This product is not supported for your selected Datadog site. ().
이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

aws_iot_securityprofile

account_id

Type: STRING

additional_metrics_to_retain

Type: UNORDERED_LIST_STRING
Provider name: additionalMetricsToRetain
Description: Please use DescribeSecurityProfileResponse$additionalMetricsToRetainV2 instead. A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile’s behaviors, but it is also retained for any metric specified here.

additional_metrics_to_retain_v2

Type: UNORDERED_LIST_STRUCT
Provider name: additionalMetricsToRetainV2
Description: A list of metrics whose data is retained (stored). By default, data is retained for any metric used in the profile’s behaviors, but it is also retained for any metric specified here.

  • export_metric
    Type: BOOLEAN
    Provider name: exportMetric
    Description: The value indicates exporting metrics related to the MetricToRetain when it’s true.
  • metric
    Type: STRING
    Provider name: metric
    Description: What is measured by the behavior.
  • metric_dimension
    Type: STRUCT
    Provider name: metricDimension
    Description: The dimension of a metric. This can’t be used with custom metrics.
    • dimension_name
      Type: STRING
      Provider name: dimensionName
      Description: A unique identifier for the dimension.
    • operator
      Type: STRING
      Provider name: operator
      Description: Defines how the dimensionValues of a dimension are interpreted. For example, for dimension type TOPIC_FILTER, the IN operator, a message will be counted only if its topic matches one of the topic filters. With NOT_IN operator, a message will be counted only if it doesn’t match any of the topic filters. The operator is optional: if it’s not provided (is null), it will be interpreted as IN.

alert_targets

Type: STRING
Provider name: alertTargets
Description: Where the alerts are sent. (Alerts are always sent to the console.)

behaviors

Type: UNORDERED_LIST_STRUCT
Provider name: behaviors
Description: Specifies the behaviors that, when violated by a device (thing), cause an alert.

  • criteria
    Type: STRUCT
    Provider name: criteria
    Description: The criteria that determine if a device is behaving normally in regard to the metric. In the IoT console, you can choose to be sent an alert through Amazon SNS when IoT Device Defender detects that a device is behaving anomalously.
    • comparison_operator
      Type: STRING
      Provider name: comparisonOperator
      Description: The operator that relates the thing measured (metric) to the criteria (containing a value or statisticalThreshold). Valid operators include:
      • string-list: in-set and not-in-set
      • number-list: in-set and not-in-set
      • ip-address-list: in-cidr-set and not-in-cidr-set
      • number: less-than, less-than-equals, greater-than, and greater-than-equals
    • consecutive_datapoints_to_alarm
      Type: INT32
      Provider name: consecutiveDatapointsToAlarm
      Description: If a device is in violation of the behavior for the specified number of consecutive datapoints, an alarm occurs. If not specified, the default is 1.
    • consecutive_datapoints_to_clear
      Type: INT32
      Provider name: consecutiveDatapointsToClear
      Description: If an alarm has occurred and the offending device is no longer in violation of the behavior for the specified number of consecutive datapoints, the alarm is cleared. If not specified, the default is 1.
    • duration_seconds
      Type: INT32
      Provider name: durationSeconds
      Description: Use this to specify the time duration over which the behavior is evaluated, for those criteria that have a time dimension (for example, NUM_MESSAGES_SENT). For a statisticalThreshhold metric comparison, measurements from all devices are accumulated over this time duration before being used to calculate percentiles, and later, measurements from an individual device are also accumulated over this time duration before being given a percentile rank. Cannot be used with list-based metric datatypes.
    • ml_detection_config
      Type: STRUCT
      Provider name: mlDetectionConfig
      Description: The configuration of an ML Detect
      • confidence_level
        Type: STRING
        Provider name: confidenceLevel
        Description: The sensitivity of anomalous behavior evaluation. Can be Low, Medium, or High.
    • statistical_threshold
      Type: STRUCT
      Provider name: statisticalThreshold
      Description: A statistical ranking (percentile)that indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior.
      • statistic
        Type: STRING
        Provider name: statistic
        Description: The percentile that resolves to a threshold value by which compliance with a behavior is determined. Metrics are collected over the specified period (durationSeconds) from all reporting devices in your account and statistical ranks are calculated. Then, the measurements from a device are collected over the same period. If the accumulated measurements from the device fall above or below (comparisonOperator) the value associated with the percentile specified, then the device is considered to be in compliance with the behavior, otherwise a violation occurs.
    • value
      Type: STRUCT
      Provider name: value
      Description: The value to be compared with the metric.
      • cidrs
        Type: UNORDERED_LIST_STRING
        Provider name: cidrs
        Description: If the comparisonOperator calls for a set of CIDRs, use this to specify that set to be compared with the metric.
      • count
        Type: INT64
        Provider name: count
        Description: If the comparisonOperator calls for a numeric value, use this to specify that numeric value to be compared with the metric.
      • number
        Type: DOUBLE
        Provider name: number
        Description: The numeral value of a metric.
      • numbers
        Type: UNORDERED_LIST_DOUBLE
        Provider name: numbers
        Description: The numeral values of a metric.
      • ports
        Type: UNORDERED_LIST_INT32
        Provider name: ports
        Description: If the comparisonOperator calls for a set of ports, use this to specify that set to be compared with the metric.
      • strings
        Type: UNORDERED_LIST_STRING
        Provider name: strings
        Description: The string values of a metric.
  • export_metric
    Type: BOOLEAN
    Provider name: exportMetric
    Description: Value indicates exporting metrics related to the behavior when it is true.
  • metric
    Type: STRING
    Provider name: metric
    Description: What is measured by the behavior.
  • metric_dimension
    Type: STRUCT
    Provider name: metricDimension
    Description: The dimension for a metric in your behavior. For example, using a TOPIC_FILTER dimension, you can narrow down the scope of the metric to only MQTT topics where the name matches the pattern specified in the dimension. This can’t be used with custom metrics.
    • dimension_name
      Type: STRING
      Provider name: dimensionName
      Description: A unique identifier for the dimension.
    • operator
      Type: STRING
      Provider name: operator
      Description: Defines how the dimensionValues of a dimension are interpreted. For example, for dimension type TOPIC_FILTER, the IN operator, a message will be counted only if its topic matches one of the topic filters. With NOT_IN operator, a message will be counted only if it doesn’t match any of the topic filters. The operator is optional: if it’s not provided (is null), it will be interpreted as IN.
  • name
    Type: STRING
    Provider name: name
    Description: The name you’ve given to the behavior.
  • suppress_alerts
    Type: BOOLEAN
    Provider name: suppressAlerts
    Description: Suppresses alerts.

creation_date

Type: TIMESTAMP
Provider name: creationDate
Description: The time the security profile was created.

last_modified_date

Type: TIMESTAMP
Provider name: lastModifiedDate
Description: The time the security profile was last modified.

metrics_export_config

Type: STRUCT
Provider name: metricsExportConfig
Description: Specifies the MQTT topic and role ARN required for metric export.

  • mqtt_topic
    Type: STRING
    Provider name: mqttTopic
    Description: The MQTT topic that Device Defender Detect should publish messages to for metrics export.
  • role_arn
    Type: STRING
    Provider name: roleArn
    Description: This role ARN has permission to publish MQTT messages, after which Device Defender Detect can assume the role and publish messages on your behalf.

security_profile_arn

Type: STRING
Provider name: securityProfileArn
Description: The ARN of the security profile.

security_profile_description

Type: STRING
Provider name: securityProfileDescription
Description: A description of the security profile (associated with the security profile when it was created or updated).

security_profile_name

Type: STRING
Provider name: securityProfileName
Description: The name of the security profile.

tags

Type: UNORDERED_LIST_STRING

version

Type: INT64
Provider name: version
Description: The version of the security profile. A new version is generated whenever the security profile is updated.