AWS CLI Command Reference

[ aws . macie2 ]

get-finding-statistics

Description

Retrieves (queries) aggregated statistical data about findings.

See also: AWS API Documentation

See ‘aws help’ for descriptions of global parameters.

Synopsis

  get-finding-statistics
[--finding-criteria <value>]
--group-by <value>
[--size <value>]
[--sort-criteria <value>]
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]
[--cli-auto-prompt <value>]

Options

--finding-criteria (structure)

The criteria to use to filter the query results.

criterion -> (map)

A condition that specifies the property, operator, and value to use to filter the results.

key -> (string)

value -> (structure)

Specifies the operator to use in a property-based condition that filters the results of a query for findings.

eq -> (list)

An equal to condition to apply to a specified property value for findings.

(string)

gt -> (long)

A greater than condition to apply to a specified property value for findings.

gte -> (long)

A greater than or equal to condition to apply to a specified property value for findings.

lt -> (long)

A less than condition to apply to a specified property value for findings.

lte -> (long)

A less than or equal to condition to apply to a specified property value for findings.

neq -> (list)

A not equal to condition to apply to a specified property value for findings.

(string)

Shorthand Syntax:

criterion={KeyName1={eq=[string,string],gt=long,gte=long,lt=long,lte=long,neq=[string,string]},KeyName2={eq=[string,string],gt=long,gte=long,lt=long,lte=long,neq=[string,string]}}

JSON Syntax:

{
  "criterion": {"string": {
        "eq": ["string", ...],
        "gt": long,
        "gte": long,
        "lt": long,
        "lte": long,
        "neq": ["string", ...]
      }
    ...}
}

--group-by (string)

The finding property to use to group the query results. Valid values are:

  • classificationDetails.jobId - The unique identifier for the classification job that produced the finding.

  • resourcesAffected.s3Bucket.name - The name of the S3 bucket that the finding applies to.

  • severity.description - The severity of the finding, such as High or Medium.

  • type - The type of finding, such as Policy:IAMUser/S3BucketPublic and SensitiveData:S3Object/Personal.

Possible values:

  • resourcesAffected.s3Bucket.name

  • type

  • classificationDetails.jobId

  • severity.description

--size (integer)

The maximum number of items to include in each page of the response.

--sort-criteria (structure)

The criteria to use to sort the query results.

attributeName -> (string)

The grouping to sort the results by. Valid values are: count, sort the results by the number of findings in each group of results; and, groupKey, sort the results by the name of each group of results.

orderBy -> (string)

The sort order to apply to the results, based on the value for the property specified by the attributeName property. Valid values are: ASC, sort the results in ascending order; and, DESC, sort the results in descending order.

Shorthand Syntax:

attributeName=string,orderBy=string

JSON Syntax:

{
  "attributeName": "groupKey"|"count",
  "orderBy": "ASC"|"DESC"
}

--cli-input-json | --cli-input-yaml (string) Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml.

--generate-cli-skeleton (string) Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input, prints a sample input JSON that can be used as an argument for --cli-input-json. Similarly, if provided yaml-input it will print a sample input YAML that can be used with --cli-input-yaml. If provided with the value output, it validates the command inputs and returns a sample output JSON for that command.

--cli-auto-prompt (boolean) Automatically prompt for CLI input parameters.

See ‘aws help’ for descriptions of global parameters.

Output

countsByGroup -> (list)

An array of objects, one for each group of findings that meet the filter criteria specified in the request.

(structure)

Provides a group of results for a query that retrieved aggregated statistical data about findings.

count -> (long)

The total number of findings in the group of query results.

groupKey -> (string)

The name of the property that defines the group in the query results, as specified by the groupBy property in the query request.

© Copyright 2018, Amazon Web Services. Created using Sphinx.