AWS::IoT::SecurityProfile BehaviorCriteria

The criteria by which the behavior is determined to be normal.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON


{
  "ComparisonOperator" : String,
  "ConsecutiveDatapointsToAlarm" : Integer,
  "ConsecutiveDatapointsToClear" : Integer,
  "DurationSeconds" : Integer,
  "MlDetectionConfig" : MachineLearningDetectionConfig,
  "StatisticalThreshold" : StatisticalThreshold,
  "Value" : MetricValue
}

YAML


  ComparisonOperator: String
  ConsecutiveDatapointsToAlarm: Integer
  ConsecutiveDatapointsToClear: Integer
  DurationSeconds: Integer
  MlDetectionConfig: 
    MachineLearningDetectionConfig
  StatisticalThreshold: 
    StatisticalThreshold
  Value: 
    MetricValue

Properties

ComparisonOperator

The operator that relates the thing measured (metric) to the criteria (containing a value or statisticalThreshold). Valid operators include:

string-list: in-set and not-in-set
number-list: in-set and not-in-set
ip-address-list: in-cidr-set and not-in-cidr-set
number: less-than, less-than-equals, greater-than, and greater-than-equals

Required: No

Type: String

Update requires: No interruption

ConsecutiveDatapointsToAlarm

If a device is in violation of the behavior for the specified number of consecutive datapoints, an alarm occurs. If not specified, the default is 1.

Required: No

Type: Integer

Minimum: 1

Maximum: 10

Update requires: No interruption

ConsecutiveDatapointsToClear

If an alarm has occurred and the offending device is no longer in violation of the behavior for the specified number of consecutive datapoints, the alarm is cleared. If not specified, the default is 1.

Required: No

Type: Integer

Minimum: 1

Maximum: 10

Update requires: No interruption

DurationSeconds

Use this to specify the time duration over which the behavior is evaluated, for those criteria that have a time dimension (for example, NUM_MESSAGES_SENT). For a statisticalThreshhold metric comparison, measurements from all devices are accumulated over this time duration before being used to calculate percentiles, and later, measurements from an individual device are also accumulated over this time duration before being given a percentile rank. Cannot be used with list-based metric datatypes.

Required: No

Type: Integer

Update requires: No interruption

MlDetectionConfig

The confidence level of the detection model.

Required: No

Type: MachineLearningDetectionConfig

Update requires: No interruption

StatisticalThreshold

A statistical ranking (percentile)that indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior.

Required: No

Type: StatisticalThreshold

Update requires: No interruption

Value

The value to be compared with the metric.

Required: No

Type: MetricValue

Update requires: No interruption

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Behavior

MachineLearningDetectionConfig