| _BilledSize |
|
Double |
| _IsBillable |
|
String |
| AccountId |
The AWS account ID of the owner of the source network interface for which traffic is recorded. If the network interface is created by an AWS service, for example when creating a VPC endpoint or Network Load Balancer, the record may display unknown for this field. |
String |
| ActivityType |
A formatted string representing the type of activity that triggered the finding. |
String |
| Arn |
Amazon resource name of the finding. |
String |
| Description |
Description of the primary purpose of the threat or attack related to the finding. |
String |
| Id |
A unique Finding ID for this finding type and set of parameters. New occurrences of activity matching this pattern will be aggregated to the same ID. |
String |
| Partition |
The AWS partition in which the finding was generated. |
String |
| Region |
The AWS region in which the finding was generated. |
String |
| ResourceDetails |
Gives details on the AWS resource that was targeted by the trigger activity. The information available varies based on resource type and action typ. |
Object |
| SchemaVersion |
The Guard Duty finding version. |
String |
| ServiceDetails |
Gives details on the AWS service that was related to the finding, including Action, Actor/Target, Evidence, Anomalous behavior and Additional information. |
Object |
| Severity |
A finding’s assigned severity level of either High, Medium, or Low. |
Int32 |
| SourceSystem |
|
String |
| TenantId |
|
String |
| TimeCreated |
The time and date when this finding was first created. If this value differs from Updated at (TimeGenerated), it indicates that the activity has occurred multiple times and is an ongoing issue. |
DateTime |
| TimeGenerated |
The timestamp (UTC) of when the event was generated, The last time this finding was updated with new activity matching the pattern that prompted GuardDuty to generate this finding. |
DateTime |
| Title |
Summary of the primary purpose of the threat or attack related to the finding. |
String |
| Type |
The name of the table |
String |