AwsCloudWatch 中的资源 ASFF

以下是AwsCloudWatch资源 AWS 的安全调查结果格式 (ASFF) 语法的示例。

AWS Security Hub 将来自各种来源的发现标准化为ASFF。有关背景信息ASFF，请参阅AWS 安全调查结果格式 (ASFF)。

AwsCloudWatchAlarm

该AwsCloudWatchAlarm对象提供有关 Amazon CloudWatch 警报的详细信息，这些警报会监视指标或在警报状态发生变化时执行操作。

以下示例显示了AwsCloudWatchAlarm对象 AWS 的安全调查结果格式 (ASFF)。要查看AwsCloudWatchAlarm属性的描述，请参阅AWS Security Hub API参考文献AwsCloudWatchAlarmDetails中的。

示例


"AwsCloudWatchAlarm": { 
	"ActionsEnabled": true,
	"AlarmActions": [
		"arn:aws:automate:region:ec2:stop",
		"arn:aws:automate:region:ec2:terminate"
	],
	"AlarmArn": "arn:aws:cloudwatch:us-west-2:012345678910:alarm:sampleAlarm",
	"AlarmConfigurationUpdatedTimestamp": "2022-02-18T15:31:53.161Z",
	"AlarmDescription": "Alarm Example",
	"AlarmName": "Example",
	"ComparisonOperator": "GreaterThanOrEqualToThreshold",
	"DatapointsToAlarm": 1,
	"Dimensions": [{
		"Name": "InstanceId",
		"Value": "i-1234567890abcdef0"
	}],
	"EvaluateLowSampleCountPercentile": "evaluate",
	"EvaluationPeriods": 1,
	"ExtendedStatistic": "p99.9",
	"InsufficientDataActions": [
		"arn:aws:automate:region:ec2:stop"
	],
	"MetricName": "Sample Metric",
	"Namespace": "YourNamespace",
	"OkActions": [
		"arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Stop/1.0"
	],
	"Period": 1,
	"Statistic": "SampleCount",
	"Threshold": 12.3,
	"ThresholdMetricId": "t1",
	"TreatMissingData": "notBreaching",
	"Unit": "Kilobytes/Second"
}

Javascript 在您的浏览器中被禁用或不可用。

要使用 Amazon Web Services 文档，必须启用 Javascript。请参阅浏览器的帮助页面以了解相关说明。

文档惯例

AwsCloudTrail

AwsCodeBuild