SoftLayer_Container_Network_IntrusionProtection_Event


SoftLayer_Container_Network_IntrusionProtection_Event

Description

The IntrusionProtection_Event object stores information about individual intrusion protection events.

It is a data container that cannot be edited, deleted, or saved.

It is returned by many methods in the TippingPointReporting object, but never directly, always as a child of another container object.

Local


CVEId

The CVE ID(s), if any, associated with this attack signature.
Type: string


actionTaken

The action that was taken when this attack was discovered. Can be either “Block” or “Permit”
Type: string


attackCount

The number of attacks in this block. Attacks are grouped differently based on the query performed on the tippingPointReporting object.
Type: integer


attackLongDescription

Long description of the attack. May contain links to more information
Type: string


attackName

Name of the attack
Type: string


beginTime

The starting timestamp of the attack recorded, in Y-m-d H:i:s format. May not be set, depending on the type of query performed.
Type: string


bugtraqId

The BugTraq ID(s), if any, associated with this attack signature.
Type: string


classification

The human-readable classification of the attack
Type: string


destinationIpAddress

The IP Address (as a dotted decimal string) of the machine that was the target of the attack
Type: string


destinationPort

The port the attack was directed at
Type: integer


endTime

The ending timestamp of the attack recorded, in Y-m-d H:i:s format. May not be set, depending on the type of query performed.
Type: string


platform

The platform affected by the attack
Type: string


protocol

The protocol used in the attack
Type: string


severity

The human-readable severity of this attack, from “Low” to “Critical”
Type: string


signatureId

Unique ID of the “Signature” in question. The signature determines the type of attack recorded. SignatureId is used in the drillDown() function on the TippingPointReporting service
Type: string


sourceIpAddress

The IP Address (as a dotted decimal string) of the machine originating the attack
Type: string


sourcePort

The port the attack originated from
Type: integer