guardduty_get_finding_statistics
Retrieve JSON-formatted summary statistics for GuardDuty findings using a specified AWS region and detector ID. Analyze threat data efficiently.
Instructions
Get summary statistics for GuardDuty findings for a given detector.
Parameters:
aws_region (str): The AWS region - use 'us-east-1' if not specified.
detector_id (str): The GuardDuty detector ID.
Returns:
str: JSON-formatted statistics about the findings.
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| aws_region | Yes | ||
| detector_id | Yes |
Implementation Reference
- server.py:659-681 (handler)Handler function implementing the guardduty_get_finding_statistics tool. It uses the AWS GuardDuty client to retrieve finding statistics by severity and returns them as JSON.@mcp.tool() async def guardduty_get_finding_statistics(aws_region: str, detector_id: str) -> str: """ Get summary statistics for GuardDuty findings for a given detector. Parameters: aws_region (str): The AWS region - use 'us-east-1' if not specified. detector_id (str): The GuardDuty detector ID. Returns: str: JSON-formatted statistics about the findings. """ try: client = boto3.client('guardduty', region_name=aws_region) response = client.get_findings_statistics( DetectorId=detector_id, FindingStatisticTypes=['COUNT_BY_SEVERITY'], FindingCriteria={} ) statistics = response.get("FindingStatistics", {}) return json.dumps(statistics, indent=2) except Exception as e: return f"Error getting GuardDuty finding statistics: {str(e)}"