Updates the filter specified by the filter name.
See also: AWS API Documentation
See ‘aws help’ for descriptions of global parameters.
update-filter
--detector-id <value>
--filter-name <value>
[--description <value>]
[--action <value>]
[--rank <value>]
[--finding-criteria <value>]
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]
--detector-id
(string)
The unique ID of the detector that specifies the GuardDuty service where you want to update a filter.
--filter-name
(string)
The name of the filter.
--description
(string)
The description of the filter.
--action
(string)
Specifies the action that is to be applied to the findings that match the filter.
Possible values:
NOOP
ARCHIVE
--rank
(integer)
Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings.
--finding-criteria
(structure)
Represents the criteria to be used in the filter for querying findings.
Criterion -> (map)
Represents a map of finding properties that match specified conditions and values when querying findings.
key -> (string)
value -> (structure)
Contains information about the condition.
Eq -> (list)
Represents the equal condition to be applied to a single field when querying for findings.
(string)
Neq -> (list)
Represents the not equal condition to be applied to a single field when querying for findings.
(string)
Gt -> (integer)
Represents a greater than condition to be applied to a single field when querying for findings.
Gte -> (integer)
Represents a greater than or equal condition to be applied to a single field when querying for findings.
Lt -> (integer)
Represents a less than condition to be applied to a single field when querying for findings.
Lte -> (integer)
Represents a less than or equal condition to be applied to a single field when querying for findings.
Equals -> (list)
Represents an equal condition to be applied to a single field when querying for findings.
(string)
NotEquals -> (list)
Represents a not equal condition to be applied to a single field when querying for findings.
(string)
GreaterThan -> (long)
Represents a greater than condition to be applied to a single field when querying for findings.
GreaterThanOrEqual -> (long)
Represents a greater than or equal condition to be applied to a single field when querying for findings.
LessThan -> (long)
Represents a less than condition to be applied to a single field when querying for findings.
LessThanOrEqual -> (long)
Represents a less than or equal condition to be applied to a single field when querying for findings.
Shorthand Syntax:
Criterion={KeyName1={Eq=[string,string],Neq=[string,string],Gt=integer,Gte=integer,Lt=integer,Lte=integer,Equals=[string,string],NotEquals=[string,string],GreaterThan=long,GreaterThanOrEqual=long,LessThan=long,LessThanOrEqual=long},KeyName2={Eq=[string,string],Neq=[string,string],Gt=integer,Gte=integer,Lt=integer,Lte=integer,Equals=[string,string],NotEquals=[string,string],GreaterThan=long,GreaterThanOrEqual=long,LessThan=long,LessThanOrEqual=long}}
JSON Syntax:
{
"Criterion": {"string": {
"Eq": ["string", ...],
"Neq": ["string", ...],
"Gt": integer,
"Gte": integer,
"Lt": integer,
"Lte": integer,
"Equals": ["string", ...],
"NotEquals": ["string", ...],
"GreaterThan": long,
"GreaterThanOrEqual": long,
"LessThan": long,
"LessThanOrEqual": long
}
...}
}
--cli-input-json
| --cli-input-yaml
(string)
Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton
. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml
.
--generate-cli-skeleton
(string)
Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input
, prints a sample input JSON that can be used as an argument for --cli-input-json
. Similarly, if provided yaml-input
it will print a sample input YAML that can be used with --cli-input-yaml
. If provided with the value output
, it validates the command inputs and returns a sample output JSON for that command.
See ‘aws help’ for descriptions of global parameters.