InvestigationSummary - Amazon GuardDuty
Services or capabilities described in AWS documentation might vary by Region. To see the differences applicable to the AWS European Sovereign Cloud Region, see the AWS European Sovereign Cloud User Guide.

InvestigationSummary

Contains summary information about a GuardDuty investigation.

Contents

accountId

The AWS account ID associated with the investigation.

Type: String

Required: No

confidence

The confidence level of the investigation's assessment.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 50.

Valid Values: Unknown | Low | Medium | High

Required: No

endTime

The timestamp at which the investigation completed.

Type: Timestamp

Required: No

investigationId

The unique identifier of the investigation.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 64.

Pattern: [a-fA-F0-9\-]+

Required: No

riskLevel

The assessed risk level of the investigated threat.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 300.

Valid Values: Info | Low | Medium | High | Critical

Required: No

startTime

The timestamp at which the investigation started.

Type: Timestamp

Required: No

status

The current status of the investigation.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 300.

Valid Values: RUNNING | COMPLETED | FAILED

Required: No

title

A short title summarizing the investigation.

Type: String

Length Constraints: Minimum length of 0. Maximum length of 1024.

Required: No

triggerPrompt

The natural-language prompt that initiated this investigation.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 2048.

Required: No

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: