FindingHistoryRecord
A list of events that changed the specified finding during the specified time period. Each record represents a single finding change event.
Contents
- FindingCreated
-
Identifies whether the event marks the creation of a new finding. A value of
True
means that the finding is newly created. A value ofFalse
means that the finding isn’t newly created.Type: Boolean
Required: No
- FindingIdentifier
-
Identifies which finding to get the finding history for.
Type: AwsSecurityFindingIdentifier object
Required: No
- NextToken
-
A token for pagination purposes. Provide this token in the subsequent request to
GetFindingsHistory
to get up to an additional 100 results of history for the same finding that you specified in your initial request.Type: String
Required: No
- Updates
-
An array of objects that provides details about the finding change event, including the AWS Security Finding Format (ASFF) field that changed, the value of the field before the change, and the value of the field after the change.
Type: Array of FindingHistoryUpdate objects
Required: No
- UpdateSource
-
Identifies the source of the event that changed the finding. For example, an integrated AWS service or third-party partner integration may call
BatchImportFindings
, or an AWS Security Hub customer may callBatchUpdateFindings
.Type: FindingHistoryUpdateSource object
Required: No
- UpdateTime
-
A timestamp that indicates when Security Hub processed the updated finding record.
This field accepts only the specified formats. Timestamps can end with
Z
or("+" / "-") time-hour [":" time-minute]
. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats that you can send to Security Hub:-
YYYY-MM-DDTHH:MM:SSZ
(for example,2019-01-31T23:00:00Z
) -
YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ
(for example,2019-01-31T23:00:00.123456789Z
) -
YYYY-MM-DDTHH:MM:SS+HH:MM
(for example,2024-01-04T15:25:10+17:59
) -
YYYY-MM-DDTHH:MM:SS-HHMM
(for example,2024-01-04T15:25:10-1759
) -
YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM
(for example,2024-01-04T15:25:10.123456789+17:59
)
If a finding provider sends a finding to Security Hub that contains a timestamp in nanoseconds, we round it to milliseconds. For example, we round
2024-10-31T23:00:00.123456789Z
to2024-10-31T23:00:00.123Z
.Type: Timestamp
Required: No
-
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: