DescribeMalwareScans - Amazon GuardDuty

DescribeMalwareScans

Returns a list of malware scans. Each member account can view the malware scans for their own accounts. An administrator can view the malware scans for all the member accounts.

There might be regional differences because some data sources might not be available in all the AWS Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.

Request Syntax

POST /detector/detectorId/malware-scans HTTP/1.1 Content-type: application/json { "filterCriteria": { "filterCriterion": [ { "criterionKey": "string", "filterCondition": { "equalsValue": "string", "greaterThan": number, "lessThan": number } } ] }, "maxResults": number, "nextToken": "string", "sortCriteria": { "attributeName": "string", "orderBy": "string" } }

URI Request Parameters

The request uses the following URI parameters.

detectorId

The unique ID of the detector that the request is associated with.

To find the detectorId in the current Region, see the Settings page in the GuardDuty console, or run the ListDetectors API.

Length Constraints: Minimum length of 1. Maximum length of 300.

Required: Yes

Request Body

The request accepts the following data in JSON format.

filterCriteria

Represents the criteria to be used in the filter for describing scan entries.

Type: FilterCriteria object

Required: No

maxResults

You can use this parameter to indicate the maximum number of items that you want in the response. The default value is 50. The maximum value is 50.

Type: Integer

Valid Range: Minimum value of 1. Maximum value of 50.

Required: No

nextToken

You can use this parameter when paginating results. Set the value of this parameter to null on your first call to the list action. For subsequent calls to the action, fill nextToken in the request with the value of NextToken from the previous response to continue listing data.

Type: String

Required: No

sortCriteria

Represents the criteria used for sorting scan entries. The attributeName is required and it must be scanStartTime.

Type: SortCriteria object

Required: No

Response Syntax

HTTP/1.1 200 Content-type: application/json { "nextToken": "string", "scans": [ { "accountId": "string", "adminDetectorId": "string", "attachedVolumes": [ { "deviceName": "string", "encryptionType": "string", "kmsKeyArn": "string", "snapshotArn": "string", "volumeArn": "string", "volumeSizeInGB": number, "volumeType": "string" } ], "detectorId": "string", "failureReason": "string", "fileCount": number, "resourceDetails": { "instanceArn": "string" }, "scanEndTime": number, "scanId": "string", "scanResultDetails": { "scanResult": "string" }, "scanStartTime": number, "scanStatus": "string", "scanType": "string", "totalBytes": number, "triggerDetails": { "description": "string", "guardDutyFindingId": "string" } } ] }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

nextToken

The pagination parameter to be used on the next list operation to retrieve more items.

Type: String

scans

Contains information about malware scans.

Type: Array of Scan objects

Errors

For information about the errors that are common to all actions, see Common Errors.

BadRequestException

A bad request exception object.

HTTP Status Code: 400

InternalServerErrorException

An internal server error exception object.

HTTP Status Code: 500

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: