Class: Aws::SecurityHub::Types::AwsSecurityFindingFilters

Inherits:
Struct
  • Object
show all
Defined in:
gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb

Overview

A collection of attributes that are applied to all active Security Hub-aggregated findings and that result in a subset of findings that are included in this insight.

You can filter by up to 10 finding attributes. For each attribute, you can provide up to 20 filter values.

Constant Summary collapse

SENSITIVE =
[]

Instance Attribute Summary collapse

Instance Attribute Details

#aws_account_idArray<Types::StringFilter>

The Amazon Web Services account ID that a finding is generated in.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#company_nameArray<Types::StringFilter>

The name of the findings provider (company) that owns the solution (product) that generates findings.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#compliance_statusArray<Types::StringFilter>

Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard, such as CIS Amazon Web Services Foundations. Contains security standard-related finding details.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#confidenceArray<Types::NumberFilter>

A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.

Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#created_atArray<Types::DateFilter>

An ISO8601-formatted timestamp that indicates when the security-findings provider captured the potential security issue that a finding captured.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#criticalityArray<Types::NumberFilter>

The level of importance assigned to the resources associated with the finding.

A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#descriptionArray<Types::StringFilter>

A finding's description.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#finding_provider_fields_confidenceArray<Types::NumberFilter>

The finding provider value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.

Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#finding_provider_fields_criticalityArray<Types::NumberFilter>

The finding provider value for the level of importance assigned to the resources associated with the findings.

A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

The finding identifier of a related finding that is identified by the finding provider.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

The ARN of the solution that generated a related finding that is identified by the finding provider.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#finding_provider_fields_severity_labelArray<Types::StringFilter>

The finding provider value for the severity label.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#finding_provider_fields_severity_originalArray<Types::StringFilter>

The finding provider's original value for the severity.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#finding_provider_fields_typesArray<Types::StringFilter>

One or more finding types that the finding provider assigned to the finding. Uses the format of namespace/category/classifier that classify a finding.

Valid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual Behaviors | Sensitive Data Identifications

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#first_observed_atArray<Types::DateFilter>

An ISO8601-formatted timestamp that indicates when the security-findings provider first observed the potential security issue that a finding captured.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#generator_idArray<Types::StringFilter>

The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. In various security-findings providers' solutions, this generator can be called a rule, a check, a detector, a plugin, etc.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#idArray<Types::StringFilter>

The security findings provider-specific identifier for a finding.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#keywordArray<Types::KeywordFilter>

A keyword for a finding.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#last_observed_atArray<Types::DateFilter>

An ISO8601-formatted timestamp that indicates when the security-findings provider most recently observed the potential security issue that a finding captured.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#malware_nameArray<Types::StringFilter>

The name of the malware that was observed.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#malware_pathArray<Types::StringFilter>

The filesystem path of the malware that was observed.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#malware_stateArray<Types::StringFilter>

The state of the malware that was observed.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#malware_typeArray<Types::StringFilter>

The type of the malware that was observed.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#network_destination_domainArray<Types::StringFilter>

The destination domain of network-related information about a finding.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#network_destination_ip_v4Array<Types::IpFilter>

The destination IPv4 address of network-related information about a finding.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#network_destination_ip_v6Array<Types::IpFilter>

The destination IPv6 address of network-related information about a finding.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#network_destination_portArray<Types::NumberFilter>

The destination port of network-related information about a finding.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#network_directionArray<Types::StringFilter>

Indicates the direction of network traffic associated with a finding.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#network_protocolArray<Types::StringFilter>

The protocol of network-related information about a finding.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#network_source_domainArray<Types::StringFilter>

The source domain of network-related information about a finding.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#network_source_ip_v4Array<Types::IpFilter>

The source IPv4 address of network-related information about a finding.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#network_source_ip_v6Array<Types::IpFilter>

The source IPv6 address of network-related information about a finding.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#network_source_macArray<Types::StringFilter>

The source media access control (MAC) address of network-related information about a finding.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#network_source_portArray<Types::NumberFilter>

The source port of network-related information about a finding.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#note_textArray<Types::StringFilter>

The text of a note.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#note_updated_atArray<Types::DateFilter>

The timestamp of when the note was updated.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#note_updated_byArray<Types::StringFilter>

The principal that created a note.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#process_launched_atArray<Types::DateFilter>

The date/time that the process was launched.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#process_nameArray<Types::StringFilter>

The name of the process.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#process_parent_pidArray<Types::NumberFilter>

The parent process ID.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#process_pathArray<Types::StringFilter>

The path to the process executable.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#process_pidArray<Types::NumberFilter>

The process ID.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#process_terminated_atArray<Types::DateFilter>

The date/time that the process was terminated.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#product_arnArray<Types::StringFilter>

The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#product_fieldsArray<Types::MapFilter>

A data type where security-findings providers can include additional solution-specific details that aren't part of the defined AwsSecurityFinding format.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#product_nameArray<Types::StringFilter>

The name of the solution (product) that generates findings.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#recommendation_textArray<Types::StringFilter>

The recommendation of what to do about the issue described in a finding.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#record_stateArray<Types::StringFilter>

The updated record state for the finding.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#regionArray<Types::StringFilter>

The Region from which the finding was generated.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

The solution-generated identifier for a related finding.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

The ARN of the solution that generated a related finding.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#resource_aws_ec2_instance_iam_instance_profile_arnArray<Types::StringFilter>

The IAM profile ARN of the instance.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#resource_aws_ec2_instance_image_idArray<Types::StringFilter>

The Amazon Machine Image (AMI) ID of the instance.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#resource_aws_ec2_instance_ip_v4_addressesArray<Types::IpFilter>

The IPv4 addresses associated with the instance.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#resource_aws_ec2_instance_ip_v6_addressesArray<Types::IpFilter>

The IPv6 addresses associated with the instance.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#resource_aws_ec2_instance_key_nameArray<Types::StringFilter>

The key name associated with the instance.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#resource_aws_ec2_instance_launched_atArray<Types::DateFilter>

The date and time the instance was launched.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#resource_aws_ec2_instance_subnet_idArray<Types::StringFilter>

The identifier of the subnet that the instance was launched in.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#resource_aws_ec2_instance_typeArray<Types::StringFilter>

The instance type of the instance.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#resource_aws_ec2_instance_vpc_idArray<Types::StringFilter>

The identifier of the VPC that the instance was launched in.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#resource_aws_iam_access_key_created_atArray<Types::DateFilter>

The creation date/time of the IAM access key related to a finding.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#resource_aws_iam_access_key_principal_nameArray<Types::StringFilter>

The name of the principal that is associated with an IAM access key.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#resource_aws_iam_access_key_statusArray<Types::StringFilter>

The status of the IAM access key related to a finding.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#resource_aws_iam_access_key_user_nameArray<Types::StringFilter>

The user associated with the IAM access key related to a finding.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#resource_aws_iam_user_user_nameArray<Types::StringFilter>

The name of an IAM user.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#resource_aws_s3_bucket_owner_idArray<Types::StringFilter>

The canonical user ID of the owner of the S3 bucket.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#resource_aws_s3_bucket_owner_nameArray<Types::StringFilter>

The display name of the owner of the S3 bucket.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#resource_container_image_idArray<Types::StringFilter>

The identifier of the image related to a finding.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#resource_container_image_nameArray<Types::StringFilter>

The name of the image related to a finding.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#resource_container_launched_atArray<Types::DateFilter>

The date/time that the container was started.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#resource_container_nameArray<Types::StringFilter>

The name of the container related to a finding.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#resource_details_otherArray<Types::MapFilter>

The details of a resource that doesn't have a specific subfield for the resource type defined.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#resource_idArray<Types::StringFilter>

The canonical identifier for the given resource type.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#resource_partitionArray<Types::StringFilter>

The canonical Amazon Web Services partition name that the Region is assigned to.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#resource_regionArray<Types::StringFilter>

The canonical Amazon Web Services external Region name where this resource is located.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#resource_tagsArray<Types::MapFilter>

A list of Amazon Web Services tags associated with a resource at the time the finding was processed.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#resource_typeArray<Types::StringFilter>

Specifies the type of the resource that details are provided for.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#sampleArray<Types::BooleanFilter>

Indicates whether or not sample findings are included in the filter results.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#severity_labelArray<Types::StringFilter>

The label of a finding's severity.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#severity_normalizedArray<Types::NumberFilter>

The normalized severity of a finding.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#severity_productArray<Types::NumberFilter>

The native severity as defined by the security-findings provider's solution that generated the finding.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#source_urlArray<Types::StringFilter>

A URL that links to a page about the current finding in the security-findings provider's solution.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#threat_intel_indicator_categoryArray<Types::StringFilter>

The category of a threat intelligence indicator.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#threat_intel_indicator_last_observed_atArray<Types::DateFilter>

The date/time of the last observation of a threat intelligence indicator.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#threat_intel_indicator_sourceArray<Types::StringFilter>

The source of the threat intelligence.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#threat_intel_indicator_source_urlArray<Types::StringFilter>

The URL for more details from the source of the threat intelligence.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#threat_intel_indicator_typeArray<Types::StringFilter>

The type of a threat intelligence indicator.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#threat_intel_indicator_valueArray<Types::StringFilter>

The value of a threat intelligence indicator.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#titleArray<Types::StringFilter>

A finding's title.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#typeArray<Types::StringFilter>

A finding type in the format of namespace/category/classifier that classifies a finding.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#updated_atArray<Types::DateFilter>

An ISO8601-formatted timestamp that indicates when the security-findings provider last updated the finding record.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#user_defined_fieldsArray<Types::MapFilter>

A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#verification_stateArray<Types::StringFilter>

The veracity of a finding.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#workflow_stateArray<Types::StringFilter>

The workflow state of a finding.

Note that this field is deprecated. To search for a finding based on its workflow status, use WorkflowStatus.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end

#workflow_statusArray<Types::StringFilter>

The status of the investigation into a finding. Allowed values are the following.

  • NEW - The initial state of a finding, before it is reviewed.

    Security Hub also resets the workflow status from NOTIFIED or RESOLVED to NEW in the following cases:

    • RecordState changes from ARCHIVED to ACTIVE.

    • Compliance.Status changes from PASSED to either WARNING, FAILED, or NOT_AVAILABLE.

  • NOTIFIED - Indicates that the resource owner has been notified about the security issue. Used when the initial reviewer is not the resource owner, and needs intervention from the resource owner.

    If one of the following occurs, the workflow status is changed automatically from NOTIFIED to NEW:

    • RecordState changes from ARCHIVED to ACTIVE.

    • Compliance.Status changes from PASSED to FAILED, WARNING, or NOT_AVAILABLE.

  • SUPPRESSED - Indicates that you reviewed the finding and do not believe that any action is needed.

    The workflow status of a SUPPRESSED finding does not change if RecordState changes from ARCHIVED to ACTIVE.

  • RESOLVED - The finding was reviewed and remediated and is now considered resolved.

    The finding remains RESOLVED unless one of the following occurs:

    • RecordState changes from ARCHIVED to ACTIVE.

    • Compliance.Status changes from PASSED to FAILED, WARNING, or NOT_AVAILABLE.

    In those cases, the workflow status is automatically reset to NEW.

    For findings from controls, if Compliance.Status is PASSED, then Security Hub automatically sets the workflow status to RESOLVED.

Returns:



15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 15021

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types,
  :sample)
  SENSITIVE = []
  include Aws::Structure
end