class Aws::GuardDuty::Types::ListFindingsRequest
@note When making an API call, you may pass ListFindingsRequest
data as a hash: { detector_id: "DetectorId", # required finding_criteria: { criterion: { "String" => { eq: ["String"], neq: ["String"], gt: 1, gte: 1, lt: 1, lte: 1, equals: ["String"], not_equals: ["String"], greater_than: 1, greater_than_or_equal: 1, less_than: 1, less_than_or_equal: 1, }, }, }, sort_criteria: { attribute_name: "String", order_by: "ASC", # accepts ASC, DESC }, max_results: 1, next_token: "String", }
@!attribute [rw] detector_id
The ID of the detector that specifies the GuardDuty service whose findings you want to list. @return [String]
@!attribute [rw] finding_criteria
Represents the criteria used for querying findings. Valid values include: * JSON field name * accountId * region * confidence * id * resource.accessKeyDetails.accessKeyId * resource.accessKeyDetails.principalId * resource.accessKeyDetails.userName * resource.accessKeyDetails.userType * resource.instanceDetails.iamInstanceProfile.id * resource.instanceDetails.imageId * resource.instanceDetails.instanceId * resource.instanceDetails.networkInterfaces.ipv6Addresses * resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress * resource.instanceDetails.networkInterfaces.publicDnsName * resource.instanceDetails.networkInterfaces.publicIp * resource.instanceDetails.networkInterfaces.securityGroups.groupId * resource.instanceDetails.networkInterfaces.securityGroups.groupName * resource.instanceDetails.networkInterfaces.subnetId * resource.instanceDetails.networkInterfaces.vpcId * resource.instanceDetails.tags.key * resource.instanceDetails.tags.value * resource.resourceType * service.action.actionType * service.action.awsApiCallAction.api * service.action.awsApiCallAction.callerType * service.action.awsApiCallAction.remoteIpDetails.city.cityName * service.action.awsApiCallAction.remoteIpDetails.country.countryName * service.action.awsApiCallAction.remoteIpDetails.ipAddressV4 * service.action.awsApiCallAction.remoteIpDetails.organization.asn * service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg * service.action.awsApiCallAction.serviceName * service.action.dnsRequestAction.domain * service.action.networkConnectionAction.blocked * service.action.networkConnectionAction.connectionDirection * service.action.networkConnectionAction.localPortDetails.port * service.action.networkConnectionAction.protocol * service.action.networkConnectionAction.remoteIpDetails.city.cityName * service.action.networkConnectionAction.remoteIpDetails.country.countryName * service.action.networkConnectionAction.remoteIpDetails.ipAddressV4 * service.action.networkConnectionAction.remoteIpDetails.organization.asn * service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg * service.action.networkConnectionAction.remotePortDetails.port * service.additionalInfo.threatListName * service.archived When this attribute is set to 'true', only archived findings are listed. When it's set to 'false', only unarchived findings are listed. When this attribute is not set, all existing findings are listed. * service.resourceRole * severity * type * updatedAt Type: Timestamp in Unix Epoch millisecond format: 1486685375000 @return [Types::FindingCriteria]
@!attribute [rw] sort_criteria
Represents the criteria used for sorting findings. @return [Types::SortCriteria]
@!attribute [rw] max_results
You can use this parameter to indicate the maximum number of items you want in the response. The default value is 50. The maximum value is 50. @return [Integer]
@!attribute [rw] next_token
You can use this parameter when paginating results. Set the value of this parameter to null on your first call to the list action. For subsequent calls to the action, fill nextToken in the request with the value of NextToken from the previous response to continue listing data. @return [String]
@see docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28/ListFindingsRequest AWS API Documentation
Constants
- SENSITIVE