AwsCloudWatch 資源 ASFF - AWS Security Hub
AwsCloudWatchAlarm

本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。

AwsCloudWatch 資源 ASFF

以下是 AwsCloudWatch 資源 AWS 的安全調查結果格式 (ASFF) 語法範例。

AWS Security Hub 將各種來源的調查結果標準化為 ASFF。如需 的背景資訊ASFF,請參閱 AWS 安全調查結果格式 (ASFF)

AwsCloudWatchAlarm

AwsCloudWatchAlarm 物件提供 Amazon CloudWatch 警示的詳細資訊,這些警示會在警示變更狀態時監看指標或執行動作。

下列範例顯示 AwsCloudWatchAlarm 物件 AWS 的安全調查結果格式 (ASFF)。若要檢視AwsCloudWatchAlarm屬性的描述,請參閱 AWS Security Hub API 參考AwsCloudWatchAlarmDetails中的 。

範例

"AwsCloudWatchAlarm": { 
	"ActionsEnabled": true,
	"AlarmActions": [
		"arn:aws:automate:region:ec2:stop",
		"arn:aws:automate:region:ec2:terminate"
	],
	"AlarmArn": "arn:aws:cloudwatch:us-west-2:012345678910:alarm:sampleAlarm",
	"AlarmConfigurationUpdatedTimestamp": "2022-02-18T15:31:53.161Z",
	"AlarmDescription": "Alarm Example",
	"AlarmName": "Example",
	"ComparisonOperator": "GreaterThanOrEqualToThreshold",
	"DatapointsToAlarm": 1,
	"Dimensions": [{
		"Name": "InstanceId",
		"Value": "i-1234567890abcdef0"
	}],
	"EvaluateLowSampleCountPercentile": "evaluate",
	"EvaluationPeriods": 1,
	"ExtendedStatistic": "p99.9",
	"InsufficientDataActions": [
		"arn:aws:automate:region:ec2:stop"
	],
	"MetricName": "Sample Metric",
	"Namespace": "YourNamespace",
	"OkActions": [
		"arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Stop/1.0"
	],
	"Period": 1,
	"Statistic": "SampleCount",
	"Threshold": 12.3,
	"ThresholdMetricId": "t1",
	"TreatMissingData": "notBreaching",
	"Unit": "Kilobytes/Second"
}