[][src]Struct rusoto_securityhub::AwsSecurityFinding

pub struct AwsSecurityFinding {
    pub aws_account_id: String,
    pub compliance: Option<Compliance>,
    pub confidence: Option<i64>,
    pub created_at: String,
    pub criticality: Option<i64>,
    pub description: String,
    pub first_observed_at: Option<String>,
    pub generator_id: String,
    pub id: String,
    pub last_observed_at: Option<String>,
    pub malware: Option<Vec<Malware>>,
    pub network: Option<Network>,
    pub network_path: Option<Vec<NetworkPathComponent>>,
    pub note: Option<Note>,
    pub process: Option<ProcessDetails>,
    pub product_arn: String,
    pub product_fields: Option<HashMap<String, String>>,
    pub record_state: Option<String>,
    pub related_findings: Option<Vec<RelatedFinding>>,
    pub remediation: Option<Remediation>,
    pub resources: Vec<Resource>,
    pub schema_version: String,
    pub severity: Severity,
    pub source_url: Option<String>,
    pub threat_intel_indicators: Option<Vec<ThreatIntelIndicator>>,
    pub title: String,
    pub types: Vec<String>,
    pub updated_at: String,
    pub user_defined_fields: Option<HashMap<String, String>>,
    pub verification_state: Option<String>,
    pub vulnerabilities: Option<Vec<Vulnerability>>,
    pub workflow: Option<Workflow>,
    pub workflow_state: Option<String>,
}

Provides consistent format for the contents of the Security Hub-aggregated findings. AwsSecurityFinding format enables you to share findings between AWS security services and third-party solutions, and security standards checks.

A finding is a potential security issue generated either by AWS services (Amazon GuardDuty, Amazon Inspector, and Amazon Macie) or by the integrated third-party solutions and standards checks.

Fields

aws_account_id: String

The AWS account ID that a finding is generated in.

compliance: Option<Compliance>

This data type is exclusive to findings that are generated as the result of a check run against a specific rule in a supported security standard, such as CIS AWS Foundations. Contains security standard-related finding details.

confidence: Option<i64>

A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.

Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.

created_at: String

An ISO8601-formatted timestamp that indicates when the security-findings provider created the potential security issue that a finding captured.

criticality: Option<i64>

The level of importance assigned to the resources associated with the finding.

A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.

description: String

A finding's description.

In this release, Description is a required property.

first_observed_at: Option<String>

An ISO8601-formatted timestamp that indicates when the security-findings provider first observed the potential security issue that a finding captured.

generator_id: String

The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. In various security-findings providers' solutions, this generator can be called a rule, a check, a detector, a plugin, etc.

id: String

The security findings provider-specific identifier for a finding.

last_observed_at: Option<String>

An ISO8601-formatted timestamp that indicates when the security-findings provider most recently observed the potential security issue that a finding captured.

malware: Option<Vec<Malware>>

A list of malware related to a finding.

network: Option<Network>

The details of network-related information about a finding.

network_path: Option<Vec<NetworkPathComponent>>

Provides information about a network path that is relevant to a finding. Each entry under NetworkPath represents a component of that path.

note: Option<Note>

A user-defined note added to a finding.

process: Option<ProcessDetails>

The details of process-related information about a finding.

product_arn: String

The ARN generated by Security Hub that uniquely identifies a product that generates findings. This can be the ARN for a third-party product that is integrated with Security Hub, or the ARN for a custom integration.

product_fields: Option<HashMap<String, String>>

A data type where security-findings providers can include additional solution-specific details that aren't part of the defined AwsSecurityFinding format.

record_state: Option<String>

The record state of a finding.

related_findings: Option<Vec<RelatedFinding>>

A list of related findings.

remediation: Option<Remediation>

A data type that describes the remediation options for a finding.

resources: Vec<Resource>

A set of resource data types that describe the resources that the finding refers to.

schema_version: String

The schema version that a finding is formatted for.

severity: Severity

A finding's severity.

source_url: Option<String>

A URL that links to a page about the current finding in the security-findings provider's solution.

threat_intel_indicators: Option<Vec<ThreatIntelIndicator>>

Threat intelligence details related to a finding.

title: String

A finding's title.

In this release, Title is a required property.

types: Vec<String>

One or more finding types in the format of namespace/category/classifier that classify a finding.

Valid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual Behaviors | Sensitive Data Identifications

updated_at: String

An ISO8601-formatted timestamp that indicates when the security-findings provider last updated the finding record.

user_defined_fields: Option<HashMap<String, String>>

A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding.

verification_state: Option<String>

Indicates the veracity of a finding.

vulnerabilities: Option<Vec<Vulnerability>>

Provides a list of vulnerabilities associated with the findings.

workflow: Option<Workflow>

Provides information about the status of the investigation into a finding.

workflow_state: Option<String>

The workflow state of a finding.

Trait Implementations

impl Clone for AwsSecurityFinding[src]

impl Debug for AwsSecurityFinding[src]

impl Default for AwsSecurityFinding[src]

impl<'de> Deserialize<'de> for AwsSecurityFinding[src]

impl PartialEq<AwsSecurityFinding> for AwsSecurityFinding[src]

impl Serialize for AwsSecurityFinding[src]

impl StructuralPartialEq for AwsSecurityFinding[src]

Auto Trait Implementations

Blanket Implementations

impl<T> Any for T where
    T: 'static + ?Sized[src]

impl<T> Borrow<T> for T where
    T: ?Sized[src]

impl<T> BorrowMut<T> for T where
    T: ?Sized[src]

impl<T> DeserializeOwned for T where
    T: for<'de> Deserialize<'de>, [src]

impl<T> From<T> for T[src]

impl<T> Instrument for T[src]

impl<T> Instrument for T[src]

impl<T, U> Into<U> for T where
    U: From<T>, [src]

impl<T> Same<T> for T

type Output = T

Should always be Self

impl<T> ToOwned for T where
    T: Clone[src]

type Owned = T

The resulting type after obtaining ownership.

impl<T, U> TryFrom<U> for T where
    U: Into<T>, [src]

type Error = Infallible

The type returned in the event of a conversion error.

impl<T, U> TryInto<U> for T where
    U: TryFrom<T>, [src]

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.