Class: SDM::Query

Inherits:

Object

• Object
• SDM::Query

Defined in:

lib/models/porcelain.rb

Overview

A Query is a record of a single client request to a resource, such as a SQL query. Longer-running queries including long-running SSH commands and SSH, RDP, or Kubernetes interactive sessions will return two Query records with the same identifier, one record at the start of the query and a second record upon the completion of the query with additional detail.

Instance Attribute Summary

• #account_email ⇒ Object

  The email of the account performing this query, at the time the query was executed.

• #account_first_name ⇒ Object

  The given name of the account performing this query, at the time the query was executed.

• #account_id ⇒ Object

  Unique identifier of the Account that performed the Query.

• #account_last_name ⇒ Object

  The family name of the account performing this query, at the time the query was executed.

• #account_tags ⇒ Object

  The tags of the account accessed, at the time the query was executed.

• #authzjson ⇒ Object

  Authorization metadata associated with this query.

• #capture ⇒ Object

  For queries against SSH, Kubernetes, and RDP resources, this contains additional information about the captured query.

• #client_ip ⇒ Object

  The IP address the Query was performed from, as detected at the StrongDM control plane.

• #completed_at ⇒ Object

  The time at which the Query was completed.

• #duration ⇒ Object

  The duration of the Query.

• #egress_node_id ⇒ Object

  The unique ID of the node through which the Resource was accessed.

• #encrypted ⇒ Object

  Indicates that the body of the Query is encrypted.

• #id ⇒ Object

  Unique identifier of the Query.

• #identity_alias_username ⇒ Object

  The username of the IdentityAlias used to access the Resource.

• #query_body ⇒ Object

  The captured content of the Query.

• #query_category ⇒ Object

  The general category of Resource against which Query was performed, e.g.

• #query_hash ⇒ Object

  The hash of the body of the Query.

• #query_key ⇒ Object

  The symmetric key used to encrypt the body of this Query and its replay if replayable.

• #record_count ⇒ Object

  The number of records returned by the Query, for a database Resource.

• #remote_identity_username ⇒ Object

  The username of the RemoteIdentity used to access the Resource.

• #replayable ⇒ Object

  Indicates that the Query is replayable, e.g.

• #resource_id ⇒ Object

  Unique identifier of the Resource against which the Query was performed.

• #resource_name ⇒ Object

  The name of the resource accessed, at the time the query was executed.

• #resource_tags ⇒ Object

  The tags of the resource accessed, at the time the query was executed.

• #resource_type ⇒ Object

  The specific type of Resource against which the Query was performed, e.g.

• #source_ip ⇒ Object

  The IP address the Query was performed from, as detected at the ingress gateway.

• #target ⇒ Object

  The target destination of the query, in host:port format.

• #timestamp ⇒ Object

  The time at which the Query was started.

Instance Method Summary

• #initialize(account_email: nil, account_first_name: nil, account_id: nil, account_last_name: nil, account_tags: nil, authzjson: nil, capture: nil, client_ip: nil, completed_at: nil, duration: nil, egress_node_id: nil, encrypted: nil, id: nil, identity_alias_username: nil, query_body: nil, query_category: nil, query_hash: nil, query_key: nil, record_count: nil, remote_identity_username: nil, replayable: nil, resource_id: nil, resource_name: nil, resource_tags: nil, resource_type: nil, source_ip: nil, target: nil, timestamp: nil) ⇒ Query constructor

  A new instance of Query.

• #to_json(options = {}) ⇒ Object

Constructor Details

#initialize(account_email: nil, account_first_name: nil, account_id: nil, account_last_name: nil, account_tags: nil, authzjson: nil, capture: nil, client_ip: nil, completed_at: nil, duration: nil, egress_node_id: nil, encrypted: nil, id: nil, identity_alias_username: nil, query_body: nil, query_category: nil, query_hash: nil, query_key: nil, record_count: nil, remote_identity_username: nil, replayable: nil, resource_id: nil, resource_name: nil, resource_tags: nil, resource_type: nil, source_ip: nil, target: nil, timestamp: nil) ⇒ Query

Returns a new instance of Query.

# File 'lib/models/porcelain.rb', line 10949

def initialize(
  account_email: nil,
  account_first_name: nil,
  account_id: nil,
  account_last_name: nil,
  account_tags: nil,
  authzjson: nil,
  capture: nil,
  client_ip: nil,
  completed_at: nil,
  duration: nil,
  egress_node_id: nil,
  encrypted: nil,
  id: nil,
  identity_alias_username: nil,
  query_body: nil,
  query_category: nil,
  query_hash: nil,
  query_key: nil,
  record_count: nil,
  remote_identity_username: nil,
  replayable: nil,
  resource_id: nil,
  resource_name: nil,
  resource_tags: nil,
  resource_type: nil,
  source_ip: nil,
  target: nil,
  timestamp: nil
)
  @account_email = account_email == nil ? "" : account_email
  @account_first_name = account_first_name == nil ? "" : account_first_name
  @account_id = account_id == nil ? "" : account_id
  @account_last_name = account_last_name == nil ? "" : account_last_name
  @account_tags = account_tags == nil ? SDM::_porcelain_zero_value_tags() : account_tags
  @authzjson = authzjson == nil ? "" : authzjson
  @capture = capture == nil ? nil : capture
  @client_ip = client_ip == nil ? "" : client_ip
  @completed_at = completed_at == nil ? nil : completed_at
  @duration = duration == nil ? nil : duration
  @egress_node_id = egress_node_id == nil ? "" : egress_node_id
  @encrypted = encrypted == nil ? false : encrypted
  @id = id == nil ? "" : id
  @identity_alias_username = identity_alias_username == nil ? "" : identity_alias_username
  @query_body = query_body == nil ? "" : query_body
  @query_category = query_category == nil ? "" : query_category
  @query_hash = query_hash == nil ? "" : query_hash
  @query_key = query_key == nil ? "" : query_key
  @record_count = record_count == nil ? 0 : record_count
  @remote_identity_username = remote_identity_username == nil ? "" : remote_identity_username
  @replayable = replayable == nil ? false : replayable
  @resource_id = resource_id == nil ? "" : resource_id
  @resource_name = resource_name == nil ? "" : resource_name
  @resource_tags = resource_tags == nil ? SDM::_porcelain_zero_value_tags() : resource_tags
  @resource_type = resource_type == nil ? "" : resource_type
  @source_ip = source_ip == nil ? "" : source_ip
  @target = target == nil ? "" : target
  @timestamp = timestamp == nil ? nil : timestamp
end

Instance Attribute Details

#account_email ⇒ Object

The email of the account performing this query, at the time the query was executed. If the account email is later changed, that change will not be reflected via this field.

# File 'lib/models/porcelain.rb', line 10882

def account_email
  @account_email
end

#account_first_name ⇒ Object

The given name of the account performing this query, at the time the query was executed. If the account is later renamed, that change will not be reflected via this field.

# File 'lib/models/porcelain.rb', line 10885

def account_first_name
  @account_first_name
end

#account_id ⇒ Object

Unique identifier of the Account that performed the Query.

# File 'lib/models/porcelain.rb', line 10887

def account_id
  @account_id
end

#account_last_name ⇒ Object

The family name of the account performing this query, at the time the query was executed. If the account is later renamed, that change will not be reflected via this field.

# File 'lib/models/porcelain.rb', line 10890

def account_last_name
  @account_last_name
end

#account_tags ⇒ Object

The tags of the account accessed, at the time the query was executed. If the account tags are later changed, that change will not be reflected via this field.

# File 'lib/models/porcelain.rb', line 10893

def account_tags
  @account_tags
end

#authzjson ⇒ Object

Authorization metadata associated with this query.

# File 'lib/models/porcelain.rb', line 10895

def authzjson
  @authzjson
end

#capture ⇒ Object

For queries against SSH, Kubernetes, and RDP resources, this contains additional information about the captured query.

# File 'lib/models/porcelain.rb', line 10898

def capture
  @capture
end

#client_ip ⇒ Object

The IP address the Query was performed from, as detected at the StrongDM control plane.

# File 'lib/models/porcelain.rb', line 10900

def client_ip
  @client_ip
end

#completed_at ⇒ Object

The time at which the Query was completed. Empty if this record indicates the start of a long-running query.

# File 'lib/models/porcelain.rb', line 10903

def completed_at
  @completed_at
end

#duration ⇒ Object

The duration of the Query.

# File 'lib/models/porcelain.rb', line 10905

def duration
  @duration
end

#egress_node_id ⇒ Object

The unique ID of the node through which the Resource was accessed.

# File 'lib/models/porcelain.rb', line 10907

def egress_node_id
  @egress_node_id
end

#encrypted ⇒ Object

Indicates that the body of the Query is encrypted.

# File 'lib/models/porcelain.rb', line 10909

def encrypted
  @encrypted
end

#id ⇒ Object

Unique identifier of the Query.

# File 'lib/models/porcelain.rb', line 10911

def id
  @id
end

#identity_alias_username ⇒ Object

The username of the IdentityAlias used to access the Resource.

# File 'lib/models/porcelain.rb', line 10913

def identity_alias_username
  @identity_alias_username
end

#query_body ⇒ Object

The captured content of the Query. For queries against SSH, Kubernetes, and RDP resources, this contains a JSON representation of the QueryCapture.

# File 'lib/models/porcelain.rb', line 10916

def query_body
  @query_body
end

#query_category ⇒ Object

The general category of Resource against which Query was performed, e.g. "web" or "cloud".

# File 'lib/models/porcelain.rb', line 10918

def query_category
  @query_category
end

#query_hash ⇒ Object

The hash of the body of the Query.

# File 'lib/models/porcelain.rb', line 10920

def query_hash
  @query_hash
end

#query_key ⇒ Object

The symmetric key used to encrypt the body of this Query and its replay if replayable. If the Query is encrypted, this field contains an encrypted symmetric key in base64 encoding. This key must be decrypted with the organization's private key to obtain the symmetric key needed to decrypt the body. If the Query is not encrypted, this field is empty.

# File 'lib/models/porcelain.rb', line 10925

def query_key
  @query_key
end

#record_count ⇒ Object

The number of records returned by the Query, for a database Resource.

# File 'lib/models/porcelain.rb', line 10927

def record_count
  @record_count
end

#remote_identity_username ⇒ Object

The username of the RemoteIdentity used to access the Resource.

# File 'lib/models/porcelain.rb', line 10929

def remote_identity_username
  @remote_identity_username
end

#replayable ⇒ Object

Indicates that the Query is replayable, e.g. for some SSH or K8s sessions.

# File 'lib/models/porcelain.rb', line 10931

def replayable
  @replayable
end

#resource_id ⇒ Object

Unique identifier of the Resource against which the Query was performed.

# File 'lib/models/porcelain.rb', line 10933

def resource_id
  @resource_id
end

#resource_name ⇒ Object

The name of the resource accessed, at the time the query was executed. If the resource is later renamed, that change will not be reflected via this field.

# File 'lib/models/porcelain.rb', line 10936

def resource_name
  @resource_name
end

#resource_tags ⇒ Object

The tags of the resource accessed, at the time the query was executed. If the resource tags are later changed, that change will not be reflected via this field.

# File 'lib/models/porcelain.rb', line 10939

def resource_tags
  @resource_tags
end

#resource_type ⇒ Object

The specific type of Resource against which the Query was performed, e.g. "ssh" or "postgres".

# File 'lib/models/porcelain.rb', line 10941

def resource_type
  @resource_type
end

#source_ip ⇒ Object

The IP address the Query was performed from, as detected at the ingress gateway.

# File 'lib/models/porcelain.rb', line 10943

def source_ip
  @source_ip
end

#target ⇒ Object

The target destination of the query, in host:port format.

# File 'lib/models/porcelain.rb', line 10945

def target
  @target
end

#timestamp ⇒ Object

The time at which the Query was started.

# File 'lib/models/porcelain.rb', line 10947

def timestamp
  @timestamp
end

Instance Method Details

#to_json(options = {}) ⇒ Object

# File 'lib/models/porcelain.rb', line 11009

def to_json(options = {})
  hash = {}
  self.instance_variables.each do |var|
    hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
  end
  hash.to_json
end