Skip to content

/AWS1/CL_AUMINSIGHTSBYASSESS00

A summary of the latest analytics data for a specific active assessment.

This summary is a snapshot of the data that was collected on the lastUpdated date. It’s important to understand that the totals in InsightsByAssessment are daily counts based on this date — they aren’t a total sum to date.

The InsightsByAssessment data is eventually consistent. This means that when you read data from InsightsByAssessment, the response might not instantly reflect the results of a recently completed write or update operation. If you repeat your read request after a few hours, the response returns the latest data.

If you delete an assessment or change its status to inactive, InsightsByAssessment includes data for that assessment as follows.

  • Inactive assessments - If Audit Manager collected evidence for your assessment before you changed it inactive, that evidence is included in the InsightsByAssessment counts for that day.

  • Deleted assessments - If Audit Manager collected evidence for your assessment before you deleted it, that evidence isn't included in the InsightsByAssessment counts for that day.

CONSTRUCTOR

IMPORTING

Optional arguments:

iv_noncompliantevidencecount TYPE /AWS1/AUMNULLABLEINTEGER /AWS1/AUMNULLABLEINTEGER

The number of compliance check evidence that Audit Manager classified as non-compliant. This includes evidence that was collected from Security Hub with a Fail ruling, or collected from Config with a Non-compliant ruling.

iv_compliantevidencecount TYPE /AWS1/AUMNULLABLEINTEGER /AWS1/AUMNULLABLEINTEGER

The number of compliance check evidence that Audit Manager classified as compliant. This includes evidence that was collected from Security Hub with a Pass ruling, or collected from Config with a Compliant ruling.

iv_inconclusiveevidencecount TYPE /AWS1/AUMNULLABLEINTEGER /AWS1/AUMNULLABLEINTEGER

The amount of evidence without a compliance check ruling. Evidence is inconclusive if the associated control uses Security Hub or Config as a data source and you didn't enable those services. This is also the case if a control uses a data source that doesn’t support compliance checks (for example, manual evidence, API calls, or CloudTrail).

If evidence has a compliance check status of not applicable, it's classified as inconclusive in InsightsByAssessment data.

iv_assessmentctlsctbyncmpe00 TYPE /AWS1/AUMNULLABLEINTEGER /AWS1/AUMNULLABLEINTEGER

The number of assessment controls that collected non-compliant evidence on the lastUpdated date.

iv_totalassessmentctlscount TYPE /AWS1/AUMNULLABLEINTEGER /AWS1/AUMNULLABLEINTEGER

The total number of controls in the assessment.

iv_lastupdated TYPE /AWS1/AUMTIMESTAMP /AWS1/AUMTIMESTAMP

The time when the assessment insights were last updated.

Queryable Attributes

noncompliantEvidenceCount

The number of compliance check evidence that Audit Manager classified as non-compliant. This includes evidence that was collected from Security Hub with a Fail ruling, or collected from Config with a Non-compliant ruling.

Accessible with the following methods

Method Description
GET_NONCOMPEVIDENCECOUNT() Getter for NONCOMPLIANTEVIDENCECOUNT, with configurable defa
ASK_NONCOMPEVIDENCECOUNT() Getter for NONCOMPLIANTEVIDENCECOUNT w/ exceptions if field
HAS_NONCOMPEVIDENCECOUNT() Determine if NONCOMPLIANTEVIDENCECOUNT has a value

compliantEvidenceCount

The number of compliance check evidence that Audit Manager classified as compliant. This includes evidence that was collected from Security Hub with a Pass ruling, or collected from Config with a Compliant ruling.

Accessible with the following methods

Method Description
GET_COMPLIANTEVIDENCECOUNT() Getter for COMPLIANTEVIDENCECOUNT, with configurable default
ASK_COMPLIANTEVIDENCECOUNT() Getter for COMPLIANTEVIDENCECOUNT w/ exceptions if field has
HAS_COMPLIANTEVIDENCECOUNT() Determine if COMPLIANTEVIDENCECOUNT has a value

inconclusiveEvidenceCount

The amount of evidence without a compliance check ruling. Evidence is inconclusive if the associated control uses Security Hub or Config as a data source and you didn't enable those services. This is also the case if a control uses a data source that doesn’t support compliance checks (for example, manual evidence, API calls, or CloudTrail).

If evidence has a compliance check status of not applicable, it's classified as inconclusive in InsightsByAssessment data.

Accessible with the following methods

Method Description
GET_INCONCLUSIVEEVIDENCECNT() Getter for INCONCLUSIVEEVIDENCECOUNT, with configurable defa
ASK_INCONCLUSIVEEVIDENCECNT() Getter for INCONCLUSIVEEVIDENCECOUNT w/ exceptions if field
HAS_INCONCLUSIVEEVIDENCECNT() Determine if INCONCLUSIVEEVIDENCECOUNT has a value

assessmentControlsCountByNoncompliantEvidence

The number of assessment controls that collected non-compliant evidence on the lastUpdated date.

Accessible with the following methods

Method Description
GET_ASSESSMENTCTLSCTBYNCMP00() Getter for ASSESSMENTCTLSCTBYNCMPEVID00, with configurable d
ASK_ASSESSMENTCTLSCTBYNCMP00() Getter for ASSESSMENTCTLSCTBYNCMPEVID00 w/ exceptions if fie
HAS_ASSESSMENTCTLSCTBYNCMP00() Determine if ASSESSMENTCTLSCTBYNCMPEVID00 has a value

totalAssessmentControlsCount

The total number of controls in the assessment.

Accessible with the following methods

Method Description
GET_TOTALASSESSMENTCTLSCOUNT() Getter for TOTALASSESSMENTCONTROLSCOUNT, with configurable d
ASK_TOTALASSESSMENTCTLSCOUNT() Getter for TOTALASSESSMENTCONTROLSCOUNT w/ exceptions if fie
HAS_TOTALASSESSMENTCTLSCOUNT() Determine if TOTALASSESSMENTCONTROLSCOUNT has a value

lastUpdated

The time when the assessment insights were last updated.

Accessible with the following methods

Method Description
GET_LASTUPDATED() Getter for LASTUPDATED, with configurable default
ASK_LASTUPDATED() Getter for LASTUPDATED w/ exceptions if field has no value
HAS_LASTUPDATED() Determine if LASTUPDATED has a value