You are viewing documentation for version 3 of the AWS SDK for Ruby. Version 2 documentation can be found here.

Class: Aws::GuardDuty::Client

Inherits:
Seahorse::Client::Base show all
Includes:
ClientStubs
Defined in:
gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb

Instance Attribute Summary

Attributes inherited from Seahorse::Client::Base

#config, #handlers

API Operations collapse

Instance Method Summary collapse

Methods included from ClientStubs

#stub_data, #stub_responses

Methods inherited from Seahorse::Client::Base

add_plugin, api, clear_plugins, define, new, #operation_names, plugins, remove_plugin, set_api, set_plugins

Methods included from Seahorse::Client::HandlerBuilder

#handle, #handle_request, #handle_response

Constructor Details

#initialize(*args) ⇒ Client

Returns a new instance of Client

Parameters:

  • options (Hash)

    a customizable set of options



153
154
155
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 153

def initialize(*args)
  super
end

Instance Method Details

#accept_invitation(params = {}) ⇒ Struct

Accepts the invitation to be monitored by a master GuardDuty account.

Examples:

Request syntax with placeholder values


resp = client.accept_invitation({
  detector_id: "__string", # required
  invitation_id: "InvitationId",
  master_id: "MasterId",
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :detector_id (required, String)
  • :invitation_id (String)

    This value is used to validate the master account to the member account.

  • :master_id (String)

    The account ID of the master GuardDuty account whose invitation you're accepting.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



185
186
187
188
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 185

def accept_invitation(params = {}, options = {})
  req = build_request(:accept_invitation, params)
  req.send_request(options)
end

#archive_findings(params = {}) ⇒ Struct

Archives Amazon GuardDuty findings specified by the list of finding IDs.

Examples:

Request syntax with placeholder values


resp = client.archive_findings({
  detector_id: "__string", # required
  finding_ids: ["FindingId"],
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :detector_id (required, String)
  • :finding_ids (Array<String>)

    IDs of the findings that you want to archive.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



211
212
213
214
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 211

def archive_findings(params = {}, options = {})
  req = build_request(:archive_findings, params)
  req.send_request(options)
end

#create_detector(params = {}) ⇒ Types::CreateDetectorResponse

Creates a single Amazon GuardDuty detector. A detector is an object that represents the GuardDuty service. A detector must be created in order for GuardDuty to become operational.

Examples:

Request syntax with placeholder values


resp = client.create_detector({
  enable: false,
})

Response structure


resp.detector_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :enable (Boolean)

    A boolean value that specifies whether the detector is to be enabled.

Returns:

See Also:



241
242
243
244
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 241

def create_detector(params = {}, options = {})
  req = build_request(:create_detector, params)
  req.send_request(options)
end

#create_filter(params = {}) ⇒ Types::CreateFilterResponse

Creates a filter using the specified finding criteria.

Examples:

Request syntax with placeholder values


resp = client.create_filter({
  action: "NOOP", # accepts NOOP, ARCHIVE
  client_token: "__stringMin0Max64",
  description: "FilterDescription",
  detector_id: "__string", # required
  finding_criteria: {
    criterion: {
      "__string" => {
        eq: ["__string"],
        gt: 1,
        gte: 1,
        lt: 1,
        lte: 1,
        neq: ["__string"],
      },
    },
  },
  name: "FilterName",
  rank: 1,
})

Response structure


resp.name #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :action (String)

    Specifies the action that is to be applied to the findings that match the filter.

  • :client_token (String)

    The idempotency token for the create request.A suitable default value is auto-generated. You should normally not need to pass this option.**

  • :description (String)

    The description of the filter.

  • :detector_id (required, String)
  • :finding_criteria (Types::FindingCriteria)

    Represents the criteria to be used in the filter for querying findings.

  • :name (String)

    The name of the filter.

  • :rank (Integer)

    Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings.

Returns:

See Also:



308
309
310
311
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 308

def create_filter(params = {}, options = {})
  req = build_request(:create_filter, params)
  req.send_request(options)
end

#create_ip_set(params = {}) ⇒ Types::CreateIPSetResponse

Creates a new IPSet - a list of trusted IP addresses that have been whitelisted for secure communication with AWS infrastructure and applications.

Examples:

Request syntax with placeholder values


resp = client.create_ip_set({
  activate: false,
  detector_id: "__string", # required
  format: "TXT", # accepts TXT, STIX, OTX_CSV, ALIEN_VAULT, PROOF_POINT, FIRE_EYE
  location: "Location",
  name: "Name",
})

Response structure


resp.ip_set_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :activate (Boolean)

    A boolean value that indicates whether GuardDuty is to start using the uploaded IPSet.

  • :detector_id (required, String)
  • :format (String)

    The format of the file that contains the IPSet.

  • :location (String)

    The URI of the file that contains the IPSet. For example (https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key)

  • :name (String)

    The user friendly name to identify the IPSet. This name is displayed in all findings that are triggered by activity that involves IP addresses included in this IPSet.

Returns:

See Also:



357
358
359
360
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 357

def create_ip_set(params = {}, options = {})
  req = build_request(:create_ip_set, params)
  req.send_request(options)
end

#create_members(params = {}) ⇒ Types::CreateMembersResponse

Creates member accounts of the current AWS account by specifying a list of AWS account IDs. The current AWS account can then invite these members to manage GuardDuty in their accounts.

Examples:

Request syntax with placeholder values


resp = client.create_members({
  account_details: [
    {
      account_id: "AccountId", # required
      email: "Email", # required
    },
  ],
  detector_id: "__string", # required
})

Response structure


resp.unprocessed_accounts #=> Array
resp.unprocessed_accounts[0]. #=> String
resp.unprocessed_accounts[0].result #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :account_details (Array<Types::AccountDetail>)

    A list of account ID and email address pairs of the accounts that you want to associate with the master GuardDuty account.

  • :detector_id (required, String)

Returns:

See Also:



398
399
400
401
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 398

def create_members(params = {}, options = {})
  req = build_request(:create_members, params)
  req.send_request(options)
end

#create_sample_findings(params = {}) ⇒ Struct

Generates example findings of types specified by the list of finding types. If 'NULL' is specified for findingTypes, the API generates example findings of all supported finding types.

Examples:

Request syntax with placeholder values


resp = client.create_sample_findings({
  detector_id: "__string", # required
  finding_types: ["FindingType"],
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :detector_id (required, String)
  • :finding_types (Array<String>)

    Types of sample findings that you want to generate.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



425
426
427
428
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 425

def create_sample_findings(params = {}, options = {})
  req = build_request(:create_sample_findings, params)
  req.send_request(options)
end

#create_threat_intel_set(params = {}) ⇒ Types::CreateThreatIntelSetResponse

Create a new ThreatIntelSet. ThreatIntelSets consist of known malicious IP addresses. GuardDuty generates findings based on ThreatIntelSets.

Examples:

Request syntax with placeholder values


resp = client.create_threat_intel_set({
  activate: false,
  detector_id: "__string", # required
  format: "TXT", # accepts TXT, STIX, OTX_CSV, ALIEN_VAULT, PROOF_POINT, FIRE_EYE
  location: "Location",
  name: "Name",
})

Response structure


resp.threat_intel_set_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :activate (Boolean)

    A boolean value that indicates whether GuardDuty is to start using the uploaded ThreatIntelSet.

  • :detector_id (required, String)
  • :format (String)

    The format of the file that contains the ThreatIntelSet.

  • :location (String)

    The URI of the file that contains the ThreatIntelSet. For example (https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key).

  • :name (String)

    A user-friendly ThreatIntelSet name that is displayed in all finding generated by activity that involves IP addresses included in this ThreatIntelSet.

Returns:

See Also:



474
475
476
477
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 474

def create_threat_intel_set(params = {}, options = {})
  req = build_request(:create_threat_intel_set, params)
  req.send_request(options)
end

#decline_invitations(params = {}) ⇒ Types::DeclineInvitationsResponse

Declines invitations sent to the current member account by AWS account specified by their account IDs.

Examples:

Request syntax with placeholder values


resp = client.decline_invitations({
  account_ids: ["__string"],
})

Response structure


resp.unprocessed_accounts #=> Array
resp.unprocessed_accounts[0]. #=> String
resp.unprocessed_accounts[0].result #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :account_ids (Array<String>)

    A list of account IDs of the AWS accounts that sent invitations to the current member account that you want to decline invitations from.

Returns:

See Also:



506
507
508
509
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 506

def decline_invitations(params = {}, options = {})
  req = build_request(:decline_invitations, params)
  req.send_request(options)
end

#delete_detector(params = {}) ⇒ Struct

Deletes a Amazon GuardDuty detector specified by the detector ID.

Examples:

Request syntax with placeholder values


resp = client.delete_detector({
  detector_id: "__string", # required
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :detector_id (required, String)

Returns:

  • (Struct)

    Returns an empty response.

See Also:



527
528
529
530
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 527

def delete_detector(params = {}, options = {})
  req = build_request(:delete_detector, params)
  req.send_request(options)
end

#delete_filter(params = {}) ⇒ Struct

Deletes the filter specified by the filter name.

Examples:

Request syntax with placeholder values


resp = client.delete_filter({
  detector_id: "__string", # required
  filter_name: "__string", # required
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :detector_id (required, String)
  • :filter_name (required, String)

Returns:

  • (Struct)

    Returns an empty response.

See Also:



551
552
553
554
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 551

def delete_filter(params = {}, options = {})
  req = build_request(:delete_filter, params)
  req.send_request(options)
end

#delete_invitations(params = {}) ⇒ Types::DeleteInvitationsResponse

Deletes invitations sent to the current member account by AWS accounts specified by their account IDs.

Examples:

Request syntax with placeholder values


resp = client.delete_invitations({
  account_ids: ["__string"],
})

Response structure


resp.unprocessed_accounts #=> Array
resp.unprocessed_accounts[0]. #=> String
resp.unprocessed_accounts[0].result #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :account_ids (Array<String>)

    A list of account IDs of the AWS accounts that sent invitations to the current member account that you want to delete invitations from.

Returns:

See Also:



607
608
609
610
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 607

def delete_invitations(params = {}, options = {})
  req = build_request(:delete_invitations, params)
  req.send_request(options)
end

#delete_ip_set(params = {}) ⇒ Struct

Deletes the IPSet specified by the IPSet ID.

Examples:

Request syntax with placeholder values


resp = client.delete_ip_set({
  detector_id: "__string", # required
  ip_set_id: "__string", # required
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :detector_id (required, String)
  • :ip_set_id (required, String)

Returns:

  • (Struct)

    Returns an empty response.

See Also:



575
576
577
578
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 575

def delete_ip_set(params = {}, options = {})
  req = build_request(:delete_ip_set, params)
  req.send_request(options)
end

#delete_members(params = {}) ⇒ Types::DeleteMembersResponse

Deletes GuardDuty member accounts (to the current GuardDuty master account) specified by the account IDs.

Examples:

Request syntax with placeholder values


resp = client.delete_members({
  account_ids: ["__string"],
  detector_id: "__string", # required
})

Response structure


resp.unprocessed_accounts #=> Array
resp.unprocessed_accounts[0]. #=> String
resp.unprocessed_accounts[0].result #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :account_ids (Array<String>)

    A list of account IDs of the GuardDuty member accounts that you want to delete.

  • :detector_id (required, String)

Returns:

See Also:



642
643
644
645
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 642

def delete_members(params = {}, options = {})
  req = build_request(:delete_members, params)
  req.send_request(options)
end

#delete_threat_intel_set(params = {}) ⇒ Struct

Deletes ThreatIntelSet specified by the ThreatIntelSet ID.

Examples:

Request syntax with placeholder values


resp = client.delete_threat_intel_set({
  detector_id: "__string", # required
  threat_intel_set_id: "__string", # required
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :detector_id (required, String)
  • :threat_intel_set_id (required, String)

Returns:

  • (Struct)

    Returns an empty response.

See Also:



666
667
668
669
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 666

def delete_threat_intel_set(params = {}, options = {})
  req = build_request(:delete_threat_intel_set, params)
  req.send_request(options)
end

#disassociate_from_master_account(params = {}) ⇒ Struct

Disassociates the current GuardDuty member account from its master account.

Examples:

Request syntax with placeholder values


resp = client.({
  detector_id: "__string", # required
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :detector_id (required, String)

Returns:

  • (Struct)

    Returns an empty response.

See Also:



688
689
690
691
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 688

def (params = {}, options = {})
  req = build_request(:disassociate_from_master_account, params)
  req.send_request(options)
end

#disassociate_members(params = {}) ⇒ Types::DisassociateMembersResponse

Disassociates GuardDuty member accounts (to the current GuardDuty master account) specified by the account IDs.

Examples:

Request syntax with placeholder values


resp = client.disassociate_members({
  account_ids: ["__string"],
  detector_id: "__string", # required
})

Response structure


resp.unprocessed_accounts #=> Array
resp.unprocessed_accounts[0]. #=> String
resp.unprocessed_accounts[0].result #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :account_ids (Array<String>)

    A list of account IDs of the GuardDuty member accounts that you want to disassociate from master.

  • :detector_id (required, String)

Returns:

See Also:



723
724
725
726
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 723

def disassociate_members(params = {}, options = {})
  req = build_request(:disassociate_members, params)
  req.send_request(options)
end

#get_detector(params = {}) ⇒ Types::GetDetectorResponse

Retrieves an Amazon GuardDuty detector specified by the detectorId.

Examples:

Request syntax with placeholder values


resp = client.get_detector({
  detector_id: "__string", # required
})

Response structure


resp.created_at #=> String
resp.service_role #=> String
resp.status #=> String, one of "ENABLED", "DISABLED"
resp.updated_at #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :detector_id (required, String)

Returns:

See Also:



756
757
758
759
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 756

def get_detector(params = {}, options = {})
  req = build_request(:get_detector, params)
  req.send_request(options)
end

#get_filter(params = {}) ⇒ Types::GetFilterResponse

Returns the details of the filter specified by the filter name.

Examples:

Request syntax with placeholder values


resp = client.get_filter({
  detector_id: "__string", # required
  filter_name: "__string", # required
})

Response structure


resp.action #=> String, one of "NOOP", "ARCHIVE"
resp.description #=> String
resp.finding_criteria.criterion #=> Hash
resp.finding_criteria.criterion["__string"].eq #=> Array
resp.finding_criteria.criterion["__string"].eq[0] #=> String
resp.finding_criteria.criterion["__string"].gt #=> Integer
resp.finding_criteria.criterion["__string"].gte #=> Integer
resp.finding_criteria.criterion["__string"].lt #=> Integer
resp.finding_criteria.criterion["__string"].lte #=> Integer
resp.finding_criteria.criterion["__string"].neq #=> Array
resp.finding_criteria.criterion["__string"].neq[0] #=> String
resp.name #=> String
resp.rank #=> Integer

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :detector_id (required, String)
  • :filter_name (required, String)

Returns:

See Also:



802
803
804
805
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 802

def get_filter(params = {}, options = {})
  req = build_request(:get_filter, params)
  req.send_request(options)
end

#get_findings(params = {}) ⇒ Types::GetFindingsResponse

Describes Amazon GuardDuty findings specified by finding IDs.

Examples:

Request syntax with placeholder values


resp = client.get_findings({
  detector_id: "__string", # required
  finding_ids: ["FindingId"],
  sort_criteria: {
    attribute_name: "__string",
    order_by: "ASC", # accepts ASC, DESC
  },
})

Response structure


resp.findings #=> Array
resp.findings[0]. #=> String
resp.findings[0].arn #=> String
resp.findings[0].confidence #=> Float
resp.findings[0].created_at #=> String
resp.findings[0].description #=> String
resp.findings[0].id #=> String
resp.findings[0].partition #=> String
resp.findings[0].region #=> String
resp.findings[0].resource.access_key_details.access_key_id #=> String
resp.findings[0].resource.access_key_details.principal_id #=> String
resp.findings[0].resource.access_key_details.user_name #=> String
resp.findings[0].resource.access_key_details.user_type #=> String
resp.findings[0].resource.instance_details.availability_zone #=> String
resp.findings[0].resource.instance_details.iam_instance_profile.arn #=> String
resp.findings[0].resource.instance_details.iam_instance_profile.id #=> String
resp.findings[0].resource.instance_details.image_description #=> String
resp.findings[0].resource.instance_details.image_id #=> String
resp.findings[0].resource.instance_details.instance_id #=> String
resp.findings[0].resource.instance_details.instance_state #=> String
resp.findings[0].resource.instance_details.instance_type #=> String
resp.findings[0].resource.instance_details.launch_time #=> String
resp.findings[0].resource.instance_details.network_interfaces #=> Array
resp.findings[0].resource.instance_details.network_interfaces[0].ipv_6_addresses #=> Array
resp.findings[0].resource.instance_details.network_interfaces[0].ipv_6_addresses[0] #=> String
resp.findings[0].resource.instance_details.network_interfaces[0].network_interface_id #=> String
resp.findings[0].resource.instance_details.network_interfaces[0].private_dns_name #=> String
resp.findings[0].resource.instance_details.network_interfaces[0].private_ip_address #=> String
resp.findings[0].resource.instance_details.network_interfaces[0].private_ip_addresses #=> Array
resp.findings[0].resource.instance_details.network_interfaces[0].private_ip_addresses[0].private_dns_name #=> String
resp.findings[0].resource.instance_details.network_interfaces[0].private_ip_addresses[0].private_ip_address #=> String
resp.findings[0].resource.instance_details.network_interfaces[0].public_dns_name #=> String
resp.findings[0].resource.instance_details.network_interfaces[0].public_ip #=> String
resp.findings[0].resource.instance_details.network_interfaces[0].security_groups #=> Array
resp.findings[0].resource.instance_details.network_interfaces[0].security_groups[0].group_id #=> String
resp.findings[0].resource.instance_details.network_interfaces[0].security_groups[0].group_name #=> String
resp.findings[0].resource.instance_details.network_interfaces[0].subnet_id #=> String
resp.findings[0].resource.instance_details.network_interfaces[0].vpc_id #=> String
resp.findings[0].resource.instance_details.platform #=> String
resp.findings[0].resource.instance_details.product_codes #=> Array
resp.findings[0].resource.instance_details.product_codes[0].code #=> String
resp.findings[0].resource.instance_details.product_codes[0].product_type #=> String
resp.findings[0].resource.instance_details.tags #=> Array
resp.findings[0].resource.instance_details.tags[0].key #=> String
resp.findings[0].resource.instance_details.tags[0].value #=> String
resp.findings[0].resource.resource_type #=> String
resp.findings[0].schema_version #=> String
resp.findings[0].service.action.action_type #=> String
resp.findings[0].service.action.aws_api_call_action.api #=> String
resp.findings[0].service.action.aws_api_call_action.caller_type #=> String
resp.findings[0].service.action.aws_api_call_action.remote_ip_details.city.city_name #=> String
resp.findings[0].service.action.aws_api_call_action.remote_ip_details.country.country_code #=> String
resp.findings[0].service.action.aws_api_call_action.remote_ip_details.country.country_name #=> String
resp.findings[0].service.action.aws_api_call_action.remote_ip_details.geo_location.lat #=> Float
resp.findings[0].service.action.aws_api_call_action.remote_ip_details.geo_location.lon #=> Float
resp.findings[0].service.action.aws_api_call_action.remote_ip_details.ip_address_v4 #=> String
resp.findings[0].service.action.aws_api_call_action.remote_ip_details.organization.asn #=> String
resp.findings[0].service.action.aws_api_call_action.remote_ip_details.organization.asn_org #=> String
resp.findings[0].service.action.aws_api_call_action.remote_ip_details.organization.isp #=> String
resp.findings[0].service.action.aws_api_call_action.remote_ip_details.organization.org #=> String
resp.findings[0].service.action.aws_api_call_action.service_name #=> String
resp.findings[0].service.action.dns_request_action.domain #=> String
resp.findings[0].service.action.network_connection_action.blocked #=> Boolean
resp.findings[0].service.action.network_connection_action.connection_direction #=> String
resp.findings[0].service.action.network_connection_action.local_port_details.port #=> Integer
resp.findings[0].service.action.network_connection_action.local_port_details.port_name #=> String
resp.findings[0].service.action.network_connection_action.protocol #=> String
resp.findings[0].service.action.network_connection_action.remote_ip_details.city.city_name #=> String
resp.findings[0].service.action.network_connection_action.remote_ip_details.country.country_code #=> String
resp.findings[0].service.action.network_connection_action.remote_ip_details.country.country_name #=> String
resp.findings[0].service.action.network_connection_action.remote_ip_details.geo_location.lat #=> Float
resp.findings[0].service.action.network_connection_action.remote_ip_details.geo_location.lon #=> Float
resp.findings[0].service.action.network_connection_action.remote_ip_details.ip_address_v4 #=> String
resp.findings[0].service.action.network_connection_action.remote_ip_details.organization.asn #=> String
resp.findings[0].service.action.network_connection_action.remote_ip_details.organization.asn_org #=> String
resp.findings[0].service.action.network_connection_action.remote_ip_details.organization.isp #=> String
resp.findings[0].service.action.network_connection_action.remote_ip_details.organization.org #=> String
resp.findings[0].service.action.network_connection_action.remote_port_details.port #=> Integer
resp.findings[0].service.action.network_connection_action.remote_port_details.port_name #=> String
resp.findings[0].service.action.port_probe_action.blocked #=> Boolean
resp.findings[0].service.action.port_probe_action.port_probe_details #=> Array
resp.findings[0].service.action.port_probe_action.port_probe_details[0].local_port_details.port #=> Integer
resp.findings[0].service.action.port_probe_action.port_probe_details[0].local_port_details.port_name #=> String
resp.findings[0].service.action.port_probe_action.port_probe_details[0].remote_ip_details.city.city_name #=> String
resp.findings[0].service.action.port_probe_action.port_probe_details[0].remote_ip_details.country.country_code #=> String
resp.findings[0].service.action.port_probe_action.port_probe_details[0].remote_ip_details.country.country_name #=> String
resp.findings[0].service.action.port_probe_action.port_probe_details[0].remote_ip_details.geo_location.lat #=> Float
resp.findings[0].service.action.port_probe_action.port_probe_details[0].remote_ip_details.geo_location.lon #=> Float
resp.findings[0].service.action.port_probe_action.port_probe_details[0].remote_ip_details.ip_address_v4 #=> String
resp.findings[0].service.action.port_probe_action.port_probe_details[0].remote_ip_details.organization.asn #=> String
resp.findings[0].service.action.port_probe_action.port_probe_details[0].remote_ip_details.organization.asn_org #=> String
resp.findings[0].service.action.port_probe_action.port_probe_details[0].remote_ip_details.organization.isp #=> String
resp.findings[0].service.action.port_probe_action.port_probe_details[0].remote_ip_details.organization.org #=> String
resp.findings[0].service.archived #=> Boolean
resp.findings[0].service.count #=> Integer
resp.findings[0].service.detector_id #=> String
resp.findings[0].service.event_first_seen #=> String
resp.findings[0].service.event_last_seen #=> String
resp.findings[0].service.resource_role #=> String
resp.findings[0].service.service_name #=> String
resp.findings[0].service.user_feedback #=> String
resp.findings[0].severity #=> Float
resp.findings[0].title #=> String
resp.findings[0].type #=> String
resp.findings[0].updated_at #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :detector_id (required, String)
  • :finding_ids (Array<String>)

    IDs of the findings that you want to retrieve.

  • :sort_criteria (Types::SortCriteria)

    Represents the criteria used for sorting findings.

Returns:

See Also:



944
945
946
947
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 944

def get_findings(params = {}, options = {})
  req = build_request(:get_findings, params)
  req.send_request(options)
end

#get_findings_statistics(params = {}) ⇒ Types::GetFindingsStatisticsResponse

Lists Amazon GuardDuty findings' statistics for the specified detector ID.

Examples:

Request syntax with placeholder values


resp = client.get_findings_statistics({
  detector_id: "__string", # required
  finding_criteria: {
    criterion: {
      "__string" => {
        eq: ["__string"],
        gt: 1,
        gte: 1,
        lt: 1,
        lte: 1,
        neq: ["__string"],
      },
    },
  },
  finding_statistic_types: ["COUNT_BY_SEVERITY"], # accepts COUNT_BY_SEVERITY
})

Response structure


resp.finding_statistics.count_by_severity #=> Hash
resp.finding_statistics.count_by_severity["__string"] #=> Integer

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :detector_id (required, String)
  • :finding_criteria (Types::FindingCriteria)

    Represents the criteria used for querying findings.

  • :finding_statistic_types (Array<String>)

    Types of finding statistics to retrieve.

Returns:

See Also:



992
993
994
995
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 992

def get_findings_statistics(params = {}, options = {})
  req = build_request(:get_findings_statistics, params)
  req.send_request(options)
end

#get_invitations_count(params = {}) ⇒ Types::GetInvitationsCountResponse

Returns the count of all GuardDuty membership invitations that were sent to the current member account except the currently accepted invitation.

Examples:

Response structure


resp.invitations_count #=> Integer

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Returns:

See Also:



1049
1050
1051
1052
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1049

def get_invitations_count(params = {}, options = {})
  req = build_request(:get_invitations_count, params)
  req.send_request(options)
end

#get_ip_set(params = {}) ⇒ Types::GetIPSetResponse

Retrieves the IPSet specified by the IPSet ID.

Examples:

Request syntax with placeholder values


resp = client.get_ip_set({
  detector_id: "__string", # required
  ip_set_id: "__string", # required
})

Response structure


resp.format #=> String, one of "TXT", "STIX", "OTX_CSV", "ALIEN_VAULT", "PROOF_POINT", "FIRE_EYE"
resp.location #=> String
resp.name #=> String
resp.status #=> String, one of "INACTIVE", "ACTIVATING", "ACTIVE", "DEACTIVATING", "ERROR", "DELETE_PENDING", "DELETED"

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :detector_id (required, String)
  • :ip_set_id (required, String)

Returns:

See Also:



1028
1029
1030
1031
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1028

def get_ip_set(params = {}, options = {})
  req = build_request(:get_ip_set, params)
  req.send_request(options)
end

#get_master_account(params = {}) ⇒ Types::GetMasterAccountResponse

Provides the details for the GuardDuty master account to the current GuardDuty member account.

Examples:

Request syntax with placeholder values


resp = client.({
  detector_id: "__string", # required
})

Response structure


resp.master. #=> String
resp.master.invitation_id #=> String
resp.master.invited_at #=> String
resp.master.relationship_status #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :detector_id (required, String)

Returns:

See Also:



1080
1081
1082
1083
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1080

def (params = {}, options = {})
  req = build_request(:get_master_account, params)
  req.send_request(options)
end

#get_members(params = {}) ⇒ Types::GetMembersResponse

Retrieves GuardDuty member accounts (to the current GuardDuty master account) specified by the account IDs.

Examples:

Request syntax with placeholder values


resp = client.get_members({
  account_ids: ["__string"],
  detector_id: "__string", # required
})

Response structure


resp.members #=> Array
resp.members[0]. #=> String
resp.members[0].detector_id #=> String
resp.members[0].email #=> String
resp.members[0].invited_at #=> String
resp.members[0].master_id #=> String
resp.members[0].relationship_status #=> String
resp.members[0].updated_at #=> String
resp.unprocessed_accounts #=> Array
resp.unprocessed_accounts[0]. #=> String
resp.unprocessed_accounts[0].result #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :account_ids (Array<String>)

    A list of account IDs of the GuardDuty member accounts that you want to describe.

  • :detector_id (required, String)

Returns:

See Also:



1124
1125
1126
1127
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1124

def get_members(params = {}, options = {})
  req = build_request(:get_members, params)
  req.send_request(options)
end

#get_threat_intel_set(params = {}) ⇒ Types::GetThreatIntelSetResponse

Retrieves the ThreatIntelSet that is specified by the ThreatIntelSet ID.

Examples:

Request syntax with placeholder values


resp = client.get_threat_intel_set({
  detector_id: "__string", # required
  threat_intel_set_id: "__string", # required
})

Response structure


resp.format #=> String, one of "TXT", "STIX", "OTX_CSV", "ALIEN_VAULT", "PROOF_POINT", "FIRE_EYE"
resp.location #=> String
resp.name #=> String
resp.status #=> String, one of "INACTIVE", "ACTIVATING", "ACTIVE", "DEACTIVATING", "ERROR", "DELETE_PENDING", "DELETED"

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :detector_id (required, String)
  • :threat_intel_set_id (required, String)

Returns:

See Also:



1161
1162
1163
1164
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1161

def get_threat_intel_set(params = {}, options = {})
  req = build_request(:get_threat_intel_set, params)
  req.send_request(options)
end

#invite_members(params = {}) ⇒ Types::InviteMembersResponse

Invites other AWS accounts (created as members of the current AWS account by CreateMembers) to enable GuardDuty and allow the current AWS account to view and manage these accounts' GuardDuty findings on their behalf as the master account.

Examples:

Request syntax with placeholder values


resp = client.invite_members({
  account_ids: ["__string"],
  detector_id: "__string", # required
  disable_email_notification: false,
  message: "Message",
})

Response structure


resp.unprocessed_accounts #=> Array
resp.unprocessed_accounts[0]. #=> String
resp.unprocessed_accounts[0].result #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :account_ids (Array<String>)

    A list of account IDs of the accounts that you want to invite to GuardDuty as members.

  • :detector_id (required, String)
  • :disable_email_notification (Boolean)

    A boolean value that specifies whether you want to disable email notification to the accounts that you’re inviting to GuardDuty as members.

  • :message (String)

    The invitation message that you want to send to the accounts that you’re inviting to GuardDuty as members.

Returns:

See Also:



1209
1210
1211
1212
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1209

def invite_members(params = {}, options = {})
  req = build_request(:invite_members, params)
  req.send_request(options)
end

#list_detectors(params = {}) ⇒ Types::ListDetectorsResponse

Lists detectorIds of all the existing Amazon GuardDuty detector resources.

Examples:

Request syntax with placeholder values


resp = client.list_detectors({
  max_results: 1,
  next_token: "__string",
})

Response structure


resp.detector_ids #=> Array
resp.detector_ids[0] #=> String
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :max_results (Integer)

    You can use this parameter to indicate the maximum number of items that you want in the response.

  • :next_token (String)

Returns:

See Also:



1245
1246
1247
1248
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1245

def list_detectors(params = {}, options = {})
  req = build_request(:list_detectors, params)
  req.send_request(options)
end

#list_filters(params = {}) ⇒ Types::ListFiltersResponse

Returns a paginated list of the current filters.

Examples:

Request syntax with placeholder values


resp = client.list_filters({
  detector_id: "__string", # required
  max_results: 1,
  next_token: "__string",
})

Response structure


resp.filter_names #=> Array
resp.filter_names[0] #=> String
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :detector_id (required, String)
  • :max_results (Integer)

    You can use this parameter to indicate the maximum number of items that you want in the response.

  • :next_token (String)

Returns:

See Also:



1283
1284
1285
1286
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1283

def list_filters(params = {}, options = {})
  req = build_request(:list_filters, params)
  req.send_request(options)
end

#list_findings(params = {}) ⇒ Types::ListFindingsResponse

Lists Amazon GuardDuty findings for the specified detector ID.

Examples:

Request syntax with placeholder values


resp = client.list_findings({
  detector_id: "__string", # required
  finding_criteria: {
    criterion: {
      "__string" => {
        eq: ["__string"],
        gt: 1,
        gte: 1,
        lt: 1,
        lte: 1,
        neq: ["__string"],
      },
    },
  },
  max_results: 1,
  next_token: "NextToken",
  sort_criteria: {
    attribute_name: "__string",
    order_by: "ASC", # accepts ASC, DESC
  },
})

Response structure


resp.finding_ids #=> Array
resp.finding_ids[0] #=> String
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :detector_id (required, String)
  • :finding_criteria (Types::FindingCriteria)

    Represents the criteria used for querying findings.

  • :max_results (Integer)

    You can use this parameter to indicate the maximum number of items you want in the response. The default value is 50. The maximum value is 50.

  • :next_token (String)

    You can use this parameter when paginating results. Set the value of this parameter to null on your first call to the ListFindings action. For subsequent calls to the action fill nextToken in the request with the value of nextToken from the previous response to continue listing data.

  • :sort_criteria (Types::SortCriteria)

    Represents the criteria used for sorting findings.

Returns:

See Also:



1349
1350
1351
1352
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1349

def list_findings(params = {}, options = {})
  req = build_request(:list_findings, params)
  req.send_request(options)
end

#list_invitations(params = {}) ⇒ Types::ListInvitationsResponse

Lists all GuardDuty membership invitations that were sent to the current AWS account.

Examples:

Request syntax with placeholder values


resp = client.list_invitations({
  max_results: 1,
  next_token: "__string",
})

Response structure


resp.invitations #=> Array
resp.invitations[0]. #=> String
resp.invitations[0].invitation_id #=> String
resp.invitations[0].invited_at #=> String
resp.invitations[0].relationship_status #=> String
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :max_results (Integer)

    You can use this parameter to indicate the maximum number of items that you want in the response.

  • :next_token (String)

Returns:

See Also:



1427
1428
1429
1430
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1427

def list_invitations(params = {}, options = {})
  req = build_request(:list_invitations, params)
  req.send_request(options)
end

#list_ip_sets(params = {}) ⇒ Types::ListIPSetsResponse

Lists the IPSets of the GuardDuty service specified by the detector ID.

Examples:

Request syntax with placeholder values


resp = client.list_ip_sets({
  detector_id: "__string", # required
  max_results: 1,
  next_token: "__string",
})

Response structure


resp.ip_set_ids #=> Array
resp.ip_set_ids[0] #=> String
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :detector_id (required, String)
  • :max_results (Integer)

    You can use this parameter to indicate the maximum number of items that you want in the response.

  • :next_token (String)

Returns:

See Also:



1388
1389
1390
1391
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1388

def list_ip_sets(params = {}, options = {})
  req = build_request(:list_ip_sets, params)
  req.send_request(options)
end

#list_members(params = {}) ⇒ Types::ListMembersResponse

Lists details about all member accounts for the current GuardDuty master account.

Examples:

Request syntax with placeholder values


resp = client.list_members({
  detector_id: "__string", # required
  max_results: 1,
  next_token: "__string",
  only_associated: "__string",
})

Response structure


resp.members #=> Array
resp.members[0]. #=> String
resp.members[0].detector_id #=> String
resp.members[0].email #=> String
resp.members[0].invited_at #=> String
resp.members[0].master_id #=> String
resp.members[0].relationship_status #=> String
resp.members[0].updated_at #=> String
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :detector_id (required, String)
  • :max_results (Integer)

    You can use this parameter to indicate the maximum number of items that you want in the response.

  • :next_token (String)
  • :only_associated (String)

Returns:

See Also:



1475
1476
1477
1478
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1475

def list_members(params = {}, options = {})
  req = build_request(:list_members, params)
  req.send_request(options)
end

#list_threat_intel_sets(params = {}) ⇒ Types::ListThreatIntelSetsResponse

Lists the ThreatIntelSets of the GuardDuty service specified by the detector ID.

Examples:

Request syntax with placeholder values


resp = client.list_threat_intel_sets({
  detector_id: "__string", # required
  max_results: 1,
  next_token: "__string",
})

Response structure


resp.next_token #=> String
resp.threat_intel_set_ids #=> Array
resp.threat_intel_set_ids[0] #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :detector_id (required, String)
  • :max_results (Integer)

    You can use this parameter to indicate the maximum number of items that you want in the response.

  • :next_token (String)

Returns:

See Also:



1514
1515
1516
1517
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1514

def list_threat_intel_sets(params = {}, options = {})
  req = build_request(:list_threat_intel_sets, params)
  req.send_request(options)
end

#start_monitoring_members(params = {}) ⇒ Types::StartMonitoringMembersResponse

Re-enables GuardDuty to monitor findings of the member accounts specified by the account IDs. A master GuardDuty account can run this command after disabling GuardDuty from monitoring these members' findings by running StopMonitoringMembers.

Examples:

Request syntax with placeholder values


resp = client.start_monitoring_members({
  account_ids: ["__string"],
  detector_id: "__string", # required
})

Response structure


resp.unprocessed_accounts #=> Array
resp.unprocessed_accounts[0]. #=> String
resp.unprocessed_accounts[0].result #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :account_ids (Array<String>)

    A list of account IDs of the GuardDuty member accounts whose findings you want the master account to monitor.

  • :detector_id (required, String)

Returns:

See Also:



1551
1552
1553
1554
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1551

def start_monitoring_members(params = {}, options = {})
  req = build_request(:start_monitoring_members, params)
  req.send_request(options)
end

#stop_monitoring_members(params = {}) ⇒ Types::StopMonitoringMembersResponse

Disables GuardDuty from monitoring findings of the member accounts specified by the account IDs. After running this command, a master GuardDuty account can run StartMonitoringMembers to re-enable GuardDuty to monitor these members’ findings.

Examples:

Request syntax with placeholder values


resp = client.stop_monitoring_members({
  account_ids: ["__string"],
  detector_id: "__string", # required
})

Response structure


resp.unprocessed_accounts #=> Array
resp.unprocessed_accounts[0]. #=> String
resp.unprocessed_accounts[0].result #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :account_ids (Array<String>)

    A list of account IDs of the GuardDuty member accounts whose findings you want the master account to stop monitoring.

  • :detector_id (required, String)

Returns:

See Also:



1588
1589
1590
1591
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1588

def stop_monitoring_members(params = {}, options = {})
  req = build_request(:stop_monitoring_members, params)
  req.send_request(options)
end

#unarchive_findings(params = {}) ⇒ Struct

Unarchives Amazon GuardDuty findings specified by the list of finding IDs.

Examples:

Request syntax with placeholder values


resp = client.unarchive_findings({
  detector_id: "__string", # required
  finding_ids: ["FindingId"],
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :detector_id (required, String)
  • :finding_ids (Array<String>)

    IDs of the findings that you want to unarchive.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



1614
1615
1616
1617
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1614

def unarchive_findings(params = {}, options = {})
  req = build_request(:unarchive_findings, params)
  req.send_request(options)
end

#update_detector(params = {}) ⇒ Struct

Updates an Amazon GuardDuty detector specified by the detectorId.

Examples:

Request syntax with placeholder values


resp = client.update_detector({
  detector_id: "__string", # required
  enable: false,
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :detector_id (required, String)
  • :enable (Boolean)

    Updated boolean value for the detector that specifies whether the detector is enabled.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



1640
1641
1642
1643
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1640

def update_detector(params = {}, options = {})
  req = build_request(:update_detector, params)
  req.send_request(options)
end

#update_filter(params = {}) ⇒ Types::UpdateFilterResponse

Updates the filter specified by the filter name.

Examples:

Request syntax with placeholder values


resp = client.update_filter({
  action: "NOOP", # accepts NOOP, ARCHIVE
  description: "FilterDescription",
  detector_id: "__string", # required
  filter_name: "__string", # required
  finding_criteria: {
    criterion: {
      "__string" => {
        eq: ["__string"],
        gt: 1,
        gte: 1,
        lt: 1,
        lte: 1,
        neq: ["__string"],
      },
    },
  },
  rank: 1,
})

Response structure


resp.name #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :action (String)

    Specifies the action that is to be applied to the findings that match the filter.

  • :description (String)

    The description of the filter.

  • :detector_id (required, String)
  • :filter_name (required, String)
  • :finding_criteria (Types::FindingCriteria)

    Represents the criteria to be used in the filter for querying findings.

  • :rank (Integer)

    Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings.

Returns:

See Also:



1701
1702
1703
1704
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1701

def update_filter(params = {}, options = {})
  req = build_request(:update_filter, params)
  req.send_request(options)
end

#update_findings_feedback(params = {}) ⇒ Struct

Marks specified Amazon GuardDuty findings as useful or not useful.

Examples:

Request syntax with placeholder values


resp = client.update_findings_feedback({
  comments: "Comments",
  detector_id: "__string", # required
  feedback: "USEFUL", # accepts USEFUL, NOT_USEFUL
  finding_ids: ["FindingId"],
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :comments (String)

    Additional feedback about the GuardDuty findings.

  • :detector_id (required, String)
  • :feedback (String)

    Valid values: USEFUL | NOT_USEFUL

  • :finding_ids (Array<String>)

    IDs of the findings that you want to mark as useful or not useful.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



1734
1735
1736
1737
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1734

def update_findings_feedback(params = {}, options = {})
  req = build_request(:update_findings_feedback, params)
  req.send_request(options)
end

#update_ip_set(params = {}) ⇒ Struct

Updates the IPSet specified by the IPSet ID.

Examples:

Request syntax with placeholder values


resp = client.update_ip_set({
  activate: false,
  detector_id: "__string", # required
  ip_set_id: "__string", # required
  location: "Location",
  name: "Name",
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :activate (Boolean)

    The updated boolean value that specifies whether the IPSet is active or not.

  • :detector_id (required, String)
  • :ip_set_id (required, String)
  • :location (String)

    The updated URI of the file that contains the IPSet. For example (https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key).

  • :name (String)

    The unique ID that specifies the IPSet that you want to update.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



1772
1773
1774
1775
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1772

def update_ip_set(params = {}, options = {})
  req = build_request(:update_ip_set, params)
  req.send_request(options)
end

#update_threat_intel_set(params = {}) ⇒ Struct

Updates the ThreatIntelSet specified by ThreatIntelSet ID.

Examples:

Request syntax with placeholder values


resp = client.update_threat_intel_set({
  activate: false,
  detector_id: "__string", # required
  location: "Location",
  name: "Name",
  threat_intel_set_id: "__string", # required
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :activate (Boolean)

    The updated boolean value that specifies whether the ThreateIntelSet is active or not.

  • :detector_id (required, String)
  • :location (String)

    The updated URI of the file that contains the ThreateIntelSet. For example (https://s3.us-west-2.amazonaws.com/my-bucket/my-object-key)

  • :name (String)

    The unique ID that specifies the ThreatIntelSet that you want to update.

  • :threat_intel_set_id (required, String)

Returns:

  • (Struct)

    Returns an empty response.

See Also:



1811
1812
1813
1814
# File 'gems/aws-sdk-guardduty/lib/aws-sdk-guardduty/client.rb', line 1811

def update_threat_intel_set(params = {}, options = {})
  req = build_request(:update_threat_intel_set, params)
  req.send_request(options)
end