From e9a94a16511ac6fbb5a29f18fb6a9382c8785ff5 Mon Sep 17 00:00:00 2001 From: Fernando Goncalves Date: Mon, 25 Nov 2024 23:31:47 +0100 Subject: [PATCH 1/2] chore: updates default SecurityHub filter --- awsfindingsmanagerlib/configuration.py | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/awsfindingsmanagerlib/configuration.py b/awsfindingsmanagerlib/configuration.py index 0d7e5db..092d96a 100644 --- a/awsfindingsmanagerlib/configuration.py +++ b/awsfindingsmanagerlib/configuration.py @@ -46,16 +46,18 @@ LOGGER = logging.getLogger(LOGGER_BASENAME) LOGGER.addHandler(logging.NullHandler()) -DEFAULT_SECURITY_HUB_FILTER = {'ComplianceStatus': [ - { - 'Value': 'FAILED', - 'Comparison': 'EQUALS' - }, - { - 'Value': 'WARNING', - 'Comparison': 'EQUALS' - } -]} +DEFAULT_SECURITY_HUB_FILTER = { + 'WorkflowStatus': [ + { + 'Value': 'SUPPRESSED', + 'Comparison': 'NOT_EQUALS' + }, + { + 'Value': 'RESOLVED', + 'Comparison': 'NOT_EQUALS' + } + ] +} def get_available_security_hub_regions(): From b370fda665e5cb8d602605ba3196ef92a758cc1f Mon Sep 17 00:00:00 2001 From: Fernando Goncalves Date: Thu, 5 Dec 2024 16:17:26 +0100 Subject: [PATCH 2/2] chore: updates default query to use EQUALS instead --- awsfindingsmanagerlib/configuration.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/awsfindingsmanagerlib/configuration.py b/awsfindingsmanagerlib/configuration.py index 092d96a..ac88321 100644 --- a/awsfindingsmanagerlib/configuration.py +++ b/awsfindingsmanagerlib/configuration.py @@ -49,12 +49,12 @@ DEFAULT_SECURITY_HUB_FILTER = { 'WorkflowStatus': [ { - 'Value': 'SUPPRESSED', - 'Comparison': 'NOT_EQUALS' + 'Value': 'NEW', + 'Comparison': 'EQUALS' }, { - 'Value': 'RESOLVED', - 'Comparison': 'NOT_EQUALS' + 'Value': 'NOTIFIED', + 'Comparison': 'EQUALS' } ] }