GuardDuty / Client / get_threat_intel_set

get_threat_intel_set#

GuardDuty.Client.get_threat_intel_set(**kwargs)#

Retrieves the ThreatIntelSet that is specified by the ThreatIntelSet ID.

See also: AWS API Documentation

Request Syntax

response = client.get_threat_intel_set(
    DetectorId='string',
    ThreatIntelSetId='string'
)
Parameters:
  • DetectorId (string) –

    [REQUIRED]

    The unique ID of the detector that the threatIntelSet is associated with.

  • ThreatIntelSetId (string) –

    [REQUIRED]

    The unique ID of the threatIntelSet that you want to get.

Return type:

dict

Returns:

Response Syntax

{
    'Name': 'string',
    'Format': 'TXT'|'STIX'|'OTX_CSV'|'ALIEN_VAULT'|'PROOF_POINT'|'FIRE_EYE',
    'Location': 'string',
    'Status': 'INACTIVE'|'ACTIVATING'|'ACTIVE'|'DEACTIVATING'|'ERROR'|'DELETE_PENDING'|'DELETED',
    'Tags': {
        'string': 'string'
    }
}

Response Structure

  • (dict) –

    • Name (string) –

      A user-friendly ThreatIntelSet name displayed in all findings that are generated by activity that involves IP addresses included in this ThreatIntelSet.

    • Format (string) –

      The format of the threatIntelSet.

    • Location (string) –

      The URI of the file that contains the ThreatIntelSet.

    • Status (string) –

      The status of threatIntelSet file uploaded.

    • Tags (dict) –

      The tags of the threat list resource.

      • (string) –

        • (string) –

Exceptions

  • GuardDuty.Client.exceptions.BadRequestException

  • GuardDuty.Client.exceptions.InternalServerErrorException