Certified Security - Specialty

Sign Up Free or Log In to participate!

AWS Security Hub – Using the CLI to Export Findings – HEAD SCRATCHER


I have been trying to figure out how to export the findings in AWS Security Hub to use them in reporting. I found a reference to CLI commands that are supposed to be available. 


When I try: aws securityhub get-findings 

I get nada, just the standard list of services I can use. In fact there do not seem to be any securityhub commands available. 

Has anyone tried this? Security Hub seems like a great resource but it needs to be reportable. 


2 Answers

AWS Security Hub is not listed as an Available Service. See https://help.acloud.guru/hc/en-us/articles/360001389256-AWS-Cloud-Sandbox.

That command is correct provided that you specify your region or setup a profile. The problem you will run into with the above command is (TooManyRequestException). You must use a filter or set a max value. Try aws securityhub get-findings –max-items=1  



Thank you. I’ll give that a try.


If you would like to take it a step further, you can add filters: Below I added filters to only return CRITICAL issues that are in a FAIL status:


aws securityhub get-findings –filter SeverityLabel={Value=CRITICAL,Comparison=EQUALS},ComplianceStatus={Value=FAILED,Comparison=EQUALS}

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?