GuardDuty / Client / list_malware_scans

list_malware_scans

GuardDuty.Client.list_malware_scans(**kwargs)

Returns a list of malware scans. Each member account can view the malware scans for their own accounts. An administrator can view the malware scans for all of its members’ accounts.

See also: AWS API Documentation

Request Syntax

response = client.list_malware_scans(
    MaxResults=123,
    NextToken='string',
    FilterCriteria={
        'ListMalwareScansFilterCriterion': [
            {
                'ListMalwareScansCriterionKey': 'RESOURCE_ARN'|'SCAN_ID'|'ACCOUNT_ID'|'GUARDDUTY_FINDING_ID'|'RESOURCE_TYPE'|'SCAN_START_TIME'|'SCAN_STATUS'|'SCAN_TYPE',
                'FilterCondition': {
                    'EqualsValue': 'string',
                    'GreaterThan': 123,
                    'LessThan': 123
                }
            },
        ]
    },
    SortCriteria={
        'AttributeName': 'string',
        'OrderBy': 'ASC'|'DESC'
    }
)

Parameters:

• MaxResults (integer) – You can use this parameter to indicate the maximum number of items that you want in the response. The default value is 50. The maximum value is 50.

• NextToken (string) – You can use this parameter when paginating results. Set the value of this parameter to null on your first call to the list action. For subsequent calls to the action, fill nextToken in the request with the value of NextToken from the previous response to continue listing results.

• FilterCriteria (dict) –

  Represents the criteria used to filter the malware scan entries.

  • ListMalwareScansFilterCriterion (list) –

    Represents a condition that when matched will be added to the response of the operation.

    • (dict) –

      Represents a condition that when matched will be added to the response of the operation. Irrespective of using any filter criteria, an administrator account can view the scan entries for all of its member accounts. However, each member account can view the scan entries only for their own account.

      • ListMalwareScansCriterionKey (string) –

        An enum value representing possible scan properties to match with given scan entries.

      • FilterCondition (dict) –

        Contains information about the condition.

        • EqualsValue (string) –

          Represents an equal condition to be applied to a single field when querying for scan entries.

        • GreaterThan (integer) –

          Represents a greater than condition to be applied to a single field when querying for scan entries.

        • LessThan (integer) –

          Represents a less than condition to be applied to a single field when querying for scan entries.

• SortCriteria (dict) –

  Represents the criteria used for sorting malware scan entries.

  • AttributeName (string) –

    Represents the finding attribute, such as accountId, that sorts the findings.

  • OrderBy (string) –

    The order by which the sorted findings are to be displayed.

Return type:

dict

Returns:

Response Syntax

{
    'Scans': [
        {
            'ResourceArn': 'string',
            'ResourceType': 'EBS_RECOVERY_POINT'|'EBS_SNAPSHOT'|'EBS_VOLUME'|'EC2_AMI'|'EC2_INSTANCE'|'EC2_RECOVERY_POINT'|'S3_RECOVERY_POINT'|'S3_BUCKET',
            'ScanId': 'string',
            'ScanStatus': 'RUNNING'|'COMPLETED'|'COMPLETED_WITH_ISSUES'|'FAILED'|'SKIPPED',
            'ScanResultStatus': 'NO_THREATS_FOUND'|'THREATS_FOUND',
            'ScanType': 'BACKUP_INITIATED'|'ON_DEMAND'|'GUARDDUTY_INITIATED',
            'ScanStartedAt': datetime(2015, 1, 1),
            'ScanCompletedAt': datetime(2015, 1, 1)
        },
    ],
    'NextToken': 'string'
}

Response Structure

• (dict) –

  • Scans (list) –

    The list of malware scans associated with the provided input parameters.

    • (dict) –

      Contains information about a particular malware scan.

      • ResourceArn (string) –

        Amazon Resource Name (ARN) of the resource for the given malware scan.

      • ResourceType (string) –

        The type of resource that was scanned for malware.

      • ScanId (string) –

        A unique identifier that gets generated when you invoke the API without any error. Each malware scan has a corresponding scan ID. Using this scan ID, you can monitor the status of your malware scan.

      • ScanStatus (string) –

        An enum value representing the current status of the malware scan.

      • ScanResultStatus (string) –

        An enum value representing the result of the malware scan.

      • ScanType (string) –

        An enum value representing the type of scan that was initiated.

      • ScanStartedAt (datetime) –

        The timestamp representing when the malware scan was started.

      • ScanCompletedAt (datetime) –

        The timestamp representing when the malware scan was completed.

  • NextToken (string) –

    The pagination parameter to be used on the next list operation to retrieve more scans.

Exceptions

• GuardDuty.Client.exceptions.BadRequestException

• GuardDuty.Client.exceptions.InternalServerErrorException