SecurityHub / Client / batch_import_findings
batch_import_findings#
- SecurityHub.Client.batch_import_findings(**kwargs)#
Imports security findings generated by a finding provider into Security Hub. This action is requested by the finding provider to import its findings into Security Hub.
BatchImportFindings
must be called by one of the following:The Amazon Web Services account that is associated with a finding if you are using the default product ARN or are a partner sending findings from within a customer’s Amazon Web Services account. In these cases, the identifier of the account that you are calling
BatchImportFindings
from needs to be the same as theAwsAccountId
attribute for the finding.An Amazon Web Services account that Security Hub has allow-listed for an official partner integration. In this case, you can call
BatchImportFindings
from the allow-listed account and send findings from different customer accounts in the same batch.
The maximum allowed size for a finding is 240 Kb. An error is returned for any finding larger than 240 Kb.
After a finding is created,
BatchImportFindings
cannot be used to update the following finding fields and objects, which Security Hub customers use to manage their investigation workflow.Note
UserDefinedFields
VerificationState
Workflow
Finding providers also should not use
BatchImportFindings
to update the following attributes.Confidence
Criticality
RelatedFindings
Severity
Types
Instead, finding providers use
FindingProviderFields
to provide values for these attributes.See also: AWS API Documentation
Request Syntax
# This section is too large to render. # Please see the AWS API Documentation linked below.
Parameters
# This section is too large to render. # Please see the AWS API Documentation linked below.
- Return type:
dict
- Returns:
Response Syntax
{ 'FailedCount': 123, 'SuccessCount': 123, 'FailedFindings': [ { 'Id': 'string', 'ErrorCode': 'string', 'ErrorMessage': 'string' }, ] }
Response Structure
(dict) –
FailedCount (integer) –
The number of findings that failed to import.
SuccessCount (integer) –
The number of findings that were successfully imported.
FailedFindings (list) –
The list of findings that failed to import.
(dict) –
The list of the findings that cannot be imported. For each finding, the list provides the error.
Id (string) –
The identifier of the finding that could not be updated.
ErrorCode (string) –
The code of the error returned by the
BatchImportFindings
operation.ErrorMessage (string) –
The message of the error returned by the
BatchImportFindings
operation.
Exceptions