Struct rusoto_securityhub::AwsSecurityFinding

pub struct AwsSecurityFinding {

    pub action: Option<Action>,
    pub aws_account_id: String,
    pub compliance: Option<Compliance>,
    pub confidence: Option<i64>,
    pub created_at: String,
    pub criticality: Option<i64>,
    pub description: String,
    pub finding_provider_fields: Option<FindingProviderFields>,
    pub first_observed_at: Option<String>,
    pub generator_id: String,
    pub id: String,
    pub last_observed_at: Option<String>,
    pub malware: Option<Vec<Malware>>,
    pub network: Option<Network>,
    pub network_path: Option<Vec<NetworkPathComponent>>,
    pub note: Option<Note>,
    pub patch_summary: Option<PatchSummary>,
    pub process: Option<ProcessDetails>,
    pub product_arn: String,
    pub product_fields: Option<HashMap<String, String>>,
    pub record_state: Option<String>,
    pub related_findings: Option<Vec<RelatedFinding>>,
    pub remediation: Option<Remediation>,
    pub resources: Vec<Resource>,
    pub schema_version: String,
    pub severity: Option<Severity>,
    pub source_url: Option<String>,
    pub threat_intel_indicators: Option<Vec<ThreatIntelIndicator>>,
    pub title: String,
    pub types: Option<Vec<String>>,
    pub updated_at: String,
    pub user_defined_fields: Option<HashMap<String, String>>,
    pub verification_state: Option<String>,
    pub vulnerabilities: Option<Vec<Vulnerability>>,
    pub workflow: Option<Workflow>,
    pub workflow_state: Option<String>,
}

Provides consistent format for the contents of the Security Hub-aggregated findings. AwsSecurityFinding format enables you to share findings between AWS security services and third-party solutions, and security standards checks.

A finding is a potential security issue generated either by AWS services (Amazon GuardDuty, Amazon Inspector, and Amazon Macie) or by the integrated third-party solutions and standards checks.

Fields

action: Option<Action>

Provides details about an action that affects or that was taken on a resource.

aws_account_id: String

The AWS account ID that a finding is generated in.

compliance: Option<Compliance>

This data type is exclusive to findings that are generated as the result of a check run against a specific rule in a supported security standard, such as CIS AWS Foundations. Contains security standard-related finding details.

confidence: Option<i64>

A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.

Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.

created_at: String

Indicates when the security-findings provider created the potential security issue that a finding captured.

Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.

criticality: Option<i64>

The level of importance assigned to the resources associated with the finding.

A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.

description: String

A finding's description.

In this release, Description is a required property.

finding_provider_fields: Option<FindingProviderFields>

In a BatchImportFindings request, finding providers use FindingProviderFields to provide and update their own values for confidence, criticality, related findings, severity, and types.

first_observed_at: Option<String>

Indicates when the security-findings provider first observed the potential security issue that a finding captured.

Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.

generator_id: String

The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. In various security-findings providers' solutions, this generator can be called a rule, a check, a detector, a plugin, etc.

id: String

The security findings provider-specific identifier for a finding.

last_observed_at: Option<String>

Indicates when the security-findings provider most recently observed the potential security issue that a finding captured.

Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.

malware: Option<Vec<Malware>>

A list of malware related to a finding.

network: Option<Network>

The details of network-related information about a finding.

network_path: Option<Vec<NetworkPathComponent>>

Provides information about a network path that is relevant to a finding. Each entry under NetworkPath represents a component of that path.

note: Option<Note>

A user-defined note added to a finding.

patch_summary: Option<PatchSummary>

Provides an overview of the patch compliance status for an instance against a selected compliance standard.

process: Option<ProcessDetails>

The details of process-related information about a finding.

product_arn: String

The ARN generated by Security Hub that uniquely identifies a product that generates findings. This can be the ARN for a third-party product that is integrated with Security Hub, or the ARN for a custom integration.

product_fields: Option<HashMap<String, String>>

A data type where security-findings providers can include additional solution-specific details that aren't part of the defined AwsSecurityFinding format.

record_state: Option<String>

The record state of a finding.

related_findings: Option<Vec<RelatedFinding>>

A list of related findings.

remediation: Option<Remediation>

A data type that describes the remediation options for a finding.

resources: Vec<Resource>

A set of resource data types that describe the resources that the finding refers to.

schema_version: String

The schema version that a finding is formatted for.

severity: Option<Severity>

A finding's severity.

source_url: Option<String>

A URL that links to a page about the current finding in the security-findings provider's solution.

threat_intel_indicators: Option<Vec<ThreatIntelIndicator>>

Threat intelligence details related to a finding.

title: String

A finding's title.

In this release, Title is a required property.

types: Option<Vec<String>>

One or more finding types in the format of namespace/category/classifier that classify a finding.

Valid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual Behaviors | Sensitive Data Identifications

updated_at: String

Indicates when the security-findings provider last updated the finding record.

Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.

user_defined_fields: Option<HashMap<String, String>>

A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding.

verification_state: Option<String>

Indicates the veracity of a finding.

vulnerabilities: Option<Vec<Vulnerability>>

Provides a list of vulnerabilities associated with the findings.

workflow: Option<Workflow>

Provides information about the status of the investigation into a finding.

workflow_state: Option<String>

The workflow state of a finding.

Trait Implementations

impl Clone for AwsSecurityFinding

fn clone(&self) -> AwsSecurityFinding

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for AwsSecurityFinding

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for AwsSecurityFinding

fn default() -> AwsSecurityFinding

Returns the “default value” for a type.

impl<'de> Deserialize<'de> for AwsSecurityFinding

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error> where
    __D: Deserializer<'de>, 

Deserialize this value from the given Serde deserializer.

impl PartialEq<AwsSecurityFinding> for AwsSecurityFinding

fn eq(&self, other: &AwsSecurityFinding) -> bool

This method tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &AwsSecurityFinding) -> bool

This method tests for !=.

impl Serialize for AwsSecurityFinding

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error> where
    __S: Serializer, 

Serialize this value into the given Serde serializer.

impl StructuralPartialEq for AwsSecurityFinding