OBJECT

Rule

Threat detection rule

link GraphQL Schema definition

  • type Rule {
  • # Sid of rule (uint32)
  • sid: Float!
  • # Rev of rule (uint32)
  • rev: Float!
  • # Protocol
  • protocol: String!
  • # Source IPs
  • srcIps: String!
  • # Source port
  • srcPorts: String!
  • # Destination IPs
  • dstIps: String!
  • # Destination ports
  • dstPorts: String!
  • # Is rule bidirectional or not
  • bidirectional: Boolean!
  • # Rule message
  • msg: String!
  • # Rule 'classtype' property
  • classification: String
  • # Rule source file
  • category: String!
  • # Rule 'metadata.createdAt' property
  • createdAt: Time
  • # Rule 'metadata.updatedAt' property
  • updatedAt: Time
  • # Is enabled
  • enabled: Boolean!
  • # All payload properties
  • payload: String!
  • # References
  • references: [Reference!]!
  • # References by type
  • referencesByType: ReferenceByType
  • }

link Require by