ThreatHuntResultObjectsSummary
Summary of a threat hunt for an object.
Fields
| Field | Type | Description |
|---|---|---|
| clusterInfo | Cluster | Cluster information. |
| earliestMatchedSnapshotDate | DateTime | Earliest snapshot date containing a match. |
| hasQuarantinedMatches | Boolean! | Specifies whether the object has quarantined matches. |
| latestMatchedSnapshotDate | DateTime | Latest snapshot date containing a match. |
| latestSnapshotWithoutMatchDate | DateTime | Latest snapshot date not containing a match. |
| location | String! | The object location. |
| matchTypes | [IndicatorOfCompromise!]! | List of indicators of compromise (IOCs) found in all the matches. |
| object | CdmHierarchySnappableNew | The scanned object, if it is a CDM object. |
| objectScanStatus | ThreatHuntObjectStatus! | Scan status of the object. |
| objectV2 | HierarchySnappable | The scanned object. |
| snapshotsStats | [ThreatHuntResultSnapshotStats!]! | Threat hunt summaries for each snapshot. |
| totalMatchedPaths | Long! | Total paths for which malware was found. |
| totalMatchedSnapshots | Int! | Total snapshots where a match was found. |
| totalUniqueMatchedPaths | Long! | Total unique paths for which malware was found. |
Used By
Queries
- query: threatHuntSummaryV2 (via connection)
Referenced by