get_threat_intel_set

GuardDuty.Client.get_threat_intel_set(**kwargs)

Retrieves the ThreatIntelSet that is specified by the ThreatIntelSet ID.

See also: AWS API Documentation

Request Syntax

response = client.get_threat_intel_set(
    DetectorId='string',
    ThreatIntelSetId='string'
)
Parameters
  • DetectorId (string) --

    [REQUIRED]

    The unique ID of the detector that the threatIntelSet is associated with.

  • ThreatIntelSetId (string) --

    [REQUIRED]

    The unique ID of the threatIntelSet that you want to get.

Return type

dict

Returns

Response Syntax

{
    'Name': 'string',
    'Format': 'TXT'|'STIX'|'OTX_CSV'|'ALIEN_VAULT'|'PROOF_POINT'|'FIRE_EYE',
    'Location': 'string',
    'Status': 'INACTIVE'|'ACTIVATING'|'ACTIVE'|'DEACTIVATING'|'ERROR'|'DELETE_PENDING'|'DELETED',
    'Tags': {
        'string': 'string'
    }
}

Response Structure

  • (dict) --

    • Name (string) --

      A user-friendly ThreatIntelSet name displayed in all findings that are generated by activity that involves IP addresses included in this ThreatIntelSet.

    • Format (string) --

      The format of the threatIntelSet.

    • Location (string) --

      The URI of the file that contains the ThreatIntelSet.

    • Status (string) --

      The status of threatIntelSet file uploaded.

    • Tags (dict) --

      The tags of the threat list resource.

      • (string) --
        • (string) --

Exceptions

  • GuardDuty.Client.exceptions.BadRequestException
  • GuardDuty.Client.exceptions.InternalServerErrorException