class Aws::SecurityHub::Types::BatchUpdateFindingsRequest

@note When making an API call, you may pass BatchUpdateFindingsRequest

data as a hash:

    {
      finding_identifiers: [ # required
        {
          id: "NonEmptyString", # required
          product_arn: "NonEmptyString", # required
        },
      ],
      note: {
        text: "NonEmptyString", # required
        updated_by: "NonEmptyString", # required
      },
      severity: {
        normalized: 1,
        product: 1.0,
        label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
      },
      verification_state: "UNKNOWN", # accepts UNKNOWN, TRUE_POSITIVE, FALSE_POSITIVE, BENIGN_POSITIVE
      confidence: 1,
      criticality: 1,
      types: ["NonEmptyString"],
      user_defined_fields: {
        "NonEmptyString" => "NonEmptyString",
      },
      workflow: {
        status: "NEW", # accepts NEW, NOTIFIED, RESOLVED, SUPPRESSED
      },
      related_findings: [
        {
          product_arn: "NonEmptyString", # required
          id: "NonEmptyString", # required
        },
      ],
    }

@!attribute [rw] finding_identifiers

The list of findings to update. `BatchUpdateFindings` can be used to
update up to 100 findings at a time.

For each finding, the list provides the finding identifier and the
ARN of the finding provider.
@return [Array<Types::AwsSecurityFindingIdentifier>]

@!attribute [rw] note

The updated note.
@return [Types::NoteUpdate]

@!attribute [rw] severity

Used to update the finding severity.
@return [Types::SeverityUpdate]

@!attribute [rw] verification_state

Indicates the veracity of a finding.

The available values for `VerificationState` are as follows.

* `UNKNOWN` – The default disposition of a security finding

* `TRUE_POSITIVE` – The security finding is confirmed

* `FALSE_POSITIVE` – The security finding was determined to be a
  false alarm

* `BENIGN_POSITIVE` – A special case of `TRUE_POSITIVE` where the
  finding doesn't pose any threat, is expected, or both
@return [String]

@!attribute [rw] confidence

The updated value for the finding confidence. Confidence is defined
as the likelihood that a finding accurately identifies the behavior
or issue that it was intended to identify.

Confidence is scored on a 0-100 basis using a ratio scale, where 0
means zero percent confidence and 100 means 100 percent confidence.
@return [Integer]

@!attribute [rw] criticality

The updated value for the level of importance assigned to the
resources associated with the findings.

A score of 0 means that the underlying resources have no
criticality, and a score of 100 is reserved for the most critical
resources.
@return [Integer]

@!attribute [rw] types

One or more finding types in the format of
namespace/category/classifier that classify a finding.

Valid namespace values are as follows.

* Software and Configuration Checks

* TTPs

* Effects

* Unusual Behaviors

* Sensitive Data Identifications
@return [Array<String>]

@!attribute [rw] user_defined_fields

A list of name/value string pairs associated with the finding. These
are custom, user-defined fields added to a finding.
@return [Hash<String,String>]

@!attribute [rw] workflow

Used to update the workflow status of a finding.

The workflow status indicates the progress of the investigation into
the finding.
@return [Types::WorkflowUpdate]

@!attribute [rw] related_findings

A list of findings that are related to the updated findings.
@return [Array<Types::RelatedFinding>]

@see docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/BatchUpdateFindingsRequest AWS API Documentation

Constants

SENSITIVE