- add(String) - Method in class com.mozilla.secops.CidrUtil
-
Add subnet to subnet list
- add(String) - Method in class com.mozilla.secops.InetRadix
-
Add IPv4 CIDR subnet to tree
- addCustomMetadata(String, String) - Method in class com.mozilla.secops.alert.Alert
-
Set a custom metadata value
- addEvent(Event) - Method in class com.mozilla.secops.customs.CustomsFeatures
-
Add a single event to the event list
- addFileInput(String) - Method in class com.mozilla.secops.input.InputElement
-
Add a new file input
- addGeoIPData(Alert, GeoIP) - Static method in class com.mozilla.secops.alert.AlertFormatter
-
Process metadata fields and add GeoIP information
- addInput(CustomsFeatures, Event) - Method in class com.mozilla.secops.customs.CustomsFeaturesCombiner.CustomsFeaturesCombineFn
-
- addInput(Stats.StatsCombiner.State, Long) - Method in class com.mozilla.secops.Stats.StatsCombiner
-
- addKinesisInput(String) - Method in class com.mozilla.secops.input.InputElement
-
Add new Kinesis input
- addMetadata(AlertMeta.Key, String) - Method in class com.mozilla.secops.alert.Alert
-
Add metadata
- addMetadata(AlertMeta.Key, List<String>) - Method in class com.mozilla.secops.alert.Alert
-
Add metadata as a list of values
- addMetadataIfIpIsExempt(String, Alert) - Static method in class com.mozilla.secops.IprepdIO
-
Add IP metadata if the IP address is exempt from reporting to iprepd.
- addMetadataIfIpIsExempt(String, Alert, String) - Static method in class com.mozilla.secops.IprepdIO
-
Add IP metadata if the IP address is exempt from reporting to iprepd.
- addMetadataIfObjectIsExempt(String, String, Alert) - Static method in class com.mozilla.secops.IprepdIO
-
Add metadata if the object is exempt from reporting to iprepd.
- addMetadataIfObjectIsExempt(String, String, Alert, String) - Static method in class com.mozilla.secops.IprepdIO
-
Add metadata if the object is exempt from reporting to iprepd.
- addMetadataSuppressRecovery(Integer, Alert) - Static method in class com.mozilla.secops.IprepdIO
-
Add iprepd recovery suppression metadata to an alert
- AddonCloudSubmission - Class in com.mozilla.secops.amo
-
Alert on add-on submissions from cloud providers
- AddonCloudSubmission(String) - Constructor for class com.mozilla.secops.amo.AddonCloudSubmission
-
Construct new AddonCloudSubmission
- AddonMatcher - Class in com.mozilla.secops.amo
-
Match abusive addon uploads and generate alerts
- AddonMatcher(String, Integer, String[]) - Constructor for class com.mozilla.secops.amo.AddonMatcher
-
Construct new AddonMatcher
- AddonMultiIpLogin - Class in com.mozilla.secops.amo
-
Multiple account logins for the same account from different source addresses associated with
different country codes
- AddonMultiIpLogin(String, Integer, Integer, Integer, String[], String[]) - Constructor for class com.mozilla.secops.amo.AddonMultiIpLogin
-
Construct new AddonMultiIpLogin
- AddonMultiMatch - Class in com.mozilla.secops.amo
-
Detect distributed AMO submissions with the same file hash
- AddonMultiMatch(String, Integer, Integer) - Constructor for class com.mozilla.secops.amo.AddonMultiMatch
-
Construct new AddonMultiMatch
- AddonMultiSubmit - Class in com.mozilla.secops.amo
-
Detect distributed submissions based on file size intervals
- AddonMultiSubmit(String, Integer, Integer) - Constructor for class com.mozilla.secops.amo.AddonMultiSubmit
-
Construct new AddonMultiSubmit
- addParser(String, ParserCfg, EventFilter) - Method in class com.mozilla.secops.parser.ParserMultiDoFn
-
Add a new parser configuration and filter for the specified key name
- addPayloadFilter(EventFilterPayloadInterface) - Method in class com.mozilla.secops.parser.EventFilterPayloadOr
-
Add payload filter
- addPayloadFilter(EventFilterPayloadInterface) - Method in class com.mozilla.secops.parser.EventFilterRule
-
Add payload filter
- addPubsubInput(String) - Method in class com.mozilla.secops.input.InputElement
-
Add new Pubsub input
- addressInCidr(String, String) - Static method in class com.mozilla.secops.CidrUtil
-
Return true if address is within the cidr
- addRule(EventFilterRule) - Method in class com.mozilla.secops.parser.EventFilter
-
Add new rule to filter
- addStatusTag(Normalized.StatusTag) - Method in class com.mozilla.secops.parser.Normalized
-
Add a StatusTag to a normalized event
- addToggleCacheEntry(String, HTTPRequestToggles) - Static method in class com.mozilla.secops.httprequest.HTTPRequest
-
Add an entry to the HTTPRequest toggle cache
- addToPayload(String) - Method in class com.mozilla.secops.alert.Alert
-
Add new line to payload buffer
- addType(Normalized.Type) - Method in class com.mozilla.secops.parser.Normalized
-
Add a type flag to normalized type
- addWiredStream(PTransform<PBegin, PCollection<String>>) - Method in class com.mozilla.secops.input.InputElement
-
Add wired stream
- Alert - Class in com.mozilla.secops.alert
-
Global standardized class representing alerting output from pipelines
- Alert() - Constructor for class com.mozilla.secops.alert.Alert
-
Construct new alert object
- Alert - Class in com.mozilla.secops.parser
-
Payload parser for incoming alert events
- Alert() - Constructor for class com.mozilla.secops.parser.Alert
-
Construct matcher object.
- Alert(String, Event, ParserState) - Constructor for class com.mozilla.secops.parser.Alert
-
Construct parser object.
- Alert.AlertSeverity - Enum in com.mozilla.secops.alert
-
- AlertConfiguration - Class in com.mozilla.secops.alert
-
- AlertConfiguration() - Constructor for class com.mozilla.secops.alert.AlertConfiguration
-
- AlertFormatter - Class in com.mozilla.secops.alert
-
DoFn
for normalization and supplemental enrichment of
Alert
objects
- AlertFormatter(IOOptions) - Constructor for class com.mozilla.secops.alert.AlertFormatter
-
Initialize new AlertFormatter
- AlertFormatter(String, String, String) - Constructor for class com.mozilla.secops.alert.AlertFormatter
-
Initialize new AlertFormatter
- AlertFormatter.AlertToString - Class in com.mozilla.secops.alert
-
SimpleFunction for conversion of
Alert
objects to JSON string
- AlertIO - Class in com.mozilla.secops.alert
-
- AlertIO() - Constructor for class com.mozilla.secops.alert.AlertIO
-
- AlertIO.AlertNotifyMerge - Class in com.mozilla.secops.alert
-
Merge related alerts together using any set alert notify merge metadata prior to emitting
notifications.
- AlertIO.Write - Class in com.mozilla.secops.alert
-
Handle alerting output based on the contents of the alerting messages such as included metadata
and severity.
- AlertMailer - Class in com.mozilla.secops.alert
-
- AlertMailer(AlertConfiguration) - Constructor for class com.mozilla.secops.alert.AlertMailer
-
- AlertMeta - Class in com.mozilla.secops.alert
-
- AlertMeta(String, String) - Constructor for class com.mozilla.secops.alert.AlertMeta
-
- AlertMeta.Key - Enum in com.mozilla.secops.alert
-
Keys that may be used for alert metadata
- AlertMeta.Key.AssociatedKey - Enum in com.mozilla.secops.alert
-
Associated key identifiers
- AlertMeta.Key.ValueType - Enum in com.mozilla.secops.alert
-
Storage formats for value fields
- AlertNotifyMerge() - Constructor for class com.mozilla.secops.alert.AlertIO.AlertNotifyMerge
-
- AlertSlack - Class in com.mozilla.secops.alert
-
- AlertSlack(AlertConfiguration) - Constructor for class com.mozilla.secops.alert.AlertSlack
-
Construct new alert slack object
- AlertSlack(AlertConfiguration, SlackManager) - Constructor for class com.mozilla.secops.alert.AlertSlack
-
Construct new alert slack object, providing an already instantiated
SlackManager
- AlertSourceExtractor() - Constructor for class com.mozilla.secops.SourceCorrelation.AlertSourceExtractor
-
- AlertSummary - Class in com.mozilla.secops.postprocessing
-
Summarize alerts and various attributes of alerts over time and generate subsequent alerts if
certain thresholds or anomolies are detected.
- AlertSummary(PostProcessing.PostProcessingOptions) - Constructor for class com.mozilla.secops.postprocessing.AlertSummary
-
- AlertSuppressionState() - Constructor for class com.mozilla.secops.alert.AlertSuppressor.AlertSuppressionState
-
- AlertSuppressionState() - Constructor for class com.mozilla.secops.alert.AlertSuppressorSession.AlertSuppressionState
-
- AlertSuppressor - Class in com.mozilla.secops.alert
-
Implements generic alert suppression
- AlertSuppressor(Long) - Constructor for class com.mozilla.secops.alert.AlertSuppressor
-
Initialize new AlertSuppressor
- AlertSuppressor.AlertSuppressionState - Class in com.mozilla.secops.alert
-
Internal class for alert suppression state
- AlertSuppressorCount - Class in com.mozilla.secops.alert
-
Extended alert suppression using count metadata
- AlertSuppressorCount(Long) - Constructor for class com.mozilla.secops.alert.AlertSuppressorCount
-
Initialize new AlertSuppressorCount
- AlertSuppressorSession - Class in com.mozilla.secops.alert
-
Alert suppression using session gap based expiry
- AlertSuppressorSession(Long) - Constructor for class com.mozilla.secops.alert.AlertSuppressorSession
-
- AlertSuppressorSession.AlertSuppressionState - Class in com.mozilla.secops.alert
-
Internal class for alert suppression state
- AlertToString() - Constructor for class com.mozilla.secops.alert.AlertFormatter.AlertToString
-
- Amo - Class in com.mozilla.secops.amo
-
Various heuristics for AMO analysis
- Amo() - Constructor for class com.mozilla.secops.amo.Amo
-
- Amo - Class in com.mozilla.secops.parser.models.amo
-
Describes the format of an AMO event
- Amo() - Constructor for class com.mozilla.secops.parser.models.amo.Amo
-
- Amo.AmoOptions - Interface in com.mozilla.secops.amo
-
Runtime options for
Amo
pipeline.
- AmoDocker - Class in com.mozilla.secops.parser
-
Payload parser for AMO docker logs
- AmoDocker() - Constructor for class com.mozilla.secops.parser.AmoDocker
-
Construct matcher object.
- AmoDocker(String, Event, ParserState) - Constructor for class com.mozilla.secops.parser.AmoDocker
-
Construct parser object.
- AmoDocker.EventType - Enum in com.mozilla.secops.parser
-
- AmoMetrics - Class in com.mozilla.secops.amo
-
- AmoMetrics() - Constructor for class com.mozilla.secops.amo.AmoMetrics
-
- AmoMetrics.HeuristicMetrics - Class in com.mozilla.secops.amo
-
Metrics for the various analysis transforms in the
Amo
pipeline
- ApacheCombined - Class in com.mozilla.secops.parser
-
Payload parser for Apache combined log format
- ApacheCombined() - Constructor for class com.mozilla.secops.parser.ApacheCombined
-
Construct matcher object.
- ApacheCombined(String, Event, ParserState) - Constructor for class com.mozilla.secops.parser.ApacheCombined
-
Construct parser object.
- apply(Alert) - Method in class com.mozilla.secops.alert.AlertFormatter.AlertToString
-
- apply(Event) - Method in class com.mozilla.secops.httprequest.HTTPRequest.Has4xxRequestStatus
-
- applyProxyXFFAddressSelector(String, Boolean) - Method in class com.mozilla.secops.parser.Parser
-
Applies proxy xff selector
- applyXffAddressSelector(String) - Method in class com.mozilla.secops.parser.Parser
-
Apply any configured XFF address selector to the specified input string
- assemblePayload() - Method in class com.mozilla.secops.alert.Alert
-
Assemble a complete payload buffer that contains alert metadata information in addition to the
alert payload.
- Auth0 - Class in com.mozilla.secops.parser
-
Payload parser for Auth0 logs
- Auth0() - Constructor for class com.mozilla.secops.parser.Auth0
-
Construct matcher object.
- Auth0(String, Event, ParserState) - Constructor for class com.mozilla.secops.parser.Auth0
-
Construct parser object.
- authGetData(Event) - Static method in class com.mozilla.secops.customs.CustomsUtil
-
Extract FxA event internal data
- authGetEmail(Event) - Static method in class com.mozilla.secops.customs.CustomsUtil
-
Extract FxA event email address
- authGetEventSummary(Event) - Static method in class com.mozilla.secops.customs.CustomsUtil
-
Extract FxA event summary
- authGetPath(Event) - Static method in class com.mozilla.secops.customs.CustomsUtil
-
Extract FxA event path
- authGetPayload(Event) - Static method in class com.mozilla.secops.customs.CustomsUtil
-
Extract FxA event payload
- authGetService(Event) - Static method in class com.mozilla.secops.customs.CustomsUtil
-
Extract FxA event service value
- authGetSourceAddress(Event) - Static method in class com.mozilla.secops.customs.CustomsUtil
-
Extract FxA event source address
- authGetSourceAddressLatitude(Event) - Static method in class com.mozilla.secops.customs.CustomsUtil
-
Extract FxA event source address latitude
- authGetSourceAddressLongitude(Event) - Static method in class com.mozilla.secops.customs.CustomsUtil
-
Extract FxA event source address longitude
- authGetStatus(Event) - Static method in class com.mozilla.secops.customs.CustomsUtil
-
Extract FxA event status code
- authGetUid(Event) - Static method in class com.mozilla.secops.customs.CustomsUtil
-
Extract FxA event UID
- authGetUserAgent(Event) - Static method in class com.mozilla.secops.customs.CustomsUtil
-
Extract FxA agent
- AuthProfile - Class in com.mozilla.secops.authprofile
-
AuthProfile
implements analysis of normalized authentication events
- AuthProfile() - Constructor for class com.mozilla.secops.authprofile.AuthProfile
-
- AuthProfile.AuthProfileOptions - Interface in com.mozilla.secops.authprofile
-
- AuthProfile.ExtractIdentity - Class in com.mozilla.secops.authprofile
-
Extract subject user for each event in input PCollection
- AuthProfile.Parse - Class in com.mozilla.secops.authprofile
-
Parse input strings returning applicable authentication events.
- AuthProfile.StateAnalyze - Class in com.mozilla.secops.authprofile
-
Analyze grouped events associated with a particular user or identity against persistent user
state
- AuthProfile.StateAnalyze.ActionType - Enum in com.mozilla.secops.authprofile
-
The outcome of state analysis can result in various actions being taken.
- AuthStateModel - Class in com.mozilla.secops.authstate
-
Manages and stores authentication state information for a given user identity.
- AuthStateModel(String) - Constructor for class com.mozilla.secops.authstate.AuthStateModel
-
Create new state model for user
- AuthStateModel.GeoVelocityResponse - Class in com.mozilla.secops.authstate
-
- AuthStateModel.ModelEntry - Class in com.mozilla.secops.authstate
-
Represents a single known source for authentication for a given user
- AuthStateModel.ModelEntryUpdate - Class in com.mozilla.secops.authstate
-
Information used in a model update request
- AwsAssumeRoleCorrelator - Class in com.mozilla.secops.authprofile
-
Analyze cross account assumeRole events and correlates between the trusting account (the account
a role is being assumed in) and the trusted account (the account with the iam user assuming a
role).
- AwsAssumeRoleCorrelator(AuthProfile.AuthProfileOptions) - Constructor for class com.mozilla.secops.authprofile.AwsAssumeRoleCorrelator
-
- AwsAssumeRoleCorrelator.CrossAccountAssumeRoleFilter - Class in com.mozilla.secops.authprofile
-
Returns only AssumeRole events with a sharedEventID indicating there's events across two
accounts that need to be correlated
- AwsBehavior - Class in com.mozilla.secops.awsbehavior
-
- AwsBehavior() - Constructor for class com.mozilla.secops.awsbehavior.AwsBehavior
-
- AwsBehavior.AwsBehaviorOptions - Interface in com.mozilla.secops.awsbehavior
-
- AwsBehavior.Matcher - Class in com.mozilla.secops.awsbehavior
-
- AwsBehavior.Matchers - Class in com.mozilla.secops.awsbehavior
-
High level transform for invoking each of the matcher transforms after reading in the config
with
CloudtrailMatcherManager
- AwsBehavior.ParseAndWindow - Class in com.mozilla.secops.awsbehavior
-
Transform to parse a
PCollection
containing events as strings and emit a
PCollection
of
Event
objects after filtering out events that are not
Cloudtrail
events
- cacheClear() - Static method in class com.mozilla.secops.Minfraud
-
Clear insights cache
- cacheInsightsResource(String, String) - Static method in class com.mozilla.secops.Minfraud
-
Cache and force a particular response for an IP address
- calculate(String, String) - Static method in class com.mozilla.secops.StringDistance
-
Return string distance value between two strings
- CATEGORY_ACCOUNT_CREATION_ABUSE - Static variable in class com.mozilla.secops.customs.Customs
-
- CATEGORY_ACCOUNT_CREATION_ABUSE_DIST - Static variable in class com.mozilla.secops.customs.Customs
-
- CATEGORY_ACCOUNT_ENUMERATION - Static variable in class com.mozilla.secops.customs.Customs
-
- CATEGORY_ACTIVITY_MONITOR - Static variable in class com.mozilla.secops.customs.Customs
-
- CATEGORY_LOGIN_FAILURE_AT_RISK_ACCOUNT - Static variable in class com.mozilla.secops.customs.Customs
-
- CATEGORY_PASSWORD_RESET_ABUSE - Static variable in class com.mozilla.secops.customs.Customs
-
- CATEGORY_PRIVATE_RELAY_FORWARD - Static variable in class com.mozilla.secops.customs.Customs
-
- CATEGORY_SOURCE_LOGIN_FAILURE - Static variable in class com.mozilla.secops.customs.Customs
-
- CATEGORY_SOURCE_LOGIN_FAILURE_DIST - Static variable in class com.mozilla.secops.customs.Customs
-
- CATEGORY_STATUS_COMPARATOR - Static variable in class com.mozilla.secops.customs.Customs
-
- CATEGORY_VELOCITY - Static variable in class com.mozilla.secops.customs.Customs
-
- CATEGORY_VELOCITY_MONITOR_ONLY - Static variable in class com.mozilla.secops.customs.Customs
-
- CfgTick - Class in com.mozilla.secops.parser
-
Payload parser for configuration ticks
- CfgTick() - Constructor for class com.mozilla.secops.parser.CfgTick
-
Construct matcher object.
- CfgTick(String, Event, ParserState) - Constructor for class com.mozilla.secops.parser.CfgTick
-
Construct parser object.
- CfgTickBuilder - Class in com.mozilla.secops.metrics
-
Builder class for initializating configuration tick messages
- CfgTickBuilder() - Constructor for class com.mozilla.secops.metrics.CfgTickBuilder
-
- CfgTickGenerator - Class in com.mozilla.secops.metrics
-
Generate periodic configuration ticks
- CfgTickGenerator(String, Integer, long) - Constructor for class com.mozilla.secops.metrics.CfgTickGenerator
-
- CfgTickProcessor - Class in com.mozilla.secops.metrics
-
Convert configuration ticks into alerts
- CfgTickProcessor(String) - Constructor for class com.mozilla.secops.metrics.CfgTickProcessor
-
- CidrUtil - Class in com.mozilla.secops
-
CIDR matching utilities
- CidrUtil() - Constructor for class com.mozilla.secops.CidrUtil
-
Constructor for
CidrUtil
, initialize empty
- CidrUtil(String) - Constructor for class com.mozilla.secops.CidrUtil
-
Constructor for
CidrUtil
to load subnet list from resource
- CIDRUTIL_CLOUDPROVIDERS - Static variable in class com.mozilla.secops.CidrUtil
-
Load exclusion list with allowed cloud providers
- CIDRUTIL_FILE - Static variable in class com.mozilla.secops.CidrUtil
-
Load exclusion list from path resource
- CIDRUTIL_INTERNAL - Static variable in class com.mozilla.secops.CidrUtil
-
Load exclusion list for internal/RFC1918 subnets
- Cloudtrail - Class in com.mozilla.secops.parser
-
Payload parser for Cloudtrail events
- Cloudtrail() - Constructor for class com.mozilla.secops.parser.Cloudtrail
-
Construct matcher object.
- Cloudtrail(String, Event, ParserState) - Constructor for class com.mozilla.secops.parser.Cloudtrail
-
Construct parser object.
- CloudtrailEvent - Class in com.mozilla.secops.parser.models.cloudtrail
-
Model for Cloudtrail Events JSON parsing
- CloudtrailEvent() - Constructor for class com.mozilla.secops.parser.models.cloudtrail.CloudtrailEvent
-
- CloudtrailMatcher - Class in com.mozilla.secops.awsbehavior
-
Translates a JSON object into an EventFilter and context for any resulting matches.
- CloudtrailMatcher() - Constructor for class com.mozilla.secops.awsbehavior.CloudtrailMatcher
-
- CloudtrailMatcherManager - Class in com.mozilla.secops.awsbehavior
-
- CloudtrailMatcherManager() - Constructor for class com.mozilla.secops.awsbehavior.CloudtrailMatcherManager
-
- CloudWatchEvent - Class in com.mozilla.secops.parser.models.cloudwatch
-
Describes the format of an AWS CloudWatch Event
- CloudWatchEvent() - Constructor for class com.mozilla.secops.parser.models.cloudwatch.CloudWatchEvent
-
- com.mozilla.secops - package com.mozilla.secops
-
General utility classes and transforms for secops-beam
- com.mozilla.secops.alert - package com.mozilla.secops.alert
-
Alert generation and output
- com.mozilla.secops.amo - package com.mozilla.secops.amo
-
AMO analysis pipeline
- com.mozilla.secops.authprofile - package com.mozilla.secops.authprofile
-
Pipeline for authentication source profiling and alerting
- com.mozilla.secops.authstate - package com.mozilla.secops.authstate
-
Authentication state storage and utility classes
- com.mozilla.secops.awsbehavior - package com.mozilla.secops.awsbehavior
-
Pipeline for monitoring AWS Cloudtrail events
- com.mozilla.secops.crypto - package com.mozilla.secops.crypto
-
Utilities for dealing with runtime secrets in Beam pipelines
- com.mozilla.secops.customs - package com.mozilla.secops.customs
-
Customs FxA analysis pipeline
- com.mozilla.secops.customs.CustomsAtRiskAccountState - package com.mozilla.secops.customs.CustomsAtRiskAccountState
-
- com.mozilla.secops.gatekeeper - package com.mozilla.secops.gatekeeper
-
Pipeline for AWS Guardduty and GCP ETD analysis
- com.mozilla.secops.httprequest - package com.mozilla.secops.httprequest
-
HTTP request threshold and error rate monitoring
- com.mozilla.secops.httprequest.heuristics - package com.mozilla.secops.httprequest.heuristics
-
- com.mozilla.secops.identity - package com.mozilla.secops.identity
-
Centralized identity mapping and translation for user identities
- com.mozilla.secops.input - package com.mozilla.secops.input
-
Pipeline input
- com.mozilla.secops.metrics - package com.mozilla.secops.metrics
-
Metrics support classes
- com.mozilla.secops.parser - package com.mozilla.secops.parser
-
Log parsing, processing, and enrichment
- com.mozilla.secops.parser.models.amo - package com.mozilla.secops.parser.models.amo
-
JSON model for AMO events
- com.mozilla.secops.parser.models.auth0 - package com.mozilla.secops.parser.models.auth0
-
JSON model for Auth0 events
- com.mozilla.secops.parser.models.cloudtrail - package com.mozilla.secops.parser.models.cloudtrail
-
JSON model for Cloudtrail events
- com.mozilla.secops.parser.models.cloudwatch - package com.mozilla.secops.parser.models.cloudwatch
-
generic JSON model for AWS CloudWatch events
- com.mozilla.secops.parser.models.duopull - package com.mozilla.secops.parser.models.duopull
-
JSON model for Duopull events
- com.mozilla.secops.parser.models.etd - package com.mozilla.secops.parser.models.etd
-
JSON model for GCP ETDBeta Findings
- com.mozilla.secops.parser.models.fxaauth - package com.mozilla.secops.parser.models.fxaauth
-
JSON model for FxA auth server events
- com.mozilla.secops.parser.models.fxacontent - package com.mozilla.secops.parser.models.fxacontent
-
- com.mozilla.secops.parser.models.gcpvpcflow - package com.mozilla.secops.parser.models.gcpvpcflow
-
JSON model for GCP VPC flow events
- com.mozilla.secops.parser.models.nginxstackdriver - package com.mozilla.secops.parser.models.nginxstackdriver
-
JSON model for nginx log messages in Stackdriver jsonPayload
- com.mozilla.secops.parser.models.taskcluster - package com.mozilla.secops.parser.models.taskcluster
-
JSON model for Taskcluster events
- com.mozilla.secops.pioneer - package com.mozilla.secops.pioneer
-
Pioneer analysis pipeline
- com.mozilla.secops.postprocessing - package com.mozilla.secops.postprocessing
-
Pipeline for further processing of and correlation between alerts
- com.mozilla.secops.slack - package com.mozilla.secops.slack
-
Classes for handling publication of messages to Slack
- com.mozilla.secops.state - package com.mozilla.secops.state
-
Classes for handling persistent state for Beam pipelines
- com.mozilla.secops.streamwriter - package com.mozilla.secops.streamwriter
-
Simple stream writer
- com.mozilla.secops.window - package com.mozilla.secops.window
-
Utility window transforms
- com.mozilla.secops.workshop - package com.mozilla.secops.workshop
-
Getting started with Beam introduction pipeline
- commit() - Method in class com.mozilla.secops.state.DatastoreStateCursor
-
Commit datastore transaction
- commit() - Method in class com.mozilla.secops.state.MemcachedStateCursor
-
- commit() - Method in class com.mozilla.secops.state.StateCursor
-
Commit transaction
- compositeInputAdapter(InputOptions, String) - Static method in class com.mozilla.secops.input.Input
-
Adapter to simplify
Input
usage for pipelines that used previous composite input
tranform
- CompositeOutput - Class in com.mozilla.secops
-
CompositeOutput
provides a standardized composite output transform for use in pipelines.
- compositeOutput(OutputOptions) - Static method in interface com.mozilla.secops.OutputOptions
-
- Connection() - Constructor for class com.mozilla.secops.parser.models.gcpvpcflow.GcpVpcFlow.Connection
-
- contains(String) - Method in class com.mozilla.secops.CidrUtil
-
Return true if any loaded subnet contains the specified address
- contains(String) - Method in class com.mozilla.secops.InetRadix
-
Determine if tree contains a subnet that would contain IP
- ContentServerVarianceDetector - Class in com.mozilla.secops.customs
-
Provides transforms to detect if an ip is making a variety of requests to the content server or
is just abusing auth server APIs.
- ContentServerVarianceDetector() - Constructor for class com.mozilla.secops.customs.ContentServerVarianceDetector
-
- ContentServerVarianceDetector.PresenceBased - Class in com.mozilla.secops.customs
-
Provides a basic transform for detecting variance based on whether an ip exists
- convertAccountCreationAbuse(Alert) - Static method in class com.mozilla.secops.customs.CustomsAlert
-
Convert an account creation abuse alert
- convertAccountCreationAbuseDistributed(Alert) - Static method in class com.mozilla.secops.customs.CustomsAlert
-
Convert an account creation abuse distributed alert
- convertJsonToMap(String) - Static method in class com.mozilla.secops.parser.Parser
-
Utility function to convert a JSON string into the desired map type
- convertJsonToMap(String, ObjectMapper) - Static method in class com.mozilla.secops.parser.Parser
-
Utility function to convert a JSON string into the desired map type
- convertLoginFailureAtRiskAccount(Alert) - Static method in class com.mozilla.secops.customs.CustomsAlert
-
Convert an at risk account alert
- convertPasswordResetAbuse(Alert) - Static method in class com.mozilla.secops.customs.CustomsAlert
-
Convert a password reset abuse alert
- convertSourceLoginFailure(Alert) - Static method in class com.mozilla.secops.customs.CustomsAlert
-
Convert source login failure alert into a list of customs alerts.
- convertSourceLoginFailureDist(Alert) - Static method in class com.mozilla.secops.customs.CustomsAlert
-
Convert a distributed source login failure alert into a list of customs alerts.
- convertStatusComparator(Alert) - Static method in class com.mozilla.secops.customs.CustomsAlert
-
Convert a status comparator alert
- convertVelocity(Alert) - Static method in class com.mozilla.secops.customs.CustomsAlert
-
Convert a velocity alert
- count - Variable in class com.mozilla.secops.alert.AlertSuppressor.AlertSuppressionState
-
Counter value for extended suppression
- count - Variable in class com.mozilla.secops.httprequest.heuristics.EndpointAbuseAnalysis.EndpointAbuseState
-
Request count
- createAccumulator() - Method in class com.mozilla.secops.customs.CustomsFeaturesCombiner.CustomsFeaturesCombineFn
-
- createAccumulator() - Method in class com.mozilla.secops.Stats.StatsCombiner
-
- createBaseAlert(Event, String, String) - Static method in class com.mozilla.secops.authprofile.AuthProfile
-
Create a base authprofile
Alert
using information from the event
- CritObjectAnalyze - Class in com.mozilla.secops.authprofile
-
Analysis for authentication involving critical objects
- CritObjectAnalyze(AuthProfile.AuthProfileOptions) - Constructor for class com.mozilla.secops.authprofile.CritObjectAnalyze
-
Initialize new critical object analysis
- CrossAccountAssumeRoleFilter() - Constructor for class com.mozilla.secops.authprofile.AwsAssumeRoleCorrelator.CrossAccountAssumeRoleFilter
-
- Customs - Class in com.mozilla.secops.customs
-
Implements various analysis heuristics on
FxaAuth
streams
- Customs() - Constructor for class com.mozilla.secops.customs.Customs
-
- Customs.CustomsOptions - Interface in com.mozilla.secops.customs
-
Runtime options for
Customs
pipeline.
- Customs.CustomsSummary - Class in com.mozilla.secops.customs
-
Summarizes various events processed by Customs pipeline
- CustomsAccountCreation - Class in com.mozilla.secops.customs
-
Abusive account creation from a single source address
- CustomsAccountCreation(Customs.CustomsOptions) - Constructor for class com.mozilla.secops.customs.CustomsAccountCreation
-
Create new CustomsAccountCreation
- CustomsAccountCreationDist - Class in com.mozilla.secops.customs
-
Abusive distributed account creation
- CustomsAccountCreationDist(Customs.CustomsOptions) - Constructor for class com.mozilla.secops.customs.CustomsAccountCreationDist
-
Create new CustomsAccountCreationDist
- CustomsAccountEnumeration - Class in com.mozilla.secops.customs
-
Detection of an ip attempting to enumerate FxA users through the account status endpoint.
- CustomsAccountEnumeration(Customs.CustomsOptions, PCollectionView<Map<String, Boolean>>) - Constructor for class com.mozilla.secops.customs.CustomsAccountEnumeration
-
Create new CustomsAccountEnumeration
- CustomsActivityForMonitoredAccounts - Class in com.mozilla.secops.customs
-
Customs activity monitor for specified accounts
- CustomsActivityForMonitoredAccounts(Customs.CustomsOptions) - Constructor for class com.mozilla.secops.customs.CustomsActivityForMonitoredAccounts
-
Initialize new CustomsActivityForMonitoredAccounts
- CustomsAlert - Class in com.mozilla.secops.customs
-
Alert format used for notifications to FxA
- CustomsAlert() - Constructor for class com.mozilla.secops.customs.CustomsAlert
-
- CustomsAlert.AlertAction - Enum in com.mozilla.secops.customs
-
Alert actions
- CustomsAlert.AlertSeverity - Enum in com.mozilla.secops.customs
-
Severity of a given alert
- CustomsAlert.IndicatorType - Enum in com.mozilla.secops.customs
-
Indicator types
- CustomsAtRiskAccountStateModel - Class in com.mozilla.secops.customs.CustomsAtRiskAccountState
-
Describes state used by CustomsLoginFailureForAtRiskAccount
- CustomsAtRiskAccountStateModel() - Constructor for class com.mozilla.secops.customs.CustomsAtRiskAccountState.CustomsAtRiskAccountStateModel
-
- CustomsAtRiskAccountStateModel.ScannedByEntry - Class in com.mozilla.secops.customs.CustomsAtRiskAccountState
-
State model entry for at risk account
- CustomsFeatures - Class in com.mozilla.secops.customs
-
CustomsFeatures describes the output of windowed feature extraction
- CustomsFeaturesCombineFn() - Constructor for class com.mozilla.secops.customs.CustomsFeaturesCombiner.CustomsFeaturesCombineFn
-
- CustomsFeaturesCombiner - Class in com.mozilla.secops.customs
-
Combines windowed key/value collections into a collection of
CustomsFeatures
- CustomsFeaturesCombiner() - Constructor for class com.mozilla.secops.customs.CustomsFeaturesCombiner
-
- CustomsFeaturesCombiner.CustomsFeaturesCombineFn - Class in com.mozilla.secops.customs
-
- CustomsLoginFailureForAtRiskAccount - Class in com.mozilla.secops.customs
-
Flag failed logins to potentially at risk accounts.
- CustomsLoginFailureForAtRiskAccount(Customs.CustomsOptions) - Constructor for class com.mozilla.secops.customs.CustomsLoginFailureForAtRiskAccount
-
Create new CustomsLoginFailureForAtRiskAccount
- CustomsNotification - Class in com.mozilla.secops.customs
-
Convert
Alert
objects generated by pipeline to
CustomsAlert
and submit them over
Pubsub.
- CustomsNotification(Customs.CustomsOptions) - Constructor for class com.mozilla.secops.customs.CustomsNotification
-
Initialize new CustomsNotification
- CustomsPasswordResetAbuse - Class in com.mozilla.secops.customs
-
Abuse of FxA password reset endpoints from a single source address
- CustomsPasswordResetAbuse(Customs.CustomsOptions) - Constructor for class com.mozilla.secops.customs.CustomsPasswordResetAbuse
-
Initialize new CustomsPasswordResetAbuse
- CustomsPreFilter - Class in com.mozilla.secops.customs
-
Basic filtering of ingested events prior to analysis application
- CustomsPreFilter() - Constructor for class com.mozilla.secops.customs.CustomsPreFilter
-
- CustomsStatusComparator - Class in com.mozilla.secops.customs
-
Customs status check comparator
- CustomsStatusComparator(Customs.CustomsOptions) - Constructor for class com.mozilla.secops.customs.CustomsStatusComparator
-
Initialize new CustomsStatusComparator
- CustomsSummary(Customs.CustomsOptions) - Constructor for class com.mozilla.secops.customs.Customs.CustomsSummary
-
Initialize new CustomsSummary
- CustomsUtil - Class in com.mozilla.secops.customs
-
Utility functions for working with
FxaAuth
events in customs
- CustomsUtil() - Constructor for class com.mozilla.secops.customs.CustomsUtil
-
- CustomsVelocity - Class in com.mozilla.secops.customs
-
Customs location velocity analysis
- CustomsVelocity(Customs.CustomsOptions) - Constructor for class com.mozilla.secops.customs.CustomsVelocity
-
Initialize new CustomsVelocity
- CustomsWindow - Class in com.mozilla.secops.customs
-
Helper class for windowing functions in the Customs pipeline.
- CustomsWindow() - Constructor for class com.mozilla.secops.customs.CustomsWindow
-
- CustomsWindow.FixedTenMinutes - Class in com.mozilla.secops.customs
-
Transform to create a fixed ten minute window with early firings.
- GatekeeperParser - Class in com.mozilla.secops.gatekeeper
-
- GatekeeperParser() - Constructor for class com.mozilla.secops.gatekeeper.GatekeeperParser
-
- GatekeeperParser.Parse - Class in com.mozilla.secops.gatekeeper
-
Composite transform to parse a
PCollection
containing events as strings and emit a
PCollection
of
Event
objects.
- GatekeeperPipeline - Class in com.mozilla.secops.gatekeeper
-
GatekeeperPipeline
describes and implements a Beam pipeline for analysis of AWS GuardDuty
and GCP Event Threat Detection Findings
- GatekeeperPipeline() - Constructor for class com.mozilla.secops.gatekeeper.GatekeeperPipeline
-
- GatekeeperPipeline.GatekeeperOptions - Interface in com.mozilla.secops.gatekeeper
-
- GcpAudit - Class in com.mozilla.secops.parser
-
Payload parser for GCP audit log data.
- GcpAudit() - Constructor for class com.mozilla.secops.parser.GcpAudit
-
Construct matcher object.
- GcpAudit(String, Event, ParserState) - Constructor for class com.mozilla.secops.parser.GcpAudit
-
Construct parser object.
- GcpVpcFlow - Class in com.mozilla.secops.parser
-
Payload parser for GCP VPC flow logs
- GcpVpcFlow() - Constructor for class com.mozilla.secops.parser.GcpVpcFlow
-
Construct matcher object.
- GcpVpcFlow(String, Event, ParserState) - Constructor for class com.mozilla.secops.parser.GcpVpcFlow
-
Construct parser object.
- GcpVpcFlow - Class in com.mozilla.secops.parser.models.gcpvpcflow
-
JSON model for GCP VPC flow events
- GcpVpcFlow() - Constructor for class com.mozilla.secops.parser.models.gcpvpcflow.GcpVpcFlow
-
- GcpVpcFlow.Connection - Class in com.mozilla.secops.parser.models.gcpvpcflow
-
Connection details
- GcpVpcFlow.Instance - Class in com.mozilla.secops.parser.models.gcpvpcflow
-
Instance details
- GcsUtil - Class in com.mozilla.secops
-
Utilities for requesting content from Google Cloud Storage
- GenerateETDAlerts(ETDTransforms.Options) - Constructor for class com.mozilla.secops.gatekeeper.ETDTransforms.GenerateETDAlerts
-
static initializer for alert generation / escalation
- GenerateGDAlerts(GuardDutyTransforms.Options) - Constructor for class com.mozilla.secops.gatekeeper.GuardDutyTransforms.GenerateGDAlerts
-
static initializer for alert generation / escalation
- generateTemplateVariables() - Method in class com.mozilla.secops.alert.Alert
-
Return HashMap used by Freemarker to generate an HTML alert email
- GeoIP - Class in com.mozilla.secops.parser
-
GeoIP resolution
- GeoIP(String, String) - Constructor for class com.mozilla.secops.parser.GeoIP
-
Initialize new
GeoIP
, load databases from specified paths
- geoIp(String) - Method in class com.mozilla.secops.parser.Parser
-
Resolve GeoIP information from IP address string
- GeoIP.GeoIPData - Class in com.mozilla.secops.parser
-
Helper class for storing GeoIP related attributes, and for resolving the attributes according
to the resolution mode.
- GeoIP.GeoIPData.GeoResolutionMode - Enum in com.mozilla.secops.parser
-
The resolution mode for GeoIP attributes.
- GeoIPData() - Constructor for class com.mozilla.secops.parser.GeoIP.GeoIPData
-
- geoIpIsp(String) - Method in class com.mozilla.secops.parser.Parser
-
Resolve GeoIP ISP information from IP address string
- GeoUtil - Class in com.mozilla.secops
-
Geo math utilities
- GeoUtil() - Constructor for class com.mozilla.secops.GeoUtil
-
- geoVelocityAnalyzeLatest(Double) - Method in class com.mozilla.secops.authstate.AuthStateModel
-
Perform geo-velocity analysis using the latest entries in the model
- GeoVelocityResponse(Long, Double, Boolean) - Constructor for class com.mozilla.secops.authstate.AuthStateModel.GeoVelocityResponse
-
Create new GeoVelocityResponse
- get(String, StateCursor<AuthStateModel>, PruningStrategy) - Static method in class com.mozilla.secops.authstate.AuthStateModel
-
Retrieve state object for user
- get(String) - Method in class com.mozilla.secops.state.StateCursor
-
Get a value from state
- get(String) - Method in class com.mozilla.secops.state.StateOperation
-
Configure as a get operation
- getAccessKeyID() - Method in class com.mozilla.secops.parser.models.cloudtrail.CloudtrailEvent
-
- getAccessKeyId() - Method in class com.mozilla.secops.parser.models.cloudtrail.UserIdentity
-
- getAccount() - Method in class com.mozilla.secops.parser.models.cloudwatch.CloudWatchEvent
-
Get event AWS account id
- getAccountCreationDistributedDistanceRatio() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getAccountCreationDistributedThreshold() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getAccountCreationSuppressRecovery() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getAccountCreationThreshold() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getAccountEnumerationThreshold() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getAccountId() - Method in class com.mozilla.secops.parser.models.cloudtrail.UserIdentity
-
- getAccountMatchBanOnLogin() - Method in interface com.mozilla.secops.amo.Amo.AmoOptions
-
- getActivityMonitorAccountPath() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getAdditionalEventData() - Method in class com.mozilla.secops.parser.models.cloudtrail.CloudtrailEvent
-
- getAdditionalEventDataValue(String) - Method in class com.mozilla.secops.parser.models.cloudtrail.CloudtrailEvent
-
- getAddonGuid() - Method in class com.mozilla.secops.parser.AmoDocker
-
Get addon GUID
- getAddonId() - Method in class com.mozilla.secops.parser.AmoDocker
-
Get addon ID
- getAddonMatchCriteria() - Method in interface com.mozilla.secops.amo.Amo.AmoOptions
-
- getAddonMatchSuppressRecovery() - Method in interface com.mozilla.secops.amo.Amo.AmoOptions
-
- getAddonMultiIpLoginAggressiveMatcher() - Method in interface com.mozilla.secops.amo.Amo.AmoOptions
-
- getAddonMultiIpLoginAlertExceptions() - Method in interface com.mozilla.secops.amo.Amo.AmoOptions
-
- getAddonMultiIpLoginAlertOn() - Method in interface com.mozilla.secops.amo.Amo.AmoOptions
-
- getAddonMultiIpLoginAlertOnIp() - Method in interface com.mozilla.secops.amo.Amo.AmoOptions
-
- getAddonMultiIpLoginSuppressRecovery() - Method in interface com.mozilla.secops.amo.Amo.AmoOptions
-
- getAddonMultiMatchAlertOn() - Method in interface com.mozilla.secops.amo.Amo.AmoOptions
-
- getAddonMultiMatchSuppressRecovery() - Method in interface com.mozilla.secops.amo.Amo.AmoOptions
-
- getAddonMultiSubmitAlertOn() - Method in interface com.mozilla.secops.amo.Amo.AmoOptions
-
- getAddonMultiSubmitSuppressRecovery() - Method in interface com.mozilla.secops.amo.Amo.AmoOptions
-
- getAddonVersion() - Method in class com.mozilla.secops.parser.AmoDocker
-
Get addon version
- getAgent() - Method in class com.mozilla.secops.parser.models.fxaauth.FxaAuth
-
Get agent
- getAlert() - Method in class com.mozilla.secops.identity.Identity
-
Get alerting preferences for identity
- getAlert() - Method in class com.mozilla.secops.parser.Alert
-
Get alert object
- getAlertConfiguration() - Method in class com.mozilla.secops.alert.AlertIO.Write
-
Get alert configuration in transform
- getAlertId() - Method in class com.mozilla.secops.alert.Alert
-
Returns unique alert ID for this alert.
- getAlertStateDatastoreKind() - Method in interface com.mozilla.secops.OutputOptions
-
- getAlertStateDatastoreNamespace() - Method in interface com.mozilla.secops.OutputOptions
-
- getAlertStateMemcachedHost() - Method in interface com.mozilla.secops.OutputOptions
-
- getAlertStateMemcachedPort() - Method in interface com.mozilla.secops.OutputOptions
-
- getAlertSummaryAnalysisThresholds() - Method in interface com.mozilla.secops.postprocessing.PostProcessing.PostProcessingOptions
-
- getAlertSuppressionDurationSeconds() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getAlertSuppressionDurationSeconds() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get duration to suppress alerts (when using session windows)
- getAlertSuppressionSeconds() - Method in interface com.mozilla.secops.gatekeeper.ETDTransforms.Options
-
- getAlertSuppressionSeconds() - Method in interface com.mozilla.secops.gatekeeper.GuardDutyTransforms.Options
-
- getAliasAbuseMaxAliases() - Method in interface com.mozilla.secops.amo.Amo.AmoOptions
-
- getAliasAbuseSuppressRecovery() - Method in interface com.mozilla.secops.amo.Amo.AmoOptions
-
- getAliases() - Method in class com.mozilla.secops.identity.Identity
-
Get username aliases for identity
- getAll() - Method in class com.mozilla.secops.state.StateCursor
-
Get all values from state
- getAll() - Method in class com.mozilla.secops.state.StateOperation
-
Configure as a get all operation
- getAlternateCritSlackEscalation() - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- getAnalysisThresholdModifier() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getAnalysisThresholdModifier() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get analysis threshold modifier
- getApiVersion() - Method in class com.mozilla.secops.parser.models.taskcluster.Taskcluster
-
Get api version
- getArn() - Method in class com.mozilla.secops.parser.models.cloudtrail.UserIdentity
-
- getAsn() - Method in class com.mozilla.secops.SourceCorrelation.SourceData
-
Get ASN
- getAssociatedKey(AlertMeta.Key.AssociatedKey) - Method in enum com.mozilla.secops.alert.AlertMeta.Key
-
Obtain given associated key type
- getAttributes() - Method in class com.mozilla.secops.parser.models.cloudtrail.SessionContext
-
- getAuditType() - Method in class com.mozilla.secops.parser.BmoAudit
-
Get audito event type
- getAuth0ClientIds() - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- getAuthenticated() - Method in class com.mozilla.secops.parser.models.taskcluster.Taskcluster
-
Get authenticated
- getAuthMethod() - Method in class com.mozilla.secops.parser.OpenSSH
-
Get authentication method
- getAwsAccountMap() - Method in class com.mozilla.secops.identity.IdentityManager
-
Get AWS account map
- getAwsAssumeRoleCorrelatorSessionGapDurationSeconds() - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- getAwsRegion() - Method in class com.mozilla.secops.parser.models.cloudtrail.CloudtrailEvent
-
- getBanPatternSuppressRecovery() - Method in interface com.mozilla.secops.amo.Amo.AmoOptions
-
- getBytes() - Method in class com.mozilla.secops.parser.AmoDocker
-
Get bytes
- getBytesSent() - Method in class com.mozilla.secops.parser.GcpVpcFlow
-
Get bytes sent
- getBytesSent() - Method in class com.mozilla.secops.parser.models.gcpvpcflow.GcpVpcFlow
-
Get bytes sent
- getBytesSent() - Method in class com.mozilla.secops.parser.models.nginxstackdriver.NginxStackdriverVariant1
-
Get bytes_sent
- getBytesSent() - Method in class com.mozilla.secops.parser.models.nginxstackdriver.NginxStackdriverVariant2
-
Get bytes_sent
- getCache() - Method in class com.mozilla.secops.input.Input
-
Request input collection cache
- getCallerIp() - Method in class com.mozilla.secops.parser.GcpAudit
-
Get caller IP address
- getCallerIpCity() - Method in class com.mozilla.secops.parser.GcpAudit
-
Get caller IP city
- getCallerIpCountry() - Method in class com.mozilla.secops.parser.GcpAudit
-
Get caller IP country
- getCategory() - Method in class com.mozilla.secops.alert.Alert
-
Get alert category
- getCidrExclusionList() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getCidrExclusionList() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get CIDR exclusion list path
- getCity() - Method in class com.mozilla.secops.SourceCorrelation.SourceData
-
Get city
- getClampThresholdMaximum() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getClampThresholdMaximum() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get clamp threshold maximum
- getClientAddress() - Method in class com.mozilla.secops.parser.models.fxacontent.FxaContent
-
Get client address
- getClientId() - Method in class com.mozilla.secops.parser.models.auth0.LogEvent
-
Getter for the application's client id related to this event.
- getClientId() - Method in class com.mozilla.secops.parser.models.taskcluster.Taskcluster
-
Get client ID
- getClientName() - Method in class com.mozilla.secops.parser.models.auth0.LogEvent
-
Getter for the application's client name related to this event.
- getCloudtrailMatcherManagerPath() - Method in interface com.mozilla.secops.awsbehavior.AwsBehavior.AwsBehaviorOptions
-
- getCode() - Method in class com.mozilla.secops.parser.models.nginxstackdriver.NginxStackdriverVariant2
-
Get code
- getConfidence() - Method in class com.mozilla.secops.customs.CustomsAlert
-
Get confidence
- getConfigurationMap() - Method in class com.mozilla.secops.parser.CfgTick
-
Get configuration map
- getConnection() - Method in class com.mozilla.secops.parser.models.gcpvpcflow.GcpVpcFlow
-
Get connection data
- getContactEmail() - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- getContentLength() - Method in class com.mozilla.secops.parser.models.fxacontent.FxaContent
-
Get ContentLength
- getContentServerVarianceMinClients() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getController() - Method in class com.mozilla.secops.parser.Phabricator
-
Get controller
- getCountry() - Method in class com.mozilla.secops.SourceCorrelation.SourceData
-
Get country
- getCreatedBy() - Method in class com.mozilla.secops.IprepdIO.ExemptedObject
-
Get created by value
- getCreatedBy() - Method in class com.mozilla.secops.Watchlist.WatchlistEntry
-
Get created by value
- getCriticalNotificationEmail() - Method in interface com.mozilla.secops.OutputOptions
-
- getCriticalSeverityEmail() - Method in interface com.mozilla.secops.postprocessing.PostProcessing.PostProcessingOptions
-
- getCritObjects() - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- getCurrentSource() - Method in class com.mozilla.secops.authstate.AuthStateModel.GeoVelocityResponse
-
Get current source address
- getCustomerOrganizationNumber() - Method in class com.mozilla.secops.parser.models.etd.SourceId
-
Get GCP org number
- getCustomMetadataValue(String) - Method in class com.mozilla.secops.alert.Alert
-
Return a custom metadata value
- getCustomsNotificationTopic() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getData() - Method in class com.mozilla.secops.parser.Payload
-
Get payload data
- getDatastoreKind() - Method in class com.mozilla.secops.alert.AlertConfiguration
-
Get datastore kind
- getDatastoreKind() - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- getDatastoreNamespace() - Method in class com.mozilla.secops.alert.AlertConfiguration
-
Get datastore namespace
- getDatastoreNamespace() - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- getDatastoreNamespace() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getDate() - Method in class com.mozilla.secops.parser.models.auth0.LogEvent
-
Getter for the date of this event.
- getDecayAfter() - Method in class com.mozilla.secops.parser.IPrepdLog
-
Get decay after - time when reputation begins to heal
- getDeferGeoIpResolution() - Method in interface com.mozilla.secops.InputOptions
-
- getDeferGeoIpResolution() - Method in class com.mozilla.secops.parser.ParserCfg
-
Get defer GeoIP resolution setting
- getDescription() - Method in class com.mozilla.secops.awsbehavior.CloudtrailMatcher
-
- getDestIp() - Method in class com.mozilla.secops.parser.GcpVpcFlow
-
Get destination IP
- getDestIp() - Method in class com.mozilla.secops.parser.models.gcpvpcflow.GcpVpcFlow.Connection
-
Get destination IP
- getDestPort() - Method in class com.mozilla.secops.parser.GcpVpcFlow
-
Get destination port
- getDestPort() - Method in class com.mozilla.secops.parser.models.gcpvpcflow.GcpVpcFlow.Connection
-
Get destination port
- getDetail() - Method in class com.mozilla.secops.parser.models.cloudwatch.CloudWatchEvent
-
Get event detail
- getDetails() - Method in class com.mozilla.secops.customs.CustomsAlert
-
Get details map
- getDetails() - Method in class com.mozilla.secops.parser.models.auth0.LogEvent
-
Getter for the details object.
- getDetailType() - Method in class com.mozilla.secops.parser.models.cloudwatch.CloudWatchEvent
-
Get event detail type, e.g.
- getDetectionCategory() - Method in class com.mozilla.secops.parser.models.etd.EventThreatDetectionFinding
-
Get event detection category object
- getDetectionPriority() - Method in class com.mozilla.secops.parser.models.etd.EventThreatDetectionFinding
-
Get event detection priority / severity
- getDisableCloudwatchStrip() - Method in interface com.mozilla.secops.InputOptions
-
- getDisableCloudwatchStrip() - Method in class com.mozilla.secops.parser.ParserCfg
-
Get disable Cloudwatch strip flag
- getDisableMozlogStrip() - Method in interface com.mozilla.secops.InputOptions
-
- getDisableMozlogStrip() - Method in class com.mozilla.secops.parser.ParserCfg
-
Get disable Mozlog strip flag
- getDocLink() - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- getDomain() - Method in class com.mozilla.secops.parser.models.etd.Properties
-
Get domain list
- getDuopullData() - Method in class com.mozilla.secops.parser.Duopull
-
Fetch parsed duopull data
- getDuration() - Method in class com.mozilla.secops.parser.models.taskcluster.Taskcluster
-
Get duration
- getEmail() - Method in class com.mozilla.secops.identity.NotificationPreferences
-
Return the email specified
- getEmail() - Method in class com.mozilla.secops.parser.models.amo.Amo
-
Get email
- getEmail() - Method in class com.mozilla.secops.parser.models.fxaauth.FxaAuth
-
Get email
- getEmailCatchall() - Method in class com.mozilla.secops.alert.AlertConfiguration
-
Get email catchall address
- getEmailFrom() - Method in class com.mozilla.secops.alert.AlertConfiguration
-
Get email from address
- getEmailTemplate() - Method in class com.mozilla.secops.alert.Alert
-
Get email template name
- getEmailToUserIdMapping() - Method in class com.mozilla.secops.slack.SlackManager
-
Get map where the key is user's emails and the corresponding value is their slack id.
- getEmptyView(Pipeline) - Static method in class com.mozilla.secops.customs.ContentServerVarianceDetector
-
Return an empty variance view, suitable as a placeholder if variance detection is not desired
- getEmptyView(Pipeline) - Static method in class com.mozilla.secops.DetectNat
-
Return an empty NAT view, suitable as a placeholder if NAT detection is not desired
- getEnableAccountCreationAbuseDetector() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getEnableAccountEnumerationDetector() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getEnableActivityMonitor() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getEnableAlertSummaryAnalysis() - Method in interface com.mozilla.secops.postprocessing.PostProcessing.PostProcessingOptions
-
- getEnableAwsAssumeRoleCorrelator() - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- getEnableContentServerVarianceDetection() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getEnableCritObjectAnalysis() - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- getEnableEndpointAbuseAnalysis() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getEnableEndpointAbuseAnalysis() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get endpoint abuse analysis setting
- getEnableEndpointSequenceAbuseAnalysis() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getEnableEndpointSequenceAbuseAnalysis() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get endpoint abuse analysis setting
- getEnableErrorRateAnalysis() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getEnableErrorRateAnalysis() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get error rate analysis setting
- getEnableETD() - Method in interface com.mozilla.secops.gatekeeper.GatekeeperPipeline.GatekeeperOptions
-
- getEnableGD() - Method in interface com.mozilla.secops.gatekeeper.GatekeeperPipeline.GatekeeperOptions
-
- getEnableHardLimitAnalysis() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getEnableHardLimitAnalysis() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get hard limit analysis setting
- getEnableLoginFailureAtRiskAccount() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getEnableNatDetection() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get enable NAT detection setting
- getEnablePasswordResetAbuseDetector() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getEnablePerEndpointErrorRateAnalysis() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getEnablePerEndpointErrorRateAnalysis() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get enable per endpoint error rate analysis setting
- getEnablePrivateRelayForward() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getEnableSessionLimitAnalysis() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getEnableSessionLimitAnalysis() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get enable session limit analysis setting
- getEnableSourceCorrelator() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getEnableSourceCorrelator() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get enable source correlator
- getEnableSourceLoginFailureDetector() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getEnableStateAnalysis() - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- getEnableStatusCodeRateAnalysis() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getEnableStatusCodeRateAnalysis() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get status code rate analysis setting
- getEnableStatusComparator() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getEnableSummaryAnalysis() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getEnableThresholdAnalysis() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getEnableThresholdAnalysis() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get threshold analysis setting
- getEnableUserAgentBlocklistAnalysis() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getEnableUserAgentBlocklistAnalysis() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get user agent blocklist analysis setting
- getEnableVelocityDetector() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getEnableVelocityDetectorMonitorOnly() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getEnableWatchlistAnalysis() - Method in interface com.mozilla.secops.postprocessing.PostProcessing.PostProcessingOptions
-
- getEndpointAbuseCustomVarianceSubstrings() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getEndpointAbuseCustomVarianceSubstrings() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get endpoint abuse custom variance substrings
- getEndpointAbuseExtendedVariance() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getEndpointAbuseExtendedVariance() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get endpoint abuse extended variance
- getEndpointAbusePath() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getEndpointAbusePath() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get endpoint abuse path
- getEndpointAbuseSuppressRecovery() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getEndpointAbuseSuppressRecovery() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get endpoint abuse suppress recovery
- getEndpointSequenceAbusePatterns() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getEndpointSequenceAbusePatterns() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get endpoint abuse path
- getEndpointSequenceAbuseSuppressRecovery() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getEndpointSequenceAbuseSuppressRecovery() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get endpoint abuse timing suppress recovery
- getEntries() - Method in class com.mozilla.secops.authstate.AuthStateModel
-
Get entries associated with model
- getErrno() - Method in class com.mozilla.secops.parser.models.fxaauth.FxaAuth
-
Get errno
- getErrorCode() - Method in class com.mozilla.secops.parser.models.cloudtrail.CloudtrailEvent
-
- getErrorMessage() - Method in class com.mozilla.secops.parser.models.cloudtrail.CloudtrailEvent
-
- getErrorSessionGapDurationMinutes() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getErrorSessionGapDurationMinutes() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get session gap duration for session windows of only error events
- getEscalateAccountCreation() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getEscalateAccountCreationDistributed() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getEscalateAccountEnumerationDetector() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getEscalateLoginFailureAtRiskAccount() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getEscalatePasswordResetAbuse() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getEscalateSourceLoginFailure() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getEscalateSourceLoginFailureDistributed() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getEscalateStatusComparator() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getEscalateTo() - Method in class com.mozilla.secops.identity.Identity
-
Get escalate to email address
- getEscalateVelocity() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getEventAction() - Method in class com.mozilla.secops.parser.models.duopull.Duopull
-
Get event action
- getEventDescriptionIpAddress() - Method in class com.mozilla.secops.parser.models.duopull.Duopull
-
Get event description ip address
- getEventDescriptionObject() - Method in class com.mozilla.secops.parser.models.duopull.Duopull
-
Get event object
- getEventDescriptionUserId() - Method in class com.mozilla.secops.parser.models.duopull.Duopull
-
Get event description user ID
- getEventFactor() - Method in class com.mozilla.secops.parser.models.duopull.Duopull
-
Get event factor
- getEventFilter() - Method in class com.mozilla.secops.input.InputElement
-
Get event filter
- getEventID() - Method in class com.mozilla.secops.parser.Cloudtrail
-
Returns the event id of the cloudtrail event
- getEventId() - Method in class com.mozilla.secops.parser.Event
-
Get unique event ID.
- getEventID() - Method in class com.mozilla.secops.parser.models.cloudtrail.CloudtrailEvent
-
- getEventMatchers() - Method in class com.mozilla.secops.awsbehavior.CloudtrailMatcherManager
-
- getEventName() - Method in class com.mozilla.secops.parser.models.cloudtrail.CloudtrailEvent
-
- getEventReason() - Method in class com.mozilla.secops.parser.models.duopull.Duopull
-
Get event reason
- getEventResult() - Method in class com.mozilla.secops.parser.models.duopull.Duopull
-
Get event result
- getEvents() - Method in class com.mozilla.secops.customs.CustomsFeatures
-
Get event list
- getEventsOfType(FxaAuth.EventSummary) - Method in class com.mozilla.secops.customs.CustomsFeatures
-
Get all events from event list of a certain type
- getEventSource() - Method in class com.mozilla.secops.parser.models.cloudtrail.CloudtrailEvent
-
- getEventSummary() - Method in class com.mozilla.secops.parser.FxaAuth
-
Get event summary
- getEventTime() - Method in class com.mozilla.secops.parser.models.cloudtrail.CloudtrailEvent
-
- getEventTime() - Method in class com.mozilla.secops.parser.models.etd.EventThreatDetectionFinding
-
Get event time
- getEventTimestamp() - Method in class com.mozilla.secops.parser.models.duopull.Duopull
-
Get event timestamp
- getEventType() - Method in class com.mozilla.secops.parser.AmoDocker
-
Get event type
- getEventType() - Method in class com.mozilla.secops.parser.models.cloudtrail.CloudtrailEvent
-
- getEventType() - Method in class com.mozilla.secops.parser.PrivateRelay
-
Get event type
- getEventUsername() - Method in class com.mozilla.secops.parser.models.duopull.Duopull
-
Get event username
- getEventVersion() - Method in class com.mozilla.secops.parser.models.cloudtrail.CloudtrailEvent
-
- getEvidence() - Method in class com.mozilla.secops.parser.models.etd.EventThreatDetectionFinding
-
Get evidence object
- getException() - Method in class com.mozilla.secops.parser.IPrepdLog
-
Get whether an object is an exception or not
- getExceptRules() - Method in class com.mozilla.secops.parser.EventFilterRule
-
Get except rules
- getExfiltrationThresholdBytes() - Method in interface com.mozilla.secops.pioneer.Pioneer.PioneerOptions
-
- getExfiltrationThresholdSeconds() - Method in interface com.mozilla.secops.pioneer.Pioneer.PioneerOptions
-
- getExpires() - Method in class com.mozilla.secops.parser.models.taskcluster.Taskcluster
-
Get expires
- getExpiresAt() - Method in class com.mozilla.secops.IprepdIO.ExemptedObject
-
Get expires at
- getExpiresAt() - Method in class com.mozilla.secops.Watchlist.WatchlistEntry
-
Get expires at
- getFields() - Method in class com.mozilla.secops.awsbehavior.CloudtrailMatcher
-
- getFields() - Method in class com.mozilla.secops.parser.Mozlog
-
Get fields
- getFieldsAsJson(ObjectMapper) - Method in class com.mozilla.secops.parser.Mozlog
-
Get fields as JSON string
- getFileInputs() - Method in class com.mozilla.secops.input.InputElement
-
Get file inputs
- getFileName() - Method in class com.mozilla.secops.parser.AmoDocker
-
Get file name
- getFilterRequestPath() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getFilterRequestPath() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get filter request path
- getFinding() - Method in class com.mozilla.secops.parser.ETDBeta
-
Get underlying EventThreatDetectionFinding model
- getFinding() - Method in class com.mozilla.secops.parser.GuardDuty
-
Get underlying GuardDuty Finding
- getFromApi() - Method in class com.mozilla.secops.parser.AmoDocker
-
Get API submission flag
- getFromApi() - Method in class com.mozilla.secops.parser.models.amo.Amo
-
Get from API flag
- getFunction() - Method in class com.mozilla.secops.parser.Phabricator
-
Get function
- getFxaAuthData() - Method in class com.mozilla.secops.parser.FxaAuth
-
Fetch parsed FxA auth data
- getFxaContentData() - Method in class com.mozilla.secops.parser.FxaContent
-
Fetch parsed FxA content data
- getFxaEmail() - Method in class com.mozilla.secops.parser.AmoDocker
-
Get FxA profile email
- getGcpProject() - Method in class com.mozilla.secops.alert.AlertConfiguration
-
Get GCP project name
- getGcsTemplateBasePath() - Method in class com.mozilla.secops.alert.AlertConfiguration
-
Get gcs template base path
- getGenerateConfigurationTicksInterval() - Method in interface com.mozilla.secops.InputOptions
-
- getGenerateConfigurationTicksMaximum() - Method in interface com.mozilla.secops.InputOptions
-
- getGuarddutyConfigPath() - Method in interface com.mozilla.secops.gatekeeper.GuardDutyTransforms.Options
-
- getGuid() - Method in class com.mozilla.secops.parser.models.amo.Amo
-
Get GUID
- getHardLimitRequestCount() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getHardLimitRequestCount() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get hard limit request count
- getHeuristic() - Method in class com.mozilla.secops.customs.CustomsAlert
-
Get heuristic
- getHeuristicDescription() - Method in class com.mozilla.secops.customs.CustomsAlert
-
Get heuristic description
- getHigh() - Method in class com.mozilla.secops.parser.EventFilterPayloadRange
-
Get high value
- getHighETDFindingRuleRegex() - Method in interface com.mozilla.secops.gatekeeper.ETDTransforms.Options
-
- getHighSeverityMatchers() - Method in class com.mozilla.secops.gatekeeper.GuardDutyConfig
-
Get high severity finding matchers
- getHostname() - Method in class com.mozilla.secops.parser.Mozlog
-
Get hostname
- getId() - Method in class com.mozilla.secops.customs.CustomsAlert
-
Get UUID
- getId() - Method in class com.mozilla.secops.parser.models.auth0.LogEvent
-
Getter for the id of this event.
- getId() - Method in class com.mozilla.secops.parser.models.cloudwatch.CloudWatchEvent
-
Get event id
- getId() - Method in class com.mozilla.secops.state.StateOperation
-
Get operation ID
- getIdentities() - Method in class com.mozilla.secops.identity.IdentityManager
-
Get all known identities
- getIdentity(String) - Method in class com.mozilla.secops.identity.IdentityManager
-
Get specific identity
- getIdentityManager(String) - Static method in class com.mozilla.secops.authprofile.AuthProfile
-
Load a process shared version of the identity manager
- getIdentityManager() - Method in class com.mozilla.secops.parser.Parser
-
Get any configured identity manager from the parser
- getIdentityManagerPath() - Method in interface com.mozilla.secops.awsbehavior.AwsBehavior.AwsBehaviorOptions
-
- getIdentityManagerPath() - Method in interface com.mozilla.secops.InputOptions
-
- getIdentityManagerPath() - Method in class com.mozilla.secops.parser.ParserCfg
-
Get IdentityManager json file path
- getIdentityName() - Method in class com.mozilla.secops.parser.models.cloudtrail.CloudtrailEvent
-
Get the identity name depending on the user type
- getIgnoreCloudProviderRequests() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getIgnoreCloudProviderRequests() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get ignore cloud provider requests
- getIgnoreETDFindingRuleRegex() - Method in interface com.mozilla.secops.gatekeeper.ETDTransforms.Options
-
- getIgnoreInternalRequests() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getIgnoreInternalRequests() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get ignore internal requests
- getIgnoreMatchers() - Method in class com.mozilla.secops.gatekeeper.GuardDutyConfig
-
Get ignore finding matchers
- getIgnoreUnknownIdentities() - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- getIgnoreUserRegex() - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- getIncludeUrlHostRegex() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getIncludeUrlHostRegex() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get include URL host regex
- getIndicator() - Method in class com.mozilla.secops.customs.CustomsAlert
-
Get indicator
- getIndicator() - Method in class com.mozilla.secops.parser.models.etd.DetectionCategory
-
Get indicator
- getIndicatorType() - Method in class com.mozilla.secops.customs.CustomsAlert
-
Get indicator type
- getInput(Pipeline, HTTPRequest.HTTPRequestOptions) - Static method in class com.mozilla.secops.httprequest.HTTPRequest
-
Given HTTPRequest pipeline options, return a configured
Input
class
- getInput() - Method in class com.mozilla.secops.httprequest.HTTPRequestMultiMode
-
Get input configuration
- getInputElementByName(String) - Method in class com.mozilla.secops.input.Input
-
Get an input element by name
- getInputElements() - Method in class com.mozilla.secops.input.Input
-
Get input elements
- getInputFile() - Method in interface com.mozilla.secops.InputOptions
-
- getInputIprepd() - Method in interface com.mozilla.secops.InputOptions
-
- getInputKinesis() - Method in interface com.mozilla.secops.InputOptions
-
- getInputPubsub() - Method in interface com.mozilla.secops.InputOptions
-
- getInsertId() - Method in class com.mozilla.secops.parser.models.etd.SourceLogId
-
Get insert id
- getInsights(String, String) - Method in class com.mozilla.secops.Minfraud
-
Get Insights response from Minfraud using an IP address and an optional email address
- getIntegerMatchers() - Method in class com.mozilla.secops.parser.EventFilterPayload
-
Get configured integer matchers
- getIntegerRangeMatchers() - Method in class com.mozilla.secops.parser.EventFilterPayload
-
Get configured integer range matchers
- getInvokedBy() - Method in class com.mozilla.secops.parser.models.cloudtrail.UserIdentity
-
- getIp() - Method in class com.mozilla.secops.IprepdIO.ExemptedObject
-
Get IP string
- getIP() - Method in class com.mozilla.secops.parser.models.auth0.LogEvent
-
Getter for the IP address related to this event.
- getIp() - Method in class com.mozilla.secops.parser.models.etd.Properties
-
Get IP
- getIpAddress() - Method in class com.mozilla.secops.customs.CustomsAtRiskAccountState.CustomsAtRiskAccountStateModel.ScannedByEntry
-
Get IP address of entry
- getIprepdSpecs() - Method in class com.mozilla.secops.IprepdIO.Write
-
Get iprepd specs
- getIsp() - Method in class com.mozilla.secops.SourceCorrelation.SourceData
-
Get ISP
- getIsPublic() - Method in class com.mozilla.secops.parser.models.taskcluster.Taskcluster
-
Get isPublic
- getIsSensitive() - Method in enum com.mozilla.secops.alert.AlertMeta.Key
-
Return if key is considered sensitive
- getKey() - Method in class com.mozilla.secops.alert.AlertMeta
-
Get metadata key
- getKey() - Method in enum com.mozilla.secops.alert.AlertMeta.Key
-
Return the string that will be used as the metadata key
- getKey() - Method in class com.mozilla.secops.state.StateOperation
-
Get key
- getKeys() - Method in class com.mozilla.secops.parser.models.fxaauth.FxaAuth
-
Get keys
- getKinesisInputs() - Method in class com.mozilla.secops.input.InputElement
-
Get Kinesis inputs
- getKmDistance() - Method in class com.mozilla.secops.authstate.AuthStateModel.GeoVelocityResponse
-
Get distance between points in KM
- getKnownGatewaysPath() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getKnownGatewaysPath() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get path to list of inital nat gateways
- getLang() - Method in class com.mozilla.secops.parser.models.fxaauth.FxaAuth
-
Get lang
- getLatestTimestamp(Iterable<Event>) - Static method in class com.mozilla.secops.parser.Parser
-
Given an interable of events, return the latest timestamp
- getLatitude() - Method in class com.mozilla.secops.authstate.AuthStateModel.ModelEntry
-
Get model latitude field
- getLocation() - Method in class com.mozilla.secops.parser.models.etd.Properties
-
Get GCP location (analogous to AWS region)
- getLocationInfo() - Method in class com.mozilla.secops.parser.models.auth0.LogEvent
-
Getter for the location info object.
- getLogger() - Method in class com.mozilla.secops.parser.Mozlog
-
Get logger value
- getLongitude() - Method in class com.mozilla.secops.authstate.AuthStateModel.ModelEntry
-
Get model longitude field
- getLow() - Method in class com.mozilla.secops.parser.EventFilterPayloadRange
-
Get low value
- getMatchAny() - Method in class com.mozilla.secops.parser.EventFilter
-
Get match any setting
- getMaxAllowableTimestampDifference() - Method in interface com.mozilla.secops.InputOptions
-
- getMaxClientErrorRate() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getMaxClientErrorRate() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get max client error rate
- getMaxClientStatusCodeRate() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getMaxClientStatusCodeRate() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get max client status code rate
- getMaximumKilometersFromLastLogin() - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- getMaximumKilometersPerHour() - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- getMaximumKilometersPerHour() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getMaximumKilometersPerHourMonitorOnly() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getMaxKmPerSecondExceeded() - Method in class com.mozilla.secops.authstate.AuthStateModel.GeoVelocityResponse
-
Return true if max KM/s was exceeded
- getMaxmindAccountId() - Method in interface com.mozilla.secops.InputOptions
-
- getMaxmindCityDbPath() - Method in interface com.mozilla.secops.InputOptions
-
- getMaxmindCityDbPath() - Method in class com.mozilla.secops.parser.ParserCfg
-
Get Maxmind City database path
- getMaxmindIspDbPath() - Method in interface com.mozilla.secops.InputOptions
-
- getMaxmindIspDbPath() - Method in class com.mozilla.secops.parser.ParserCfg
-
Get Maxmind ISP database path
- getMaxmindLicenseKey() - Method in interface com.mozilla.secops.InputOptions
-
- getMaxTimestampDifference() - Method in class com.mozilla.secops.parser.ParserCfg
-
Get maximum allowable timestamp difference
- getMean() - Method in class com.mozilla.secops.Stats.StatsOutput
-
Get mean value of set
- getMemcachedHost() - Method in class com.mozilla.secops.alert.AlertConfiguration
-
Get memcached host
- getMemcachedHost() - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- getMemcachedHost() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getMemcachedPort() - Method in class com.mozilla.secops.alert.AlertConfiguration
-
Get memcached port
- getMemcachedPort() - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- getMemcachedPort() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getMetadata() - Method in class com.mozilla.secops.alert.Alert
-
Get alert metadata
- getMetadataValue(AlertMeta.Key) - Method in class com.mozilla.secops.alert.Alert
-
Return a specific metadata value
- getMethod() - Method in class com.mozilla.secops.identity.NotificationPreferences
-
Return the notification method specified
- getMethod() - Method in class com.mozilla.secops.parser.models.fxaauth.FxaAuth
-
Get method
- getMethod() - Method in class com.mozilla.secops.parser.models.fxacontent.FxaContent
-
Get Method
- getMethod() - Method in class com.mozilla.secops.parser.models.taskcluster.Taskcluster
-
Get method
- getMFAAuthenticated() - Method in class com.mozilla.secops.parser.models.cloudtrail.UserIdentity
-
- getMinimumDistanceForAlert() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getMinimumDistanceForAlertMonitorOnly() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getMonitoredResource() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get monitored resource
- getMonitoredResourceIndicator() - Method in interface com.mozilla.secops.OutputOptions
-
- getMozlog() - Method in class com.mozilla.secops.parser.Event
-
Get mozlog value
- getMsg() - Method in class com.mozilla.secops.parser.AmoDocker
-
Get msg
- getMsg() - Method in class com.mozilla.secops.parser.BmoAudit
-
Get msg
- getMsg() - Method in class com.mozilla.secops.parser.IPrepdLog
-
Get msg
- getMsg() - Method in class com.mozilla.secops.parser.models.amo.Amo
-
Get msg
- getMsg() - Method in class com.mozilla.secops.parser.models.duopull.Duopull
-
Get event msg
- getMsg() - Method in class com.mozilla.secops.parser.PrivateRelay
-
Get msg
- getName() - Method in class com.mozilla.secops.input.InputElement
-
Get element name
- getName() - Method in class com.mozilla.secops.parser.models.taskcluster.Taskcluster
-
Get name
- getNamedSubnets() - Method in class com.mozilla.secops.identity.IdentityManager
-
Get named subnets
- getNatDetection() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getNormalized() - Method in class com.mozilla.secops.parser.Event
-
Return normalized data set.
- getNotify() - Method in class com.mozilla.secops.identity.Identity
-
Get notification preferences for identity
- getNotifyMergeKey() - Method in class com.mozilla.secops.alert.Alert
-
Get alert merge key for notifications from metadata
- getNumericUserId() - Method in class com.mozilla.secops.parser.models.amo.Amo
-
Get numeric user ID
- getObject() - Method in class com.mozilla.secops.IprepdIO.ExemptedObject
-
Get object string
- getObject() - Method in class com.mozilla.secops.IprepdIO.ReputationValue
-
Get object field
- getObject() - Method in class com.mozilla.secops.parser.IPrepdLog
-
Get the object (i.e.
- getObject() - Method in class com.mozilla.secops.parser.Normalized
-
Get object field
- getObject() - Method in class com.mozilla.secops.Violation
-
Get object
- getObject() - Method in class com.mozilla.secops.Watchlist.WatchlistEntry
-
Get object string
- getObjectType() - Method in class com.mozilla.secops.parser.IPrepdLog
-
Get object type (i.e.
- getOp() - Method in class com.mozilla.secops.parser.models.fxaauth.FxaAuth
-
Get op
- getOperatingMode() - Method in class com.mozilla.secops.input.Input
-
Get operating mode
- getOperationType() - Method in class com.mozilla.secops.state.StateOperation
-
Get operation type
- getOriginalReputation() - Method in class com.mozilla.secops.parser.IPrepdLog
-
Get the original reputation of the object the violation was applied to
- getOutputAlertEmailCatchall() - Method in interface com.mozilla.secops.OutputOptions
-
- getOutputAlertEmailFrom() - Method in interface com.mozilla.secops.OutputOptions
-
- getOutputAlertGcsTemplateBasePath() - Method in interface com.mozilla.secops.OutputOptions
-
- getOutputAlertSlackCatchall() - Method in interface com.mozilla.secops.OutputOptions
-
- getOutputAlertSlackToken() - Method in interface com.mozilla.secops.OutputOptions
-
- getOutputAlertSmtpCredentials() - Method in interface com.mozilla.secops.OutputOptions
-
- getOutputAlertSmtpRelay() - Method in interface com.mozilla.secops.OutputOptions
-
- getOutputAlertTemplates() - Method in interface com.mozilla.secops.OutputOptions
-
- getOutputBigQuery() - Method in interface com.mozilla.secops.OutputOptions
-
- getOutputFile() - Method in interface com.mozilla.secops.OutputOptions
-
- getOutputId() - Method in class com.mozilla.secops.Stats.StatsOutput
-
Return unique output ID
- getOutputIprepd() - Method in interface com.mozilla.secops.OutputOptions
-
- getOutputIprepdDatastoreExemptionsProject() - Method in interface com.mozilla.secops.OutputOptions
-
- getOutputIprepdEnableDatastoreExemptions() - Method in interface com.mozilla.secops.OutputOptions
-
- getOutputPubsub() - Method in interface com.mozilla.secops.OutputOptions
-
- getOutputSqs() - Method in interface com.mozilla.secops.OutputOptions
-
- getParsedUrl() - Method in class com.mozilla.secops.parser.GLB
-
Get parsed URL object
- getParserConfiguration() - Method in class com.mozilla.secops.input.InputElement
-
Get parser configuration
- getParserFastMatcher() - Method in interface com.mozilla.secops.InputOptions
-
- getParserFastMatcher() - Method in class com.mozilla.secops.parser.ParserCfg
-
- getPasswordResetAbuseThreshold() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getPath() - Method in class com.mozilla.secops.parser.models.duopull.Duopull
-
Get event path
- getPath() - Method in class com.mozilla.secops.parser.models.fxaauth.FxaAuth
-
Get path
- getPath() - Method in class com.mozilla.secops.parser.models.fxacontent.FxaContent
-
Get Path
- getPath() - Method in class com.mozilla.secops.parser.Phabricator
-
Get path
- getPayload() - Method in class com.mozilla.secops.alert.Alert
-
Get alert payload
- getPayload() - Method in class com.mozilla.secops.parser.Event
-
Get event payload.
- getPayloadFilters() - Method in class com.mozilla.secops.parser.EventFilterPayloadOr
-
Get configured payload filters
- getPayloadFilters() - Method in class com.mozilla.secops.parser.EventFilterRule
-
Get payload filters
- getPayloadType() - Method in class com.mozilla.secops.parser.Event
-
Return the type of payload data associated with this event.
- getPayloadType() - Method in class com.mozilla.secops.parser.EventFilterPayload
-
Get payload filter
- getPerEndpointErrorRateAlertSuppressionDurationSeconds() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getPerEndpointErrorRateAlertSuppressionDurationSeconds() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get alert suppression duration for per endpoint error rate
- getPerEndpointErrorRateAnalysisSuppressRecovery() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getPerEndpointErrorRatePaths() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getPerEndpointErrorRatePaths() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get paths for per endpoint error rate analysis
- getPerEndpointErrorRateSuppressRecovery() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get paths for per endpoint error rate analysis
- getPid() - Method in class com.mozilla.secops.parser.Mozlog
-
Get pid
- getPipelineMultimodeConfiguration() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getPipelineVersion() - Method in interface com.mozilla.secops.InputOptions
-
- getPreviousSource() - Method in class com.mozilla.secops.authstate.AuthStateModel.GeoVelocityResponse
-
Get previous source address
- getPrincipalEmail() - Method in class com.mozilla.secops.parser.GcpAudit
-
Get principal email
- getPrincipalId() - Method in class com.mozilla.secops.parser.models.cloudtrail.UserIdentity
-
- getProject() - Method in class com.mozilla.secops.input.Input
-
Get project
- getProject() - Method in class com.mozilla.secops.IprepdIO.Write
-
Get project
- getProject_id() - Method in class com.mozilla.secops.parser.models.etd.Properties
-
Get GCP project id for ETD
- getProjectNumber() - Method in class com.mozilla.secops.parser.models.etd.SourceId
-
Get GCP project number for source of Finding
- getProperties() - Method in class com.mozilla.secops.parser.models.etd.EventThreatDetectionFinding
-
Get event detection properties object
- getPubsubInputs() - Method in class com.mozilla.secops.input.InputElement
-
Get Pubsub inputs
- getRaw() - Method in class com.mozilla.secops.parser.Raw
-
Get raw string
- getReader(String, String) - Static method in class com.mozilla.secops.IprepdIO
-
Return a new reader for reading reputation from iprepd
- getReadOnly() - Method in class com.mozilla.secops.parser.models.cloudtrail.CloudtrailEvent
-
- getRealAddress() - Method in class com.mozilla.secops.customs.PrivateRelayForward.PrivateRelayForwardState
-
Get real address
- getRealAddress() - Method in class com.mozilla.secops.parser.PrivateRelay
-
Get real address
- getReason() - Method in class com.mozilla.secops.customs.CustomsAlert
-
Get reason
- getRecipientAccountId() - Method in class com.mozilla.secops.parser.models.cloudtrail.CloudtrailEvent
-
- getReferenceID() - Method in class com.mozilla.secops.parser.Normalized
-
Get the reference ID (identifier from the event source)
- getReferer() - Method in class com.mozilla.secops.parser.models.fxacontent.FxaContent
-
Get referer
- getReferer() - Method in class com.mozilla.secops.parser.Phabricator
-
Get referer
- getReferrer() - Method in class com.mozilla.secops.parser.ApacheCombined
-
Get referrer
- getReferrer() - Method in class com.mozilla.secops.parser.models.nginxstackdriver.NginxStackdriverVariant1
-
Get referrer
- getReferrer() - Method in class com.mozilla.secops.parser.models.nginxstackdriver.NginxStackdriverVariant2
-
Get referrer
- getReferrer() - Method in class com.mozilla.secops.parser.Nginx
-
Get referrer
- getRegion() - Method in class com.mozilla.secops.parser.models.cloudwatch.CloudWatchEvent
-
Get event AWS region
- getRegisteredTemplates() - Method in class com.mozilla.secops.alert.AlertConfiguration
-
Return a list of registered templates
- getRelayAddress() - Method in class com.mozilla.secops.parser.PrivateRelay
-
Get relay address
- getRelayAddressId() - Method in class com.mozilla.secops.parser.PrivateRelay
-
Get relay address ID
- getRemoteAddr() - Method in class com.mozilla.secops.parser.models.nginxstackdriver.NginxStackdriverVariant1
-
Get remote_addr
- getRemoteAddressChain() - Method in class com.mozilla.secops.parser.models.amo.Amo
-
Get remoteAddressChain
- getRemoteAddressChain() - Method in class com.mozilla.secops.parser.models.fxaauth.FxaAuth
-
Get remote address chain
- getRemoteAddressChain() - Method in class com.mozilla.secops.parser.models.fxacontent.FxaContent
-
Get remote address chain
- getRemoteIp() - Method in class com.mozilla.secops.parser.AmoDocker
-
Get remote IP
- getRemoteIp() - Method in class com.mozilla.secops.parser.BmoAudit
-
Get remote IP
- getRemoteIp() - Method in class com.mozilla.secops.parser.models.nginxstackdriver.NginxStackdriverVariant2
-
Get remote_ip
- getRemoteUser() - Method in class com.mozilla.secops.parser.ApacheCombined
-
Get remote user
- getRemoteUser() - Method in class com.mozilla.secops.parser.models.nginxstackdriver.NginxStackdriverVariant1
-
Get remote_user
- getReputation(String, String) - Method in class com.mozilla.secops.IprepdIO.Reader
-
Read a reputation
- getReputation() - Method in class com.mozilla.secops.IprepdIO.ReputationValue
-
Get reputation value
- getReputation() - Method in class com.mozilla.secops.parser.IPrepdLog
-
Get the current reputation of the object the violation was applied to
- getRequest() - Method in class com.mozilla.secops.parser.ApacheCombined
-
Get request.
- getRequest() - Method in class com.mozilla.secops.parser.models.nginxstackdriver.NginxStackdriverVariant1
-
Get request
- getRequest() - Method in class com.mozilla.secops.parser.models.nginxstackdriver.NginxStackdriverVariant2
-
Get request
- getRequest() - Method in class com.mozilla.secops.parser.Nginx
-
Get request.
- getRequestId() - Method in class com.mozilla.secops.parser.BmoAudit
-
Get request ID
- getRequestID() - Method in class com.mozilla.secops.parser.models.cloudtrail.CloudtrailEvent
-
- getRequestMethod() - Method in class com.mozilla.secops.parser.ApacheCombined
-
Get request method.
- getRequestMethod() - Method in class com.mozilla.secops.parser.GLB
-
Get request method.
- getRequestMethod() - Method in class com.mozilla.secops.parser.Nginx
-
Get request method.
- getRequestMethod() - Method in class com.mozilla.secops.parser.Normalized
-
Get request method field
- getRequestParameters() - Method in class com.mozilla.secops.parser.models.cloudtrail.CloudtrailEvent
-
- getRequestPath() - Method in class com.mozilla.secops.parser.Nginx
-
Get request path.
- getRequestStatus() - Method in class com.mozilla.secops.parser.Normalized
-
Get request status
- getRequestTime() - Method in class com.mozilla.secops.parser.models.nginxstackdriver.NginxStackdriverVariant1
-
Get request_time
- getRequestTime() - Method in class com.mozilla.secops.parser.models.nginxstackdriver.NginxStackdriverVariant2
-
Get req_time
- getRequestType() - Method in class com.mozilla.secops.parser.FxaContent
-
Get request type
- getRequestUrl() - Method in class com.mozilla.secops.parser.ApacheCombined
-
Get request URL.
- getRequestUrl() - Method in class com.mozilla.secops.parser.GLB
-
Get request URL.
- getRequestUrl() - Method in class com.mozilla.secops.parser.Nginx
-
Get request URL.
- getRequestUrl() - Method in class com.mozilla.secops.parser.Normalized
-
Get request URL field
- getRequiredMinimumAverage() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getRequiredMinimumAverage() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get required minimum average
- getRequiredMinimumClients() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getRequiredMinimumClients() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get required minimum clients
- getRequiredMinimumRequestsPerClient() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getRequiredMinimumRequestsPerClient() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get required minimum number of requests per client
- getResolvedSubject() - Method in class com.mozilla.secops.parser.Taskcluster
-
Get resolved subject ID
- getResource() - Method in class com.mozilla.secops.awsbehavior.CloudtrailMatcher
-
- getResource(String) - Method in class com.mozilla.secops.parser.Cloudtrail
-
Utility method for returning the resource the event was acting on, used for adding context to
an
Alert
.
- getResource() - Method in class com.mozilla.secops.parser.GcpAudit
-
Get resource
- getResource() - Method in class com.mozilla.secops.parser.models.taskcluster.Taskcluster
-
Get resource
- getResources() - Method in class com.mozilla.secops.parser.models.cloudwatch.CloudWatchEvent
-
Get event resources, typically in the form of ARNs
- getResponseElements() - Method in class com.mozilla.secops.parser.models.cloudtrail.CloudtrailEvent
-
- getResponseElementsValue(String) - Method in class com.mozilla.secops.parser.models.cloudtrail.CloudtrailEvent
-
- getRestrictedValue() - Method in class com.mozilla.secops.parser.AmoDocker
-
Get restricted value
- getResultValue() - Method in class com.mozilla.secops.state.StateOperation
-
Get result value
- getResultValueForId(UUID) - Method in class com.mozilla.secops.state.StateCursor
-
Fetch a result value from a completed operation
- getResultValues() - Method in class com.mozilla.secops.state.StateOperation
-
Get result values
- getResultValuesForId(UUID) - Method in class com.mozilla.secops.state.StateCursor
-
Fetch a set of result values from a completed operation
- getRuleName() - Method in class com.mozilla.secops.parser.models.etd.DetectionCategory
-
Get rule name which triggered finding
- getRules() - Method in class com.mozilla.secops.parser.EventFilter
-
Get configured rules
- getSatisfyingScopes() - Method in class com.mozilla.secops.parser.models.taskcluster.Taskcluster
-
Get satisfying scopes
- getService() - Method in class com.mozilla.secops.parser.models.fxaauth.FxaAuth
-
Get service
- getServiceToggles() - Method in class com.mozilla.secops.httprequest.HTTPRequestMultiMode
-
Get service toggles
- getSessionAttributesValue(String) - Method in class com.mozilla.secops.parser.models.cloudtrail.UserIdentity
-
- getSessionGapDurationMinutes() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getSessionGapDurationMinutes() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get session gap duration minutes
- getSessionIssuer() - Method in class com.mozilla.secops.parser.models.cloudtrail.SessionContext
-
- getSessionIssuerValue(String) - Method in class com.mozilla.secops.parser.models.cloudtrail.UserIdentity
-
- getSessionLimitAnalysisPaths() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getSessionLimitAnalysisPaths() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get session analysis pathes
- getSessionLimitAnalysisSuppressRecovery() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getSessionLimitAnalysisSuppressRecovery() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get session limit analysis suppress recovery
- getSeverity() - Method in class com.mozilla.secops.alert.Alert
-
Get alert severity
- getSeverity() - Method in class com.mozilla.secops.customs.CustomsAlert
-
Get severity
- getSeverity() - Method in class com.mozilla.secops.parser.Mozlog
-
Get severity integer
- getSeverity() - Method in class com.mozilla.secops.Watchlist.WatchlistEntry
-
Get severity
- getSharedEventID() - Method in class com.mozilla.secops.parser.Cloudtrail
-
Returns the shared event id of the cloudtrail event
- getSharedEventID() - Method in class com.mozilla.secops.parser.models.cloudtrail.CloudtrailEvent
-
- getSlackCatchall() - Method in class com.mozilla.secops.alert.AlertConfiguration
-
Get slack catchall channel id
- getSlackCatchallTemplate() - Method in class com.mozilla.secops.alert.Alert
-
Get slack catchall template name
- getSlackChannelNotification() - Method in interface com.mozilla.secops.pioneer.Pioneer.PioneerOptions
-
- getSlackTemplate() - Method in class com.mozilla.secops.alert.Alert
-
Get slack template name
- getSlackToken() - Method in class com.mozilla.secops.alert.AlertConfiguration
-
Get slack bot token
- getSmsRecipient() - Method in class com.mozilla.secops.parser.models.fxaauth.FxaAuth
-
- getSmtpCredentials() - Method in class com.mozilla.secops.alert.AlertConfiguration
-
Get SMTP credentials
- getSmtpRelay() - Method in class com.mozilla.secops.alert.AlertConfiguration
-
Get SMTP relay
- getSource() - Method in class com.mozilla.secops.parser.models.cloudwatch.CloudWatchEvent
-
Get event source service, e.g.
- getSourceAddress() - Method in class com.mozilla.secops.parser.GeoIP.GeoIPData
-
Get source address set in this GeoIPData object
- getSourceAddress() - Method in class com.mozilla.secops.parser.Normalized
-
Get source address field
- getSourceAddress() - Method in class com.mozilla.secops.parser.SourcePayloadBase
-
Get source address
- getSourceAddress() - Method in class com.mozilla.secops.SourceCorrelation.SourceData
-
Get source address
- getSourceAddress() - Method in class com.mozilla.secops.Violation
-
Get source address
- getSourceAddressAsn() - Method in class com.mozilla.secops.parser.GeoIP.GeoIPData
-
Get source address ASN
- getSourceAddressAsn() - Method in class com.mozilla.secops.parser.Normalized
-
Get source address ASN
- getSourceAddressAsn() - Method in class com.mozilla.secops.parser.SourcePayloadBase
-
Get source address ASN
- getSourceAddressAsOrg() - Method in class com.mozilla.secops.parser.GeoIP.GeoIPData
-
Get source address AS organization
- getSourceAddressAsOrg() - Method in class com.mozilla.secops.parser.Normalized
-
Get source address AS organization
- getSourceAddressAsOrg() - Method in class com.mozilla.secops.parser.SourcePayloadBase
-
Get source address AS organization
- getSourceAddressCity() - Method in class com.mozilla.secops.parser.GeoIP.GeoIPData
-
Get source address city
- getSourceAddressCity() - Method in class com.mozilla.secops.parser.Normalized
-
Get source address city field
- getSourceAddressCity() - Method in class com.mozilla.secops.parser.SourcePayloadBase
-
Get source address city
- getSourceAddressCountry() - Method in class com.mozilla.secops.parser.GeoIP.GeoIPData
-
Get source address country
- getSourceAddressCountry() - Method in class com.mozilla.secops.parser.Normalized
-
Get source address country field
- getSourceAddressCountry() - Method in class com.mozilla.secops.parser.SourcePayloadBase
-
Get source address country
- getSourceAddressEventCount() - Method in class com.mozilla.secops.customs.CustomsFeatures
-
Get count of total events per source address
- getSourceAddressIsAnonymous() - Method in class com.mozilla.secops.parser.Normalized
-
Get source address isanonymous
- getSourceAddressIsAnonymousVpn() - Method in class com.mozilla.secops.parser.Normalized
-
Get source address isanonymousvpn
- getSourceAddressIsHostingProvider() - Method in class com.mozilla.secops.parser.Normalized
-
Get source address ishostingprovider
- getSourceAddressIsLegitimateProxy() - Method in class com.mozilla.secops.parser.Normalized
-
Get source address islegitimateproxy
- getSourceAddressIsp() - Method in class com.mozilla.secops.parser.GeoIP.GeoIPData
-
Get source address ISP
- getSourceAddressIsp() - Method in class com.mozilla.secops.parser.Normalized
-
Get source address ISP
- getSourceAddressIsp() - Method in class com.mozilla.secops.parser.SourcePayloadBase
-
Get source address ISP
- getSourceAddressIsPublicProxy() - Method in class com.mozilla.secops.parser.Normalized
-
Get source address ispublicproxy
- getSourceAddressIsTorExitNode() - Method in class com.mozilla.secops.parser.Normalized
-
Get source address istorexitnode
- getSourceAddressLatitude() - Method in class com.mozilla.secops.parser.GeoIP.GeoIPData
-
Get source address latitude
- getSourceAddressLatitude() - Method in class com.mozilla.secops.parser.Normalized
-
Get source address latitude
- getSourceAddressLatitude() - Method in class com.mozilla.secops.parser.SourcePayloadBase
-
Get source address latitude
- getSourceAddressLongitude() - Method in class com.mozilla.secops.parser.GeoIP.GeoIPData
-
Get source address longitude
- getSourceAddressLongitude() - Method in class com.mozilla.secops.parser.Normalized
-
Get source address longitude
- getSourceAddressLongitude() - Method in class com.mozilla.secops.parser.SourcePayloadBase
-
Get source address longitude
- getSourceAddressRiskScore() - Method in class com.mozilla.secops.parser.Normalized
-
Get source address risks core from minfraud
- getSourceAddressTimeZone() - Method in class com.mozilla.secops.parser.GeoIP.GeoIPData
-
Get source address time zone
- getSourceAddressTimeZone() - Method in class com.mozilla.secops.parser.Normalized
-
Get source address time zone field
- getSourceAddressTimeZone() - Method in class com.mozilla.secops.parser.SourcePayloadBase
-
Get source address time zone
- getSourceCorrelatorAlertPercentage() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getSourceCorrelatorAlertPercentage() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get source correlator alert percentage
- getSourceCorrelatorMinimumAddresses() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getSourceCorrelatorMinimumAddresses() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get source correlator minimum addresses
- getSourceDataType() - Method in class com.mozilla.secops.SourceCorrelation.SourceData
-
Get source data type
- getSourceId() - Method in class com.mozilla.secops.parser.models.etd.EventThreatDetectionFinding
-
Get sourceId object
- getSourceIp() - Method in class com.mozilla.secops.parser.models.taskcluster.Taskcluster
-
Get source IP
- getSourceIPAddress() - Method in class com.mozilla.secops.parser.models.cloudtrail.CloudtrailEvent
-
- getSourceLogId() - Method in class com.mozilla.secops.parser.models.etd.Evidence
-
- getSourceLoginFailureDistributedThreshold() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getSourceLoginFailureThreshold() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getSrcInstance() - Method in class com.mozilla.secops.parser.models.gcpvpcflow.GcpVpcFlow
-
Get source instance data
- getSrcInstanceName() - Method in class com.mozilla.secops.parser.GcpVpcFlow
-
Get source instance name
- getSrcIp() - Method in class com.mozilla.secops.parser.GcpVpcFlow
-
Get source IP
- getSrcIp() - Method in class com.mozilla.secops.parser.models.gcpvpcflow.GcpVpcFlow.Connection
-
Get source IP
- getSrcPort() - Method in class com.mozilla.secops.parser.GcpVpcFlow
-
Get source port
- getSrcPort() - Method in class com.mozilla.secops.parser.models.gcpvpcflow.GcpVpcFlow.Connection
-
Get source port
- getStackdriverLabel(String) - Method in class com.mozilla.secops.parser.Event
-
Get specific Stackdriver label value
- getStackdriverLabelFilters() - Method in interface com.mozilla.secops.InputOptions
-
- getStackdriverLabelFilters() - Method in class com.mozilla.secops.parser.ParserCfg
-
Get Stackdriver label filters
- getStackdriverLabels() - Method in class com.mozilla.secops.parser.Event
-
Get Stackdriver labels
- getStackdriverProject() - Method in class com.mozilla.secops.parser.Event
-
Get Stackdriver project name
- getStackdriverProjectFilter() - Method in interface com.mozilla.secops.InputOptions
-
- getStackdriverProjectFilter() - Method in class com.mozilla.secops.parser.ParserCfg
-
Get Stackdriver project filter
- getStatus() - Method in class com.mozilla.secops.parser.ApacheCombined
-
Get status.
- getStatus() - Method in class com.mozilla.secops.parser.GLB
-
Get status.
- getStatus() - Method in class com.mozilla.secops.parser.models.fxaauth.FxaAuth
-
Get status
- getStatus() - Method in class com.mozilla.secops.parser.models.fxacontent.FxaContent
-
Get status
- getStatus() - Method in class com.mozilla.secops.parser.models.nginxstackdriver.NginxStackdriverVariant1
-
Get status
- getStatus() - Method in class com.mozilla.secops.parser.Nginx
-
Get status.
- getStatus() - Method in class com.mozilla.secops.parser.Phabricator
-
Get status
- getStatusCode() - Method in class com.mozilla.secops.parser.models.taskcluster.Taskcluster
-
Get status code
- getStatusCodeRateAnalysisCode() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getStatusCodeRateAnalysisCode() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get code for client status code rate analysis
- getStatusComparatorAddressPath() - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- getStreamFromPath(String) - Static method in class com.mozilla.secops.FileUtil
-
Read file from specified path, returning an
InputStream
for processing
- getStringMatchers() - Method in class com.mozilla.secops.parser.EventFilterPayload
-
Get configured string matchers
- getStringRegexMatchers() - Method in class com.mozilla.secops.parser.EventFilterPayload
-
Get configured string regex matchers
- getSubcategory() - Method in class com.mozilla.secops.alert.Alert
-
Get alert subcategory
- getSubject() - Method in class com.mozilla.secops.authstate.AuthStateModel
-
Get subject associated with model
- getSubjectUser() - Method in class com.mozilla.secops.parser.Normalized
-
Get subject user field
- getSubjectUserIdentity() - Method in class com.mozilla.secops.parser.Normalized
-
Get subject user identity field
- getSubnetwork_id() - Method in class com.mozilla.secops.parser.models.etd.Properties
-
Get subnet id
- getSubnetwork_name() - Method in class com.mozilla.secops.parser.models.etd.Properties
-
Get subnet name
- getSuggestedAction() - Method in class com.mozilla.secops.customs.CustomsAlert
-
Get suggested action
- getSummarizedEventCounters() - Method in class com.mozilla.secops.customs.CustomsFeatures
-
Get summarized event counters
- getSummary() - Method in class com.mozilla.secops.alert.Alert
-
Get alert summary
- getSuppressRecovery() - Method in class com.mozilla.secops.Violation
-
- getT() - Method in class com.mozilla.secops.parser.models.fxaauth.FxaAuth
-
Get t
- getT() - Method in class com.mozilla.secops.parser.models.fxacontent.FxaContent
-
Get t
- getTaskclusterData() - Method in class com.mozilla.secops.parser.Taskcluster
-
Fetch parsed Taskcluster data
- getTechnique() - Method in class com.mozilla.secops.parser.models.etd.DetectionCategory
-
Get bad-actor's suspected technique, i.e.
- getTemplateManager() - Method in class com.mozilla.secops.alert.AlertConfiguration
-
Create a new template manager
- getTime() - Method in class com.mozilla.secops.parser.models.cloudwatch.CloudWatchEvent
-
Get event timestamp
- getTime() - Method in class com.mozilla.secops.parser.Mozlog
-
Get time value
- getTimeDifference() - Method in class com.mozilla.secops.authstate.AuthStateModel.GeoVelocityResponse
-
Get difference in time in seconds
- getTimestamp() - Method in class com.mozilla.secops.alert.Alert
-
Get alert timestamp
- getTimestamp() - Method in class com.mozilla.secops.authstate.AuthStateModel.ModelEntry
-
Get timestamp of entry
- getTimestamp() - Method in class com.mozilla.secops.customs.CustomsAlert
-
Get timestamp
- getTimestamp() - Method in class com.mozilla.secops.customs.CustomsAtRiskAccountState.CustomsAtRiskAccountStateModel.ScannedByEntry
-
Get timestamp of entry
- getTimestamp() - Method in class com.mozilla.secops.parser.Event
-
Get event timestamp.
- getTimestamp() - Method in class com.mozilla.secops.parser.models.etd.SourceLogId
-
Get timestamp
- getTimestamp() - Method in class com.mozilla.secops.parser.Mozlog
-
Get timestamp
- getTotalAccountCreateSuccess() - Method in class com.mozilla.secops.customs.CustomsFeatures
-
Get total account create success count for event set
- getTotalAccountStatusCheckCount() - Method in class com.mozilla.secops.customs.CustomsFeatures
-
Get total account status check for event set
- getTotalElements() - Method in class com.mozilla.secops.Stats.StatsOutput
-
Get total elements
- getTotalEvents() - Method in class com.mozilla.secops.customs.CustomsFeatures
-
Get total event count
- getTotalLoginFailureCount() - Method in class com.mozilla.secops.customs.CustomsFeatures
-
Get total login failure count for event set
- getTotalLoginSuccessCount() - Method in class com.mozilla.secops.customs.CustomsFeatures
-
Get total login success count for event set
- getTotalPasswordForgotSendCodeFailure() - Method in class com.mozilla.secops.customs.CustomsFeatures
-
Get total password forgot send code failure count for event set
- getTotalPasswordForgotSendCodeSuccess() - Method in class com.mozilla.secops.customs.CustomsFeatures
-
Get total password forgot send code success count for event set
- getTotalSum() - Method in class com.mozilla.secops.Stats.StatsOutput
-
Get total sum
- getTrace() - Method in class com.mozilla.secops.parser.models.nginxstackdriver.NginxStackdriverVariant1
-
Get trace
- getTransform(EventFilter) - Static method in class com.mozilla.secops.parser.EventFilter
-
Get composite transform to apply filter to event stream
- getTransformDoc() - Method in class com.mozilla.secops.amo.AddonCloudSubmission
-
- getTransformDoc() - Method in class com.mozilla.secops.amo.AddonMatcher
-
Get documentation string from transform based on it's current configuration
- getTransformDoc() - Method in class com.mozilla.secops.amo.AddonMultiIpLogin
-
Get documentation string from transform based on it's current configuration
- getTransformDoc() - Method in class com.mozilla.secops.amo.AddonMultiMatch
-
Get documentation string from transform based on it's current configuration
- getTransformDoc() - Method in class com.mozilla.secops.amo.AddonMultiSubmit
-
Get documentation string from transform based on it's current configuration
- getTransformDoc() - Method in class com.mozilla.secops.amo.FxaAccountAbuseAlias
-
Get documentation string from transform based on it's current configuration
- getTransformDoc() - Method in class com.mozilla.secops.amo.FxaAccountAbuseNewVersion
-
Get documentation string from transform based on it's current configuration
- getTransformDoc() - Method in class com.mozilla.secops.amo.ReportRestriction
-
Get documentation string from transform based on it's current configuration
- getTransformDoc() - Method in class com.mozilla.secops.authprofile.AuthProfile.StateAnalyze
-
Get documentation string from transform based on it's current configuration
- getTransformDoc() - Method in class com.mozilla.secops.authprofile.CritObjectAnalyze
-
Get documentation string from transform based on it's current configuration
- getTransformDoc() - Method in class com.mozilla.secops.customs.Customs.CustomsSummary
-
Get documentation string from transform based on it's current configuration
- getTransformDoc() - Method in interface com.mozilla.secops.DocumentingTransform
-
Get documentation string from transform based on it's current configuration
- getTransformDoc() - Method in class com.mozilla.secops.gatekeeper.ETDTransforms.GenerateETDAlerts
-
Get documentation string from transform based on it's current configuration
- getTransformDoc() - Method in class com.mozilla.secops.gatekeeper.GuardDutyTransforms.GenerateGDAlerts
-
Get documentation string from transform based on it's current configuration
- getTransformDoc() - Method in class com.mozilla.secops.httprequest.heuristics.EndpointAbuseAnalysis
-
Get documentation string from transform based on it's current configuration
- getTransformDoc() - Method in class com.mozilla.secops.httprequest.heuristics.EndpointSequenceAbuse
-
Get documentation string from transform based on it's current configuration
- getTransformDoc() - Method in class com.mozilla.secops.httprequest.heuristics.ErrorRateAnalysis
-
Get documentation string from transform based on it's current configuration
- getTransformDoc() - Method in class com.mozilla.secops.httprequest.heuristics.HardLimitAnalysis
-
Get documentation string from transform based on it's current configuration
- getTransformDoc() - Method in class com.mozilla.secops.httprequest.heuristics.PerEndpointErrorRateAnalysis
-
Get documentation string from transform based on it's current configuration
- getTransformDoc() - Method in class com.mozilla.secops.httprequest.heuristics.SessionLimitAnalysis
-
Get documentation string from transform based on it's current configuration
- getTransformDoc() - Method in class com.mozilla.secops.httprequest.heuristics.StatusCodeRateAnalysis
-
Get documentation string from transform based on it's current configuration
- getTransformDoc() - Method in class com.mozilla.secops.httprequest.heuristics.ThresholdAnalysis
-
Get documentation string from transform based on it's current configuration
- getTransformDoc() - Method in class com.mozilla.secops.httprequest.heuristics.UserAgentBlocklistAnalysis
-
Get documentation string from transform based on it's current configuration
- getTransformDoc() - Method in class com.mozilla.secops.pioneer.Pioneer.PioneerExfiltration
-
Get documentation string from transform based on it's current configuration
- getTransformDoc() - Method in class com.mozilla.secops.postprocessing.AlertSummary
-
Get documentation string from transform based on it's current configuration
- getTransformDoc() - Method in class com.mozilla.secops.postprocessing.PostProcessing.WatchlistAnalyze
-
Get documentation string from transform based on it's current configuration
- getTransformDoc() - Method in class com.mozilla.secops.SourceCorrelation.SourceCorrelator
-
Get documentation string from transform based on it's current configuration
- getTransformDocDescription() - Method in class com.mozilla.secops.customs.CustomsAccountCreation
-
Get documentation description from transform based on it's current configuration
- getTransformDocDescription() - Method in class com.mozilla.secops.customs.CustomsAccountCreationDist
-
Get documentation description from transform based on it's current configuration
- getTransformDocDescription() - Method in class com.mozilla.secops.customs.CustomsAccountEnumeration
-
Get documentation description from transform based on it's current configuration
- getTransformDocDescription() - Method in class com.mozilla.secops.customs.CustomsActivityForMonitoredAccounts
-
Get documentation description from transform based on it's current configuration
- getTransformDocDescription() - Method in class com.mozilla.secops.customs.CustomsLoginFailureForAtRiskAccount
-
Get documentation description from transform based on it's current configuration
- getTransformDocDescription() - Method in class com.mozilla.secops.customs.CustomsPasswordResetAbuse
-
Get documentation description from transform based on it's current configuration
- getTransformDocDescription() - Method in class com.mozilla.secops.customs.CustomsStatusComparator
-
Get documentation description from transform based on it's current configuration
- getTransformDocDescription() - Method in class com.mozilla.secops.customs.CustomsVelocity
-
Get documentation description from transform based on it's current configuration
- getTransformDocDescription() - Method in class com.mozilla.secops.customs.PrivateRelayForward
-
Get documentation description from transform based on it's current configuration
- getTransformDocDescription() - Method in class com.mozilla.secops.customs.SourceLoginFailure
-
Get documentation description from transform based on it's current configuration
- getTransformDocDescription() - Method in class com.mozilla.secops.customs.SourceLoginFailureDist
-
Get documentation description from transform based on it's current configuration
- getType() - Method in class com.mozilla.secops.IprepdIO.ExemptedObject
-
Get type string
- getType() - Method in class com.mozilla.secops.IprepdIO.ReputationValue
-
Get type
- getType() - Method in class com.mozilla.secops.parser.Alert
-
- getType() - Method in class com.mozilla.secops.parser.AmoDocker
-
- getType() - Method in class com.mozilla.secops.parser.ApacheCombined
-
- getType() - Method in class com.mozilla.secops.parser.Auth0
-
- getType() - Method in class com.mozilla.secops.parser.BmoAudit
-
- getType() - Method in class com.mozilla.secops.parser.CfgTick
-
- getType() - Method in class com.mozilla.secops.parser.Cloudtrail
-
- getType() - Method in class com.mozilla.secops.parser.Duopull
-
- getType() - Method in class com.mozilla.secops.parser.ETDBeta
-
- getType() - Method in class com.mozilla.secops.parser.FxaAuth
-
- getType() - Method in class com.mozilla.secops.parser.FxaContent
-
- getType() - Method in class com.mozilla.secops.parser.GcpAudit
-
- getType() - Method in class com.mozilla.secops.parser.GcpVpcFlow
-
- getType() - Method in class com.mozilla.secops.parser.GLB
-
- getType() - Method in class com.mozilla.secops.parser.GuardDuty
-
- getType() - Method in class com.mozilla.secops.parser.IPrepdLog
-
- getType() - Method in class com.mozilla.secops.parser.models.auth0.LogEvent
-
Getter for the type of this event.
- getType() - Method in class com.mozilla.secops.parser.models.cloudtrail.UserIdentity
-
- getType() - Method in class com.mozilla.secops.parser.Mozlog
-
Get type
- getType() - Method in class com.mozilla.secops.parser.Nginx
-
- getType() - Method in class com.mozilla.secops.parser.OpenSSH
-
- getType() - Method in class com.mozilla.secops.parser.Payload
-
Get payload type
- getType() - Method in class com.mozilla.secops.parser.PayloadBase
-
Get payload type.
- getType() - Method in class com.mozilla.secops.parser.Phabricator
-
- getType() - Method in class com.mozilla.secops.parser.PrivateRelay
-
- getType() - Method in class com.mozilla.secops.parser.Raw
-
- getType() - Method in class com.mozilla.secops.parser.Taskcluster
-
- getType() - Method in class com.mozilla.secops.Violation
-
Get object type
- getType() - Method in class com.mozilla.secops.Watchlist.WatchlistEntry
-
Get type string
- getUid() - Method in class com.mozilla.secops.customs.PrivateRelayForward.PrivateRelayForwardState
-
Get UID
- getUid() - Method in class com.mozilla.secops.parser.AmoDocker
-
Get UID
- getUid() - Method in class com.mozilla.secops.parser.models.amo.Amo
-
Get uid
- getUid() - Method in class com.mozilla.secops.parser.models.fxaauth.FxaAuth
-
Get uid
- getUid() - Method in class com.mozilla.secops.parser.PrivateRelay
-
Get UID
- getUniquePathRequestCount() - Method in class com.mozilla.secops.customs.CustomsFeatures
-
Get unique path request count
- getUniquePathSuccessfulRequestCount() - Method in class com.mozilla.secops.customs.CustomsFeatures
-
Get unique path request count for successful requests
- getUnknownEventCounter() - Method in class com.mozilla.secops.customs.CustomsFeatures
-
Get unknown event counter
- getUpload() - Method in class com.mozilla.secops.parser.AmoDocker
-
Get upload
- getUpload() - Method in class com.mozilla.secops.parser.models.amo.Amo
-
Get upload
- getUploadHash() - Method in class com.mozilla.secops.parser.AmoDocker
-
Get upload hash
- getUploadHash() - Method in class com.mozilla.secops.parser.models.amo.Amo
-
Get upload hash
- getUrlRequestHost() - Method in class com.mozilla.secops.parser.Normalized
-
Get extracted URL request host component
- getUrlRequestPath() - Method in class com.mozilla.secops.parser.Normalized
-
Get extracted URL request path field
- getUseEventTimestamp() - Method in interface com.mozilla.secops.InputOptions
-
- getUseEventTimestamp() - Method in class com.mozilla.secops.parser.ParserCfg
-
Get event timestamp emission setting
- getUseEventTimestampForAlert() - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- getUseProxyXff() - Method in interface com.mozilla.secops.InputOptions
-
- getUseProxyXff() - Method in class com.mozilla.secops.parser.ParserCfg
-
Get whether to use the proxy header to select ip from XFF
- getUser() - Method in class com.mozilla.secops.parser.BmoAudit
-
Get user
- getUser() - Method in class com.mozilla.secops.parser.Cloudtrail
-
Get username
- getUser() - Method in class com.mozilla.secops.parser.OpenSSH
-
Get username
- getUser() - Method in class com.mozilla.secops.parser.Phabricator
-
Get user value
- getUserAgent() - Method in class com.mozilla.secops.authstate.AuthStateModel.ModelEntry
-
Get user agent field
- getUserAgent() - Method in class com.mozilla.secops.parser.ApacheCombined
-
Get user agent.
- getUserAgent() - Method in class com.mozilla.secops.parser.BmoAudit
-
Get user agent
- getUserAgent() - Method in class com.mozilla.secops.parser.GLB
-
Get user agent.
- getUserAgent() - Method in class com.mozilla.secops.parser.models.cloudtrail.CloudtrailEvent
-
- getUserAgent() - Method in class com.mozilla.secops.parser.models.fxacontent.FxaContent
-
Get userAgent
- getUserAgent() - Method in class com.mozilla.secops.parser.models.nginxstackdriver.NginxStackdriverVariant1
-
Get user_agent
- getUserAgent() - Method in class com.mozilla.secops.parser.models.nginxstackdriver.NginxStackdriverVariant2
-
Get agent
- getUserAgent() - Method in class com.mozilla.secops.parser.Nginx
-
Get user agent.
- getUserAgent() - Method in class com.mozilla.secops.parser.Normalized
-
Get user agent
- getUserAgentBlocklistPath() - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- getUserAgentBlocklistPath() - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Get user agent blocklist path
- getUserId(String) - Method in class com.mozilla.secops.alert.AlertSlack
-
Get slack user id from user's email
- getUserId() - Method in class com.mozilla.secops.parser.models.auth0.LogEvent
-
Getter for the user id related to this event.
- getUserIdentity() - Method in class com.mozilla.secops.parser.models.cloudtrail.CloudtrailEvent
-
- getUserList() - Method in class com.mozilla.secops.slack.SlackManager
-
Get list of all Slack users
- getUsername() - Method in class com.mozilla.secops.parser.Auth0
-
Return username within event
- getUserName() - Method in class com.mozilla.secops.parser.models.cloudtrail.UserIdentity
-
- getUserNumericId() - Method in class com.mozilla.secops.parser.AmoDocker
-
Get numeric user ID
- getUserType() - Method in class com.mozilla.secops.parser.models.cloudtrail.CloudtrailEvent
-
- getUseXffAsRemote() - Method in interface com.mozilla.secops.InputOptions
-
- getUseXffAsRemote() - Method in class com.mozilla.secops.parser.ParserCfg
-
Get Use Xff Header as Remote
- getValue() - Method in class com.mozilla.secops.alert.AlertMeta
-
Get metadata value
- getValue() - Method in enum com.mozilla.secops.parser.models.fxaauth.FxaAuth.Errno
-
Return integer value of enum
- getValue() - Method in class com.mozilla.secops.state.StateOperation
-
Get value
- getValueType() - Method in enum com.mozilla.secops.alert.AlertMeta.Key
-
Get value field type
- getVarianceIndex() - Method in class com.mozilla.secops.customs.CustomsFeatures
-
Get variance index
- getVersion() - Method in class com.mozilla.secops.parser.models.cloudwatch.CloudWatchEvent
-
Get event message version
- getView(PCollection<Event>) - Static method in class com.mozilla.secops.customs.ContentServerVarianceDetector
-
Execute transform returning a PCollectionView
of ips accessing content server
resources, that can be used as a side input.
- getView(PCollection<Event>, String) - Static method in class com.mozilla.secops.DetectNat
-
Execute nat detection transforms returning a PCollectionView
suitable for use as a side
input, currently only User Agent Based
- getView(PCollection<Long>) - Static method in class com.mozilla.secops.Stats
-
Execute the transform returning a PCollectionView
suitable for use as a side input
- getViolation() - Method in class com.mozilla.secops.parser.IPrepdLog
-
Get violation
- getViolation() - Method in class com.mozilla.secops.Violation
-
Get violation type
- getVmName() - Method in class com.mozilla.secops.parser.models.gcpvpcflow.GcpVpcFlow.Instance
-
Get VM name
- getWantNormalizedType() - Method in class com.mozilla.secops.parser.EventFilterRule
-
Get want normalized type value
- getWantStackdriverLabels() - Method in class com.mozilla.secops.parser.EventFilterRule
-
Get Stackdriver label filters
- getWantStackdriverProject() - Method in class com.mozilla.secops.parser.EventFilterRule
-
Get want Stackdriver project value
- getWantSubtype() - Method in class com.mozilla.secops.parser.EventFilterRule
-
Get want subtype value
- getWantUTC() - Method in class com.mozilla.secops.parser.EventFilter
-
Get UTC handling parameter
- getWarningSeverityEmail() - Method in interface com.mozilla.secops.postprocessing.PostProcessing.PostProcessingOptions
-
- getWatchedEmails() - Method in class com.mozilla.secops.Watchlist
-
Returns watched email addresses
- getWatchedIPs() - Method in class com.mozilla.secops.Watchlist
-
Returns watched ip addresses
- getWatchlistEntries(String, ArrayList<String>) - Method in class com.mozilla.secops.Watchlist
-
Get all watchlist entries of the specific type that match a value in the provided value array.
- getXffAddressSelector() - Method in interface com.mozilla.secops.InputOptions
-
- getXffAddressSelector() - Method in class com.mozilla.secops.parser.ParserCfg
-
Get any configured XFF address selectors
- getXffAddressSelectorAsCidrUtil() - Method in class com.mozilla.secops.parser.ParserCfg
-
Return any configured XFF address selectors as a
CidrUtil
object.
- getXForwardedFor() - Method in class com.mozilla.secops.parser.models.nginxstackdriver.NginxStackdriverVariant1
-
Get x_forwarded_for
- getXForwardedFor() - Method in class com.mozilla.secops.parser.Nginx
-
Get X forwarded for
- getXForwardedProto() - Method in class com.mozilla.secops.parser.models.nginxstackdriver.NginxStackdriverVariant1
-
Get x_forwarded_proto
- getXPipelineProxy() - Method in class com.mozilla.secops.parser.models.nginxstackdriver.NginxStackdriverVariant1
-
Get x_pipeline_proxy
- GLB - Class in com.mozilla.secops.parser
-
Payload parser for Google Load Balancer log data.
- GLB() - Constructor for class com.mozilla.secops.parser.GLB
-
Construct matcher object.
- GLB(String, Event, ParserState) - Constructor for class com.mozilla.secops.parser.GLB
-
Construct parser object.
- GlobalTriggers<T> - Class in com.mozilla.secops.window
-
Window input type into global windows, triggering at a specific interval and discarding fired
panes.
- GlobalTriggers(int) - Constructor for class com.mozilla.secops.window.GlobalTriggers
-
- GuardDuty - Class in com.mozilla.secops.parser
-
Payload parser for AWS GuardDuty Finding data
- GuardDuty() - Constructor for class com.mozilla.secops.parser.GuardDuty
-
Construct matcher object.
- GuardDuty(String, Event, ParserState) - Constructor for class com.mozilla.secops.parser.GuardDuty
-
Construct parser object.
- GuardDutyConfig - Class in com.mozilla.secops.gatekeeper
-
- GuardDutyConfig() - Constructor for class com.mozilla.secops.gatekeeper.GuardDutyConfig
-
Create a new empty GuardDutyConfig
- GuardDutyFindingMatcher - Class in com.mozilla.secops.gatekeeper
-
- GuardDutyFindingMatcher() - Constructor for class com.mozilla.secops.gatekeeper.GuardDutyFindingMatcher
-
- GuardDutyTransforms - Class in com.mozilla.secops.gatekeeper
-
Implements various transforms on AWS GuardDuty Finding
Events
- GuardDutyTransforms() - Constructor for class com.mozilla.secops.gatekeeper.GuardDutyTransforms
-
- GuardDutyTransforms.ExtractFindings - Class in com.mozilla.secops.gatekeeper
-
Extract GuardDuty Findings
- GuardDutyTransforms.GenerateGDAlerts - Class in com.mozilla.secops.gatekeeper
-
Generate Alerts for relevant Findings
- GuardDutyTransforms.Options - Interface in com.mozilla.secops.gatekeeper
-
Runtime options for GuardDuty Transforms
- GuardDutyTransforms.SuppressAlerts - Class in com.mozilla.secops.gatekeeper
-
Suppress Alerts for repeated GuardDuty Findings.
- ScannedByEntry(String) - Constructor for class com.mozilla.secops.customs.CustomsAtRiskAccountState.CustomsAtRiskAccountStateModel.ScannedByEntry
-
Create new ScannedByEntry
- ScriptRunner - Class in com.mozilla.secops
-
Execute Groovy scripts from within pipeline functions
- ScriptRunner() - Constructor for class com.mozilla.secops.ScriptRunner
-
- secondMethod - Variable in class com.mozilla.secops.httprequest.heuristics.EndpointSequenceAbuse.EndpointSequenceAbuseTimingInfo
-
- secondPath - Variable in class com.mozilla.secops.httprequest.heuristics.EndpointSequenceAbuse.EndpointSequenceAbuseTimingInfo
-
- sendConfirmationAlertToUser(Alert, String) - Method in class com.mozilla.secops.alert.AlertSlack
-
Send an alert to a user asking them if it was caused by them.
- sendConfirmationRequestToUser(String, String, String) - Method in class com.mozilla.secops.slack.SlackManager
-
Send message with confirmation request to slack user.
- sendMessageToChannel(String, String) - Method in class com.mozilla.secops.slack.SlackManager
-
Send message to slack channel.
- sendToAddress(Alert, String) - Method in class com.mozilla.secops.alert.AlertMailer
-
Send email alert to specified address
- sendToCatchall(Alert) - Method in class com.mozilla.secops.alert.AlertMailer
-
Send email alert to configured catchall address
- sendToCatchall(Alert) - Method in class com.mozilla.secops.alert.AlertSlack
-
Send alert to slack catchall channel
- sendToSupplementary(Alert) - Method in class com.mozilla.secops.alert.AlertSlack
-
Send alert to supplementary slack channel
- sendToUser(Alert, String) - Method in class com.mozilla.secops.alert.AlertSlack
-
Send alert to a user.
- SessionContext - Class in com.mozilla.secops.parser.models.cloudtrail
-
Model for sessionContext element in Cloudtrail Events
- SessionContext() - Constructor for class com.mozilla.secops.parser.models.cloudtrail.SessionContext
-
- SessionLimitAnalysis - Class in com.mozilla.secops.httprequest.heuristics
-
Transform for detection of a single source making excessive requests of a specific endpoint
pattern.
- SessionLimitAnalysis(HTTPRequestToggles, Boolean, String) - Constructor for class com.mozilla.secops.httprequest.heuristics.SessionLimitAnalysis
-
- SessionLimitAnalysis.LimitInfo - Class in com.mozilla.secops.httprequest.heuristics
-
Internal class for configured endpoints
- set(StateCursor<AuthStateModel>, PruningStrategy) - Method in class com.mozilla.secops.authstate.AuthStateModel
-
Persist state using state interface
- set(String, T) - Method in class com.mozilla.secops.state.StateCursor
-
Set a value in state
- set(String, T) - Method in class com.mozilla.secops.state.StateOperation
-
Configure as a set operation
- setAccountCreationDistributedDistanceRatio(Double) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setAccountCreationDistributedThreshold(Integer) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setAccountCreationSuppressRecovery(Integer) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setAccountCreationThreshold(Integer) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setAccountEnumerationThreshold(Integer) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setAccountId(String) - Method in class com.mozilla.secops.gatekeeper.GuardDutyFindingMatcher
-
Set the account id to match against
- setAccountMatchBanOnLogin(String[]) - Method in interface com.mozilla.secops.amo.Amo.AmoOptions
-
- setActivityMonitorAccountPath(String) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setAddonMatchCriteria(String[]) - Method in interface com.mozilla.secops.amo.Amo.AmoOptions
-
- setAddonMatchSuppressRecovery(Integer) - Method in interface com.mozilla.secops.amo.Amo.AmoOptions
-
- setAddonMultiIpLoginAggressiveMatcher(String[]) - Method in interface com.mozilla.secops.amo.Amo.AmoOptions
-
- setAddonMultiIpLoginAlertExceptions(String[]) - Method in interface com.mozilla.secops.amo.Amo.AmoOptions
-
- setAddonMultiIpLoginAlertOn(Integer) - Method in interface com.mozilla.secops.amo.Amo.AmoOptions
-
- setAddonMultiIpLoginAlertOnIp(Integer) - Method in interface com.mozilla.secops.amo.Amo.AmoOptions
-
- setAddonMultiIpLoginSuppressRecovery(Integer) - Method in interface com.mozilla.secops.amo.Amo.AmoOptions
-
- setAddonMultiMatchAlertOn(Integer) - Method in interface com.mozilla.secops.amo.Amo.AmoOptions
-
- setAddonMultiMatchSuppressRecovery(Integer) - Method in interface com.mozilla.secops.amo.Amo.AmoOptions
-
- setAddonMultiSubmitAlertOn(Integer) - Method in interface com.mozilla.secops.amo.Amo.AmoOptions
-
- setAddonMultiSubmitSuppressRecovery(Integer) - Method in interface com.mozilla.secops.amo.Amo.AmoOptions
-
- setAlertId(UUID) - Method in class com.mozilla.secops.alert.Alert
-
Override generated unique ID for alert
- setAlertStateDatastoreKind(String) - Method in interface com.mozilla.secops.OutputOptions
-
- setAlertStateDatastoreNamespace(String) - Method in interface com.mozilla.secops.OutputOptions
-
- setAlertStateMemcachedHost(String) - Method in interface com.mozilla.secops.OutputOptions
-
- setAlertStateMemcachedPort(Integer) - Method in interface com.mozilla.secops.OutputOptions
-
- setAlertSummaryAnalysisThresholds(String[]) - Method in interface com.mozilla.secops.postprocessing.PostProcessing.PostProcessingOptions
-
- setAlertSuppressionDurationSeconds(Long) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setAlertSuppressionDurationSeconds(Long) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set duration to suppress alerts (when using session windows)
- setAlertSuppressionSeconds(Long) - Method in interface com.mozilla.secops.gatekeeper.ETDTransforms.Options
-
- setAlertSuppressionSeconds(Long) - Method in interface com.mozilla.secops.gatekeeper.GuardDutyTransforms.Options
-
- setAliasAbuseMaxAliases(Integer) - Method in interface com.mozilla.secops.amo.Amo.AmoOptions
-
- setAliasAbuseSuppressRecovery(Integer) - Method in interface com.mozilla.secops.amo.Amo.AmoOptions
-
- setAlternateCritSlackEscalation(String) - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- setAnalysisThresholdModifier(Double) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setAnalysisThresholdModifier(Double) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set analysis threshold modifier
- setAsn(Integer) - Method in class com.mozilla.secops.SourceCorrelation.SourceData
-
Set ASN
- setAttributes(HashMap<String, String>) - Method in class com.mozilla.secops.parser.models.cloudtrail.SessionContext
-
- setAuth0ClientIds(String[]) - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- setAwsAssumeRoleCorrelatorSessionGapDurationSeconds(Long) - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- setAwsTags(Map<String, String>) - Method in class com.mozilla.secops.gatekeeper.GuardDutyFindingMatcher
-
Set the aws tags to match against
- setBanPatternSuppressRecovery(Integer) - Method in interface com.mozilla.secops.amo.Amo.AmoOptions
-
- setCacheOnly(Boolean) - Static method in class com.mozilla.secops.Minfraud
-
Enable cache only
- setCategory(String) - Method in class com.mozilla.secops.alert.Alert
-
Set alert category
- setCidrExclusionList(String) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setCidrExclusionList(String) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set CIDR exclusion list path
- setCity(String) - Method in class com.mozilla.secops.SourceCorrelation.SourceData
-
Set city
- setClampThresholdMaximum(Double) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setClampThresholdMaximum(Double) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set clamp threshold maximum
- setCloudtrailMatcherManagerPath(String) - Method in interface com.mozilla.secops.awsbehavior.AwsBehavior.AwsBehaviorOptions
-
- setConfidence(Integer) - Method in class com.mozilla.secops.customs.CustomsAlert
-
Set confidence
- setConfigurationTicks(String, Integer, long) - Method in class com.mozilla.secops.input.InputElement
-
Set configuration ticks for input element
- setContactEmail(String) - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- setContentServerVarianceMinClients(Long) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setCountry(String) - Method in class com.mozilla.secops.SourceCorrelation.SourceData
-
Set country
- setCreatedBy(String) - Method in class com.mozilla.secops.IprepdIO.ExemptedObject
-
Set created by value
- setCreatedBy(String) - Method in class com.mozilla.secops.Watchlist.WatchlistEntry
-
Set created by value
- setCriticalNotificationEmail(String) - Method in interface com.mozilla.secops.OutputOptions
-
- setCriticalSeverityEmail(String) - Method in interface com.mozilla.secops.postprocessing.PostProcessing.PostProcessingOptions
-
- setCritObjects(String[]) - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- setCustomsNotificationTopic(String) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setDatastoreKind(String) - Method in class com.mozilla.secops.alert.AlertConfiguration
-
Set datastore kind
- setDatastoreKind(String) - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- setDatastoreNamespace(String) - Method in class com.mozilla.secops.alert.AlertConfiguration
-
Set datastore namespace
- setDatastoreNamespace(String) - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- setDatastoreNamespace(String) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setDeferGeoIpResolution(Boolean) - Method in interface com.mozilla.secops.InputOptions
-
- setDeferGeoIpResolution(Boolean) - Method in class com.mozilla.secops.parser.ParserCfg
-
Set defer GeoIP resolution
- setDetails(HashMap<String, Object>) - Method in class com.mozilla.secops.customs.CustomsAlert
-
Set details map
- setDisableCloudwatchStrip(Boolean) - Method in interface com.mozilla.secops.InputOptions
-
- setDisableCloudwatchStrip(boolean) - Method in class com.mozilla.secops.parser.ParserCfg
-
Set disable Cloudwatch strip
- setDisableMozlogStrip(Boolean) - Method in interface com.mozilla.secops.InputOptions
-
- setDisableMozlogStrip(boolean) - Method in class com.mozilla.secops.parser.ParserCfg
-
Set disable Mozlog strip
- setDocLink(String) - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- setDomainName(String) - Method in class com.mozilla.secops.gatekeeper.GuardDutyFindingMatcher
-
Set the domain name to match against within the finding
- setDuopullData(Duopull) - Method in class com.mozilla.secops.parser.Duopull
-
Set duopull data element
- setEmail(String) - Method in class com.mozilla.secops.parser.models.amo.Amo
-
Set email
- setEmailCatchall(String) - Method in class com.mozilla.secops.alert.AlertConfiguration
-
Set email catchall address
- setEmailFrom(String) - Method in class com.mozilla.secops.alert.AlertConfiguration
-
Set email from address
- setEmailTemplate(String) - Method in class com.mozilla.secops.alert.Alert
-
Set email template name
- setEnableAccountCreationAbuseDetector(Boolean) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setEnableAccountEnumerationDetector(Boolean) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setEnableActivityMonitor(Boolean) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setEnableAlertSummaryAnalysis(Boolean) - Method in interface com.mozilla.secops.postprocessing.PostProcessing.PostProcessingOptions
-
- setEnableAwsAssumeRoleCorrelator(Boolean) - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- setEnableContentServerVarianceDetection(Boolean) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setEnableCritObjectAnalysis(Boolean) - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- setEnableEndpointAbuseAnalysis(Boolean) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setEnableEndpointAbuseAnalysis(Boolean) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set endpoint abuse analysis setting
- setEnableEndpointSequenceAbuseAnalysis(Boolean) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setEnableEndpointSequenceAbuseAnalysis(Boolean) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set endpoint sequence abuse analysis
- setEnableErrorRateAnalysis(Boolean) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setEnableErrorRateAnalysis(Boolean) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set error rate analysis setting
- setEnableETD(Boolean) - Method in interface com.mozilla.secops.gatekeeper.GatekeeperPipeline.GatekeeperOptions
-
- setEnableGD(Boolean) - Method in interface com.mozilla.secops.gatekeeper.GatekeeperPipeline.GatekeeperOptions
-
- setEnableHardLimitAnalysis(Boolean) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setEnableHardLimitAnalysis(Boolean) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set hard limit analysis setting
- setEnableLoginFailureAtRiskAccount(Boolean) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setEnableNatDetection(Boolean) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set enable NAT detection setting
- setEnablePasswordResetAbuseDetector(Boolean) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setEnablePerEndpointErrorRateAnalysis(Boolean) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setEnablePerEndpointErrorRateAnaysis(Boolean) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set enable per endpoint error rate analysis setting
- setEnablePrivateRelayForward(Boolean) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setEnableSessionLimitAnalysis(Boolean) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setEnableSessionLimitAnalysis(Boolean) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set enable session limit analysis setting
- setEnableSourceCorrelator(Boolean) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setEnableSourceLoginFailureDetector(Boolean) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setEnableStateAnalysis(Boolean) - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- setEnableStatusCodeRateAnalysis(Boolean) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setEnableStatusCodeRateAnalysis(Boolean) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set enable status code rate analysis setting
- setEnableStatusComparator(Boolean) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setEnableSummaryAnalysis(Boolean) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setEnableThresholdAnalysis(Boolean) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setEnableThresholdAnalysis(Boolean) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set threshold analysis setting
- setEnableUserAgentBlocklistAnalysis(Boolean) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setEnableUserAgentBlocklistAnalysis(Boolean) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set user agent blocklist analysis setting
- setEnableVelocityDetector(Boolean) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setEnableVelocityDetectorMonitorOnly(Boolean) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setEnableWatchlistAnalysis(Boolean) - Method in interface com.mozilla.secops.postprocessing.PostProcessing.PostProcessingOptions
-
- setEndpointAbuseCustomVarianceSubstrings(String[]) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setEndpointAbuseCustomVarianceSubstrings(String[]) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set endpoint abuse custom variance substrings
- setEndpointAbuseExtendedVariance(Boolean) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setEndpointAbuseExtendedVariance(Boolean) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set endpoint abuse extended variance
- setEndpointAbusePath(String[]) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setEndpointAbusePath(String[]) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set endpoint abuse path
- setEndpointAbuseSuppressRecovery(Integer) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setEndpointAbuseSuppressRecovery(Integer) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set endpoint abuse suppress recovery
- setEndpointSequenceAbusePattern(String[]) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set endpoint abuse path
- setEndpointSequenceAbusePatterns(String[]) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setEndpointSequenceAbuseSuppressRecovery(Integer) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setEndpointSequenceAbuseSuppressRecovery(Integer) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set endpoint abuse timing suppress recovery
- setEntries(Map<String, AuthStateModel.ModelEntry>) - Method in class com.mozilla.secops.authstate.AuthStateModel
-
Set entries associated with model
- setEntryAgePruningSeconds(long) - Method in class com.mozilla.secops.authstate.PruningStrategyEntryAge
-
Set age after which entries will be pruned from the model
- setErrorSessionGapDurationMinutes(Long) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setErrorSessionGapDurationMinutes(Long) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set session gap duration for session windows of only error events
- setEscalateAccountCreation(Boolean) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setEscalateAccountCreationDistributed(Boolean) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setEscalateAccountEnumerationDetector(Boolean) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setEscalateLoginFailureAtRiskAccount(Boolean) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setEscalatePasswordResetAbuse(Boolean) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setEscalateSourceLoginFailure(Boolean) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setEscalateSourceLoginFailureDistributed(Boolean) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setEscalateStatusComparator(Boolean) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setEscalateVelocity(Boolean) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setEventFilter(EventFilter) - Method in class com.mozilla.secops.input.InputElement
-
Set event filter to use with parsed reads
- setEvents(ArrayList<Event>) - Method in class com.mozilla.secops.customs.CustomsFeatures
-
Set event list
- setExceptRules(ArrayList<EventFilterRule>) - Method in class com.mozilla.secops.parser.EventFilterRule
-
Set except rules
- setExfiltrationThresholdBytes(Integer) - Method in interface com.mozilla.secops.pioneer.Pioneer.PioneerOptions
-
- setExfiltrationThresholdSeconds(Integer) - Method in interface com.mozilla.secops.pioneer.Pioneer.PioneerOptions
-
- setExpiresAt(DateTime) - Method in class com.mozilla.secops.IprepdIO.ExemptedObject
-
Set expires at
- setExpiresAt(DateTime) - Method in class com.mozilla.secops.Watchlist.WatchlistEntry
-
Set expires at
- setFileInputs(ArrayList<String>) - Method in class com.mozilla.secops.input.InputElement
-
Set file inputs
- setFilterRequestPath(String[]) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setFilterRequestPath(String[]) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set filter request path
- setFindingType(String) - Method in class com.mozilla.secops.gatekeeper.GuardDutyFindingMatcher
-
Set the finding type to match against
- setGcpProject(String) - Method in class com.mozilla.secops.alert.AlertConfiguration
-
Set GCP project name
- setGcsTemplateBasePath(String) - Method in class com.mozilla.secops.alert.AlertConfiguration
-
Set gcs template base path
- setGenerateConfigurationTicksInterval(Integer) - Method in interface com.mozilla.secops.InputOptions
-
- setGenerateConfigurationTicksMaximum(Long) - Method in interface com.mozilla.secops.InputOptions
-
- setGuarddutyConfigPath(String) - Method in interface com.mozilla.secops.gatekeeper.GuardDutyTransforms.Options
-
- setHardLimitRequestCount(Long) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setHardLimitRequestCount(Long) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set hard limit request count
- setHeuristic(String) - Method in class com.mozilla.secops.customs.CustomsAlert
-
Set heuristic
- setHeuristicDescription(String) - Method in class com.mozilla.secops.customs.CustomsAlert
-
Set heuristic description
- setHighETDFindingRuleRegex(String[]) - Method in interface com.mozilla.secops.gatekeeper.ETDTransforms.Options
-
- setId(UUID) - Method in class com.mozilla.secops.customs.CustomsAlert
-
Set UUID
- setIdentityManager(IdentityManager) - Method in class com.mozilla.secops.parser.Parser
-
Set an identity manager in the parser that can be used for lookups
- setIdentityManagerPath(String) - Method in interface com.mozilla.secops.awsbehavior.AwsBehavior.AwsBehaviorOptions
-
- setIdentityManagerPath(String) - Method in interface com.mozilla.secops.InputOptions
-
- setIdentityManagerPath(String) - Method in class com.mozilla.secops.parser.ParserCfg
-
Set IdentityManager json file path
- setIgnoreCloudProviderRequests(Boolean) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setIgnoreCloudProviderRequests(Boolean) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set ignore cloud provider requests
- setIgnoreETDFindingRuleRegex(String[]) - Method in interface com.mozilla.secops.gatekeeper.ETDTransforms.Options
-
- setIgnoreInternalRequests(Boolean) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setIgnoreInternalRequests(Boolean) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set ignore internal requests
- setIgnoreUnknownIdentities(Boolean) - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- setIgnoreUserRegex(String[]) - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- setIncludeUrlHostRegex(String[]) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setIncludeUrlHostRegex(String[]) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set include URL host regex
- setIndicator(String) - Method in class com.mozilla.secops.customs.CustomsAlert
-
Set indicator
- setIndicatorType(CustomsAlert.IndicatorType) - Method in class com.mozilla.secops.customs.CustomsAlert
-
Set indicator type
- setInput(Input) - Method in class com.mozilla.secops.httprequest.HTTPRequestMultiMode
-
Set input configuration
- setInputElements(ArrayList<InputElement>) - Method in class com.mozilla.secops.input.Input
-
Set input elements
- setInputFile(String[]) - Method in interface com.mozilla.secops.InputOptions
-
- setInputIprepd(String) - Method in interface com.mozilla.secops.InputOptions
-
- setInputKinesis(String[]) - Method in interface com.mozilla.secops.InputOptions
-
- setInputPubsub(String[]) - Method in interface com.mozilla.secops.InputOptions
-
- setIntegerMatchers(Map<EventFilterPayload.IntegerProperty, Integer>) - Method in class com.mozilla.secops.parser.EventFilterPayload
-
Set configured integer matchers
- setIntegerRangeMatchers(Map<EventFilterPayload.IntegerProperty, EventFilterPayloadRange<Integer>>) - Method in class com.mozilla.secops.parser.EventFilterPayload
-
Set configured integer range matchers
- setIp(String) - Method in class com.mozilla.secops.IprepdIO.ExemptedObject
-
Set IP
- setIpAddress(String) - Method in class com.mozilla.secops.customs.CustomsAtRiskAccountState.CustomsAtRiskAccountStateModel.ScannedByEntry
-
Set IP address of entry
- setIsp(String) - Method in class com.mozilla.secops.SourceCorrelation.SourceData
-
Set ISP
- setKinesisInputs(ArrayList<String>) - Method in class com.mozilla.secops.input.InputElement
-
Set Kinesis inputs
- setKnownGatewaysPath(String) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setKnownGatewaysPath(String) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Path to list of inital nat gateways
- setLatitude(Double) - Method in class com.mozilla.secops.authstate.AuthStateModel.ModelEntry
-
Set model latitude field
- setLongitude(Double) - Method in class com.mozilla.secops.authstate.AuthStateModel.ModelEntry
-
Set model longitude field
- setMatchAny(Boolean) - Method in class com.mozilla.secops.parser.EventFilter
-
Set match any flag to specified value
- setMaxAllowableTimestampDifference(Integer) - Method in interface com.mozilla.secops.InputOptions
-
- setMaxClientErrorRate(Long) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setMaxClientErrorRate(Long) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set max client error rate
- setMaxClientStatusCodeRate(Long) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setMaxClientStatusCodeRate(Long) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set max client status code rate
- setMaximumKilometersFromLastLogin(Double) - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- setMaximumKilometersPerHour(Integer) - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- setMaximumKilometersPerHour(Integer) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setMaximumKilometersPerHourMonitorOnly(Integer) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setMaxmindAccountId(String) - Method in interface com.mozilla.secops.InputOptions
-
- setMaxmindCityDbPath(String) - Method in interface com.mozilla.secops.InputOptions
-
- setMaxmindCityDbPath(String) - Method in class com.mozilla.secops.parser.ParserCfg
-
Set Maxmind City database path
- setMaxmindIspDbPath(String) - Method in interface com.mozilla.secops.InputOptions
-
- setMaxmindIspDbPath(String) - Method in class com.mozilla.secops.parser.ParserCfg
-
Set Maxmind ISP database path
- setMaxmindLicenseKey(String) - Method in interface com.mozilla.secops.InputOptions
-
- setMaxTimestampDifference(Integer) - Method in class com.mozilla.secops.parser.ParserCfg
-
Set maximum allowable timestamp difference
- setMean(Double) - Method in class com.mozilla.secops.Stats.StatsOutput
-
Set mean value in result
- setMemcachedHost(String) - Method in class com.mozilla.secops.alert.AlertConfiguration
-
Set memcached host
- setMemcachedHost(String) - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- setMemcachedHost(String) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setMemcachedPort(Integer) - Method in class com.mozilla.secops.alert.AlertConfiguration
-
Set memcached port
- setMemcachedPort(Integer) - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- setMemcachedPort(Integer) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setMetadata(ArrayList<AlertMeta>) - Method in class com.mozilla.secops.alert.Alert
-
Set alert metadata
- setMetadataValue(AlertMeta.Key, String) - Method in class com.mozilla.secops.alert.Alert
-
Change an existing metadata value
- setMinimumDistanceForAlert(Double) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setMinimumDistanceForAlertMonitorOnly(Double) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setMonitoredResource(String) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set monitored resource
- setMonitoredResourceIndicator(String) - Method in interface com.mozilla.secops.OutputOptions
-
- setMozlog(Mozlog) - Method in class com.mozilla.secops.parser.Event
-
Set mozlog value
- setNatDetection(Boolean) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setNotifyMergeKey(String) - Method in class com.mozilla.secops.alert.Alert
-
Set alert merge key for notifications in metadata
- setObject(String) - Method in class com.mozilla.secops.IprepdIO.ExemptedObject
-
Set object string
- setObject(String) - Method in class com.mozilla.secops.IprepdIO.ReputationValue
-
Set object field
- setObject(String) - Method in class com.mozilla.secops.parser.Normalized
-
Set object field
- setObject(String) - Method in class com.mozilla.secops.Watchlist.WatchlistEntry
-
Set object string
- setOperatingMode(Input.OperatingMode) - Method in class com.mozilla.secops.input.Input
-
Set operating mode
- setOutputAlertEmailCatchall(String) - Method in interface com.mozilla.secops.OutputOptions
-
- setOutputAlertEmailFrom(String) - Method in interface com.mozilla.secops.OutputOptions
-
- setOutputAlertGcsTemplateBasePath(String) - Method in interface com.mozilla.secops.OutputOptions
-
- setOutputAlertSlackCatchall(String) - Method in interface com.mozilla.secops.OutputOptions
-
- setOutputAlertSlackToken(String) - Method in interface com.mozilla.secops.OutputOptions
-
- setOutputAlertSmtpCredentials(String) - Method in interface com.mozilla.secops.OutputOptions
-
- setOutputAlertSmtpRelay(String) - Method in interface com.mozilla.secops.OutputOptions
-
- setOutputAlertTemplates(String[]) - Method in interface com.mozilla.secops.OutputOptions
-
- setOutputBigQuery(String) - Method in interface com.mozilla.secops.OutputOptions
-
- setOutputFile(String) - Method in interface com.mozilla.secops.OutputOptions
-
- setOutputIprepd(String[]) - Method in interface com.mozilla.secops.OutputOptions
-
- setOutputIprepdDatastoreExemptionsProject(String) - Method in interface com.mozilla.secops.OutputOptions
-
- setOutputIprepdEnableDatastoreExemptions(Boolean) - Method in interface com.mozilla.secops.OutputOptions
-
- setOutputPubsub(String[]) - Method in interface com.mozilla.secops.OutputOptions
-
- setOutputSqs(String) - Method in interface com.mozilla.secops.OutputOptions
-
- setParentInput(Input) - Method in class com.mozilla.secops.input.InputElement
-
- setParserConfiguration(ParserCfg) - Method in class com.mozilla.secops.input.InputElement
-
Set the parser configuration to use with parsed reads
- setParserFastMatcher(String) - Method in interface com.mozilla.secops.InputOptions
-
- setParserFastMatcher(String) - Method in class com.mozilla.secops.parser.ParserCfg
-
Set parser fast matcher
- setPasswordResetAbuseThreshold(Integer) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setPayload(T) - Method in class com.mozilla.secops.parser.Event
-
Set event payload.
- setPayloadFilters(ArrayList<EventFilterPayloadInterface>) - Method in class com.mozilla.secops.parser.EventFilterPayloadOr
-
Set configured payload filters
- setPayloadFilters(ArrayList<EventFilterPayloadInterface>) - Method in class com.mozilla.secops.parser.EventFilterRule
-
Set payload filters
- setPayloadType(String) - Method in class com.mozilla.secops.parser.EventFilterPayload
-
Set payload filter
- setPerEndpointErrorRateAlertSuppressionDurationSeconds(Long) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setPerEndpointErrorRateAlertSuppressionDurationSeconds(Long) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set alert suppression duration for per endpoint error rate
- setPerEndpointErrorRateAnalysisSuppressRecovery(Integer) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setPerEndpointErrorRatePaths(String[]) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setPerEndpointErrorRatePaths(String[]) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set enable per endpoint error rate analysis setting
- setPerEndpointErrorRateSuppressRecovery(Integer) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set enable per endpoint error rate analysis setting
- setPipelineMultimodeConfiguration(String) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setPipelineVersion(String) - Method in interface com.mozilla.secops.InputOptions
-
- setProject(String) - Method in class com.mozilla.secops.input.Input
-
Set project
- setPubsubInputs(ArrayList<String>) - Method in class com.mozilla.secops.input.InputElement
-
Set Pubsub inputs
- setRealAddress(String) - Method in class com.mozilla.secops.customs.PrivateRelayForward.PrivateRelayForwardState
-
Set real address
- setReason(String) - Method in class com.mozilla.secops.customs.CustomsAlert
-
Set reason
- setReferenceID(String) - Method in class com.mozilla.secops.parser.Normalized
-
- setRemoteAddressChain(String) - Method in class com.mozilla.secops.parser.models.amo.Amo
-
Set remoteAddressChain
- setReputation(Integer) - Method in class com.mozilla.secops.IprepdIO.ReputationValue
-
Set reputation value
- setRequestMethod(String) - Method in class com.mozilla.secops.parser.Normalized
-
Set request method field
- setRequestStatus(Integer) - Method in class com.mozilla.secops.parser.Normalized
-
Set request status
- setRequestUrl(String) - Method in class com.mozilla.secops.parser.Normalized
-
Set request URL field
- setRequiredMinimumAverage(Double) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setRequiredMinimumAverage(Double) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set required minimum average
- setRequiredMinimumClients(Long) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setRequiredMinimumClients(Long) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set required minimum clients
- setRequiredMinimumRequestsPerClient(Long) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setRequiredMinimumRequestsPerClient(Long) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set required minimum number of requests per client
- setResultValue(T) - Method in class com.mozilla.secops.state.StateOperation
-
Set result value
- setResultValues(ArrayList<T>) - Method in class com.mozilla.secops.state.StateOperation
-
Set result values
- setRules(ArrayList<EventFilterRule>) - Method in class com.mozilla.secops.parser.EventFilter
-
Set filter rules
- setServiceToggles(HashMap<String, HTTPRequestToggles>) - Method in class com.mozilla.secops.httprequest.HTTPRequestMultiMode
-
Set service toggles
- setSessionContext(SessionContext) - Method in class com.mozilla.secops.parser.models.cloudtrail.UserIdentity
-
- setSessionGapDurationMinutes(Long) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setSessionGapDurationMinutes(Long) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set session gap duration minutes
- setSessionIssuer(HashMap<String, String>) - Method in class com.mozilla.secops.parser.models.cloudtrail.SessionContext
-
- setSessionLimitAnalysisPaths(String[]) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setSessionLimitAnalysisPaths(String[]) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set session analysis pathes
- setSessionLimitAnalysisSuppressRecovery(Integer) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setSessionLimitAnalysisSuppressRecovery(Integer) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set session limit analysis suppress recovery
- setSeverity(Alert.AlertSeverity) - Method in class com.mozilla.secops.alert.Alert
-
Set alert severity
- setSeverity(CustomsAlert.AlertSeverity) - Method in class com.mozilla.secops.customs.CustomsAlert
-
Set severity
- setSeverity(Alert.AlertSeverity) - Method in class com.mozilla.secops.Watchlist.WatchlistEntry
-
Set severity
- setSlackCatchall(String) - Method in class com.mozilla.secops.alert.AlertConfiguration
-
Set slack catchall channel id
- setSlackCatchallTemplate(String) - Method in class com.mozilla.secops.alert.Alert
-
Set slack catchall template name
- setSlackChannelNotification(Boolean) - Method in interface com.mozilla.secops.pioneer.Pioneer.PioneerOptions
-
- setSlackTemplate(String) - Method in class com.mozilla.secops.alert.Alert
-
Set slack template name
- setSlackToken(String) - Method in class com.mozilla.secops.alert.AlertConfiguration
-
Set slack bot token
- setSmtpCredentials(String) - Method in class com.mozilla.secops.alert.AlertConfiguration
-
Set SMTP credentials
- setSmtpRelay(String) - Method in class com.mozilla.secops.alert.AlertConfiguration
-
Set SMTP relay
- setSourceAddress(String, GeoIP.GeoIPData.GeoResolutionMode, ParserState) - Method in class com.mozilla.secops.parser.GeoIP.GeoIPData
-
Set source address field
- setSourceAddress(String, ParserState) - Method in class com.mozilla.secops.parser.Normalized
-
Set source address field
- setSourceAddress(String) - Method in class com.mozilla.secops.parser.Normalized
-
Set source address field
- setSourceAddress(String, ParserState, Normalized) - Method in class com.mozilla.secops.parser.SourcePayloadBase
-
Set source address field
- setSourceAddress(String) - Method in class com.mozilla.secops.parser.SourcePayloadBase
-
Set source address field
- setSourceAddress(String) - Method in class com.mozilla.secops.SourceCorrelation.SourceData
-
Set source address
- setSourceCorrelatorAlertPercentage(Double) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setSourceCorrelatorAlertPercentage(Double) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set source correlator alert percentage
- setSourceCorrelatorMinimumAddresses(Integer) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setSourceCorrelatorMinimumAddresses(Integer) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set source correlator minimum addresses
- setSourceDataType(SourceCorrelation.SourceData.SourceDataType) - Method in class com.mozilla.secops.SourceCorrelation.SourceData
-
Set source data type
- setSourceLoginFailureDistributedThreshold(Integer) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setSourceLoginFailureThreshold(Integer) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setStackdriverLabelFilters(String[]) - Method in interface com.mozilla.secops.InputOptions
-
- setStackdriverLabelFilters(String[]) - Method in class com.mozilla.secops.parser.ParserCfg
-
Set Stackdriver label filters
- setStackdriverLabels(Map<String, String>) - Method in class com.mozilla.secops.parser.Event
-
Set Stackdriver labels
- setStackdriverProject(String) - Method in class com.mozilla.secops.parser.Event
-
Set Stackdriver project name
- setStackdriverProjectFilter(String) - Method in interface com.mozilla.secops.InputOptions
-
- setStackdriverProjectFilter(String) - Method in class com.mozilla.secops.parser.ParserCfg
-
Set Stackdriver project filter
- setStatusCodeAnalysisCode(Integer) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set code for client status code rate analysis
- setStatusCodeRateAnalysisCode(Integer) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setStatusComparatorAddressPath(String) - Method in interface com.mozilla.secops.customs.Customs.CustomsOptions
-
- setStatusTag(Normalized.StatusTag) - Method in class com.mozilla.secops.parser.Normalized
-
Set normalized status tag
- setStringMatchers(Map<EventFilterPayload.StringProperty, String>) - Method in class com.mozilla.secops.parser.EventFilterPayload
-
Set configured string matchers
- setStringRegexMatchers(Map<EventFilterPayload.StringProperty, String>) - Method in class com.mozilla.secops.parser.EventFilterPayload
-
Set configured string regex matchers
- setSubcategory(String) - Method in class com.mozilla.secops.alert.Alert
-
Set alert subcategory
- setSubject(String) - Method in class com.mozilla.secops.authstate.AuthStateModel
-
Set subject associated with model
- setSubjectUser(String) - Method in class com.mozilla.secops.parser.Normalized
-
Set subject user field
- setSubjectUserIdentity(String) - Method in class com.mozilla.secops.parser.Normalized
-
Set subject user identity field
- setSuggestedAction(CustomsAlert.AlertAction) - Method in class com.mozilla.secops.customs.CustomsAlert
-
Set suggested action
- setSummary(String) - Method in class com.mozilla.secops.alert.Alert
-
Set alert summary
- setTaskclusterData(Taskcluster) - Method in class com.mozilla.secops.parser.Taskcluster
-
Set Taskcluster data element
- setTimestamp(DateTime) - Method in class com.mozilla.secops.alert.Alert
-
Override alert timestamp
- setTimestamp(DateTime) - Method in class com.mozilla.secops.authstate.AuthStateModel.ModelEntry
-
Set timestamp of entry
- setTimestamp(DateTime) - Method in class com.mozilla.secops.customs.CustomsAlert
-
Set timestamp
- setTimestamp(DateTime) - Method in class com.mozilla.secops.customs.CustomsAtRiskAccountState.CustomsAtRiskAccountStateModel.ScannedByEntry
-
Set timestamp of entry
- setTimestamp(DateTime) - Method in class com.mozilla.secops.parser.Event
-
Set event timestamp.
- setTotalElements(Long) - Method in class com.mozilla.secops.Stats.StatsOutput
-
Set total elements that made up result
- setTotalSum(Long) - Method in class com.mozilla.secops.Stats.StatsOutput
-
Set total sum in result
- setType(String) - Method in class com.mozilla.secops.IprepdIO.ExemptedObject
-
Set type string
- setType(String) - Method in class com.mozilla.secops.IprepdIO.ReputationValue
-
Set type value
- setType(Normalized.Type) - Method in class com.mozilla.secops.parser.Normalized
-
Set normalized data type
- setType(String) - Method in class com.mozilla.secops.Watchlist.WatchlistEntry
-
Set type string
- setUid(String) - Method in class com.mozilla.secops.customs.PrivateRelayForward.PrivateRelayForwardState
-
Set UID
- setUid(String) - Method in class com.mozilla.secops.parser.models.amo.Amo
-
Set uid
- setup() - Method in class com.mozilla.secops.alert.AlertFormatter
-
- setup() - Method in class com.mozilla.secops.authprofile.AuthProfile.ExtractIdentity
-
- setup() - Method in class com.mozilla.secops.authprofile.AuthProfile.StateAnalyze
-
- setup() - Method in class com.mozilla.secops.customs.CustomsPreFilter
-
- setup() - Method in class com.mozilla.secops.parser.ParserDoFn
-
- setup() - Method in class com.mozilla.secops.parser.ParserMultiDoFn
-
- setup() - Method in class com.mozilla.secops.postprocessing.PostProcessing.WatchlistAnalyze
-
- setUrlRequestHost(String) - Method in class com.mozilla.secops.parser.Normalized
-
Set extracted URL request host field
- setUrlRequestPath(String) - Method in class com.mozilla.secops.parser.Normalized
-
Set extracted URL request path field
- setUseEventTimestamp(Boolean) - Method in interface com.mozilla.secops.InputOptions
-
- setUseEventTimestamp(Boolean) - Method in class com.mozilla.secops.parser.ParserCfg
-
Set event timestamp emission setting
- setUseEventTimestampForAlert(Boolean) - Method in interface com.mozilla.secops.authprofile.AuthProfile.AuthProfileOptions
-
- setUseProxyXff(Boolean) - Method in interface com.mozilla.secops.InputOptions
-
- setUseProxyXff(Boolean) - Method in class com.mozilla.secops.parser.ParserCfg
-
Set enable proxy xff
- setUserAgent(String) - Method in class com.mozilla.secops.authstate.AuthStateModel.ModelEntry
-
Set user agent field
- setUserAgent(String) - Method in class com.mozilla.secops.parser.Normalized
-
Set user agent
- setUserAgentBlocklistPath(String) - Method in interface com.mozilla.secops.httprequest.HTTPRequest.HTTPRequestOptions
-
- setUserAgentBlocklistPath(String) - Method in class com.mozilla.secops.httprequest.HTTPRequestToggles
-
Set user agent blocklist path
- setUseXffAsRemote(Boolean) - Method in interface com.mozilla.secops.InputOptions
-
- setUseXffAsRemote(Boolean) - Method in class com.mozilla.secops.parser.ParserCfg
-
Parse the X-Forwarded-For header instead of the remote addr
- setValue(String) - Method in class com.mozilla.secops.alert.AlertMeta
-
Set metadata value
- setWantStackdriverLabels(Map<String, String>) - Method in class com.mozilla.secops.parser.EventFilterRule
-
Set Stackdriver label filters
- setWantUTC(Boolean) - Method in class com.mozilla.secops.parser.EventFilter
-
Choose to ignore non-UTC timezone events
- setWarningSeverityEmail(String) - Method in interface com.mozilla.secops.postprocessing.PostProcessing.PostProcessingOptions
-
- setXffAddressSelector(String) - Method in interface com.mozilla.secops.InputOptions
-
- setXffAddressSelector(ArrayList<String>) - Method in class com.mozilla.secops.parser.ParserCfg
-
Set XFF address selectors
- shouldAlertViaEmail() - Method in class com.mozilla.secops.identity.Identity
-
Returns true if this identity should be alerted via email
- shouldAlertViaSlack() - Method in class com.mozilla.secops.identity.Identity
-
Returns true if this identity should be alerted via slack
- shouldNotifyViaEmail() - Method in class com.mozilla.secops.identity.Identity
-
Returns true if this identity should be notified via email
- shouldNotifyViaSlack() - Method in class com.mozilla.secops.identity.Identity
-
Returns true if this identity should be notified via slack
- shouldUseXff() - Method in class com.mozilla.secops.parser.Parser
-
Returns true if using an XFF header is enabled in the parser
- simplex() - Method in class com.mozilla.secops.input.Input
-
Enable simplex input mode
- SIMPLEX_DEFAULT_ELEMENT - Static variable in class com.mozilla.secops.input.Input
-
Default simplex element name
- simplexRead() - Method in class com.mozilla.secops.input.Input
-
Return a transform that will ingest data, and emit parsed events in simplex mode
- SimplexReader(Input) - Constructor for class com.mozilla.secops.input.Input.SimplexReader
-
Create new SimplexReader
- SimplexReaderRaw(Input) - Constructor for class com.mozilla.secops.input.Input.SimplexReaderRaw
-
Create new SimplexReaderRaw
- simplexReadRaw() - Method in class com.mozilla.secops.input.Input
-
Return a transform that will ingest data, and emit raw strings in simplex mode
- SlackManager - Class in com.mozilla.secops.slack
-
- SlackManager(String) - Constructor for class com.mozilla.secops.slack.SlackManager
-
Construct new slack manager object
- SourceCorrelation - Class in com.mozilla.secops
-
Source address ingestion and alert correlation
- SourceCorrelation() - Constructor for class com.mozilla.secops.SourceCorrelation
-
- SourceCorrelation.AlertSourceExtractor - Class in com.mozilla.secops
-
- SourceCorrelation.EventSourceExtractor - Class in com.mozilla.secops
-
- SourceCorrelation.SourceCorrelator - Class in com.mozilla.secops
-
Transform for source address alert and ingestion correlation
- SourceCorrelation.SourceData - Class in com.mozilla.secops
-
SourceData is an intermediate format used to store information about a given source address
observed in the ingestion or alert stream.
- SourceCorrelation.SourceData.SourceDataType - Enum in com.mozilla.secops
-
Source data types
- SourceCorrelator(HTTPRequestToggles) - Constructor for class com.mozilla.secops.SourceCorrelation.SourceCorrelator
-
Initialize new SourceCorrelator
- SourceData() - Constructor for class com.mozilla.secops.SourceCorrelation.SourceData
-
- SourceId - Class in com.mozilla.secops.parser.models.etd
-
- SourceId() - Constructor for class com.mozilla.secops.parser.models.etd.SourceId
-
- SourceLogId - Class in com.mozilla.secops.parser.models.etd
-
- SourceLogId() - Constructor for class com.mozilla.secops.parser.models.etd.SourceLogId
-
- SourceLoginFailure - Class in com.mozilla.secops.customs
-
Simple detection of excessive login failures per-source across fixed window
- SourceLoginFailure(Customs.CustomsOptions) - Constructor for class com.mozilla.secops.customs.SourceLoginFailure
-
Initialize new SourceLoginFailure
- SourceLoginFailureDist - Class in com.mozilla.secops.customs
-
Detect login failures for a single account occuring from multiple source addresses in a fixed
window of time.
- SourceLoginFailureDist(Customs.CustomsOptions) - Constructor for class com.mozilla.secops.customs.SourceLoginFailureDist
-
Initialize new SourceLoginFailureDist
- SourcePayloadBase - Class in com.mozilla.secops.parser
-
Extension of
PayloadBase
that unifies source address field handling
- SourcePayloadBase() - Constructor for class com.mozilla.secops.parser.SourcePayloadBase
-
Initialize SourcePayloadBase
- splitListValues(AlertMeta.Key, String) - Static method in class com.mozilla.secops.alert.AlertMeta
-
Split a list of values for a specific metadata key
- SqsIO - Class in com.mozilla.secops
-
SqsIO
provides an IO transform for writing messages to SQS
- SqsIO() - Constructor for class com.mozilla.secops.SqsIO
-
- SqsIO.Write - Class in com.mozilla.secops
-
- STACKDRIVER_LOG_RESOURCE_TYPE - Static variable in class com.mozilla.secops.parser.ETDBeta
-
StackDriver log resource type for an ETD Finding
- State - Class in com.mozilla.secops.state
-
Represents a generic state interface that can be used to store and load state from or to a
persistent storage source
- State(StateInterface) - Constructor for class com.mozilla.secops.state.State
-
- StateAnalyze(AuthProfile.AuthProfileOptions) - Constructor for class com.mozilla.secops.authprofile.AuthProfile.StateAnalyze
-
- StateCursor<T> - Class in com.mozilla.secops.state
-
Generic state cursor implementation
- StateCursor(Class<T>) - Constructor for class com.mozilla.secops.state.StateCursor
-
- StateException - Exception in com.mozilla.secops.state
-
Exception indicating a general error in state processing
- StateException(String) - Constructor for exception com.mozilla.secops.state.StateException
-
- StateInterface - Interface in com.mozilla.secops.state
-
Interface for state implementations
- StateOperation<T> - Class in com.mozilla.secops.state
-
Represents a single state operation
- StateOperation() - Constructor for class com.mozilla.secops.state.StateOperation
-
Create new StateOperation
- StateOperation.OperationType - Enum in com.mozilla.secops.state
-
Available state operation types
- Stats - Class in com.mozilla.secops
-
Generic statistics class
- Stats.StatsCombiner - Class in com.mozilla.secops
-
Combine.CombineFn
for performing statistics operations on a collection of values
- Stats.StatsOutput - Class in com.mozilla.secops
-
Output of statistics transform
- StatusCodeRateAnalysis - Class in com.mozilla.secops.httprequest.heuristics
-
Transform for analysis of rates of specific response codes per client in a fixed window
- StatusCodeRateAnalysis(HTTPRequestToggles, Boolean, String) - Constructor for class com.mozilla.secops.httprequest.heuristics.StatusCodeRateAnalysis
-
- StreamWriter - Class in com.mozilla.secops.streamwriter
-
Simple IO stream writer
- StreamWriter() - Constructor for class com.mozilla.secops.streamwriter.StreamWriter
-
- StreamWriter.StreamWriterOptions - Interface in com.mozilla.secops.streamwriter
-
- StringDistance - Class in com.mozilla.secops
-
Levenshtein string distance calculation
- StringDistance() - Constructor for class com.mozilla.secops.StringDistance
-
- stripMaskFromCidr(String) - Static method in class com.mozilla.secops.CidrUtil
-
Strip the mask component from a CIDR subnet.
- SuppressAlerts(ETDTransforms.Options) - Constructor for class com.mozilla.secops.gatekeeper.ETDTransforms.SuppressAlerts
-
static initializer for alert suppression
- SuppressAlerts(GuardDutyTransforms.Options) - Constructor for class com.mozilla.secops.gatekeeper.GuardDutyTransforms.SuppressAlerts
-
static initializer for alert suppression
- SYSLOG_TS_RE - Static variable in class com.mozilla.secops.parser.Parser
-
- validate(String) - Method in enum com.mozilla.secops.alert.AlertMeta.Key
-
Validate the format of a value to be used for this key
- validate() - Method in class com.mozilla.secops.alert.TemplateManager
-
Validate TemplateManager by checking that all registered templates can be found.
- validEmail(String) - Static method in class com.mozilla.secops.MiscUtil
-
Validate email address format
- valueOf(String) - Static method in enum com.mozilla.secops.alert.Alert.AlertSeverity
-
Returns the enum constant of this type with the specified name.
- valueOf(String) - Static method in enum com.mozilla.secops.alert.AlertMeta.Key.AssociatedKey
-
Returns the enum constant of this type with the specified name.
- valueOf(String) - Static method in enum com.mozilla.secops.alert.AlertMeta.Key
-
Returns the enum constant of this type with the specified name.
- valueOf(String) - Static method in enum com.mozilla.secops.alert.AlertMeta.Key.ValueType
-
Returns the enum constant of this type with the specified name.
- valueOf(String) - Static method in enum com.mozilla.secops.authprofile.AuthProfile.StateAnalyze.ActionType
-
Returns the enum constant of this type with the specified name.
- valueOf(String) - Static method in enum com.mozilla.secops.customs.CustomsAlert.AlertAction
-
Returns the enum constant of this type with the specified name.
- valueOf(String) - Static method in enum com.mozilla.secops.customs.CustomsAlert.AlertSeverity
-
Returns the enum constant of this type with the specified name.
- valueOf(String) - Static method in enum com.mozilla.secops.customs.CustomsAlert.IndicatorType
-
Returns the enum constant of this type with the specified name.
- valueOf(String) - Static method in enum com.mozilla.secops.identity.NotificationPreferences.Method
-
Returns the enum constant of this type with the specified name.
- valueOf(String) - Static method in enum com.mozilla.secops.parser.AmoDocker.EventType
-
Returns the enum constant of this type with the specified name.
- valueOf(String) - Static method in enum com.mozilla.secops.parser.BmoAudit.AuditType
-
Returns the enum constant of this type with the specified name.
- valueOf(String) - Static method in enum com.mozilla.secops.parser.EventFilterPayload.IntegerProperty
-
Returns the enum constant of this type with the specified name.
- valueOf(String) - Static method in enum com.mozilla.secops.parser.EventFilterPayload.StringProperty
-
Returns the enum constant of this type with the specified name.
- valueOf(String) - Static method in enum com.mozilla.secops.parser.FxaAuth.EventSummary
-
Returns the enum constant of this type with the specified name.
- valueOf(String) - Static method in enum com.mozilla.secops.parser.FxaContent.RequestType
-
Returns the enum constant of this type with the specified name.
- valueOf(String) - Static method in enum com.mozilla.secops.parser.GeoIP.GeoIPData.GeoResolutionMode
-
Returns the enum constant of this type with the specified name.
- valueOf(String) - Static method in enum com.mozilla.secops.parser.models.fxaauth.FxaAuth.Errno
-
Returns the enum constant of this type with the specified name.
- valueOf(String) - Static method in enum com.mozilla.secops.parser.Normalized.StatusTag
-
Returns the enum constant of this type with the specified name.
- valueOf(String) - Static method in enum com.mozilla.secops.parser.Normalized.Type
-
Returns the enum constant of this type with the specified name.
- valueOf(String) - Static method in enum com.mozilla.secops.parser.Payload.PayloadType
-
Returns the enum constant of this type with the specified name.
- valueOf(String) - Static method in enum com.mozilla.secops.parser.PrivateRelay.EventType
-
Returns the enum constant of this type with the specified name.
- valueOf(String) - Static method in enum com.mozilla.secops.SourceCorrelation.SourceData.SourceDataType
-
Returns the enum constant of this type with the specified name.
- valueOf(String) - Static method in enum com.mozilla.secops.state.StateOperation.OperationType
-
Returns the enum constant of this type with the specified name.
- valueOf(String) - Static method in enum com.mozilla.secops.Violation.ViolationType
-
Returns the enum constant of this type with the specified name.
- values() - Static method in enum com.mozilla.secops.alert.Alert.AlertSeverity
-
Returns an array containing the constants of this enum type, in
the order they are declared.
- values() - Static method in enum com.mozilla.secops.alert.AlertMeta.Key.AssociatedKey
-
Returns an array containing the constants of this enum type, in
the order they are declared.
- values() - Static method in enum com.mozilla.secops.alert.AlertMeta.Key
-
Returns an array containing the constants of this enum type, in
the order they are declared.
- values() - Static method in enum com.mozilla.secops.alert.AlertMeta.Key.ValueType
-
Returns an array containing the constants of this enum type, in
the order they are declared.
- values() - Static method in enum com.mozilla.secops.authprofile.AuthProfile.StateAnalyze.ActionType
-
Returns an array containing the constants of this enum type, in
the order they are declared.
- values() - Static method in enum com.mozilla.secops.customs.CustomsAlert.AlertAction
-
Returns an array containing the constants of this enum type, in
the order they are declared.
- values() - Static method in enum com.mozilla.secops.customs.CustomsAlert.AlertSeverity
-
Returns an array containing the constants of this enum type, in
the order they are declared.
- values() - Static method in enum com.mozilla.secops.customs.CustomsAlert.IndicatorType
-
Returns an array containing the constants of this enum type, in
the order they are declared.
- values() - Static method in enum com.mozilla.secops.identity.NotificationPreferences.Method
-
Returns an array containing the constants of this enum type, in
the order they are declared.
- values() - Static method in enum com.mozilla.secops.parser.AmoDocker.EventType
-
Returns an array containing the constants of this enum type, in
the order they are declared.
- values() - Static method in enum com.mozilla.secops.parser.BmoAudit.AuditType
-
Returns an array containing the constants of this enum type, in
the order they are declared.
- values() - Static method in enum com.mozilla.secops.parser.EventFilterPayload.IntegerProperty
-
Returns an array containing the constants of this enum type, in
the order they are declared.
- values() - Static method in enum com.mozilla.secops.parser.EventFilterPayload.StringProperty
-
Returns an array containing the constants of this enum type, in
the order they are declared.
- values() - Static method in enum com.mozilla.secops.parser.FxaAuth.EventSummary
-
Returns an array containing the constants of this enum type, in
the order they are declared.
- values() - Static method in enum com.mozilla.secops.parser.FxaContent.RequestType
-
Returns an array containing the constants of this enum type, in
the order they are declared.
- values() - Static method in enum com.mozilla.secops.parser.GeoIP.GeoIPData.GeoResolutionMode
-
Returns an array containing the constants of this enum type, in
the order they are declared.
- values() - Static method in enum com.mozilla.secops.parser.models.fxaauth.FxaAuth.Errno
-
Returns an array containing the constants of this enum type, in
the order they are declared.
- values() - Static method in enum com.mozilla.secops.parser.Normalized.StatusTag
-
Returns an array containing the constants of this enum type, in
the order they are declared.
- values() - Static method in enum com.mozilla.secops.parser.Normalized.Type
-
Returns an array containing the constants of this enum type, in
the order they are declared.
- values() - Static method in enum com.mozilla.secops.parser.Payload.PayloadType
-
Returns an array containing the constants of this enum type, in
the order they are declared.
- values() - Static method in enum com.mozilla.secops.parser.PrivateRelay.EventType
-
Returns an array containing the constants of this enum type, in
the order they are declared.
- values() - Static method in enum com.mozilla.secops.SourceCorrelation.SourceData.SourceDataType
-
Returns an array containing the constants of this enum type, in
the order they are declared.
- values() - Static method in enum com.mozilla.secops.state.StateOperation.OperationType
-
Returns an array containing the constants of this enum type, in
the order they are declared.
- values() - Static method in enum com.mozilla.secops.Violation.ViolationType
-
Returns an array containing the constants of this enum type, in
the order they are declared.
- VELOCITY_KIND - Static variable in class com.mozilla.secops.customs.CustomsVelocity
-
- Version - Class in com.mozilla.secops
-
- Version() - Constructor for class com.mozilla.secops.Version
-
- Violation - Class in com.mozilla.secops
-
Represents a violation as would be submitted to iprepd
- Violation(String, String, String) - Constructor for class com.mozilla.secops.Violation
-
- Violation(String, String, String, Integer) - Constructor for class com.mozilla.secops.Violation
-
Create new
Violation
with recovery suppression value
- Violation.ViolationType - Enum in com.mozilla.secops
-
Valid violation types
- VIOLATION_WRITES_METRIC - Static variable in class com.mozilla.secops.IprepdIO
-
Custom metric name used to count iprepd violation submissions from write functions