You are viewing documentation for version 2 of the AWS SDK for Ruby. Version 3 documentation can be found here.
Class: Aws::SecurityHub::Types::CreateInsightRequest
- Inherits:
-
Struct
- Object
- Struct
- Aws::SecurityHub::Types::CreateInsightRequest
- Defined in:
- (unknown)
Overview
Note:
When passing CreateInsightRequest as input to an Aws::Client method, you can use a vanilla Hash:
{
name: "NonEmptyString", # required
filters: { # required
product_arn: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
aws_account_id: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
id: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
generator_id: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
type: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
first_observed_at: [
{
start: "NonEmptyString",
end: "NonEmptyString",
date_range: {
value: 1,
unit: "DAYS", # accepts DAYS
},
},
],
last_observed_at: [
{
start: "NonEmptyString",
end: "NonEmptyString",
date_range: {
value: 1,
unit: "DAYS", # accepts DAYS
},
},
],
created_at: [
{
start: "NonEmptyString",
end: "NonEmptyString",
date_range: {
value: 1,
unit: "DAYS", # accepts DAYS
},
},
],
updated_at: [
{
start: "NonEmptyString",
end: "NonEmptyString",
date_range: {
value: 1,
unit: "DAYS", # accepts DAYS
},
},
],
severity_product: [
{
gte: 1.0,
lte: 1.0,
eq: 1.0,
},
],
severity_normalized: [
{
gte: 1.0,
lte: 1.0,
eq: 1.0,
},
],
severity_label: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
confidence: [
{
gte: 1.0,
lte: 1.0,
eq: 1.0,
},
],
criticality: [
{
gte: 1.0,
lte: 1.0,
eq: 1.0,
},
],
title: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
description: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
recommendation_text: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
source_url: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
product_fields: [
{
key: "NonEmptyString",
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, NOT_EQUALS
},
],
product_name: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
company_name: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
user_defined_fields: [
{
key: "NonEmptyString",
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, NOT_EQUALS
},
],
malware_name: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
malware_type: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
malware_path: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
malware_state: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
network_direction: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
network_protocol: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
network_source_ip_v4: [
{
cidr: "NonEmptyString",
},
],
network_source_ip_v6: [
{
cidr: "NonEmptyString",
},
],
network_source_port: [
{
gte: 1.0,
lte: 1.0,
eq: 1.0,
},
],
network_source_domain: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
network_source_mac: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
network_destination_ip_v4: [
{
cidr: "NonEmptyString",
},
],
network_destination_ip_v6: [
{
cidr: "NonEmptyString",
},
],
network_destination_port: [
{
gte: 1.0,
lte: 1.0,
eq: 1.0,
},
],
network_destination_domain: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
process_name: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
process_path: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
process_pid: [
{
gte: 1.0,
lte: 1.0,
eq: 1.0,
},
],
process_parent_pid: [
{
gte: 1.0,
lte: 1.0,
eq: 1.0,
},
],
process_launched_at: [
{
start: "NonEmptyString",
end: "NonEmptyString",
date_range: {
value: 1,
unit: "DAYS", # accepts DAYS
},
},
],
process_terminated_at: [
{
start: "NonEmptyString",
end: "NonEmptyString",
date_range: {
value: 1,
unit: "DAYS", # accepts DAYS
},
},
],
threat_intel_indicator_type: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
threat_intel_indicator_value: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
threat_intel_indicator_category: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
threat_intel_indicator_last_observed_at: [
{
start: "NonEmptyString",
end: "NonEmptyString",
date_range: {
value: 1,
unit: "DAYS", # accepts DAYS
},
},
],
threat_intel_indicator_source: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
threat_intel_indicator_source_url: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_type: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_id: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_partition: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_region: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_tags: [
{
key: "NonEmptyString",
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, NOT_EQUALS
},
],
resource_aws_ec2_instance_type: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_aws_ec2_instance_image_id: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_aws_ec2_instance_ip_v4_addresses: [
{
cidr: "NonEmptyString",
},
],
resource_aws_ec2_instance_ip_v6_addresses: [
{
cidr: "NonEmptyString",
},
],
resource_aws_ec2_instance_key_name: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_aws_ec2_instance_iam_instance_profile_arn: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_aws_ec2_instance_vpc_id: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_aws_ec2_instance_subnet_id: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_aws_ec2_instance_launched_at: [
{
start: "NonEmptyString",
end: "NonEmptyString",
date_range: {
value: 1,
unit: "DAYS", # accepts DAYS
},
},
],
resource_aws_s3_bucket_owner_id: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_aws_s3_bucket_owner_name: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_aws_iam_access_key_user_name: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_aws_iam_access_key_status: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_aws_iam_access_key_created_at: [
{
start: "NonEmptyString",
end: "NonEmptyString",
date_range: {
value: 1,
unit: "DAYS", # accepts DAYS
},
},
],
resource_container_name: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_container_image_id: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_container_image_name: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
resource_container_launched_at: [
{
start: "NonEmptyString",
end: "NonEmptyString",
date_range: {
value: 1,
unit: "DAYS", # accepts DAYS
},
},
],
resource_details_other: [
{
key: "NonEmptyString",
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, NOT_EQUALS
},
],
compliance_status: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
verification_state: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
workflow_state: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
workflow_status: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
record_state: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
related_findings_product_arn: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
related_findings_id: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
note_text: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
note_updated_at: [
{
start: "NonEmptyString",
end: "NonEmptyString",
date_range: {
value: 1,
unit: "DAYS", # accepts DAYS
},
},
],
note_updated_by: [
{
value: "NonEmptyString",
comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
},
],
keyword: [
{
value: "NonEmptyString",
},
],
},
group_by_attribute: "NonEmptyString", # required
}
Instance Attribute Summary collapse
-
#filters ⇒ Types::AwsSecurityFindingFilters
One or more attributes used to filter the findings included in the insight.
-
#group_by_attribute ⇒ String
The attribute used to group the findings for the insight.
-
#name ⇒ String
The name of the custom insight to create.
Instance Attribute Details
#filters ⇒ Types::AwsSecurityFindingFilters
One or more attributes used to filter the findings included in the insight. The insight only includes findings that match the criteria defined in the filters.
#group_by_attribute ⇒ String
The attribute used to group the findings for the insight. The grouping attribute identifies the type of item that the insight applies to. For example, if an insight is grouped by resource identifier, then the insight produces a list of resource identifiers.
#name ⇒ String
The name of the custom insight to create.