NAME

Paws::GuardDuty - Perl Interface to AWS Amazon GuardDuty

SYNOPSIS

  use Paws;

  my $obj = Paws->service('GuardDuty');
  my $res = $obj->Method(
    Arg1 => $val1,
    Arg2 => [ 'V1', 'V2' ],
    # if Arg3 is an object, the HashRef will be used as arguments to the constructor
    # of the arguments type
    Arg3 => { Att1 => 'Val1' },
    # if Arg4 is an array of objects, the HashRefs will be passed as arguments to
    # the constructor of the arguments type
    Arg4 => [ { Att1 => 'Val1'  }, { Att1 => 'Val2' } ],
  );

DESCRIPTION

Amazon GuardDuty is a continuous security monitoring service that analyzes and processes the following data sources: VPC Flow Logs, AWS CloudTrail event logs, and DNS logs. It uses threat intelligence feeds, such as lists of malicious IPs and domains, and machine learning to identify unexpected and potentially unauthorized and malicious activity within your AWS environment. This can include issues like escalations of privileges, uses of exposed credentials, or communication with malicious IPs, URLs, or domains. For example, GuardDuty can detect compromised EC2 instances serving malware or mining bitcoin. It also monitors AWS account access behavior for signs of compromise, such as unauthorized infrastructure deployments, like instances deployed in a region that has never been used, or unusual API calls, like a password policy change to reduce password strength. GuardDuty informs you of the status of your AWS environment by producing security findings that you can view in the GuardDuty console or through Amazon CloudWatch events. For more information, see Amazon GuardDuty User Guide (https://docs.aws.amazon.com/guardduty/latest/ug/what-is-guardduty.html).

For the AWS API documentation, see https://docs.aws.amazon.com/goto/WebAPI/guardduty-2017-11-28

METHODS

AcceptInvitation

DetectorId => Str
InvitationId => Str
MasterId => Str

Each argument is described in detail in: Paws::GuardDuty::AcceptInvitation

Returns: a Paws::GuardDuty::AcceptInvitationResponse instance

Accepts the invitation to be monitored by a master GuardDuty account.

ArchiveFindings

DetectorId => Str
FindingIds => ArrayRef[Str|Undef]

Each argument is described in detail in: Paws::GuardDuty::ArchiveFindings

Returns: a Paws::GuardDuty::ArchiveFindingsResponse instance

Archives Amazon GuardDuty findings specified by the list of finding IDs.

CreateDetector

Enable => Bool
[ClientToken => Str]
[FindingPublishingFrequency => Str]
[Tags => Paws::GuardDuty::TagMap]

Each argument is described in detail in: Paws::GuardDuty::CreateDetector

Returns: a Paws::GuardDuty::CreateDetectorResponse instance

Creates a single Amazon GuardDuty detector. A detector is an object that represents the GuardDuty service. A detector must be created in order for GuardDuty to become operational.

CreateFilter

DetectorId => Str
FindingCriteria => Paws::GuardDuty::FindingCriteria
Name => Str
[Action => Str]
[ClientToken => Str]
[Description => Str]
[Rank => Int]
[Tags => Paws::GuardDuty::TagMap]

Each argument is described in detail in: Paws::GuardDuty::CreateFilter

Returns: a Paws::GuardDuty::CreateFilterResponse instance

Creates a filter using the specified finding criteria.

CreateIPSet

Activate => Bool
DetectorId => Str
Format => Str
Location => Str
Name => Str
[ClientToken => Str]
[Tags => Paws::GuardDuty::TagMap]

Each argument is described in detail in: Paws::GuardDuty::CreateIPSet

Returns: a Paws::GuardDuty::CreateIPSetResponse instance

Creates a new IPSet - a list of trusted IP addresses that have been whitelisted for secure communication with AWS infrastructure and applications.

CreateMembers

AccountDetails => ArrayRef[Paws::GuardDuty::AccountDetail]
DetectorId => Str

Each argument is described in detail in: Paws::GuardDuty::CreateMembers

Returns: a Paws::GuardDuty::CreateMembersResponse instance

Creates member accounts of the current AWS account by specifying a list of AWS account IDs. The current AWS account can then invite these members to manage GuardDuty in their accounts.

CreateSampleFindings

DetectorId => Str
[FindingTypes => ArrayRef[Str|Undef]]

Each argument is described in detail in: Paws::GuardDuty::CreateSampleFindings

Returns: a Paws::GuardDuty::CreateSampleFindingsResponse instance

Generates example findings of types specified by the list of finding types. If 'NULL' is specified for findingTypes, the API generates example findings of all supported finding types.

CreateThreatIntelSet

Activate => Bool
DetectorId => Str
Format => Str
Location => Str
Name => Str
[ClientToken => Str]
[Tags => Paws::GuardDuty::TagMap]

Each argument is described in detail in: Paws::GuardDuty::CreateThreatIntelSet

Returns: a Paws::GuardDuty::CreateThreatIntelSetResponse instance

Create a new ThreatIntelSet. ThreatIntelSets consist of known malicious IP addresses. GuardDuty generates findings based on ThreatIntelSets.

DeclineInvitations

AccountIds => ArrayRef[Str|Undef]

Each argument is described in detail in: Paws::GuardDuty::DeclineInvitations

Returns: a Paws::GuardDuty::DeclineInvitationsResponse instance

Declines invitations sent to the current member account by AWS account specified by their account IDs.

DeleteDetector

DetectorId => Str

Each argument is described in detail in: Paws::GuardDuty::DeleteDetector

Returns: a Paws::GuardDuty::DeleteDetectorResponse instance

Deletes a Amazon GuardDuty detector specified by the detector ID.

DeleteFilter

DetectorId => Str
FilterName => Str

Each argument is described in detail in: Paws::GuardDuty::DeleteFilter

Returns: a Paws::GuardDuty::DeleteFilterResponse instance

Deletes the filter specified by the filter name.

DeleteInvitations

AccountIds => ArrayRef[Str|Undef]

Each argument is described in detail in: Paws::GuardDuty::DeleteInvitations

Returns: a Paws::GuardDuty::DeleteInvitationsResponse instance

Deletes invitations sent to the current member account by AWS accounts specified by their account IDs.

DeleteIPSet

DetectorId => Str
IpSetId => Str

Each argument is described in detail in: Paws::GuardDuty::DeleteIPSet

Returns: a Paws::GuardDuty::DeleteIPSetResponse instance

Deletes the IPSet specified by the IPSet ID.

DeleteMembers

AccountIds => ArrayRef[Str|Undef]
DetectorId => Str

Each argument is described in detail in: Paws::GuardDuty::DeleteMembers

Returns: a Paws::GuardDuty::DeleteMembersResponse instance

Deletes GuardDuty member accounts (to the current GuardDuty master account) specified by the account IDs.

DeleteThreatIntelSet

DetectorId => Str
ThreatIntelSetId => Str

Each argument is described in detail in: Paws::GuardDuty::DeleteThreatIntelSet

Returns: a Paws::GuardDuty::DeleteThreatIntelSetResponse instance

Deletes ThreatIntelSet specified by the ThreatIntelSet ID.

DisassociateFromMasterAccount

DetectorId => Str

Each argument is described in detail in: Paws::GuardDuty::DisassociateFromMasterAccount

Returns: a Paws::GuardDuty::DisassociateFromMasterAccountResponse instance

Disassociates the current GuardDuty member account from its master account.

DisassociateMembers

AccountIds => ArrayRef[Str|Undef]
DetectorId => Str

Each argument is described in detail in: Paws::GuardDuty::DisassociateMembers

Returns: a Paws::GuardDuty::DisassociateMembersResponse instance

Disassociates GuardDuty member accounts (to the current GuardDuty master account) specified by the account IDs.

GetDetector

DetectorId => Str

Each argument is described in detail in: Paws::GuardDuty::GetDetector

Returns: a Paws::GuardDuty::GetDetectorResponse instance

Retrieves an Amazon GuardDuty detector specified by the detectorId.

GetFilter

DetectorId => Str
FilterName => Str

Each argument is described in detail in: Paws::GuardDuty::GetFilter

Returns: a Paws::GuardDuty::GetFilterResponse instance

Returns the details of the filter specified by the filter name.

GetFindings

DetectorId => Str
FindingIds => ArrayRef[Str|Undef]
[SortCriteria => Paws::GuardDuty::SortCriteria]

Each argument is described in detail in: Paws::GuardDuty::GetFindings

Returns: a Paws::GuardDuty::GetFindingsResponse instance

Describes Amazon GuardDuty findings specified by finding IDs.

GetFindingsStatistics

DetectorId => Str
FindingStatisticTypes => ArrayRef[Str|Undef]
[FindingCriteria => Paws::GuardDuty::FindingCriteria]

Each argument is described in detail in: Paws::GuardDuty::GetFindingsStatistics

Returns: a Paws::GuardDuty::GetFindingsStatisticsResponse instance

Lists Amazon GuardDuty findings' statistics for the specified detector ID.

GetInvitationsCount

Each argument is described in detail in: Paws::GuardDuty::GetInvitationsCount

Returns: a Paws::GuardDuty::GetInvitationsCountResponse instance

Returns the count of all GuardDuty membership invitations that were sent to the current member account except the currently accepted invitation.

GetIPSet

DetectorId => Str
IpSetId => Str

Each argument is described in detail in: Paws::GuardDuty::GetIPSet

Returns: a Paws::GuardDuty::GetIPSetResponse instance

Retrieves the IPSet specified by the IPSet ID.

GetMasterAccount

DetectorId => Str

Each argument is described in detail in: Paws::GuardDuty::GetMasterAccount

Returns: a Paws::GuardDuty::GetMasterAccountResponse instance

Provides the details for the GuardDuty master account to the current GuardDuty member account.

GetMembers

AccountIds => ArrayRef[Str|Undef]
DetectorId => Str

Each argument is described in detail in: Paws::GuardDuty::GetMembers

Returns: a Paws::GuardDuty::GetMembersResponse instance

Retrieves GuardDuty member accounts (to the current GuardDuty master account) specified by the account IDs.

GetThreatIntelSet

DetectorId => Str
ThreatIntelSetId => Str

Each argument is described in detail in: Paws::GuardDuty::GetThreatIntelSet

Returns: a Paws::GuardDuty::GetThreatIntelSetResponse instance

Retrieves the ThreatIntelSet that is specified by the ThreatIntelSet ID.

InviteMembers

AccountIds => ArrayRef[Str|Undef]
DetectorId => Str
[DisableEmailNotification => Bool]
[Message => Str]

Each argument is described in detail in: Paws::GuardDuty::InviteMembers

Returns: a Paws::GuardDuty::InviteMembersResponse instance

Invites other AWS accounts (created as members of the current AWS account by CreateMembers) to enable GuardDuty and allow the current AWS account to view and manage these accounts' GuardDuty findings on their behalf as the master account.

ListDetectors

[MaxResults => Int]
[NextToken => Str]

Each argument is described in detail in: Paws::GuardDuty::ListDetectors

Returns: a Paws::GuardDuty::ListDetectorsResponse instance

Lists detectorIds of all the existing Amazon GuardDuty detector resources.

ListFilters

DetectorId => Str
[MaxResults => Int]
[NextToken => Str]

Each argument is described in detail in: Paws::GuardDuty::ListFilters

Returns: a Paws::GuardDuty::ListFiltersResponse instance

Returns a paginated list of the current filters.

ListFindings

DetectorId => Str
[FindingCriteria => Paws::GuardDuty::FindingCriteria]
[MaxResults => Int]
[NextToken => Str]
[SortCriteria => Paws::GuardDuty::SortCriteria]

Each argument is described in detail in: Paws::GuardDuty::ListFindings

Returns: a Paws::GuardDuty::ListFindingsResponse instance

Lists Amazon GuardDuty findings for the specified detector ID.

ListInvitations

[MaxResults => Int]
[NextToken => Str]

Each argument is described in detail in: Paws::GuardDuty::ListInvitations

Returns: a Paws::GuardDuty::ListInvitationsResponse instance

Lists all GuardDuty membership invitations that were sent to the current AWS account.

ListIPSets

DetectorId => Str
[MaxResults => Int]
[NextToken => Str]

Each argument is described in detail in: Paws::GuardDuty::ListIPSets

Returns: a Paws::GuardDuty::ListIPSetsResponse instance

Lists the IPSets of the GuardDuty service specified by the detector ID.

ListMembers

DetectorId => Str
[MaxResults => Int]
[NextToken => Str]
[OnlyAssociated => Str]

Each argument is described in detail in: Paws::GuardDuty::ListMembers

Returns: a Paws::GuardDuty::ListMembersResponse instance

Lists details about all member accounts for the current GuardDuty master account.

ListTagsForResource

ResourceArn => Str

Each argument is described in detail in: Paws::GuardDuty::ListTagsForResource

Returns: a Paws::GuardDuty::ListTagsForResourceResponse instance

Lists tags for a resource. Tagging is currently supported for detectors, finding filters, IP sets, and Threat Intel sets, with a limit of 50 tags per resource. When invoked, this operation returns all assigned tags for a given resource..

ListThreatIntelSets

DetectorId => Str
[MaxResults => Int]
[NextToken => Str]

Each argument is described in detail in: Paws::GuardDuty::ListThreatIntelSets

Returns: a Paws::GuardDuty::ListThreatIntelSetsResponse instance

Lists the ThreatIntelSets of the GuardDuty service specified by the detector ID.

StartMonitoringMembers

AccountIds => ArrayRef[Str|Undef]
DetectorId => Str

Each argument is described in detail in: Paws::GuardDuty::StartMonitoringMembers

Returns: a Paws::GuardDuty::StartMonitoringMembersResponse instance

Re-enables GuardDuty to monitor findings of the member accounts specified by the account IDs. A master GuardDuty account can run this command after disabling GuardDuty from monitoring these members' findings by running StopMonitoringMembers.

StopMonitoringMembers

AccountIds => ArrayRef[Str|Undef]
DetectorId => Str

Each argument is described in detail in: Paws::GuardDuty::StopMonitoringMembers

Returns: a Paws::GuardDuty::StopMonitoringMembersResponse instance

Disables GuardDuty from monitoring findings of the member accounts specified by the account IDs. After running this command, a master GuardDuty account can run StartMonitoringMembers to re-enable GuardDuty to monitor these members’ findings.

TagResource

ResourceArn => Str
Tags => Paws::GuardDuty::TagMap

Each argument is described in detail in: Paws::GuardDuty::TagResource

Returns: a Paws::GuardDuty::TagResourceResponse instance

Adds tags to a resource.

UnarchiveFindings

DetectorId => Str
FindingIds => ArrayRef[Str|Undef]

Each argument is described in detail in: Paws::GuardDuty::UnarchiveFindings

Returns: a Paws::GuardDuty::UnarchiveFindingsResponse instance

Unarchives Amazon GuardDuty findings specified by the list of finding IDs.

UntagResource

ResourceArn => Str
TagKeys => ArrayRef[Str|Undef]

Each argument is described in detail in: Paws::GuardDuty::UntagResource

Returns: a Paws::GuardDuty::UntagResourceResponse instance

Removes tags from a resource.

UpdateDetector

DetectorId => Str
[Enable => Bool]
[FindingPublishingFrequency => Str]

Each argument is described in detail in: Paws::GuardDuty::UpdateDetector

Returns: a Paws::GuardDuty::UpdateDetectorResponse instance

Updates an Amazon GuardDuty detector specified by the detectorId.

UpdateFilter

DetectorId => Str
FilterName => Str
[Action => Str]
[Description => Str]
[FindingCriteria => Paws::GuardDuty::FindingCriteria]
[Rank => Int]

Each argument is described in detail in: Paws::GuardDuty::UpdateFilter

Returns: a Paws::GuardDuty::UpdateFilterResponse instance

Updates the filter specified by the filter name.

UpdateFindingsFeedback

DetectorId => Str
Feedback => Str
FindingIds => ArrayRef[Str|Undef]
[Comments => Str]

Each argument is described in detail in: Paws::GuardDuty::UpdateFindingsFeedback

Returns: a Paws::GuardDuty::UpdateFindingsFeedbackResponse instance

Marks specified Amazon GuardDuty findings as useful or not useful.

UpdateIPSet

DetectorId => Str
IpSetId => Str
[Activate => Bool]
[Location => Str]
[Name => Str]

Each argument is described in detail in: Paws::GuardDuty::UpdateIPSet

Returns: a Paws::GuardDuty::UpdateIPSetResponse instance

Updates the IPSet specified by the IPSet ID.

UpdateThreatIntelSet

DetectorId => Str
ThreatIntelSetId => Str
[Activate => Bool]
[Location => Str]
[Name => Str]

Each argument is described in detail in: Paws::GuardDuty::UpdateThreatIntelSet

Returns: a Paws::GuardDuty::UpdateThreatIntelSetResponse instance

Updates the ThreatIntelSet specified by ThreatIntelSet ID.

PAGINATORS

Paginator methods are helpers that repetively call methods that return partial results

ListAllDetectors(sub { },[MaxResults => Int, NextToken => Str])

ListAllDetectors([MaxResults => Int, NextToken => Str])

If passed a sub as first parameter, it will call the sub for each element found in :

 - DetectorIds, passing the object as the first parameter, and the string 'DetectorIds' as the second parameter 

If not, it will return a a Paws::GuardDuty::ListDetectorsResponse instance with all the params; from all the responses. Please take into account that this mode can potentially consume vasts ammounts of memory.

ListAllFilters(sub { },DetectorId => Str, [MaxResults => Int, NextToken => Str])

ListAllFilters(DetectorId => Str, [MaxResults => Int, NextToken => Str])

If passed a sub as first parameter, it will call the sub for each element found in :

 - FilterNames, passing the object as the first parameter, and the string 'FilterNames' as the second parameter 

If not, it will return a a Paws::GuardDuty::ListFiltersResponse instance with all the params; from all the responses. Please take into account that this mode can potentially consume vasts ammounts of memory.

ListAllFindings(sub { },DetectorId => Str, [FindingCriteria => Paws::GuardDuty::FindingCriteria, MaxResults => Int, NextToken => Str, SortCriteria => Paws::GuardDuty::SortCriteria])

ListAllFindings(DetectorId => Str, [FindingCriteria => Paws::GuardDuty::FindingCriteria, MaxResults => Int, NextToken => Str, SortCriteria => Paws::GuardDuty::SortCriteria])

If passed a sub as first parameter, it will call the sub for each element found in :

 - FindingIds, passing the object as the first parameter, and the string 'FindingIds' as the second parameter 

If not, it will return a a Paws::GuardDuty::ListFindingsResponse instance with all the params; from all the responses. Please take into account that this mode can potentially consume vasts ammounts of memory.

ListAllInvitations(sub { },[MaxResults => Int, NextToken => Str])

ListAllInvitations([MaxResults => Int, NextToken => Str])

If passed a sub as first parameter, it will call the sub for each element found in :

 - Invitations, passing the object as the first parameter, and the string 'Invitations' as the second parameter 

If not, it will return a a Paws::GuardDuty::ListInvitationsResponse instance with all the params; from all the responses. Please take into account that this mode can potentially consume vasts ammounts of memory.

ListAllIPSets(sub { },DetectorId => Str, [MaxResults => Int, NextToken => Str])

ListAllIPSets(DetectorId => Str, [MaxResults => Int, NextToken => Str])

If passed a sub as first parameter, it will call the sub for each element found in :

 - IpSetIds, passing the object as the first parameter, and the string 'IpSetIds' as the second parameter 

If not, it will return a a Paws::GuardDuty::ListIPSetsResponse instance with all the params; from all the responses. Please take into account that this mode can potentially consume vasts ammounts of memory.

ListAllMembers(sub { },DetectorId => Str, [MaxResults => Int, NextToken => Str, OnlyAssociated => Str])

ListAllMembers(DetectorId => Str, [MaxResults => Int, NextToken => Str, OnlyAssociated => Str])

If passed a sub as first parameter, it will call the sub for each element found in :

 - Members, passing the object as the first parameter, and the string 'Members' as the second parameter 

If not, it will return a a Paws::GuardDuty::ListMembersResponse instance with all the params; from all the responses. Please take into account that this mode can potentially consume vasts ammounts of memory.

ListAllThreatIntelSets(sub { },DetectorId => Str, [MaxResults => Int, NextToken => Str])

ListAllThreatIntelSets(DetectorId => Str, [MaxResults => Int, NextToken => Str])

If passed a sub as first parameter, it will call the sub for each element found in :

 - ThreatIntelSetIds, passing the object as the first parameter, and the string 'ThreatIntelSetIds' as the second parameter 

If not, it will return a a Paws::GuardDuty::ListThreatIntelSetsResponse instance with all the params; from all the responses. Please take into account that this mode can potentially consume vasts ammounts of memory.

SEE ALSO

This service class forms part of Paws

BUGS and CONTRIBUTIONS

The source code is located here: https://github.com/pplu/aws-sdk-perl

Please report bugs to: https://github.com/pplu/aws-sdk-perl/issues