You are viewing documentation for version 2 of the AWS SDK for Ruby. Version 3 documentation can be found here.
Class: Aws::SecurityHub::Types::BatchUpdateFindingsRequest
- Inherits:
-
Struct
- Object
- Struct
- Aws::SecurityHub::Types::BatchUpdateFindingsRequest
- Defined in:
- (unknown)
Overview
When passing BatchUpdateFindingsRequest as input to an Aws::Client method, you can use a vanilla Hash:
{
finding_identifiers: [ # required
{
id: "NonEmptyString", # required
product_arn: "NonEmptyString", # required
},
],
note: {
text: "NonEmptyString", # required
updated_by: "NonEmptyString", # required
},
severity: {
normalized: 1,
product: 1.0,
label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
},
verification_state: "UNKNOWN", # accepts UNKNOWN, TRUE_POSITIVE, FALSE_POSITIVE, BENIGN_POSITIVE
confidence: 1,
criticality: 1,
types: ["NonEmptyString"],
user_defined_fields: {
"NonEmptyString" => "NonEmptyString",
},
workflow: {
status: "NEW", # accepts NEW, NOTIFIED, RESOLVED, SUPPRESSED
},
related_findings: [
{
product_arn: "NonEmptyString", # required
id: "NonEmptyString", # required
},
],
}
Instance Attribute Summary collapse
-
#confidence ⇒ Integer
The updated value for the finding confidence.
-
#criticality ⇒ Integer
The updated value for the level of importance assigned to the resources associated with the findings.
-
#finding_identifiers ⇒ Array<Types::AwsSecurityFindingIdentifier>
The list of findings to update.
-
#note ⇒ Types::NoteUpdate
The updated note.
.
-
#related_findings ⇒ Array<Types::RelatedFinding>
A list of findings that are related to the updated findings.
-
#severity ⇒ Types::SeverityUpdate
Used to update the finding severity.
-
#types ⇒ Array<String>
One or more finding types in the format of namespace/category/classifier that classify a finding.
-
#user_defined_fields ⇒ Hash<String,String>
A list of name/value string pairs associated with the finding.
-
#verification_state ⇒ String
Indicates the veracity of a finding.
-
#workflow ⇒ Types::WorkflowUpdate
Used to update the workflow status of a finding.
Instance Attribute Details
#confidence ⇒ Integer
The updated value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.
Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.
#criticality ⇒ Integer
The updated value for the level of importance assigned to the resources associated with the findings.
A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.
#finding_identifiers ⇒ Array<Types::AwsSecurityFindingIdentifier>
The list of findings to update. BatchUpdateFindings
can be used to
update up to 100 findings at a time.
For each finding, the list provides the finding identifier and the ARN of the finding provider.
#note ⇒ Types::NoteUpdate
The updated note.
#related_findings ⇒ Array<Types::RelatedFinding>
A list of findings that are related to the updated findings.
#severity ⇒ Types::SeverityUpdate
Used to update the finding severity.
#types ⇒ Array<String>
One or more finding types in the format of namespace/category/classifier that classify a finding.
Valid namespace values are as follows.
Software and Configuration Checks
TTPs
Effects
Unusual Behaviors
Sensitive Data Identifications
#user_defined_fields ⇒ Hash<String,String>
A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding.
#verification_state ⇒ String
Indicates the veracity of a finding.
The available values for VerificationState
are as follows.
UNKNOWN
– The default disposition of a security findingTRUE_POSITIVE
– The security finding is confirmedFALSE_POSITIVE
– The security finding was determined to be a false alarmBENIGN_POSITIVE
– A special case ofTRUE_POSITIVE
where the finding doesn\'t pose any threat, is expected, or bothPossible values:
- UNKNOWN
- TRUE_POSITIVE
- FALSE_POSITIVE
- BENIGN_POSITIVE
#workflow ⇒ Types::WorkflowUpdate
Used to update the workflow status of a finding.
The workflow status indicates the progress of the investigation into the finding.