get_detector
(**kwargs)¶Retrieves an Amazon GuardDuty detector specified by the detectorId.
There might be regional differences because some data sources might not be available in all the Amazon Web Services Regions where GuardDuty is presently supported. For more information, see Regions and endpoints.
See also: AWS API Documentation
Request Syntax
response = client.get_detector(
DetectorId='string'
)
[REQUIRED]
The unique ID of the detector that you want to get.
{
'CreatedAt': 'string',
'FindingPublishingFrequency': 'FIFTEEN_MINUTES'|'ONE_HOUR'|'SIX_HOURS',
'ServiceRole': 'string',
'Status': 'ENABLED'|'DISABLED',
'UpdatedAt': 'string',
'DataSources': {
'CloudTrail': {
'Status': 'ENABLED'|'DISABLED'
},
'DNSLogs': {
'Status': 'ENABLED'|'DISABLED'
},
'FlowLogs': {
'Status': 'ENABLED'|'DISABLED'
},
'S3Logs': {
'Status': 'ENABLED'|'DISABLED'
},
'Kubernetes': {
'AuditLogs': {
'Status': 'ENABLED'|'DISABLED'
}
},
'MalwareProtection': {
'ScanEc2InstanceWithFindings': {
'EbsVolumes': {
'Status': 'ENABLED'|'DISABLED',
'Reason': 'string'
}
},
'ServiceRole': 'string'
}
},
'Tags': {
'string': 'string'
}
}
Response Structure
The timestamp of when the detector was created.
The publishing frequency of the finding.
The GuardDuty service role.
The detector status.
The last-updated timestamp for the detector.
Describes which data sources are enabled for the detector.
An object that contains information on the status of CloudTrail as a data source.
Describes whether CloudTrail is enabled as a data source for the detector.
An object that contains information on the status of DNS logs as a data source.
Denotes whether DNS logs is enabled as a data source.
An object that contains information on the status of VPC flow logs as a data source.
Denotes whether VPC flow logs is enabled as a data source.
An object that contains information on the status of S3 Data event logs as a data source.
A value that describes whether S3 data event logs are automatically enabled for new members of the organization.
An object that contains information on the status of all Kubernetes data sources.
Describes whether Kubernetes audit logs are enabled as a data source.
A value that describes whether Kubernetes audit logs are enabled as a data source.
Describes the configuration of Malware Protection data sources.
Describes the configuration of Malware Protection for EC2 instances with findings.
Describes the configuration of scanning EBS volumes as a data source.
Describes whether scanning EBS volumes is enabled as a data source.
Specifies the reason why scanning EBS volumes (Malware Protection) was not enabled as a data source.
The GuardDuty Malware Protection service role.
The tags of the detector resource.
Exceptions
GuardDuty.Client.exceptions.BadRequestException
GuardDuty.Client.exceptions.InternalServerErrorException