404

[ Avaa Bypassed ]




Upload:

Command:

botdev@3.136.11.217: ~ $
**Example 1: To retrieve the details of a specific finding**

The following ``get-findings`` example retrieves the full JSON finding details of the specified finding. ::

    aws guardduty get-findings \
        --detector-id 12abc34d567e8fa901bc2d34eexample \ 
        --finding-id 1ab92989eaf0e742df4a014d5example

Output::

    {
        "Findings": [
            {
                "Resource": {
                    "ResourceType": "AccessKey",
                    "AccessKeyDetails": {
                        "UserName": "testuser",
                        "UserType": "IAMUser",
                        "PrincipalId": "AIDACKCEVSQ6C2EXAMPLE",
                        "AccessKeyId": "ASIASZ4SI7REEEXAMPLE"
                    }
                },
                "Description": "APIs commonly used to discover the users, groups, policies and permissions in an account, was invoked by IAM principal testuser under unusual circumstances. Such activity is not typically seen from this principal.",
                "Service": {
                    "Count": 5,
                    "Archived": false,
                    "ServiceName": "guardduty",
                    "EventFirstSeen": "2020-05-26T22:02:24Z",
                    "ResourceRole": "TARGET",
                    "EventLastSeen": "2020-05-26T22:33:55Z",
                    "DetectorId": "d4b040365221be2b54a6264dcexample",
                    "Action": {
                        "ActionType": "AWS_API_CALL",
                        "AwsApiCallAction": {
                            "RemoteIpDetails": {
                                "GeoLocation": {
                                    "Lat": 51.5164,
                                    "Lon": -0.093
                                },
                                "City": {
                                    "CityName": "London"
                                },
                                "IpAddressV4": "52.94.36.7",
                                "Organization": {
                                    "Org": "Amazon.com",
                                    "Isp": "Amazon.com",
                                    "Asn": "16509",
                                    "AsnOrg": "AMAZON-02"
                                },
                                "Country": {
                                    "CountryName": "United Kingdom"
                                }
                            },
                            "Api": "ListPolicyVersions",
                            "ServiceName": "iam.amazonaws.com",
                            "CallerType": "Remote IP"
                        }
                    }
                },
                "Title": "Unusual user permission reconnaissance activity by testuser.",
                "Type": "Recon:IAMUser/UserPermissions",
                "Region": "us-east-1",
                "Partition": "aws",
                "Arn": "arn:aws:guardduty:us-east-1:111122223333:detector/d4b040365221be2b54a6264dcexample/finding/1ab92989eaf0e742df4a014d5example",
                "UpdatedAt": "2020-05-26T22:55:21.703Z",
                "SchemaVersion": "2.0",
                "Severity": 5,
                "Id": "1ab92989eaf0e742df4a014d5example",
                "CreatedAt": "2020-05-26T22:21:48.385Z",
                "AccountId": "111122223333"
            }
        ]
    }

For more information, see `Findings <https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings.html>`__ in the GuardDuty User Guide.

Filemanager

Name Type Size Permission Actions
accept-invitation.rst File 650 B 0644
archive-findings.rst File 553 B 0644
create-detector.rst File 474 B 0644
create-filter.rst File 692 B 0644
create-ip-set.rst File 646 B 0644
create-members.rst File 664 B 0644
create-publishing-destination.rst File 736 B 0644
create-sample-findings.rst File 522 B 0644
create-threat-intel-set.rst File 658 B 0644
decline-invitations.rst File 485 B 0644
delete-detector.rst File 520 B 0644
delete-filter.rst File 440 B 0644
disable-organization-admin-account.rst File 509 B 0644
disassociate-from-master-account.rst File 625 B 0644
get-detector.rst File 773 B 0644
get-findings.rst File 3.5 KB 0644
get-ip-set.rst File 724 B 0644
get-master-account.rst File 835 B 0644
list-detectors.rst File 475 B 0644
list-findings.rst File 2.69 KB 0644
list-invitations.rst File 785 B 0644
list-ip-sets.rst File 542 B 0644
list-members.rst File 962 B 0644
update-ip-set.rst File 601 B 0644