import * as mod from "https://aws-api-bqtgftz736ft.deno.dev/v0.5/services/detective.ts?docs=full";| AcceptInvitationRequest | |
| Account | An Amazon Web Services account that is the administrator account of or a member of a behavior graph. |
| Administrator | Information about the Detective administrator account for an organization. |
| BatchGetGraphMemberDatasourcesRequest | |
| BatchGetGraphMemberDatasourcesResponse | |
| BatchGetMembershipDatasourcesRequest | |
| BatchGetMembershipDatasourcesResponse | |
| CreateGraphRequest | |
| CreateGraphResponse | |
| CreateMembersRequest | |
| CreateMembersResponse | |
| DatasourcePackageIngestDetail | Details about the data source packages ingested by your behavior graph. |
| DatasourcePackageUsageInfo | Information on the usage of a data source package in the behavior graph. |
| DateFilter | Contains details on the time range used to filter data. |
| DeleteGraphRequest | |
| DeleteMembersRequest | |
| DeleteMembersResponse | |
| DescribeOrganizationConfigurationRequest | |
| DescribeOrganizationConfigurationResponse | |
| DisassociateMembershipRequest | |
| EnableOrganizationAdminAccountRequest | |
| FilterCriteria | Details on the criteria used to define the filter for investigation results. |
| FlaggedIpAddressDetail | Contains information on suspicious IP addresses identified as indicators of compromise. This indicator is derived from Amazon Web Services threat intelligence. |
| GetInvestigationRequest | |
| GetInvestigationResponse | |
| GetMembersRequest | |
| GetMembersResponse | |
| Graph | A behavior graph in Detective. |
| ImpossibleTravelDetail | Contains information on unusual and impossible travel in an account. |
| Indicator | Detective investigations triages indicators of compromises such as a finding and surfaces only the most critical and suspicious issues, so you can focus on high-level investigations.
An |
| IndicatorDetail | Details about the indicators of compromise which are used to determine if a resource is involved in a security incident. An indicator of compromise (IOC) is an artifact observed in or on a network, system, or environment that can (with a high level of confidence) identify malicious activity or a security incident. For the list of indicators of compromise that are generated by Detective investigations, see Detective investigations. |
| InvestigationDetail | Details about the investigation related to a potential security event identified by Detective. |
| ListDatasourcePackagesRequest | |
| ListDatasourcePackagesResponse | |
| ListGraphsRequest | |
| ListGraphsResponse | |
| ListIndicatorsRequest | |
| ListIndicatorsResponse | |
| ListInvestigationsRequest | |
| ListInvestigationsResponse | |
| ListInvitationsRequest | |
| ListInvitationsResponse | |
| ListMembersRequest | |
| ListMembersResponse | |
| ListOrganizationAdminAccountsRequest | |
| ListOrganizationAdminAccountsResponse | |
| ListTagsForResourceRequest | |
| ListTagsForResourceResponse | |
| MemberDetail | Details about a member account in a behavior graph. |
| MembershipDatasources | Details on data source packages for members of the behavior graph. |
| NewAsoDetail | Details new Autonomous System Organizations (ASOs) used either at the resource or account level. |
| NewGeolocationDetail | Details new geolocations used either at the resource or account level. For example, lists an observed geolocation that is an infrequent or unused location based on previous user activity. |
| NewUserAgentDetail | Details new user agents used either at the resource or account level. |
| RejectInvitationRequest | |
| RelatedFindingDetail | Details related activities associated with a potential security event. Lists all distinct categories of evidence that are connected to the resource or the finding group. |
| RelatedFindingGroupDetail | Details multiple activities as they related to a potential security event. Detective uses graph analysis technique that infers relationships between findings and entities, and groups them together as a finding group. |
| SortCriteria | Details about the criteria used for sorting investigations. |
| StartInvestigationRequest | |
| StartInvestigationResponse | |
| StartMonitoringMemberRequest | |
| StringFilter | A string for filtering Detective investigations. |
| TagResourceRequest | |
| TimestampForCollection | Details on when data collection began for a source package. |
| TTPsObservedDetail | Details tactics, techniques, and procedures (TTPs) used in a potential security event. Tactics are based on MITRE ATT&CK Matrix for Enterprise. |
| UnprocessedAccount | A member account that was included in a request but for which the request could not be processed. |
| UnprocessedGraph | Behavior graphs that could not be processed in the request. |
| UntagResourceRequest | |
| UpdateDatasourcePackagesRequest | |
| UpdateInvestigationStateRequest | |
| UpdateOrganizationConfigurationRequest |