Class: Aws::GuardDuty::Types::CreateFilterRequest

Inherits:

Struct

Object
Struct
Aws::GuardDuty::Types::CreateFilterRequest

show all

Includes:: Structure

Defined in:: lib/aws-sdk-guardduty/types.rb

Overview

Constant Summary collapse

SENSITIVE =

[]

Instance Attribute Summary collapse

#action ⇒ String

Specifies the action that is to be applied to the findings that match the filter.
#client_token ⇒ String

The idempotency token for the create request.
#description ⇒ String

The description of the filter.
#detector_id ⇒ String

The ID of the detector belonging to the GuardDuty account that you want to create a filter for.
#finding_criteria ⇒ Types::FindingCriteria

Represents the criteria to be used in the filter for querying findings.
#name ⇒ String

The name of the filter.
#rank ⇒ Integer

Specifies the position of the filter in the list of current filters.
#tags ⇒ Hash<String,String>

The tags to be added to a new filter resource.

Instance Attribute Details

#action ⇒ `String`

Specifies the action that is to be applied to the findings that match the filter.

Returns:

(String)

# File 'lib/aws-sdk-guardduty/types.rb', line 875

class CreateFilterRequest < Struct.new(
  :detector_id,
  :name,
  :description,
  :action,
  :rank,
  :finding_criteria,
  :client_token,
  :tags)
  SENSITIVE = []
  include Aws::Structure
end

#client_token ⇒ `String`

The idempotency token for the create request.

**A suitable default value is auto-generated.** You should normally not need to pass this option.

Returns:

(String)

# File 'lib/aws-sdk-guardduty/types.rb', line 875

class CreateFilterRequest < Struct.new(
  :detector_id,
  :name,
  :description,
  :action,
  :rank,
  :finding_criteria,
  :client_token,
  :tags)
  SENSITIVE = []
  include Aws::Structure
end

#description ⇒ `String`

The description of the filter. Valid characters include alphanumeric characters, and special characters such as hyphen, period, colon, underscore, parentheses (‘{ }`, `[ ]`, and `( )`), forward slash, horizontal tab, vertical tab, newline, form feed, return, and whitespace.

Returns:

(String)

# File 'lib/aws-sdk-guardduty/types.rb', line 875

class CreateFilterRequest < Struct.new(
  :detector_id,
  :name,
  :description,
  :action,
  :rank,
  :finding_criteria,
  :client_token,
  :tags)
  SENSITIVE = []
  include Aws::Structure
end

#detector_id ⇒ `String`

The ID of the detector belonging to the GuardDuty account that you want to create a filter for.

Returns:

(String)

# File 'lib/aws-sdk-guardduty/types.rb', line 875

class CreateFilterRequest < Struct.new(
  :detector_id,
  :name,
  :description,
  :action,
  :rank,
  :finding_criteria,
  :client_token,
  :tags)
  SENSITIVE = []
  include Aws::Structure
end

#finding_criteria ⇒ `Types::FindingCriteria`

Represents the criteria to be used in the filter for querying findings.

You can only use the following attributes to query findings:

accountId
region
id
resource.accessKeyDetails.accessKeyId
resource.accessKeyDetails.principalId
resource.accessKeyDetails.userName
resource.accessKeyDetails.userType
resource.instanceDetails.iamInstanceProfile.id
resource.instanceDetails.imageId
resource.instanceDetails.instanceId
resource.instanceDetails.outpostArn
resource.instanceDetails.networkInterfaces.ipv6Addresses
resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress
resource.instanceDetails.networkInterfaces.publicDnsName
resource.instanceDetails.networkInterfaces.publicIp
resource.instanceDetails.networkInterfaces.securityGroups.groupId
resource.instanceDetails.networkInterfaces.securityGroups.groupName
resource.instanceDetails.networkInterfaces.subnetId
resource.instanceDetails.networkInterfaces.vpcId
resource.instanceDetails.tags.key
resource.instanceDetails.tags.value
resource.resourceType
service.action.actionType
service.action.awsApiCallAction.api
service.action.awsApiCallAction.callerType
service.action.awsApiCallAction.errorCode
service.action.awsApiCallAction.userAgent
service.action.awsApiCallAction.remoteIpDetails.city.cityName
service.action.awsApiCallAction.remoteIpDetails.country.countryName
service.action.awsApiCallAction.remoteIpDetails.ipAddressV4
service.action.awsApiCallAction.remoteIpDetails.organization.asn
service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg
service.action.awsApiCallAction.serviceName
service.action.dnsRequestAction.domain
service.action.networkConnectionAction.blocked
service.action.networkConnectionAction.connectionDirection
service.action.networkConnectionAction.localPortDetails.port
service.action.networkConnectionAction.protocol
service.action.networkConnectionAction.localIpDetails.ipAddressV4
service.action.networkConnectionAction.remoteIpDetails.city.cityName
service.action.networkConnectionAction.remoteIpDetails.country.countryName
service.action.networkConnectionAction.remoteIpDetails.ipAddressV4
service.action.networkConnectionAction.remoteIpDetails.organization.asn
service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg
service.action.networkConnectionAction.remotePortDetails.port
service.additionalInfo.threatListName
resource.s3BucketDetails.publicAccess.effectivePermissions
resource.s3BucketDetails.name
resource.s3BucketDetails.tags.key
resource.s3BucketDetails.tags.value
resource.s3BucketDetails.type
service.resourceRole
severity
type
updatedAt

Type: ISO 8601 string format: YYYY-MM-DDTHH:MM:SS.SSSZ or YYYY-MM-DDTHH:MM:SSZ depending on whether the value contains milliseconds.

Returns:

(Types::FindingCriteria)

# File 'lib/aws-sdk-guardduty/types.rb', line 875

class CreateFilterRequest < Struct.new(
  :detector_id,
  :name,
  :description,
  :action,
  :rank,
  :finding_criteria,
  :client_token,
  :tags)
  SENSITIVE = []
  include Aws::Structure
end

#name ⇒ `String`

The name of the filter. Valid characters include period (.), underscore (_), dash (-), and alphanumeric characters. A whitespace is considered to be an invalid character.

Returns:

(String)

# File 'lib/aws-sdk-guardduty/types.rb', line 875

class CreateFilterRequest < Struct.new(
  :detector_id,
  :name,
  :description,
  :action,
  :rank,
  :finding_criteria,
  :client_token,
  :tags)
  SENSITIVE = []
  include Aws::Structure
end

#rank ⇒ `Integer`

Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings.

Returns:

(Integer)

# File 'lib/aws-sdk-guardduty/types.rb', line 875

class CreateFilterRequest < Struct.new(
  :detector_id,
  :name,
  :description,
  :action,
  :rank,
  :finding_criteria,
  :client_token,
  :tags)
  SENSITIVE = []
  include Aws::Structure
end

#tags ⇒ `Hash<String,String>`

The tags to be added to a new filter resource.

Returns:

(Hash<String,String>)

# File 'lib/aws-sdk-guardduty/types.rb', line 875

class CreateFilterRequest < Struct.new(
  :detector_id,
  :name,
  :description,
  :action,
  :rank,
  :finding_criteria,
  :client_token,
  :tags)
  SENSITIVE = []
  include Aws::Structure
end

Class: Aws::GuardDuty::Types::CreateFilterRequest

Overview

Constant Summary collapse

Instance Attribute Summary collapse

Instance Attribute Details

#action ⇒ String

#client_token ⇒ String

#description ⇒ String

#detector_id ⇒ String

#finding_criteria ⇒ Types::FindingCriteria

#name ⇒ String

#rank ⇒ Integer

#tags ⇒ Hash<String,String>

#action ⇒ `String`

#client_token ⇒ `String`

#description ⇒ `String`

#detector_id ⇒ `String`

#finding_criteria ⇒ `Types::FindingCriteria`

#name ⇒ `String`

#rank ⇒ `Integer`

#tags ⇒ `Hash<String,String>`