FindingProviderSeverity
The severity assigned to a finding by the finding provider. This object may include one or more of the following attributes:
-
Label -
Normalized -
Original -
Product
If a BatchImportFindings request for a
new finding only provides Label or only provides Normalized, AWS Security Hub
automatically populates the value of the other field.
The Normalized and Product attributes are included in the FindingProviderSeverity
structure to preserve the historical information associated with the finding, even if the top-level
Severity object is later modified using the BatchUpdateFindings operation.
If the top-level Finding.Severity object is present, but Finding.FindingProviderFields isn't present,
Security Hub creates the FindingProviderFields.Severity object and copies the entire Finding.Severity object into it.
This ensures that the original, provider-supplied details are retained within the FindingProviderFields.Severity
object, even if the top-level Severity object is overwritten.
Contents
- Label
-
The severity label assigned to the finding by the finding provider.
Type: String
Valid Values:
INFORMATIONAL | LOW | MEDIUM | HIGH | CRITICALRequired: No
- Original
-
The finding provider's original value for the severity.
Length Constraints: Minimum length of 1. Maximum length of 64.
Type: String
Pattern:
.*\S.*Required: No
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
