OBJECT

GetAnomalyDetailsReply

Description

Anomaly analysis report from lambda service.

link GraphQL Schema definition

  • type GetAnomalyDetailsReply {
  • # The internal FID of the object.
  • workloadFid: String!
  • # The internal ID of the object.
  • workloadId: String!
  • # The name of the object.
  • workloadName: String!
  • # The internal ID of the snapshot.
  • snapshotId: String!
  • # The internal FID of the snapshot.
  • snapshotFid: String!
  • # The internal managed ID of the object.
  • managedId: String!
  • # The ID of the previous snapshot.
  • previousSnapshotId: String!
  • # The count of new files created.
  • filesCreatedCount: Long!
  • # The count of files deleted.
  • filesDeletedCount: Long!
  • # The count of files modified.
  • filesModifiedCount: Long!
  • # Total number of suspicious files.
  • suspiciousFilesCount: Long!
  • # Total new bytes created.
  • bytesCreatedCount: Long!
  • # Total bytes modified.
  • bytesModifiedCount: Long!
  • # Total bytes deleted.
  • bytesDeletedCount: Long!
  • # Net change in the number of bytes. For example, if 5 bytes are added and 3 bytes
  • # deleted, this field returns 2 as the number of bytes that changed.
  • bytesNetChangedCount: Long!
  • # Total suspicious bytes.
  • bytesSuspiciousCount: Long!
  • # Level of encryption detected.
  • encryption: EncryptionLevel!
  • # The probability of the snapshot being anomalous.
  • anomalyProbability: Float!
  • # Specifies whether the snapshot is anomalous.
  • isAnomaly: Boolean!
  • # The date of the snapshot.
  • snapshotDate: DateTime
  • # The date of the previous snapshot.
  • previousSnapshotDate: DateTime
  • # Information about possible ransomware strains.
  • anomalyInfo: AnomalyInfo
  • # The id of the anomaly.
  • id: String!
  • # Time when the anomaly was detected.
  • detectionTime: DateTime
  • # Activity series id for the events of this anomaly.
  • activitySeriesId: String!
  • # Type of the anomaly detected.
  • anomalyType: AnomalyType!
  • # The FID of the previous snapshot.
  • previousSnapshotFid: String!
  • # Specifies the resolution status of the anomaly.
  • resolutionStatus: ResolutionStatus!
  • # The list of directories that can be snoozed from the anomaly.
  • potentialSnoozedDirectories: [String!]!
  • # Severity of the anomaly.
  • severity: ActivitySeverityEnum!
  • # The type of the object.
  • objectType: ObjectTypeEnum
  • # The Rubrik cluster of the object.
  • cluster: Cluster!
  • # The location of the object.
  • location: String!
  • # The analyzed snapshot.
  • snapshot: CdmSnapshot
  • # The previous snapshot.
  • previousSnapshot: CdmSnapshot
  • # The ransomware analysis result, including encryption.
  • ransomwareResult: RansomwareResult
  • }

link Require by