Container
SoftLayer_Container_Network_IntrusionProtection_Event

Overview

The IntrusionProtection_Event object stores information about individual intrusion protection events.

It is a data container that cannot be edited, deleted, or saved.

It is returned by many methods in the TippingPointReporting object, but never directly, always as a child of another container object.

Local Properties

actionTaken

The action that was taken when this attack was discovered. Can be either "Block" or "Permit"

Type:

string

attackCount

The number of attacks in this block. Attacks are grouped differently based on the query performed on the tippingPointReporting object.

Type:

integer

attackLongDescription

Long description of the attack. May contain links to more information

Type:

string

attackName

Name of the attack

Type:

string

beginTime

The starting timestamp of the attack recorded, in Y-m-d H:i:s format. May not be set, depending on the type of query performed.

Type:

string

bugtraqId

The BugTraq ID(s), if any, associated with this attack signature.

Type:

string

classification

The human-readable classification of the attack

Type:

string

CVEId

The CVE ID(s), if any, associated with this attack signature.

Type:

string

destinationIpAddress

The IP Address (as a dotted decimal string) of the machine that was the target of the attack

Type:

string

destinationPort

The port the attack was directed at

Type:

integer

endTime

The ending timestamp of the attack recorded, in Y-m-d H:i:s format. May not be set, depending on the type of query performed.

Type:

string

platform

The platform affected by the attack

Type:

string

protocol

The protocol used in the attack

Type:

string

severity

The human-readable severity of this attack, from "Low" to "Critical"

Type:

string

signatureId

Unique ID of the "Signature" in question. The signature determines the type of attack recorded. SignatureId is used in the drillDown() function on the TippingPointReporting service

Type:

string

sourceIpAddress

The IP Address (as a dotted decimal string) of the machine originating the attack

Type:

string

sourcePort

The port the attack originated from

Type:

integer

Relational & Count Properties

Relational Properties can be queried by object mask