Copyright | (c) 2013-2023 Brendan Hay |
---|---|
License | Mozilla Public License, v. 2.0. |
Maintainer | Brendan Hay |
Stability | auto-generated |
Portability | non-portable (GHC extensions) |
Safe Haskell | Safe-Inferred |
Language | Haskell2010 |
Creates a filter using the specified finding criteria.
Synopsis
- data CreateFilter = CreateFilter' {
- action :: Maybe FilterAction
- clientToken :: Maybe Text
- description :: Maybe Text
- rank :: Maybe Natural
- tags :: Maybe (HashMap Text Text)
- detectorId :: Text
- name :: Text
- findingCriteria :: FindingCriteria
- newCreateFilter :: Text -> Text -> FindingCriteria -> CreateFilter
- createFilter_action :: Lens' CreateFilter (Maybe FilterAction)
- createFilter_clientToken :: Lens' CreateFilter (Maybe Text)
- createFilter_description :: Lens' CreateFilter (Maybe Text)
- createFilter_rank :: Lens' CreateFilter (Maybe Natural)
- createFilter_tags :: Lens' CreateFilter (Maybe (HashMap Text Text))
- createFilter_detectorId :: Lens' CreateFilter Text
- createFilter_name :: Lens' CreateFilter Text
- createFilter_findingCriteria :: Lens' CreateFilter FindingCriteria
- data CreateFilterResponse = CreateFilterResponse' {
- httpStatus :: Int
- name :: Text
- newCreateFilterResponse :: Int -> Text -> CreateFilterResponse
- createFilterResponse_httpStatus :: Lens' CreateFilterResponse Int
- createFilterResponse_name :: Lens' CreateFilterResponse Text
Creating a Request
data CreateFilter Source #
See: newCreateFilter
smart constructor.
CreateFilter' | |
|
Instances
:: Text | |
-> Text | |
-> FindingCriteria | |
-> CreateFilter |
Create a value of CreateFilter
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
CreateFilter
, createFilter_action
- Specifies the action that is to be applied to the findings that match
the filter.
$sel:clientToken:CreateFilter'
, createFilter_clientToken
- The idempotency token for the create request.
CreateFilter
, createFilter_description
- The description of the filter. Valid special characters include period
(.), underscore (_), dash (-), and whitespace. The new line character is
considered to be an invalid input for description.
$sel:rank:CreateFilter'
, createFilter_rank
- Specifies the position of the filter in the list of current filters.
Also specifies the order in which this filter is applied to the
findings.
CreateFilter
, createFilter_tags
- The tags to be added to a new filter resource.
CreateFilter
, createFilter_detectorId
- The ID of the detector belonging to the GuardDuty account that you want
to create a filter for.
CreateFilter
, createFilter_name
- The name of the filter. Valid characters include period (.), underscore
(_), dash (-), and alphanumeric characters. A whitespace is considered
to be an invalid character.
$sel:findingCriteria:CreateFilter'
, createFilter_findingCriteria
- Represents the criteria to be used in the filter for querying findings.
You can only use the following attributes to query findings:
- accountId
- region
- confidence
- id
- resource.accessKeyDetails.accessKeyId
- resource.accessKeyDetails.principalId
- resource.accessKeyDetails.userName
- resource.accessKeyDetails.userType
- resource.instanceDetails.iamInstanceProfile.id
- resource.instanceDetails.imageId
- resource.instanceDetails.instanceId
- resource.instanceDetails.outpostArn
- resource.instanceDetails.networkInterfaces.ipv6Addresses
- resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress
- resource.instanceDetails.networkInterfaces.publicDnsName
- resource.instanceDetails.networkInterfaces.publicIp
- resource.instanceDetails.networkInterfaces.securityGroups.groupId
- resource.instanceDetails.networkInterfaces.securityGroups.groupName
- resource.instanceDetails.networkInterfaces.subnetId
- resource.instanceDetails.networkInterfaces.vpcId
- resource.instanceDetails.tags.key
- resource.instanceDetails.tags.value
- resource.resourceType
- service.action.actionType
- service.action.awsApiCallAction.api
- service.action.awsApiCallAction.callerType
- service.action.awsApiCallAction.errorCode
- service.action.awsApiCallAction.userAgent
- service.action.awsApiCallAction.remoteIpDetails.city.cityName
- service.action.awsApiCallAction.remoteIpDetails.country.countryName
- service.action.awsApiCallAction.remoteIpDetails.ipAddressV4
- service.action.awsApiCallAction.remoteIpDetails.organization.asn
- service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg
- service.action.awsApiCallAction.serviceName
- service.action.dnsRequestAction.domain
- service.action.networkConnectionAction.blocked
- service.action.networkConnectionAction.connectionDirection
- service.action.networkConnectionAction.localPortDetails.port
- service.action.networkConnectionAction.protocol
- service.action.networkConnectionAction.localIpDetails.ipAddressV4
- service.action.networkConnectionAction.remoteIpDetails.city.cityName
- service.action.networkConnectionAction.remoteIpDetails.country.countryName
- service.action.networkConnectionAction.remoteIpDetails.ipAddressV4
- service.action.networkConnectionAction.remoteIpDetails.organization.asn
- service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg
- service.action.networkConnectionAction.remotePortDetails.port
- service.additionalInfo.threatListName
- resource.s3BucketDetails.publicAccess.effectivePermissions
- resource.s3BucketDetails.name
- resource.s3BucketDetails.tags.key
- resource.s3BucketDetails.tags.value
- resource.s3BucketDetails.type
service.archived
When this attribute is set to TRUE, only archived findings are listed. When it's set to FALSE, only unarchived findings are listed. When this attribute is not set, all existing findings are listed.
- service.resourceRole
- severity
- type
updatedAt
Type: ISO 8601 string format: YYYY-MM-DDTHH:MM:SS.SSSZ or YYYY-MM-DDTHH:MM:SSZ depending on whether the value contains milliseconds.
Request Lenses
createFilter_action :: Lens' CreateFilter (Maybe FilterAction) Source #
Specifies the action that is to be applied to the findings that match the filter.
createFilter_clientToken :: Lens' CreateFilter (Maybe Text) Source #
The idempotency token for the create request.
createFilter_description :: Lens' CreateFilter (Maybe Text) Source #
The description of the filter. Valid special characters include period (.), underscore (_), dash (-), and whitespace. The new line character is considered to be an invalid input for description.
createFilter_rank :: Lens' CreateFilter (Maybe Natural) Source #
Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings.
createFilter_tags :: Lens' CreateFilter (Maybe (HashMap Text Text)) Source #
The tags to be added to a new filter resource.
createFilter_detectorId :: Lens' CreateFilter Text Source #
The ID of the detector belonging to the GuardDuty account that you want to create a filter for.
createFilter_name :: Lens' CreateFilter Text Source #
The name of the filter. Valid characters include period (.), underscore (_), dash (-), and alphanumeric characters. A whitespace is considered to be an invalid character.
createFilter_findingCriteria :: Lens' CreateFilter FindingCriteria Source #
Represents the criteria to be used in the filter for querying findings.
You can only use the following attributes to query findings:
- accountId
- region
- confidence
- id
- resource.accessKeyDetails.accessKeyId
- resource.accessKeyDetails.principalId
- resource.accessKeyDetails.userName
- resource.accessKeyDetails.userType
- resource.instanceDetails.iamInstanceProfile.id
- resource.instanceDetails.imageId
- resource.instanceDetails.instanceId
- resource.instanceDetails.outpostArn
- resource.instanceDetails.networkInterfaces.ipv6Addresses
- resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress
- resource.instanceDetails.networkInterfaces.publicDnsName
- resource.instanceDetails.networkInterfaces.publicIp
- resource.instanceDetails.networkInterfaces.securityGroups.groupId
- resource.instanceDetails.networkInterfaces.securityGroups.groupName
- resource.instanceDetails.networkInterfaces.subnetId
- resource.instanceDetails.networkInterfaces.vpcId
- resource.instanceDetails.tags.key
- resource.instanceDetails.tags.value
- resource.resourceType
- service.action.actionType
- service.action.awsApiCallAction.api
- service.action.awsApiCallAction.callerType
- service.action.awsApiCallAction.errorCode
- service.action.awsApiCallAction.userAgent
- service.action.awsApiCallAction.remoteIpDetails.city.cityName
- service.action.awsApiCallAction.remoteIpDetails.country.countryName
- service.action.awsApiCallAction.remoteIpDetails.ipAddressV4
- service.action.awsApiCallAction.remoteIpDetails.organization.asn
- service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg
- service.action.awsApiCallAction.serviceName
- service.action.dnsRequestAction.domain
- service.action.networkConnectionAction.blocked
- service.action.networkConnectionAction.connectionDirection
- service.action.networkConnectionAction.localPortDetails.port
- service.action.networkConnectionAction.protocol
- service.action.networkConnectionAction.localIpDetails.ipAddressV4
- service.action.networkConnectionAction.remoteIpDetails.city.cityName
- service.action.networkConnectionAction.remoteIpDetails.country.countryName
- service.action.networkConnectionAction.remoteIpDetails.ipAddressV4
- service.action.networkConnectionAction.remoteIpDetails.organization.asn
- service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg
- service.action.networkConnectionAction.remotePortDetails.port
- service.additionalInfo.threatListName
- resource.s3BucketDetails.publicAccess.effectivePermissions
- resource.s3BucketDetails.name
- resource.s3BucketDetails.tags.key
- resource.s3BucketDetails.tags.value
- resource.s3BucketDetails.type
service.archived
When this attribute is set to TRUE, only archived findings are listed. When it's set to FALSE, only unarchived findings are listed. When this attribute is not set, all existing findings are listed.
- service.resourceRole
- severity
- type
updatedAt
Type: ISO 8601 string format: YYYY-MM-DDTHH:MM:SS.SSSZ or YYYY-MM-DDTHH:MM:SSZ depending on whether the value contains milliseconds.
Destructuring the Response
data CreateFilterResponse Source #
See: newCreateFilterResponse
smart constructor.
CreateFilterResponse' | |
|
Instances
newCreateFilterResponse Source #
Create a value of CreateFilterResponse
with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:httpStatus:CreateFilterResponse'
, createFilterResponse_httpStatus
- The response's http status code.
CreateFilter
, createFilterResponse_name
- The name of the successfully created filter.
Response Lenses
createFilterResponse_httpStatus :: Lens' CreateFilterResponse Int Source #
The response's http status code.
createFilterResponse_name :: Lens' CreateFilterResponse Text Source #
The name of the successfully created filter.