Interface CfnFilter.FindingCriteriaProperty
- All Superinterfaces:
software.amazon.jsii.JsiiSerializable
- All Known Implementing Classes:
CfnFilter.FindingCriteriaProperty.Jsii$Proxy
- Enclosing class:
CfnFilter
@Stability(Stable)
public static interface CfnFilter.FindingCriteriaProperty
extends software.amazon.jsii.JsiiSerializable
Represents a map of finding properties that match specified conditions and values when querying findings.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import software.amazon.awscdk.services.guardduty.*; Object criterion; FindingCriteriaProperty findingCriteriaProperty = FindingCriteriaProperty.builder() .criterion(criterion) .itemType(ConditionProperty.builder() .eq(List.of("eq")) .equalTo(List.of("equalTo")) .greaterThan(123) .greaterThanOrEqual(123) .gt(123) .gte(123) .lessThan(123) .lessThanOrEqual(123) .lt(123) .lte(123) .neq(List.of("neq")) .notEquals(List.of("notEquals")) .build()) .build();
- See Also:
-
Nested Class Summary
Modifier and TypeInterfaceDescriptionstatic final class
A builder forCfnFilter.FindingCriteriaProperty
static final class
An implementation forCfnFilter.FindingCriteriaProperty
-
Method Summary
Methods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson
-
Method Details
-
getCriterion
Represents a map of finding properties that match specified conditions and values when querying findings.For information about JSON criterion mapping to their console equivalent, see Finding criteria . The following are the available criterion:
- accountId
- id
- region
- severity
To filter on the basis of severity, the API and AWS CLI use the following input list for the
FindingCriteria
condition:- Low :
["1", "2", "3"]
- Medium :
["4", "5", "6"]
- High :
["7", "8", "9"]
For more information, see Severity levels for GuardDuty findings in the Amazon GuardDuty User Guide .
- type
- updatedAt
Type: ISO 8601 string format:
YYYY-MM-DDTHH:MM:SS.SSSZ
orYYYY-MM-DDTHH:MM:SSZ
depending on whether the value contains milliseconds.- resource.accessKeyDetails.accessKeyId
- resource.accessKeyDetails.principalId
- resource.accessKeyDetails.userName
- resource.accessKeyDetails.userType
- resource.instanceDetails.iamInstanceProfile.id
- resource.instanceDetails.imageId
- resource.instanceDetails.instanceId
- resource.instanceDetails.tags.key
- resource.instanceDetails.tags.value
- resource.instanceDetails.networkInterfaces.ipv6Addresses
- resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress
- resource.instanceDetails.networkInterfaces.publicDnsName
- resource.instanceDetails.networkInterfaces.publicIp
- resource.instanceDetails.networkInterfaces.securityGroups.groupId
- resource.instanceDetails.networkInterfaces.securityGroups.groupName
- resource.instanceDetails.networkInterfaces.subnetId
- resource.instanceDetails.networkInterfaces.vpcId
- resource.instanceDetails.outpostArn
- resource.resourceType
- resource.s3BucketDetails.publicAccess.effectivePermissions
- resource.s3BucketDetails.name
- resource.s3BucketDetails.tags.key
- resource.s3BucketDetails.tags.value
- resource.s3BucketDetails.type
- service.action.actionType
- service.action.awsApiCallAction.api
- service.action.awsApiCallAction.callerType
- service.action.awsApiCallAction.errorCode
- service.action.awsApiCallAction.remoteIpDetails.city.cityName
- service.action.awsApiCallAction.remoteIpDetails.country.countryName
- service.action.awsApiCallAction.remoteIpDetails.ipAddressV4
- service.action.awsApiCallAction.remoteIpDetails.ipAddressV6
- service.action.awsApiCallAction.remoteIpDetails.organization.asn
- service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg
- service.action.awsApiCallAction.serviceName
- service.action.dnsRequestAction.domain
- service.action.dnsRequestAction.domainWithSuffix
- service.action.networkConnectionAction.blocked
- service.action.networkConnectionAction.connectionDirection
- service.action.networkConnectionAction.localPortDetails.port
- service.action.networkConnectionAction.protocol
- service.action.networkConnectionAction.remoteIpDetails.city.cityName
- service.action.networkConnectionAction.remoteIpDetails.country.countryName
- service.action.networkConnectionAction.remoteIpDetails.ipAddressV4
- service.action.networkConnectionAction.remoteIpDetails.ipAddressV6
- service.action.networkConnectionAction.remoteIpDetails.organization.asn
- service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg
- service.action.networkConnectionAction.remotePortDetails.port
- service.action.awsApiCallAction.remoteAccountDetails.affiliated
- service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV4
- service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV6
- service.action.kubernetesApiCallAction.namespace
- service.action.kubernetesApiCallAction.remoteIpDetails.organization.asn
- service.action.kubernetesApiCallAction.requestUri
- service.action.kubernetesApiCallAction.statusCode
- service.action.networkConnectionAction.localIpDetails.ipAddressV4
- service.action.networkConnectionAction.localIpDetails.ipAddressV6
- service.action.networkConnectionAction.protocol
- service.action.awsApiCallAction.serviceName
- service.action.awsApiCallAction.remoteAccountDetails.accountId
- service.additionalInfo.threatListName
- service.resourceRole
- resource.eksClusterDetails.name
- resource.kubernetesDetails.kubernetesWorkloadDetails.name
- resource.kubernetesDetails.kubernetesWorkloadDetails.namespace
- resource.kubernetesDetails.kubernetesUserDetails.username
- resource.kubernetesDetails.kubernetesWorkloadDetails.containers.image
- resource.kubernetesDetails.kubernetesWorkloadDetails.containers.imagePrefix
- service.ebsVolumeScanDetails.scanId
- service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.name
- service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.severity
- service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.filePaths.hash
- service.malwareScanDetails.threats.name
- resource.ecsClusterDetails.name
- resource.ecsClusterDetails.taskDetails.containers.image
- resource.ecsClusterDetails.taskDetails.definitionArn
- resource.containerDetails.image
- resource.rdsDbInstanceDetails.dbInstanceIdentifier
- resource.rdsDbInstanceDetails.dbClusterIdentifier
- resource.rdsDbInstanceDetails.engine
- resource.rdsDbUserDetails.user
- resource.rdsDbInstanceDetails.tags.key
- resource.rdsDbInstanceDetails.tags.value
- service.runtimeDetails.process.executableSha256
- service.runtimeDetails.process.name
- service.runtimeDetails.process.name
- resource.lambdaDetails.functionName
- resource.lambdaDetails.functionArn
- resource.lambdaDetails.tags.key
- resource.lambdaDetails.tags.value
- See Also:
-
getItemType
- See Also:
-
builder
-