You are viewing documentation for version 2 of the AWS SDK for Ruby. Version 3 documentation can be found here.
Class: Aws::SecurityHub::Types::GetFindingsRequest
- Inherits:
-
Struct
- Object
- Struct
- Aws::SecurityHub::Types::GetFindingsRequest
- Defined in:
- (unknown)
Overview
When passing GetFindingsRequest as input to an Aws::Client method, you can use a vanilla Hash:
{
filters: {
product_arn: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
aws_account_id: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
id: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
generator_id: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
type: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
first_observed_at: [
{
start: "NonEmptyString",
end: "NonEmptyString",
date_range: {
value: 1,
unit: "DAYS", # accepts DAYS
},
},
],
last_observed_at: [
{
start: "NonEmptyString",
end: "NonEmptyString",
date_range: {
value: 1,
unit: "DAYS", # accepts DAYS
},
},
],
created_at: [
{
start: "NonEmptyString",
end: "NonEmptyString",
date_range: {
value: 1,
unit: "DAYS", # accepts DAYS
},
},
],
updated_at: [
{
start: "NonEmptyString",
end: "NonEmptyString",
date_range: {
value: 1,
unit: "DAYS", # accepts DAYS
},
},
],
severity_product: [
{
gte: 1.0,
lte: 1.0,
eq: 1.0,
},
],
severity_normalized: [
{
gte: 1.0,
lte: 1.0,
eq: 1.0,
},
],
severity_label: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
confidence: [
{
gte: 1.0,
lte: 1.0,
eq: 1.0,
},
],
criticality: [
{
gte: 1.0,
lte: 1.0,
eq: 1.0,
},
],
title: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
description: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
recommendation_text: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
source_url: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
product_fields: [
{
key: "NonEmptyString",
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, NOT_EQUALS
},
],
product_name: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
company_name: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
user_defined_fields: [
{
key: "NonEmptyString",
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, NOT_EQUALS
},
],
malware_name: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
malware_type: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
malware_path: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
malware_state: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
network_direction: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
network_protocol: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
network_source_ip_v4: [
{
cidr: "NonEmptyString",
},
],
network_source_ip_v6: [
{
cidr: "NonEmptyString",
},
],
network_source_port: [
{
gte: 1.0,
lte: 1.0,
eq: 1.0,
},
],
network_source_domain: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
network_source_mac: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
network_destination_ip_v4: [
{
cidr: "NonEmptyString",
},
],
network_destination_ip_v6: [
{
cidr: "NonEmptyString",
},
],
network_destination_port: [
{
gte: 1.0,
lte: 1.0,
eq: 1.0,
},
],
network_destination_domain: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
process_name: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
process_path: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
process_pid: [
{
gte: 1.0,
lte: 1.0,
eq: 1.0,
},
],
process_parent_pid: [
{
gte: 1.0,
lte: 1.0,
eq: 1.0,
},
],
process_launched_at: [
{
start: "NonEmptyString",
end: "NonEmptyString",
date_range: {
value: 1,
unit: "DAYS", # accepts DAYS
},
},
],
process_terminated_at: [
{
start: "NonEmptyString",
end: "NonEmptyString",
date_range: {
value: 1,
unit: "DAYS", # accepts DAYS
},
},
],
threat_intel_indicator_type: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
threat_intel_indicator_value: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
threat_intel_indicator_category: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
threat_intel_indicator_last_observed_at: [
{
start: "NonEmptyString",
end: "NonEmptyString",
date_range: {
value: 1,
unit: "DAYS", # accepts DAYS
},
},
],
threat_intel_indicator_source: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
threat_intel_indicator_source_url: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_type: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_id: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_partition: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_region: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_tags: [
{
key: "NonEmptyString",
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, NOT_EQUALS
},
],
resource_aws_ec2_instance_type: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_aws_ec2_instance_image_id: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_aws_ec2_instance_ip_v4_addresses: [
{
cidr: "NonEmptyString",
},
],
resource_aws_ec2_instance_ip_v6_addresses: [
{
cidr: "NonEmptyString",
},
],
resource_aws_ec2_instance_key_name: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_aws_ec2_instance_iam_instance_profile_arn: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_aws_ec2_instance_vpc_id: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_aws_ec2_instance_subnet_id: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_aws_ec2_instance_launched_at: [
{
start: "NonEmptyString",
end: "NonEmptyString",
date_range: {
value: 1,
unit: "DAYS", # accepts DAYS
},
},
],
resource_aws_s3_bucket_owner_id: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_aws_s3_bucket_owner_name: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_aws_iam_access_key_user_name: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_aws_iam_access_key_status: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_aws_iam_access_key_created_at: [
{
start: "NonEmptyString",
end: "NonEmptyString",
date_range: {
value: 1,
unit: "DAYS", # accepts DAYS
},
},
],
resource_container_name: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_container_image_id: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_container_image_name: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_container_launched_at: [
{
start: "NonEmptyString",
end: "NonEmptyString",
date_range: {
value: 1,
unit: "DAYS", # accepts DAYS
},
},
],
resource_details_other: [
{
key: "NonEmptyString",
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, NOT_EQUALS
},
],
compliance_status: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
verification_state: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
workflow_state: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
workflow_status: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
record_state: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
related_findings_product_arn: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
related_findings_id: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
note_text: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
note_updated_at: [
{
start: "NonEmptyString",
end: "NonEmptyString",
date_range: {
value: 1,
unit: "DAYS", # accepts DAYS
},
},
],
note_updated_by: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
keyword: [
{
value: "NonEmptyString",
},
],
},
sort_criteria: [
{
field: "NonEmptyString",
sort_order: "asc", # accepts asc, desc
},
],
next_token: "NextToken",
max_results: 1,
}
Instance Attribute Summary collapse
-
#filters ⇒ Types::AwsSecurityFindingFilters
The finding attributes used to define a condition to filter the returned findings.
-
#max_results ⇒ Integer
The maximum number of findings to return.
-
#next_token ⇒ String
The token that is required for pagination.
-
#sort_criteria ⇒ Array<Types::SortCriterion>
The finding attributes used to sort the list of returned findings.
Instance Attribute Details
#filters ⇒ Types::AwsSecurityFindingFilters
The finding attributes used to define a condition to filter the returned findings.
You can filter by up to 10 finding attributes. For each attribute, you can provide up to 20 filter values.
Note that in the available filter fields, WorkflowState
is deprecated.
To search for a finding based on its workflow status, use
WorkflowStatus
.
#max_results ⇒ Integer
The maximum number of findings to return.
#next_token ⇒ String
The token that is required for pagination. On your first call to the
GetFindings
operation, set the value of this parameter to NULL
.
For subsequent calls to the operation, to continue listing data, set the value of this parameter to the value returned from the previous response.
#sort_criteria ⇒ Array<Types::SortCriterion>
The finding attributes used to sort the list of returned findings.