guardduty_list_findings
Retrieve GuardDuty finding IDs by specifying a detector ID, optionally filtering by severity or specific IDs. Use the output to fetch detailed findings with guardduty_get_findings.
Instructions
List GuardDuty finding IDs for a given detector.
Optionally, you can supply a list of finding IDs to retrieve specific findings or a minimum severity threshold to filter findings.
Parameters:
aws_region (str): The AWS region - use 'us-east-1' if not specified.
detector_id (str): The GuardDuty detector ID.
finding_ids (list, optional): Specific finding IDs to query.
severity_threshold (float, optional): If provided, returns only findings with severity greater than this value.
<IMPORTANT>
After calling this tool, you should call guardduty_get_findings multiple times with the finding_ids returned by this tool.
</IMPORTANT>
Returns:
str: JSON-formatted list of finding IDs.
Input Schema
Name | Required | Description | Default |
---|---|---|---|
aws_region | Yes | ||
detector_id | Yes | ||
finding_ids | No | ||
severity_threshold | No |
Input Schema (JSON Schema)
{
"properties": {
"aws_region": {
"title": "Aws Region",
"type": "string"
},
"detector_id": {
"title": "Detector Id",
"type": "string"
},
"finding_ids": {
"default": null,
"items": {},
"title": "Finding Ids",
"type": "array"
},
"severity_threshold": {
"default": null,
"title": "Severity Threshold",
"type": "number"
}
},
"required": [
"aws_region",
"detector_id"
],
"title": "guardduty_list_findingsArguments",
"type": "object"
}