Class: Aws::SecurityHub::Types::AwsSecurityFindingFilters

Inherits:
Struct
  • Object
show all
Defined in:
gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb

Overview

Note:

When making an API call, you may pass AwsSecurityFindingFilters data as a hash:

{
  product_arn: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  aws_account_id: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  id: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  generator_id: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  region: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  type: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  first_observed_at: [
    {
      start: "NonEmptyString",
      end: "NonEmptyString",
      date_range: {
        value: 1,
        unit: "DAYS", # accepts DAYS
      },
    },
  ],
  last_observed_at: [
    {
      start: "NonEmptyString",
      end: "NonEmptyString",
      date_range: {
        value: 1,
        unit: "DAYS", # accepts DAYS
      },
    },
  ],
  created_at: [
    {
      start: "NonEmptyString",
      end: "NonEmptyString",
      date_range: {
        value: 1,
        unit: "DAYS", # accepts DAYS
      },
    },
  ],
  updated_at: [
    {
      start: "NonEmptyString",
      end: "NonEmptyString",
      date_range: {
        value: 1,
        unit: "DAYS", # accepts DAYS
      },
    },
  ],
  severity_product: [
    {
      gte: 1.0,
      lte: 1.0,
      eq: 1.0,
    },
  ],
  severity_normalized: [
    {
      gte: 1.0,
      lte: 1.0,
      eq: 1.0,
    },
  ],
  severity_label: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  confidence: [
    {
      gte: 1.0,
      lte: 1.0,
      eq: 1.0,
    },
  ],
  criticality: [
    {
      gte: 1.0,
      lte: 1.0,
      eq: 1.0,
    },
  ],
  title: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  description: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  recommendation_text: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  source_url: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  product_fields: [
    {
      key: "NonEmptyString",
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, NOT_EQUALS
    },
  ],
  product_name: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  company_name: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  user_defined_fields: [
    {
      key: "NonEmptyString",
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, NOT_EQUALS
    },
  ],
  malware_name: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  malware_type: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  malware_path: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  malware_state: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  network_direction: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  network_protocol: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  network_source_ip_v4: [
    {
      cidr: "NonEmptyString",
    },
  ],
  network_source_ip_v6: [
    {
      cidr: "NonEmptyString",
    },
  ],
  network_source_port: [
    {
      gte: 1.0,
      lte: 1.0,
      eq: 1.0,
    },
  ],
  network_source_domain: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  network_source_mac: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  network_destination_ip_v4: [
    {
      cidr: "NonEmptyString",
    },
  ],
  network_destination_ip_v6: [
    {
      cidr: "NonEmptyString",
    },
  ],
  network_destination_port: [
    {
      gte: 1.0,
      lte: 1.0,
      eq: 1.0,
    },
  ],
  network_destination_domain: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  process_name: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  process_path: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  process_pid: [
    {
      gte: 1.0,
      lte: 1.0,
      eq: 1.0,
    },
  ],
  process_parent_pid: [
    {
      gte: 1.0,
      lte: 1.0,
      eq: 1.0,
    },
  ],
  process_launched_at: [
    {
      start: "NonEmptyString",
      end: "NonEmptyString",
      date_range: {
        value: 1,
        unit: "DAYS", # accepts DAYS
      },
    },
  ],
  process_terminated_at: [
    {
      start: "NonEmptyString",
      end: "NonEmptyString",
      date_range: {
        value: 1,
        unit: "DAYS", # accepts DAYS
      },
    },
  ],
  threat_intel_indicator_type: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  threat_intel_indicator_value: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  threat_intel_indicator_category: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  threat_intel_indicator_last_observed_at: [
    {
      start: "NonEmptyString",
      end: "NonEmptyString",
      date_range: {
        value: 1,
        unit: "DAYS", # accepts DAYS
      },
    },
  ],
  threat_intel_indicator_source: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  threat_intel_indicator_source_url: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  resource_type: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  resource_id: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  resource_partition: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  resource_region: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  resource_tags: [
    {
      key: "NonEmptyString",
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, NOT_EQUALS
    },
  ],
  resource_aws_ec2_instance_type: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  resource_aws_ec2_instance_image_id: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  resource_aws_ec2_instance_ip_v4_addresses: [
    {
      cidr: "NonEmptyString",
    },
  ],
  resource_aws_ec2_instance_ip_v6_addresses: [
    {
      cidr: "NonEmptyString",
    },
  ],
  resource_aws_ec2_instance_key_name: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  resource_aws_ec2_instance_iam_instance_profile_arn: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  resource_aws_ec2_instance_vpc_id: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  resource_aws_ec2_instance_subnet_id: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  resource_aws_ec2_instance_launched_at: [
    {
      start: "NonEmptyString",
      end: "NonEmptyString",
      date_range: {
        value: 1,
        unit: "DAYS", # accepts DAYS
      },
    },
  ],
  resource_aws_s3_bucket_owner_id: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  resource_aws_s3_bucket_owner_name: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  resource_aws_iam_access_key_user_name: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  resource_aws_iam_access_key_principal_name: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  resource_aws_iam_access_key_status: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  resource_aws_iam_access_key_created_at: [
    {
      start: "NonEmptyString",
      end: "NonEmptyString",
      date_range: {
        value: 1,
        unit: "DAYS", # accepts DAYS
      },
    },
  ],
  resource_aws_iam_user_user_name: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  resource_container_name: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  resource_container_image_id: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  resource_container_image_name: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  resource_container_launched_at: [
    {
      start: "NonEmptyString",
      end: "NonEmptyString",
      date_range: {
        value: 1,
        unit: "DAYS", # accepts DAYS
      },
    },
  ],
  resource_details_other: [
    {
      key: "NonEmptyString",
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, NOT_EQUALS
    },
  ],
  compliance_status: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  verification_state: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  workflow_state: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  workflow_status: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  record_state: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  related_findings_product_arn: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  related_findings_id: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  note_text: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  note_updated_at: [
    {
      start: "NonEmptyString",
      end: "NonEmptyString",
      date_range: {
        value: 1,
        unit: "DAYS", # accepts DAYS
      },
    },
  ],
  note_updated_by: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  keyword: [
    {
      value: "NonEmptyString",
    },
  ],
  finding_provider_fields_confidence: [
    {
      gte: 1.0,
      lte: 1.0,
      eq: 1.0,
    },
  ],
  finding_provider_fields_criticality: [
    {
      gte: 1.0,
      lte: 1.0,
      eq: 1.0,
    },
  ],
  finding_provider_fields_related_findings_id: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  finding_provider_fields_related_findings_product_arn: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  finding_provider_fields_severity_label: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  finding_provider_fields_severity_original: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
  finding_provider_fields_types: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
    },
  ],
}

A collection of attributes that are applied to all active Security Hub-aggregated findings and that result in a subset of findings that are included in this insight.

You can filter by up to 10 finding attributes. For each attribute, you can provide up to 20 filter values.

Constant Summary collapse

SENSITIVE =
[]

Instance Attribute Summary collapse

Instance Attribute Details

#aws_account_idArray<Types::StringFilter>

The Amazon Web Services account ID that a finding is generated in.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#company_nameArray<Types::StringFilter>

The name of the findings provider (company) that owns the solution (product) that generates findings.

Note that this is a filter against the aws/securityhub/CompanyName field in ProductFields. It is not a filter for the top-level CompanyName field.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#compliance_statusArray<Types::StringFilter>

Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard, such as CIS Amazon Web Services Foundations. Contains security standard-related finding details.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#confidenceArray<Types::NumberFilter>

A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.

Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#created_atArray<Types::DateFilter>

An ISO8601-formatted timestamp that indicates when the security-findings provider captured the potential security issue that a finding captured.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#criticalityArray<Types::NumberFilter>

The level of importance assigned to the resources associated with the finding.

A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#descriptionArray<Types::StringFilter>

A finding's description.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#finding_provider_fields_confidenceArray<Types::NumberFilter>

The finding provider value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.

Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#finding_provider_fields_criticalityArray<Types::NumberFilter>

The finding provider value for the level of importance assigned to the resources associated with the findings.

A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

The finding identifier of a related finding that is identified by the finding provider.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

The ARN of the solution that generated a related finding that is identified by the finding provider.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#finding_provider_fields_severity_labelArray<Types::StringFilter>

The finding provider value for the severity label.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#finding_provider_fields_severity_originalArray<Types::StringFilter>

The finding provider's original value for the severity.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#finding_provider_fields_typesArray<Types::StringFilter>

One or more finding types that the finding provider assigned to the finding. Uses the format of namespace/category/classifier that classify a finding.

Valid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual Behaviors | Sensitive Data Identifications

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#first_observed_atArray<Types::DateFilter>

An ISO8601-formatted timestamp that indicates when the security-findings provider first observed the potential security issue that a finding captured.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#generator_idArray<Types::StringFilter>

The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. In various security-findings providers' solutions, this generator can be called a rule, a check, a detector, a plugin, etc.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#idArray<Types::StringFilter>

The security findings provider-specific identifier for a finding.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#keywordArray<Types::KeywordFilter>

A keyword for a finding.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#last_observed_atArray<Types::DateFilter>

An ISO8601-formatted timestamp that indicates when the security-findings provider most recently observed the potential security issue that a finding captured.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#malware_nameArray<Types::StringFilter>

The name of the malware that was observed.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#malware_pathArray<Types::StringFilter>

The filesystem path of the malware that was observed.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#malware_stateArray<Types::StringFilter>

The state of the malware that was observed.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#malware_typeArray<Types::StringFilter>

The type of the malware that was observed.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#network_destination_domainArray<Types::StringFilter>

The destination domain of network-related information about a finding.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#network_destination_ip_v4Array<Types::IpFilter>

The destination IPv4 address of network-related information about a finding.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#network_destination_ip_v6Array<Types::IpFilter>

The destination IPv6 address of network-related information about a finding.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#network_destination_portArray<Types::NumberFilter>

The destination port of network-related information about a finding.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#network_directionArray<Types::StringFilter>

Indicates the direction of network traffic associated with a finding.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#network_protocolArray<Types::StringFilter>

The protocol of network-related information about a finding.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#network_source_domainArray<Types::StringFilter>

The source domain of network-related information about a finding.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#network_source_ip_v4Array<Types::IpFilter>

The source IPv4 address of network-related information about a finding.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#network_source_ip_v6Array<Types::IpFilter>

The source IPv6 address of network-related information about a finding.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#network_source_macArray<Types::StringFilter>

The source media access control (MAC) address of network-related information about a finding.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#network_source_portArray<Types::NumberFilter>

The source port of network-related information about a finding.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#note_textArray<Types::StringFilter>

The text of a note.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#note_updated_atArray<Types::DateFilter>

The timestamp of when the note was updated.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#note_updated_byArray<Types::StringFilter>

The principal that created a note.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#process_launched_atArray<Types::DateFilter>

The date/time that the process was launched.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#process_nameArray<Types::StringFilter>

The name of the process.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#process_parent_pidArray<Types::NumberFilter>

The parent process ID.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#process_pathArray<Types::StringFilter>

The path to the process executable.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#process_pidArray<Types::NumberFilter>

The process ID.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#process_terminated_atArray<Types::DateFilter>

The date/time that the process was terminated.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#product_arnArray<Types::StringFilter>

The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#product_fieldsArray<Types::MapFilter>

A data type where security-findings providers can include additional solution-specific details that aren't part of the defined AwsSecurityFinding format.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#product_nameArray<Types::StringFilter>

The name of the solution (product) that generates findings.

Note that this is a filter against the aws/securityhub/ProductName field in ProductFields. It is not a filter for the top-level ProductName field.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#recommendation_textArray<Types::StringFilter>

The recommendation of what to do about the issue described in a finding.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#record_stateArray<Types::StringFilter>

The updated record state for the finding.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#regionArray<Types::StringFilter>

The Region from which the finding was generated.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

The solution-generated identifier for a related finding.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

The ARN of the solution that generated a related finding.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#resource_aws_ec2_instance_iam_instance_profile_arnArray<Types::StringFilter>

The IAM profile ARN of the instance.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#resource_aws_ec2_instance_image_idArray<Types::StringFilter>

The Amazon Machine Image (AMI) ID of the instance.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#resource_aws_ec2_instance_ip_v4_addressesArray<Types::IpFilter>

The IPv4 addresses associated with the instance.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#resource_aws_ec2_instance_ip_v6_addressesArray<Types::IpFilter>

The IPv6 addresses associated with the instance.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#resource_aws_ec2_instance_key_nameArray<Types::StringFilter>

The key name associated with the instance.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#resource_aws_ec2_instance_launched_atArray<Types::DateFilter>

The date and time the instance was launched.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#resource_aws_ec2_instance_subnet_idArray<Types::StringFilter>

The identifier of the subnet that the instance was launched in.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#resource_aws_ec2_instance_typeArray<Types::StringFilter>

The instance type of the instance.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#resource_aws_ec2_instance_vpc_idArray<Types::StringFilter>

The identifier of the VPC that the instance was launched in.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#resource_aws_iam_access_key_created_atArray<Types::DateFilter>

The creation date/time of the IAM access key related to a finding.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#resource_aws_iam_access_key_principal_nameArray<Types::StringFilter>

The name of the principal that is associated with an IAM access key.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#resource_aws_iam_access_key_statusArray<Types::StringFilter>

The status of the IAM access key related to a finding.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#resource_aws_iam_access_key_user_nameArray<Types::StringFilter>

The user associated with the IAM access key related to a finding.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#resource_aws_iam_user_user_nameArray<Types::StringFilter>

The name of an IAM user.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#resource_aws_s3_bucket_owner_idArray<Types::StringFilter>

The canonical user ID of the owner of the S3 bucket.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#resource_aws_s3_bucket_owner_nameArray<Types::StringFilter>

The display name of the owner of the S3 bucket.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#resource_container_image_idArray<Types::StringFilter>

The identifier of the image related to a finding.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#resource_container_image_nameArray<Types::StringFilter>

The name of the image related to a finding.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#resource_container_launched_atArray<Types::DateFilter>

The date/time that the container was started.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#resource_container_nameArray<Types::StringFilter>

The name of the container related to a finding.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#resource_details_otherArray<Types::MapFilter>

The details of a resource that doesn't have a specific subfield for the resource type defined.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#resource_idArray<Types::StringFilter>

The canonical identifier for the given resource type.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#resource_partitionArray<Types::StringFilter>

The canonical Amazon Web Services partition name that the Region is assigned to.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#resource_regionArray<Types::StringFilter>

The canonical Amazon Web Services external Region name where this resource is located.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#resource_tagsArray<Types::MapFilter>

A list of Amazon Web Services tags associated with a resource at the time the finding was processed.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#resource_typeArray<Types::StringFilter>

Specifies the type of the resource that details are provided for.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#severity_labelArray<Types::StringFilter>

The label of a finding's severity.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#severity_normalizedArray<Types::NumberFilter>

The normalized severity of a finding.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#severity_productArray<Types::NumberFilter>

The native severity as defined by the security-findings provider's solution that generated the finding.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#source_urlArray<Types::StringFilter>

A URL that links to a page about the current finding in the security-findings provider's solution.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#threat_intel_indicator_categoryArray<Types::StringFilter>

The category of a threat intelligence indicator.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#threat_intel_indicator_last_observed_atArray<Types::DateFilter>

The date/time of the last observation of a threat intelligence indicator.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#threat_intel_indicator_sourceArray<Types::StringFilter>

The source of the threat intelligence.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#threat_intel_indicator_source_urlArray<Types::StringFilter>

The URL for more details from the source of the threat intelligence.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#threat_intel_indicator_typeArray<Types::StringFilter>

The type of a threat intelligence indicator.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#threat_intel_indicator_valueArray<Types::StringFilter>

The value of a threat intelligence indicator.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#titleArray<Types::StringFilter>

A finding's title.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#typeArray<Types::StringFilter>

A finding type in the format of namespace/category/classifier that classifies a finding.

Returns:



19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 19386

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :region,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_principal_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_aws_iam_user_user_name,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword,
  :finding_provider_fields_confidence,
  :finding_provider_fields_criticality,
  :finding_provider_fields_related_findings_id,
  :finding_provider_fields_related_findings_product_arn,
  :finding_provider_fields_severity_label,
  :finding_provider_fields_severity_original,
  :finding_provider_fields_types)
  SENSITIVE = []
  include Aws::Structure
end

#updated_atArray<Types::DateFilter>

An ISO8601-formatted timestamp that indicates when the security-findings provider last updated the finding record.

Returns: