Package software.amazon.awssdk.services.guardduty.model

Class CreateFilterRequest

java.lang.Object

software.amazon.awssdk.core.SdkRequest

software.amazon.awssdk.awscore.AwsRequest

software.amazon.awssdk.services.guardduty.model.GuardDutyRequest

software.amazon.awssdk.services.guardduty.model.CreateFilterRequest

All Implemented Interfaces:

SdkPojo, ToCopyableBuilder<CreateFilterRequest.Builder,CreateFilterRequest>

@Generated("software.amazon.awssdk:codegen")
public final class CreateFilterRequest
extends GuardDutyRequest
implements ToCopyableBuilder<CreateFilterRequest.Builder,CreateFilterRequest>

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static interface	CreateFilterRequest.Builder

Method Summary

Modifier and Type	Method	Description
FilterAction	action()	Specifies the action that is to be applied to the findings that match the filter.
String	actionAsString()	Specifies the action that is to be applied to the findings that match the filter.
static CreateFilterRequest.Builder	builder()
String	clientToken()	The idempotency token for the create request.
String	description()	The description of the filter.
String	detectorId()	The ID of the detector belonging to the GuardDuty account that you want to create a filter for.
boolean	equals(Object obj)
boolean	equalsBySdkFields(Object obj)
FindingCriteria	findingCriteria()	Represents the criteria to be used in the filter for querying findings.
<T> Optional<T>	getValueForField(String fieldName, Class<T> clazz)
int	hashCode()
boolean	hasTags()	For responses, this returns true if the service returned a value for the Tags property.
String	name()	The name of the filter.
Integer	rank()	Specifies the position of the filter in the list of current filters.
List<SdkField<?>>	sdkFields()
static Class<? extends CreateFilterRequest.Builder>	serializableBuilderClass()
Map<String,String>	tags()	The tags to be added to a new filter resource.
CreateFilterRequest.Builder	toBuilder()
String	toString()	Returns a string representation of this object.

Methods inherited from class software.amazon.awssdk.awscore.AwsRequest

overrideConfiguration

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Methods inherited from interface software.amazon.awssdk.utils.builder.ToCopyableBuilder

copy

Method Detail

detectorId

public final String detectorId()

The ID of the detector belonging to the GuardDuty account that you want to create a filter for.

Returns:

The ID of the detector belonging to the GuardDuty account that you want to create a filter for.

name

public final String name()

The name of the filter. Valid characters include period (.), underscore (_), dash (-), and alphanumeric characters. A whitespace is considered to be an invalid character.

Returns:

The name of the filter. Valid characters include period (.), underscore (_), dash (-), and alphanumeric characters. A whitespace is considered to be an invalid character.

description

public final String description()

The description of the filter. Valid characters include alphanumeric characters, and special characters such as hyphen, period, colon, underscore, parentheses ({ }, [ ], and ( )), forward slash, horizontal tab, vertical tab, newline, form feed, return, and whitespace.

Returns:

The description of the filter. Valid characters include alphanumeric characters, and special characters such as hyphen, period, colon, underscore, parentheses ({ }, [ ], and ( )), forward slash, horizontal tab, vertical tab, newline, form feed, return, and whitespace.

action

public final FilterAction action()

Specifies the action that is to be applied to the findings that match the filter.

If the service returns an enum value that is not available in the current SDK version, action will return FilterAction.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from actionAsString().

Returns:

Specifies the action that is to be applied to the findings that match the filter.

See Also:

FilterAction

actionAsString

public final String actionAsString()

Specifies the action that is to be applied to the findings that match the filter.

If the service returns an enum value that is not available in the current SDK version, action will return FilterAction.UNKNOWN_TO_SDK_VERSION. The raw value returned by the service is available from actionAsString().

Returns:

Specifies the action that is to be applied to the findings that match the filter.

See Also:

FilterAction

rank

public final Integer rank()

Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings.

Returns:

Specifies the position of the filter in the list of current filters. Also specifies the order in which this filter is applied to the findings.

findingCriteria

public final FindingCriteria findingCriteria()

Represents the criteria to be used in the filter for querying findings.

You can only use the following attributes to query findings:

• accountId

• id

• region

• severity

  To filter on the basis of severity, the API and CLI use the following input list for the FindingCriteria condition:

  • Low: ["1", "2", "3"]

  • Medium: ["4", "5", "6"]

  • High: ["7", "8", "9"]

  For more information, see Severity levels for GuardDuty findings.

• type

• updatedAt

  Type: ISO 8601 string format: YYYY-MM-DDTHH:MM:SS.SSSZ or YYYY-MM-DDTHH:MM:SSZ depending on whether the value contains milliseconds.

• resource.accessKeyDetails.accessKeyId

• resource.accessKeyDetails.principalId

• resource.accessKeyDetails.userName

• resource.accessKeyDetails.userType

• resource.instanceDetails.iamInstanceProfile.id

• resource.instanceDetails.imageId

• resource.instanceDetails.instanceId

• resource.instanceDetails.tags.key

• resource.instanceDetails.tags.value

• resource.instanceDetails.networkInterfaces.ipv6Addresses

• resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress

• resource.instanceDetails.networkInterfaces.publicDnsName

• resource.instanceDetails.networkInterfaces.publicIp

• resource.instanceDetails.networkInterfaces.securityGroups.groupId

• resource.instanceDetails.networkInterfaces.securityGroups.groupName

• resource.instanceDetails.networkInterfaces.subnetId

• resource.instanceDetails.networkInterfaces.vpcId

• resource.instanceDetails.outpostArn

• resource.resourceType

• resource.s3BucketDetails.publicAccess.effectivePermissions

• resource.s3BucketDetails.name

• resource.s3BucketDetails.tags.key

• resource.s3BucketDetails.tags.value

• resource.s3BucketDetails.type

• service.action.actionType

• service.action.awsApiCallAction.api

• service.action.awsApiCallAction.callerType

• service.action.awsApiCallAction.errorCode

• service.action.awsApiCallAction.remoteIpDetails.city.cityName

• service.action.awsApiCallAction.remoteIpDetails.country.countryName

• service.action.awsApiCallAction.remoteIpDetails.ipAddressV4

• service.action.awsApiCallAction.remoteIpDetails.organization.asn

• service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg

• service.action.awsApiCallAction.serviceName

• service.action.dnsRequestAction.domain

• service.action.dnsRequestAction.domainWithSuffix

• service.action.networkConnectionAction.blocked

• service.action.networkConnectionAction.connectionDirection

• service.action.networkConnectionAction.localPortDetails.port

• service.action.networkConnectionAction.protocol

• service.action.networkConnectionAction.remoteIpDetails.city.cityName

• service.action.networkConnectionAction.remoteIpDetails.country.countryName

• service.action.networkConnectionAction.remoteIpDetails.ipAddressV4

• service.action.networkConnectionAction.remoteIpDetails.organization.asn

• service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg

• service.action.networkConnectionAction.remotePortDetails.port

• service.action.awsApiCallAction.remoteAccountDetails.affiliated

• service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV4

• service.action.kubernetesApiCallAction.namespace

• service.action.kubernetesApiCallAction.remoteIpDetails.organization.asn

• service.action.kubernetesApiCallAction.requestUri

• service.action.kubernetesApiCallAction.statusCode

• service.action.networkConnectionAction.localIpDetails.ipAddressV4

• service.action.networkConnectionAction.protocol

• service.action.awsApiCallAction.serviceName

• service.action.awsApiCallAction.remoteAccountDetails.accountId

• service.additionalInfo.threatListName

• service.resourceRole

• resource.eksClusterDetails.name

• resource.kubernetesDetails.kubernetesWorkloadDetails.name

• resource.kubernetesDetails.kubernetesWorkloadDetails.namespace

• resource.kubernetesDetails.kubernetesUserDetails.username

• resource.kubernetesDetails.kubernetesWorkloadDetails.containers.image

• resource.kubernetesDetails.kubernetesWorkloadDetails.containers.imagePrefix

• service.ebsVolumeScanDetails.scanId

• service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.name

• service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.severity

• service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.filePaths.hash

• resource.ecsClusterDetails.name

• resource.ecsClusterDetails.taskDetails.containers.image

• resource.ecsClusterDetails.taskDetails.definitionArn

• resource.containerDetails.image

• resource.rdsDbInstanceDetails.dbInstanceIdentifier

• resource.rdsDbInstanceDetails.dbClusterIdentifier

• resource.rdsDbInstanceDetails.engine

• resource.rdsDbUserDetails.user

• resource.rdsDbInstanceDetails.tags.key

• resource.rdsDbInstanceDetails.tags.value

• service.runtimeDetails.process.executableSha256

• service.runtimeDetails.process.name

• service.runtimeDetails.process.name

• resource.lambdaDetails.functionName

• resource.lambdaDetails.functionArn

• resource.lambdaDetails.tags.key

• resource.lambdaDetails.tags.value

Returns:

Represents the criteria to be used in the filter for querying findings.

You can only use the following attributes to query findings:

• accountId

• id

• region

• severity

  To filter on the basis of severity, the API and CLI use the following input list for the FindingCriteria condition:

  • Low: ["1", "2", "3"]

  • Medium: ["4", "5", "6"]

  • High: ["7", "8", "9"]

  For more information, see Severity levels for GuardDuty findings.

• type

• updatedAt

  Type: ISO 8601 string format: YYYY-MM-DDTHH:MM:SS.SSSZ or YYYY-MM-DDTHH:MM:SSZ depending on whether the value contains milliseconds.

• resource.accessKeyDetails.accessKeyId

• resource.accessKeyDetails.principalId

• resource.accessKeyDetails.userName

• resource.accessKeyDetails.userType

• resource.instanceDetails.iamInstanceProfile.id

• resource.instanceDetails.imageId

• resource.instanceDetails.instanceId

• resource.instanceDetails.tags.key

• resource.instanceDetails.tags.value

• resource.instanceDetails.networkInterfaces.ipv6Addresses

• resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress

• resource.instanceDetails.networkInterfaces.publicDnsName

• resource.instanceDetails.networkInterfaces.publicIp

• resource.instanceDetails.networkInterfaces.securityGroups.groupId

• resource.instanceDetails.networkInterfaces.securityGroups.groupName

• resource.instanceDetails.networkInterfaces.subnetId

• resource.instanceDetails.networkInterfaces.vpcId

• resource.instanceDetails.outpostArn

• resource.resourceType

• resource.s3BucketDetails.publicAccess.effectivePermissions

• resource.s3BucketDetails.name

• resource.s3BucketDetails.tags.key

• resource.s3BucketDetails.tags.value

• resource.s3BucketDetails.type

• service.action.actionType

• service.action.awsApiCallAction.api

• service.action.awsApiCallAction.callerType

• service.action.awsApiCallAction.errorCode

• service.action.awsApiCallAction.remoteIpDetails.city.cityName

• service.action.awsApiCallAction.remoteIpDetails.country.countryName

• service.action.awsApiCallAction.remoteIpDetails.ipAddressV4

• service.action.awsApiCallAction.remoteIpDetails.organization.asn

• service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg

• service.action.awsApiCallAction.serviceName

• service.action.dnsRequestAction.domain

• service.action.dnsRequestAction.domainWithSuffix

• service.action.networkConnectionAction.blocked

• service.action.networkConnectionAction.connectionDirection

• service.action.networkConnectionAction.localPortDetails.port

• service.action.networkConnectionAction.protocol

• service.action.networkConnectionAction.remoteIpDetails.city.cityName

• service.action.networkConnectionAction.remoteIpDetails.country.countryName

• service.action.networkConnectionAction.remoteIpDetails.ipAddressV4

• service.action.networkConnectionAction.remoteIpDetails.organization.asn

• service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg

• service.action.networkConnectionAction.remotePortDetails.port

• service.action.awsApiCallAction.remoteAccountDetails.affiliated

• service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV4

• service.action.kubernetesApiCallAction.namespace

• service.action.kubernetesApiCallAction.remoteIpDetails.organization.asn

• service.action.kubernetesApiCallAction.requestUri

• service.action.kubernetesApiCallAction.statusCode

• service.action.networkConnectionAction.localIpDetails.ipAddressV4

• service.action.networkConnectionAction.protocol

• service.action.awsApiCallAction.serviceName

• service.action.awsApiCallAction.remoteAccountDetails.accountId

• service.additionalInfo.threatListName

• service.resourceRole

• resource.eksClusterDetails.name

• resource.kubernetesDetails.kubernetesWorkloadDetails.name

• resource.kubernetesDetails.kubernetesWorkloadDetails.namespace

• resource.kubernetesDetails.kubernetesUserDetails.username

• resource.kubernetesDetails.kubernetesWorkloadDetails.containers.image

• resource.kubernetesDetails.kubernetesWorkloadDetails.containers.imagePrefix

• service.ebsVolumeScanDetails.scanId

• service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.name

• service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.severity

• service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.filePaths.hash

• resource.ecsClusterDetails.name

• resource.ecsClusterDetails.taskDetails.containers.image

• resource.ecsClusterDetails.taskDetails.definitionArn

• resource.containerDetails.image

• resource.rdsDbInstanceDetails.dbInstanceIdentifier

• resource.rdsDbInstanceDetails.dbClusterIdentifier

• resource.rdsDbInstanceDetails.engine

• resource.rdsDbUserDetails.user

• resource.rdsDbInstanceDetails.tags.key

• resource.rdsDbInstanceDetails.tags.value

• service.runtimeDetails.process.executableSha256

• service.runtimeDetails.process.name

• service.runtimeDetails.process.name

• resource.lambdaDetails.functionName

• resource.lambdaDetails.functionArn

• resource.lambdaDetails.tags.key

• resource.lambdaDetails.tags.value

clientToken

public final String clientToken()

The idempotency token for the create request.

Returns:

The idempotency token for the create request.

hasTags

public final boolean hasTags()

For responses, this returns true if the service returned a value for the Tags property. This DOES NOT check that the value is non-empty (for which, you should check the isEmpty() method on the property). This is useful because the SDK will never return a null collection or map, but you may need to differentiate between the service returning nothing (or null) and the service returning an empty collection or map. For requests, this returns true if a value for the property was specified in the request builder, and false if a value was not specified.

tags

public final Map<String,String> tags()

The tags to be added to a new filter resource.

Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.

This method will never return null. If you would like to know whether the service returned this field (so that you can differentiate between null and empty), you can use the hasTags() method.

Returns:

The tags to be added to a new filter resource.

toBuilder

public CreateFilterRequest.Builder toBuilder()

Specified by:

toBuilder in interface ToCopyableBuilder<CreateFilterRequest.Builder,CreateFilterRequest>

Specified by:

toBuilder in class GuardDutyRequest

builder

public static CreateFilterRequest.Builder builder()

serializableBuilderClass

public static Class<? extends CreateFilterRequest.Builder> serializableBuilderClass()

hashCode

public final int hashCode()

Overrides:

hashCode in class AwsRequest

equals

public final boolean equals(Object obj)

Overrides:

equals in class AwsRequest

equalsBySdkFields

public final boolean equalsBySdkFields(Object obj)

Specified by:

equalsBySdkFields in interface SdkPojo

toString

public final String toString()

Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be redacted from this string using a placeholder value.

Overrides:

toString in class Object

getValueForField

public final <T> Optional<T> getValueForField(String fieldName,
                                              Class<T> clazz)

Overrides:

getValueForField in class SdkRequest

sdkFields

public final List<SdkField<?>> sdkFields()

Specified by:

sdkFields in interface SdkPojo