Copyright	(c) 2013-2023 Brendan Hay
License	Mozilla Public License, v. 2.0.
Maintainer	Brendan Hay
Stability	auto-generated
Portability	non-portable (GHC extensions)
Safe Haskell	Safe-Inferred
Language	Haskell2010

Amazonka.GuardDuty.ListFindings

Contents

Creating a Request
Request Lenses
Destructuring the Response
Response Lenses

Description

Lists Amazon GuardDuty findings for the specified detector ID.

This operation returns paginated results.

Synopsis

data ListFindings = ListFindings' {
- findingCriteria :: Maybe FindingCriteria
- maxResults :: Maybe Natural
- nextToken :: Maybe Text
- sortCriteria :: Maybe SortCriteria
- detectorId :: Text
}
newListFindings :: Text -> ListFindings
listFindings_findingCriteria :: Lens' ListFindings (Maybe FindingCriteria)
listFindings_maxResults :: Lens' ListFindings (Maybe Natural)
listFindings_nextToken :: Lens' ListFindings (Maybe Text)
listFindings_sortCriteria :: Lens' ListFindings (Maybe SortCriteria)
listFindings_detectorId :: Lens' ListFindings Text
data ListFindingsResponse = ListFindingsResponse' {
- nextToken :: Maybe Text
- httpStatus :: Int
- findingIds :: [Text]
}
newListFindingsResponse :: Int -> ListFindingsResponse
listFindingsResponse_nextToken :: Lens' ListFindingsResponse (Maybe Text)
listFindingsResponse_httpStatus :: Lens' ListFindingsResponse Int
listFindingsResponse_findingIds :: Lens' ListFindingsResponse [Text]

Creating a Request

data ListFindings Source #

See: newListFindings smart constructor.

Constructors

ListFindings'

Fields

findingCriteria :: Maybe FindingCriteria
Represents the criteria used for querying findings. Valid values include:
- JSON field name
- accountId
- region
- confidence
- id
- resource.accessKeyDetails.accessKeyId
- resource.accessKeyDetails.principalId
- resource.accessKeyDetails.userName
- resource.accessKeyDetails.userType
- resource.instanceDetails.iamInstanceProfile.id
- resource.instanceDetails.imageId
- resource.instanceDetails.instanceId
- resource.instanceDetails.networkInterfaces.ipv6Addresses
- resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress
- resource.instanceDetails.networkInterfaces.publicDnsName
- resource.instanceDetails.networkInterfaces.publicIp
- resource.instanceDetails.networkInterfaces.securityGroups.groupId
- resource.instanceDetails.networkInterfaces.securityGroups.groupName
- resource.instanceDetails.networkInterfaces.subnetId
- resource.instanceDetails.networkInterfaces.vpcId
- resource.instanceDetails.tags.key
- resource.instanceDetails.tags.value
- resource.resourceType
- service.action.actionType
- service.action.awsApiCallAction.api
- service.action.awsApiCallAction.callerType
- service.action.awsApiCallAction.remoteIpDetails.city.cityName
- service.action.awsApiCallAction.remoteIpDetails.country.countryName
- service.action.awsApiCallAction.remoteIpDetails.ipAddressV4
- service.action.awsApiCallAction.remoteIpDetails.organization.asn
- service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg
- service.action.awsApiCallAction.serviceName
- service.action.dnsRequestAction.domain
- service.action.networkConnectionAction.blocked
- service.action.networkConnectionAction.connectionDirection
- service.action.networkConnectionAction.localPortDetails.port
- service.action.networkConnectionAction.protocol
- service.action.networkConnectionAction.remoteIpDetails.country.countryName
- service.action.networkConnectionAction.remoteIpDetails.ipAddressV4
- service.action.networkConnectionAction.remoteIpDetails.organization.asn
- service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg
- service.action.networkConnectionAction.remotePortDetails.port
- service.additionalInfo.threatListName
- service.archived
  When this attribute is set to 'true', only archived findings are listed. When it's set to 'false', only unarchived findings are listed. When this attribute is not set, all existing findings are listed.
- service.resourceRole
- severity
- type
- updatedAt
  Type: Timestamp in Unix Epoch millisecond format: 1486685375000
maxResults :: Maybe Natural
You can use this parameter to indicate the maximum number of items you want in the response. The default value is 50. The maximum value is 50.
nextToken :: Maybe Text
You can use this parameter when paginating results. Set the value of this parameter to null on your first call to the list action. For subsequent calls to the action, fill nextToken in the request with the value of NextToken from the previous response to continue listing data.
sortCriteria :: Maybe SortCriteria
Represents the criteria used for sorting findings.
detectorId :: Text
The ID of the detector that specifies the GuardDuty service whose findings you want to list.

Instances

Instances details

ToJSON ListFindings Source #
Instance details Defined in Amazonka.GuardDuty.ListFindings Methods toJSON :: ListFindings -> Value # toEncoding :: ListFindings -> Encoding # toJSONList :: [ListFindings] -> Value # toEncodingList :: [ListFindings] -> Encoding #
ToHeaders ListFindings Source #
Instance details Defined in Amazonka.GuardDuty.ListFindings Methods toHeaders :: ListFindings -> [Header] #
ToPath ListFindings Source #
Instance details Defined in Amazonka.GuardDuty.ListFindings Methods toPath :: ListFindings -> ByteString #
ToQuery ListFindings Source #
Instance details Defined in Amazonka.GuardDuty.ListFindings Methods toQuery :: ListFindings -> QueryString #
AWSPager ListFindings Source #
Instance details Defined in Amazonka.GuardDuty.ListFindings Methods page :: ListFindings -> AWSResponse ListFindings -> Maybe ListFindings #
AWSRequest ListFindings Source #
Instance details Defined in Amazonka.GuardDuty.ListFindings Associated Types type AWSResponse ListFindings # Methods request :: (Service -> Service) -> ListFindings -> Request ListFindings # response :: MonadResource m => (ByteStringLazy -> IO ByteStringLazy) -> Service -> Proxy ListFindings -> ClientResponse ClientBody -> m (Either Error (ClientResponse (AWSResponse ListFindings))) #
Generic ListFindings Source #
Instance details Defined in Amazonka.GuardDuty.ListFindings Associated Types type Rep ListFindings :: Type -> Type # Methods from :: ListFindings -> Rep ListFindings x # to :: Rep ListFindings x -> ListFindings #
Read ListFindings Source #
Instance details Defined in Amazonka.GuardDuty.ListFindings Methods readsPrec :: Int -> ReadS ListFindings # readList :: ReadS [ListFindings] # readPrec :: ReadPrec ListFindings # readListPrec :: ReadPrec [ListFindings] #
Show ListFindings Source #
Instance details Defined in Amazonka.GuardDuty.ListFindings Methods showsPrec :: Int -> ListFindings -> ShowS # show :: ListFindings -> String # showList :: [ListFindings] -> ShowS #
NFData ListFindings Source #
Instance details Defined in Amazonka.GuardDuty.ListFindings Methods rnf :: ListFindings -> () #
Eq ListFindings Source #
Instance details Defined in Amazonka.GuardDuty.ListFindings Methods (==) :: ListFindings -> ListFindings -> Bool # (/=) :: ListFindings -> ListFindings -> Bool #
Hashable ListFindings Source #
Instance details Defined in Amazonka.GuardDuty.ListFindings Methods hashWithSalt :: Int -> ListFindings -> Int # hash :: ListFindings -> Int #
type AWSResponse ListFindings Source #
Instance details Defined in Amazonka.GuardDuty.ListFindings type AWSResponse ListFindings = ListFindingsResponse
type Rep ListFindings Source #
Instance details Defined in Amazonka.GuardDuty.ListFindings type Rep ListFindings = D1 ('MetaData "ListFindings" "Amazonka.GuardDuty.ListFindings" "amazonka-guardduty-2.0-2NN502sGcQRH5risQZb24c" 'False) (C1 ('MetaCons "ListFindings'" 'PrefixI 'True) ((S1 ('MetaSel ('Just "findingCriteria") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe FindingCriteria)) :: S1 ('MetaSel ('Just "maxResults") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Natural))) :: (S1 ('MetaSel ('Just "nextToken") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text)) :: (S1 ('MetaSel ('Just "sortCriteria") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe SortCriteria)) :: S1 ('MetaSel ('Just "detectorId") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text)))))

newListFindings Source #

Arguments

:: Text	`ListFindings`
-> ListFindings

Create a value of ListFindings with all optional fields omitted.

Use generic-lens or optics to modify other optional fields.

The following record fields are available, with the corresponding lenses provided for backwards compatibility:

$sel:findingCriteria:ListFindings', listFindings_findingCriteria - Represents the criteria used for querying findings. Valid values include:

JSON field name
accountId
region
confidence
id
resource.accessKeyDetails.accessKeyId
resource.accessKeyDetails.principalId
resource.accessKeyDetails.userName
resource.accessKeyDetails.userType
resource.instanceDetails.iamInstanceProfile.id
resource.instanceDetails.imageId
resource.instanceDetails.instanceId
resource.instanceDetails.networkInterfaces.ipv6Addresses
resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress
resource.instanceDetails.networkInterfaces.publicDnsName
resource.instanceDetails.networkInterfaces.publicIp
resource.instanceDetails.networkInterfaces.securityGroups.groupId
resource.instanceDetails.networkInterfaces.securityGroups.groupName
resource.instanceDetails.networkInterfaces.subnetId
resource.instanceDetails.networkInterfaces.vpcId
resource.instanceDetails.tags.key
resource.instanceDetails.tags.value
resource.resourceType
service.action.actionType
service.action.awsApiCallAction.api
service.action.awsApiCallAction.callerType
service.action.awsApiCallAction.remoteIpDetails.city.cityName
service.action.awsApiCallAction.remoteIpDetails.country.countryName
service.action.awsApiCallAction.remoteIpDetails.ipAddressV4
service.action.awsApiCallAction.remoteIpDetails.organization.asn
service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg
service.action.awsApiCallAction.serviceName
service.action.dnsRequestAction.domain
service.action.networkConnectionAction.blocked
service.action.networkConnectionAction.connectionDirection
service.action.networkConnectionAction.localPortDetails.port
service.action.networkConnectionAction.protocol
service.action.networkConnectionAction.remoteIpDetails.country.countryName
service.action.networkConnectionAction.remoteIpDetails.ipAddressV4
service.action.networkConnectionAction.remoteIpDetails.organization.asn
service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg
service.action.networkConnectionAction.remotePortDetails.port
service.additionalInfo.threatListName
service.archived
When this attribute is set to 'true', only archived findings are listed. When it's set to 'false', only unarchived findings are listed. When this attribute is not set, all existing findings are listed.
service.resourceRole
severity
type
updatedAt
Type: Timestamp in Unix Epoch millisecond format: 1486685375000

$sel:maxResults:ListFindings', listFindings_maxResults - You can use this parameter to indicate the maximum number of items you want in the response. The default value is 50. The maximum value is 50.

ListFindings, listFindings_nextToken - You can use this parameter when paginating results. Set the value of this parameter to null on your first call to the list action. For subsequent calls to the action, fill nextToken in the request with the value of NextToken from the previous response to continue listing data.

$sel:sortCriteria:ListFindings', listFindings_sortCriteria - Represents the criteria used for sorting findings.

ListFindings, listFindings_detectorId - The ID of the detector that specifies the GuardDuty service whose findings you want to list.

Request Lenses

listFindings_findingCriteria :: Lens' ListFindings (Maybe FindingCriteria) Source #

Represents the criteria used for querying findings. Valid values include:

JSON field name
accountId
region
confidence
id
resource.accessKeyDetails.accessKeyId
resource.accessKeyDetails.principalId
resource.accessKeyDetails.userName
resource.accessKeyDetails.userType
resource.instanceDetails.iamInstanceProfile.id
resource.instanceDetails.imageId
resource.instanceDetails.instanceId
resource.instanceDetails.networkInterfaces.ipv6Addresses
resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress
resource.instanceDetails.networkInterfaces.publicDnsName
resource.instanceDetails.networkInterfaces.publicIp
resource.instanceDetails.networkInterfaces.securityGroups.groupId
resource.instanceDetails.networkInterfaces.securityGroups.groupName
resource.instanceDetails.networkInterfaces.subnetId
resource.instanceDetails.networkInterfaces.vpcId
resource.instanceDetails.tags.key
resource.instanceDetails.tags.value
resource.resourceType
service.action.actionType
service.action.awsApiCallAction.api
service.action.awsApiCallAction.callerType
service.action.awsApiCallAction.remoteIpDetails.city.cityName
service.action.awsApiCallAction.remoteIpDetails.country.countryName
service.action.awsApiCallAction.remoteIpDetails.ipAddressV4
service.action.awsApiCallAction.remoteIpDetails.organization.asn
service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg
service.action.awsApiCallAction.serviceName
service.action.dnsRequestAction.domain
service.action.networkConnectionAction.blocked
service.action.networkConnectionAction.connectionDirection
service.action.networkConnectionAction.localPortDetails.port
service.action.networkConnectionAction.protocol
service.action.networkConnectionAction.remoteIpDetails.country.countryName
service.action.networkConnectionAction.remoteIpDetails.ipAddressV4
service.action.networkConnectionAction.remoteIpDetails.organization.asn
service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg
service.action.networkConnectionAction.remotePortDetails.port
service.additionalInfo.threatListName
service.archived
When this attribute is set to 'true', only archived findings are listed. When it's set to 'false', only unarchived findings are listed. When this attribute is not set, all existing findings are listed.
service.resourceRole
severity
type
updatedAt
Type: Timestamp in Unix Epoch millisecond format: 1486685375000

listFindings_maxResults :: Lens' ListFindings (Maybe Natural) Source #

You can use this parameter to indicate the maximum number of items you want in the response. The default value is 50. The maximum value is 50.

listFindings_nextToken :: Lens' ListFindings (Maybe Text) Source #

You can use this parameter when paginating results. Set the value of this parameter to null on your first call to the list action. For subsequent calls to the action, fill nextToken in the request with the value of NextToken from the previous response to continue listing data.

listFindings_sortCriteria :: Lens' ListFindings (Maybe SortCriteria) Source #

Represents the criteria used for sorting findings.

listFindings_detectorId :: Lens' ListFindings Text Source #

The ID of the detector that specifies the GuardDuty service whose findings you want to list.

Destructuring the Response

data ListFindingsResponse Source #

See: newListFindingsResponse smart constructor.

Constructors

ListFindingsResponse'
Fields nextToken :: Maybe Text The pagination parameter to be used on the next list operation to retrieve more items. httpStatus :: Int The response's http status code. findingIds :: [Text] The IDs of the findings that you're listing.

Instances

Instances details

Generic ListFindingsResponse Source #
Instance details Defined in Amazonka.GuardDuty.ListFindings Associated Types type Rep ListFindingsResponse :: Type -> Type # Methods from :: ListFindingsResponse -> Rep ListFindingsResponse x # to :: Rep ListFindingsResponse x -> ListFindingsResponse #
Read ListFindingsResponse Source #
Instance details Defined in Amazonka.GuardDuty.ListFindings Methods readsPrec :: Int -> ReadS ListFindingsResponse # readList :: ReadS [ListFindingsResponse] # readPrec :: ReadPrec ListFindingsResponse # readListPrec :: ReadPrec [ListFindingsResponse] #
Show ListFindingsResponse Source #
Instance details Defined in Amazonka.GuardDuty.ListFindings Methods showsPrec :: Int -> ListFindingsResponse -> ShowS # show :: ListFindingsResponse -> String # showList :: [ListFindingsResponse] -> ShowS #
NFData ListFindingsResponse Source #
Instance details Defined in Amazonka.GuardDuty.ListFindings Methods rnf :: ListFindingsResponse -> () #
Eq ListFindingsResponse Source #
Instance details Defined in Amazonka.GuardDuty.ListFindings Methods (==) :: ListFindingsResponse -> ListFindingsResponse -> Bool # (/=) :: ListFindingsResponse -> ListFindingsResponse -> Bool #
type Rep ListFindingsResponse Source #
Instance details Defined in Amazonka.GuardDuty.ListFindings type Rep ListFindingsResponse = D1 ('MetaData "ListFindingsResponse" "Amazonka.GuardDuty.ListFindings" "amazonka-guardduty-2.0-2NN502sGcQRH5risQZb24c" 'False) (C1 ('MetaCons "ListFindingsResponse'" 'PrefixI 'True) (S1 ('MetaSel ('Just "nextToken") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text)) :: (S1 ('MetaSel ('Just "httpStatus") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Int) :: S1 ('MetaSel ('Just "findingIds") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 [Text]))))

newListFindingsResponse Source #

Arguments

:: Int	`$sel:httpStatus:ListFindingsResponse'`
-> ListFindingsResponse

Create a value of ListFindingsResponse with all optional fields omitted.

Use generic-lens or optics to modify other optional fields.

The following record fields are available, with the corresponding lenses provided for backwards compatibility:

ListFindings, listFindingsResponse_nextToken - The pagination parameter to be used on the next list operation to retrieve more items.

$sel:httpStatus:ListFindingsResponse', listFindingsResponse_httpStatus - The response's http status code.

$sel:findingIds:ListFindingsResponse', listFindingsResponse_findingIds - The IDs of the findings that you're listing.

Response Lenses

listFindingsResponse_nextToken :: Lens' ListFindingsResponse (Maybe Text) Source #

The pagination parameter to be used on the next list operation to retrieve more items.

listFindingsResponse_httpStatus :: Lens' ListFindingsResponse Int Source #

The response's http status code.

listFindingsResponse_findingIds :: Lens' ListFindingsResponse [Text] Source #

The IDs of the findings that you're listing.