Amazon GuardDuty · Schema

Evidence

Contains information about the reason that the finding was generated.

Anomaly DetectionComplianceMachine LearningMonitoringSecurityThreat Detection

Properties

Name Type Description
ThreatIntelligenceDetails object
View JSON Schema on GitHub

JSON Schema

guardduty-evidence-schema.json Raw ↑ 
{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "$id": "https://raw.githubusercontent.com/api-evangelist/amazon-guardduty/refs/heads/main/json-schema/guardduty-evidence-schema.json",
  "title": "Evidence",
  "description": "Contains information about the reason that the finding was generated.",
  "type": "object",
  "properties": {
    "ThreatIntelligenceDetails": {
      "allOf": [
        {
          "$ref": "#/components/schemas/ThreatIntelligenceDetails"
        },
        {
          "xml": {
            "name": "threatIntelligenceDetails"
          },
          "description": "A list of threat intelligence details related to the evidence."
        }
      ]
    }
  }
}