GuardDuty / Client / get_threat_intel_set

get_threat_intel_set

GuardDuty.Client.get_threat_intel_set(**kwargs)

Retrieves the ThreatIntelSet that is specified by the ThreatIntelSet ID.

See also: AWS API Documentation

Request Syntax

response = client.get_threat_intel_set(
    DetectorId='string',
    ThreatIntelSetId='string'
)

Parameters:

• DetectorId (string) –

  [REQUIRED]

  The unique ID of the detector that is associated with the threatIntelSet.

  To find the detectorId in the current Region, see the Settings page in the GuardDuty console, or run the ListDetectors API.

• ThreatIntelSetId (string) –

  [REQUIRED]

  The unique ID of the threatIntelSet that you want to get.

Return type:

dict

Returns:

Response Syntax

{
    'Name': 'string',
    'Format': 'TXT'|'STIX'|'OTX_CSV'|'ALIEN_VAULT'|'PROOF_POINT'|'FIRE_EYE',
    'Location': 'string',
    'Status': 'INACTIVE'|'ACTIVATING'|'ACTIVE'|'DEACTIVATING'|'ERROR'|'DELETE_PENDING'|'DELETED',
    'Tags': {
        'string': 'string'
    }
}

Response Structure

• (dict) –

  • Name (string) –

    A user-friendly ThreatIntelSet name displayed in all findings that are generated by activity that involves IP addresses included in this ThreatIntelSet.

  • Format (string) –

    The format of the threatIntelSet.

  • Location (string) –

    The URI of the file that contains the ThreatIntelSet.

  • Status (string) –

    The status of threatIntelSet file uploaded.

  • Tags (dict) –

    The tags of the threat list resource.

    • (string) –

      • (string) –

Exceptions

• GuardDuty.Client.exceptions.BadRequestException

• GuardDuty.Client.exceptions.InternalServerErrorException