Selecione suas preferências de cookies

Usamos cookies essenciais e ferramentas semelhantes que são necessárias para fornecer nosso site e serviços. Usamos cookies de desempenho para coletar estatísticas anônimas, para que possamos entender como os clientes usam nosso site e fazer as devidas melhorias. Cookies essenciais não podem ser desativados, mas você pode clicar em “Personalizar” ou “Recusar” para recusar cookies de desempenho.

Se você concordar, a AWS e terceiros aprovados também usarão cookies para fornecer recursos úteis do site, lembrar suas preferências e exibir conteúdo relevante, incluindo publicidade relevante. Para aceitar ou recusar todos os cookies não essenciais, clique em “Aceitar” ou “Recusar”. Para fazer escolhas mais detalhadas, clique em “Personalizar”.

RuntimeContext - Amazon GuardDuty
Esta página não foi traduzida para seu idioma. Solicitar tradução

RuntimeContext

Additional information about the suspicious activity.

Contents

addressFamily

Represents the communication protocol associated with the address. For example, the address family AF_INET is used for IP version of 4 protocol.

Type: String

Required: No

commandLineExample

Example of the command line involved in the suspicious activity.

Type: String

Required: No

fileSystemType

Represents the type of mounted fileSystem.

Type: String

Required: No

flags

Represents options that control the behavior of a runtime operation or action. For example, a filesystem mount operation may contain a read-only flag.

Type: Array of strings

Required: No

ianaProtocolNumber

Specifies a particular protocol within the address family. Usually there is a single protocol in address families. For example, the address family AF_INET only has the IP protocol.

Type: Integer

Required: No

ldPreloadValue

The value of the LD_PRELOAD environment variable.

Type: String

Required: No

libraryPath

The path to the new library that was loaded.

Type: String

Required: No

memoryRegions

Specifies the Region of a process's address space such as stack and heap.

Type: Array of strings

Required: No

modifiedAt

The timestamp at which the process modified the current process. The timestamp is in UTC date string format.

Type: Timestamp

Required: No

modifyingProcess

Information about the process that modified the current process. This is available for multiple finding types.

Type: ProcessDetails object

Required: No

moduleFilePath

The path to the module loaded into the kernel.

Type: String

Required: No

moduleName

The name of the module loaded into the kernel.

Type: String

Required: No

moduleSha256

The SHA256 hash of the module.

Type: String

Required: No

mountSource

The path on the host that is mounted by the container.

Type: String

Required: No

mountTarget

The path in the container that is mapped to the host directory.

Type: String

Required: No

releaseAgentPath

The path in the container that modified the release agent file.

Type: String

Required: No

runcBinaryPath

The path to the leveraged runc implementation.

Type: String

Required: No

scriptPath

The path to the script that was executed.

Type: String

Required: No

serviceName

Name of the security service that has been potentially disabled.

Type: String

Required: No

shellHistoryFilePath

The path to the modified shell history file.

Type: String

Required: No

socketPath

The path to the docket socket that was accessed.

Type: String

Required: No

targetProcess

Information about the process that had its memory overwritten by the current process.

Type: ProcessDetails object

Required: No

threatFilePath

The suspicious file path for which the threat intelligence details were found.

Type: String

Required: No

toolCategory

Category that the tool belongs to. Some of the examples are Backdoor Tool, Pentest Tool, Network Scanner, and Network Sniffer.

Type: String

Required: No

toolName

Name of the potentially suspicious tool.

Type: String

Required: No

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following:

PrivacidadeTermos do sitePreferências de cookies
© 2025, Amazon Web Services, Inc. ou suas afiliadas. Todos os direitos reservados.