ghndrx/prowler
1
0
Fork 0
mirror of https://github.com/ghndrx/prowler.git synced 2026-02-10 23:05:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Ignore archived findings in GuardDuty for check extra7139 @chbiel

Browse Source 
Ignore archived findings in GuardDuty for check extra7139 @chbiel
This commit is contained in:
Toni de la Fuente
2021-08-25 11:26:31 +02:00
committed by GitHub
parent 49261840d0 321c79a374
commit a72a2e9b48
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
checks/check_extra7139
View File

@@ -29,7 +29,7 @@ extra7139(){
if [[ $DETECTORS_LIST ]];then
for DETECTOR in $DETECTORS_LIST;do
FINDINGS_COUNT=""
FINDINGS_COUNT=$($AWSCLI $PROFILE_OPT --region $regx --output text guardduty list-findings --detector-id $DETECTOR --finding-criteria '{"Criterion":{"severity": {"Eq":["8"]}}}' 2> /dev/null | wc -l | xargs) # Severity LOW=2, MED=4, HIGH=8
FINDINGS_COUNT=$($AWSCLI $PROFILE_OPT --region $regx --output text guardduty list-findings --detector-id $DETECTOR --finding-criteria '{"Criterion":{"severity": {"Eq":["8"]}, "service.archived": {"Eq": ["false"]}}}' 2> /dev/null | wc -l | xargs) # Severity LOW=2, MED=4, HIGH=8
if [[ $FINDINGS_COUNT -gt 0 ]];then
textFail "$regx: GuardDuty has $FINDINGS_COUNT high severity findings." "$regx"
else