/AWS1/CL_GDYSERVICE¶
Contains additional information about the generated finding.
CONSTRUCTOR¶
IMPORTING¶
Optional arguments:¶
io_action TYPE REF TO /AWS1/CL_GDYACTION /AWS1/CL_GDYACTION¶
Information about the activity that is described in a finding.
io_evidence TYPE REF TO /AWS1/CL_GDYEVIDENCE /AWS1/CL_GDYEVIDENCE¶
An evidence object associated with the service.
iv_archived TYPE /AWS1/GDYBOOLEAN /AWS1/GDYBOOLEAN¶
Indicates whether this finding is archived.
iv_count TYPE /AWS1/GDYINTEGER /AWS1/GDYINTEGER¶
The total count of the occurrences of this finding type.
iv_detectorid TYPE /AWS1/GDYDETECTORID /AWS1/GDYDETECTORID¶
The detector ID for the GuardDuty service.
iv_eventfirstseen TYPE /AWS1/GDYSTRING /AWS1/GDYSTRING¶
The first-seen timestamp of the activity that prompted GuardDuty to generate this finding.
iv_eventlastseen TYPE /AWS1/GDYSTRING /AWS1/GDYSTRING¶
The last-seen timestamp of the activity that prompted GuardDuty to generate this finding.
iv_resourcerole TYPE /AWS1/GDYSTRING /AWS1/GDYSTRING¶
The resource role information for this finding.
iv_servicename TYPE /AWS1/GDYSTRING /AWS1/GDYSTRING¶
The name of the Amazon Web Services service (GuardDuty) that generated a finding.
iv_userfeedback TYPE /AWS1/GDYSTRING /AWS1/GDYSTRING¶
Feedback that was submitted about the finding.
io_additionalinfo TYPE REF TO /AWS1/CL_GDYSERVICEADDLINFO /AWS1/CL_GDYSERVICEADDLINFO¶
Contains additional information about the generated finding.
iv_featurename TYPE /AWS1/GDYSTRING /AWS1/GDYSTRING¶
The name of the feature that generated a finding.
io_ebsvolumescandetails TYPE REF TO /AWS1/CL_GDYEBSVOLUMESCANDETS /AWS1/CL_GDYEBSVOLUMESCANDETS¶
Returns details from the malware scan that created a finding.
io_runtimedetails TYPE REF TO /AWS1/CL_GDYRUNTIMEDETAILS /AWS1/CL_GDYRUNTIMEDETAILS¶
Information about the process and any required context values for a specific finding
io_detection TYPE REF TO /AWS1/CL_GDYDETECTION /AWS1/CL_GDYDETECTION¶
Contains information about the detected unusual behavior.
io_malwarescandetails TYPE REF TO /AWS1/CL_GDYMALWARESCANDETAILS /AWS1/CL_GDYMALWARESCANDETAILS¶
Returns details from the malware scan that generated a GuardDuty finding.
Queryable Attributes¶
Action¶
Information about the activity that is described in a finding.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_ACTION() |
Getter for ACTION |
Evidence¶
An evidence object associated with the service.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_EVIDENCE() |
Getter for EVIDENCE |
Archived¶
Indicates whether this finding is archived.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_ARCHIVED() |
Getter for ARCHIVED, with configurable default |
ASK_ARCHIVED() |
Getter for ARCHIVED w/ exceptions if field has no value |
HAS_ARCHIVED() |
Determine if ARCHIVED has a value |
Count¶
The total count of the occurrences of this finding type.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_COUNT() |
Getter for COUNT, with configurable default |
ASK_COUNT() |
Getter for COUNT w/ exceptions if field has no value |
HAS_COUNT() |
Determine if COUNT has a value |
DetectorId¶
The detector ID for the GuardDuty service.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_DETECTORID() |
Getter for DETECTORID, with configurable default |
ASK_DETECTORID() |
Getter for DETECTORID w/ exceptions if field has no value |
HAS_DETECTORID() |
Determine if DETECTORID has a value |
EventFirstSeen¶
The first-seen timestamp of the activity that prompted GuardDuty to generate this finding.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_EVENTFIRSTSEEN() |
Getter for EVENTFIRSTSEEN, with configurable default |
ASK_EVENTFIRSTSEEN() |
Getter for EVENTFIRSTSEEN w/ exceptions if field has no valu |
HAS_EVENTFIRSTSEEN() |
Determine if EVENTFIRSTSEEN has a value |
EventLastSeen¶
The last-seen timestamp of the activity that prompted GuardDuty to generate this finding.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_EVENTLASTSEEN() |
Getter for EVENTLASTSEEN, with configurable default |
ASK_EVENTLASTSEEN() |
Getter for EVENTLASTSEEN w/ exceptions if field has no value |
HAS_EVENTLASTSEEN() |
Determine if EVENTLASTSEEN has a value |
ResourceRole¶
The resource role information for this finding.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_RESOURCEROLE() |
Getter for RESOURCEROLE, with configurable default |
ASK_RESOURCEROLE() |
Getter for RESOURCEROLE w/ exceptions if field has no value |
HAS_RESOURCEROLE() |
Determine if RESOURCEROLE has a value |
ServiceName¶
The name of the Amazon Web Services service (GuardDuty) that generated a finding.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_SERVICENAME() |
Getter for SERVICENAME, with configurable default |
ASK_SERVICENAME() |
Getter for SERVICENAME w/ exceptions if field has no value |
HAS_SERVICENAME() |
Determine if SERVICENAME has a value |
UserFeedback¶
Feedback that was submitted about the finding.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_USERFEEDBACK() |
Getter for USERFEEDBACK, with configurable default |
ASK_USERFEEDBACK() |
Getter for USERFEEDBACK w/ exceptions if field has no value |
HAS_USERFEEDBACK() |
Determine if USERFEEDBACK has a value |
AdditionalInfo¶
Contains additional information about the generated finding.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_ADDITIONALINFO() |
Getter for ADDITIONALINFO |
FeatureName¶
The name of the feature that generated a finding.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_FEATURENAME() |
Getter for FEATURENAME, with configurable default |
ASK_FEATURENAME() |
Getter for FEATURENAME w/ exceptions if field has no value |
HAS_FEATURENAME() |
Determine if FEATURENAME has a value |
EbsVolumeScanDetails¶
Returns details from the malware scan that created a finding.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_EBSVOLUMESCANDETAILS() |
Getter for EBSVOLUMESCANDETAILS |
RuntimeDetails¶
Information about the process and any required context values for a specific finding
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_RUNTIMEDETAILS() |
Getter for RUNTIMEDETAILS |
Detection¶
Contains information about the detected unusual behavior.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_DETECTION() |
Getter for DETECTION |
MalwareScanDetails¶
Returns details from the malware scan that generated a GuardDuty finding.
Accessible with the following methods¶
| Method | Description |
|---|---|
GET_MALWARESCANDETAILS() |
Getter for MALWARESCANDETAILS |