Class: Aws::SecurityHub::Types::AwsSecurityFinding
- Inherits:
-
Struct
- Object
- Struct
- Aws::SecurityHub::Types::AwsSecurityFinding
- Defined in:
- gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb
Overview
Provides a consistent format for Security Hub findings.
AwsSecurityFinding
format allows you to share findings between
Amazon Web Services security services and third-party solutions.
Constant Summary collapse
- SENSITIVE =
[]
Instance Attribute Summary collapse
-
#action ⇒ Types::Action
Provides details about an action that affects or that was taken on a resource.
-
#aws_account_id ⇒ String
The Amazon Web Services account ID that a finding is generated in.
-
#aws_account_name ⇒ String
The name of the Amazon Web Services account from which a finding was generated.
-
#company_name ⇒ String
The name of the company for the product that generated the finding.
-
#compliance ⇒ Types::Compliance
This data type is exclusive to findings that are generated as the result of a check run against a specific rule in a supported security standard, such as CIS Amazon Web Services Foundations.
-
#confidence ⇒ Integer
A finding's confidence.
-
#created_at ⇒ String
Indicates when the security findings provider created the potential security issue that a finding captured.
-
#criticality ⇒ Integer
The level of importance assigned to the resources associated with the finding.
-
#description ⇒ String
A finding's description.
-
#finding_provider_fields ⇒ Types::FindingProviderFields
In a
BatchImportFindings
request, finding providers useFindingProviderFields
to provide and update their own values for confidence, criticality, related findings, severity, and types. -
#first_observed_at ⇒ String
Indicates when the security findings provider first observed the potential security issue that a finding captured.
-
#generator_details ⇒ Types::GeneratorDetails
Provides metadata for the Amazon CodeGuru detector associated with a finding.
-
#generator_id ⇒ String
The identifier for the solution-specific component (a discrete unit of logic) that generated a finding.
-
#id ⇒ String
The security findings provider-specific identifier for a finding.
-
#last_observed_at ⇒ String
Indicates when the security findings provider most recently observed the potential security issue that a finding captured.
-
#malware ⇒ Array<Types::Malware>
A list of malware related to a finding.
-
#network ⇒ Types::Network
The details of network-related information about a finding.
-
#network_path ⇒ Array<Types::NetworkPathComponent>
Provides information about a network path that is relevant to a finding.
-
#note ⇒ Types::Note
A user-defined note added to a finding.
-
#patch_summary ⇒ Types::PatchSummary
Provides an overview of the patch compliance status for an instance against a selected compliance standard.
-
#process ⇒ Types::ProcessDetails
The details of process-related information about a finding.
-
#processed_at ⇒ String
An ISO8601-formatted timestamp that indicates when Security Hub received a finding and begins to process it.
-
#product_arn ⇒ String
The ARN generated by Security Hub that uniquely identifies a product that generates findings.
-
#product_fields ⇒ Hash<String,String>
A data type where security findings providers can include additional solution-specific details that aren't part of the defined
AwsSecurityFinding
format. -
#product_name ⇒ String
The name of the product that generated the finding.
-
#record_state ⇒ String
The record state of a finding.
-
#region ⇒ String
The Region from which the finding was generated.
-
#related_findings ⇒ Array<Types::RelatedFinding>
A list of related findings.
-
#remediation ⇒ Types::Remediation
A data type that describes the remediation options for a finding.
-
#resources ⇒ Array<Types::Resource>
A set of resource data types that describe the resources that the finding refers to.
-
#sample ⇒ Boolean
Indicates whether the finding is a sample finding.
-
#schema_version ⇒ String
The schema version that a finding is formatted for.
-
#severity ⇒ Types::Severity
A finding's severity.
-
#source_url ⇒ String
A URL that links to a page about the current finding in the security findings provider's solution.
-
#threat_intel_indicators ⇒ Array<Types::ThreatIntelIndicator>
Threat intelligence details related to a finding.
-
#threats ⇒ Array<Types::Threat>
Details about the threat detected in a security finding and the file paths that were affected by the threat.
-
#title ⇒ String
A finding's title.
-
#types ⇒ Array<String>
One or more finding types in the format of
namespace/category/classifier
that classify a finding. -
#updated_at ⇒ String
Indicates when the security findings provider last updated the finding record.
-
#user_defined_fields ⇒ Hash<String,String>
A list of name/value string pairs associated with the finding.
-
#verification_state ⇒ String
Indicates the veracity of a finding.
-
#vulnerabilities ⇒ Array<Types::Vulnerability>
Provides a list of vulnerabilities associated with the findings.
-
#workflow ⇒ Types::Workflow
Provides information about the status of the investigation into a finding.
-
#workflow_state ⇒ String
The workflow state of a finding.
Instance Attribute Details
#action ⇒ Types::Action
Provides details about an action that affects or that was taken on a resource.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#aws_account_id ⇒ String
The Amazon Web Services account ID that a finding is generated in.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#aws_account_name ⇒ String
The name of the Amazon Web Services account from which a finding was generated.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#company_name ⇒ String
The name of the company for the product that generated the finding.
Security Hub populates this attribute automatically for each
finding. You cannot update this attribute with BatchImportFindings
or BatchUpdateFindings
. The exception to this is a custom
integration.
When you use the Security Hub console or API to filter findings by company name, you use this attribute.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#compliance ⇒ Types::Compliance
This data type is exclusive to findings that are generated as the result of a check run against a specific rule in a supported security standard, such as CIS Amazon Web Services Foundations. Contains security standard-related finding details.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#confidence ⇒ Integer
A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.
Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#created_at ⇒ String
Indicates when the security findings provider created the potential security issue that a finding captured.
Uses the date-time
format specified in RFC 3339 section 5.6,
Internet Date/Time Format. The value cannot contain spaces, and
date and time should be separated by T
. For example,
2020-03-22T13:22:13.933Z
.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#criticality ⇒ Integer
The level of importance assigned to the resources associated with the finding.
A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#description ⇒ String
A finding's description.
Description
is a required property.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#finding_provider_fields ⇒ Types::FindingProviderFields
In a BatchImportFindings
request, finding providers use
FindingProviderFields
to provide and update their own values for
confidence, criticality, related findings, severity, and types.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#first_observed_at ⇒ String
Indicates when the security findings provider first observed the potential security issue that a finding captured.
Uses the date-time
format specified in RFC 3339 section 5.6,
Internet Date/Time Format. The value cannot contain spaces, and
date and time should be separated by T
. For example,
2020-03-22T13:22:13.933Z
.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#generator_details ⇒ Types::GeneratorDetails
Provides metadata for the Amazon CodeGuru detector associated with a finding. This field pertains to findings that relate to Lambda functions. Amazon Inspector identifies policy violations and vulnerabilities in Lambda function code based on internal detectors developed in collaboration with Amazon CodeGuru. Security Hub receives those findings.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#generator_id ⇒ String
The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. In various security findings providers' solutions, this generator can be called a rule, a check, a detector, a plugin, etc.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#id ⇒ String
The security findings provider-specific identifier for a finding.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#last_observed_at ⇒ String
Indicates when the security findings provider most recently observed the potential security issue that a finding captured.
Uses the date-time
format specified in RFC 3339 section 5.6,
Internet Date/Time Format. The value cannot contain spaces, and
date and time should be separated by T
. For example,
2020-03-22T13:22:13.933Z
.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#malware ⇒ Array<Types::Malware>
A list of malware related to a finding.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#network ⇒ Types::Network
The details of network-related information about a finding.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#network_path ⇒ Array<Types::NetworkPathComponent>
Provides information about a network path that is relevant to a
finding. Each entry under NetworkPath
represents a component of
that path.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#note ⇒ Types::Note
A user-defined note added to a finding.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#patch_summary ⇒ Types::PatchSummary
Provides an overview of the patch compliance status for an instance against a selected compliance standard.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#process ⇒ Types::ProcessDetails
The details of process-related information about a finding.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#processed_at ⇒ String
An ISO8601-formatted timestamp that indicates when Security Hub received a finding and begins to process it.
A correctly formatted example is 2020-05-21T20:16:34.724Z
. The
value cannot contain spaces, and date and time should be separated
by T
. For more information, see RFC 3339 section 5.6, Internet
Date/Time Format.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#product_arn ⇒ String
The ARN generated by Security Hub that uniquely identifies a product that generates findings. This can be the ARN for a third-party product that is integrated with Security Hub, or the ARN for a custom integration.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#product_fields ⇒ Hash<String,String>
A data type where security findings providers can include additional
solution-specific details that aren't part of the defined
AwsSecurityFinding
format.
Can contain up to 50 key-value pairs. For each key-value pair, the key can contain up to 128 characters, and the value can contain up to 2048 characters.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#product_name ⇒ String
The name of the product that generated the finding.
Security Hub populates this attribute automatically for each
finding. You cannot update this attribute with BatchImportFindings
or BatchUpdateFindings
. The exception to this is a custom
integration.
When you use the Security Hub console or API to filter findings by product name, you use this attribute.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#record_state ⇒ String
The record state of a finding.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#region ⇒ String
The Region from which the finding was generated.
Security Hub populates this attribute automatically for each
finding. You cannot update it using BatchImportFindings
or
BatchUpdateFindings
.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#related_findings ⇒ Array<Types::RelatedFinding>
A list of related findings.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#remediation ⇒ Types::Remediation
A data type that describes the remediation options for a finding.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#resources ⇒ Array<Types::Resource>
A set of resource data types that describe the resources that the finding refers to.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#sample ⇒ Boolean
Indicates whether the finding is a sample finding.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#schema_version ⇒ String
The schema version that a finding is formatted for.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#severity ⇒ Types::Severity
A finding's severity.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#source_url ⇒ String
A URL that links to a page about the current finding in the security findings provider's solution.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#threat_intel_indicators ⇒ Array<Types::ThreatIntelIndicator>
Threat intelligence details related to a finding.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#threats ⇒ Array<Types::Threat>
Details about the threat detected in a security finding and the file paths that were affected by the threat.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#title ⇒ String
A finding's title.
Title
is a required property.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#types ⇒ Array<String>
One or more finding types in the format of
namespace/category/classifier
that classify a finding.
Valid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual Behaviors | Sensitive Data Identifications
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#updated_at ⇒ String
Indicates when the security findings provider last updated the finding record.
Uses the date-time
format specified in RFC 3339 section 5.6,
Internet Date/Time Format. The value cannot contain spaces, and
date and time should be separated by T
. For example,
2020-03-22T13:22:13.933Z
.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#user_defined_fields ⇒ Hash<String,String>
A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#verification_state ⇒ String
Indicates the veracity of a finding.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#vulnerabilities ⇒ Array<Types::Vulnerability>
Provides a list of vulnerabilities associated with the findings.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#workflow ⇒ Types::Workflow
Provides information about the status of the investigation into a finding.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |
#workflow_state ⇒ String
The workflow state of a finding.
19097 19098 19099 19100 19101 19102 19103 19104 19105 19106 19107 19108 19109 19110 19111 19112 19113 19114 19115 19116 19117 19118 19119 19120 19121 19122 19123 19124 19125 19126 19127 19128 19129 19130 19131 19132 19133 19134 19135 19136 19137 19138 19139 19140 19141 19142 19143 19144 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19097 class AwsSecurityFinding < Struct.new( :schema_version, :id, :product_arn, :product_name, :company_name, :region, :generator_id, :aws_account_id, :types, :first_observed_at, :last_observed_at, :created_at, :updated_at, :severity, :confidence, :criticality, :title, :description, :remediation, :source_url, :product_fields, :user_defined_fields, :malware, :network, :network_path, :process, :threats, :threat_intel_indicators, :resources, :compliance, :verification_state, :workflow_state, :workflow, :record_state, :related_findings, :note, :vulnerabilities, :patch_summary, :action, :finding_provider_fields, :sample, :generator_details, :processed_at, :aws_account_name) SENSITIVE = [] include Aws::Structure end |