@Generated(value="com.amazonaws:aws-java-sdk-code-generator") public class RuntimeContext extends Object implements Serializable, Cloneable, StructuredPojo
Additional information about the suspicious activity.
Constructor and Description |
---|
RuntimeContext() |
Modifier and Type | Method and Description |
---|---|
RuntimeContext |
clone() |
boolean |
equals(Object obj) |
String |
getAddressFamily()
Represents the communication protocol associated with the address.
|
String |
getCommandLineExample()
Example of the command line involved in the suspicious activity.
|
String |
getFileSystemType()
Represents the type of mounted fileSystem.
|
List<String> |
getFlags()
Represents options that control the behavior of a runtime operation or action.
|
Integer |
getIanaProtocolNumber()
Specifies a particular protocol within the address family.
|
String |
getLdPreloadValue()
The value of the LD_PRELOAD environment variable.
|
String |
getLibraryPath()
The path to the new library that was loaded.
|
List<String> |
getMemoryRegions()
Specifies the Region of a process's address space such as stack and heap.
|
Date |
getModifiedAt()
The timestamp at which the process modified the current process.
|
ProcessDetails |
getModifyingProcess()
Information about the process that modified the current process.
|
String |
getModuleFilePath()
The path to the module loaded into the kernel.
|
String |
getModuleName()
The name of the module loaded into the kernel.
|
String |
getModuleSha256()
The
SHA256 hash of the module. |
String |
getMountSource()
The path on the host that is mounted by the container.
|
String |
getMountTarget()
The path in the container that is mapped to the host directory.
|
String |
getReleaseAgentPath()
The path in the container that modified the release agent file.
|
String |
getRuncBinaryPath()
The path to the leveraged
runc implementation. |
String |
getScriptPath()
The path to the script that was executed.
|
String |
getServiceName()
Name of the security service that has been potentially disabled.
|
String |
getShellHistoryFilePath()
The path to the modified shell history file.
|
String |
getSocketPath()
The path to the docket socket that was accessed.
|
ProcessDetails |
getTargetProcess()
Information about the process that had its memory overwritten by the current process.
|
String |
getThreatFilePath()
The suspicious file path for which the threat intelligence details were found.
|
String |
getToolCategory()
Category that the tool belongs to.
|
String |
getToolName()
Name of the potentially suspicious tool.
|
int |
hashCode() |
void |
marshall(ProtocolMarshaller protocolMarshaller)
Marshalls this structured data using the given
ProtocolMarshaller . |
void |
setAddressFamily(String addressFamily)
Represents the communication protocol associated with the address.
|
void |
setCommandLineExample(String commandLineExample)
Example of the command line involved in the suspicious activity.
|
void |
setFileSystemType(String fileSystemType)
Represents the type of mounted fileSystem.
|
void |
setFlags(Collection<String> flags)
Represents options that control the behavior of a runtime operation or action.
|
void |
setIanaProtocolNumber(Integer ianaProtocolNumber)
Specifies a particular protocol within the address family.
|
void |
setLdPreloadValue(String ldPreloadValue)
The value of the LD_PRELOAD environment variable.
|
void |
setLibraryPath(String libraryPath)
The path to the new library that was loaded.
|
void |
setMemoryRegions(Collection<String> memoryRegions)
Specifies the Region of a process's address space such as stack and heap.
|
void |
setModifiedAt(Date modifiedAt)
The timestamp at which the process modified the current process.
|
void |
setModifyingProcess(ProcessDetails modifyingProcess)
Information about the process that modified the current process.
|
void |
setModuleFilePath(String moduleFilePath)
The path to the module loaded into the kernel.
|
void |
setModuleName(String moduleName)
The name of the module loaded into the kernel.
|
void |
setModuleSha256(String moduleSha256)
The
SHA256 hash of the module. |
void |
setMountSource(String mountSource)
The path on the host that is mounted by the container.
|
void |
setMountTarget(String mountTarget)
The path in the container that is mapped to the host directory.
|
void |
setReleaseAgentPath(String releaseAgentPath)
The path in the container that modified the release agent file.
|
void |
setRuncBinaryPath(String runcBinaryPath)
The path to the leveraged
runc implementation. |
void |
setScriptPath(String scriptPath)
The path to the script that was executed.
|
void |
setServiceName(String serviceName)
Name of the security service that has been potentially disabled.
|
void |
setShellHistoryFilePath(String shellHistoryFilePath)
The path to the modified shell history file.
|
void |
setSocketPath(String socketPath)
The path to the docket socket that was accessed.
|
void |
setTargetProcess(ProcessDetails targetProcess)
Information about the process that had its memory overwritten by the current process.
|
void |
setThreatFilePath(String threatFilePath)
The suspicious file path for which the threat intelligence details were found.
|
void |
setToolCategory(String toolCategory)
Category that the tool belongs to.
|
void |
setToolName(String toolName)
Name of the potentially suspicious tool.
|
String |
toString()
Returns a string representation of this object.
|
RuntimeContext |
withAddressFamily(String addressFamily)
Represents the communication protocol associated with the address.
|
RuntimeContext |
withCommandLineExample(String commandLineExample)
Example of the command line involved in the suspicious activity.
|
RuntimeContext |
withFileSystemType(String fileSystemType)
Represents the type of mounted fileSystem.
|
RuntimeContext |
withFlags(Collection<String> flags)
Represents options that control the behavior of a runtime operation or action.
|
RuntimeContext |
withFlags(String... flags)
Represents options that control the behavior of a runtime operation or action.
|
RuntimeContext |
withIanaProtocolNumber(Integer ianaProtocolNumber)
Specifies a particular protocol within the address family.
|
RuntimeContext |
withLdPreloadValue(String ldPreloadValue)
The value of the LD_PRELOAD environment variable.
|
RuntimeContext |
withLibraryPath(String libraryPath)
The path to the new library that was loaded.
|
RuntimeContext |
withMemoryRegions(Collection<String> memoryRegions)
Specifies the Region of a process's address space such as stack and heap.
|
RuntimeContext |
withMemoryRegions(String... memoryRegions)
Specifies the Region of a process's address space such as stack and heap.
|
RuntimeContext |
withModifiedAt(Date modifiedAt)
The timestamp at which the process modified the current process.
|
RuntimeContext |
withModifyingProcess(ProcessDetails modifyingProcess)
Information about the process that modified the current process.
|
RuntimeContext |
withModuleFilePath(String moduleFilePath)
The path to the module loaded into the kernel.
|
RuntimeContext |
withModuleName(String moduleName)
The name of the module loaded into the kernel.
|
RuntimeContext |
withModuleSha256(String moduleSha256)
The
SHA256 hash of the module. |
RuntimeContext |
withMountSource(String mountSource)
The path on the host that is mounted by the container.
|
RuntimeContext |
withMountTarget(String mountTarget)
The path in the container that is mapped to the host directory.
|
RuntimeContext |
withReleaseAgentPath(String releaseAgentPath)
The path in the container that modified the release agent file.
|
RuntimeContext |
withRuncBinaryPath(String runcBinaryPath)
The path to the leveraged
runc implementation. |
RuntimeContext |
withScriptPath(String scriptPath)
The path to the script that was executed.
|
RuntimeContext |
withServiceName(String serviceName)
Name of the security service that has been potentially disabled.
|
RuntimeContext |
withShellHistoryFilePath(String shellHistoryFilePath)
The path to the modified shell history file.
|
RuntimeContext |
withSocketPath(String socketPath)
The path to the docket socket that was accessed.
|
RuntimeContext |
withTargetProcess(ProcessDetails targetProcess)
Information about the process that had its memory overwritten by the current process.
|
RuntimeContext |
withThreatFilePath(String threatFilePath)
The suspicious file path for which the threat intelligence details were found.
|
RuntimeContext |
withToolCategory(String toolCategory)
Category that the tool belongs to.
|
RuntimeContext |
withToolName(String toolName)
Name of the potentially suspicious tool.
|
public void setModifyingProcess(ProcessDetails modifyingProcess)
Information about the process that modified the current process. This is available for multiple finding types.
modifyingProcess
- Information about the process that modified the current process. This is available for multiple finding
types.public ProcessDetails getModifyingProcess()
Information about the process that modified the current process. This is available for multiple finding types.
public RuntimeContext withModifyingProcess(ProcessDetails modifyingProcess)
Information about the process that modified the current process. This is available for multiple finding types.
modifyingProcess
- Information about the process that modified the current process. This is available for multiple finding
types.public void setModifiedAt(Date modifiedAt)
The timestamp at which the process modified the current process. The timestamp is in UTC date string format.
modifiedAt
- The timestamp at which the process modified the current process. The timestamp is in UTC date string
format.public Date getModifiedAt()
The timestamp at which the process modified the current process. The timestamp is in UTC date string format.
public RuntimeContext withModifiedAt(Date modifiedAt)
The timestamp at which the process modified the current process. The timestamp is in UTC date string format.
modifiedAt
- The timestamp at which the process modified the current process. The timestamp is in UTC date string
format.public void setScriptPath(String scriptPath)
The path to the script that was executed.
scriptPath
- The path to the script that was executed.public String getScriptPath()
The path to the script that was executed.
public RuntimeContext withScriptPath(String scriptPath)
The path to the script that was executed.
scriptPath
- The path to the script that was executed.public void setLibraryPath(String libraryPath)
The path to the new library that was loaded.
libraryPath
- The path to the new library that was loaded.public String getLibraryPath()
The path to the new library that was loaded.
public RuntimeContext withLibraryPath(String libraryPath)
The path to the new library that was loaded.
libraryPath
- The path to the new library that was loaded.public void setLdPreloadValue(String ldPreloadValue)
The value of the LD_PRELOAD environment variable.
ldPreloadValue
- The value of the LD_PRELOAD environment variable.public String getLdPreloadValue()
The value of the LD_PRELOAD environment variable.
public RuntimeContext withLdPreloadValue(String ldPreloadValue)
The value of the LD_PRELOAD environment variable.
ldPreloadValue
- The value of the LD_PRELOAD environment variable.public void setSocketPath(String socketPath)
The path to the docket socket that was accessed.
socketPath
- The path to the docket socket that was accessed.public String getSocketPath()
The path to the docket socket that was accessed.
public RuntimeContext withSocketPath(String socketPath)
The path to the docket socket that was accessed.
socketPath
- The path to the docket socket that was accessed.public void setRuncBinaryPath(String runcBinaryPath)
The path to the leveraged runc
implementation.
runcBinaryPath
- The path to the leveraged runc
implementation.public String getRuncBinaryPath()
The path to the leveraged runc
implementation.
runc
implementation.public RuntimeContext withRuncBinaryPath(String runcBinaryPath)
The path to the leveraged runc
implementation.
runcBinaryPath
- The path to the leveraged runc
implementation.public void setReleaseAgentPath(String releaseAgentPath)
The path in the container that modified the release agent file.
releaseAgentPath
- The path in the container that modified the release agent file.public String getReleaseAgentPath()
The path in the container that modified the release agent file.
public RuntimeContext withReleaseAgentPath(String releaseAgentPath)
The path in the container that modified the release agent file.
releaseAgentPath
- The path in the container that modified the release agent file.public void setMountSource(String mountSource)
The path on the host that is mounted by the container.
mountSource
- The path on the host that is mounted by the container.public String getMountSource()
The path on the host that is mounted by the container.
public RuntimeContext withMountSource(String mountSource)
The path on the host that is mounted by the container.
mountSource
- The path on the host that is mounted by the container.public void setMountTarget(String mountTarget)
The path in the container that is mapped to the host directory.
mountTarget
- The path in the container that is mapped to the host directory.public String getMountTarget()
The path in the container that is mapped to the host directory.
public RuntimeContext withMountTarget(String mountTarget)
The path in the container that is mapped to the host directory.
mountTarget
- The path in the container that is mapped to the host directory.public void setFileSystemType(String fileSystemType)
Represents the type of mounted fileSystem.
fileSystemType
- Represents the type of mounted fileSystem.public String getFileSystemType()
Represents the type of mounted fileSystem.
public RuntimeContext withFileSystemType(String fileSystemType)
Represents the type of mounted fileSystem.
fileSystemType
- Represents the type of mounted fileSystem.public List<String> getFlags()
Represents options that control the behavior of a runtime operation or action. For example, a filesystem mount operation may contain a read-only flag.
public void setFlags(Collection<String> flags)
Represents options that control the behavior of a runtime operation or action. For example, a filesystem mount operation may contain a read-only flag.
flags
- Represents options that control the behavior of a runtime operation or action. For example, a filesystem
mount operation may contain a read-only flag.public RuntimeContext withFlags(String... flags)
Represents options that control the behavior of a runtime operation or action. For example, a filesystem mount operation may contain a read-only flag.
NOTE: This method appends the values to the existing list (if any). Use
setFlags(java.util.Collection)
or withFlags(java.util.Collection)
if you want to override the
existing values.
flags
- Represents options that control the behavior of a runtime operation or action. For example, a filesystem
mount operation may contain a read-only flag.public RuntimeContext withFlags(Collection<String> flags)
Represents options that control the behavior of a runtime operation or action. For example, a filesystem mount operation may contain a read-only flag.
flags
- Represents options that control the behavior of a runtime operation or action. For example, a filesystem
mount operation may contain a read-only flag.public void setModuleName(String moduleName)
The name of the module loaded into the kernel.
moduleName
- The name of the module loaded into the kernel.public String getModuleName()
The name of the module loaded into the kernel.
public RuntimeContext withModuleName(String moduleName)
The name of the module loaded into the kernel.
moduleName
- The name of the module loaded into the kernel.public void setModuleFilePath(String moduleFilePath)
The path to the module loaded into the kernel.
moduleFilePath
- The path to the module loaded into the kernel.public String getModuleFilePath()
The path to the module loaded into the kernel.
public RuntimeContext withModuleFilePath(String moduleFilePath)
The path to the module loaded into the kernel.
moduleFilePath
- The path to the module loaded into the kernel.public void setModuleSha256(String moduleSha256)
The SHA256
hash of the module.
moduleSha256
- The SHA256
hash of the module.public String getModuleSha256()
The SHA256
hash of the module.
SHA256
hash of the module.public RuntimeContext withModuleSha256(String moduleSha256)
The SHA256
hash of the module.
moduleSha256
- The SHA256
hash of the module.public void setShellHistoryFilePath(String shellHistoryFilePath)
The path to the modified shell history file.
shellHistoryFilePath
- The path to the modified shell history file.public String getShellHistoryFilePath()
The path to the modified shell history file.
public RuntimeContext withShellHistoryFilePath(String shellHistoryFilePath)
The path to the modified shell history file.
shellHistoryFilePath
- The path to the modified shell history file.public void setTargetProcess(ProcessDetails targetProcess)
Information about the process that had its memory overwritten by the current process.
targetProcess
- Information about the process that had its memory overwritten by the current process.public ProcessDetails getTargetProcess()
Information about the process that had its memory overwritten by the current process.
public RuntimeContext withTargetProcess(ProcessDetails targetProcess)
Information about the process that had its memory overwritten by the current process.
targetProcess
- Information about the process that had its memory overwritten by the current process.public void setAddressFamily(String addressFamily)
Represents the communication protocol associated with the address. For example, the address family
AF_INET
is used for IP version of 4 protocol.
addressFamily
- Represents the communication protocol associated with the address. For example, the address family
AF_INET
is used for IP version of 4 protocol.public String getAddressFamily()
Represents the communication protocol associated with the address. For example, the address family
AF_INET
is used for IP version of 4 protocol.
AF_INET
is used for IP version of 4 protocol.public RuntimeContext withAddressFamily(String addressFamily)
Represents the communication protocol associated with the address. For example, the address family
AF_INET
is used for IP version of 4 protocol.
addressFamily
- Represents the communication protocol associated with the address. For example, the address family
AF_INET
is used for IP version of 4 protocol.public void setIanaProtocolNumber(Integer ianaProtocolNumber)
Specifies a particular protocol within the address family. Usually there is a single protocol in address
families. For example, the address family AF_INET
only has the IP protocol.
ianaProtocolNumber
- Specifies a particular protocol within the address family. Usually there is a single protocol in address
families. For example, the address family AF_INET
only has the IP protocol.public Integer getIanaProtocolNumber()
Specifies a particular protocol within the address family. Usually there is a single protocol in address
families. For example, the address family AF_INET
only has the IP protocol.
AF_INET
only has the IP protocol.public RuntimeContext withIanaProtocolNumber(Integer ianaProtocolNumber)
Specifies a particular protocol within the address family. Usually there is a single protocol in address
families. For example, the address family AF_INET
only has the IP protocol.
ianaProtocolNumber
- Specifies a particular protocol within the address family. Usually there is a single protocol in address
families. For example, the address family AF_INET
only has the IP protocol.public List<String> getMemoryRegions()
Specifies the Region of a process's address space such as stack and heap.
public void setMemoryRegions(Collection<String> memoryRegions)
Specifies the Region of a process's address space such as stack and heap.
memoryRegions
- Specifies the Region of a process's address space such as stack and heap.public RuntimeContext withMemoryRegions(String... memoryRegions)
Specifies the Region of a process's address space such as stack and heap.
NOTE: This method appends the values to the existing list (if any). Use
setMemoryRegions(java.util.Collection)
or withMemoryRegions(java.util.Collection)
if you want
to override the existing values.
memoryRegions
- Specifies the Region of a process's address space such as stack and heap.public RuntimeContext withMemoryRegions(Collection<String> memoryRegions)
Specifies the Region of a process's address space such as stack and heap.
memoryRegions
- Specifies the Region of a process's address space such as stack and heap.public void setToolName(String toolName)
Name of the potentially suspicious tool.
toolName
- Name of the potentially suspicious tool.public String getToolName()
Name of the potentially suspicious tool.
public RuntimeContext withToolName(String toolName)
Name of the potentially suspicious tool.
toolName
- Name of the potentially suspicious tool.public void setToolCategory(String toolCategory)
Category that the tool belongs to. Some of the examples are Backdoor Tool, Pentest Tool, Network Scanner, and Network Sniffer.
toolCategory
- Category that the tool belongs to. Some of the examples are Backdoor Tool, Pentest Tool, Network Scanner,
and Network Sniffer.public String getToolCategory()
Category that the tool belongs to. Some of the examples are Backdoor Tool, Pentest Tool, Network Scanner, and Network Sniffer.
public RuntimeContext withToolCategory(String toolCategory)
Category that the tool belongs to. Some of the examples are Backdoor Tool, Pentest Tool, Network Scanner, and Network Sniffer.
toolCategory
- Category that the tool belongs to. Some of the examples are Backdoor Tool, Pentest Tool, Network Scanner,
and Network Sniffer.public void setServiceName(String serviceName)
Name of the security service that has been potentially disabled.
serviceName
- Name of the security service that has been potentially disabled.public String getServiceName()
Name of the security service that has been potentially disabled.
public RuntimeContext withServiceName(String serviceName)
Name of the security service that has been potentially disabled.
serviceName
- Name of the security service that has been potentially disabled.public void setCommandLineExample(String commandLineExample)
Example of the command line involved in the suspicious activity.
commandLineExample
- Example of the command line involved in the suspicious activity.public String getCommandLineExample()
Example of the command line involved in the suspicious activity.
public RuntimeContext withCommandLineExample(String commandLineExample)
Example of the command line involved in the suspicious activity.
commandLineExample
- Example of the command line involved in the suspicious activity.public void setThreatFilePath(String threatFilePath)
The suspicious file path for which the threat intelligence details were found.
threatFilePath
- The suspicious file path for which the threat intelligence details were found.public String getThreatFilePath()
The suspicious file path for which the threat intelligence details were found.
public RuntimeContext withThreatFilePath(String threatFilePath)
The suspicious file path for which the threat intelligence details were found.
threatFilePath
- The suspicious file path for which the threat intelligence details were found.public String toString()
toString
in class Object
Object.toString()
public RuntimeContext clone()
public void marshall(ProtocolMarshaller protocolMarshaller)
StructuredPojo
ProtocolMarshaller
.marshall
in interface StructuredPojo
protocolMarshaller
- Implementation of ProtocolMarshaller
used to marshall this object's data.