guardduty_list_findings

Retrieve GuardDuty finding IDs for a specified detector, optionally filtered by IDs or severity threshold. Use the output to query detailed findings with guardduty_get_findings.

Instructions

List GuardDuty finding IDs for a given detector.

Optionally, you can supply a list of finding IDs to retrieve specific findings or a minimum severity threshold to filter findings.

Parameters:
  aws_region (str): The AWS region - use 'us-east-1' if not specified.
  detector_id (str): The GuardDuty detector ID.
  finding_ids (list, optional): Specific finding IDs to query.
  severity_threshold (float, optional): If provided, returns only findings with severity greater than this value.

<IMPORTANT>
After calling this tool, you should call guardduty_get_findings multiple times with the finding_ids returned by this tool.
</IMPORTANT>

Returns:
  str: JSON-formatted list of finding IDs.

Input Schema

Name	Required	Description	Default
`aws_region`	Yes
`detector_id`	Yes
`finding_ids`	No
`severity_threshold`	No

Input Schema (JSON Schema)

{
  "properties": {
    "aws_region": {
      "title": "Aws Region",
      "type": "string"
    },
    "detector_id": {
      "title": "Detector Id",
      "type": "string"
    },
    "finding_ids": {
      "default": null,
      "items": {},
      "title": "Finding Ids",
      "type": "array"
    },
    "severity_threshold": {
      "default": null,
      "title": "Severity Threshold",
      "type": "number"
    }
  },
  "required": [
    "aws_region",
    "detector_id"
  ],
  "title": "guardduty_list_findingsArguments",
  "type": "object"
}

AWS‑IReveal‑MCP

guardduty_list_findings

Instructions

Input Schema

Input Schema (JSON Schema)

Other Tools from AWS‑IReveal‑MCP

Related Tools

MCP directory API