Table Of Contents

Feedback

User Guide

First time using the AWS CLI? See the User Guide for help getting started.

Note: You are viewing the documentation for an older major version of the AWS CLI (version 1).

AWS CLI version 2, the latest major version of AWS CLI, is now stable and recommended for general use. To view this page for the AWS CLI version 2, click here. For more information see the AWS CLI version 2 installation instructions and migration guide.

[ aws . guardduty ]

get-detector

Description

Retrieves an Amazon GuardDuty detector specified by the detectorId.

See also: AWS API Documentation

See 'aws help' for descriptions of global parameters.

Synopsis

  get-detector
--detector-id <value>
[--cli-input-json <value>]
[--generate-cli-skeleton <value>]

Options

--detector-id (string)

The unique ID of the detector that you want to get.

--cli-input-json (string) Performs service operation based on the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, the CLI values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally.

--generate-cli-skeleton (string) Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input, prints a sample input JSON that can be used as an argument for --cli-input-json. If provided with the value output, it validates the command inputs and returns a sample output JSON for that command.

See 'aws help' for descriptions of global parameters.

Examples

To retrieve details of a specific detector

The following get-detector example displays the configurations details of the specified detector.

aws guardduty get-detector \
    --detector-id 12abc34d567e8fa901bc2d34eexample

Output:

{
    "Status": "ENABLED",
    "ServiceRole": "arn:aws:iam::111122223333:role/aws-service-role/guardduty.amazonaws.com/AWSServiceRoleForAmazonGuardDuty",
    "Tags": {},
    "FindingPublishingFrequency": "SIX_HOURS",
    "UpdatedAt": "2018-11-07T03:24:22.938Z",
    "CreatedAt": "2017-12-22T22:51:31.940Z"
}

For more information, see Concepts and Terminology in the GuardDuty User Guide.

Output

CreatedAt -> (string)

The timestamp of when the detector was created.

FindingPublishingFrequency -> (string)

The publishing frequency of the finding.

ServiceRole -> (string)

The GuardDuty service role.

Status -> (string)

The detector status.

UpdatedAt -> (string)

The last-updated timestamp for the detector.

DataSources -> (structure)

An object that describes which data sources are enabled for the detector.

CloudTrail -> (structure)

An object that contains information on the status of CloudTrail as a data source.

Status -> (string)

Describes whether CloudTrail is enabled as a data source for the detector.

DNSLogs -> (structure)

An object that contains information on the status of DNS logs as a data source.

Status -> (string)

Denotes whether DNS logs is enabled as a data source.

FlowLogs -> (structure)

An object that contains information on the status of VPC flow logs as a data source.

Status -> (string)

Denotes whether VPC flow logs is enabled as a data source.

S3Logs -> (structure)

An object that contains information on the status of S3 Data event logs as a data source.

Status -> (string)

A value that describes whether S3 data event logs are automatically enabled for new members of the organization.

Tags -> (map)

The tags of the detector resource.

key -> (string)

value -> (string)