Skip to content

Latest commit

 

History

History
68 lines (62 loc) · 3.3 KB

DomainNotificationV1.md

File metadata and controls

68 lines (62 loc) · 3.3 KB
Raw

Falcon::DomainNotificationV1

Properties

Name Type Description Notes
actor_slug String
assigned_to_uid String The email of the user who is assigned to this notification [optional]
assigned_to_username String The name of the user who is assigned to this notification [optional]
assigned_to_uuid String The unique ID of the user who is assigned to this notification [optional]
breach_summary DomainMatchedBreachSummaryV1 [optional]
cid String
created_date Time The date when the notification was generated
highlights Array<String> Highlighted content based on the rule that generated the notifications. Highlights are surrounded with a `<cs-highlight>` tag [optional]
id String The ID of the notification
item_author String The author who posted the intelligence item [optional]
item_author_id String The ID of the author who posted the intelligence item [optional]
item_date Time Timestamp when the item is considered to have been created
item_id String ID of the item which matched the rule
item_site String The site where the intelligence item was found [optional]
item_site_id String The ID of the site where the intelligence item was found [optional]
item_type String Type of the item which matched the rule: `post`, `reply`, `botnet_config`, `breach`, etc.
logs Array<SadomainNotificationLog> [optional]
raw_intel_id String ID of the raw intel item that matched the rule
rule_id String The ID of the rule that generated this notification
rule_name String The name of the rule that generated this notification
rule_priority String The priority of the rule that generated this notification
rule_topic String The topic of the rule that generated this notification
source_category String Category of the source that generated the notification [optional]
status String The notification status. This can be one of: `new`, `in-progress`, `closed-false-positive`, `closed-true-positive`.
typosquatting SadomainTyposquattingComponent [optional]
updated_date Time The date when the notification was updated

Example

require 'crimson-falcon'

instance = Falcon::DomainNotificationV1.new(
  actor_slug: null,
  assigned_to_uid: null,
  assigned_to_username: null,
  assigned_to_uuid: null,
  breach_summary: null,
  cid: null,
  created_date: null,
  highlights: null,
  id: null,
  item_author: null,
  item_author_id: null,
  item_date: null,
  item_id: null,
  item_site: null,
  item_site_id: null,
  item_type: null,
  logs: null,
  raw_intel_id: null,
  rule_id: null,
  rule_name: null,
  rule_priority: null,
  rule_topic: null,
  source_category: null,
  status: null,
  typosquatting: null,
  updated_date: null
)