GuardDuty / Paginator / ListFindings
ListFindings#
- class GuardDuty.Paginator.ListFindings#
paginator = client.get_paginator('list_findings')
- paginate(**kwargs)#
Creates an iterator that will paginate through responses from
GuardDuty.Client.list_findings()
.See also: AWS API Documentation
Request Syntax
response_iterator = paginator.paginate( DetectorId='string', FindingCriteria={ 'Criterion': { 'string': { 'Eq': [ 'string', ], 'Neq': [ 'string', ], 'Gt': 123, 'Gte': 123, 'Lt': 123, 'Lte': 123, 'Equals': [ 'string', ], 'NotEquals': [ 'string', ], 'GreaterThan': 123, 'GreaterThanOrEqual': 123, 'LessThan': 123, 'LessThanOrEqual': 123 } } }, SortCriteria={ 'AttributeName': 'string', 'OrderBy': 'ASC'|'DESC' }, PaginationConfig={ 'MaxItems': 123, 'PageSize': 123, 'StartingToken': 'string' } )
- Parameters:
DetectorId (string) –
[REQUIRED]
The ID of the detector that specifies the GuardDuty service whose findings you want to list.
To find the
detectorId
in the current Region, see the Settings page in the GuardDuty console, or run the ListDetectors API.FindingCriteria (dict) –
Represents the criteria used for querying findings. Valid values include:
JSON field name
accountId
region
confidence
id
resource.accessKeyDetails.accessKeyId
resource.accessKeyDetails.principalId
resource.accessKeyDetails.userName
resource.accessKeyDetails.userType
resource.instanceDetails.iamInstanceProfile.id
resource.instanceDetails.imageId
resource.instanceDetails.instanceId
resource.instanceDetails.networkInterfaces.ipv6Addresses
resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress
resource.instanceDetails.networkInterfaces.publicDnsName
resource.instanceDetails.networkInterfaces.publicIp
resource.instanceDetails.networkInterfaces.securityGroups.groupId
resource.instanceDetails.networkInterfaces.securityGroups.groupName
resource.instanceDetails.networkInterfaces.subnetId
resource.instanceDetails.networkInterfaces.vpcId
resource.instanceDetails.tags.key
resource.instanceDetails.tags.value
resource.resourceType
service.action.actionType
service.action.awsApiCallAction.api
service.action.awsApiCallAction.callerType
service.action.awsApiCallAction.remoteIpDetails.city.cityName
service.action.awsApiCallAction.remoteIpDetails.country.countryName
service.action.awsApiCallAction.remoteIpDetails.ipAddressV4
service.action.awsApiCallAction.remoteIpDetails.organization.asn
service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg
service.action.awsApiCallAction.serviceName
service.action.dnsRequestAction.domain
service.action.dnsRequestAction.domainWithSuffix
service.action.networkConnectionAction.blocked
service.action.networkConnectionAction.connectionDirection
service.action.networkConnectionAction.localPortDetails.port
service.action.networkConnectionAction.protocol
service.action.networkConnectionAction.remoteIpDetails.country.countryName
service.action.networkConnectionAction.remoteIpDetails.ipAddressV4
service.action.networkConnectionAction.remoteIpDetails.organization.asn
service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg
service.action.networkConnectionAction.remotePortDetails.port
service.additionalInfo.threatListName
service.archived When this attribute is set to ‘true’, only archived findings are listed. When it’s set to ‘false’, only unarchived findings are listed. When this attribute is not set, all existing findings are listed.
service.ebsVolumeScanDetails.scanId
service.resourceRole
severity
type
updatedAt Type: Timestamp in Unix Epoch millisecond format: 1486685375000
Criterion (dict) –
Represents a map of finding properties that match specified conditions and values when querying findings.
(string) –
(dict) –
Contains information about the condition.
Eq (list) –
Represents the equal condition to be applied to a single field when querying for findings.
(string) –
Neq (list) –
Represents the not equal condition to be applied to a single field when querying for findings.
(string) –
Gt (integer) –
Represents a greater than condition to be applied to a single field when querying for findings.
Gte (integer) –
Represents a greater than or equal condition to be applied to a single field when querying for findings.
Lt (integer) –
Represents a less than condition to be applied to a single field when querying for findings.
Lte (integer) –
Represents a less than or equal condition to be applied to a single field when querying for findings.
Equals (list) –
Represents an equal condition to be applied to a single field when querying for findings.
(string) –
NotEquals (list) –
Represents a not equal condition to be applied to a single field when querying for findings.
(string) –
GreaterThan (integer) –
Represents a greater than condition to be applied to a single field when querying for findings.
GreaterThanOrEqual (integer) –
Represents a greater than or equal condition to be applied to a single field when querying for findings.
LessThan (integer) –
Represents a less than condition to be applied to a single field when querying for findings.
LessThanOrEqual (integer) –
Represents a less than or equal condition to be applied to a single field when querying for findings.
SortCriteria (dict) –
Represents the criteria used for sorting findings.
AttributeName (string) –
Represents the finding attribute, such as
accountId
, that sorts the findings.OrderBy (string) –
The order by which the sorted findings are to be displayed.
PaginationConfig (dict) –
A dictionary that provides parameters to control pagination.
MaxItems (integer) –
The total number of items to return. If the total number of items available is more than the value specified in max-items then a
NextToken
will be provided in the output that you can use to resume pagination.PageSize (integer) –
The size of each page.
StartingToken (string) –
A token to specify where to start paginating. This is the
NextToken
from a previous response.
- Return type:
dict
- Returns:
Response Syntax
{ 'FindingIds': [ 'string', ], }
Response Structure
(dict) –
FindingIds (list) –
The IDs of the findings that you’re listing.
(string) –