AwsSecurityFindingFilters class

A collection of attributes that are applied to all active Security Hub-aggregated findings and that result in a subset of findings that are included in this insight.

You can filter by up to 10 finding attributes. For each attribute, you can provide up to 20 filter values.

Constructors

AwsSecurityFindingFilters({List<StringFilter>? awsAccountId, List<StringFilter>? companyName, List<StringFilter>? complianceStatus, List<NumberFilter>? confidence, List<DateFilter>? createdAt, List<NumberFilter>? criticality, List<StringFilter>? description, List<DateFilter>? firstObservedAt, List<StringFilter>? generatorId, List<StringFilter>? id, List<KeywordFilter>? keyword, List<DateFilter>? lastObservedAt, List<StringFilter>? malwareName, List<StringFilter>? malwarePath, List<StringFilter>? malwareState, List<StringFilter>? malwareType, List<StringFilter>? networkDestinationDomain, List<IpFilter>? networkDestinationIpV4, List<IpFilter>? networkDestinationIpV6, List<NumberFilter>? networkDestinationPort, List<StringFilter>? networkDirection, List<StringFilter>? networkProtocol, List<StringFilter>? networkSourceDomain, List<IpFilter>? networkSourceIpV4, List<IpFilter>? networkSourceIpV6, List<StringFilter>? networkSourceMac, List<NumberFilter>? networkSourcePort, List<StringFilter>? noteText, List<DateFilter>? noteUpdatedAt, List<StringFilter>? noteUpdatedBy, List<DateFilter>? processLaunchedAt, List<StringFilter>? processName, List<NumberFilter>? processParentPid, List<StringFilter>? processPath, List<NumberFilter>? processPid, List<DateFilter>? processTerminatedAt, List<StringFilter>? productArn, List<MapFilter>? productFields, List<StringFilter>? productName, List<StringFilter>? recommendationText, List<StringFilter>? recordState, List<StringFilter>? relatedFindingsId, List<StringFilter>? relatedFindingsProductArn, List<StringFilter>? resourceAwsEc2InstanceIamInstanceProfileArn, List<StringFilter>? resourceAwsEc2InstanceImageId, List<IpFilter>? resourceAwsEc2InstanceIpV4Addresses, List<IpFilter>? resourceAwsEc2InstanceIpV6Addresses, List<StringFilter>? resourceAwsEc2InstanceKeyName, List<DateFilter>? resourceAwsEc2InstanceLaunchedAt, List<StringFilter>? resourceAwsEc2InstanceSubnetId, List<StringFilter>? resourceAwsEc2InstanceType, List<StringFilter>? resourceAwsEc2InstanceVpcId, List<DateFilter>? resourceAwsIamAccessKeyCreatedAt, List<StringFilter>? resourceAwsIamAccessKeyStatus, List<StringFilter>? resourceAwsIamAccessKeyUserName, List<StringFilter>? resourceAwsS3BucketOwnerId, List<StringFilter>? resourceAwsS3BucketOwnerName, List<StringFilter>? resourceContainerImageId, List<StringFilter>? resourceContainerImageName, List<DateFilter>? resourceContainerLaunchedAt, List<StringFilter>? resourceContainerName, List<MapFilter>? resourceDetailsOther, List<StringFilter>? resourceId, List<StringFilter>? resourcePartition, List<StringFilter>? resourceRegion, List<MapFilter>? resourceTags, List<StringFilter>? resourceType, List<StringFilter>? severityLabel, List<NumberFilter>? severityNormalized, List<NumberFilter>? severityProduct, List<StringFilter>? sourceUrl, List<StringFilter>? threatIntelIndicatorCategory, List<DateFilter>? threatIntelIndicatorLastObservedAt, List<StringFilter>? threatIntelIndicatorSource, List<StringFilter>? threatIntelIndicatorSourceUrl, List<StringFilter>? threatIntelIndicatorType, List<StringFilter>? threatIntelIndicatorValue, List<StringFilter>? title, List<StringFilter>? type, List<DateFilter>? updatedAt, List<MapFilter>? userDefinedFields, List<StringFilter>? verificationState, List<StringFilter>? workflowState, List<StringFilter>? workflowStatus})
AwsSecurityFindingFilters.fromJson(Map<String, dynamic> json)
factory

Properties

awsAccountId List<StringFilter>?
The AWS account ID that a finding is generated in.
final
companyName List<StringFilter>?
The name of the findings provider (company) that owns the solution (product) that generates findings.
final
complianceStatus List<StringFilter>?
Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard, such as CIS AWS Foundations. Contains security standard-related finding details.
final
confidence List<NumberFilter>?
A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.
final
createdAt List<DateFilter>?
An ISO8601-formatted timestamp that indicates when the security-findings provider captured the potential security issue that a finding captured.
final
criticality List<NumberFilter>?
The level of importance assigned to the resources associated with the finding.
final
description List<StringFilter>?
A finding's description.
final
firstObservedAt List<DateFilter>?
An ISO8601-formatted timestamp that indicates when the security-findings provider first observed the potential security issue that a finding captured.
final
generatorId List<StringFilter>?
The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. In various security-findings providers' solutions, this generator can be called a rule, a check, a detector, a plugin, etc.
final
hashCode int
The hash code for this object.
no setterinherited
id List<StringFilter>?
The security findings provider-specific identifier for a finding.
final
keyword List<KeywordFilter>?
A keyword for a finding.
final
lastObservedAt List<DateFilter>?
An ISO8601-formatted timestamp that indicates when the security-findings provider most recently observed the potential security issue that a finding captured.
final
malwareName List<StringFilter>?
The name of the malware that was observed.
final
malwarePath List<StringFilter>?
The filesystem path of the malware that was observed.
final
malwareState List<StringFilter>?
The state of the malware that was observed.
final
malwareType List<StringFilter>?
The type of the malware that was observed.
final
networkDestinationDomain List<StringFilter>?
The destination domain of network-related information about a finding.
final
networkDestinationIpV4 List<IpFilter>?
The destination IPv4 address of network-related information about a finding.
final
networkDestinationIpV6 List<IpFilter>?
The destination IPv6 address of network-related information about a finding.
final
networkDestinationPort List<NumberFilter>?
The destination port of network-related information about a finding.
final
networkDirection List<StringFilter>?
Indicates the direction of network traffic associated with a finding.
final
networkProtocol List<StringFilter>?
The protocol of network-related information about a finding.
final
networkSourceDomain List<StringFilter>?
The source domain of network-related information about a finding.
final
networkSourceIpV4 List<IpFilter>?
The source IPv4 address of network-related information about a finding.
final
networkSourceIpV6 List<IpFilter>?
The source IPv6 address of network-related information about a finding.
final
networkSourceMac List<StringFilter>?
The source media access control (MAC) address of network-related information about a finding.
final
networkSourcePort List<NumberFilter>?
The source port of network-related information about a finding.
final
noteText List<StringFilter>?
The text of a note.
final
noteUpdatedAt List<DateFilter>?
The timestamp of when the note was updated.
final
noteUpdatedBy List<StringFilter>?
The principal that created a note.
final
processLaunchedAt List<DateFilter>?
The date/time that the process was launched.
final
processName List<StringFilter>?
The name of the process.
final
processParentPid List<NumberFilter>?
The parent process ID.
final
processPath List<StringFilter>?
The path to the process executable.
final
processPid List<NumberFilter>?
The process ID.
final
processTerminatedAt List<DateFilter>?
The date/time that the process was terminated.
final
productArn List<StringFilter>?
The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub.
final
productFields List<MapFilter>?
A data type where security-findings providers can include additional solution-specific details that aren't part of the defined AwsSecurityFinding format.
final
productName List<StringFilter>?
The name of the solution (product) that generates findings.
final
recommendationText List<StringFilter>?
The recommendation of what to do about the issue described in a finding.
final
recordState List<StringFilter>?
The updated record state for the finding.
final
relatedFindingsId List<StringFilter>?
The solution-generated identifier for a related finding.
final
relatedFindingsProductArn List<StringFilter>?
The ARN of the solution that generated a related finding.
final
resourceAwsEc2InstanceIamInstanceProfileArn List<StringFilter>?
The IAM profile ARN of the instance.
final
resourceAwsEc2InstanceImageId List<StringFilter>?
The Amazon Machine Image (AMI) ID of the instance.
final
resourceAwsEc2InstanceIpV4Addresses List<IpFilter>?
The IPv4 addresses associated with the instance.
final
resourceAwsEc2InstanceIpV6Addresses List<IpFilter>?
The IPv6 addresses associated with the instance.
final
resourceAwsEc2InstanceKeyName List<StringFilter>?
The key name associated with the instance.
final
resourceAwsEc2InstanceLaunchedAt List<DateFilter>?
The date and time the instance was launched.
final
resourceAwsEc2InstanceSubnetId List<StringFilter>?
The identifier of the subnet that the instance was launched in.
final
resourceAwsEc2InstanceType List<StringFilter>?
The instance type of the instance.
final
resourceAwsEc2InstanceVpcId List<StringFilter>?
The identifier of the VPC that the instance was launched in.
final
resourceAwsIamAccessKeyCreatedAt List<DateFilter>?
The creation date/time of the IAM access key related to a finding.
final
resourceAwsIamAccessKeyStatus List<StringFilter>?
The status of the IAM access key related to a finding.
final
resourceAwsIamAccessKeyUserName List<StringFilter>?
The user associated with the IAM access key related to a finding.
final
resourceAwsS3BucketOwnerId List<StringFilter>?
The canonical user ID of the owner of the S3 bucket.
final
resourceAwsS3BucketOwnerName List<StringFilter>?
The display name of the owner of the S3 bucket.
final
resourceContainerImageId List<StringFilter>?
The identifier of the image related to a finding.
final
resourceContainerImageName List<StringFilter>?
The name of the image related to a finding.
final
resourceContainerLaunchedAt List<DateFilter>?
The date/time that the container was started.
final
resourceContainerName List<StringFilter>?
The name of the container related to a finding.
final
resourceDetailsOther List<MapFilter>?
The details of a resource that doesn't have a specific subfield for the resource type defined.
final
resourceId List<StringFilter>?
The canonical identifier for the given resource type.
final
resourcePartition List<StringFilter>?
The canonical AWS partition name that the Region is assigned to.
final
resourceRegion List<StringFilter>?
The canonical AWS external Region name where this resource is located.
final
resourceTags List<MapFilter>?
A list of AWS tags associated with a resource at the time the finding was processed.
final
resourceType List<StringFilter>?
Specifies the type of the resource that details are provided for.
final
runtimeType Type
A representation of the runtime type of the object.
no setterinherited
severityLabel List<StringFilter>?
The label of a finding's severity.
final
severityNormalized List<NumberFilter>?
The normalized severity of a finding.
final
severityProduct List<NumberFilter>?
The native severity as defined by the security-findings provider's solution that generated the finding.
final
sourceUrl List<StringFilter>?
A URL that links to a page about the current finding in the security-findings provider's solution.
final
threatIntelIndicatorCategory List<StringFilter>?
The category of a threat intelligence indicator.
final
threatIntelIndicatorLastObservedAt List<DateFilter>?
The date/time of the last observation of a threat intelligence indicator.
final
threatIntelIndicatorSource List<StringFilter>?
The source of the threat intelligence.
final
threatIntelIndicatorSourceUrl List<StringFilter>?
The URL for more details from the source of the threat intelligence.
final
threatIntelIndicatorType List<StringFilter>?
The type of a threat intelligence indicator.
final
threatIntelIndicatorValue List<StringFilter>?
The value of a threat intelligence indicator.
final
title List<StringFilter>?
A finding's title.
final
type List<StringFilter>?
A finding type in the format of namespace/category/classifier that classifies a finding.
final
updatedAt List<DateFilter>?
An ISO8601-formatted timestamp that indicates when the security-findings provider last updated the finding record.
final
userDefinedFields List<MapFilter>?
A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding.
final
verificationState List<StringFilter>?
The veracity of a finding.
final
workflowState List<StringFilter>?
The workflow state of a finding.
final
workflowStatus List<StringFilter>?
The status of the investigation into a finding. Allowed values are the following.
final

Methods

noSuchMethod(Invocation invocation) → dynamic
Invoked when a nonexistent method or property is accessed.
inherited
toJson() Map<String, dynamic>
toString() String
A string representation of this object.
inherited

Operators

operator ==(Object other) bool
The equality operator.
inherited