Console
    Contact Us Start free

    FieldAndValue

    Indicator value with field path to identity an entity.

    JSON representation 
     { 
 "value" 
 : 
 string 
 , 
 "entityNamespace" 
 : 
 string 
 , 
 // Union field type 
can be only one of the following: 
 "fieldPath" 
 : 
 string 
 , 
 "valueType" 
 : 
 enum (  ValueType 
 
) 
 // End of list of possible types for union field type 
. 
 }
    Fields
    value

    string

    Required. Indicator to find entity.

    entityNamespace

    string

    Optional. Entity namespace

    Union field type .

    type can be only one of the following:

    fieldPath

    string

    Field path to look up the indicator query.

    valueType

    enum ( ValueType )

    Value type.

    ValueType

    Value type of the entity.

    Enums
    VALUE_TYPE_UNSPECIFIED Unspecified.
    ASSET_IP_ADDRESS Asset ip address.
    MAC Asset mac address.
    HOSTNAME Asset hostname.
    PRODUCT_SPECIFIC_ID Asset product id. Product specific ID for EDR/HIDS/AV products, etc.
    DOMAIN_NAME Domain name.
    RESOLVED_IP_ADDRESS Resolved ip address.
    PROCESS_ID EDR process id.
    FULL_COMMAND_LINE File full command line.
    FILE_NAME File name.
    FILE_PATH File path.
    HASH_MD5 Hash md5.
    HASH_SHA256 Hash sha256.
    HASH_SHA1 Hash sha1.
    RAW_PID Operating system process id.
    PARENT_PROCESS_ID Process id for the parent that spawned a process.
    EMAIL User email.
    USERNAME User username.
    WINDOWS_SID User windows sid.
    EMPLOYEE_ID User employee id.
    PRODUCT_OBJECT_ID User product object id. Product specific object ID for LDAP-like systems.
    CLOUD_RESOURCE_NAME Cloud resource name.
    RESOURCE_PRODUCT_OBJECT_ID Resource product object id.
    Design a Mobile Site
    View Site in Mobile | Classic
    Share by: