Slide 23
Slide 23 text
event bridge rule
{
"detail-type": ["Security Hub Findings - Imported"],
"source": ["aws.securityhub"],
"detail": {
"findings": {
"Compliance": {
"Status": ["FAILED", "NOT_AVAILABLE",
"WARNING"]
},
"RecordState": ["ACTIVE"],
"Workflow": {
"Status": ["NEW", "NOTIFIED"]
},
"Severity": {
"Label": ["HIGH", "CRITICAL", "MEDIUM"]
}
}
}
}