guardduty_get_findings
Retrieve detailed JSON-formatted information for up to 2 AWS GuardDuty findings per request to prevent server crashes. Ideal for analyzing specific security threats in a controlled manner.
Instructions
Get detailed information for the specified GuardDuty findings.
Parameters:
aws_region (str): The AWS region - use 'us-east-1' if not specified.
detector_id (str): The GuardDuty detector ID.
finding_ids (list): A list of finding IDs for which to retrieve details.
<IMPORTANT>
The server may crash when the response is too large. To avoid this, pass only max 2 finding IDs at a time.
The finding_ids list should contain a maximum of 2 IDs.
If guardduty_list_findings returns more than 2 IDs, you should call this tool max 5 times.
Then, proceed with your analysis, but remember to notify the user that there may be additional findings not retrieved.
</IMPORTANT>
Returns:
str: JSON-formatted details of the findings.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| aws_region | Yes | ||
| detector_id | Yes | ||
| finding_ids | Yes |
Input Schema (JSON Schema)
{
"properties": {
"aws_region": {
"title": "Aws Region",
"type": "string"
},
"detector_id": {
"title": "Detector Id",
"type": "string"
},
"finding_ids": {
"items": {},
"title": "Finding Ids",
"type": "array"
}
},
"required": [
"aws_region",
"detector_id",
"finding_ids"
],
"title": "guardduty_get_findingsArguments",
"type": "object"
}