interface AdditionalInfo
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.Mixins.Preview.AWS.GuardDuty.Events.DetectorEvents.GuardDutyFinding.AdditionalInfo |
 Go | github.com/aws/aws-cdk-go/awscdkmixinspreview/v2/awsguardduty/events#DetectorEvents_GuardDutyFinding_AdditionalInfo |
 Java | software.amazon.awscdk.mixins.preview.services.guardduty.events.DetectorEvents.GuardDutyFinding.AdditionalInfo |
 Python | aws_cdk.mixins_preview.aws_guardduty.events.DetectorEvents.GuardDutyFinding.AdditionalInfo |
 TypeScript | @aws-cdk/mixins-preview ยป aws_guardduty ยป events ยป DetectorEvents ยป GuardDutyFinding ยป AdditionalInfo |
Type definition for AdditionalInfo.
Example
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { events as guardduty_events } from '@aws-cdk/mixins-preview/aws-guardduty';
declare const additionalScannedPorts: any;
declare const unusual: any;
const additionalInfo: guardduty_events.DetectorEvents.GuardDutyFinding.AdditionalInfo = {
additionalScannedPorts: [additionalScannedPorts],
anomalies: {
anomalousApIs: ['anomalousApIs'],
},
apiCalls: [{
count: ['count'],
firstSeen: ['firstSeen'],
lastSeen: ['lastSeen'],
name: ['name'],
}],
domain: ['domain'],
inBytes: ['inBytes'],
localPort: ['localPort'],
newPolicy: {
allowUsersToChangePassword: ['allowUsersToChangePassword'],
hardExpiry: ['hardExpiry'],
maxPasswordAge: ['maxPasswordAge'],
minimumPasswordLength: ['minimumPasswordLength'],
passwordReusePrevention: ['passwordReusePrevention'],
requireLowercaseCharacters: ['requireLowercaseCharacters'],
requireNumbers: ['requireNumbers'],
requireSymbols: ['requireSymbols'],
requireUppercaseCharacters: ['requireUppercaseCharacters'],
},
oldPolicy: {
allowUsersToChangePassword: ['allowUsersToChangePassword'],
hardExpiry: ['hardExpiry'],
maxPasswordAge: ['maxPasswordAge'],
minimumPasswordLength: ['minimumPasswordLength'],
passwordReusePrevention: ['passwordReusePrevention'],
requireLowercaseCharacters: ['requireLowercaseCharacters'],
requireNumbers: ['requireNumbers'],
requireSymbols: ['requireSymbols'],
requireUppercaseCharacters: ['requireUppercaseCharacters'],
},
outBytes: ['outBytes'],
portsScannedSample: [123],
profiledBehavior: {
frequentProfiledApIsAccountProfiling: ['frequentProfiledApIsAccountProfiling'],
frequentProfiledApIsUserIdentityProfiling: ['frequentProfiledApIsUserIdentityProfiling'],
frequentProfiledAsNsAccountProfiling: ['frequentProfiledAsNsAccountProfiling'],
frequentProfiledAsNsBucketProfiling: ['frequentProfiledAsNsBucketProfiling'],
frequentProfiledAsNsUserIdentityProfiling: ['frequentProfiledAsNsUserIdentityProfiling'],
frequentProfiledBucketsAccountProfiling: ['frequentProfiledBucketsAccountProfiling'],
frequentProfiledBucketsUserIdentityProfiling: ['frequentProfiledBucketsUserIdentityProfiling'],
frequentProfiledUserAgentsAccountProfiling: ['frequentProfiledUserAgentsAccountProfiling'],
frequentProfiledUserAgentsUserIdentityProfiling: ['frequentProfiledUserAgentsUserIdentityProfiling'],
frequentProfiledUserNamesAccountProfiling: ['frequentProfiledUserNamesAccountProfiling'],
frequentProfiledUserNamesBucketProfiling: ['frequentProfiledUserNamesBucketProfiling'],
frequentProfiledUserTypesAccountProfiling: ['frequentProfiledUserTypesAccountProfiling'],
infrequentProfiledApIsAccountProfiling: ['infrequentProfiledApIsAccountProfiling'],
infrequentProfiledApIsUserIdentityProfiling: ['infrequentProfiledApIsUserIdentityProfiling'],
infrequentProfiledAsNsAccountProfiling: ['infrequentProfiledAsNsAccountProfiling'],
infrequentProfiledAsNsBucketProfiling: ['infrequentProfiledAsNsBucketProfiling'],
infrequentProfiledAsNsUserIdentityProfiling: ['infrequentProfiledAsNsUserIdentityProfiling'],
infrequentProfiledBucketsAccountProfiling: ['infrequentProfiledBucketsAccountProfiling'],
infrequentProfiledBucketsUserIdentityProfiling: ['infrequentProfiledBucketsUserIdentityProfiling'],
infrequentProfiledUserAgentsAccountProfiling: ['infrequentProfiledUserAgentsAccountProfiling'],
infrequentProfiledUserAgentsUserIdentityProfiling: ['infrequentProfiledUserAgentsUserIdentityProfiling'],
infrequentProfiledUserNamesAccountProfiling: ['infrequentProfiledUserNamesAccountProfiling'],
infrequentProfiledUserNamesBucketProfiling: ['infrequentProfiledUserNamesBucketProfiling'],
infrequentProfiledUserTypesAccountProfiling: ['infrequentProfiledUserTypesAccountProfiling'],
numberOfHistoricalDailyAvgApIsBucketProfiling: ['numberOfHistoricalDailyAvgApIsBucketProfiling'],
numberOfHistoricalDailyAvgApIsBucketUserIdentityProfiling: ['numberOfHistoricalDailyAvgApIsBucketUserIdentityProfiling'],
numberOfHistoricalDailyAvgApIsUserIdentityProfiling: ['numberOfHistoricalDailyAvgApIsUserIdentityProfiling'],
numberOfHistoricalDailyMaxApIsBucketProfiling: ['numberOfHistoricalDailyMaxApIsBucketProfiling'],
numberOfHistoricalDailyMaxApIsBucketUserIdentityProfiling: ['numberOfHistoricalDailyMaxApIsBucketUserIdentityProfiling'],
numberOfHistoricalDailyMaxApIsUserIdentityProfiling: ['numberOfHistoricalDailyMaxApIsUserIdentityProfiling'],
rareProfiledApIsAccountProfiling: ['rareProfiledApIsAccountProfiling'],
rareProfiledApIsUserIdentityProfiling: ['rareProfiledApIsUserIdentityProfiling'],
rareProfiledAsNsAccountProfiling: ['rareProfiledAsNsAccountProfiling'],
rareProfiledAsNsBucketProfiling: ['rareProfiledAsNsBucketProfiling'],
rareProfiledAsNsUserIdentityProfiling: ['rareProfiledAsNsUserIdentityProfiling'],
rareProfiledBucketsAccountProfiling: ['rareProfiledBucketsAccountProfiling'],
rareProfiledBucketsUserIdentityProfiling: ['rareProfiledBucketsUserIdentityProfiling'],
rareProfiledUserAgentsAccountProfiling: ['rareProfiledUserAgentsAccountProfiling'],
rareProfiledUserAgentsUserIdentityProfiling: ['rareProfiledUserAgentsUserIdentityProfiling'],
rareProfiledUserNamesAccountProfiling: ['rareProfiledUserNamesAccountProfiling'],
rareProfiledUserNamesBucketProfiling: ['rareProfiledUserNamesBucketProfiling'],
rareProfiledUserTypesAccountProfiling: ['rareProfiledUserTypesAccountProfiling'],
},
recentCredentials: [{
accessKeyId: ['accessKeyId'],
ipAddressV4: ['ipAddressV4'],
principalId: ['principalId'],
}],
sample: ['sample'],
scannedPort: ['scannedPort'],
threatListName: ['threatListName'],
threatName: ['threatName'],
type: ['type'],
unusual: unusual,
unusualBehavior: {
isUnusualUserIdentity: ['isUnusualUserIdentity'],
numberOfPast24HoursApIsBucketProfiling: ['numberOfPast24HoursApIsBucketProfiling'],
numberOfPast24HoursApIsBucketUserIdentityProfiling: ['numberOfPast24HoursApIsBucketUserIdentityProfiling'],
numberOfPast24HoursApIsUserIdentityProfiling: ['numberOfPast24HoursApIsUserIdentityProfiling'],
unusualApIsAccountProfiling: ['unusualApIsAccountProfiling'],
unusualApIsUserIdentityProfiling: ['unusualApIsUserIdentityProfiling'],
unusualAsNsAccountProfiling: ['unusualAsNsAccountProfiling'],
unusualAsNsBucketProfiling: ['unusualAsNsBucketProfiling'],
unusualAsNsUserIdentityProfiling: ['unusualAsNsUserIdentityProfiling'],
unusualBucketsAccountProfiling: ['unusualBucketsAccountProfiling'],
unusualBucketsUserIdentityProfiling: ['unusualBucketsUserIdentityProfiling'],
unusualUserAgentsAccountProfiling: ['unusualUserAgentsAccountProfiling'],
unusualUserAgentsUserIdentityProfiling: ['unusualUserAgentsUserIdentityProfiling'],
unusualUserNamesAccountProfiling: ['unusualUserNamesAccountProfiling'],
unusualUserNamesBucketProfiling: ['unusualUserNamesBucketProfiling'],
unusualUserTypesAccountProfiling: ['unusualUserTypesAccountProfiling'],
},
unusualProtocol: ['unusualProtocol'],
userAgent: {
fullUserAgent: ['fullUserAgent'],
userAgentCategory: ['userAgentCategory'],
},
value: ['value'],
};
Properties
| Name | Type | Description |
|---|---|---|
| additional | any[] | additionalScannedPorts property. |
| anomalies? | Anomalies | anomalies property. |
| api | Additional[] | apiCalls property. |
| domain? | string[] | domain property. |
| in | string[] | inBytes property. |
| local | string[] | localPort property. |
| new | New | newPolicy property. |
| old | Old | oldPolicy property. |
| out | string[] | outBytes property. |
| ports | number[] | portsScannedSample property. |
| profiled | Profiled | profiledBehavior property. |
| recent | Additional[] | recentCredentials property. |
| sample? | string[] | sample property. |
| scanned | string[] | scannedPort property. |
| threat | string[] | threatListName property. |
| threat | string[] | threatName property. |
| type? | string[] | type property. |
| unusual? | any | unusual property. |
| unusual | Unusual | unusualBehavior property. |
| unusual | string[] | unusualProtocol property. |
| user | User | userAgent property. |
| value? | string[] | value property. |
additionalScannedPorts?
Type:
any[]
(optional, default: Do not filter on this field)
additionalScannedPorts property.
Specify an array of string values to match this event if the actual value of additionalScannedPorts is one of the values in the array. Use one of the constructors on the aws_events.Match for more advanced matching options.
anomalies?
Type:
Anomalies
(optional, default: Do not filter on this field)
anomalies property.
Specify an array of string values to match this event if the actual value of anomalies is one of the values in the array. Use one of the constructors on the aws_events.Match for more advanced matching options.
apiCalls?
Type:
Additional[]
(optional, default: Do not filter on this field)
apiCalls property.
Specify an array of string values to match this event if the actual value of apiCalls is one of the values in the array. Use one of the constructors on the aws_events.Match for more advanced matching options.
domain?
Type:
string[]
(optional, default: Do not filter on this field)
domain property.
Specify an array of string values to match this event if the actual value of domain is one of the values in the array. Use one of the constructors on the aws_events.Match for more advanced matching options.
inBytes?
Type:
string[]
(optional, default: Do not filter on this field)
inBytes property.
Specify an array of string values to match this event if the actual value of inBytes is one of the values in the array. Use one of the constructors on the aws_events.Match for more advanced matching options.
localPort?
Type:
string[]
(optional, default: Do not filter on this field)
localPort property.
Specify an array of string values to match this event if the actual value of localPort is one of the values in the array. Use one of the constructors on the aws_events.Match for more advanced matching options.
newPolicy?
Type:
New
(optional, default: Do not filter on this field)
newPolicy property.
Specify an array of string values to match this event if the actual value of newPolicy is one of the values in the array. Use one of the constructors on the aws_events.Match for more advanced matching options.
oldPolicy?
Type:
Old
(optional, default: Do not filter on this field)
oldPolicy property.
Specify an array of string values to match this event if the actual value of oldPolicy is one of the values in the array. Use one of the constructors on the aws_events.Match for more advanced matching options.
outBytes?
Type:
string[]
(optional, default: Do not filter on this field)
outBytes property.
Specify an array of string values to match this event if the actual value of outBytes is one of the values in the array. Use one of the constructors on the aws_events.Match for more advanced matching options.
portsScannedSample?
Type:
number[]
(optional, default: Do not filter on this field)
portsScannedSample property.
Specify an array of string values to match this event if the actual value of portsScannedSample is one of the values in the array. Use one of the constructors on the aws_events.Match for more advanced matching options.
profiledBehavior?
Type:
Profiled
(optional, default: Do not filter on this field)
profiledBehavior property.
Specify an array of string values to match this event if the actual value of profiledBehavior is one of the values in the array. Use one of the constructors on the aws_events.Match for more advanced matching options.
recentCredentials?
Type:
Additional[]
(optional, default: Do not filter on this field)
recentCredentials property.
Specify an array of string values to match this event if the actual value of recentCredentials is one of the values in the array. Use one of the constructors on the aws_events.Match for more advanced matching options.
sample?
Type:
string[]
(optional, default: Do not filter on this field)
sample property.
Specify an array of string values to match this event if the actual value of sample is one of the values in the array. Use one of the constructors on the aws_events.Match for more advanced matching options.
scannedPort?
Type:
string[]
(optional, default: Do not filter on this field)
scannedPort property.
Specify an array of string values to match this event if the actual value of scannedPort is one of the values in the array. Use one of the constructors on the aws_events.Match for more advanced matching options.
threatListName?
Type:
string[]
(optional, default: Do not filter on this field)
threatListName property.
Specify an array of string values to match this event if the actual value of threatListName is one of the values in the array. Use one of the constructors on the aws_events.Match for more advanced matching options.
threatName?
Type:
string[]
(optional, default: Do not filter on this field)
threatName property.
Specify an array of string values to match this event if the actual value of threatName is one of the values in the array. Use one of the constructors on the aws_events.Match for more advanced matching options.
type?
Type:
string[]
(optional, default: Do not filter on this field)
type property.
Specify an array of string values to match this event if the actual value of type is one of the values in the array. Use one of the constructors on the aws_events.Match for more advanced matching options.
unusual?
Type:
any
(optional, default: Do not filter on this field)
unusual property.
Specify an array of string values to match this event if the actual value of unusual is one of the values in the array. Use one of the constructors on the aws_events.Match for more advanced matching options.
unusualBehavior?
Type:
Unusual
(optional, default: Do not filter on this field)
unusualBehavior property.
Specify an array of string values to match this event if the actual value of unusualBehavior is one of the values in the array. Use one of the constructors on the aws_events.Match for more advanced matching options.
unusualProtocol?
Type:
string[]
(optional, default: Do not filter on this field)
unusualProtocol property.
Specify an array of string values to match this event if the actual value of unusualProtocol is one of the values in the array. Use one of the constructors on the aws_events.Match for more advanced matching options.
userAgent?
Type:
User
(optional, default: Do not filter on this field)
userAgent property.
Specify an array of string values to match this event if the actual value of userAgent is one of the values in the array. Use one of the constructors on the aws_events.Match for more advanced matching options.
value?
Type:
string[]
(optional, default: Do not filter on this field)
value property.
Specify an array of string values to match this event if the actual value of value is one of the values in the array. Use one of the constructors on the aws_events.Match for more advanced matching options.