Method: Aws::SecurityHub::Types::Signal#type

Defined in:
lib/aws-sdk-securityhub/types.rb

#typeString

The type of the signal used to identify an attack sequence.

Signals can be GuardDuty findings or activities observed in data sources that GuardDuty monitors. For more information, see

GuardDuty foundational data sources][1

in the *Amazon GuardDuty

User Guide*.

A signal type can be one of the following values. Here are the related descriptions:

  • FINDING - Individually generated GuardDuty finding.

  • CLOUD_TRAIL - Activity observed from CloudTrail logs

  • S3_DATA_EVENTS - Activity observed from CloudTrail data events for Amazon Simple Storage Service (S3). Activities associated with this type will show up only when you have enabled GuardDuty S3 Protection feature in your account. For more information about S3 Protection and the steps to enable it, see [S3 Protection] in the *Amazon GuardDuty User Guide*.

[1]: docs.aws.amazon.com/guardduty/latest/ug/guardduty_data-sources.html [2]: docs.aws.amazon.com/guardduty/latest/ug/s3-protection.html

Returns:



31725
31726
31727
31728
31729
31730
31731
31732
31733
31734
31735
31736
31737
31738
31739
31740
31741
31742
31743
 
# File 'lib/aws-sdk-securityhub/types.rb', line 31725

class Signal < Struct.new(
  :type,
  :id,
  :title,
  :product_arn,
  :resource_ids,
  :signal_indicators,
  :name,
  :created_at,
  :updated_at,
  :first_seen_at,
  :last_seen_at,
  :severity,
  :count,
  :actor_ids,
  :endpoint_ids)
  SENSITIVE = []
  include Aws::Structure
end