Class: Aws::GuardDuty::Types::Investigation

Inherits:

Struct

• Object
• Struct
• Aws::GuardDuty::Types::Investigation

Includes:

Structure

Defined in:

lib/aws-sdk-guardduty/types.rb

Overview

Contains the details and results of a GuardDuty investigation.

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #cloud ⇒ Types::CloudDetails

  Details about the cloud environment in which the investigation was performed, including the provider, region, and account.

• #confidence ⇒ String

  The confidence level of the investigation’s assessment.

• #end_time ⇒ Time

  The timestamp at which the investigation completed.

• #error ⇒ String

  Details about the error if the investigation status is ‘FAILED`.

• #investigation_id ⇒ String

  The unique identifier of the investigation.

• #metadata ⇒ Types::InvestigationMetadata

  Metadata about the product and version that produced the investigation.

• #risk ⇒ String

  A human-readable description of the assessed risk.

• #risk_level ⇒ String

  The assessed risk level of the investigated threat.

• #start_time ⇒ Time

  The timestamp at which the investigation started.

• #status ⇒ String

  The current status of the investigation.

• #summary ⇒ String

  A structured summary of the investigation findings, including affected resources, threat assessment, and recommended remediation steps.

• #trigger_prompt ⇒ String

  The natural-language prompt that initiated this investigation.

• #triggered_by ⇒ String

  The account that initiated the investigation.

Instance Attribute Details

#cloud ⇒ Types::CloudDetails

Details about the cloud environment in which the investigation was performed, including the provider, region, and account.

Returns:

• (Types::CloudDetails)

# File 'lib/aws-sdk-guardduty/types.rb', line 7004

class Investigation < Struct.new(
  :investigation_id,
  :status,
  :trigger_prompt,
  :triggered_by,
  :metadata,
  :cloud,
  :risk_level,
  :risk,
  :confidence,
  :summary,
  :start_time,
  :end_time,
  :error)
  SENSITIVE = []
  include Aws::Structure
end

#confidence ⇒ String

The confidence level of the investigation’s assessment. Possible values are ‘Unknown`, `Low`, `Medium`, and `High`.

Returns:

• (String)

# File 'lib/aws-sdk-guardduty/types.rb', line 7004

class Investigation < Struct.new(
  :investigation_id,
  :status,
  :trigger_prompt,
  :triggered_by,
  :metadata,
  :cloud,
  :risk_level,
  :risk,
  :confidence,
  :summary,
  :start_time,
  :end_time,
  :error)
  SENSITIVE = []
  include Aws::Structure
end

#end_time ⇒ Time

The timestamp at which the investigation completed.

Returns:

• (Time)

# File 'lib/aws-sdk-guardduty/types.rb', line 7004

class Investigation < Struct.new(
  :investigation_id,
  :status,
  :trigger_prompt,
  :triggered_by,
  :metadata,
  :cloud,
  :risk_level,
  :risk,
  :confidence,
  :summary,
  :start_time,
  :end_time,
  :error)
  SENSITIVE = []
  include Aws::Structure
end

#error ⇒ String

Details about the error if the investigation status is ‘FAILED`.

Returns:

• (String)

# File 'lib/aws-sdk-guardduty/types.rb', line 7004

class Investigation < Struct.new(
  :investigation_id,
  :status,
  :trigger_prompt,
  :triggered_by,
  :metadata,
  :cloud,
  :risk_level,
  :risk,
  :confidence,
  :summary,
  :start_time,
  :end_time,
  :error)
  SENSITIVE = []
  include Aws::Structure
end

#investigation_id ⇒ String

The unique identifier of the investigation.

Returns:

• (String)

# File 'lib/aws-sdk-guardduty/types.rb', line 7004

class Investigation < Struct.new(
  :investigation_id,
  :status,
  :trigger_prompt,
  :triggered_by,
  :metadata,
  :cloud,
  :risk_level,
  :risk,
  :confidence,
  :summary,
  :start_time,
  :end_time,
  :error)
  SENSITIVE = []
  include Aws::Structure
end

#metadata ⇒ Types::InvestigationMetadata

Metadata about the product and version that produced the investigation.

Returns:

• (Types::InvestigationMetadata)

# File 'lib/aws-sdk-guardduty/types.rb', line 7004

class Investigation < Struct.new(
  :investigation_id,
  :status,
  :trigger_prompt,
  :triggered_by,
  :metadata,
  :cloud,
  :risk_level,
  :risk,
  :confidence,
  :summary,
  :start_time,
  :end_time,
  :error)
  SENSITIVE = []
  include Aws::Structure
end

#risk ⇒ String

A human-readable description of the assessed risk.

Returns:

• (String)

# File 'lib/aws-sdk-guardduty/types.rb', line 7004

class Investigation < Struct.new(
  :investigation_id,
  :status,
  :trigger_prompt,
  :triggered_by,
  :metadata,
  :cloud,
  :risk_level,
  :risk,
  :confidence,
  :summary,
  :start_time,
  :end_time,
  :error)
  SENSITIVE = []
  include Aws::Structure
end

#risk_level ⇒ String

The assessed risk level of the investigated threat. Possible values are ‘Info`, `Low`, `Medium`, `High`, and `Critical`.

Returns:

• (String)

# File 'lib/aws-sdk-guardduty/types.rb', line 7004

class Investigation < Struct.new(
  :investigation_id,
  :status,
  :trigger_prompt,
  :triggered_by,
  :metadata,
  :cloud,
  :risk_level,
  :risk,
  :confidence,
  :summary,
  :start_time,
  :end_time,
  :error)
  SENSITIVE = []
  include Aws::Structure
end

#start_time ⇒ Time

The timestamp at which the investigation started.

Returns:

• (Time)

# File 'lib/aws-sdk-guardduty/types.rb', line 7004

class Investigation < Struct.new(
  :investigation_id,
  :status,
  :trigger_prompt,
  :triggered_by,
  :metadata,
  :cloud,
  :risk_level,
  :risk,
  :confidence,
  :summary,
  :start_time,
  :end_time,
  :error)
  SENSITIVE = []
  include Aws::Structure
end

#status ⇒ String

The current status of the investigation. Possible values are ‘RUNNING`, `COMPLETED`, and `FAILED`.

Returns:

• (String)

# File 'lib/aws-sdk-guardduty/types.rb', line 7004

class Investigation < Struct.new(
  :investigation_id,
  :status,
  :trigger_prompt,
  :triggered_by,
  :metadata,
  :cloud,
  :risk_level,
  :risk,
  :confidence,
  :summary,
  :start_time,
  :end_time,
  :error)
  SENSITIVE = []
  include Aws::Structure
end

#summary ⇒ String

A structured summary of the investigation findings, including affected resources, threat assessment, and recommended remediation steps.

Returns:

• (String)

# File 'lib/aws-sdk-guardduty/types.rb', line 7004

class Investigation < Struct.new(
  :investigation_id,
  :status,
  :trigger_prompt,
  :triggered_by,
  :metadata,
  :cloud,
  :risk_level,
  :risk,
  :confidence,
  :summary,
  :start_time,
  :end_time,
  :error)
  SENSITIVE = []
  include Aws::Structure
end

#trigger_prompt ⇒ String

The natural-language prompt that initiated this investigation.

Returns:

• (String)

# File 'lib/aws-sdk-guardduty/types.rb', line 7004

class Investigation < Struct.new(
  :investigation_id,
  :status,
  :trigger_prompt,
  :triggered_by,
  :metadata,
  :cloud,
  :risk_level,
  :risk,
  :confidence,
  :summary,
  :start_time,
  :end_time,
  :error)
  SENSITIVE = []
  include Aws::Structure
end

#triggered_by ⇒ String

The account that initiated the investigation.

Returns:

• (String)

# File 'lib/aws-sdk-guardduty/types.rb', line 7004

class Investigation < Struct.new(
  :investigation_id,
  :status,
  :trigger_prompt,
  :triggered_by,
  :metadata,
  :cloud,
  :risk_level,
  :risk,
  :confidence,
  :summary,
  :start_time,
  :end_time,
  :error)
  SENSITIVE = []
  include Aws::Structure
end