UpdateFilter - Amazon GuardDuty

UpdateFilter

Updates the filter specified by the filter name.

Request Syntax

POST /detector/detectorId/filter/filterName HTTP/1.1 Content-type: application/json { "action": "string", "description": "string", "findingCriteria": { "criterion": { "string" : { "eq": [ "string" ], "equals": [ "string" ], "greaterThan": number, "greaterThanOrEqual": number, "gt": number, "gte": number, "lessThan": number, "lessThanOrEqual": number, "lt": number, "lte": number, "neq": [ "string" ], "notEquals": [ "string" ] } } }, "rank": number }

URI Request Parameters

The request uses the following URI parameters.

detectorId

The unique ID of the detector that specifies the GuardDuty service where you want to update a filter.

To find the detectorId in the current Region, see the Settings page in the GuardDuty console, or run the ListDetectors API.

Length Constraints: Minimum length of 1. Maximum length of 300.

Required: Yes

filterName

The name of the filter.

Required: Yes

Request Body

The request accepts the following data in JSON format.

action

Specifies the action that is to be applied to the findings that match the filter.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 300.

Valid Values: NOOP | ARCHIVE

Required: No

description

The description of the filter. Valid characters include alphanumeric characters, and special characters such as hyphen, period, colon, underscore, parentheses ({ }, [ ], and ( )), forward slash, horizontal tab, vertical tab, newline, form feed, return, and whitespace.

Type: String

Length Constraints: Minimum length of 0. Maximum length of 512.

Required: No

findingCriteria

Represents the criteria to be used in the filter for querying findings.

Type: FindingCriteria object

Required: No

rank

Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings.

Type: Integer

Valid Range: Minimum value of 1. Maximum value of 100.

Required: No

Response Syntax

HTTP/1.1 200 Content-type: application/json { "name": "string" }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

name

The name of the filter.

Type: String

Length Constraints: Minimum length of 3. Maximum length of 64.

Errors

For information about the errors that are common to all actions, see Common Errors.

BadRequestException

A bad request exception object.

HTTP Status Code: 400

InternalServerErrorException

An internal server error exception object.

HTTP Status Code: 500

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: