Uses of Class com.mozilla.secops.alert.Alert (secops-beam 0.19.2 API)

Skip navigation links

Prev
Next

All Classes

Packages that use Alert
Package	Description
com.mozilla.secops	General utility classes and transforms for secops-beam
com.mozilla.secops.alert	Alert generation and output
com.mozilla.secops.amo	AMO analysis pipeline
com.mozilla.secops.authprofile	Pipeline for authentication source profiling and alerting
com.mozilla.secops.awsbehavior	Pipeline for monitoring AWS Cloudtrail events
com.mozilla.secops.customs	Customs FxA analysis pipeline
com.mozilla.secops.gatekeeper	Pipeline for AWS Guardduty and GCP ETD analysis
com.mozilla.secops.httprequest	HTTP request threshold and error rate monitoring
com.mozilla.secops.httprequest.heuristics
com.mozilla.secops.parser	Log parsing, processing, and enrichment
com.mozilla.secops.pioneer	Pioneer analysis pipeline
com.mozilla.secops.postprocessing	Pipeline for further processing of and correlation between alerts

Uses of Alert in com.mozilla.secops

Methods in com.mozilla.secops that return types with arguments of type Alert
Modifier and Type	Method and Description
`org.apache.beam.sdk.values.PCollection<Alert>`	SourceCorrelation.SourceCorrelator.`expand(org.apache.beam.sdk.values.PCollection<SourceCorrelation.SourceData> input)`

Methods in com.mozilla.secops with parameters of type Alert
Modifier and Type	Method and Description
`static void`	IprepdIO.`addMetadataIfIpIsExempt(String ip, Alert a)` Add IP metadata if the IP address is exempt from reporting to iprepd.
`static void`	IprepdIO.`addMetadataIfIpIsExempt(String ip, Alert a, String datastoreProject)` Add IP metadata if the IP address is exempt from reporting to iprepd.
`static void`	IprepdIO.`addMetadataIfObjectIsExempt(String obj, String type, Alert a)` Add metadata if the object is exempt from reporting to iprepd.
`static void`	IprepdIO.`addMetadataIfObjectIsExempt(String obj, String type, Alert a, String datastoreProject)` Add metadata if the object is exempt from reporting to iprepd.
`static void`	IprepdIO.`addMetadataSuppressRecovery(Integer value, Alert a)` Add iprepd recovery suppression metadata to an alert
`static Violation[]`	Violation.`fromAlert(Alert a)` Convert an `Alert` into violations

Uses of Alert in com.mozilla.secops.alert

Methods in com.mozilla.secops.alert that return Alert
Modifier and Type	Method and Description
`static Alert`	Alert.`fromJSON(String input)` Return `Alert` from JSON string
`static Alert`	Alert.`fromJSON(String input, com.fasterxml.jackson.databind.ObjectMapper mapper)` Return `Alert` from JSON string

Methods in com.mozilla.secops.alert that return types with arguments of type Alert
Modifier and Type	Method and Description
`org.apache.beam.sdk.values.PCollection<Alert>`	AlertIO.AlertNotifyMerge.`expand(org.apache.beam.sdk.values.PCollection<String> col)`

Methods in com.mozilla.secops.alert with parameters of type Alert
Modifier and Type	Method and Description
`static void`	AlertFormatter.`addGeoIPData(Alert a, GeoIP geoip)` Process metadata fields and add GeoIP information
`String`	AlertFormatter.AlertToString.`apply(Alert input)`
`Boolean`	AlertSlack.`sendConfirmationAlertToUser(Alert a, String userId)` Send an alert to a user asking them if it was caused by them.
`void`	AlertMailer.`sendToAddress(Alert a, String address)` Send email alert to specified address
`Boolean`	AlertSlack.`sendToCatchall(Alert a)` Send alert to slack catchall channel
`void`	AlertMailer.`sendToCatchall(Alert a)` Send email alert to configured catchall address
`Boolean`	AlertSlack.`sendToSupplementary(Alert a)` Send alert to supplementary slack channel
`Boolean`	AlertSlack.`sendToUser(Alert a, String userId)` Send alert to a user.

Uses of Alert in com.mozilla.secops.amo

Methods in com.mozilla.secops.amo that return types with arguments of type Alert
Modifier and Type	Method and Description
`static org.apache.beam.sdk.values.PCollection<Alert>`	Amo.`executePipeline(org.apache.beam.sdk.Pipeline p, org.apache.beam.sdk.values.PCollection<String> input, Amo.AmoOptions options)` Execute AMO pipeline
`org.apache.beam.sdk.values.PCollection<Alert>`	AddonMultiIpLogin.`expand(org.apache.beam.sdk.values.PCollection<Event> col)`
`org.apache.beam.sdk.values.PCollection<Alert>`	ReportRestriction.`expand(org.apache.beam.sdk.values.PCollection<Event> col)`
`org.apache.beam.sdk.values.PCollection<Alert>`	AddonMultiSubmit.`expand(org.apache.beam.sdk.values.PCollection<Event> col)`
`org.apache.beam.sdk.values.PCollection<Alert>`	AddonCloudSubmission.`expand(org.apache.beam.sdk.values.PCollection<Event> col)`
`org.apache.beam.sdk.values.PCollection<Alert>`	AddonMatcher.`expand(org.apache.beam.sdk.values.PCollection<Event> col)`
`org.apache.beam.sdk.values.PCollection<Alert>`	FxaAccountAbuseAlias.`expand(org.apache.beam.sdk.values.PCollection<Event> col)`
`org.apache.beam.sdk.values.PCollection<Alert>`	AddonMultiMatch.`expand(org.apache.beam.sdk.values.PCollection<Event> col)`
`org.apache.beam.sdk.values.PCollection<Alert>`	FxaAccountAbuseNewVersion.`expand(org.apache.beam.sdk.values.PCollection<Event> col)`

Uses of Alert in com.mozilla.secops.authprofile

Methods in com.mozilla.secops.authprofile that return Alert
Modifier and Type	Method and Description
`static Alert`	AuthProfile.`createBaseAlert(Event e, String contactEmail, String docLink)` Create a base authprofile `Alert` using information from the event

Methods in com.mozilla.secops.authprofile that return types with arguments of type Alert
Modifier and Type	Method and Description
`org.apache.beam.sdk.values.PCollection<org.apache.beam.sdk.values.KV<String,Alert>>`	CritObjectAnalyze.`expand(org.apache.beam.sdk.values.PCollection<Event> input)`
`static org.apache.beam.sdk.values.PCollection<Alert>`	AuthProfile.`processInput(org.apache.beam.sdk.values.PCollection<String> input, AuthProfile.AuthProfileOptions options)` Process input collection

Methods in com.mozilla.secops.authprofile with parameters of type Alert
Modifier and Type	Method and Description
`static void`	AuthProfile.`insightsEnrichAlert(Alert a, Event e)` Add minfraud insights data into alert metadata

Uses of Alert in com.mozilla.secops.awsbehavior

Methods in com.mozilla.secops.awsbehavior that return types with arguments of type Alert
Modifier and Type	Method and Description
`org.apache.beam.sdk.values.PCollection<Alert>`	AwsBehavior.Matcher.`expand(org.apache.beam.sdk.values.PCollection<Event> col)`
`org.apache.beam.sdk.values.PCollection<Alert>`	AwsBehavior.Matchers.`expand(org.apache.beam.sdk.values.PCollection<Event> col)`

Uses of Alert in com.mozilla.secops.customs

Methods in com.mozilla.secops.customs that return types with arguments of type Alert
Modifier and Type	Method and Description
`static org.apache.beam.sdk.values.PCollection<Alert>`	Customs.`executePipeline(org.apache.beam.sdk.Pipeline p, org.apache.beam.sdk.values.PCollection<String> input, Customs.CustomsOptions options)` Analysis entry point for Customs pipeline
`org.apache.beam.sdk.values.PCollection<Alert>`	CustomsVelocity.`expand(org.apache.beam.sdk.values.PCollection<Event> col)`
`org.apache.beam.sdk.values.PCollection<Alert>`	Customs.CustomsSummary.`expand(org.apache.beam.sdk.values.PCollection<Event> col)`
`org.apache.beam.sdk.values.PCollection<Alert>`	PrivateRelayForward.`expand(org.apache.beam.sdk.values.PCollection<Event> col)`
`org.apache.beam.sdk.values.PCollection<Alert>`	CustomsStatusComparator.`expand(org.apache.beam.sdk.values.PCollection<Event> col)`
`org.apache.beam.sdk.values.PCollection<Alert>`	CustomsActivityForMonitoredAccounts.`expand(org.apache.beam.sdk.values.PCollection<Event> col)`
`org.apache.beam.sdk.values.PCollection<Alert>`	CustomsLoginFailureForAtRiskAccount.`expand(org.apache.beam.sdk.values.PCollection<Event> col)`
`org.apache.beam.sdk.values.PCollection<Alert>`	CustomsAccountCreation.`expand(org.apache.beam.sdk.values.PCollection<org.apache.beam.sdk.values.KV<String,CustomsFeatures>> col)`
`org.apache.beam.sdk.values.PCollection<Alert>`	CustomsAccountEnumeration.`expand(org.apache.beam.sdk.values.PCollection<org.apache.beam.sdk.values.KV<String,CustomsFeatures>> col)`
`org.apache.beam.sdk.values.PCollection<Alert>`	CustomsAccountCreationDist.`expand(org.apache.beam.sdk.values.PCollection<org.apache.beam.sdk.values.KV<String,CustomsFeatures>> col)`
`org.apache.beam.sdk.values.PCollection<Alert>`	SourceLoginFailure.`expand(org.apache.beam.sdk.values.PCollection<org.apache.beam.sdk.values.KV<String,CustomsFeatures>> col)`
`org.apache.beam.sdk.values.PCollection<Alert>`	CustomsPasswordResetAbuse.`expand(org.apache.beam.sdk.values.PCollection<org.apache.beam.sdk.values.KV<String,CustomsFeatures>> col)`
`org.apache.beam.sdk.values.PCollection<Alert>`	SourceLoginFailureDist.`expand(org.apache.beam.sdk.values.PCollection<org.apache.beam.sdk.values.KV<String,CustomsFeatures>> col)`

Methods in com.mozilla.secops.customs with parameters of type Alert
Modifier and Type	Method and Description
`static ArrayList<CustomsAlert>`	CustomsAlert.`convertAccountCreationAbuse(Alert a)` Convert an account creation abuse alert
`static ArrayList<CustomsAlert>`	CustomsAlert.`convertAccountCreationAbuseDistributed(Alert a)` Convert an account creation abuse distributed alert
`static ArrayList<CustomsAlert>`	CustomsAlert.`convertLoginFailureAtRiskAccount(Alert a)` Convert an at risk account alert
`static ArrayList<CustomsAlert>`	CustomsAlert.`convertPasswordResetAbuse(Alert a)` Convert a password reset abuse alert
`static ArrayList<CustomsAlert>`	CustomsAlert.`convertSourceLoginFailure(Alert a)` Convert source login failure alert into a list of customs alerts.
`static ArrayList<CustomsAlert>`	CustomsAlert.`convertSourceLoginFailureDist(Alert a)` Convert a distributed source login failure alert into a list of customs alerts.
`static ArrayList<CustomsAlert>`	CustomsAlert.`convertStatusComparator(Alert a)` Convert a status comparator alert
`static ArrayList<CustomsAlert>`	CustomsAlert.`convertVelocity(Alert a)` Convert a velocity alert
`static ArrayList<CustomsAlert>`	CustomsAlert.`fromAlert(Alert a)` Convert an `Alert` into one or more instances of `CustomsAlert`

Uses of Alert in com.mozilla.secops.gatekeeper

Methods in com.mozilla.secops.gatekeeper that return types with arguments of type Alert
Modifier and Type	Method and Description
`static org.apache.beam.sdk.values.PCollection<Alert>`	GatekeeperPipeline.`executePipeline(org.apache.beam.sdk.Pipeline p, org.apache.beam.sdk.values.PCollection<String> input, GatekeeperPipeline.GatekeeperOptions options)` Execute Gatekeeper pipeline
`org.apache.beam.sdk.values.PCollection<Alert>`	GuardDutyTransforms.SuppressAlerts.`expand(org.apache.beam.sdk.values.PCollection<Alert> input)`
`org.apache.beam.sdk.values.PCollection<Alert>`	ETDTransforms.SuppressAlerts.`expand(org.apache.beam.sdk.values.PCollection<Alert> input)`
`org.apache.beam.sdk.values.PCollection<Alert>`	GuardDutyTransforms.GenerateGDAlerts.`expand(org.apache.beam.sdk.values.PCollection<Event> input)`
`org.apache.beam.sdk.values.PCollection<Alert>`	ETDTransforms.GenerateETDAlerts.`expand(org.apache.beam.sdk.values.PCollection<Event> input)`

Method parameters in com.mozilla.secops.gatekeeper with type arguments of type Alert
Modifier and Type	Method and Description
`org.apache.beam.sdk.values.PCollection<Alert>`	GuardDutyTransforms.SuppressAlerts.`expand(org.apache.beam.sdk.values.PCollection<Alert> input)`
`org.apache.beam.sdk.values.PCollection<Alert>`	ETDTransforms.SuppressAlerts.`expand(org.apache.beam.sdk.values.PCollection<Alert> input)`

Uses of Alert in com.mozilla.secops.httprequest

Methods in com.mozilla.secops.httprequest that return types with arguments of type Alert
Modifier and Type	Method and Description
`static org.apache.beam.sdk.values.PCollection<Alert>`	HTTPRequest.`expandInputMap(org.apache.beam.sdk.Pipeline p, org.apache.beam.sdk.values.PCollectionTuple input, HTTPRequest.HTTPRequestOptions options)` Expand the input collection tuple, executing analysis transforms for each element

Uses of Alert in com.mozilla.secops.httprequest.heuristics

Methods in com.mozilla.secops.httprequest.heuristics that return types with arguments of type Alert
Modifier and Type	Method and Description
`org.apache.beam.sdk.values.PCollection<Alert>`	ThresholdAnalysis.`expand(org.apache.beam.sdk.values.PCollection<Event> col)`
`org.apache.beam.sdk.values.PCollection<Alert>`	StatusCodeRateAnalysis.`expand(org.apache.beam.sdk.values.PCollection<Event> input)`
`org.apache.beam.sdk.values.PCollection<Alert>`	EndpointSequenceAbuse.`expand(org.apache.beam.sdk.values.PCollection<Event> input)`
`org.apache.beam.sdk.values.PCollection<Alert>`	ErrorRateAnalysis.`expand(org.apache.beam.sdk.values.PCollection<Event> input)`
`org.apache.beam.sdk.values.PCollection<Alert>`	HardLimitAnalysis.`expand(org.apache.beam.sdk.values.PCollection<Event> input)`
`org.apache.beam.sdk.values.PCollection<Alert>`	UserAgentBlocklistAnalysis.`expand(org.apache.beam.sdk.values.PCollection<Event> input)`
`org.apache.beam.sdk.values.PCollection<Alert>`	PerEndpointErrorRateAnalysis.`expand(org.apache.beam.sdk.values.PCollection<org.apache.beam.sdk.values.KV<String,ArrayList<String>>> input)`
`org.apache.beam.sdk.values.PCollection<Alert>`	SessionLimitAnalysis.`expand(org.apache.beam.sdk.values.PCollection<org.apache.beam.sdk.values.KV<String,ArrayList<String>>> input)`
`org.apache.beam.sdk.values.PCollection<Alert>`	EndpointAbuseAnalysis.`expand(org.apache.beam.sdk.values.PCollection<org.apache.beam.sdk.values.KV<String,ArrayList<String>>> input)`

Uses of Alert in com.mozilla.secops.parser

Methods in com.mozilla.secops.parser that return Alert
Modifier and Type Method and Description

Alert Alert.getAlert()
Get alert object

Uses of Alert in com.mozilla.secops.pioneer

Methods in com.mozilla.secops.pioneer that return types with arguments of type Alert
Modifier and Type	Method and Description
`static org.apache.beam.sdk.values.PCollection<Alert>`	Pioneer.`executePipeline(org.apache.beam.sdk.Pipeline p, org.apache.beam.sdk.values.PCollection<String> input, Pioneer.PioneerOptions options)` Execute Pioneer pipeline
`org.apache.beam.sdk.values.PCollection<Alert>`	Pioneer.PioneerExfiltration.`expand(org.apache.beam.sdk.values.PCollection<Event> col)`

Uses of Alert in com.mozilla.secops.postprocessing

Methods in com.mozilla.secops.postprocessing that return types with arguments of type Alert
Modifier and Type	Method and Description
`org.apache.beam.sdk.values.PCollection<Alert>`	AlertSummary.`expand(org.apache.beam.sdk.values.PCollection<Alert> col)`
`static org.apache.beam.sdk.values.PCollection<Alert>`	PostProcessing.`processInput(org.apache.beam.sdk.values.PCollection<String> input, PostProcessing.PostProcessingOptions options)` Process input collection

Method parameters in com.mozilla.secops.postprocessing with type arguments of type Alert
Modifier and Type	Method and Description
`org.apache.beam.sdk.values.PCollection<Alert>`	AlertSummary.`expand(org.apache.beam.sdk.values.PCollection<Alert> col)`
`void`	PostProcessing.WatchlistAnalyze.`onExpiry(org.apache.beam.sdk.transforms.DoFn.OnTimerContext c, org.apache.beam.sdk.state.BagState<Alert> alertBuffer, org.apache.beam.sdk.state.ValueState<Integer> alertBufferCount)`
`void`	PostProcessing.WatchlistAnalyze.`onStale(org.apache.beam.sdk.transforms.DoFn.OnTimerContext c, org.apache.beam.sdk.state.BagState<Alert> alertBuffer, org.apache.beam.sdk.state.ValueState<Integer> alertBufferCount)`
`void`	PostProcessing.WatchlistAnalyze.`processElement(org.apache.beam.sdk.transforms.DoFn.ProcessContext c, org.apache.beam.sdk.transforms.windowing.BoundedWindow w, org.apache.beam.sdk.state.BagState<Alert> alertBuffer, org.apache.beam.sdk.state.ValueState<Integer> alertBufferCount, org.apache.beam.sdk.state.Timer alertExpiry, org.apache.beam.sdk.state.Timer alertStale)`

Skip navigation links

Prev
Next

All Classes

Copyright © 2022. All rights reserved.