Lists Amazon GuardDuty findings statistics for the specified detector ID.
See also: AWS API Documentation
See ‘aws help’ for descriptions of global parameters.
get-findings-statistics
--detector-id <value>
--finding-statistic-types <value>
[--finding-criteria <value>]
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]
--detector-id
(string)
The ID of the detector that specifies the GuardDuty service whose findings’ statistics you want to retrieve.
--finding-statistic-types
(list)
The types of finding statistics to retrieve.
(string)
Syntax:
"string" "string" ...
Where valid values are:
COUNT_BY_SEVERITY
--finding-criteria
(structure)
Represents the criteria that is used for querying findings.
Criterion -> (map)
Represents a map of finding properties that match specified conditions and values when querying findings.
key -> (string)
value -> (structure)
Contains information about the condition.
Eq -> (list)
Represents the equal condition to be applied to a single field when querying for findings.
(string)
Neq -> (list)
Represents the not equal condition to be applied to a single field when querying for findings.
(string)
Gt -> (integer)
Represents a greater than condition to be applied to a single field when querying for findings.
Gte -> (integer)
Represents a greater than or equal condition to be applied to a single field when querying for findings.
Lt -> (integer)
Represents a less than condition to be applied to a single field when querying for findings.
Lte -> (integer)
Represents a less than or equal condition to be applied to a single field when querying for findings.
Equals -> (list)
Represents an equal condition to be applied to a single field when querying for findings.
(string)
NotEquals -> (list)
Represents a not equal condition to be applied to a single field when querying for findings.
(string)
GreaterThan -> (long)
Represents a greater than condition to be applied to a single field when querying for findings.
GreaterThanOrEqual -> (long)
Represents a greater than or equal condition to be applied to a single field when querying for findings.
LessThan -> (long)
Represents a less than condition to be applied to a single field when querying for findings.
LessThanOrEqual -> (long)
Represents a less than or equal condition to be applied to a single field when querying for findings.
Shorthand Syntax:
Criterion={KeyName1={Eq=[string,string],Neq=[string,string],Gt=integer,Gte=integer,Lt=integer,Lte=integer,Equals=[string,string],NotEquals=[string,string],GreaterThan=long,GreaterThanOrEqual=long,LessThan=long,LessThanOrEqual=long},KeyName2={Eq=[string,string],Neq=[string,string],Gt=integer,Gte=integer,Lt=integer,Lte=integer,Equals=[string,string],NotEquals=[string,string],GreaterThan=long,GreaterThanOrEqual=long,LessThan=long,LessThanOrEqual=long}}
JSON Syntax:
{
"Criterion": {"string": {
"Eq": ["string", ...],
"Neq": ["string", ...],
"Gt": integer,
"Gte": integer,
"Lt": integer,
"Lte": integer,
"Equals": ["string", ...],
"NotEquals": ["string", ...],
"GreaterThan": long,
"GreaterThanOrEqual": long,
"LessThan": long,
"LessThanOrEqual": long
}
...}
}
--cli-input-json
| --cli-input-yaml
(string)
Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton
. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml
.
--generate-cli-skeleton
(string)
Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input
, prints a sample input JSON that can be used as an argument for --cli-input-json
. Similarly, if provided yaml-input
it will print a sample input YAML that can be used with --cli-input-yaml
. If provided with the value output
, it validates the command inputs and returns a sample output JSON for that command.
See ‘aws help’ for descriptions of global parameters.
FindingStatistics -> (structure)
The finding statistics object.
CountBySeverity -> (map)
Represents a map of severity to count statistics for a set of findings.
key -> (string)
value -> (integer)