class Aws::SecurityHub::Types::BatchUpdateFindingsRequest
@note When making an API call, you may pass BatchUpdateFindingsRequest
data as a hash: { finding_identifiers: [ # required { id: "NonEmptyString", # required product_arn: "NonEmptyString", # required }, ], note: { text: "NonEmptyString", # required updated_by: "NonEmptyString", # required }, severity: { normalized: 1, product: 1.0, label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL }, verification_state: "UNKNOWN", # accepts UNKNOWN, TRUE_POSITIVE, FALSE_POSITIVE, BENIGN_POSITIVE confidence: 1, criticality: 1, types: ["NonEmptyString"], user_defined_fields: { "NonEmptyString" => "NonEmptyString", }, workflow: { status: "NEW", # accepts NEW, NOTIFIED, RESOLVED, SUPPRESSED }, related_findings: [ { product_arn: "NonEmptyString", # required id: "NonEmptyString", # required }, ], }
@!attribute [rw] finding_identifiers
The list of findings to update. `BatchUpdateFindings` can be used to update up to 100 findings at a time. For each finding, the list provides the finding identifier and the ARN of the finding provider. @return [Array<Types::AwsSecurityFindingIdentifier>]
@!attribute [rw] note
The updated note. @return [Types::NoteUpdate]
@!attribute [rw] severity
Used to update the finding severity. @return [Types::SeverityUpdate]
@!attribute [rw] verification_state
Indicates the veracity of a finding. The available values for `VerificationState` are as follows. * `UNKNOWN` – The default disposition of a security finding * `TRUE_POSITIVE` – The security finding is confirmed * `FALSE_POSITIVE` – The security finding was determined to be a false alarm * `BENIGN_POSITIVE` – A special case of `TRUE_POSITIVE` where the finding doesn't pose any threat, is expected, or both @return [String]
@!attribute [rw] confidence
The updated value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. @return [Integer]
@!attribute [rw] criticality
The updated value for the level of importance assigned to the resources associated with the findings. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. @return [Integer]
@!attribute [rw] types
One or more finding types in the format of namespace/category/classifier that classify a finding. Valid namespace values are as follows. * Software and Configuration Checks * TTPs * Effects * Unusual Behaviors * Sensitive Data Identifications @return [Array<String>]
@!attribute [rw] user_defined_fields
A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding. @return [Hash<String,String>]
@!attribute [rw] workflow
Used to update the workflow status of a finding. The workflow status indicates the progress of the investigation into the finding. @return [Types::WorkflowUpdate]
@!attribute [rw] related_findings
A list of findings that are related to the updated findings. @return [Array<Types::RelatedFinding>]
@see docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/BatchUpdateFindingsRequest AWS API Documentation
Constants
- SENSITIVE