Docs
Packages
aws.securityhub.Insight
Explore with Pulumi AI
Provides a Security Hub custom insight resource. See the Managing custom insights section of the AWS User Guide for more information.
Example Usage
Filter by AWS account ID
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var exampleAccount = new Aws.SecurityHub.Account("exampleAccount");
var exampleInsight = new Aws.SecurityHub.Insight("exampleInsight", new()
{
Filters = new Aws.SecurityHub.Inputs.InsightFiltersArgs
{
AwsAccountIds = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersAwsAccountIdArgs
{
Comparison = "EQUALS",
Value = "1234567890",
},
new Aws.SecurityHub.Inputs.InsightFiltersAwsAccountIdArgs
{
Comparison = "EQUALS",
Value = "09876543210",
},
},
},
GroupByAttribute = "AwsAccountId",
}, new CustomResourceOptions
{
DependsOn = new[]
{
exampleAccount,
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/securityhub"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
exampleAccount, err := securityhub.NewAccount(ctx, "exampleAccount", nil)
if err != nil {
return err
}
_, err = securityhub.NewInsight(ctx, "exampleInsight", &securityhub.InsightArgs{
Filters: &securityhub.InsightFiltersArgs{
AwsAccountIds: securityhub.InsightFiltersAwsAccountIdArray{
&securityhub.InsightFiltersAwsAccountIdArgs{
Comparison: pulumi.String("EQUALS"),
Value: pulumi.String("1234567890"),
},
&securityhub.InsightFiltersAwsAccountIdArgs{
Comparison: pulumi.String("EQUALS"),
Value: pulumi.String("09876543210"),
},
},
},
GroupByAttribute: pulumi.String("AwsAccountId"),
}, pulumi.DependsOn([]pulumi.Resource{
exampleAccount,
}))
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.securityhub.Account;
import com.pulumi.aws.securityhub.Insight;
import com.pulumi.aws.securityhub.InsightArgs;
import com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var exampleAccount = new Account("exampleAccount");
var exampleInsight = new Insight("exampleInsight", InsightArgs.builder()
.filters(InsightFiltersArgs.builder()
.awsAccountIds(
InsightFiltersAwsAccountIdArgs.builder()
.comparison("EQUALS")
.value("1234567890")
.build(),
InsightFiltersAwsAccountIdArgs.builder()
.comparison("EQUALS")
.value("09876543210")
.build())
.build())
.groupByAttribute("AwsAccountId")
.build(), CustomResourceOptions.builder()
.dependsOn(exampleAccount)
.build());
}
}
import pulumi
import pulumi_aws as aws
example_account = aws.securityhub.Account("exampleAccount")
example_insight = aws.securityhub.Insight("exampleInsight",
filters=aws.securityhub.InsightFiltersArgs(
aws_account_ids=[
aws.securityhub.InsightFiltersAwsAccountIdArgs(
comparison="EQUALS",
value="1234567890",
),
aws.securityhub.InsightFiltersAwsAccountIdArgs(
comparison="EQUALS",
value="09876543210",
),
],
),
group_by_attribute="AwsAccountId",
opts=pulumi.ResourceOptions(depends_on=[example_account]))
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const exampleAccount = new aws.securityhub.Account("exampleAccount", {});
const exampleInsight = new aws.securityhub.Insight("exampleInsight", {
filters: {
awsAccountIds: [
{
comparison: "EQUALS",
value: "1234567890",
},
{
comparison: "EQUALS",
value: "09876543210",
},
],
},
groupByAttribute: "AwsAccountId",
}, {
dependsOn: [exampleAccount],
});
resources:
exampleAccount:
type: aws:securityhub:Account
exampleInsight:
type: aws:securityhub:Insight
properties:
filters:
awsAccountIds:
- comparison: EQUALS
value: '1234567890'
- comparison: EQUALS
value: '09876543210'
groupByAttribute: AwsAccountId
options:
dependson:
- ${exampleAccount}
Filter by date range
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var exampleAccount = new Aws.SecurityHub.Account("exampleAccount");
var exampleInsight = new Aws.SecurityHub.Insight("exampleInsight", new()
{
Filters = new Aws.SecurityHub.Inputs.InsightFiltersArgs
{
CreatedAts = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersCreatedAtArgs
{
DateRange = new Aws.SecurityHub.Inputs.InsightFiltersCreatedAtDateRangeArgs
{
Unit = "DAYS",
Value = 5,
},
},
},
},
GroupByAttribute = "CreatedAt",
}, new CustomResourceOptions
{
DependsOn = new[]
{
exampleAccount,
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/securityhub"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
exampleAccount, err := securityhub.NewAccount(ctx, "exampleAccount", nil)
if err != nil {
return err
}
_, err = securityhub.NewInsight(ctx, "exampleInsight", &securityhub.InsightArgs{
Filters: &securityhub.InsightFiltersArgs{
CreatedAts: securityhub.InsightFiltersCreatedAtArray{
&securityhub.InsightFiltersCreatedAtArgs{
DateRange: &securityhub.InsightFiltersCreatedAtDateRangeArgs{
Unit: pulumi.String("DAYS"),
Value: pulumi.Int(5),
},
},
},
},
GroupByAttribute: pulumi.String("CreatedAt"),
}, pulumi.DependsOn([]pulumi.Resource{
exampleAccount,
}))
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.securityhub.Account;
import com.pulumi.aws.securityhub.Insight;
import com.pulumi.aws.securityhub.InsightArgs;
import com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var exampleAccount = new Account("exampleAccount");
var exampleInsight = new Insight("exampleInsight", InsightArgs.builder()
.filters(InsightFiltersArgs.builder()
.createdAts(InsightFiltersCreatedAtArgs.builder()
.dateRange(InsightFiltersCreatedAtDateRangeArgs.builder()
.unit("DAYS")
.value(5)
.build())
.build())
.build())
.groupByAttribute("CreatedAt")
.build(), CustomResourceOptions.builder()
.dependsOn(exampleAccount)
.build());
}
}
import pulumi
import pulumi_aws as aws
example_account = aws.securityhub.Account("exampleAccount")
example_insight = aws.securityhub.Insight("exampleInsight",
filters=aws.securityhub.InsightFiltersArgs(
created_ats=[aws.securityhub.InsightFiltersCreatedAtArgs(
date_range=aws.securityhub.InsightFiltersCreatedAtDateRangeArgs(
unit="DAYS",
value=5,
),
)],
),
group_by_attribute="CreatedAt",
opts=pulumi.ResourceOptions(depends_on=[example_account]))
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const exampleAccount = new aws.securityhub.Account("exampleAccount", {});
const exampleInsight = new aws.securityhub.Insight("exampleInsight", {
filters: {
createdAts: [{
dateRange: {
unit: "DAYS",
value: 5,
},
}],
},
groupByAttribute: "CreatedAt",
}, {
dependsOn: [exampleAccount],
});
resources:
exampleAccount:
type: aws:securityhub:Account
exampleInsight:
type: aws:securityhub:Insight
properties:
filters:
createdAts:
- dateRange:
unit: DAYS
value: 5
groupByAttribute: CreatedAt
options:
dependson:
- ${exampleAccount}
Filter by destination IPv4 address
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var exampleAccount = new Aws.SecurityHub.Account("exampleAccount");
var exampleInsight = new Aws.SecurityHub.Insight("exampleInsight", new()
{
Filters = new Aws.SecurityHub.Inputs.InsightFiltersArgs
{
NetworkDestinationIpv4s = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersNetworkDestinationIpv4Args
{
Cidr = "10.0.0.0/16",
},
},
},
GroupByAttribute = "NetworkDestinationIpV4",
}, new CustomResourceOptions
{
DependsOn = new[]
{
exampleAccount,
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/securityhub"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
exampleAccount, err := securityhub.NewAccount(ctx, "exampleAccount", nil)
if err != nil {
return err
}
_, err = securityhub.NewInsight(ctx, "exampleInsight", &securityhub.InsightArgs{
Filters: &securityhub.InsightFiltersArgs{
NetworkDestinationIpv4s: securityhub.InsightFiltersNetworkDestinationIpv4Array{
&securityhub.InsightFiltersNetworkDestinationIpv4Args{
Cidr: pulumi.String("10.0.0.0/16"),
},
},
},
GroupByAttribute: pulumi.String("NetworkDestinationIpV4"),
}, pulumi.DependsOn([]pulumi.Resource{
exampleAccount,
}))
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.securityhub.Account;
import com.pulumi.aws.securityhub.Insight;
import com.pulumi.aws.securityhub.InsightArgs;
import com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var exampleAccount = new Account("exampleAccount");
var exampleInsight = new Insight("exampleInsight", InsightArgs.builder()
.filters(InsightFiltersArgs.builder()
.networkDestinationIpv4s(InsightFiltersNetworkDestinationIpv4Args.builder()
.cidr("10.0.0.0/16")
.build())
.build())
.groupByAttribute("NetworkDestinationIpV4")
.build(), CustomResourceOptions.builder()
.dependsOn(exampleAccount)
.build());
}
}
import pulumi
import pulumi_aws as aws
example_account = aws.securityhub.Account("exampleAccount")
example_insight = aws.securityhub.Insight("exampleInsight",
filters=aws.securityhub.InsightFiltersArgs(
network_destination_ipv4s=[aws.securityhub.InsightFiltersNetworkDestinationIpv4Args(
cidr="10.0.0.0/16",
)],
),
group_by_attribute="NetworkDestinationIpV4",
opts=pulumi.ResourceOptions(depends_on=[example_account]))
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const exampleAccount = new aws.securityhub.Account("exampleAccount", {});
const exampleInsight = new aws.securityhub.Insight("exampleInsight", {
filters: {
networkDestinationIpv4s: [{
cidr: "10.0.0.0/16",
}],
},
groupByAttribute: "NetworkDestinationIpV4",
}, {
dependsOn: [exampleAccount],
});
resources:
exampleAccount:
type: aws:securityhub:Account
exampleInsight:
type: aws:securityhub:Insight
properties:
filters:
networkDestinationIpv4s:
- cidr: 10.0.0.0/16
groupByAttribute: NetworkDestinationIpV4
options:
dependson:
- ${exampleAccount}
Filter by finding's confidence
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var exampleAccount = new Aws.SecurityHub.Account("exampleAccount");
var exampleInsight = new Aws.SecurityHub.Insight("exampleInsight", new()
{
Filters = new Aws.SecurityHub.Inputs.InsightFiltersArgs
{
Confidences = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersConfidenceArgs
{
Gte = "80",
},
},
},
GroupByAttribute = "Confidence",
}, new CustomResourceOptions
{
DependsOn = new[]
{
exampleAccount,
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/securityhub"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
exampleAccount, err := securityhub.NewAccount(ctx, "exampleAccount", nil)
if err != nil {
return err
}
_, err = securityhub.NewInsight(ctx, "exampleInsight", &securityhub.InsightArgs{
Filters: &securityhub.InsightFiltersArgs{
Confidences: securityhub.InsightFiltersConfidenceArray{
&securityhub.InsightFiltersConfidenceArgs{
Gte: pulumi.String("80"),
},
},
},
GroupByAttribute: pulumi.String("Confidence"),
}, pulumi.DependsOn([]pulumi.Resource{
exampleAccount,
}))
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.securityhub.Account;
import com.pulumi.aws.securityhub.Insight;
import com.pulumi.aws.securityhub.InsightArgs;
import com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var exampleAccount = new Account("exampleAccount");
var exampleInsight = new Insight("exampleInsight", InsightArgs.builder()
.filters(InsightFiltersArgs.builder()
.confidences(InsightFiltersConfidenceArgs.builder()
.gte("80")
.build())
.build())
.groupByAttribute("Confidence")
.build(), CustomResourceOptions.builder()
.dependsOn(exampleAccount)
.build());
}
}
import pulumi
import pulumi_aws as aws
example_account = aws.securityhub.Account("exampleAccount")
example_insight = aws.securityhub.Insight("exampleInsight",
filters=aws.securityhub.InsightFiltersArgs(
confidences=[aws.securityhub.InsightFiltersConfidenceArgs(
gte="80",
)],
),
group_by_attribute="Confidence",
opts=pulumi.ResourceOptions(depends_on=[example_account]))
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const exampleAccount = new aws.securityhub.Account("exampleAccount", {});
const exampleInsight = new aws.securityhub.Insight("exampleInsight", {
filters: {
confidences: [{
gte: "80",
}],
},
groupByAttribute: "Confidence",
}, {
dependsOn: [exampleAccount],
});
resources:
exampleAccount:
type: aws:securityhub:Account
exampleInsight:
type: aws:securityhub:Insight
properties:
filters:
confidences:
- gte: '80'
groupByAttribute: Confidence
options:
dependson:
- ${exampleAccount}
Filter by resource tags
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var exampleAccount = new Aws.SecurityHub.Account("exampleAccount");
var exampleInsight = new Aws.SecurityHub.Insight("exampleInsight", new()
{
Filters = new Aws.SecurityHub.Inputs.InsightFiltersArgs
{
ResourceTags = new[]
{
new Aws.SecurityHub.Inputs.InsightFiltersResourceTagArgs
{
Comparison = "EQUALS",
Key = "Environment",
Value = "Production",
},
},
},
GroupByAttribute = "ResourceTags",
}, new CustomResourceOptions
{
DependsOn = new[]
{
exampleAccount,
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/securityhub"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
exampleAccount, err := securityhub.NewAccount(ctx, "exampleAccount", nil)
if err != nil {
return err
}
_, err = securityhub.NewInsight(ctx, "exampleInsight", &securityhub.InsightArgs{
Filters: &securityhub.InsightFiltersArgs{
ResourceTags: securityhub.InsightFiltersResourceTagArray{
&securityhub.InsightFiltersResourceTagArgs{
Comparison: pulumi.String("EQUALS"),
Key: pulumi.String("Environment"),
Value: pulumi.String("Production"),
},
},
},
GroupByAttribute: pulumi.String("ResourceTags"),
}, pulumi.DependsOn([]pulumi.Resource{
exampleAccount,
}))
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.securityhub.Account;
import com.pulumi.aws.securityhub.Insight;
import com.pulumi.aws.securityhub.InsightArgs;
import com.pulumi.aws.securityhub.inputs.InsightFiltersArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var exampleAccount = new Account("exampleAccount");
var exampleInsight = new Insight("exampleInsight", InsightArgs.builder()
.filters(InsightFiltersArgs.builder()
.resourceTags(InsightFiltersResourceTagArgs.builder()
.comparison("EQUALS")
.key("Environment")
.value("Production")
.build())
.build())
.groupByAttribute("ResourceTags")
.build(), CustomResourceOptions.builder()
.dependsOn(exampleAccount)
.build());
}
}
import pulumi
import pulumi_aws as aws
example_account = aws.securityhub.Account("exampleAccount")
example_insight = aws.securityhub.Insight("exampleInsight",
filters=aws.securityhub.InsightFiltersArgs(
resource_tags=[aws.securityhub.InsightFiltersResourceTagArgs(
comparison="EQUALS",
key="Environment",
value="Production",
)],
),
group_by_attribute="ResourceTags",
opts=pulumi.ResourceOptions(depends_on=[example_account]))
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const exampleAccount = new aws.securityhub.Account("exampleAccount", {});
const exampleInsight = new aws.securityhub.Insight("exampleInsight", {
filters: {
resourceTags: [{
comparison: "EQUALS",
key: "Environment",
value: "Production",
}],
},
groupByAttribute: "ResourceTags",
}, {
dependsOn: [exampleAccount],
});
resources:
exampleAccount:
type: aws:securityhub:Account
exampleInsight:
type: aws:securityhub:Insight
properties:
filters:
resourceTags:
- comparison: EQUALS
key: Environment
value: Production
groupByAttribute: ResourceTags
options:
dependson:
- ${exampleAccount}
Create Insight Resource
new Insight(name: string, args: InsightArgs, opts?: CustomResourceOptions);@overload
def Insight(resource_name: str,
opts: Optional[ResourceOptions] = None,
filters: Optional[InsightFiltersArgs] = None,
group_by_attribute: Optional[str] = None,
name: Optional[str] = None)
@overload
def Insight(resource_name: str,
args: InsightArgs,
opts: Optional[ResourceOptions] = None)func NewInsight(ctx *Context, name string, args InsightArgs, opts ...ResourceOption) (*Insight, error)public Insight(string name, InsightArgs args, CustomResourceOptions? opts = null)
public Insight(String name, InsightArgs args)
public Insight(String name, InsightArgs args, CustomResourceOptions options)
type: aws:securityhub:Insight
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args InsightArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args InsightArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args InsightArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args InsightArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args InsightArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Insight Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Insight resource accepts the following input properties:
- Filters
Insight
Filters Args A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
- Group
By stringAttribute The attribute used to group the findings for the insight e.g., if an insight is grouped by
ResourceId, then the insight produces a list of resource identifiers.- Name string
The name of the custom insight.
- Filters
Insight
Filters Args A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
- Group
By stringAttribute The attribute used to group the findings for the insight e.g., if an insight is grouped by
ResourceId, then the insight produces a list of resource identifiers.- Name string
The name of the custom insight.
- filters
Insight
Filters Args A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
- group
By StringAttribute The attribute used to group the findings for the insight e.g., if an insight is grouped by
ResourceId, then the insight produces a list of resource identifiers.- name String
The name of the custom insight.
- filters
Insight
Filters Args A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
- group
By stringAttribute The attribute used to group the findings for the insight e.g., if an insight is grouped by
ResourceId, then the insight produces a list of resource identifiers.- name string
The name of the custom insight.
- filters
Insight
Filters Args A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
- group_
by_ strattribute The attribute used to group the findings for the insight e.g., if an insight is grouped by
ResourceId, then the insight produces a list of resource identifiers.- name str
The name of the custom insight.
- filters Property Map
A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
- group
By StringAttribute The attribute used to group the findings for the insight e.g., if an insight is grouped by
ResourceId, then the insight produces a list of resource identifiers.- name String
The name of the custom insight.
Outputs
All input properties are implicitly available as output properties. Additionally, the Insight resource produces the following output properties:
Look up Existing Insight Resource
Get an existing Insight resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: InsightState, opts?: CustomResourceOptions): Insight@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
arn: Optional[str] = None,
filters: Optional[InsightFiltersArgs] = None,
group_by_attribute: Optional[str] = None,
name: Optional[str] = None) -> Insightfunc GetInsight(ctx *Context, name string, id IDInput, state *InsightState, opts ...ResourceOption) (*Insight, error)public static Insight Get(string name, Input<string> id, InsightState? state, CustomResourceOptions? opts = null)public static Insight get(String name, Output<String> id, InsightState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Arn string
ARN of the insight.
- Filters
Insight
Filters Args A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
- Group
By stringAttribute The attribute used to group the findings for the insight e.g., if an insight is grouped by
ResourceId, then the insight produces a list of resource identifiers.- Name string
The name of the custom insight.
- Arn string
ARN of the insight.
- Filters
Insight
Filters Args A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
- Group
By stringAttribute The attribute used to group the findings for the insight e.g., if an insight is grouped by
ResourceId, then the insight produces a list of resource identifiers.- Name string
The name of the custom insight.
- arn String
ARN of the insight.
- filters
Insight
Filters Args A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
- group
By StringAttribute The attribute used to group the findings for the insight e.g., if an insight is grouped by
ResourceId, then the insight produces a list of resource identifiers.- name String
The name of the custom insight.
- arn string
ARN of the insight.
- filters
Insight
Filters Args A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
- group
By stringAttribute The attribute used to group the findings for the insight e.g., if an insight is grouped by
ResourceId, then the insight produces a list of resource identifiers.- name string
The name of the custom insight.
- arn str
ARN of the insight.
- filters
Insight
Filters Args A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
- group_
by_ strattribute The attribute used to group the findings for the insight e.g., if an insight is grouped by
ResourceId, then the insight produces a list of resource identifiers.- name str
The name of the custom insight.
- arn String
ARN of the insight.
- filters Property Map
A configuration block including one or more (up to 10 distinct) attributes used to filter the findings included in the insight. The insight only includes findings that match criteria defined in the filters. See filters below for more details.
- group
By StringAttribute The attribute used to group the findings for the insight e.g., if an insight is grouped by
ResourceId, then the insight produces a list of resource identifiers.- name String
The name of the custom insight.
Supporting Types
InsightFilters
- Aws
Account List<InsightIds Filters Aws Account Id> AWS account ID that a finding is generated in. See String_Filter below for more details.
- Company
Names List<InsightFilters Company Name> The name of the findings provider (company) that owns the solution (product) that generates findings. See String_Filter below for more details.
- Compliance
Statuses List<InsightFilters Compliance Status> Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard, such as CIS AWS Foundations. Contains security standard-related finding details. See String Filter below for more details.
- Confidences
List<Insight
Filters Confidence> A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
- Created
Ats List<InsightFilters Created At> An ISO8601-formatted timestamp that indicates when the security-findings provider captured the potential security issue that a finding captured. See Date Filter below for more details.
- Criticalities
List<Insight
Filters Criticality> The level of importance assigned to the resources associated with the finding. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
- Descriptions
List<Insight
Filters Description> A finding's description. See String Filter below for more details.
- Finding
Provider List<InsightFields Confidences Filters Finding Provider Fields Confidence> The finding provider value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
- Finding
Provider List<InsightFields Criticalities Filters Finding Provider Fields Criticality> The finding provider value for the level of importance assigned to the resources associated with the findings. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
-
List<Insight
Filters Finding Provider Fields Related Findings Id> The finding identifier of a related finding that is identified by the finding provider. See String Filter below for more details.
-
List<Insight
Filters Finding Provider Fields Related Findings Product Arn> The ARN of the solution that generated a related finding that is identified by the finding provider. See String Filter below for more details.
- Finding
Provider List<InsightFields Severity Labels Filters Finding Provider Fields Severity Label> The finding provider value for the severity label. See String Filter below for more details.
- Finding
Provider List<InsightFields Severity Originals Filters Finding Provider Fields Severity Original> The finding provider's original value for the severity. See String Filter below for more details.
- Finding
Provider List<InsightFields Types Filters Finding Provider Fields Type> One or more finding types that the finding provider assigned to the finding. Uses the format of
namespace/category/classifierthat classify a finding. Valid namespace values include:Software and Configuration Checks,TTPs,Effects,Unusual Behaviors, andSensitive Data Identifications. See String Filter below for more details.- First
Observed List<InsightAts Filters First Observed At> An ISO8601-formatted timestamp that indicates when the security-findings provider first observed the potential security issue that a finding captured. See Date Filter below for more details.
- Generator
Ids List<InsightFilters Generator Id> The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. See String Filter below for more details.
- Ids
List<Insight
Filters Id> The security findings provider-specific identifier for a finding. See String Filter below for more details.
- Keywords
List<Insight
Filters Keyword> A keyword for a finding. See Keyword Filter below for more details.
- Last
Observed List<InsightAts Filters Last Observed At> An ISO8601-formatted timestamp that indicates when the security-findings provider most recently observed the potential security issue that a finding captured. See Date Filter below for more details.
- Malware
Names List<InsightFilters Malware Name> The name of the malware that was observed. See String Filter below for more details.
- Malware
Paths List<InsightFilters Malware Path> The filesystem path of the malware that was observed. See String Filter below for more details.
- Malware
States List<InsightFilters Malware State> The state of the malware that was observed. See String Filter below for more details.
- Malware
Types List<InsightFilters Malware Type> The type of the malware that was observed. See String Filter below for more details.
- Network
Destination List<InsightDomains Filters Network Destination Domain> The destination domain of network-related information about a finding. See String Filter below for more details.
- Network
Destination List<InsightIpv4s Filters Network Destination Ipv4> The destination IPv4 address of network-related information about a finding. See Ip Filter below for more details.
- Network
Destination List<InsightIpv6s Filters Network Destination Ipv6> The destination IPv6 address of network-related information about a finding. See Ip Filter below for more details.
- Network
Destination List<InsightPorts Filters Network Destination Port> The destination port of network-related information about a finding. See Number Filter below for more details.
- Network
Directions List<InsightFilters Network Direction> Indicates the direction of network traffic associated with a finding. See String Filter below for more details.
- Network
Protocols List<InsightFilters Network Protocol> The protocol of network-related information about a finding. See String Filter below for more details.
- Network
Source List<InsightDomains Filters Network Source Domain> The source domain of network-related information about a finding. See String Filter below for more details.
- Network
Source List<InsightIpv4s Filters Network Source Ipv4> The source IPv4 address of network-related information about a finding. See Ip Filter below for more details.
- Network
Source List<InsightIpv6s Filters Network Source Ipv6> The source IPv6 address of network-related information about a finding. See Ip Filter below for more details.
- Network
Source List<InsightMacs Filters Network Source Mac> The source media access control (MAC) address of network-related information about a finding. See String Filter below for more details.
- Network
Source List<InsightPorts Filters Network Source Port> The source port of network-related information about a finding. See Number Filter below for more details.
- Note
Texts List<InsightFilters Note Text> The text of a note. See String Filter below for more details.
- Note
Updated List<InsightAts Filters Note Updated At> The timestamp of when the note was updated. See Date Filter below for more details.
- Note
Updated List<InsightBies Filters Note Updated By> The principal that created a note. See String Filter below for more details.
- Process
Launched List<InsightAts Filters Process Launched At> The date/time that the process was launched. See Date Filter below for more details.
- Process
Names List<InsightFilters Process Name> The name of the process. See String Filter below for more details.
- Process
Parent List<InsightPids Filters Process Parent Pid> The parent process ID. See Number Filter below for more details.
- Process
Paths List<InsightFilters Process Path> The path to the process executable. See String Filter below for more details.
- Process
Pids List<InsightFilters Process Pid> The process ID. See Number Filter below for more details.
- Process
Terminated List<InsightAts Filters Process Terminated At> The date/time that the process was terminated. See Date Filter below for more details.
- Product
Arns List<InsightFilters Product Arn> The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub. See String Filter below for more details.
- Product
Fields List<InsightFilters Product Field> A data type where security-findings providers can include additional solution-specific details that aren't part of the defined
AwsSecurityFindingformat. See Map Filter below for more details.- Product
Names List<InsightFilters Product Name> The name of the solution (product) that generates findings. See String Filter below for more details.
- Recommendation
Texts List<InsightFilters Recommendation Text> The recommendation of what to do about the issue described in a finding. See String Filter below for more details.
- Record
States List<InsightFilters Record State> The updated record state for the finding. See String Filter below for more details.
-
List<Insight
Filters Related Findings Id> The solution-generated identifier for a related finding. See String Filter below for more details.
-
List<Insight
Filters Related Findings Product Arn> The ARN of the solution that generated a related finding. See String Filter below for more details.
- Resource
Aws List<InsightEc2Instance Iam Instance Profile Arns Filters Resource Aws Ec2Instance Iam Instance Profile Arn> The IAM profile ARN of the instance. See String Filter below for more details.
- Resource
Aws List<InsightEc2Instance Image Ids Filters Resource Aws Ec2Instance Image Id> The Amazon Machine Image (AMI) ID of the instance. See String Filter below for more details.
- Resource
Aws List<InsightEc2Instance Ipv4Addresses Filters Resource Aws Ec2Instance Ipv4Address> The IPv4 addresses associated with the instance. See Ip Filter below for more details.
- Resource
Aws List<InsightEc2Instance Ipv6Addresses Filters Resource Aws Ec2Instance Ipv6Address> The IPv6 addresses associated with the instance. See Ip Filter below for more details.
- Resource
Aws List<InsightEc2Instance Key Names Filters Resource Aws Ec2Instance Key Name> The key name associated with the instance. See String Filter below for more details.
- Resource
Aws List<InsightEc2Instance Launched Ats Filters Resource Aws Ec2Instance Launched At> The date and time the instance was launched. See Date Filter below for more details.
- Resource
Aws List<InsightEc2Instance Subnet Ids Filters Resource Aws Ec2Instance Subnet Id> The identifier of the subnet that the instance was launched in. See String Filter below for more details.
- Resource
Aws List<InsightEc2Instance Types Filters Resource Aws Ec2Instance Type> The instance type of the instance. See String Filter below for more details.
- Resource
Aws List<InsightEc2Instance Vpc Ids Filters Resource Aws Ec2Instance Vpc Id> The identifier of the VPC that the instance was launched in. See String Filter below for more details.
- Resource
Aws List<InsightIam Access Key Created Ats Filters Resource Aws Iam Access Key Created At> The creation date/time of the IAM access key related to a finding. See Date Filter below for more details.
- Resource
Aws List<InsightIam Access Key Statuses Filters Resource Aws Iam Access Key Status> The status of the IAM access key related to a finding. See String Filter below for more details.
- Resource
Aws List<InsightIam Access Key User Names Filters Resource Aws Iam Access Key User Name> The user associated with the IAM access key related to a finding. See String Filter below for more details.
- Resource
Aws List<InsightS3Bucket Owner Ids Filters Resource Aws S3Bucket Owner Id> The canonical user ID of the owner of the S3 bucket. See String Filter below for more details.
- Resource
Aws List<InsightS3Bucket Owner Names Filters Resource Aws S3Bucket Owner Name> The display name of the owner of the S3 bucket. See String Filter below for more details.
- Resource
Container List<InsightImage Ids Filters Resource Container Image Id> The identifier of the image related to a finding. See String Filter below for more details.
- Resource
Container List<InsightImage Names Filters Resource Container Image Name> The name of the image related to a finding. See String Filter below for more details.
- Resource
Container List<InsightLaunched Ats Filters Resource Container Launched At> The date/time that the container was started. See Date Filter below for more details.
- Resource
Container List<InsightNames Filters Resource Container Name> The name of the container related to a finding. See String Filter below for more details.
- Resource
Details List<InsightOthers Filters Resource Details Other> The details of a resource that doesn't have a specific subfield for the resource type defined. See Map Filter below for more details.
- Resource
Ids List<InsightFilters Resource Id> The canonical identifier for the given resource type. See String Filter below for more details.
- Resource
Partitions List<InsightFilters Resource Partition> The canonical AWS partition name that the Region is assigned to. See String Filter below for more details.
- Resource
Regions List<InsightFilters Resource Region> The canonical AWS external Region name where this resource is located. See String Filter below for more details.
-
List<Insight
Filters Resource Tag> A list of AWS tags associated with a resource at the time the finding was processed. See Map Filter below for more details.
- Resource
Types List<InsightFilters Resource Type> Specifies the type of the resource that details are provided for. See String Filter below for more details.
- Severity
Labels List<InsightFilters Severity Label> The label of a finding's severity. See String Filter below for more details.
- Source
Urls List<InsightFilters Source Url> A URL that links to a page about the current finding in the security-findings provider's solution. See String Filter below for more details.
- Threat
Intel List<InsightIndicator Categories Filters Threat Intel Indicator Category> The category of a threat intelligence indicator. See String Filter below for more details.
- Threat
Intel List<InsightIndicator Last Observed Ats Filters Threat Intel Indicator Last Observed At> The date/time of the last observation of a threat intelligence indicator. See Date Filter below for more details.
- Threat
Intel List<InsightIndicator Source Urls Filters Threat Intel Indicator Source Url> The URL for more details from the source of the threat intelligence. See String Filter below for more details.
- Threat
Intel List<InsightIndicator Sources Filters Threat Intel Indicator Source> The source of the threat intelligence. See String Filter below for more details.
- Threat
Intel List<InsightIndicator Types Filters Threat Intel Indicator Type> The type of a threat intelligence indicator. See String Filter below for more details.
- Threat
Intel List<InsightIndicator Values Filters Threat Intel Indicator Value> The value of a threat intelligence indicator. See String Filter below for more details.
- Titles
List<Insight
Filters Title> A finding's title. See String Filter below for more details.
- Types
List<Insight
Filters Type> A finding type in the format of
namespace/category/classifierthat classifies a finding. See String Filter below for more details.- Updated
Ats List<InsightFilters Updated At> An ISO8601-formatted timestamp that indicates when the security-findings provider last updated the finding record. See Date Filter below for more details.
- User
Defined List<InsightValues Filters User Defined Value> A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding. See Map Filter below for more details.
- Verification
States List<InsightFilters Verification State> The veracity of a finding. See String Filter below for more details.
- Workflow
Statuses List<InsightFilters Workflow Status> The status of the investigation into a finding. See Workflow Status Filter below for more details.
- Aws
Account []InsightIds Filters Aws Account Id AWS account ID that a finding is generated in. See String_Filter below for more details.
- Company
Names []InsightFilters Company Name The name of the findings provider (company) that owns the solution (product) that generates findings. See String_Filter below for more details.
- Compliance
Statuses []InsightFilters Compliance Status Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard, such as CIS AWS Foundations. Contains security standard-related finding details. See String Filter below for more details.
- Confidences
[]Insight
Filters Confidence A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
- Created
Ats []InsightFilters Created At An ISO8601-formatted timestamp that indicates when the security-findings provider captured the potential security issue that a finding captured. See Date Filter below for more details.
- Criticalities
[]Insight
Filters Criticality The level of importance assigned to the resources associated with the finding. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
- Descriptions
[]Insight
Filters Description A finding's description. See String Filter below for more details.
- Finding
Provider []InsightFields Confidences Filters Finding Provider Fields Confidence The finding provider value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
- Finding
Provider []InsightFields Criticalities Filters Finding Provider Fields Criticality The finding provider value for the level of importance assigned to the resources associated with the findings. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
-
[]Insight
Filters Finding Provider Fields Related Findings Id The finding identifier of a related finding that is identified by the finding provider. See String Filter below for more details.
-
[]Insight
Filters Finding Provider Fields Related Findings Product Arn The ARN of the solution that generated a related finding that is identified by the finding provider. See String Filter below for more details.
- Finding
Provider []InsightFields Severity Labels Filters Finding Provider Fields Severity Label The finding provider value for the severity label. See String Filter below for more details.
- Finding
Provider []InsightFields Severity Originals Filters Finding Provider Fields Severity Original The finding provider's original value for the severity. See String Filter below for more details.
- Finding
Provider []InsightFields Types Filters Finding Provider Fields Type One or more finding types that the finding provider assigned to the finding. Uses the format of
namespace/category/classifierthat classify a finding. Valid namespace values include:Software and Configuration Checks,TTPs,Effects,Unusual Behaviors, andSensitive Data Identifications. See String Filter below for more details.- First
Observed []InsightAts Filters First Observed At An ISO8601-formatted timestamp that indicates when the security-findings provider first observed the potential security issue that a finding captured. See Date Filter below for more details.
- Generator
Ids []InsightFilters Generator Id The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. See String Filter below for more details.
- Ids
[]Insight
Filters Id The security findings provider-specific identifier for a finding. See String Filter below for more details.
- Keywords
[]Insight
Filters Keyword A keyword for a finding. See Keyword Filter below for more details.
- Last
Observed []InsightAts Filters Last Observed At An ISO8601-formatted timestamp that indicates when the security-findings provider most recently observed the potential security issue that a finding captured. See Date Filter below for more details.
- Malware
Names []InsightFilters Malware Name The name of the malware that was observed. See String Filter below for more details.
- Malware
Paths []InsightFilters Malware Path The filesystem path of the malware that was observed. See String Filter below for more details.
- Malware
States []InsightFilters Malware State The state of the malware that was observed. See String Filter below for more details.
- Malware
Types []InsightFilters Malware Type The type of the malware that was observed. See String Filter below for more details.
- Network
Destination []InsightDomains Filters Network Destination Domain The destination domain of network-related information about a finding. See String Filter below for more details.
- Network
Destination []InsightIpv4s Filters Network Destination Ipv4 The destination IPv4 address of network-related information about a finding. See Ip Filter below for more details.
- Network
Destination []InsightIpv6s Filters Network Destination Ipv6 The destination IPv6 address of network-related information about a finding. See Ip Filter below for more details.
- Network
Destination []InsightPorts Filters Network Destination Port The destination port of network-related information about a finding. See Number Filter below for more details.
- Network
Directions []InsightFilters Network Direction Indicates the direction of network traffic associated with a finding. See String Filter below for more details.
- Network
Protocols []InsightFilters Network Protocol The protocol of network-related information about a finding. See String Filter below for more details.
- Network
Source []InsightDomains Filters Network Source Domain The source domain of network-related information about a finding. See String Filter below for more details.
- Network
Source []InsightIpv4s Filters Network Source Ipv4 The source IPv4 address of network-related information about a finding. See Ip Filter below for more details.
- Network
Source []InsightIpv6s Filters Network Source Ipv6 The source IPv6 address of network-related information about a finding. See Ip Filter below for more details.
- Network
Source []InsightMacs Filters Network Source Mac The source media access control (MAC) address of network-related information about a finding. See String Filter below for more details.
- Network
Source []InsightPorts Filters Network Source Port The source port of network-related information about a finding. See Number Filter below for more details.
- Note
Texts []InsightFilters Note Text The text of a note. See String Filter below for more details.
- Note
Updated []InsightAts Filters Note Updated At The timestamp of when the note was updated. See Date Filter below for more details.
- Note
Updated []InsightBies Filters Note Updated By The principal that created a note. See String Filter below for more details.
- Process
Launched []InsightAts Filters Process Launched At The date/time that the process was launched. See Date Filter below for more details.
- Process
Names []InsightFilters Process Name The name of the process. See String Filter below for more details.
- Process
Parent []InsightPids Filters Process Parent Pid The parent process ID. See Number Filter below for more details.
- Process
Paths []InsightFilters Process Path The path to the process executable. See String Filter below for more details.
- Process
Pids []InsightFilters Process Pid The process ID. See Number Filter below for more details.
- Process
Terminated []InsightAts Filters Process Terminated At The date/time that the process was terminated. See Date Filter below for more details.
- Product
Arns []InsightFilters Product Arn The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub. See String Filter below for more details.
- Product
Fields []InsightFilters Product Field A data type where security-findings providers can include additional solution-specific details that aren't part of the defined
AwsSecurityFindingformat. See Map Filter below for more details.- Product
Names []InsightFilters Product Name The name of the solution (product) that generates findings. See String Filter below for more details.
- Recommendation
Texts []InsightFilters Recommendation Text The recommendation of what to do about the issue described in a finding. See String Filter below for more details.
- Record
States []InsightFilters Record State The updated record state for the finding. See String Filter below for more details.
-
[]Insight
Filters Related Findings Id The solution-generated identifier for a related finding. See String Filter below for more details.
-
[]Insight
Filters Related Findings Product Arn The ARN of the solution that generated a related finding. See String Filter below for more details.
- Resource
Aws []InsightEc2Instance Iam Instance Profile Arns Filters Resource Aws Ec2Instance Iam Instance Profile Arn The IAM profile ARN of the instance. See String Filter below for more details.
- Resource
Aws []InsightEc2Instance Image Ids Filters Resource Aws Ec2Instance Image Id The Amazon Machine Image (AMI) ID of the instance. See String Filter below for more details.
- Resource
Aws []InsightEc2Instance Ipv4Addresses Filters Resource Aws Ec2Instance Ipv4Address The IPv4 addresses associated with the instance. See Ip Filter below for more details.
- Resource
Aws []InsightEc2Instance Ipv6Addresses Filters Resource Aws Ec2Instance Ipv6Address The IPv6 addresses associated with the instance. See Ip Filter below for more details.
- Resource
Aws []InsightEc2Instance Key Names Filters Resource Aws Ec2Instance Key Name The key name associated with the instance. See String Filter below for more details.
- Resource
Aws []InsightEc2Instance Launched Ats Filters Resource Aws Ec2Instance Launched At The date and time the instance was launched. See Date Filter below for more details.
- Resource
Aws []InsightEc2Instance Subnet Ids Filters Resource Aws Ec2Instance Subnet Id The identifier of the subnet that the instance was launched in. See String Filter below for more details.
- Resource
Aws []InsightEc2Instance Types Filters Resource Aws Ec2Instance Type The instance type of the instance. See String Filter below for more details.
- Resource
Aws []InsightEc2Instance Vpc Ids Filters Resource Aws Ec2Instance Vpc Id The identifier of the VPC that the instance was launched in. See String Filter below for more details.
- Resource
Aws []InsightIam Access Key Created Ats Filters Resource Aws Iam Access Key Created At The creation date/time of the IAM access key related to a finding. See Date Filter below for more details.
- Resource
Aws []InsightIam Access Key Statuses Filters Resource Aws Iam Access Key Status The status of the IAM access key related to a finding. See String Filter below for more details.
- Resource
Aws []InsightIam Access Key User Names Filters Resource Aws Iam Access Key User Name The user associated with the IAM access key related to a finding. See String Filter below for more details.
- Resource
Aws []InsightS3Bucket Owner Ids Filters Resource Aws S3Bucket Owner Id The canonical user ID of the owner of the S3 bucket. See String Filter below for more details.
- Resource
Aws []InsightS3Bucket Owner Names Filters Resource Aws S3Bucket Owner Name The display name of the owner of the S3 bucket. See String Filter below for more details.
- Resource
Container []InsightImage Ids Filters Resource Container Image Id The identifier of the image related to a finding. See String Filter below for more details.
- Resource
Container []InsightImage Names Filters Resource Container Image Name The name of the image related to a finding. See String Filter below for more details.
- Resource
Container []InsightLaunched Ats Filters Resource Container Launched At The date/time that the container was started. See Date Filter below for more details.
- Resource
Container []InsightNames Filters Resource Container Name The name of the container related to a finding. See String Filter below for more details.
- Resource
Details []InsightOthers Filters Resource Details Other The details of a resource that doesn't have a specific subfield for the resource type defined. See Map Filter below for more details.
- Resource
Ids []InsightFilters Resource Id The canonical identifier for the given resource type. See String Filter below for more details.
- Resource
Partitions []InsightFilters Resource Partition The canonical AWS partition name that the Region is assigned to. See String Filter below for more details.
- Resource
Regions []InsightFilters Resource Region The canonical AWS external Region name where this resource is located. See String Filter below for more details.
-
[]Insight
Filters Resource Tag A list of AWS tags associated with a resource at the time the finding was processed. See Map Filter below for more details.
- Resource
Types []InsightFilters Resource Type Specifies the type of the resource that details are provided for. See String Filter below for more details.
- Severity
Labels []InsightFilters Severity Label The label of a finding's severity. See String Filter below for more details.
- Source
Urls []InsightFilters Source Url A URL that links to a page about the current finding in the security-findings provider's solution. See String Filter below for more details.
- Threat
Intel []InsightIndicator Categories Filters Threat Intel Indicator Category The category of a threat intelligence indicator. See String Filter below for more details.
- Threat
Intel []InsightIndicator Last Observed Ats Filters Threat Intel Indicator Last Observed At The date/time of the last observation of a threat intelligence indicator. See Date Filter below for more details.
- Threat
Intel []InsightIndicator Source Urls Filters Threat Intel Indicator Source Url The URL for more details from the source of the threat intelligence. See String Filter below for more details.
- Threat
Intel []InsightIndicator Sources Filters Threat Intel Indicator Source The source of the threat intelligence. See String Filter below for more details.
- Threat
Intel []InsightIndicator Types Filters Threat Intel Indicator Type The type of a threat intelligence indicator. See String Filter below for more details.
- Threat
Intel []InsightIndicator Values Filters Threat Intel Indicator Value The value of a threat intelligence indicator. See String Filter below for more details.
- Titles
[]Insight
Filters Title A finding's title. See String Filter below for more details.
- Types
[]Insight
Filters Type A finding type in the format of
namespace/category/classifierthat classifies a finding. See String Filter below for more details.- Updated
Ats []InsightFilters Updated At An ISO8601-formatted timestamp that indicates when the security-findings provider last updated the finding record. See Date Filter below for more details.
- User
Defined []InsightValues Filters User Defined Value A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding. See Map Filter below for more details.
- Verification
States []InsightFilters Verification State The veracity of a finding. See String Filter below for more details.
- Workflow
Statuses []InsightFilters Workflow Status The status of the investigation into a finding. See Workflow Status Filter below for more details.
- aws
Account List<InsightIds Filters Aws Account Id> AWS account ID that a finding is generated in. See String_Filter below for more details.
- company
Names List<InsightFilters Company Name> The name of the findings provider (company) that owns the solution (product) that generates findings. See String_Filter below for more details.
- compliance
Statuses List<InsightFilters Compliance Status> Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard, such as CIS AWS Foundations. Contains security standard-related finding details. See String Filter below for more details.
- confidences
List<Insight
Filters Confidence> A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
- created
Ats List<InsightFilters Created At> An ISO8601-formatted timestamp that indicates when the security-findings provider captured the potential security issue that a finding captured. See Date Filter below for more details.
- criticalities
List<Insight
Filters Criticality> The level of importance assigned to the resources associated with the finding. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
- descriptions
List<Insight
Filters Description> A finding's description. See String Filter below for more details.
- finding
Provider List<InsightFields Confidences Filters Finding Provider Fields Confidence> The finding provider value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
- finding
Provider List<InsightFields Criticalities Filters Finding Provider Fields Criticality> The finding provider value for the level of importance assigned to the resources associated with the findings. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
-
List<Insight
Filters Finding Provider Fields Related Findings Id> The finding identifier of a related finding that is identified by the finding provider. See String Filter below for more details.
-
List<Insight
Filters Finding Provider Fields Related Findings Product Arn> The ARN of the solution that generated a related finding that is identified by the finding provider. See String Filter below for more details.
- finding
Provider List<InsightFields Severity Labels Filters Finding Provider Fields Severity Label> The finding provider value for the severity label. See String Filter below for more details.
- finding
Provider List<InsightFields Severity Originals Filters Finding Provider Fields Severity Original> The finding provider's original value for the severity. See String Filter below for more details.
- finding
Provider List<InsightFields Types Filters Finding Provider Fields Type> One or more finding types that the finding provider assigned to the finding. Uses the format of
namespace/category/classifierthat classify a finding. Valid namespace values include:Software and Configuration Checks,TTPs,Effects,Unusual Behaviors, andSensitive Data Identifications. See String Filter below for more details.- first
Observed List<InsightAts Filters First Observed At> An ISO8601-formatted timestamp that indicates when the security-findings provider first observed the potential security issue that a finding captured. See Date Filter below for more details.
- generator
Ids List<InsightFilters Generator Id> The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. See String Filter below for more details.
- ids
List<Insight
Filters Id> The security findings provider-specific identifier for a finding. See String Filter below for more details.
- keywords
List<Insight
Filters Keyword> A keyword for a finding. See Keyword Filter below for more details.
- last
Observed List<InsightAts Filters Last Observed At> An ISO8601-formatted timestamp that indicates when the security-findings provider most recently observed the potential security issue that a finding captured. See Date Filter below for more details.
- malware
Names List<InsightFilters Malware Name> The name of the malware that was observed. See String Filter below for more details.
- malware
Paths List<InsightFilters Malware Path> The filesystem path of the malware that was observed. See String Filter below for more details.
- malware
States List<InsightFilters Malware State> The state of the malware that was observed. See String Filter below for more details.
- malware
Types List<InsightFilters Malware Type> The type of the malware that was observed. See String Filter below for more details.
- network
Destination List<InsightDomains Filters Network Destination Domain> The destination domain of network-related information about a finding. See String Filter below for more details.
- network
Destination List<InsightIpv4s Filters Network Destination Ipv4> The destination IPv4 address of network-related information about a finding. See Ip Filter below for more details.
- network
Destination List<InsightIpv6s Filters Network Destination Ipv6> The destination IPv6 address of network-related information about a finding. See Ip Filter below for more details.
- network
Destination List<InsightPorts Filters Network Destination Port> The destination port of network-related information about a finding. See Number Filter below for more details.
- network
Directions List<InsightFilters Network Direction> Indicates the direction of network traffic associated with a finding. See String Filter below for more details.
- network
Protocols List<InsightFilters Network Protocol> The protocol of network-related information about a finding. See String Filter below for more details.
- network
Source List<InsightDomains Filters Network Source Domain> The source domain of network-related information about a finding. See String Filter below for more details.
- network
Source List<InsightIpv4s Filters Network Source Ipv4> The source IPv4 address of network-related information about a finding. See Ip Filter below for more details.
- network
Source List<InsightIpv6s Filters Network Source Ipv6> The source IPv6 address of network-related information about a finding. See Ip Filter below for more details.
- network
Source List<InsightMacs Filters Network Source Mac> The source media access control (MAC) address of network-related information about a finding. See String Filter below for more details.
- network
Source List<InsightPorts Filters Network Source Port> The source port of network-related information about a finding. See Number Filter below for more details.
- note
Texts List<InsightFilters Note Text> The text of a note. See String Filter below for more details.
- note
Updated List<InsightAts Filters Note Updated At> The timestamp of when the note was updated. See Date Filter below for more details.
- note
Updated List<InsightBies Filters Note Updated By> The principal that created a note. See String Filter below for more details.
- process
Launched List<InsightAts Filters Process Launched At> The date/time that the process was launched. See Date Filter below for more details.
- process
Names List<InsightFilters Process Name> The name of the process. See String Filter below for more details.
- process
Parent List<InsightPids Filters Process Parent Pid> The parent process ID. See Number Filter below for more details.
- process
Paths List<InsightFilters Process Path> The path to the process executable. See String Filter below for more details.
- process
Pids List<InsightFilters Process Pid> The process ID. See Number Filter below for more details.
- process
Terminated List<InsightAts Filters Process Terminated At> The date/time that the process was terminated. See Date Filter below for more details.
- product
Arns List<InsightFilters Product Arn> The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub. See String Filter below for more details.
- product
Fields List<InsightFilters Product Field> A data type where security-findings providers can include additional solution-specific details that aren't part of the defined
AwsSecurityFindingformat. See Map Filter below for more details.- product
Names List<InsightFilters Product Name> The name of the solution (product) that generates findings. See String Filter below for more details.
- recommendation
Texts List<InsightFilters Recommendation Text> The recommendation of what to do about the issue described in a finding. See String Filter below for more details.
- record
States List<InsightFilters Record State> The updated record state for the finding. See String Filter below for more details.
-
List<Insight
Filters Related Findings Id> The solution-generated identifier for a related finding. See String Filter below for more details.
-
List<Insight
Filters Related Findings Product Arn> The ARN of the solution that generated a related finding. See String Filter below for more details.
- resource
Aws List<InsightEc2Instance Iam Instance Profile Arns Filters Resource Aws Ec2Instance Iam Instance Profile Arn> The IAM profile ARN of the instance. See String Filter below for more details.
- resource
Aws List<InsightEc2Instance Image Ids Filters Resource Aws Ec2Instance Image Id> The Amazon Machine Image (AMI) ID of the instance. See String Filter below for more details.
- resource
Aws List<InsightEc2Instance Ipv4Addresses Filters Resource Aws Ec2Instance Ipv4Address> The IPv4 addresses associated with the instance. See Ip Filter below for more details.
- resource
Aws List<InsightEc2Instance Ipv6Addresses Filters Resource Aws Ec2Instance Ipv6Address> The IPv6 addresses associated with the instance. See Ip Filter below for more details.
- resource
Aws List<InsightEc2Instance Key Names Filters Resource Aws Ec2Instance Key Name> The key name associated with the instance. See String Filter below for more details.
- resource
Aws List<InsightEc2Instance Launched Ats Filters Resource Aws Ec2Instance Launched At> The date and time the instance was launched. See Date Filter below for more details.
- resource
Aws List<InsightEc2Instance Subnet Ids Filters Resource Aws Ec2Instance Subnet Id> The identifier of the subnet that the instance was launched in. See String Filter below for more details.
- resource
Aws List<InsightEc2Instance Types Filters Resource Aws Ec2Instance Type> The instance type of the instance. See String Filter below for more details.
- resource
Aws List<InsightEc2Instance Vpc Ids Filters Resource Aws Ec2Instance Vpc Id> The identifier of the VPC that the instance was launched in. See String Filter below for more details.
- resource
Aws List<InsightIam Access Key Created Ats Filters Resource Aws Iam Access Key Created At> The creation date/time of the IAM access key related to a finding. See Date Filter below for more details.
- resource
Aws List<InsightIam Access Key Statuses Filters Resource Aws Iam Access Key Status> The status of the IAM access key related to a finding. See String Filter below for more details.
- resource
Aws List<InsightIam Access Key User Names Filters Resource Aws Iam Access Key User Name> The user associated with the IAM access key related to a finding. See String Filter below for more details.
- resource
Aws List<InsightS3Bucket Owner Ids Filters Resource Aws S3Bucket Owner Id> The canonical user ID of the owner of the S3 bucket. See String Filter below for more details.
- resource
Aws List<InsightS3Bucket Owner Names Filters Resource Aws S3Bucket Owner Name> The display name of the owner of the S3 bucket. See String Filter below for more details.
- resource
Container List<InsightImage Ids Filters Resource Container Image Id> The identifier of the image related to a finding. See String Filter below for more details.
- resource
Container List<InsightImage Names Filters Resource Container Image Name> The name of the image related to a finding. See String Filter below for more details.
- resource
Container List<InsightLaunched Ats Filters Resource Container Launched At> The date/time that the container was started. See Date Filter below for more details.
- resource
Container List<InsightNames Filters Resource Container Name> The name of the container related to a finding. See String Filter below for more details.
- resource
Details List<InsightOthers Filters Resource Details Other> The details of a resource that doesn't have a specific subfield for the resource type defined. See Map Filter below for more details.
- resource
Ids List<InsightFilters Resource Id> The canonical identifier for the given resource type. See String Filter below for more details.
- resource
Partitions List<InsightFilters Resource Partition> The canonical AWS partition name that the Region is assigned to. See String Filter below for more details.
- resource
Regions List<InsightFilters Resource Region> The canonical AWS external Region name where this resource is located. See String Filter below for more details.
-
List<Insight
Filters Resource Tag> A list of AWS tags associated with a resource at the time the finding was processed. See Map Filter below for more details.
- resource
Types List<InsightFilters Resource Type> Specifies the type of the resource that details are provided for. See String Filter below for more details.
- severity
Labels List<InsightFilters Severity Label> The label of a finding's severity. See String Filter below for more details.
- source
Urls List<InsightFilters Source Url> A URL that links to a page about the current finding in the security-findings provider's solution. See String Filter below for more details.
- threat
Intel List<InsightIndicator Categories Filters Threat Intel Indicator Category> The category of a threat intelligence indicator. See String Filter below for more details.
- threat
Intel List<InsightIndicator Last Observed Ats Filters Threat Intel Indicator Last Observed At> The date/time of the last observation of a threat intelligence indicator. See Date Filter below for more details.
- threat
Intel List<InsightIndicator Source Urls Filters Threat Intel Indicator Source Url> The URL for more details from the source of the threat intelligence. See String Filter below for more details.
- threat
Intel List<InsightIndicator Sources Filters Threat Intel Indicator Source> The source of the threat intelligence. See String Filter below for more details.
- threat
Intel List<InsightIndicator Types Filters Threat Intel Indicator Type> The type of a threat intelligence indicator. See String Filter below for more details.
- threat
Intel List<InsightIndicator Values Filters Threat Intel Indicator Value> The value of a threat intelligence indicator. See String Filter below for more details.
- titles
List<Insight
Filters Title> A finding's title. See String Filter below for more details.
- types
List<Insight
Filters Type> A finding type in the format of
namespace/category/classifierthat classifies a finding. See String Filter below for more details.- updated
Ats List<InsightFilters Updated At> An ISO8601-formatted timestamp that indicates when the security-findings provider last updated the finding record. See Date Filter below for more details.
- user
Defined List<InsightValues Filters User Defined Value> A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding. See Map Filter below for more details.
- verification
States List<InsightFilters Verification State> The veracity of a finding. See String Filter below for more details.
- workflow
Statuses List<InsightFilters Workflow Status> The status of the investigation into a finding. See Workflow Status Filter below for more details.
- aws
Account InsightIds Filters Aws Account Id[] AWS account ID that a finding is generated in. See String_Filter below for more details.
- company
Names InsightFilters Company Name[] The name of the findings provider (company) that owns the solution (product) that generates findings. See String_Filter below for more details.
- compliance
Statuses InsightFilters Compliance Status[] Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard, such as CIS AWS Foundations. Contains security standard-related finding details. See String Filter below for more details.
- confidences
Insight
Filters Confidence[] A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
- created
Ats InsightFilters Created At[] An ISO8601-formatted timestamp that indicates when the security-findings provider captured the potential security issue that a finding captured. See Date Filter below for more details.
- criticalities
Insight
Filters Criticality[] The level of importance assigned to the resources associated with the finding. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
- descriptions
Insight
Filters Description[] A finding's description. See String Filter below for more details.
- finding
Provider InsightFields Confidences Filters Finding Provider Fields Confidence[] The finding provider value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
- finding
Provider InsightFields Criticalities Filters Finding Provider Fields Criticality[] The finding provider value for the level of importance assigned to the resources associated with the findings. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
-
Insight
Filters Finding Provider Fields Related Findings Id[] The finding identifier of a related finding that is identified by the finding provider. See String Filter below for more details.
-
Insight
Filters Finding Provider Fields Related Findings Product Arn[] The ARN of the solution that generated a related finding that is identified by the finding provider. See String Filter below for more details.
- finding
Provider InsightFields Severity Labels Filters Finding Provider Fields Severity Label[] The finding provider value for the severity label. See String Filter below for more details.
- finding
Provider InsightFields Severity Originals Filters Finding Provider Fields Severity Original[] The finding provider's original value for the severity. See String Filter below for more details.
- finding
Provider InsightFields Types Filters Finding Provider Fields Type[] One or more finding types that the finding provider assigned to the finding. Uses the format of
namespace/category/classifierthat classify a finding. Valid namespace values include:Software and Configuration Checks,TTPs,Effects,Unusual Behaviors, andSensitive Data Identifications. See String Filter below for more details.- first
Observed InsightAts Filters First Observed At[] An ISO8601-formatted timestamp that indicates when the security-findings provider first observed the potential security issue that a finding captured. See Date Filter below for more details.
- generator
Ids InsightFilters Generator Id[] The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. See String Filter below for more details.
- ids
Insight
Filters Id[] The security findings provider-specific identifier for a finding. See String Filter below for more details.
- keywords
Insight
Filters Keyword[] A keyword for a finding. See Keyword Filter below for more details.
- last
Observed InsightAts Filters Last Observed At[] An ISO8601-formatted timestamp that indicates when the security-findings provider most recently observed the potential security issue that a finding captured. See Date Filter below for more details.
- malware
Names InsightFilters Malware Name[] The name of the malware that was observed. See String Filter below for more details.
- malware
Paths InsightFilters Malware Path[] The filesystem path of the malware that was observed. See String Filter below for more details.
- malware
States InsightFilters Malware State[] The state of the malware that was observed. See String Filter below for more details.
- malware
Types InsightFilters Malware Type[] The type of the malware that was observed. See String Filter below for more details.
- network
Destination InsightDomains Filters Network Destination Domain[] The destination domain of network-related information about a finding. See String Filter below for more details.
- network
Destination InsightIpv4s Filters Network Destination Ipv4[] The destination IPv4 address of network-related information about a finding. See Ip Filter below for more details.
- network
Destination InsightIpv6s Filters Network Destination Ipv6[] The destination IPv6 address of network-related information about a finding. See Ip Filter below for more details.
- network
Destination InsightPorts Filters Network Destination Port[] The destination port of network-related information about a finding. See Number Filter below for more details.
- network
Directions InsightFilters Network Direction[] Indicates the direction of network traffic associated with a finding. See String Filter below for more details.
- network
Protocols InsightFilters Network Protocol[] The protocol of network-related information about a finding. See String Filter below for more details.
- network
Source InsightDomains Filters Network Source Domain[] The source domain of network-related information about a finding. See String Filter below for more details.
- network
Source InsightIpv4s Filters Network Source Ipv4[] The source IPv4 address of network-related information about a finding. See Ip Filter below for more details.
- network
Source InsightIpv6s Filters Network Source Ipv6[] The source IPv6 address of network-related information about a finding. See Ip Filter below for more details.
- network
Source InsightMacs Filters Network Source Mac[] The source media access control (MAC) address of network-related information about a finding. See String Filter below for more details.
- network
Source InsightPorts Filters Network Source Port[] The source port of network-related information about a finding. See Number Filter below for more details.
- note
Texts InsightFilters Note Text[] The text of a note. See String Filter below for more details.
- note
Updated InsightAts Filters Note Updated At[] The timestamp of when the note was updated. See Date Filter below for more details.
- note
Updated InsightBies Filters Note Updated By[] The principal that created a note. See String Filter below for more details.
- process
Launched InsightAts Filters Process Launched At[] The date/time that the process was launched. See Date Filter below for more details.
- process
Names InsightFilters Process Name[] The name of the process. See String Filter below for more details.
- process
Parent InsightPids Filters Process Parent Pid[] The parent process ID. See Number Filter below for more details.
- process
Paths InsightFilters Process Path[] The path to the process executable. See String Filter below for more details.
- process
Pids InsightFilters Process Pid[] The process ID. See Number Filter below for more details.
- process
Terminated InsightAts Filters Process Terminated At[] The date/time that the process was terminated. See Date Filter below for more details.
- product
Arns InsightFilters Product Arn[] The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub. See String Filter below for more details.
- product
Fields InsightFilters Product Field[] A data type where security-findings providers can include additional solution-specific details that aren't part of the defined
AwsSecurityFindingformat. See Map Filter below for more details.- product
Names InsightFilters Product Name[] The name of the solution (product) that generates findings. See String Filter below for more details.
- recommendation
Texts InsightFilters Recommendation Text[] The recommendation of what to do about the issue described in a finding. See String Filter below for more details.
- record
States InsightFilters Record State[] The updated record state for the finding. See String Filter below for more details.
-
Insight
Filters Related Findings Id[] The solution-generated identifier for a related finding. See String Filter below for more details.
-
Insight
Filters Related Findings Product Arn[] The ARN of the solution that generated a related finding. See String Filter below for more details.
- resource
Aws InsightEc2Instance Iam Instance Profile Arns Filters Resource Aws Ec2Instance Iam Instance Profile Arn[] The IAM profile ARN of the instance. See String Filter below for more details.
- resource
Aws InsightEc2Instance Image Ids Filters Resource Aws Ec2Instance Image Id[] The Amazon Machine Image (AMI) ID of the instance. See String Filter below for more details.
- resource
Aws InsightEc2Instance Ipv4Addresses Filters Resource Aws Ec2Instance Ipv4Address[] The IPv4 addresses associated with the instance. See Ip Filter below for more details.
- resource
Aws InsightEc2Instance Ipv6Addresses Filters Resource Aws Ec2Instance Ipv6Address[] The IPv6 addresses associated with the instance. See Ip Filter below for more details.
- resource
Aws InsightEc2Instance Key Names Filters Resource Aws Ec2Instance Key Name[] The key name associated with the instance. See String Filter below for more details.
- resource
Aws InsightEc2Instance Launched Ats Filters Resource Aws Ec2Instance Launched At[] The date and time the instance was launched. See Date Filter below for more details.
- resource
Aws InsightEc2Instance Subnet Ids Filters Resource Aws Ec2Instance Subnet Id[] The identifier of the subnet that the instance was launched in. See String Filter below for more details.
- resource
Aws InsightEc2Instance Types Filters Resource Aws Ec2Instance Type[] The instance type of the instance. See String Filter below for more details.
- resource
Aws InsightEc2Instance Vpc Ids Filters Resource Aws Ec2Instance Vpc Id[] The identifier of the VPC that the instance was launched in. See String Filter below for more details.
- resource
Aws InsightIam Access Key Created Ats Filters Resource Aws Iam Access Key Created At[] The creation date/time of the IAM access key related to a finding. See Date Filter below for more details.
- resource
Aws InsightIam Access Key Statuses Filters Resource Aws Iam Access Key Status[] The status of the IAM access key related to a finding. See String Filter below for more details.
- resource
Aws InsightIam Access Key User Names Filters Resource Aws Iam Access Key User Name[] The user associated with the IAM access key related to a finding. See String Filter below for more details.
- resource
Aws InsightS3Bucket Owner Ids Filters Resource Aws S3Bucket Owner Id[] The canonical user ID of the owner of the S3 bucket. See String Filter below for more details.
- resource
Aws InsightS3Bucket Owner Names Filters Resource Aws S3Bucket Owner Name[] The display name of the owner of the S3 bucket. See String Filter below for more details.
- resource
Container InsightImage Ids Filters Resource Container Image Id[] The identifier of the image related to a finding. See String Filter below for more details.
- resource
Container InsightImage Names Filters Resource Container Image Name[] The name of the image related to a finding. See String Filter below for more details.
- resource
Container InsightLaunched Ats Filters Resource Container Launched At[] The date/time that the container was started. See Date Filter below for more details.
- resource
Container InsightNames Filters Resource Container Name[] The name of the container related to a finding. See String Filter below for more details.
- resource
Details InsightOthers Filters Resource Details Other[] The details of a resource that doesn't have a specific subfield for the resource type defined. See Map Filter below for more details.
- resource
Ids InsightFilters Resource Id[] The canonical identifier for the given resource type. See String Filter below for more details.
- resource
Partitions InsightFilters Resource Partition[] The canonical AWS partition name that the Region is assigned to. See String Filter below for more details.
- resource
Regions InsightFilters Resource Region[] The canonical AWS external Region name where this resource is located. See String Filter below for more details.
-
Insight
Filters Resource Tag[] A list of AWS tags associated with a resource at the time the finding was processed. See Map Filter below for more details.
- resource
Types InsightFilters Resource Type[] Specifies the type of the resource that details are provided for. See String Filter below for more details.
- severity
Labels InsightFilters Severity Label[] The label of a finding's severity. See String Filter below for more details.
- source
Urls InsightFilters Source Url[] A URL that links to a page about the current finding in the security-findings provider's solution. See String Filter below for more details.
- threat
Intel InsightIndicator Categories Filters Threat Intel Indicator Category[] The category of a threat intelligence indicator. See String Filter below for more details.
- threat
Intel InsightIndicator Last Observed Ats Filters Threat Intel Indicator Last Observed At[] The date/time of the last observation of a threat intelligence indicator. See Date Filter below for more details.
- threat
Intel InsightIndicator Source Urls Filters Threat Intel Indicator Source Url[] The URL for more details from the source of the threat intelligence. See String Filter below for more details.
- threat
Intel InsightIndicator Sources Filters Threat Intel Indicator Source[] The source of the threat intelligence. See String Filter below for more details.
- threat
Intel InsightIndicator Types Filters Threat Intel Indicator Type[] The type of a threat intelligence indicator. See String Filter below for more details.
- threat
Intel InsightIndicator Values Filters Threat Intel Indicator Value[] The value of a threat intelligence indicator. See String Filter below for more details.
- titles
Insight
Filters Title[] A finding's title. See String Filter below for more details.
- types
Insight
Filters Type[] A finding type in the format of
namespace/category/classifierthat classifies a finding. See String Filter below for more details.- updated
Ats InsightFilters Updated At[] An ISO8601-formatted timestamp that indicates when the security-findings provider last updated the finding record. See Date Filter below for more details.
- user
Defined InsightValues Filters User Defined Value[] A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding. See Map Filter below for more details.
- verification
States InsightFilters Verification State[] The veracity of a finding. See String Filter below for more details.
- workflow
Statuses InsightFilters Workflow Status[] The status of the investigation into a finding. See Workflow Status Filter below for more details.
- aws_
account_ Sequence[Insightids Filters Aws Account Id] AWS account ID that a finding is generated in. See String_Filter below for more details.
- company_
names Sequence[InsightFilters Company Name] The name of the findings provider (company) that owns the solution (product) that generates findings. See String_Filter below for more details.
- compliance_
statuses Sequence[InsightFilters Compliance Status] Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard, such as CIS AWS Foundations. Contains security standard-related finding details. See String Filter below for more details.
- confidences
Sequence[Insight
Filters Confidence] A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
- created_
ats Sequence[InsightFilters Created At] An ISO8601-formatted timestamp that indicates when the security-findings provider captured the potential security issue that a finding captured. See Date Filter below for more details.
- criticalities
Sequence[Insight
Filters Criticality] The level of importance assigned to the resources associated with the finding. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
- descriptions
Sequence[Insight
Filters Description] A finding's description. See String Filter below for more details.
- finding_
provider_ Sequence[Insightfields_ confidences Filters Finding Provider Fields Confidence] The finding provider value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
- finding_
provider_ Sequence[Insightfields_ criticalities Filters Finding Provider Fields Criticality] The finding provider value for the level of importance assigned to the resources associated with the findings. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
-
Sequence[Insight
Filters Finding Provider Fields Related Findings Id] The finding identifier of a related finding that is identified by the finding provider. See String Filter below for more details.
-
Sequence[Insight
Filters Finding Provider Fields Related Findings Product Arn] The ARN of the solution that generated a related finding that is identified by the finding provider. See String Filter below for more details.
- finding_
provider_ Sequence[Insightfields_ severity_ labels Filters Finding Provider Fields Severity Label] The finding provider value for the severity label. See String Filter below for more details.
- finding_
provider_ Sequence[Insightfields_ severity_ originals Filters Finding Provider Fields Severity Original] The finding provider's original value for the severity. See String Filter below for more details.
- finding_
provider_ Sequence[Insightfields_ types Filters Finding Provider Fields Type] One or more finding types that the finding provider assigned to the finding. Uses the format of
namespace/category/classifierthat classify a finding. Valid namespace values include:Software and Configuration Checks,TTPs,Effects,Unusual Behaviors, andSensitive Data Identifications. See String Filter below for more details.- first_
observed_ Sequence[Insightats Filters First Observed At] An ISO8601-formatted timestamp that indicates when the security-findings provider first observed the potential security issue that a finding captured. See Date Filter below for more details.
- generator_
ids Sequence[InsightFilters Generator Id] The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. See String Filter below for more details.
- ids
Sequence[Insight
Filters Id] The security findings provider-specific identifier for a finding. See String Filter below for more details.
- keywords
Sequence[Insight
Filters Keyword] A keyword for a finding. See Keyword Filter below for more details.
- last_
observed_ Sequence[Insightats Filters Last Observed At] An ISO8601-formatted timestamp that indicates when the security-findings provider most recently observed the potential security issue that a finding captured. See Date Filter below for more details.
- malware_
names Sequence[InsightFilters Malware Name] The name of the malware that was observed. See String Filter below for more details.
- malware_
paths Sequence[InsightFilters Malware Path] The filesystem path of the malware that was observed. See String Filter below for more details.
- malware_
states Sequence[InsightFilters Malware State] The state of the malware that was observed. See String Filter below for more details.
- malware_
types Sequence[InsightFilters Malware Type] The type of the malware that was observed. See String Filter below for more details.
- network_
destination_ Sequence[Insightdomains Filters Network Destination Domain] The destination domain of network-related information about a finding. See String Filter below for more details.
- network_
destination_ Sequence[Insightipv4s Filters Network Destination Ipv4] The destination IPv4 address of network-related information about a finding. See Ip Filter below for more details.
- network_
destination_ Sequence[Insightipv6s Filters Network Destination Ipv6] The destination IPv6 address of network-related information about a finding. See Ip Filter below for more details.
- network_
destination_ Sequence[Insightports Filters Network Destination Port] The destination port of network-related information about a finding. See Number Filter below for more details.
- network_
directions Sequence[InsightFilters Network Direction] Indicates the direction of network traffic associated with a finding. See String Filter below for more details.
- network_
protocols Sequence[InsightFilters Network Protocol] The protocol of network-related information about a finding. See String Filter below for more details.
- network_
source_ Sequence[Insightdomains Filters Network Source Domain] The source domain of network-related information about a finding. See String Filter below for more details.
- network_
source_ Sequence[Insightipv4s Filters Network Source Ipv4] The source IPv4 address of network-related information about a finding. See Ip Filter below for more details.
- network_
source_ Sequence[Insightipv6s Filters Network Source Ipv6] The source IPv6 address of network-related information about a finding. See Ip Filter below for more details.
- network_
source_ Sequence[Insightmacs Filters Network Source Mac] The source media access control (MAC) address of network-related information about a finding. See String Filter below for more details.
- network_
source_ Sequence[Insightports Filters Network Source Port] The source port of network-related information about a finding. See Number Filter below for more details.
- note_
texts Sequence[InsightFilters Note Text] The text of a note. See String Filter below for more details.
- note_
updated_ Sequence[Insightats Filters Note Updated At] The timestamp of when the note was updated. See Date Filter below for more details.
- note_
updated_ Sequence[Insightbies Filters Note Updated By] The principal that created a note. See String Filter below for more details.
- process_
launched_ Sequence[Insightats Filters Process Launched At] The date/time that the process was launched. See Date Filter below for more details.
- process_
names Sequence[InsightFilters Process Name] The name of the process. See String Filter below for more details.
- process_
parent_ Sequence[Insightpids Filters Process Parent Pid] The parent process ID. See Number Filter below for more details.
- process_
paths Sequence[InsightFilters Process Path] The path to the process executable. See String Filter below for more details.
- process_
pids Sequence[InsightFilters Process Pid] The process ID. See Number Filter below for more details.
- process_
terminated_ Sequence[Insightats Filters Process Terminated At] The date/time that the process was terminated. See Date Filter below for more details.
- product_
arns Sequence[InsightFilters Product Arn] The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub. See String Filter below for more details.
- product_
fields Sequence[InsightFilters Product Field] A data type where security-findings providers can include additional solution-specific details that aren't part of the defined
AwsSecurityFindingformat. See Map Filter below for more details.- product_
names Sequence[InsightFilters Product Name] The name of the solution (product) that generates findings. See String Filter below for more details.
- recommendation_
texts Sequence[InsightFilters Recommendation Text] The recommendation of what to do about the issue described in a finding. See String Filter below for more details.
- record_
states Sequence[InsightFilters Record State] The updated record state for the finding. See String Filter below for more details.
-
Sequence[Insight
Filters Related Findings Id] The solution-generated identifier for a related finding. See String Filter below for more details.
-
Sequence[Insight
Filters Related Findings Product Arn] The ARN of the solution that generated a related finding. See String Filter below for more details.
- resource_
aws_ Sequence[Insightec2_ instance_ iam_ instance_ profile_ arns Filters Resource Aws Ec2Instance Iam Instance Profile Arn] The IAM profile ARN of the instance. See String Filter below for more details.
- resource_
aws_ Sequence[Insightec2_ instance_ image_ ids Filters Resource Aws Ec2Instance Image Id] The Amazon Machine Image (AMI) ID of the instance. See String Filter below for more details.
- resource_
aws_ Sequence[Insightec2_ instance_ ipv4_ addresses Filters Resource Aws Ec2Instance Ipv4Address] The IPv4 addresses associated with the instance. See Ip Filter below for more details.
- resource_
aws_ Sequence[Insightec2_ instance_ ipv6_ addresses Filters Resource Aws Ec2Instance Ipv6Address] The IPv6 addresses associated with the instance. See Ip Filter below for more details.
- resource_
aws_ Sequence[Insightec2_ instance_ key_ names Filters Resource Aws Ec2Instance Key Name] The key name associated with the instance. See String Filter below for more details.
- resource_
aws_ Sequence[Insightec2_ instance_ launched_ ats Filters Resource Aws Ec2Instance Launched At] The date and time the instance was launched. See Date Filter below for more details.
- resource_
aws_ Sequence[Insightec2_ instance_ subnet_ ids Filters Resource Aws Ec2Instance Subnet Id] The identifier of the subnet that the instance was launched in. See String Filter below for more details.
- resource_
aws_ Sequence[Insightec2_ instance_ types Filters Resource Aws Ec2Instance Type] The instance type of the instance. See String Filter below for more details.
- resource_
aws_ Sequence[Insightec2_ instance_ vpc_ ids Filters Resource Aws Ec2Instance Vpc Id] The identifier of the VPC that the instance was launched in. See String Filter below for more details.
- resource_
aws_ Sequence[Insightiam_ access_ key_ created_ ats Filters Resource Aws Iam Access Key Created At] The creation date/time of the IAM access key related to a finding. See Date Filter below for more details.
- resource_
aws_ Sequence[Insightiam_ access_ key_ statuses Filters Resource Aws Iam Access Key Status] The status of the IAM access key related to a finding. See String Filter below for more details.
- resource_
aws_ Sequence[Insightiam_ access_ key_ user_ names Filters Resource Aws Iam Access Key User Name] The user associated with the IAM access key related to a finding. See String Filter below for more details.
- resource_
aws_ Sequence[Insights3_ bucket_ owner_ ids Filters Resource Aws S3Bucket Owner Id] The canonical user ID of the owner of the S3 bucket. See String Filter below for more details.
- resource_
aws_ Sequence[Insights3_ bucket_ owner_ names Filters Resource Aws S3Bucket Owner Name] The display name of the owner of the S3 bucket. See String Filter below for more details.
- resource_
container_ Sequence[Insightimage_ ids Filters Resource Container Image Id] The identifier of the image related to a finding. See String Filter below for more details.
- resource_
container_ Sequence[Insightimage_ names Filters Resource Container Image Name] The name of the image related to a finding. See String Filter below for more details.
- resource_
container_ Sequence[Insightlaunched_ ats Filters Resource Container Launched At] The date/time that the container was started. See Date Filter below for more details.
- resource_
container_ Sequence[Insightnames Filters Resource Container Name] The name of the container related to a finding. See String Filter below for more details.
- resource_
details_ Sequence[Insightothers Filters Resource Details Other] The details of a resource that doesn't have a specific subfield for the resource type defined. See Map Filter below for more details.
- resource_
ids Sequence[InsightFilters Resource Id] The canonical identifier for the given resource type. See String Filter below for more details.
- resource_
partitions Sequence[InsightFilters Resource Partition] The canonical AWS partition name that the Region is assigned to. See String Filter below for more details.
- resource_
regions Sequence[InsightFilters Resource Region] The canonical AWS external Region name where this resource is located. See String Filter below for more details.
-
Sequence[Insight
Filters Resource Tag] A list of AWS tags associated with a resource at the time the finding was processed. See Map Filter below for more details.
- resource_
types Sequence[InsightFilters Resource Type] Specifies the type of the resource that details are provided for. See String Filter below for more details.
- severity_
labels Sequence[InsightFilters Severity Label] The label of a finding's severity. See String Filter below for more details.
- source_
urls Sequence[InsightFilters Source Url] A URL that links to a page about the current finding in the security-findings provider's solution. See String Filter below for more details.
- threat_
intel_ Sequence[Insightindicator_ categories Filters Threat Intel Indicator Category] The category of a threat intelligence indicator. See String Filter below for more details.
- threat_
intel_ Sequence[Insightindicator_ last_ observed_ ats Filters Threat Intel Indicator Last Observed At] The date/time of the last observation of a threat intelligence indicator. See Date Filter below for more details.
- threat_
intel_ Sequence[Insightindicator_ source_ urls Filters Threat Intel Indicator Source Url] The URL for more details from the source of the threat intelligence. See String Filter below for more details.
- threat_
intel_ Sequence[Insightindicator_ sources Filters Threat Intel Indicator Source] The source of the threat intelligence. See String Filter below for more details.
- threat_
intel_ Sequence[Insightindicator_ types Filters Threat Intel Indicator Type] The type of a threat intelligence indicator. See String Filter below for more details.
- threat_
intel_ Sequence[Insightindicator_ values Filters Threat Intel Indicator Value] The value of a threat intelligence indicator. See String Filter below for more details.
- titles
Sequence[Insight
Filters Title] A finding's title. See String Filter below for more details.
- types
Sequence[Insight
Filters Type] A finding type in the format of
namespace/category/classifierthat classifies a finding. See String Filter below for more details.- updated_
ats Sequence[InsightFilters Updated At] An ISO8601-formatted timestamp that indicates when the security-findings provider last updated the finding record. See Date Filter below for more details.
- user_
defined_ Sequence[Insightvalues Filters User Defined Value] A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding. See Map Filter below for more details.
- verification_
states Sequence[InsightFilters Verification State] The veracity of a finding. See String Filter below for more details.
- workflow_
statuses Sequence[InsightFilters Workflow Status] The status of the investigation into a finding. See Workflow Status Filter below for more details.
- aws
Account List<Property Map>Ids AWS account ID that a finding is generated in. See String_Filter below for more details.
- company
Names List<Property Map> The name of the findings provider (company) that owns the solution (product) that generates findings. See String_Filter below for more details.
- compliance
Statuses List<Property Map> Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard, such as CIS AWS Foundations. Contains security standard-related finding details. See String Filter below for more details.
- confidences List<Property Map>
A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
- created
Ats List<Property Map> An ISO8601-formatted timestamp that indicates when the security-findings provider captured the potential security issue that a finding captured. See Date Filter below for more details.
- criticalities List<Property Map>
The level of importance assigned to the resources associated with the finding. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
- descriptions List<Property Map>
A finding's description. See String Filter below for more details.
- finding
Provider List<Property Map>Fields Confidences The finding provider value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. See Number Filter below for more details.
- finding
Provider List<Property Map>Fields Criticalities The finding provider value for the level of importance assigned to the resources associated with the findings. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. See Number Filter below for more details.
- List<Property Map>
The finding identifier of a related finding that is identified by the finding provider. See String Filter below for more details.
- List<Property Map>
The ARN of the solution that generated a related finding that is identified by the finding provider. See String Filter below for more details.
- finding
Provider List<Property Map>Fields Severity Labels The finding provider value for the severity label. See String Filter below for more details.
- finding
Provider List<Property Map>Fields Severity Originals The finding provider's original value for the severity. See String Filter below for more details.
- finding
Provider List<Property Map>Fields Types One or more finding types that the finding provider assigned to the finding. Uses the format of
namespace/category/classifierthat classify a finding. Valid namespace values include:Software and Configuration Checks,TTPs,Effects,Unusual Behaviors, andSensitive Data Identifications. See String Filter below for more details.- first
Observed List<Property Map>Ats An ISO8601-formatted timestamp that indicates when the security-findings provider first observed the potential security issue that a finding captured. See Date Filter below for more details.
- generator
Ids List<Property Map> The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. See String Filter below for more details.
- ids List<Property Map>
The security findings provider-specific identifier for a finding. See String Filter below for more details.
- keywords List<Property Map>
A keyword for a finding. See Keyword Filter below for more details.
- last
Observed List<Property Map>Ats An ISO8601-formatted timestamp that indicates when the security-findings provider most recently observed the potential security issue that a finding captured. See Date Filter below for more details.
- malware
Names List<Property Map> The name of the malware that was observed. See String Filter below for more details.
- malware
Paths List<Property Map> The filesystem path of the malware that was observed. See String Filter below for more details.
- malware
States List<Property Map> The state of the malware that was observed. See String Filter below for more details.
- malware
Types List<Property Map> The type of the malware that was observed. See String Filter below for more details.
- network
Destination List<Property Map>Domains The destination domain of network-related information about a finding. See String Filter below for more details.
- network
Destination List<Property Map>Ipv4s The destination IPv4 address of network-related information about a finding. See Ip Filter below for more details.
- network
Destination List<Property Map>Ipv6s The destination IPv6 address of network-related information about a finding. See Ip Filter below for more details.
- network
Destination List<Property Map>Ports The destination port of network-related information about a finding. See Number Filter below for more details.
- network
Directions List<Property Map> Indicates the direction of network traffic associated with a finding. See String Filter below for more details.
- network
Protocols List<Property Map> The protocol of network-related information about a finding. See String Filter below for more details.
- network
Source List<Property Map>Domains The source domain of network-related information about a finding. See String Filter below for more details.
- network
Source List<Property Map>Ipv4s The source IPv4 address of network-related information about a finding. See Ip Filter below for more details.
- network
Source List<Property Map>Ipv6s The source IPv6 address of network-related information about a finding. See Ip Filter below for more details.
- network
Source List<Property Map>Macs The source media access control (MAC) address of network-related information about a finding. See String Filter below for more details.
- network
Source List<Property Map>Ports The source port of network-related information about a finding. See Number Filter below for more details.
- note
Texts List<Property Map> The text of a note. See String Filter below for more details.
- note
Updated List<Property Map>Ats The timestamp of when the note was updated. See Date Filter below for more details.
- note
Updated List<Property Map>Bies The principal that created a note. See String Filter below for more details.
- process
Launched List<Property Map>Ats The date/time that the process was launched. See Date Filter below for more details.
- process
Names List<Property Map> The name of the process. See String Filter below for more details.
- process
Parent List<Property Map>Pids The parent process ID. See Number Filter below for more details.
- process
Paths List<Property Map> The path to the process executable. See String Filter below for more details.
- process
Pids List<Property Map> The process ID. See Number Filter below for more details.
- process
Terminated List<Property Map>Ats The date/time that the process was terminated. See Date Filter below for more details.
- product
Arns List<Property Map> The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub. See String Filter below for more details.
- product
Fields List<Property Map> A data type where security-findings providers can include additional solution-specific details that aren't part of the defined
AwsSecurityFindingformat. See Map Filter below for more details.- product
Names List<Property Map> The name of the solution (product) that generates findings. See String Filter below for more details.
- recommendation
Texts List<Property Map> The recommendation of what to do about the issue described in a finding. See String Filter below for more details.
- record
States List<Property Map> The updated record state for the finding. See String Filter below for more details.
- List<Property Map>
The solution-generated identifier for a related finding. See String Filter below for more details.
- List<Property Map>
The ARN of the solution that generated a related finding. See String Filter below for more details.
- resource
Aws List<Property Map>Ec2Instance Iam Instance Profile Arns The IAM profile ARN of the instance. See String Filter below for more details.
- resource
Aws List<Property Map>Ec2Instance Image Ids The Amazon Machine Image (AMI) ID of the instance. See String Filter below for more details.
- resource
Aws List<Property Map>Ec2Instance Ipv4Addresses The IPv4 addresses associated with the instance. See Ip Filter below for more details.
- resource
Aws List<Property Map>Ec2Instance Ipv6Addresses The IPv6 addresses associated with the instance. See Ip Filter below for more details.
- resource
Aws List<Property Map>Ec2Instance Key Names The key name associated with the instance. See String Filter below for more details.
- resource
Aws List<Property Map>Ec2Instance Launched Ats The date and time the instance was launched. See Date Filter below for more details.
- resource
Aws List<Property Map>Ec2Instance Subnet Ids The identifier of the subnet that the instance was launched in. See String Filter below for more details.
- resource
Aws List<Property Map>Ec2Instance Types The instance type of the instance. See String Filter below for more details.
- resource
Aws List<Property Map>Ec2Instance Vpc Ids The identifier of the VPC that the instance was launched in. See String Filter below for more details.
- resource
Aws List<Property Map>Iam Access Key Created Ats The creation date/time of the IAM access key related to a finding. See Date Filter below for more details.
- resource
Aws List<Property Map>Iam Access Key Statuses The status of the IAM access key related to a finding. See String Filter below for more details.
- resource
Aws List<Property Map>Iam Access Key User Names The user associated with the IAM access key related to a finding. See String Filter below for more details.
- resource
Aws List<Property Map>S3Bucket Owner Ids The canonical user ID of the owner of the S3 bucket. See String Filter below for more details.
- resource
Aws List<Property Map>S3Bucket Owner Names The display name of the owner of the S3 bucket. See String Filter below for more details.
- resource
Container List<Property Map>Image Ids The identifier of the image related to a finding. See String Filter below for more details.
- resource
Container List<Property Map>Image Names The name of the image related to a finding. See String Filter below for more details.
- resource
Container List<Property Map>Launched Ats The date/time that the container was started. See Date Filter below for more details.
- resource
Container List<Property Map>Names The name of the container related to a finding. See String Filter below for more details.
- resource
Details List<Property Map>Others The details of a resource that doesn't have a specific subfield for the resource type defined. See Map Filter below for more details.
- resource
Ids List<Property Map> The canonical identifier for the given resource type. See String Filter below for more details.
- resource
Partitions List<Property Map> The canonical AWS partition name that the Region is assigned to. See String Filter below for more details.
- resource
Regions List<Property Map> The canonical AWS external Region name where this resource is located. See String Filter below for more details.
- List<Property Map>
A list of AWS tags associated with a resource at the time the finding was processed. See Map Filter below for more details.
- resource
Types List<Property Map> Specifies the type of the resource that details are provided for. See String Filter below for more details.
- severity
Labels List<Property Map> The label of a finding's severity. See String Filter below for more details.
- source
Urls List<Property Map> A URL that links to a page about the current finding in the security-findings provider's solution. See String Filter below for more details.
- threat
Intel List<Property Map>Indicator Categories The category of a threat intelligence indicator. See String Filter below for more details.
- threat
Intel List<Property Map>Indicator Last Observed Ats The date/time of the last observation of a threat intelligence indicator. See Date Filter below for more details.
- threat
Intel List<Property Map>Indicator Source Urls The URL for more details from the source of the threat intelligence. See String Filter below for more details.
- threat
Intel List<Property Map>Indicator Sources The source of the threat intelligence. See String Filter below for more details.
- threat
Intel List<Property Map>Indicator Types The type of a threat intelligence indicator. See String Filter below for more details.
- threat
Intel List<Property Map>Indicator Values The value of a threat intelligence indicator. See String Filter below for more details.
- titles List<Property Map>
A finding's title. See String Filter below for more details.
- types List<Property Map>
A finding type in the format of
namespace/category/classifierthat classifies a finding. See String Filter below for more details.- updated
Ats List<Property Map> An ISO8601-formatted timestamp that indicates when the security-findings provider last updated the finding record. See Date Filter below for more details.
- user
Defined List<Property Map>Values A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding. See Map Filter below for more details.
- verification
States List<Property Map> The veracity of a finding. See String Filter below for more details.
- workflow
Statuses List<Property Map> The status of the investigation into a finding. See Workflow Status Filter below for more details.
InsightFiltersAwsAccountId
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersCompanyName
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersComplianceStatus
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersConfidence
- Eq string
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- Gte string
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- Lte string
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- Eq string
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- Gte string
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- Lte string
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- eq String
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- gte String
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- lte String
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- eq string
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- gte string
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- lte string
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- eq str
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- gte str
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- lte str
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- eq String
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- gte String
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- lte String
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
InsightFiltersCreatedAt
- Date
Range InsightFilters Created At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- End string
An end date for the date filter. Required with
startifdate_rangeis not specified.- Start string
A start date for the date filter. Required with
endifdate_rangeis not specified.
- Date
Range InsightFilters Created At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- End string
An end date for the date filter. Required with
startifdate_rangeis not specified.- Start string
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date
Range InsightFilters Created At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- end String
An end date for the date filter. Required with
startifdate_rangeis not specified.- start String
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date
Range InsightFilters Created At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- end string
An end date for the date filter. Required with
startifdate_rangeis not specified.- start string
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date_
range InsightFilters Created At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- end str
An end date for the date filter. Required with
startifdate_rangeis not specified.- start str
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date
Range Property Map A configuration block of the date range for the date filter. See date_range below for more details.
- end String
An end date for the date filter. Required with
startifdate_rangeis not specified.- start String
A start date for the date filter. Required with
endifdate_rangeis not specified.
InsightFiltersCreatedAtDateRange
InsightFiltersCriticality
- Eq string
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- Gte string
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- Lte string
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- Eq string
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- Gte string
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- Lte string
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- eq String
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- gte String
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- lte String
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- eq string
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- gte string
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- lte string
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- eq str
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- gte str
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- lte str
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- eq String
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- gte String
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- lte String
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
InsightFiltersDescription
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersFindingProviderFieldsConfidence
- Eq string
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- Gte string
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- Lte string
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- Eq string
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- Gte string
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- Lte string
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- eq String
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- gte String
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- lte String
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- eq string
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- gte string
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- lte string
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- eq str
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- gte str
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- lte str
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- eq String
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- gte String
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- lte String
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
InsightFiltersFindingProviderFieldsCriticality
- Eq string
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- Gte string
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- Lte string
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- Eq string
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- Gte string
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- Lte string
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- eq String
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- gte String
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- lte String
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- eq string
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- gte string
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- lte string
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- eq str
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- gte str
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- lte str
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- eq String
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- gte String
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- lte String
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
InsightFiltersFindingProviderFieldsRelatedFindingsId
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersFindingProviderFieldsRelatedFindingsProductArn
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersFindingProviderFieldsSeverityLabel
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersFindingProviderFieldsSeverityOriginal
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersFindingProviderFieldsType
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersFirstObservedAt
- Date
Range InsightFilters First Observed At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- End string
An end date for the date filter. Required with
startifdate_rangeis not specified.- Start string
A start date for the date filter. Required with
endifdate_rangeis not specified.
- Date
Range InsightFilters First Observed At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- End string
An end date for the date filter. Required with
startifdate_rangeis not specified.- Start string
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date
Range InsightFilters First Observed At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- end String
An end date for the date filter. Required with
startifdate_rangeis not specified.- start String
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date
Range InsightFilters First Observed At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- end string
An end date for the date filter. Required with
startifdate_rangeis not specified.- start string
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date_
range InsightFilters First Observed At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- end str
An end date for the date filter. Required with
startifdate_rangeis not specified.- start str
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date
Range Property Map A configuration block of the date range for the date filter. See date_range below for more details.
- end String
An end date for the date filter. Required with
startifdate_rangeis not specified.- start String
A start date for the date filter. Required with
endifdate_rangeis not specified.
InsightFiltersFirstObservedAtDateRange
InsightFiltersGeneratorId
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersId
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersKeyword
- Value string
A value for the keyword.
- Value string
A value for the keyword.
- value String
A value for the keyword.
- value string
A value for the keyword.
- value str
A value for the keyword.
- value String
A value for the keyword.
InsightFiltersLastObservedAt
- Date
Range InsightFilters Last Observed At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- End string
An end date for the date filter. Required with
startifdate_rangeis not specified.- Start string
A start date for the date filter. Required with
endifdate_rangeis not specified.
- Date
Range InsightFilters Last Observed At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- End string
An end date for the date filter. Required with
startifdate_rangeis not specified.- Start string
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date
Range InsightFilters Last Observed At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- end String
An end date for the date filter. Required with
startifdate_rangeis not specified.- start String
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date
Range InsightFilters Last Observed At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- end string
An end date for the date filter. Required with
startifdate_rangeis not specified.- start string
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date_
range InsightFilters Last Observed At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- end str
An end date for the date filter. Required with
startifdate_rangeis not specified.- start str
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date
Range Property Map A configuration block of the date range for the date filter. See date_range below for more details.
- end String
An end date for the date filter. Required with
startifdate_rangeis not specified.- start String
A start date for the date filter. Required with
endifdate_rangeis not specified.
InsightFiltersLastObservedAtDateRange
InsightFiltersMalwareName
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersMalwarePath
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersMalwareState
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersMalwareType
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersNetworkDestinationDomain
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersNetworkDestinationIpv4
- Cidr string
A finding's CIDR value.
- Cidr string
A finding's CIDR value.
- cidr String
A finding's CIDR value.
- cidr string
A finding's CIDR value.
- cidr str
A finding's CIDR value.
- cidr String
A finding's CIDR value.
InsightFiltersNetworkDestinationIpv6
- Cidr string
A finding's CIDR value.
- Cidr string
A finding's CIDR value.
- cidr String
A finding's CIDR value.
- cidr string
A finding's CIDR value.
- cidr str
A finding's CIDR value.
- cidr String
A finding's CIDR value.
InsightFiltersNetworkDestinationPort
- Eq string
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- Gte string
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- Lte string
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- Eq string
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- Gte string
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- Lte string
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- eq String
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- gte String
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- lte String
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- eq string
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- gte string
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- lte string
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- eq str
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- gte str
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- lte str
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- eq String
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- gte String
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- lte String
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
InsightFiltersNetworkDirection
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersNetworkProtocol
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersNetworkSourceDomain
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersNetworkSourceIpv4
- Cidr string
A finding's CIDR value.
- Cidr string
A finding's CIDR value.
- cidr String
A finding's CIDR value.
- cidr string
A finding's CIDR value.
- cidr str
A finding's CIDR value.
- cidr String
A finding's CIDR value.
InsightFiltersNetworkSourceIpv6
- Cidr string
A finding's CIDR value.
- Cidr string
A finding's CIDR value.
- cidr String
A finding's CIDR value.
- cidr string
A finding's CIDR value.
- cidr str
A finding's CIDR value.
- cidr String
A finding's CIDR value.
InsightFiltersNetworkSourceMac
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersNetworkSourcePort
- Eq string
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- Gte string
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- Lte string
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- Eq string
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- Gte string
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- Lte string
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- eq String
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- gte String
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- lte String
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- eq string
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- gte string
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- lte string
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- eq str
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- gte str
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- lte str
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- eq String
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- gte String
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- lte String
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
InsightFiltersNoteText
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersNoteUpdatedAt
- Date
Range InsightFilters Note Updated At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- End string
An end date for the date filter. Required with
startifdate_rangeis not specified.- Start string
A start date for the date filter. Required with
endifdate_rangeis not specified.
- Date
Range InsightFilters Note Updated At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- End string
An end date for the date filter. Required with
startifdate_rangeis not specified.- Start string
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date
Range InsightFilters Note Updated At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- end String
An end date for the date filter. Required with
startifdate_rangeis not specified.- start String
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date
Range InsightFilters Note Updated At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- end string
An end date for the date filter. Required with
startifdate_rangeis not specified.- start string
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date_
range InsightFilters Note Updated At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- end str
An end date for the date filter. Required with
startifdate_rangeis not specified.- start str
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date
Range Property Map A configuration block of the date range for the date filter. See date_range below for more details.
- end String
An end date for the date filter. Required with
startifdate_rangeis not specified.- start String
A start date for the date filter. Required with
endifdate_rangeis not specified.
InsightFiltersNoteUpdatedAtDateRange
InsightFiltersNoteUpdatedBy
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersProcessLaunchedAt
- Date
Range InsightFilters Process Launched At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- End string
An end date for the date filter. Required with
startifdate_rangeis not specified.- Start string
A start date for the date filter. Required with
endifdate_rangeis not specified.
- Date
Range InsightFilters Process Launched At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- End string
An end date for the date filter. Required with
startifdate_rangeis not specified.- Start string
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date
Range InsightFilters Process Launched At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- end String
An end date for the date filter. Required with
startifdate_rangeis not specified.- start String
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date
Range InsightFilters Process Launched At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- end string
An end date for the date filter. Required with
startifdate_rangeis not specified.- start string
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date_
range InsightFilters Process Launched At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- end str
An end date for the date filter. Required with
startifdate_rangeis not specified.- start str
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date
Range Property Map A configuration block of the date range for the date filter. See date_range below for more details.
- end String
An end date for the date filter. Required with
startifdate_rangeis not specified.- start String
A start date for the date filter. Required with
endifdate_rangeis not specified.
InsightFiltersProcessLaunchedAtDateRange
InsightFiltersProcessName
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersProcessParentPid
- Eq string
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- Gte string
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- Lte string
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- Eq string
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- Gte string
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- Lte string
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- eq String
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- gte String
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- lte String
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- eq string
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- gte string
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- lte string
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- eq str
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- gte str
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- lte str
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- eq String
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- gte String
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- lte String
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
InsightFiltersProcessPath
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersProcessPid
- Eq string
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- Gte string
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- Lte string
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- Eq string
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- Gte string
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- Lte string
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- eq String
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- gte String
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- lte String
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- eq string
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- gte string
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- lte string
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- eq str
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- gte str
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- lte str
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- eq String
The equal-to condition to be applied to a single field when querying for findings, provided as a String.
- gte String
The greater-than-equal condition to be applied to a single field when querying for findings, provided as a String.
- lte String
The less-than-equal condition to be applied to a single field when querying for findings, provided as a String.
InsightFiltersProcessTerminatedAt
- Date
Range InsightFilters Process Terminated At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- End string
An end date for the date filter. Required with
startifdate_rangeis not specified.- Start string
A start date for the date filter. Required with
endifdate_rangeis not specified.
- Date
Range InsightFilters Process Terminated At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- End string
An end date for the date filter. Required with
startifdate_rangeis not specified.- Start string
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date
Range InsightFilters Process Terminated At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- end String
An end date for the date filter. Required with
startifdate_rangeis not specified.- start String
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date
Range InsightFilters Process Terminated At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- end string
An end date for the date filter. Required with
startifdate_rangeis not specified.- start string
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date_
range InsightFilters Process Terminated At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- end str
An end date for the date filter. Required with
startifdate_rangeis not specified.- start str
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date
Range Property Map A configuration block of the date range for the date filter. See date_range below for more details.
- end String
An end date for the date filter. Required with
startifdate_rangeis not specified.- start String
A start date for the date filter. Required with
endifdate_rangeis not specified.
InsightFiltersProcessTerminatedAtDateRange
InsightFiltersProductArn
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersProductField
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Key string
The key of the map filter. For example, for
ResourceTags,Keyidentifies the name of the tag. ForUserDefinedFields,Keyis the name of the field.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Key string
The key of the map filter. For example, for
ResourceTags,Keyidentifies the name of the tag. ForUserDefinedFields,Keyis the name of the field.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- key String
The key of the map filter. For example, for
ResourceTags,Keyidentifies the name of the tag. ForUserDefinedFields,Keyis the name of the field.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- key string
The key of the map filter. For example, for
ResourceTags,Keyidentifies the name of the tag. ForUserDefinedFields,Keyis the name of the field.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- key str
The key of the map filter. For example, for
ResourceTags,Keyidentifies the name of the tag. ForUserDefinedFields,Keyis the name of the field.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- key String
The key of the map filter. For example, for
ResourceTags,Keyidentifies the name of the tag. ForUserDefinedFields,Keyis the name of the field.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersProductName
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersRecommendationText
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersRecordState
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersRelatedFindingsId
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersRelatedFindingsProductArn
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersResourceAwsEc2InstanceIamInstanceProfileArn
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersResourceAwsEc2InstanceImageId
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersResourceAwsEc2InstanceIpv4Address
- Cidr string
A finding's CIDR value.
- Cidr string
A finding's CIDR value.
- cidr String
A finding's CIDR value.
- cidr string
A finding's CIDR value.
- cidr str
A finding's CIDR value.
- cidr String
A finding's CIDR value.
InsightFiltersResourceAwsEc2InstanceIpv6Address
- Cidr string
A finding's CIDR value.
- Cidr string
A finding's CIDR value.
- cidr String
A finding's CIDR value.
- cidr string
A finding's CIDR value.
- cidr str
A finding's CIDR value.
- cidr String
A finding's CIDR value.
InsightFiltersResourceAwsEc2InstanceKeyName
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersResourceAwsEc2InstanceLaunchedAt
- Date
Range InsightFilters Resource Aws Ec2Instance Launched At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- End string
An end date for the date filter. Required with
startifdate_rangeis not specified.- Start string
A start date for the date filter. Required with
endifdate_rangeis not specified.
- Date
Range InsightFilters Resource Aws Ec2Instance Launched At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- End string
An end date for the date filter. Required with
startifdate_rangeis not specified.- Start string
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date
Range InsightFilters Resource Aws Ec2Instance Launched At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- end String
An end date for the date filter. Required with
startifdate_rangeis not specified.- start String
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date
Range InsightFilters Resource Aws Ec2Instance Launched At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- end string
An end date for the date filter. Required with
startifdate_rangeis not specified.- start string
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date_
range InsightFilters Resource Aws Ec2Instance Launched At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- end str
An end date for the date filter. Required with
startifdate_rangeis not specified.- start str
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date
Range Property Map A configuration block of the date range for the date filter. See date_range below for more details.
- end String
An end date for the date filter. Required with
startifdate_rangeis not specified.- start String
A start date for the date filter. Required with
endifdate_rangeis not specified.
InsightFiltersResourceAwsEc2InstanceLaunchedAtDateRange
InsightFiltersResourceAwsEc2InstanceSubnetId
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersResourceAwsEc2InstanceType
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersResourceAwsEc2InstanceVpcId
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersResourceAwsIamAccessKeyCreatedAt
- Date
Range InsightFilters Resource Aws Iam Access Key Created At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- End string
An end date for the date filter. Required with
startifdate_rangeis not specified.- Start string
A start date for the date filter. Required with
endifdate_rangeis not specified.
- Date
Range InsightFilters Resource Aws Iam Access Key Created At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- End string
An end date for the date filter. Required with
startifdate_rangeis not specified.- Start string
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date
Range InsightFilters Resource Aws Iam Access Key Created At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- end String
An end date for the date filter. Required with
startifdate_rangeis not specified.- start String
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date
Range InsightFilters Resource Aws Iam Access Key Created At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- end string
An end date for the date filter. Required with
startifdate_rangeis not specified.- start string
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date_
range InsightFilters Resource Aws Iam Access Key Created At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- end str
An end date for the date filter. Required with
startifdate_rangeis not specified.- start str
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date
Range Property Map A configuration block of the date range for the date filter. See date_range below for more details.
- end String
An end date for the date filter. Required with
startifdate_rangeis not specified.- start String
A start date for the date filter. Required with
endifdate_rangeis not specified.
InsightFiltersResourceAwsIamAccessKeyCreatedAtDateRange
InsightFiltersResourceAwsIamAccessKeyStatus
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersResourceAwsIamAccessKeyUserName
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersResourceAwsS3BucketOwnerId
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersResourceAwsS3BucketOwnerName
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersResourceContainerImageId
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersResourceContainerImageName
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersResourceContainerLaunchedAt
- Date
Range InsightFilters Resource Container Launched At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- End string
An end date for the date filter. Required with
startifdate_rangeis not specified.- Start string
A start date for the date filter. Required with
endifdate_rangeis not specified.
- Date
Range InsightFilters Resource Container Launched At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- End string
An end date for the date filter. Required with
startifdate_rangeis not specified.- Start string
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date
Range InsightFilters Resource Container Launched At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- end String
An end date for the date filter. Required with
startifdate_rangeis not specified.- start String
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date
Range InsightFilters Resource Container Launched At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- end string
An end date for the date filter. Required with
startifdate_rangeis not specified.- start string
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date_
range InsightFilters Resource Container Launched At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- end str
An end date for the date filter. Required with
startifdate_rangeis not specified.- start str
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date
Range Property Map A configuration block of the date range for the date filter. See date_range below for more details.
- end String
An end date for the date filter. Required with
startifdate_rangeis not specified.- start String
A start date for the date filter. Required with
endifdate_rangeis not specified.
InsightFiltersResourceContainerLaunchedAtDateRange
InsightFiltersResourceContainerName
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersResourceDetailsOther
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Key string
The key of the map filter. For example, for
ResourceTags,Keyidentifies the name of the tag. ForUserDefinedFields,Keyis the name of the field.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Key string
The key of the map filter. For example, for
ResourceTags,Keyidentifies the name of the tag. ForUserDefinedFields,Keyis the name of the field.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- key String
The key of the map filter. For example, for
ResourceTags,Keyidentifies the name of the tag. ForUserDefinedFields,Keyis the name of the field.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- key string
The key of the map filter. For example, for
ResourceTags,Keyidentifies the name of the tag. ForUserDefinedFields,Keyis the name of the field.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- key str
The key of the map filter. For example, for
ResourceTags,Keyidentifies the name of the tag. ForUserDefinedFields,Keyis the name of the field.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- key String
The key of the map filter. For example, for
ResourceTags,Keyidentifies the name of the tag. ForUserDefinedFields,Keyis the name of the field.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersResourceId
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersResourcePartition
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersResourceRegion
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersResourceTag
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Key string
The key of the map filter. For example, for
ResourceTags,Keyidentifies the name of the tag. ForUserDefinedFields,Keyis the name of the field.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Key string
The key of the map filter. For example, for
ResourceTags,Keyidentifies the name of the tag. ForUserDefinedFields,Keyis the name of the field.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- key String
The key of the map filter. For example, for
ResourceTags,Keyidentifies the name of the tag. ForUserDefinedFields,Keyis the name of the field.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- key string
The key of the map filter. For example, for
ResourceTags,Keyidentifies the name of the tag. ForUserDefinedFields,Keyis the name of the field.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- key str
The key of the map filter. For example, for
ResourceTags,Keyidentifies the name of the tag. ForUserDefinedFields,Keyis the name of the field.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- key String
The key of the map filter. For example, for
ResourceTags,Keyidentifies the name of the tag. ForUserDefinedFields,Keyis the name of the field.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersResourceType
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersSeverityLabel
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersSourceUrl
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersThreatIntelIndicatorCategory
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersThreatIntelIndicatorLastObservedAt
- Date
Range InsightFilters Threat Intel Indicator Last Observed At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- End string
An end date for the date filter. Required with
startifdate_rangeis not specified.- Start string
A start date for the date filter. Required with
endifdate_rangeis not specified.
- Date
Range InsightFilters Threat Intel Indicator Last Observed At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- End string
An end date for the date filter. Required with
startifdate_rangeis not specified.- Start string
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date
Range InsightFilters Threat Intel Indicator Last Observed At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- end String
An end date for the date filter. Required with
startifdate_rangeis not specified.- start String
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date
Range InsightFilters Threat Intel Indicator Last Observed At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- end string
An end date for the date filter. Required with
startifdate_rangeis not specified.- start string
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date_
range InsightFilters Threat Intel Indicator Last Observed At Date Range A configuration block of the date range for the date filter. See date_range below for more details.
- end str
An end date for the date filter. Required with
startifdate_rangeis not specified.- start str
A start date for the date filter. Required with
endifdate_rangeis not specified.
- date
Range Property Map A configuration block of the date range for the date filter. See date_range below for more details.
- end String
An end date for the date filter. Required with
startifdate_rangeis not specified.- start String
A start date for the date filter. Required with
endifdate_rangeis not specified.
InsightFiltersThreatIntelIndicatorLastObservedAtDateRange
InsightFiltersThreatIntelIndicatorSource
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersThreatIntelIndicatorSourceUrl
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value str
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
InsightFiltersThreatIntelIndicatorType
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- Comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- Value string
A date range value for the date filter, provided as an Integer.
- comparison String
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value String
A date range value for the date filter, provided as an Integer.
- comparison string
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value string
A date range value for the date filter, provided as an Integer.
- comparison str
The condition to apply to a string value when querying for findings. Valid values include:
EQUALSandNOT_EQUALS.- value