GuardDuty / Paginator / ListInvestigations

ListInvestigations

class GuardDuty.Paginator.ListInvestigations
paginator = client.get_paginator('list_investigations')
paginate(**kwargs)

Creates an iterator that will paginate through responses from GuardDuty.Client.list_investigations().

See also: AWS API Documentation

Request Syntax

response_iterator = paginator.paginate(
    DetectorId='string',
    SortCriteria={
        'AttributeName': 'START_TIME'|'END_TIME'|'STATUS'|'RISK_LEVEL'|'CONFIDENCE',
        'OrderBy': 'ASC'|'DESC'
    },
    PaginationConfig={
        'MaxItems': 123,
        'PageSize': 123,
        'StartingToken': 'string'
    }
)
Parameters:
  • DetectorId (string) –

    [REQUIRED]

    The unique ID of the GuardDuty detector whose investigations you want to list.

    To find the detectorId in the current Region, see the Settings page in the GuardDuty console, or run the ListDetectors API.

  • SortCriteria (dict) –

    Represents the criteria used for sorting investigations.

    • AttributeName (string) –

      The attribute by which to sort investigations.

    • OrderBy (string) –

      The order in which the sorted results are to be displayed.

  • PaginationConfig (dict) –

    A dictionary that provides parameters to control pagination.

    • MaxItems (integer) –

      The total number of items to return. If the total number of items available is more than the value specified in max-items then a NextToken will be provided in the output that you can use to resume pagination.

    • PageSize (integer) –

      The size of each page.

    • StartingToken (string) –

      A token to specify where to start paginating. This is the NextToken from a previous response.

Return type:

dict

Returns:

Response Syntax

{
    'Investigations': [
        {
            'InvestigationId': 'string',
            'Status': 'RUNNING'|'COMPLETED'|'FAILED',
            'TriggerPrompt': 'string',
            'RiskLevel': 'Info'|'Low'|'Medium'|'High'|'Critical',
            'Confidence': 'Unknown'|'Low'|'Medium'|'High',
            'Title': 'string',
            'AccountId': 'string',
            'StartTime': datetime(2015, 1, 1),
            'EndTime': datetime(2015, 1, 1)
        },
    ],

}

Response Structure

  • (dict) –

    • Investigations (list) –

      A list of investigation summaries associated with the specified detector.

      • (dict) –

        Contains summary information about a GuardDuty investigation.

        • InvestigationId (string) –

          The unique identifier of the investigation.

        • Status (string) –

          The current status of the investigation.

        • TriggerPrompt (string) –

          The natural-language prompt that initiated this investigation.

        • RiskLevel (string) –

          The assessed risk level of the investigated threat.

        • Confidence (string) –

          The confidence level of the investigation’s assessment.

        • Title (string) –

          A short title summarizing the investigation.

        • AccountId (string) –

          The Amazon Web Services account ID associated with the investigation.

        • StartTime (datetime) –

          The timestamp at which the investigation started.

        • EndTime (datetime) –

          The timestamp at which the investigation completed.