in detection-ml-wksp/aws_lambda/guardduty_ingest.py [0:0]
def load_workshop_findings(s3_client, bucket, prefix):
"""
This function loads the GuardDuty findings used for the Detection ML workshop.
that are stored in a JSON file in S3.
:param s3_client: Boto3 S3 client
:param bucket: name of the bucket from which to load log files
:param prefix: prefix within the bucket to search for log files
:return: list of GuardDuty finding dict
"""
res = s3_client.list_objects_v2(
Bucket=bucket,
Prefix=prefix,
)
findings = []
for obj in res['Contents']:
if obj['Size'] > 0 and obj['Key'].endswith('.json'):
key = obj['Key']
logger.info('Loading GuardDuty findings file s3://%s/%s', bucket, key)
response = s3_client.get_object(Bucket=bucket, Key=key)
new_findings = json.loads(response['Body'].read())
logger.info('Number of findings in file: %d', len(new_findings))
findings.extend(new_findings)
return findings