly detection method.

# File 'lib/datadog_api_client/v2/models/threat_hunting_job_options.rb', line 25

def anomaly_detection_options
  @anomaly_detection_options
end

#detection_method ⇒ Object

The detection method.

# File 'lib/datadog_api_client/v2/models/threat_hunting_job_options.rb', line 28

def detection_method
  @detection_method
end

#evaluation_window ⇒ Object

A time window is specified to match when at least one of the cases matches true. This is a sliding window and evaluates in real time. For third party detection method, this field is not used.

# File 'lib/datadog_api_client/v2/models/threat_hunting_job_options.rb', line 32

def evaluation_window
  @evaluation_window
end

#impossible_travel_options ⇒ Object

Options on impossible travel detection method.

# File 'lib/datadog_api_client/v2/models/threat_hunting_job_options.rb', line 35

def impossible_travel_options
  @impossible_travel_options
end

#keep_alive ⇒ Object

Once a signal is generated, the signal will remain "open" if a case is matched at least once within this keep alive window. For third party detection method, this field is not used.

# File 'lib/datadog_api_client/v2/models/threat_hunting_job_options.rb', line 39

def keep_alive
  @keep_alive
end

#max_signal_duration ⇒ Object

A signal will "close" regardless of the query being matched once the time exceeds the maximum duration. This time is calculated from the first seen timestamp.

# File 'lib/datadog_api_client/v2/models/threat_hunting_job_options.rb', line 43

def max_signal_duration
  @max_signal_duration
end

#new_value_options ⇒ Object

Options on new value detection method.

# File 'lib/datadog_api_client/v2/models/threat_hunting_job_options.rb', line 46

def new_value_options
  @new_value_options
end

#sequence_detection_options ⇒ Object

Options on sequence detection method.

# File 'lib/datadog_api_client/v2/models/threat_hunting_job_options.rb', line 49

def sequence_detection_options
  @sequence_detection_options
end

#third_party_rule_options ⇒ Object

Options on third party detection method.

# File 'lib/datadog_api_client/v2/models/threat_hunting_job_options.rb', line 52

def third_party_rule_options
  @third_party_rule_options
end