OcsfStringFilter - Amazon Security Hub CSPM
ContentsSee Also
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

OcsfStringFilter

Enables filtering of security findings based on string field values in OCSF.

Contents

FieldName

The name of the field.

Type: String

Valid Values: metadata.uid | activity_name | cloud.account.uid | cloud.provider | cloud.region | compliance.assessments.category | compliance.assessments.name | compliance.control | compliance.status | compliance.standards | finding_info.desc | finding_info.src_url | finding_info.title | finding_info.types | finding_info.uid | finding_info.related_events.traits.category | finding_info.related_events.uid | finding_info.related_events.product.uid | finding_info.related_events.title | metadata.product.name | metadata.product.uid | metadata.product.vendor_name | remediation.desc | remediation.references | resources.cloud_partition | resources.region | resources.type | resources.uid | severity | status | comment | vulnerabilities.fix_coverage | class_name | databucket.encryption_details.algorithm | databucket.encryption_details.key_uid | databucket.file.data_classifications.classifier_details.type | evidences.actor.user.account.uid | evidences.api.operation | evidences.api.response.error_message | evidences.api.service.name | evidences.connection_info.direction | evidences.connection_info.protocol_name | evidences.dst_endpoint.autonomous_system.name | evidences.dst_endpoint.location.city | evidences.dst_endpoint.location.country | evidences.src_endpoint.autonomous_system.name | evidences.src_endpoint.hostname | evidences.src_endpoint.location.city | evidences.src_endpoint.location.country | finding_info.analytic.name | malware.name | malware_scan_info.uid | malware.severity | resources.cloud_function.layers.uid_alt | resources.cloud_function.runtime | resources.cloud_function.user.uid | resources.device.encryption_details.key_uid | resources.device.image.uid | resources.image.architecture | resources.image.registry_uid | resources.image.repository_name | resources.image.uid | resources.subnet_info.uid | resources.vpc_uid | vulnerabilities.affected_code.file.path | vulnerabilities.affected_packages.name | vulnerabilities.cve.epss.score | vulnerabilities.cve.uid | vulnerabilities.related_vulnerabilities | cloud.account.name | vendor_attributes.severity

Required: No

Filter

A string filter for filtering Amazon Security Hub CSPM findings.

Type: StringFilter object

Required: No

See Also

For more information about using this API in one of the language-specific Amazon SDKs, see the following: