Documentation
¶
Overview ¶
Package threatconnect represents a collection of related behavior and/or intelligence.
Package threatconnect represents a collection of related behavior and/or intelligence.
Groups represent a collection of related behavior and/or intelligence.
Groups represent a collection of related behavior and/or intelligence.
Documents represent a collection of related behavior and/or intelligence.
Groups represent a collection of related behavior and/or intelligence.
Retrieving Available Associations Available associations can be viewed with the Associations Resource
Groups represent a collection of related behavior and/or intelligence.
Groups represent a collection of related behavior and/or intelligence.
Indicators represent a collection of related behavior and/or intelligence.
Everything in the ThreatConnect platform exists within an Owner. Think of the owner as the bucket or location in which data exists.
Groups represent a collection of related behavior and/or intelligence.
Tags add metadata, or keywords, to intelligence data. They also provide a way to quickly identify or follow associated activities of a particular interest across the entire ThreatConnect platform.
Groups represent a collection of related behavior and/or intelligence.
AssociationTypes represent a collection of related behavior and/or intelligence.
Shows your user information
Index ¶
- func NewPaginator(resource *Resourcer) *paginator
- func PrettyPrintJson(data io.ReadCloser)
- func ResourceError(msg string, response *http.Response, rerr error) error
- type Adversary
- type AdversaryResource
- func (r *AdversaryResource) Assets() *AssetResource
- func (r *AdversaryResource) Attributes(id ...int) *AttributesResource
- func (r *AdversaryResource) Create(g *Adversary) (Adversary, error)
- func (r *AdversaryResource) Groups() *AssociatedGroupResource
- func (r *AdversaryResource) Id(id int) *AdversaryResource
- func (r *AdversaryResource) Retrieve() ([]Adversary, error)
- func (r *AdversaryResource) SecurityLabels(name ...string) *SecurityLabelsResource
- func (r *AdversaryResource) Update(g *Adversary) (Adversary, error)
- type AdversaryResponseDetail
- type AdversaryResponseList
- type Asset
- type AssetResource
- type AssetResponseList
- type AssociatedAdversaryResource
- type AssociatedCampaignResource
- type AssociatedDocumentResource
- type AssociatedEmailResource
- type AssociatedGroupResource
- func (r *AssociatedGroupResource) Adversaries(id ...int) *AssociatedAdversaryResource
- func (r *AssociatedGroupResource) Campaigns(id ...int) *AssociatedCampaignResource
- func (r *AssociatedGroupResource) Documents(id ...int) *AssociatedDocumentResource
- func (r *AssociatedGroupResource) Emails(id ...int) *AssociatedEmailResource
- func (r *AssociatedGroupResource) Incidents(id ...int) *AssociatedIncidentsResource
- func (r *AssociatedGroupResource) Retrieve() ([]Group, error)
- func (r *AssociatedGroupResource) Signatures(id ...int) *AssociatedSignaturesResource
- func (r *AssociatedGroupResource) Threats(id ...int) *AssociatedThreatsResource
- type AssociatedGroupTypesResource
- type AssociatedIncidentsResource
- type AssociatedIndicatorResource
- func (r *AssociatedIndicatorResource) Adversaries(id ...int) *AssociatedAdversaryResource
- func (r *AssociatedIndicatorResource) Campaigns(id ...int) *AssociatedCampaignResource
- func (r *AssociatedIndicatorResource) Documents(id ...int) *AssociatedDocumentResource
- func (r *AssociatedIndicatorResource) Emails(id ...int) *AssociatedEmailResource
- func (r *AssociatedIndicatorResource) Incidents(id ...int) *AssociatedIncidentsResource
- func (r *AssociatedIndicatorResource) Retrieve() ([]Indicator, error)
- func (r *AssociatedIndicatorResource) Signatures(id ...int) *AssociatedSignaturesResource
- func (r *AssociatedIndicatorResource) Threats(id ...int) *AssociatedThreatsResource
- type AssociatedIndicatorTypesResource
- type AssociatedResource
- type AssociatedResourceResponse
- type AssociatedSignaturesResource
- type AssociatedThreatsResource
- type AssociationType
- type AssociationTypeResponseList
- type Attribute
- type AttributeResponseDetail
- type AttributesResource
- type AttributesResponseList
- type Campaign
- type CampaignResource
- func (r *CampaignResource) Attributes(id ...int) *AttributesResource
- func (r *CampaignResource) Create(g *Campaign) (Campaign, error)
- func (r *CampaignResource) Id(id int) *CampaignResource
- func (r *CampaignResource) Retrieve() ([]Campaign, error)
- func (r *CampaignResource) SecurityLabels(name ...string) *SecurityLabelsResource
- func (r *CampaignResource) Update(g *Campaign) (Campaign, error)
- type CampaignResponseDetail
- type CampaignResponseList
- type DeleteResponse
- type Document
- type DocumentResource
- func (r *DocumentResource) Attributes(id ...int) *AttributesResource
- func (r *DocumentResource) Create(g *Document) (Document, error)
- func (r *DocumentResource) Id(id int) *DocumentResource
- func (r *DocumentResource) Retrieve() ([]Document, error)
- func (r *DocumentResource) Update(g *Document) (Document, error)
- type DocumentResponseDetail
- type DocumentResponseList
- type Email
- type EmailResource
- type EmailResponseDetail
- type EmailResponseList
- type Group
- type GroupResource
- func (r *GroupResource) Adversaries(id ...int) *AdversaryResource
- func (r *GroupResource) Campaigns(id ...int) *CampaignResource
- func (r *GroupResource) Documents(id ...int) *DocumentResource
- func (r *GroupResource) Emails(id ...int) *EmailResource
- func (r *GroupResource) Incidents(id ...int) *IncidentResource
- func (r *GroupResource) Retrieve() ([]Group, error)
- func (r *GroupResource) Signatures(id ...int) *SignatureResource
- func (r *GroupResource) Threats(id ...int) *ThreatResource
- type GroupResponseList
- type HandleResource
- type HandleResponseDetail
- type HandleResponseList
- type Incident
- type IncidentResource
- func (r *IncidentResource) Attributes(id ...int) *AttributesResource
- func (r *IncidentResource) Create(g *Incident) (Incident, error)
- func (r *IncidentResource) Id(id int) *IncidentResource
- func (r *IncidentResource) Retrieve() ([]Incident, error)
- func (r *IncidentResource) Update(g *Incident) (Incident, error)
- type IncidentResponseDetail
- type IncidentResponseList
- type Indicator
- type IndicatorResource
- func (r *IndicatorResource) Adversaries(id ...int) *AdversaryResource
- func (r *IndicatorResource) Campaigns(id ...int) *CampaignResource
- func (r *IndicatorResource) Documents(id ...int) *DocumentResource
- func (r *IndicatorResource) Emails(id ...int) *EmailResource
- func (r *IndicatorResource) Incidents(id ...int) *IncidentResource
- func (r *IndicatorResource) Retrieve() ([]Indicator, error)
- func (r *IndicatorResource) Signatures(id ...int) *SignatureResource
- func (r *IndicatorResource) Threats(id ...int) *ThreatResource
- type IndicatorResponseList
- type MembersResponseList
- type MetricsResponseDetail
- type MetricsResponseList
- type Owner
- type OwnerMetric
- type OwnerResource
- type OwnerResponseDetail
- type OwnerResponseList
- type Paginator
- type PhoneNumberResource
- type PhoneNumberResponseDetail
- type PhoneNumberResponseList
- type QueryParams
- type Resourcer
- type SecurityLabel
- type SecurityLabelsResource
- type SecurityLabelsResponseDetail
- type SecurityLabelsResponseList
- type Signature
- type SignatureResource
- func (r *SignatureResource) Attributes(id ...int) *AttributesResource
- func (r *SignatureResource) Create(g *Signature) (Signature, error)
- func (r *SignatureResource) Id(id int) *SignatureResource
- func (r *SignatureResource) Retrieve() ([]Signature, error)
- func (r *SignatureResource) Update(g *Signature) (Signature, error)
- type SignatureResponseDetail
- type SignatureResponseList
- type TCConfig
- type TCResource
- func (r *TCResource) Base(b string) *TCResource
- func (r *TCResource) Body(b interface{}) *TCResource
- func (r *TCResource) Delete() (*http.Response, error)
- func (r *TCResource) Filter(filters ...string) *TCResource
- func (r *TCResource) Get() (*http.Response, error)
- func (r *TCResource) Method(method string) *TCResource
- func (r *TCResource) Path(paths ...interface{}) *TCResource
- func (r *TCResource) Post(body interface{}) (*http.Response, error)
- func (r *TCResource) Put(body interface{}) (*http.Response, error)
- func (r *TCResource) Remove() (*DeleteResponse, error)
- func (r *TCResource) Request() (*http.Response, error)
- func (r *TCResource) Response(res interface{}) *TCResource
- type TCResponse
- type TagsResource
- type Threat
- type ThreatConnectClient
- func (t *ThreatConnectClient) Authenticate(method, rpath string) *sling.Sling
- func (t *ThreatConnectClient) Groups() *GroupResource
- func (t *ThreatConnectClient) Indicators() *IndicatorResource
- func (t *ThreatConnectClient) Owners(id ...int) *OwnerResource
- func (t *ThreatConnectClient) SecurityLabels(id ...string) *SecurityLabelsResource
- func (t *ThreatConnectClient) Tags(id ...string) *TagsResource
- func (t *ThreatConnectClient) Types() *TypesResource
- func (t *ThreatConnectClient) WhoAmI() (User, error)
- type ThreatResource
- type ThreatResponseDetail
- type ThreatResponseList
- type TypesResource
- type UrlResource
- type UrlResponseDetail
- type UrlResponseList
- type User
- type VictimAssetsResource
- type VictimsResource
- type WhoAmIResource
- type WhoAmIResponseDetail
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewPaginator ¶
func NewPaginator(resource *Resourcer) *paginator
func PrettyPrintJson ¶
func PrettyPrintJson(data io.ReadCloser)
Types ¶
type Adversary ¶
type Adversary struct {
ID int `json:"id,omitempty"`
Name string `json:"name,omitempty"`
OwnerName string `json:"ownerName,omitempty"`
DateAdded string `json:"dateAdded,omitempty"`
WebLink string `json:"webLink,omitempty"`
EventDate string `json:"eventDate,omitempty"`
}
The Adversary Group represents a malicious actor or group of actors.
type AdversaryResource ¶
type AdversaryResource struct {
TCResource
// contains filtered or unexported fields
}
func NewAdversaryResource ¶
func NewAdversaryResource(r TCResource) *AdversaryResource
func (*AdversaryResource) Assets ¶
func (r *AdversaryResource) Assets() *AssetResource
func (*AdversaryResource) Attributes ¶
func (r *AdversaryResource) Attributes(id ...int) *AttributesResource
func (*AdversaryResource) Create ¶
func (r *AdversaryResource) Create(g *Adversary) (Adversary, error)
func (*AdversaryResource) Groups ¶
func (r *AdversaryResource) Groups() *AssociatedGroupResource
func (*AdversaryResource) Id ¶
func (r *AdversaryResource) Id(id int) *AdversaryResource
func (*AdversaryResource) Retrieve ¶
func (r *AdversaryResource) Retrieve() ([]Adversary, error)
func (*AdversaryResource) SecurityLabels ¶
func (r *AdversaryResource) SecurityLabels(name ...string) *SecurityLabelsResource
type AdversaryResponseDetail ¶
type AdversaryResponseList ¶
type Asset ¶
type Asset struct {
ID int `json:"id,omitempty"`
Name string `json:"name,omitempty"`
Type string `json:"type,omitempty"`
WebLink string `json:"webLink,omitempty"`
PhoneNumber string `json:"phoneNumber,omitempty"`
Handle string `json:"handle,omitempty"`
Url string `json:"url,omitempty"`
}
Asset for adversaries
type AssetResource ¶
type AssetResource struct {
TCResource
// contains filtered or unexported fields
}
func NewAssetResourceResource ¶
func NewAssetResourceResource(r TCResource) *AssetResource
func (*AssetResource) Handles ¶
func (r *AssetResource) Handles(id ...int) *HandleResource
func (*AssetResource) PhoneNumbers ¶
func (r *AssetResource) PhoneNumbers(id ...int) *PhoneNumberResource
func (*AssetResource) Retrieve ¶
func (r *AssetResource) Retrieve() ([]Asset, error)
func (*AssetResource) Urls ¶
func (r *AssetResource) Urls(id ...int) *UrlResource
type AssetResponseList ¶
type AssociatedAdversaryResource ¶
type AssociatedAdversaryResource struct {
AssociatedResource
}
func (*AssociatedAdversaryResource) Retrieve ¶
func (r *AssociatedAdversaryResource) Retrieve() ([]Adversary, error)
type AssociatedCampaignResource ¶
type AssociatedCampaignResource struct {
AssociatedResource
}
func (*AssociatedCampaignResource) Retrieve ¶
func (r *AssociatedCampaignResource) Retrieve() ([]Campaign, error)
type AssociatedDocumentResource ¶
type AssociatedDocumentResource struct {
AssociatedResource
}
func (*AssociatedDocumentResource) Retrieve ¶
func (r *AssociatedDocumentResource) Retrieve() ([]Document, error)
type AssociatedEmailResource ¶
type AssociatedEmailResource struct {
AssociatedResource
}
func (*AssociatedEmailResource) Retrieve ¶
func (r *AssociatedEmailResource) Retrieve() ([]Email, error)
type AssociatedGroupResource ¶
type AssociatedGroupResource struct {
AssociatedResource
}
func NewAssociatedGroupResource ¶
func NewAssociatedGroupResource(r TCResource) *AssociatedGroupResource
func (*AssociatedGroupResource) Adversaries ¶
func (r *AssociatedGroupResource) Adversaries(id ...int) *AssociatedAdversaryResource
func (*AssociatedGroupResource) Campaigns ¶
func (r *AssociatedGroupResource) Campaigns(id ...int) *AssociatedCampaignResource
func (*AssociatedGroupResource) Documents ¶
func (r *AssociatedGroupResource) Documents(id ...int) *AssociatedDocumentResource
func (*AssociatedGroupResource) Emails ¶
func (r *AssociatedGroupResource) Emails(id ...int) *AssociatedEmailResource
func (*AssociatedGroupResource) Incidents ¶
func (r *AssociatedGroupResource) Incidents(id ...int) *AssociatedIncidentsResource
func (*AssociatedGroupResource) Retrieve ¶
func (r *AssociatedGroupResource) Retrieve() ([]Group, error)
func (*AssociatedGroupResource) Signatures ¶
func (r *AssociatedGroupResource) Signatures(id ...int) *AssociatedSignaturesResource
func (*AssociatedGroupResource) Threats ¶
func (r *AssociatedGroupResource) Threats(id ...int) *AssociatedThreatsResource
type AssociatedGroupTypesResource ¶
type AssociatedGroupTypesResource struct {
TCResource
}
func NewAssociatedGroupTypes ¶
func NewAssociatedGroupTypes(r TCResource) *AssociatedGroupTypesResource
func (*AssociatedGroupTypesResource) AssociatedId ¶
func (r *AssociatedGroupTypesResource) AssociatedId(id ...string) *AssociatedGroupTypesResource
func (*AssociatedGroupTypesResource) AssociatedType ¶
func (r *AssociatedGroupTypesResource) AssociatedType(gtype ...string) *AssociatedGroupTypesResource
type AssociatedIncidentsResource ¶
type AssociatedIncidentsResource struct {
AssociatedResource
}
func (*AssociatedIncidentsResource) Retrieve ¶
func (r *AssociatedIncidentsResource) Retrieve() ([]Incident, error)
type AssociatedIndicatorResource ¶
type AssociatedIndicatorResource struct {
AssociatedResource
}
func NewAssociatedIndicatorResource ¶
func NewAssociatedIndicatorResource(r TCResource) *AssociatedIndicatorResource
func (*AssociatedIndicatorResource) Adversaries ¶
func (r *AssociatedIndicatorResource) Adversaries(id ...int) *AssociatedAdversaryResource
func (*AssociatedIndicatorResource) Campaigns ¶
func (r *AssociatedIndicatorResource) Campaigns(id ...int) *AssociatedCampaignResource
func (*AssociatedIndicatorResource) Documents ¶
func (r *AssociatedIndicatorResource) Documents(id ...int) *AssociatedDocumentResource
func (*AssociatedIndicatorResource) Emails ¶
func (r *AssociatedIndicatorResource) Emails(id ...int) *AssociatedEmailResource
func (*AssociatedIndicatorResource) Incidents ¶
func (r *AssociatedIndicatorResource) Incidents(id ...int) *AssociatedIncidentsResource
func (*AssociatedIndicatorResource) Retrieve ¶
func (r *AssociatedIndicatorResource) Retrieve() ([]Indicator, error)
func (*AssociatedIndicatorResource) Signatures ¶
func (r *AssociatedIndicatorResource) Signatures(id ...int) *AssociatedSignaturesResource
func (*AssociatedIndicatorResource) Threats ¶
func (r *AssociatedIndicatorResource) Threats(id ...int) *AssociatedThreatsResource
type AssociatedIndicatorTypesResource ¶
type AssociatedIndicatorTypesResource struct {
TCResource
}
func NewAssociatedIndicatorTypes ¶
func NewAssociatedIndicatorTypes(r TCResource) *AssociatedIndicatorTypesResource
func (*AssociatedIndicatorTypesResource) AssociatedId ¶
func (r *AssociatedIndicatorTypesResource) AssociatedId(id ...string) *AssociatedIndicatorTypesResource
func (*AssociatedIndicatorTypesResource) AssociatedType ¶
func (r *AssociatedIndicatorTypesResource) AssociatedType(itype ...string) *AssociatedIndicatorTypesResource
type AssociatedResource ¶
type AssociatedResource struct {
TCResource
ID int
}
func NewAssociatedResource ¶
func NewAssociatedResource(r TCResource) *AssociatedResource
func (*AssociatedResource) Id ¶
func (r *AssociatedResource) Id(id ...int) *AssociatedResource
func (*AssociatedResource) Type ¶
func (r *AssociatedResource) Type(name string) *AssociatedResource
type AssociatedSignaturesResource ¶
type AssociatedSignaturesResource struct {
AssociatedResource
}
func (*AssociatedSignaturesResource) Retrieve ¶
func (r *AssociatedSignaturesResource) Retrieve() ([]Signature, error)
type AssociatedThreatsResource ¶
type AssociatedThreatsResource struct {
AssociatedResource
}
func (*AssociatedThreatsResource) Retrieve ¶
func (r *AssociatedThreatsResource) Retrieve() ([]Threat, error)
type AssociationType ¶
type AssociationTypeResponseList ¶
type AssociationTypeResponseList struct {
Status string `json:"status,omitempty"`
Data struct {
ResultCount int `json:"resultCount,omitempty"`
AssociationType []AssociationType `json:"associationType,omitempty"`
} `json:"data,omitempty"`
Message string `json:"message,omitempty"`
}
type Attribute ¶
type Attribute struct {
ID int `json:"id,omitempty"`
Name string `json:"name,omitempty"`
Type string `json:"type,omitempty"`
Value string `json:"value,omitempty"`
DateAdded string `json:"dateAdded,omitempty"`
Displayed bool `json:"displayed,omitempty"`
LastModified string `json:"lastModified,omitempty"`
}
type AttributeResponseDetail ¶
type AttributesResource ¶
type AttributesResource struct {
TCResource
// contains filtered or unexported fields
}
func NewAttributesResource ¶
func NewAttributesResource(r TCResource) *AttributesResource
func (*AttributesResource) Create ¶
func (r *AttributesResource) Create(g *Attribute) (Attribute, error)
func (*AttributesResource) Id ¶
func (r *AttributesResource) Id(id int) *AttributesResource
func (*AttributesResource) Retrieve ¶
func (r *AttributesResource) Retrieve() ([]Attribute, error)
type AttributesResponseList ¶
type Campaign ¶
type Campaign struct {
Id int `json:"id,omitempty"`
Name string `json:"name,omitempty"`
OwnerName string `json:"ownerName,omitempty"`
DateAdded string `json:"dateAdded,omitempty"`
WebLink string `json:"webLink,omitempty"`
EventDate string `json:"eventDate,omitempty"`
// Campaign specific properties
FirstSeen string `json:"firstSeen,omitempty"`
}
type CampaignResource ¶
type CampaignResource struct {
TCResource
// contains filtered or unexported fields
}
func NewCampaignResource ¶
func NewCampaignResource(r TCResource) *CampaignResource
func (*CampaignResource) Attributes ¶
func (r *CampaignResource) Attributes(id ...int) *AttributesResource
func (*CampaignResource) Id ¶
func (r *CampaignResource) Id(id int) *CampaignResource
func (*CampaignResource) Retrieve ¶
func (r *CampaignResource) Retrieve() ([]Campaign, error)
func (*CampaignResource) SecurityLabels ¶
func (r *CampaignResource) SecurityLabels(name ...string) *SecurityLabelsResource
type CampaignResponseDetail ¶
type CampaignResponseList ¶
type DeleteResponse ¶
type Document ¶
type Document struct {
Id int `json:"id,omitempty"`
Name string `json:"name,omitempty"`
OwnerName string `json:"ownerName,omitempty"`
DateAdded string `json:"dateAdded,omitempty"`
WebLink string `json:"webLink,omitempty"`
EventDate string `json:"eventDate,omitempty"`
// Document specific properties
FileName string `json:"fileName,omitempty"`
Malware bool `json:"malware,omitempty"`
Password string `json:"password,omitempty"`
}
type DocumentResource ¶
type DocumentResource struct {
TCResource
// contains filtered or unexported fields
}
func NewDocumentResource ¶
func NewDocumentResource(r TCResource) *DocumentResource
func (*DocumentResource) Attributes ¶
func (r *DocumentResource) Attributes(id ...int) *AttributesResource
func (*DocumentResource) Id ¶
func (r *DocumentResource) Id(id int) *DocumentResource
func (*DocumentResource) Retrieve ¶
func (r *DocumentResource) Retrieve() ([]Document, error)
type DocumentResponseDetail ¶
type DocumentResponseList ¶
type Email ¶
type Email struct {
Id int `json:"id,omitempty"`
Name string `json:"name,omitempty"`
OwnerName string `json:"ownerName,omitempty"`
DateAdded string `json:"dateAdded,omitempty"`
WebLink string `json:"webLink,omitempty"`
EventDate string `json:"eventDate,omitempty"`
// Email specific properties
To string `json:"to,omitempty"`
From string `json:"from,omitempty"`
Subject string `json:"subject,omitempty"`
Header string `json:"header,omitempty"`
Body string `json:"body,omitempty"`
}
type EmailResource ¶
type EmailResource struct {
TCResource
// contains filtered or unexported fields
}
func NewEmailResource ¶
func NewEmailResource(r TCResource) *EmailResource
func (*EmailResource) Attributes ¶
func (r *EmailResource) Attributes(id ...int) *AttributesResource
func (*EmailResource) Id ¶
func (r *EmailResource) Id(id int) *EmailResource
func (*EmailResource) Retrieve ¶
func (r *EmailResource) Retrieve() ([]Email, error)
type EmailResponseDetail ¶
type EmailResponseList ¶
type GroupResource ¶
type GroupResource struct {
TCResource
}
func NewGroupResource ¶
func NewGroupResource(r TCResource) *GroupResource
func (*GroupResource) Adversaries ¶
func (r *GroupResource) Adversaries(id ...int) *AdversaryResource
func (*GroupResource) Campaigns ¶
func (r *GroupResource) Campaigns(id ...int) *CampaignResource
func (*GroupResource) Documents ¶
func (r *GroupResource) Documents(id ...int) *DocumentResource
func (*GroupResource) Emails ¶
func (r *GroupResource) Emails(id ...int) *EmailResource
func (*GroupResource) Incidents ¶
func (r *GroupResource) Incidents(id ...int) *IncidentResource
func (*GroupResource) Retrieve ¶
func (r *GroupResource) Retrieve() ([]Group, error)
func (*GroupResource) Signatures ¶
func (r *GroupResource) Signatures(id ...int) *SignatureResource
func (*GroupResource) Threats ¶
func (r *GroupResource) Threats(id ...int) *ThreatResource
type GroupResponseList ¶
type HandleResource ¶
type HandleResource struct {
TCResource
// contains filtered or unexported fields
}
func NewHandleResource ¶
func NewHandleResource(r TCResource) *HandleResource
func (*HandleResource) Id ¶
func (r *HandleResource) Id(id int) *HandleResource
func (*HandleResource) Retrieve ¶
func (r *HandleResource) Retrieve() ([]Asset, error)
type HandleResponseDetail ¶
type HandleResponseList ¶
type Incident ¶
type Incident struct {
Id int `json:"id,omitempty"`
Name string `json:"name,omitempty"`
OwnerName string `json:"ownerName,omitempty"`
DateAdded string `json:"dateAdded,omitempty"`
WebLink string `json:"webLink,omitempty"`
EventDate string `json:"eventDate,omitempty"`
Owner Owner `json:"owner,omitempty"`
// Incident specific properties
Status string `json:"status,omitempty"`
}
The valid values for an Incident’s status are:
New Open Stalled Containment Achieved Restoration Achieved Incident Reported Closed Rejected Deleted
type IncidentResource ¶
type IncidentResource struct {
TCResource
// contains filtered or unexported fields
}
func NewIncidentResource ¶
func NewIncidentResource(r TCResource) *IncidentResource
func (*IncidentResource) Attributes ¶
func (r *IncidentResource) Attributes(id ...int) *AttributesResource
func (*IncidentResource) Id ¶
func (r *IncidentResource) Id(id int) *IncidentResource
func (*IncidentResource) Retrieve ¶
func (r *IncidentResource) Retrieve() ([]Incident, error)
type IncidentResponseDetail ¶
type IncidentResponseList ¶
type Indicator ¶
type Indicator struct {
ID int `json:"id,omitempty"`
OwnerName string `json:"ownerName,omitempty"`
Type string `json:"type,omitempty"`
DateAdded string `json:"dateAdded,omitempty"`
LastModified string `json:"lastModified,omitempty"`
Rating int `json:"rating,omitempty"`
Confidence int `json:"confidence,omitempty"`
ThreatAssessRating int `json:"threatAssessRating,omitempty"`
ThreatAssessConfidence int `json:"threatAssessConfidence,omitempty"`
WebLink string `json:"webLink,omitempty"`
Summary string `json:"summary,omitempty"`
}
type IndicatorResource ¶
type IndicatorResource struct {
TCResource
}
func NewIndicatorResource ¶
func NewIndicatorResource(r TCResource) *IndicatorResource
func (*IndicatorResource) Adversaries ¶
func (r *IndicatorResource) Adversaries(id ...int) *AdversaryResource
func (*IndicatorResource) Campaigns ¶
func (r *IndicatorResource) Campaigns(id ...int) *CampaignResource
func (*IndicatorResource) Documents ¶
func (r *IndicatorResource) Documents(id ...int) *DocumentResource
func (*IndicatorResource) Emails ¶
func (r *IndicatorResource) Emails(id ...int) *EmailResource
func (*IndicatorResource) Incidents ¶
func (r *IndicatorResource) Incidents(id ...int) *IncidentResource
func (*IndicatorResource) Retrieve ¶
func (r *IndicatorResource) Retrieve() ([]Indicator, error)
func (*IndicatorResource) Signatures ¶
func (r *IndicatorResource) Signatures(id ...int) *SignatureResource
func (*IndicatorResource) Threats ¶
func (r *IndicatorResource) Threats(id ...int) *ThreatResource
type IndicatorResponseList ¶
type MembersResponseList ¶
type MetricsResponseDetail ¶
type MetricsResponseDetail struct {
Status string `json:"status,omitempty"`
Data struct {
ResultCount int `json:"resultCount,omitempty"`
Metrics OwnerMetric `json:"ownerMetric,omitempty"`
} `json:"data,omitempty"`
Message string `json:"message,omitempty"`
}
type MetricsResponseList ¶
type MetricsResponseList struct {
Status string `json:"status,omitempty"`
Data struct {
ResultCount int `json:"resultCount,omitempty"`
Metrics []OwnerMetric `json:"ownerMetric,omitempty"`
} `json:"data,omitempty"`
Message string `json:"message,omitempty"`
}
type OwnerMetric ¶
type OwnerMetric struct {
MetricDate string `json:"metricDate,omitempty"`
TotalIndicator int `json:"totalIndicator,omitempty"`
TotalHost int `json:"totalHost,omitempty"`
TotalAddress int `json:"totalAddress,omitempty"`
TotalEmailAddress int `json:"totalEmailAddress,omitempty"`
TotalFile int `json:"totalFile,omitempty"`
TotalUrl int `json:"totalUrl,omitempty"`
TotalGroup int `json:"totalGroup,omitempty"`
TotalThreat int `json:"totalThreat,omitempty"`
TotalIncident int `json:"totalIncident,omitempty"`
TotalEmail int `json:"totalEmail,omitempty"`
TotalCampaign int `json:"totalCampaign,omitempty"`
TotalAdversary int `json:"totalAdversary,omitempty"`
TotalSignature int `json:"totalSignature,omitempty"`
TotalTask int `json:"totalTask,omitempty"`
TotalDocument int `json:"totalDocument,omitempty"`
TotalTag int `json:"totalTag,omitempty"`
TotalTrack int `json:"totalTrack,omitempty"`
TotalResult int `json:"totalResult,omitempty"`
TotalIndicatorAttribute int `json:"totalIndicatorAttribute,omitempty"`
TotalGroupAttribute int `json:"totalGroupAttribute,omitempty"`
AverageIndicatorRating float32 `json:"averageIndicatorRating,omitempty"`
AverageIndicatorConfidence float32 `json:"averageIndicatorConfidence,omitempty"`
TotalEnrichedIndicator int `json:"totalEnrichedIndicator,omitempty"`
TotalGroupIndicator int `json:"totalGroupIndicator,omitempty"`
TotalObservationDaily int `json:"totalObservationDaily,omitempty"`
TotalObservationIndicator int `json:"totalObservationIndicator,omitempty"`
TotalObservationAddress int `json:"totalObservationAddress,omitempty"`
TotalObservationEmailAddress int `json:"totalObservationEmailAddress,omitempty"`
TotalObservationFile int `json:"totalObservationFile,omitempty"`
TotalObservationHost int `json:"totalObservationHost,omitempty"`
TotalObservationUrl int `json:"totalObservationUrl,omitempty"`
TotalFalsePositiveDaily int `json:"totalFalsePositiveDaily,omitempty"`
TotalFalsePositive int `json:"totalFalsePositive,omitempty"`
}
type OwnerResource ¶
type OwnerResource struct {
TCResource
// contains filtered or unexported fields
}
func NewOwnerResource ¶
func NewOwnerResource(t *ThreatConnectClient) *OwnerResource
func (*OwnerResource) Id ¶
func (r *OwnerResource) Id(id ...int) *OwnerResource
func (*OwnerResource) Mine ¶
func (r *OwnerResource) Mine() *OwnerResource
func (*OwnerResource) Retrieve ¶
func (r *OwnerResource) Retrieve() ([]Owner, error)
type OwnerResponseDetail ¶
type OwnerResponseList ¶
type PhoneNumberResource ¶
type PhoneNumberResource struct {
TCResource
// contains filtered or unexported fields
}
func NewPhoneNumberResource ¶
func NewPhoneNumberResource(r TCResource) *PhoneNumberResource
func (*PhoneNumberResource) Id ¶
func (r *PhoneNumberResource) Id(id int) *PhoneNumberResource
func (*PhoneNumberResource) Retrieve ¶
func (r *PhoneNumberResource) Retrieve() ([]Asset, error)
type PhoneNumberResponseList ¶
type QueryParams ¶
type QueryParams struct {
Filters string `json:"filters,omitempty"`
}
type Resourcer ¶
type Resourcer interface {
Path()
Body()
Method()
Filter()
Request()
Get()
Post()
Put()
Delete()
}
type SecurityLabel ¶
type SecurityLabelsResource ¶
type SecurityLabelsResource struct {
TCResource
// contains filtered or unexported fields
}
func NewSecurityLabelsResource ¶
func NewSecurityLabelsResource(r TCResource) *SecurityLabelsResource
func (*SecurityLabelsResource) Groups ¶
func (r *SecurityLabelsResource) Groups() *AssociatedGroupResource
func (*SecurityLabelsResource) Id ¶
func (r *SecurityLabelsResource) Id(name ...string) *SecurityLabelsResource
func (*SecurityLabelsResource) Retrieve ¶
func (r *SecurityLabelsResource) Retrieve() ([]SecurityLabel, error)
type SecurityLabelsResponseDetail ¶
type SecurityLabelsResponseDetail struct {
Status string `json:"status,omitempty"`
Data struct {
ResultCount int `json:"resultCount,omitempty"`
SecurityLabel SecurityLabel `json:"securityLabel,omitempty"`
} `json:"data,omitempty"`
Message string `json:"message,omitempty"`
}
type SecurityLabelsResponseList ¶
type SecurityLabelsResponseList struct {
Status string `json:"status,omitempty"`
Data struct {
ResultCount int `json:"resultCount,omitempty"`
SecurityLabel []SecurityLabel `json:"securityLabel,omitempty"`
} `json:"data,omitempty"`
Message string `json:"message,omitempty"`
}
type Signature ¶
type Signature struct {
Id int `json:"id,omitempty"`
Name string `json:"name,omitempty"`
OwnerName string `json:"ownerName,omitempty"`
DateAdded string `json:"dateAdded,omitempty"`
WebLink string `json:"webLink,omitempty"`
EventDate string `json:"eventDate,omitempty"`
// Signature specific properties
FileName string `json:"fileName,omitempty"`
FileType string `json:"fileType,omitempty"`
FileText string `json:"fileText,omitempty"`
}
The valid values for a Signature’s fileType field are:
Snort Suricata YARA ClamAV OpenIOC CybOX™ Bro Regex
type SignatureResource ¶
type SignatureResource struct {
TCResource
// contains filtered or unexported fields
}
func NewSignatureResource ¶
func NewSignatureResource(r TCResource) *SignatureResource
func (*SignatureResource) Attributes ¶
func (r *SignatureResource) Attributes(id ...int) *AttributesResource
func (*SignatureResource) Create ¶
func (r *SignatureResource) Create(g *Signature) (Signature, error)
func (*SignatureResource) Id ¶
func (r *SignatureResource) Id(id int) *SignatureResource
func (*SignatureResource) Retrieve ¶
func (r *SignatureResource) Retrieve() ([]Signature, error)
type SignatureResponseDetail ¶
type SignatureResponseList ¶
type TCResource ¶
type TCResource struct {
TC *ThreatConnectClient
// contains filtered or unexported fields
}
func (*TCResource) Base ¶
func (r *TCResource) Base(b string) *TCResource
func (*TCResource) Body ¶
func (r *TCResource) Body(b interface{}) *TCResource
func (*TCResource) Filter ¶
func (r *TCResource) Filter(filters ...string) *TCResource
func (*TCResource) Method ¶
func (r *TCResource) Method(method string) *TCResource
func (*TCResource) Path ¶
func (r *TCResource) Path(paths ...interface{}) *TCResource
func (*TCResource) Remove ¶
func (r *TCResource) Remove() (*DeleteResponse, error)
func (*TCResource) Response ¶
func (r *TCResource) Response(res interface{}) *TCResource
type TCResponse ¶
type TCResponse struct {
Status string `json:"status,omitempty"`
Data json.RawMessage `json:"data,omitempty"`
Message string `json:"message,omitempty"`
}
type TagsResource ¶
type TagsResource struct {
TCResource
}
func NewTagsResource ¶
func NewTagsResource(r TCResource) *TagsResource
func (*TagsResource) Tags ¶
func (r *TagsResource) Tags(name ...string) *TagsResource
type Threat ¶
type Threat struct {
Id int `json:"id,omitempty"`
Name string `json:"name,omitempty"`
OwnerName string `json:"ownerName,omitempty"`
Owner Owner `json:"owner,omitempty"`
DateAdded string `json:"dateAdded,omitempty"`
WebLink string `json:"webLink,omitempty"`
EventDate string `json:"eventDate,omitempty"`
}
type ThreatConnectClient ¶
func New ¶
func New(c TCConfig) ThreatConnectClient
func (*ThreatConnectClient) Authenticate ¶
func (t *ThreatConnectClient) Authenticate(method, rpath string) *sling.Sling
func (*ThreatConnectClient) Groups ¶
func (t *ThreatConnectClient) Groups() *GroupResource
func (*ThreatConnectClient) Indicators ¶
func (t *ThreatConnectClient) Indicators() *IndicatorResource
func (*ThreatConnectClient) Owners ¶
func (t *ThreatConnectClient) Owners(id ...int) *OwnerResource
func (*ThreatConnectClient) SecurityLabels ¶
func (t *ThreatConnectClient) SecurityLabels(id ...string) *SecurityLabelsResource
func (*ThreatConnectClient) Tags ¶
func (t *ThreatConnectClient) Tags(id ...string) *TagsResource
func (*ThreatConnectClient) Types ¶
func (t *ThreatConnectClient) Types() *TypesResource
func (*ThreatConnectClient) WhoAmI ¶
func (t *ThreatConnectClient) WhoAmI() (User, error)
type ThreatResource ¶
type ThreatResource struct {
TCResource
// contains filtered or unexported fields
}
func NewThreatResource ¶
func NewThreatResource(r TCResource) *ThreatResource
func (*ThreatResource) Attributes ¶
func (r *ThreatResource) Attributes(id ...int) *AttributesResource
func (*ThreatResource) Id ¶
func (r *ThreatResource) Id(id int) *ThreatResource
func (*ThreatResource) Retrieve ¶
func (r *ThreatResource) Retrieve() ([]Threat, error)
type ThreatResponseDetail ¶
type ThreatResponseList ¶
type TypesResource ¶
type TypesResource struct {
TCResource
}
func NewTypesResource ¶
func NewTypesResource(t *ThreatConnectClient) *TypesResource
func (*TypesResource) AssociationTypes ¶
func (r *TypesResource) AssociationTypes(name ...string) *TypesResource
func (*TypesResource) Retrieve ¶
func (r *TypesResource) Retrieve() ([]AssociationType, error)
type UrlResource ¶
type UrlResource struct {
TCResource
// contains filtered or unexported fields
}
func NewUrlResource ¶
func NewUrlResource(r TCResource) *UrlResource
func (*UrlResource) Id ¶
func (r *UrlResource) Id(id int) *UrlResource
func (*UrlResource) Retrieve ¶
func (r *UrlResource) Retrieve() ([]Asset, error)
type UrlResponseDetail ¶
type UrlResponseList ¶
type VictimAssetsResource ¶
type VictimAssetsResource struct {
TCResource
}
func NewVictimAssetsResource ¶
func NewVictimAssetsResource(r TCResource) *VictimAssetsResource
func (*VictimAssetsResource) Id ¶
func (r *VictimAssetsResource) Id(id ...string) *VictimAssetsResource
func (*VictimAssetsResource) Type ¶
func (r *VictimAssetsResource) Type(gtype ...string) *VictimAssetsResource
type VictimsResource ¶
type VictimsResource struct {
TCResource
}
func NewVictims ¶
func NewVictims(r TCResource) *VictimsResource
func (*VictimsResource) Victims ¶
func (r *VictimsResource) Victims(gtype ...string) *VictimsResource
type WhoAmIResource ¶
type WhoAmIResource struct {
*TCResource
}
func NewWhoAmI ¶
func NewWhoAmI(tc *ThreatConnectClient) *WhoAmIResource
func (*WhoAmIResource) WhoAmI ¶
func (r *WhoAmIResource) WhoAmI() (User, error)
Source Files
¶
- adversaries.go
- assets.go
- associations.go
- attributes.go
- campaigns.go
- client.go
- documents.go
- emails.go
- group_associations.go
- groups.go
- incidents.go
- indicators.go
- owners.go
- pagination.go
- resource.go
- securitylabels.go
- signatures.go
- tags.go
- threats.go
- types.go
- utils.go
- victimassets.go
- victims.go
- whoami.go
Click to show internal directories.
Click to hide internal directories.