Finding Statistics - Amazon Macie

Finding Statistics

The Finding Statistics resource provides aggregated statistical data about the findings for your Amazon Macie account. This primarily includes data about the total number of findings, grouped by a key value such as severity, finding type, or affected resource. The data is available for all the findings that Macie stores for your account.

You can use the Finding Statistics resource to retrieve (query) aggregated statistical data about findings for your account. To customize and refine your query, you can use the supported parameters to specify how to filter, group, and sort the query results. For more information about filter options, see Filtering findings in the Amazon Macie User Guide.

URI

/findings/statistics

HTTP methods

POST

Operation ID: GetFindingStatistics

Retrieves (queries) aggregated statistical data about findings.

Responses
Status codeResponse modelDescription
200GetFindingStatisticsResponse

The request succeeded.

400ValidationException

The request failed because the input doesn't satisfy the constraints specified by the service.

402ServiceQuotaExceededException

The request failed because fulfilling the request would exceed one or more service quotas for your account.

403AccessDeniedException

The request was denied because you don't have sufficient access to the specified resource.

404ResourceNotFoundException

The request failed because the specified resource wasn't found.

409ConflictException

The request failed because it conflicts with the current state of the specified resource.

429ThrottlingException

The request failed because you sent too many requests during a certain amount of time.

500InternalServerException

The request failed due to an unknown internal server error, exception, or failure.

Schemas

Request bodies

{ "findingCriteria": { "criterion": { } }, "groupBy": enum, "size": integer, "sortCriteria": { "attributeName": enum, "orderBy": enum } }

Response bodies

{ "countsByGroup": [ { "count": integer, "groupKey": "string" } ] }
{ "message": "string" }
{ "message": "string" }
{ "message": "string" }
{ "message": "string" }
{ "message": "string" }
{ "message": "string" }
{ "message": "string" }

Properties

AccessDeniedException

Provides information about an error that occurred due to insufficient access to a specified resource.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

ConflictException

Provides information about an error that occurred due to a versioning conflict for a specified resource.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

Criterion

Specifies a condition that defines a property, operator, and one or more values to filter the results of a query for findings. The number of values depends on the property and operator specified by the condition. For information about defining filter conditions, see Fundamentals of filtering findings in the Amazon Macie User Guide.

PropertyTypeRequiredDescription

*

object

False

CriterionAdditionalProperties

Specifies the operator to use in a property-based condition that filters the results of a query for findings. For detailed information and examples of each operator, see Fundamentals of filtering findings in the Amazon Macie User Guide.

PropertyTypeRequiredDescription
eq

Array of type string

False

The value for the property matches (equals) the specified value. If you specify multiple values, Macie uses OR logic to join the values.

eqExactMatch

Array of type string

False

The value for the property exclusively matches (equals an exact match for) all the specified values. If you specify multiple values, Amazon Macie uses AND logic to join the values.

You can use this operator with the following properties: customDataIdentifiers.detections.arn, customDataIdentifiers.detections.name, resourcesAffected.s3Bucket.tags.key, resourcesAffected.s3Bucket.tags.value, resourcesAffected.s3Object.tags.key, resourcesAffected.s3Object.tags.value, sensitiveData.category, and sensitiveData.detections.type.

gt

integer

Format: int64

False

The value for the property is greater than the specified value.

gte

integer

Format: int64

False

The value for the property is greater than or equal to the specified value.

lt

integer

Format: int64

False

The value for the property is less than the specified value.

lte

integer

Format: int64

False

The value for the property is less than or equal to the specified value.

neq

Array of type string

False

The value for the property doesn't match (doesn't equal) the specified value. If you specify multiple values, Macie uses OR logic to join the values.

FindingCriteria

Specifies, as a map, one or more property-based conditions that filter the results of a query for findings.

PropertyTypeRequiredDescription
criterion

Criterion

False

A condition that specifies the property, operator, and one or more values to use to filter the results.

FindingStatisticsSortAttributeName

The grouping to sort the results by. Valid values are:

  • groupKey

  • count

FindingStatisticsSortCriteria

Specifies criteria for sorting the results of a query that retrieves aggregated statistical data about findings.

PropertyTypeRequiredDescription
attributeName

FindingStatisticsSortAttributeName

False

The grouping to sort the results by. Valid values are: count, sort the results by the number of findings in each group of results; and, groupKey, sort the results by the name of each group of results.

orderBy

string

Values: ASC | DESC

False

The sort order to apply to the results, based on the value for the property specified by the attributeName property. Valid values are: ASC, sort the results in ascending order; and, DESC, sort the results in descending order.

GetFindingStatisticsRequest

Specifies criteria for filtering, grouping, sorting, and paginating the results of a query that retrieves aggregated statistical data about findings.

PropertyTypeRequiredDescription
findingCriteria

FindingCriteria

False

The criteria to use to filter the query results.

groupBy

string

Values: resourcesAffected.s3Bucket.name | type | classificationDetails.jobId | severity.description

True

The finding property to use to group the query results. Valid values are:

  • classificationDetails.jobId - The unique identifier for the classification job that produced the finding.

  • resourcesAffected.s3Bucket.name - The name of the S3 bucket that the finding applies to.

  • severity.description - The severity level of the finding, such as High or Medium.

  • type - The type of finding, such as Policy:IAMUser/S3BucketPublic and SensitiveData:S3Object/Personal.

size

integer

Format: int32

False

The maximum number of items to include in each page of the response.

sortCriteria

FindingStatisticsSortCriteria

False

The criteria to use to sort the query results.

GetFindingStatisticsResponse

Provides the results of a query that retrieved aggregated statistical data about findings.

PropertyTypeRequiredDescription
countsByGroup

Array of type GroupCount

False

An array of objects, one for each group of findings that matches the filter criteria specified in the request.

GroupCount

Provides a group of results for a query that retrieved aggregated statistical data about findings.

PropertyTypeRequiredDescription
count

integer

Format: int64

False

The total number of findings in the group of query results.

groupKey

string

False

The name of the property that defines the group in the query results, as specified by the groupBy property in the query request.

InternalServerException

Provides information about an error that occurred due to an unknown internal server error, exception, or failure.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

ResourceNotFoundException

Provides information about an error that occurred because a specified resource wasn't found.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

ServiceQuotaExceededException

Provides information about an error that occurred due to one or more service quotas for an account.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

ThrottlingException

Provides information about an error that occurred because too many requests were sent during a certain amount of time.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

ValidationException

Provides information about an error that occurred due to a syntax error in a request.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

See also

For more information about using this API in one of the language-specific AWS SDKs and references, see the following:

GetFindingStatistics