AwsCloudWatch 資源 ASFF - AWS Security Hub
AwsCloudWatchAlarm

本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。

AwsCloudWatch 資源 ASFF

以下是 AwsCloudWatch 資源 AWS 的安全調查結果格式 (ASFF) 語法的範例。

AWS Security Hub 將各種來源的調查結果標準化為 ASFF。如需 的背景資訊ASFF,請參閱 AWS 安全調查結果格式 (ASFF)

AwsCloudWatchAlarm

AwsCloudWatchAlarm 物件提供有關在 CloudWatch 警示變更狀態時,監看指標或執行動作的 Amazon 警示的詳細資訊。

下列範例顯示 AwsCloudWatchAlarm 物件 AWS 的安全調查結果格式 (ASFF)。若要檢視AwsCloudWatchAlarm屬性的說明,請參閱 參考 AwsCloudWatchAlarmDetails中的 。 AWS Security Hub API

範例

"AwsCloudWatchAlarm": { 
	"ActionsEnabled": true,
	"AlarmActions": [
		"arn:aws:automate:region:ec2:stop",
		"arn:aws:automate:region:ec2:terminate"
	],
	"AlarmArn": "arn:aws:cloudwatch:us-west-2:012345678910:alarm:sampleAlarm",
	"AlarmConfigurationUpdatedTimestamp": "2022-02-18T15:31:53.161Z",
	"AlarmDescription": "Alarm Example",
	"AlarmName": "Example",
	"ComparisonOperator": "GreaterThanOrEqualToThreshold",
	"DatapointsToAlarm": 1,
	"Dimensions": [{
		"Name": "InstanceId",
		"Value": "i-1234567890abcdef0"
	}],
	"EvaluateLowSampleCountPercentile": "evaluate",
	"EvaluationPeriods": 1,
	"ExtendedStatistic": "p99.9",
	"InsufficientDataActions": [
		"arn:aws:automate:region:ec2:stop"
	],
	"MetricName": "Sample Metric",
	"Namespace": "YourNamespace",
	"OkActions": [
		"arn:aws:swf:region:account-id:action/actions/AWS_EC2.InstanceId.Stop/1.0"
	],
	"Period": 1,
	"Statistic": "SampleCount",
	"Threshold": 12.3,
	"ThresholdMetricId": "t1",
	"TreatMissingData": "notBreaching",
	"Unit": "Kilobytes/Second"
}