You are viewing documentation for version 3 of the AWS SDK for Ruby. Version 2 documentation can be found here.

Class: Aws::SecurityHub::Types::AwsSecurityFindingFilters

Inherits:
Struct
  • Object
show all
Defined in:
gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb

Overview

Note:

When making an API call, you may pass AwsSecurityFindingFilters data as a hash:

{
  product_arn: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  aws_account_id: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  id: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  generator_id: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  type: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  first_observed_at: [
    {
      start: "NonEmptyString",
      end: "NonEmptyString",
      date_range: {
        value: 1,
        unit: "DAYS", # accepts DAYS
      },
    },
  ],
  last_observed_at: [
    {
      start: "NonEmptyString",
      end: "NonEmptyString",
      date_range: {
        value: 1,
        unit: "DAYS", # accepts DAYS
      },
    },
  ],
  created_at: [
    {
      start: "NonEmptyString",
      end: "NonEmptyString",
      date_range: {
        value: 1,
        unit: "DAYS", # accepts DAYS
      },
    },
  ],
  updated_at: [
    {
      start: "NonEmptyString",
      end: "NonEmptyString",
      date_range: {
        value: 1,
        unit: "DAYS", # accepts DAYS
      },
    },
  ],
  severity_product: [
    {
      gte: 1.0,
      lte: 1.0,
      eq: 1.0,
    },
  ],
  severity_normalized: [
    {
      gte: 1.0,
      lte: 1.0,
      eq: 1.0,
    },
  ],
  severity_label: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  confidence: [
    {
      gte: 1.0,
      lte: 1.0,
      eq: 1.0,
    },
  ],
  criticality: [
    {
      gte: 1.0,
      lte: 1.0,
      eq: 1.0,
    },
  ],
  title: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  description: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  recommendation_text: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  source_url: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  product_fields: [
    {
      key: "NonEmptyString",
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS
    },
  ],
  product_name: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  company_name: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  user_defined_fields: [
    {
      key: "NonEmptyString",
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS
    },
  ],
  malware_name: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  malware_type: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  malware_path: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  malware_state: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  network_direction: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  network_protocol: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  network_source_ip_v4: [
    {
      cidr: "NonEmptyString",
    },
  ],
  network_source_ip_v6: [
    {
      cidr: "NonEmptyString",
    },
  ],
  network_source_port: [
    {
      gte: 1.0,
      lte: 1.0,
      eq: 1.0,
    },
  ],
  network_source_domain: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  network_source_mac: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  network_destination_ip_v4: [
    {
      cidr: "NonEmptyString",
    },
  ],
  network_destination_ip_v6: [
    {
      cidr: "NonEmptyString",
    },
  ],
  network_destination_port: [
    {
      gte: 1.0,
      lte: 1.0,
      eq: 1.0,
    },
  ],
  network_destination_domain: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  process_name: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  process_path: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  process_pid: [
    {
      gte: 1.0,
      lte: 1.0,
      eq: 1.0,
    },
  ],
  process_parent_pid: [
    {
      gte: 1.0,
      lte: 1.0,
      eq: 1.0,
    },
  ],
  process_launched_at: [
    {
      start: "NonEmptyString",
      end: "NonEmptyString",
      date_range: {
        value: 1,
        unit: "DAYS", # accepts DAYS
      },
    },
  ],
  process_terminated_at: [
    {
      start: "NonEmptyString",
      end: "NonEmptyString",
      date_range: {
        value: 1,
        unit: "DAYS", # accepts DAYS
      },
    },
  ],
  threat_intel_indicator_type: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  threat_intel_indicator_value: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  threat_intel_indicator_category: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  threat_intel_indicator_last_observed_at: [
    {
      start: "NonEmptyString",
      end: "NonEmptyString",
      date_range: {
        value: 1,
        unit: "DAYS", # accepts DAYS
      },
    },
  ],
  threat_intel_indicator_source: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  threat_intel_indicator_source_url: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  resource_type: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  resource_id: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  resource_partition: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  resource_region: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  resource_tags: [
    {
      key: "NonEmptyString",
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS
    },
  ],
  resource_aws_ec2_instance_type: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  resource_aws_ec2_instance_image_id: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  resource_aws_ec2_instance_ip_v4_addresses: [
    {
      cidr: "NonEmptyString",
    },
  ],
  resource_aws_ec2_instance_ip_v6_addresses: [
    {
      cidr: "NonEmptyString",
    },
  ],
  resource_aws_ec2_instance_key_name: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  resource_aws_ec2_instance_iam_instance_profile_arn: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  resource_aws_ec2_instance_vpc_id: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  resource_aws_ec2_instance_subnet_id: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  resource_aws_ec2_instance_launched_at: [
    {
      start: "NonEmptyString",
      end: "NonEmptyString",
      date_range: {
        value: 1,
        unit: "DAYS", # accepts DAYS
      },
    },
  ],
  resource_aws_s3_bucket_owner_id: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  resource_aws_s3_bucket_owner_name: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  resource_aws_iam_access_key_user_name: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  resource_aws_iam_access_key_status: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  resource_aws_iam_access_key_created_at: [
    {
      start: "NonEmptyString",
      end: "NonEmptyString",
      date_range: {
        value: 1,
        unit: "DAYS", # accepts DAYS
      },
    },
  ],
  resource_container_name: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  resource_container_image_id: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  resource_container_image_name: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  resource_container_launched_at: [
    {
      start: "NonEmptyString",
      end: "NonEmptyString",
      date_range: {
        value: 1,
        unit: "DAYS", # accepts DAYS
      },
    },
  ],
  resource_details_other: [
    {
      key: "NonEmptyString",
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS
    },
  ],
  compliance_status: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  verification_state: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  workflow_state: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  record_state: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  related_findings_product_arn: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  related_findings_id: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  note_text: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  note_updated_at: [
    {
      start: "NonEmptyString",
      end: "NonEmptyString",
      date_range: {
        value: 1,
        unit: "DAYS", # accepts DAYS
      },
    },
  ],
  note_updated_by: [
    {
      value: "NonEmptyString",
      comparison: "EQUALS", # accepts EQUALS, PREFIX
    },
  ],
  keyword: [
    {
      value: "NonEmptyString",
    },
  ],
}

A collection of attributes that are applied to all active Security Hub-aggregated findings and that result in a subset of findings that are included in this insight.

Instance Attribute Summary collapse

Instance Attribute Details

#aws_account_idArray<Types::StringFilter>

The AWS account ID that a finding is generated in.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#company_nameArray<Types::StringFilter>

The name of the findings provider (company) that owns the solution (product) that generates findings.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#compliance_statusArray<Types::StringFilter>

Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard (for example, CIS AWS Foundations). Contains compliance-related finding details.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#confidenceArray<Types::NumberFilter>

A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#created_atArray<Types::DateFilter>

An ISO8601-formatted timestamp that indicates when the security-findings provider captured the potential security issue that a finding captured.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#criticalityArray<Types::NumberFilter>

The level of importance assigned to the resources associated with the finding. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#descriptionArray<Types::StringFilter>

A finding's description.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#first_observed_atArray<Types::DateFilter>

An ISO8601-formatted timestamp that indicates when the security-findings provider first observed the potential security issue that a finding captured.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#generator_idArray<Types::StringFilter>

The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. In various security-findings providers' solutions, this generator can be called a rule, a check, a detector, a plug-in, etc.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#idArray<Types::StringFilter>

The security findings provider-specific identifier for a finding.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#keywordArray<Types::KeywordFilter>

A keyword for a finding.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#last_observed_atArray<Types::DateFilter>

An ISO8601-formatted timestamp that indicates when the security-findings provider most recently observed the potential security issue that a finding captured.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#malware_nameArray<Types::StringFilter>

The name of the malware that was observed.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#malware_pathArray<Types::StringFilter>

The filesystem path of the malware that was observed.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#malware_stateArray<Types::StringFilter>

The state of the malware that was observed.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#malware_typeArray<Types::StringFilter>

The type of the malware that was observed.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#network_destination_domainArray<Types::StringFilter>

The destination domain of network-related information about a finding.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#network_destination_ip_v4Array<Types::IpFilter>

The destination IPv4 address of network-related information about a finding.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#network_destination_ip_v6Array<Types::IpFilter>

The destination IPv6 address of network-related information about a finding.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#network_destination_portArray<Types::NumberFilter>

The destination port of network-related information about a finding.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#network_directionArray<Types::StringFilter>

Indicates the direction of network traffic associated with a finding.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#network_protocolArray<Types::StringFilter>

The protocol of network-related information about a finding.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#network_source_domainArray<Types::StringFilter>

The source domain of network-related information about a finding.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#network_source_ip_v4Array<Types::IpFilter>

The source IPv4 address of network-related information about a finding.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#network_source_ip_v6Array<Types::IpFilter>

The source IPv6 address of network-related information about a finding.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#network_source_macArray<Types::StringFilter>

The source media access control (MAC) address of network-related information about a finding.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#network_source_portArray<Types::NumberFilter>

The source port of network-related information about a finding.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#note_textArray<Types::StringFilter>

The text of a note.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#note_updated_atArray<Types::DateFilter>

The timestamp of when the note was updated.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#note_updated_byArray<Types::StringFilter>

The principal that created a note.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#process_launched_atArray<Types::DateFilter>

The date/time that the process was launched.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#process_nameArray<Types::StringFilter>

The name of the process.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#process_parent_pidArray<Types::NumberFilter>

The parent process ID.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#process_pathArray<Types::StringFilter>

The path to the process executable.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#process_pidArray<Types::NumberFilter>

The process ID.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#process_terminated_atArray<Types::DateFilter>

The date/time that the process was terminated.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#product_arnArray<Types::StringFilter>

The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#product_fieldsArray<Types::MapFilter>

A data type where security-findings providers can include additional solution-specific details that aren't part of the defined AwsSecurityFinding format.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#product_nameArray<Types::StringFilter>

The name of the solution (product) that generates findings.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#recommendation_textArray<Types::StringFilter>

The recommendation of what to do about the issue described in a finding.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#record_stateArray<Types::StringFilter>

The updated record state for the finding.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

The solution-generated identifier for a related finding.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

The ARN of the solution that generated a related finding.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#resource_aws_ec2_instance_iam_instance_profile_arnArray<Types::StringFilter>

The IAM profile ARN of the instance.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#resource_aws_ec2_instance_image_idArray<Types::StringFilter>

The Amazon Machine Image (AMI) ID of the instance.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#resource_aws_ec2_instance_ip_v4_addressesArray<Types::IpFilter>

The IPv4 addresses associated with the instance.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#resource_aws_ec2_instance_ip_v6_addressesArray<Types::IpFilter>

The IPv6 addresses associated with the instance.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#resource_aws_ec2_instance_key_nameArray<Types::StringFilter>

The key name associated with the instance.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#resource_aws_ec2_instance_launched_atArray<Types::DateFilter>

The date/time the instance was launched.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#resource_aws_ec2_instance_subnet_idArray<Types::StringFilter>

The identifier of the subnet that the instance was launched in.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#resource_aws_ec2_instance_typeArray<Types::StringFilter>

The instance type of the instance.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#resource_aws_ec2_instance_vpc_idArray<Types::StringFilter>

The identifier of the VPC that the instance was launched in.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#resource_aws_iam_access_key_created_atArray<Types::DateFilter>

The creation date/time of the IAM access key related to a finding.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#resource_aws_iam_access_key_statusArray<Types::StringFilter>

The status of the IAM access key related to a finding.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#resource_aws_iam_access_key_user_nameArray<Types::StringFilter>

The user associated with the IAM access key related to a finding.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#resource_aws_s3_bucket_owner_idArray<Types::StringFilter>

The canonical user ID of the owner of the S3 bucket.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#resource_aws_s3_bucket_owner_nameArray<Types::StringFilter>

The display name of the owner of the S3 bucket.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#resource_container_image_idArray<Types::StringFilter>

The identifier of the image related to a finding.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#resource_container_image_nameArray<Types::StringFilter>

The name of the image related to a finding.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#resource_container_launched_atArray<Types::DateFilter>

The date/time that the container was started.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#resource_container_nameArray<Types::StringFilter>

The name of the container related to a finding.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#resource_details_otherArray<Types::MapFilter>

The details of a resource that doesn't have a specific subfield for the resource type defined.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#resource_idArray<Types::StringFilter>

The canonical identifier for the given resource type.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#resource_partitionArray<Types::StringFilter>

The canonical AWS partition name that the Region is assigned to.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#resource_regionArray<Types::StringFilter>

The canonical AWS external Region name where this resource is located.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#resource_tagsArray<Types::MapFilter>

A list of AWS tags associated with a resource at the time the finding was processed.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#resource_typeArray<Types::StringFilter>

Specifies the type of the resource that details are provided for.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#severity_labelArray<Types::StringFilter>

The label of a finding's severity.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#severity_normalizedArray<Types::NumberFilter>

The normalized severity of a finding.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#severity_productArray<Types::NumberFilter>

The native severity as defined by the security-findings provider's solution that generated the finding.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#source_urlArray<Types::StringFilter>

A URL that links to a page about the current finding in the security-findings provider's solution.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#threat_intel_indicator_categoryArray<Types::StringFilter>

The category of a threat intel indicator.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#threat_intel_indicator_last_observed_atArray<Types::DateFilter>

The date/time of the last observation of a threat intel indicator.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#threat_intel_indicator_sourceArray<Types::StringFilter>

The source of the threat intel.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#threat_intel_indicator_source_urlArray<Types::StringFilter>

The URL for more details from the source of the threat intel.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#threat_intel_indicator_typeArray<Types::StringFilter>

The type of a threat intel indicator.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#threat_intel_indicator_valueArray<Types::StringFilter>

The value of a threat intel indicator.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#titleArray<Types::StringFilter>

A finding's title.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#typeArray<Types::StringFilter>

A finding type in the format of namespace/category/classifier that classifies a finding.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#updated_atArray<Types::DateFilter>

An ISO8601-formatted timestamp that indicates when the security-findings provider last updated the finding record.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#user_defined_fieldsArray<Types::MapFilter>

A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#verification_stateArray<Types::StringFilter>

The veracity of a finding.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end

#workflow_stateArray<Types::StringFilter>

The workflow state of a finding.

Returns:



1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1506

class AwsSecurityFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :severity_product,
  :severity_normalized,
  :severity_label,
  :confidence,
  :criticality,
  :title,
  :description,
  :recommendation_text,
  :source_url,
  :product_fields,
  :product_name,
  :company_name,
  :user_defined_fields,
  :malware_name,
  :malware_type,
  :malware_path,
  :malware_state,
  :network_direction,
  :network_protocol,
  :network_source_ip_v4,
  :network_source_ip_v6,
  :network_source_port,
  :network_source_domain,
  :network_source_mac,
  :network_destination_ip_v4,
  :network_destination_ip_v6,
  :network_destination_port,
  :network_destination_domain,
  :process_name,
  :process_path,
  :process_pid,
  :process_parent_pid,
  :process_launched_at,
  :process_terminated_at,
  :threat_intel_indicator_type,
  :threat_intel_indicator_value,
  :threat_intel_indicator_category,
  :threat_intel_indicator_last_observed_at,
  :threat_intel_indicator_source,
  :threat_intel_indicator_source_url,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_aws_ec2_instance_type,
  :resource_aws_ec2_instance_image_id,
  :resource_aws_ec2_instance_ip_v4_addresses,
  :resource_aws_ec2_instance_ip_v6_addresses,
  :resource_aws_ec2_instance_key_name,
  :resource_aws_ec2_instance_iam_instance_profile_arn,
  :resource_aws_ec2_instance_vpc_id,
  :resource_aws_ec2_instance_subnet_id,
  :resource_aws_ec2_instance_launched_at,
  :resource_aws_s3_bucket_owner_id,
  :resource_aws_s3_bucket_owner_name,
  :resource_aws_iam_access_key_user_name,
  :resource_aws_iam_access_key_status,
  :resource_aws_iam_access_key_created_at,
  :resource_container_name,
  :resource_container_image_id,
  :resource_container_image_name,
  :resource_container_launched_at,
  :resource_details_other,
  :compliance_status,
  :verification_state,
  :workflow_state,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :keyword)
  include Aws::Structure
end