# frozen_string_literal: true # Copyright (c) 2017-2018 THL A29 Limited, a Tencent company. All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. module TencentCloud module Tics module V20181115 # DescribeDomainInfo请求参数结构体 class DescribeDomainInfoRequest < TencentCloud::Common::AbstractModel # @param Key: 要查询的域名 # @type Key: String # @param Option: 附加字段,是否返回上下文。当为0时不返回上下文,当为1时返回上下文。 # @type Option: Integer attr_accessor :Key, :Option def initialize(key=nil, option=nil) @Key = key @Option = option end def deserialize(params) @Key = params['Key'] @Option = params['Option'] end end # DescribeDomainInfo返回参数结构体 class DescribeDomainInfoResponse < TencentCloud::Common::AbstractModel # @param ReturnCode: 是否有数据,0代表有数据,1代表没有数据 # @type ReturnCode: Integer # @param Result: 判定结果,如:black、white、grey # @type Result: String # @param Confidence: 置信度,取值0-100 # @type Confidence: Integer # @param ThreatTypes: 威胁类型。 # botnet = 僵尸网络 # trojan = 木马 # ransomware = 勒索软件 # worm = 蠕虫 # dga = 域名生成算法 # c2 = c&c # compromised = 失陷主机 # dynamicIP = 动态IP # proxy = 代理 # idc = idc 机房 # whitelist = 白名单 # tor = 暗网 # miner = 挖矿 # maleware site = 恶意站点 # malware IP = 恶意IP # 等等 # @type ThreatTypes: Array # @param Tags: 恶意标签,对应的团伙,家族等信息。 # @type Tags: Array # @param Intelligences: 对应的历史上的威胁情报事件 # @type Intelligences: Array # @param Context: 情报相关的上下文 # @type Context: String # @param RequestId: 唯一请求 ID,由服务端生成,每次请求都会返回(若请求因其他原因未能抵达服务端,则该次请求不会获得 RequestId)。定位问题时需要提供该次请求的 RequestId。 # @type RequestId: String attr_accessor :ReturnCode, :Result, :Confidence, :ThreatTypes, :Tags, :Intelligences, :Context, :RequestId def initialize(returncode=nil, result=nil, confidence=nil, threattypes=nil, tags=nil, intelligences=nil, context=nil, requestid=nil) @ReturnCode = returncode @Result = result @Confidence = confidence @ThreatTypes = threattypes @Tags = tags @Intelligences = intelligences @Context = context @RequestId = requestid end def deserialize(params) @ReturnCode = params['ReturnCode'] @Result = params['Result'] @Confidence = params['Confidence'] @ThreatTypes = params['ThreatTypes'] unless params['Tags'].nil? @Tags = [] params['Tags'].each do |i| tagtype_tmp = TagType.new tagtype_tmp.deserialize(i) @Tags << tagtype_tmp end end unless params['Intelligences'].nil? @Intelligences = [] params['Intelligences'].each do |i| intelligencetype_tmp = IntelligenceType.new intelligencetype_tmp.deserialize(i) @Intelligences << intelligencetype_tmp end end @Context = params['Context'] @RequestId = params['RequestId'] end end # DescribeFileInfo请求参数结构体 class DescribeFileInfoRequest < TencentCloud::Common::AbstractModel # @param Key: 要查询文件的MD5 # @type Key: String # @param Option: 附加字段,是否返回上下文。当为0时不返回上下文,当为1时返回上下文。 # @type Option: Integer attr_accessor :Key, :Option def initialize(key=nil, option=nil) @Key = key @Option = option end def deserialize(params) @Key = params['Key'] @Option = params['Option'] end end # DescribeFileInfo返回参数结构体 class DescribeFileInfoResponse < TencentCloud::Common::AbstractModel # @param ReturnCode: 是否有数据,0代表有数据,1代表没有数据 # @type ReturnCode: Integer # @param Result: 判定结果,如:black、white、grey # @type Result: String # @param Confidence: 置信度,取值0-100 # @type Confidence: Integer # @param FileInfo: 文件类型,文件hash # (md5,sha1,sha256),文件大小等等文件 # 基础信息 # @type FileInfo: Array # @param Tags: 恶意标签,对应的团伙,家族等信息。 # @type Tags: Array # @param Intelligences: 对应的历史上的威胁情报事件 # @type Intelligences: Array # @param Context: 情报相关的上下文 # @type Context: String # @param RequestId: 唯一请求 ID,由服务端生成,每次请求都会返回(若请求因其他原因未能抵达服务端,则该次请求不会获得 RequestId)。定位问题时需要提供该次请求的 RequestId。 # @type RequestId: String attr_accessor :ReturnCode, :Result, :Confidence, :FileInfo, :Tags, :Intelligences, :Context, :RequestId def initialize(returncode=nil, result=nil, confidence=nil, fileinfo=nil, tags=nil, intelligences=nil, context=nil, requestid=nil) @ReturnCode = returncode @Result = result @Confidence = confidence @FileInfo = fileinfo @Tags = tags @Intelligences = intelligences @Context = context @RequestId = requestid end def deserialize(params) @ReturnCode = params['ReturnCode'] @Result = params['Result'] @Confidence = params['Confidence'] unless params['FileInfo'].nil? @FileInfo = [] params['FileInfo'].each do |i| fileinfotype_tmp = FileInfoType.new fileinfotype_tmp.deserialize(i) @FileInfo << fileinfotype_tmp end end unless params['Tags'].nil? @Tags = [] params['Tags'].each do |i| tagtype_tmp = TagType.new tagtype_tmp.deserialize(i) @Tags << tagtype_tmp end end unless params['Intelligences'].nil? @Intelligences = [] params['Intelligences'].each do |i| intelligencetype_tmp = IntelligenceType.new intelligencetype_tmp.deserialize(i) @Intelligences << intelligencetype_tmp end end @Context = params['Context'] @RequestId = params['RequestId'] end end # DescribeIpInfo请求参数结构体 class DescribeIpInfoRequest < TencentCloud::Common::AbstractModel # @param Key: 要查询的IP # @type Key: String # @param Option: 附加字段,是否返回上下文。当为0时不返回上下文,当为1时返回上下文。 # @type Option: Integer attr_accessor :Key, :Option def initialize(key=nil, option=nil) @Key = key @Option = option end def deserialize(params) @Key = params['Key'] @Option = params['Option'] end end # DescribeIpInfo返回参数结构体 class DescribeIpInfoResponse < TencentCloud::Common::AbstractModel # @param ReturnCode: 是否有数据,0代表有数据,1代表没有数据 # @type ReturnCode: Integer # @param Result: 判定结果,如:black、white、grey # @type Result: String # @param Confidence: 置信度,取值0-100 # @type Confidence: Integer # @param ThreatTypes: 威胁类型。 # botnet = 僵尸网络 # trojan = 木马 # ransomware = 勒索软件 # worm = 蠕虫 # dga = 域名生成算法 # c2 = c&c # compromised = 失陷主机 # dynamicIP = 动态IP # proxy = 代理 # idc = idc 机房 # whitelist = 白名单 # tor = 暗网 # miner = 挖矿 # maleware site = 恶意站点 # malware IP = 恶意IP # 等等 # @type ThreatTypes: Array # @param Tags: 恶意标签,对应的团伙,家族等信息。 # @type Tags: Array # @param Intelligences: 对应的历史上的威胁情报事件 # @type Intelligences: Array # @param Context: 情报相关的上下文 # @type Context: String # @param RequestId: 唯一请求 ID,由服务端生成,每次请求都会返回(若请求因其他原因未能抵达服务端,则该次请求不会获得 RequestId)。定位问题时需要提供该次请求的 RequestId。 # @type RequestId: String attr_accessor :ReturnCode, :Result, :Confidence, :ThreatTypes, :Tags, :Intelligences, :Context, :RequestId def initialize(returncode=nil, result=nil, confidence=nil, threattypes=nil, tags=nil, intelligences=nil, context=nil, requestid=nil) @ReturnCode = returncode @Result = result @Confidence = confidence @ThreatTypes = threattypes @Tags = tags @Intelligences = intelligences @Context = context @RequestId = requestid end def deserialize(params) @ReturnCode = params['ReturnCode'] @Result = params['Result'] @Confidence = params['Confidence'] @ThreatTypes = params['ThreatTypes'] unless params['Tags'].nil? @Tags = [] params['Tags'].each do |i| tagtype_tmp = TagType.new tagtype_tmp.deserialize(i) @Tags << tagtype_tmp end end unless params['Intelligences'].nil? @Intelligences = [] params['Intelligences'].each do |i| intelligencetype_tmp = IntelligenceType.new intelligencetype_tmp.deserialize(i) @Intelligences << intelligencetype_tmp end end @Context = params['Context'] @RequestId = params['RequestId'] end end # DescribeThreatInfo请求参数结构体 class DescribeThreatInfoRequest < TencentCloud::Common::AbstractModel # @param Key: 查询对象,域名或IP # @type Key: String # @param Type: 查询类型,当前取值为domain或ip # @type Type: String # @param Option: 附加字段,是否返回上下文。当为0时不返回上下文,当为1时返回上下文。 # @type Option: Integer attr_accessor :Key, :Type, :Option def initialize(key=nil, type=nil, option=nil) @Key = key @Type = type @Option = option end def deserialize(params) @Key = params['Key'] @Type = params['Type'] @Option = params['Option'] end end # DescribeThreatInfo返回参数结构体 class DescribeThreatInfoResponse < TencentCloud::Common::AbstractModel # @param ReturnCode: 是否有数据,0代表有数据,1代表没有数据 # @type ReturnCode: Integer # @param Result: 判定结果,如:black、white、grey # @type Result: String # @param Confidence: 置信度,取值0-100 # @type Confidence: Integer # @param ThreatTypes: 威胁类型。 # botnet = 僵尸网络 # trojan = 木马 # ransomware = 勒索软件 # worm = 蠕虫 # dga = 域名生成算法 # c2 = c&c # compromised = 失陷主机 # dynamicIP = 动态IP # proxy = 代理 # idc = idc 机房 # whitelist = 白名单 # tor = 暗网 # miner = 挖矿 # maleware site = 恶意站点 # malware IP = 恶意IP # 等等 # @type ThreatTypes: Array # @param Tags: 恶意标签,对应的团伙,家族等信息。 # @type Tags: Array # @param Status: 当前状态 # active = 活跃 # sinkholed = sinkholed # inactive = 不活跃 # unknown = 未知 # expired = 过期 # @type Status: String # @param Context: 情报相关的上下文,参数option=1 的时候提供 # 每个数据默认为3 条 # @type Context: String # @param RequestId: 唯一请求 ID,由服务端生成,每次请求都会返回(若请求因其他原因未能抵达服务端,则该次请求不会获得 RequestId)。定位问题时需要提供该次请求的 RequestId。 # @type RequestId: String attr_accessor :ReturnCode, :Result, :Confidence, :ThreatTypes, :Tags, :Status, :Context, :RequestId def initialize(returncode=nil, result=nil, confidence=nil, threattypes=nil, tags=nil, status=nil, context=nil, requestid=nil) @ReturnCode = returncode @Result = result @Confidence = confidence @ThreatTypes = threattypes @Tags = tags @Status = status @Context = context @RequestId = requestid end def deserialize(params) @ReturnCode = params['ReturnCode'] @Result = params['Result'] @Confidence = params['Confidence'] @ThreatTypes = params['ThreatTypes'] @Tags = params['Tags'] @Status = params['Status'] @Context = params['Context'] @RequestId = params['RequestId'] end end # 文件信息类型 class FileInfoType < TencentCloud::Common::AbstractModel # @param DetectId: 判定渠道 # @type DetectId: String # @param DetectPriority: 检测优先级 # @type DetectPriority: String # @param EnginePriority: 引擎优先级 # @type EnginePriority: String # @param FileExist: 样本是否存在 # @type FileExist: String # @param FileForceUpload: 文件上传 # @type FileForceUpload: String # @param FileSize: 文件大小 # @type FileSize: String # @param FileupTime: 文件上传时间 # @type FileupTime: String # @param FullVirusName: 病毒文件全名 # @type FullVirusName: String # @param IdcPosition: IDC位置 # @type IdcPosition: String # @param Md5Type: 文件md5值 # @type Md5Type: String # @param PeExist: PE结构是否存在 # @type PeExist: String # @param PeForceUpload: PE结构上传 # @type PeForceUpload: String # @param SafeLevel: 安全性等级 # @type SafeLevel: String # @param ScanModiTime: 扫描时间 # @type ScanModiTime: String # @param SubdetectId: 子判定渠道 # @type SubdetectId: String # @param UserDefName: 病毒名 # @type UserDefName: String # @param VirusType: 病毒类型 # @type VirusType: String # @param WhiteScore: 白名单分数 # @type WhiteScore: String attr_accessor :DetectId, :DetectPriority, :EnginePriority, :FileExist, :FileForceUpload, :FileSize, :FileupTime, :FullVirusName, :IdcPosition, :Md5Type, :PeExist, :PeForceUpload, :SafeLevel, :ScanModiTime, :SubdetectId, :UserDefName, :VirusType, :WhiteScore def initialize(detectid=nil, detectpriority=nil, enginepriority=nil, fileexist=nil, fileforceupload=nil, filesize=nil, fileuptime=nil, fullvirusname=nil, idcposition=nil, md5type=nil, peexist=nil, peforceupload=nil, safelevel=nil, scanmoditime=nil, subdetectid=nil, userdefname=nil, virustype=nil, whitescore=nil) @DetectId = detectid @DetectPriority = detectpriority @EnginePriority = enginepriority @FileExist = fileexist @FileForceUpload = fileforceupload @FileSize = filesize @FileupTime = fileuptime @FullVirusName = fullvirusname @IdcPosition = idcposition @Md5Type = md5type @PeExist = peexist @PeForceUpload = peforceupload @SafeLevel = safelevel @ScanModiTime = scanmoditime @SubdetectId = subdetectid @UserDefName = userdefname @VirusType = virustype @WhiteScore = whitescore end def deserialize(params) @DetectId = params['DetectId'] @DetectPriority = params['DetectPriority'] @EnginePriority = params['EnginePriority'] @FileExist = params['FileExist'] @FileForceUpload = params['FileForceUpload'] @FileSize = params['FileSize'] @FileupTime = params['FileupTime'] @FullVirusName = params['FullVirusName'] @IdcPosition = params['IdcPosition'] @Md5Type = params['Md5Type'] @PeExist = params['PeExist'] @PeForceUpload = params['PeForceUpload'] @SafeLevel = params['SafeLevel'] @ScanModiTime = params['ScanModiTime'] @SubdetectId = params['SubdetectId'] @UserDefName = params['UserDefName'] @VirusType = params['VirusType'] @WhiteScore = params['WhiteScore'] end end # { "source": "inergj_ai_predict", "stamp": "msraminer", "time": 1531994023 } class IntelligenceType < TencentCloud::Common::AbstractModel # @param Source: 来源 # @type Source: String # @param Stamp: 标记 # @type Stamp: String # @param Time: 时间 # @type Time: Integer attr_accessor :Source, :Stamp, :Time def initialize(source=nil, stamp=nil, time=nil) @Source = source @Stamp = stamp @Time = time end def deserialize(params) @Source = params['Source'] @Stamp = params['Stamp'] @Time = params['Time'] end end # 标签及对应的解释 class TagType < TencentCloud::Common::AbstractModel # @param Tag: 标签 # @type Tag: String # @param Desc: 标签对应的中文解释 # @type Desc: String attr_accessor :Tag, :Desc def initialize(tag=nil, desc=nil) @Tag = tag @Desc = desc end def deserialize(params) @Tag = params['Tag'] @Desc = params['Desc'] end end end end end