- 2.60.0 (latest)
- 2.59.0
- 2.57.0
- 2.56.0
- 2.55.0
- 2.54.0
- 2.53.0
- 2.52.0
- 2.51.0
- 2.50.0
- 2.49.0
- 2.48.0
- 2.47.0
- 2.45.0
- 2.44.0
- 2.43.0
- 2.42.0
- 2.41.0
- 2.40.0
- 2.39.0
- 2.38.0
- 2.37.0
- 2.36.0
- 2.35.0
- 2.32.0
- 2.31.0
- 2.30.0
- 2.29.0
- 2.28.0
- 2.27.0
- 2.26.0
- 2.25.0
- 2.24.0
- 2.23.0
- 2.22.0
- 2.21.0
- 2.20.0
- 2.19.0
- 2.17.0
- 2.16.0
- 2.15.0
- 2.14.0
- 2.13.0
- 2.12.0
- 2.11.1
- 2.10.0
- 2.9.0
- 2.8.0
- 2.7.1
- 2.6.0
- 2.5.6
- 2.3.2
public static final class GroupFindingsRequest.Builder extends GeneratedMessageV3.Builder<GroupFindingsRequest.Builder> implements GroupFindingsRequestOrBuilder
Request message for grouping by findings.
Protobuf type google.cloud.securitycenter.v1p1beta1.GroupFindingsRequest
Inheritance
Object > AbstractMessageLite.Builder<MessageType,BuilderType> > AbstractMessage.Builder<BuilderType> > GeneratedMessageV3.Builder > GroupFindingsRequest.BuilderImplements
GroupFindingsRequestOrBuilderStatic Methods
getDescriptor()
public static final Descriptors.Descriptor getDescriptor()
Returns | |
---|---|
Type | Description |
Descriptor |
Methods
addRepeatedField(Descriptors.FieldDescriptor field, Object value)
public GroupFindingsRequest.Builder addRepeatedField(Descriptors.FieldDescriptor field, Object value)
Parameters | |
---|---|
Name | Description |
field | FieldDescriptor |
value | Object |
Returns | |
---|---|
Type | Description |
GroupFindingsRequest.Builder |
build()
public GroupFindingsRequest build()
Returns | |
---|---|
Type | Description |
GroupFindingsRequest |
buildPartial()
public GroupFindingsRequest buildPartial()
Returns | |
---|---|
Type | Description |
GroupFindingsRequest |
clear()
public GroupFindingsRequest.Builder clear()
Returns | |
---|---|
Type | Description |
GroupFindingsRequest.Builder |
clearCompareDuration()
public GroupFindingsRequest.Builder clearCompareDuration()
When compare_duration is set, the GroupResult's "state_change" attribute is updated to indicate whether the finding had its state changed, the finding's state remained unchanged, or if the finding was added during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time.
The state_change value is derived based on the presence and state of the finding at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the finding is made inactive and then active again.
Possible "state_change" values when compare_duration is specified:
- "CHANGED": indicates that the finding was present and matched the given filter at the start of compare_duration, but changed its state at read_time.
- "UNCHANGED": indicates that the finding was present and matched the given filter at the start of compare_duration and did not change state at read_time.
- "ADDED": indicates that the finding did not match the given filter or was not present at the start of compare_duration, but was present at read_time.
"REMOVED": indicates that the finding was present and matched the filter at the start of compare_duration, but did not match the filter at read_time.
If compare_duration is not specified, then the only possible state_change is "UNUSED", which will be the state_change set for all findings present at read_time.
If this field is set then
state_change
must be a specified field ingroup_by
.
.google.protobuf.Duration compare_duration = 5;
Returns | |
---|---|
Type | Description |
GroupFindingsRequest.Builder |
clearField(Descriptors.FieldDescriptor field)
public GroupFindingsRequest.Builder clearField(Descriptors.FieldDescriptor field)
Parameter | |
---|---|
Name | Description |
field | FieldDescriptor |
Returns | |
---|---|
Type | Description |
GroupFindingsRequest.Builder |
clearFilter()
public GroupFindingsRequest.Builder clearFilter()
Expression that defines the filter to apply across findings.
The expression is a list of one or more restrictions combined via logical
operators AND
and OR
.
Parentheses are supported, and OR
has higher precedence than AND
.
Restrictions have the form <field> <operator> <value>
and may have a -
character in front of them to indicate negation. Examples include:
- name
- source_properties.a_property
security_marks.marks.marka
The supported operators are:
=
for all value types.>
,<
,>=
,<=
for integer values.:
, meaning substring matching, for strings.
The supported value types are:
- string literals in quotes.
- integer literals without quotes.
- boolean literals
true
andfalse
without quotes.
The following field and operator combinations are supported:
- name:
=
- parent:
=
,:
- resource_name:
=
,:
- state:
=
,:
- category:
=
,:
- external_uri:
=
,:
- event_time:
=
,>
,<
,>=
,<=
- severity:
=
,:
Usage: This should be milliseconds since epoch or an RFC3339 string. Examples:
event_time = "2019-06-10T16:07:18-07:00"
event_time = 1560208038000
- security_marks.marks:
=
,:
- source_properties:
=
,:
,>
,<
,>=
,<=
For example,
source_properties.size = 100
is a valid filter string.Use a partial match on the empty string to filter based on a property existing:
source_properties.my_property : ""
Use a negated partial match on the empty string to filter based on a property not existing:
-source_properties.my_property : ""
string filter = 2;
Returns | |
---|---|
Type | Description |
GroupFindingsRequest.Builder | This builder for chaining. |
clearGroupBy()
public GroupFindingsRequest.Builder clearGroupBy()
Required. Expression that defines what assets fields to use for grouping (including
state_change
). The string value should follow SQL syntax: comma separated
list of fields. For example: "parent,resource_name".
The following fields are supported:
- resource_name
- category
- state
- parent
severity
The following fields are supported when compare_duration is set:
state_change
string group_by = 3 [(.google.api.field_behavior) = REQUIRED];
Returns | |
---|---|
Type | Description |
GroupFindingsRequest.Builder | This builder for chaining. |
clearOneof(Descriptors.OneofDescriptor oneof)
public GroupFindingsRequest.Builder clearOneof(Descriptors.OneofDescriptor oneof)
Parameter | |
---|---|
Name | Description |
oneof | OneofDescriptor |
Returns | |
---|---|
Type | Description |
GroupFindingsRequest.Builder |
clearPageSize()
public GroupFindingsRequest.Builder clearPageSize()
The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.
int32 page_size = 8;
Returns | |
---|---|
Type | Description |
GroupFindingsRequest.Builder | This builder for chaining. |
clearPageToken()
public GroupFindingsRequest.Builder clearPageToken()
The value returned by the last GroupFindingsResponse
; indicates
that this is a continuation of a prior GroupFindings
call, and
that the system should return the next page of data.
string page_token = 7;
Returns | |
---|---|
Type | Description |
GroupFindingsRequest.Builder | This builder for chaining. |
clearParent()
public GroupFindingsRequest.Builder clearParent()
Required. Name of the source to groupBy. Its format is
"organizations/[organization_id]/sources/[source_id]",
folders/[folder_id]/sources/[source_id], or
projects/[project_id]/sources/[source_id]. To groupBy across all sources
provide a source_id of -
. For example:
organizations/{organization_id}/sources/-, folders/{folder_id}/sources/-,
or projects/{project_id}/sources/-
string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
Returns | |
---|---|
Type | Description |
GroupFindingsRequest.Builder | This builder for chaining. |
clearReadTime()
public GroupFindingsRequest.Builder clearReadTime()
Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.
.google.protobuf.Timestamp read_time = 4;
Returns | |
---|---|
Type | Description |
GroupFindingsRequest.Builder |
clone()
public GroupFindingsRequest.Builder clone()
Returns | |
---|---|
Type | Description |
GroupFindingsRequest.Builder |
getCompareDuration()
public Duration getCompareDuration()
When compare_duration is set, the GroupResult's "state_change" attribute is updated to indicate whether the finding had its state changed, the finding's state remained unchanged, or if the finding was added during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time.
The state_change value is derived based on the presence and state of the finding at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the finding is made inactive and then active again.
Possible "state_change" values when compare_duration is specified:
- "CHANGED": indicates that the finding was present and matched the given filter at the start of compare_duration, but changed its state at read_time.
- "UNCHANGED": indicates that the finding was present and matched the given filter at the start of compare_duration and did not change state at read_time.
- "ADDED": indicates that the finding did not match the given filter or was not present at the start of compare_duration, but was present at read_time.
"REMOVED": indicates that the finding was present and matched the filter at the start of compare_duration, but did not match the filter at read_time.
If compare_duration is not specified, then the only possible state_change is "UNUSED", which will be the state_change set for all findings present at read_time.
If this field is set then
state_change
must be a specified field ingroup_by
.
.google.protobuf.Duration compare_duration = 5;
Returns | |
---|---|
Type | Description |
Duration | The compareDuration. |
getCompareDurationBuilder()
public Duration.Builder getCompareDurationBuilder()
When compare_duration is set, the GroupResult's "state_change" attribute is updated to indicate whether the finding had its state changed, the finding's state remained unchanged, or if the finding was added during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time.
The state_change value is derived based on the presence and state of the finding at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the finding is made inactive and then active again.
Possible "state_change" values when compare_duration is specified:
- "CHANGED": indicates that the finding was present and matched the given filter at the start of compare_duration, but changed its state at read_time.
- "UNCHANGED": indicates that the finding was present and matched the given filter at the start of compare_duration and did not change state at read_time.
- "ADDED": indicates that the finding did not match the given filter or was not present at the start of compare_duration, but was present at read_time.
"REMOVED": indicates that the finding was present and matched the filter at the start of compare_duration, but did not match the filter at read_time.
If compare_duration is not specified, then the only possible state_change is "UNUSED", which will be the state_change set for all findings present at read_time.
If this field is set then
state_change
must be a specified field ingroup_by
.
.google.protobuf.Duration compare_duration = 5;
Returns | |
---|---|
Type | Description |
Builder |
getCompareDurationOrBuilder()
public DurationOrBuilder getCompareDurationOrBuilder()
When compare_duration is set, the GroupResult's "state_change" attribute is updated to indicate whether the finding had its state changed, the finding's state remained unchanged, or if the finding was added during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time.
The state_change value is derived based on the presence and state of the finding at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the finding is made inactive and then active again.
Possible "state_change" values when compare_duration is specified:
- "CHANGED": indicates that the finding was present and matched the given filter at the start of compare_duration, but changed its state at read_time.
- "UNCHANGED": indicates that the finding was present and matched the given filter at the start of compare_duration and did not change state at read_time.
- "ADDED": indicates that the finding did not match the given filter or was not present at the start of compare_duration, but was present at read_time.
"REMOVED": indicates that the finding was present and matched the filter at the start of compare_duration, but did not match the filter at read_time.
If compare_duration is not specified, then the only possible state_change is "UNUSED", which will be the state_change set for all findings present at read_time.
If this field is set then
state_change
must be a specified field ingroup_by
.
.google.protobuf.Duration compare_duration = 5;
Returns | |
---|---|
Type | Description |
DurationOrBuilder |
getDefaultInstanceForType()
public GroupFindingsRequest getDefaultInstanceForType()
Returns | |
---|---|
Type | Description |
GroupFindingsRequest |
getDescriptorForType()
public Descriptors.Descriptor getDescriptorForType()
Returns | |
---|---|
Type | Description |
Descriptor |
getFilter()
public String getFilter()
Expression that defines the filter to apply across findings.
The expression is a list of one or more restrictions combined via logical
operators AND
and OR
.
Parentheses are supported, and OR
has higher precedence than AND
.
Restrictions have the form <field> <operator> <value>
and may have a -
character in front of them to indicate negation. Examples include:
- name
- source_properties.a_property
security_marks.marks.marka
The supported operators are:
=
for all value types.>
,<
,>=
,<=
for integer values.:
, meaning substring matching, for strings.
The supported value types are:
- string literals in quotes.
- integer literals without quotes.
- boolean literals
true
andfalse
without quotes.
The following field and operator combinations are supported:
- name:
=
- parent:
=
,:
- resource_name:
=
,:
- state:
=
,:
- category:
=
,:
- external_uri:
=
,:
- event_time:
=
,>
,<
,>=
,<=
- severity:
=
,:
Usage: This should be milliseconds since epoch or an RFC3339 string. Examples:
event_time = "2019-06-10T16:07:18-07:00"
event_time = 1560208038000
- security_marks.marks:
=
,:
- source_properties:
=
,:
,>
,<
,>=
,<=
For example,
source_properties.size = 100
is a valid filter string.Use a partial match on the empty string to filter based on a property existing:
source_properties.my_property : ""
Use a negated partial match on the empty string to filter based on a property not existing:
-source_properties.my_property : ""
string filter = 2;
Returns | |
---|---|
Type | Description |
String | The filter. |
getFilterBytes()
public ByteString getFilterBytes()
Expression that defines the filter to apply across findings.
The expression is a list of one or more restrictions combined via logical
operators AND
and OR
.
Parentheses are supported, and OR
has higher precedence than AND
.
Restrictions have the form <field> <operator> <value>
and may have a -
character in front of them to indicate negation. Examples include:
- name
- source_properties.a_property
security_marks.marks.marka
The supported operators are:
=
for all value types.>
,<
,>=
,<=
for integer values.:
, meaning substring matching, for strings.
The supported value types are:
- string literals in quotes.
- integer literals without quotes.
- boolean literals
true
andfalse
without quotes.
The following field and operator combinations are supported:
- name:
=
- parent:
=
,:
- resource_name:
=
,:
- state:
=
,:
- category:
=
,:
- external_uri:
=
,:
- event_time:
=
,>
,<
,>=
,<=
- severity:
=
,:
Usage: This should be milliseconds since epoch or an RFC3339 string. Examples:
event_time = "2019-06-10T16:07:18-07:00"
event_time = 1560208038000
- security_marks.marks:
=
,:
- source_properties:
=
,:
,>
,<
,>=
,<=
For example,
source_properties.size = 100
is a valid filter string.Use a partial match on the empty string to filter based on a property existing:
source_properties.my_property : ""
Use a negated partial match on the empty string to filter based on a property not existing:
-source_properties.my_property : ""
string filter = 2;
Returns | |
---|---|
Type | Description |
ByteString | The bytes for filter. |
getGroupBy()
public String getGroupBy()
Required. Expression that defines what assets fields to use for grouping (including
state_change
). The string value should follow SQL syntax: comma separated
list of fields. For example: "parent,resource_name".
The following fields are supported:
- resource_name
- category
- state
- parent
severity
The following fields are supported when compare_duration is set:
state_change
string group_by = 3 [(.google.api.field_behavior) = REQUIRED];
Returns | |
---|---|
Type | Description |
String | The groupBy. |
getGroupByBytes()
public ByteString getGroupByBytes()
Required. Expression that defines what assets fields to use for grouping (including
state_change
). The string value should follow SQL syntax: comma separated
list of fields. For example: "parent,resource_name".
The following fields are supported:
- resource_name
- category
- state
- parent
severity
The following fields are supported when compare_duration is set:
state_change
string group_by = 3 [(.google.api.field_behavior) = REQUIRED];
Returns | |
---|---|
Type | Description |
ByteString | The bytes for groupBy. |
getPageSize()
public int getPageSize()
The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.
int32 page_size = 8;
Returns | |
---|---|
Type | Description |
int | The pageSize. |
getPageToken()
public String getPageToken()
The value returned by the last GroupFindingsResponse
; indicates
that this is a continuation of a prior GroupFindings
call, and
that the system should return the next page of data.
string page_token = 7;
Returns | |
---|---|
Type | Description |
String | The pageToken. |
getPageTokenBytes()
public ByteString getPageTokenBytes()
The value returned by the last GroupFindingsResponse
; indicates
that this is a continuation of a prior GroupFindings
call, and
that the system should return the next page of data.
string page_token = 7;
Returns | |
---|---|
Type | Description |
ByteString | The bytes for pageToken. |
getParent()
public String getParent()
Required. Name of the source to groupBy. Its format is
"organizations/[organization_id]/sources/[source_id]",
folders/[folder_id]/sources/[source_id], or
projects/[project_id]/sources/[source_id]. To groupBy across all sources
provide a source_id of -
. For example:
organizations/{organization_id}/sources/-, folders/{folder_id}/sources/-,
or projects/{project_id}/sources/-
string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
Returns | |
---|---|
Type | Description |
String | The parent. |
getParentBytes()
public ByteString getParentBytes()
Required. Name of the source to groupBy. Its format is
"organizations/[organization_id]/sources/[source_id]",
folders/[folder_id]/sources/[source_id], or
projects/[project_id]/sources/[source_id]. To groupBy across all sources
provide a source_id of -
. For example:
organizations/{organization_id}/sources/-, folders/{folder_id}/sources/-,
or projects/{project_id}/sources/-
string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
Returns | |
---|---|
Type | Description |
ByteString | The bytes for parent. |
getReadTime()
public Timestamp getReadTime()
Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.
.google.protobuf.Timestamp read_time = 4;
Returns | |
---|---|
Type | Description |
Timestamp | The readTime. |
getReadTimeBuilder()
public Timestamp.Builder getReadTimeBuilder()
Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.
.google.protobuf.Timestamp read_time = 4;
Returns | |
---|---|
Type | Description |
Builder |
getReadTimeOrBuilder()
public TimestampOrBuilder getReadTimeOrBuilder()
Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.
.google.protobuf.Timestamp read_time = 4;
Returns | |
---|---|
Type | Description |
TimestampOrBuilder |
hasCompareDuration()
public boolean hasCompareDuration()
When compare_duration is set, the GroupResult's "state_change" attribute is updated to indicate whether the finding had its state changed, the finding's state remained unchanged, or if the finding was added during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time.
The state_change value is derived based on the presence and state of the finding at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the finding is made inactive and then active again.
Possible "state_change" values when compare_duration is specified:
- "CHANGED": indicates that the finding was present and matched the given filter at the start of compare_duration, but changed its state at read_time.
- "UNCHANGED": indicates that the finding was present and matched the given filter at the start of compare_duration and did not change state at read_time.
- "ADDED": indicates that the finding did not match the given filter or was not present at the start of compare_duration, but was present at read_time.
"REMOVED": indicates that the finding was present and matched the filter at the start of compare_duration, but did not match the filter at read_time.
If compare_duration is not specified, then the only possible state_change is "UNUSED", which will be the state_change set for all findings present at read_time.
If this field is set then
state_change
must be a specified field ingroup_by
.
.google.protobuf.Duration compare_duration = 5;
Returns | |
---|---|
Type | Description |
boolean | Whether the compareDuration field is set. |
hasReadTime()
public boolean hasReadTime()
Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.
.google.protobuf.Timestamp read_time = 4;
Returns | |
---|---|
Type | Description |
boolean | Whether the readTime field is set. |
internalGetFieldAccessorTable()
protected GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
Returns | |
---|---|
Type | Description |
FieldAccessorTable |
isInitialized()
public final boolean isInitialized()
Returns | |
---|---|
Type | Description |
boolean |
mergeCompareDuration(Duration value)
public GroupFindingsRequest.Builder mergeCompareDuration(Duration value)
When compare_duration is set, the GroupResult's "state_change" attribute is updated to indicate whether the finding had its state changed, the finding's state remained unchanged, or if the finding was added during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time.
The state_change value is derived based on the presence and state of the finding at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the finding is made inactive and then active again.
Possible "state_change" values when compare_duration is specified:
- "CHANGED": indicates that the finding was present and matched the given filter at the start of compare_duration, but changed its state at read_time.
- "UNCHANGED": indicates that the finding was present and matched the given filter at the start of compare_duration and did not change state at read_time.
- "ADDED": indicates that the finding did not match the given filter or was not present at the start of compare_duration, but was present at read_time.
"REMOVED": indicates that the finding was present and matched the filter at the start of compare_duration, but did not match the filter at read_time.
If compare_duration is not specified, then the only possible state_change is "UNUSED", which will be the state_change set for all findings present at read_time.
If this field is set then
state_change
must be a specified field ingroup_by
.
.google.protobuf.Duration compare_duration = 5;
Parameter | |
---|---|
Name | Description |
value | Duration |
Returns | |
---|---|
Type | Description |
GroupFindingsRequest.Builder |
mergeFrom(GroupFindingsRequest other)
public GroupFindingsRequest.Builder mergeFrom(GroupFindingsRequest other)
Parameter | |
---|---|
Name | Description |
other | GroupFindingsRequest |
Returns | |
---|---|
Type | Description |
GroupFindingsRequest.Builder |
mergeFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)
public GroupFindingsRequest.Builder mergeFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)
Parameters | |
---|---|
Name | Description |
input | CodedInputStream |
extensionRegistry | ExtensionRegistryLite |
Returns | |
---|---|
Type | Description |
GroupFindingsRequest.Builder |
Exceptions | |
---|---|
Type | Description |
IOException |
mergeFrom(Message other)
public GroupFindingsRequest.Builder mergeFrom(Message other)
Parameter | |
---|---|
Name | Description |
other | Message |
Returns | |
---|---|
Type | Description |
GroupFindingsRequest.Builder |
mergeReadTime(Timestamp value)
public GroupFindingsRequest.Builder mergeReadTime(Timestamp value)
Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.
.google.protobuf.Timestamp read_time = 4;
Parameter | |
---|---|
Name | Description |
value | Timestamp |
Returns | |
---|---|
Type | Description |
GroupFindingsRequest.Builder |
mergeUnknownFields(UnknownFieldSet unknownFields)
public final GroupFindingsRequest.Builder mergeUnknownFields(UnknownFieldSet unknownFields)
Parameter | |
---|---|
Name | Description |
unknownFields | UnknownFieldSet |
Returns | |
---|---|
Type | Description |
GroupFindingsRequest.Builder |
setCompareDuration(Duration value)
public GroupFindingsRequest.Builder setCompareDuration(Duration value)
When compare_duration is set, the GroupResult's "state_change" attribute is updated to indicate whether the finding had its state changed, the finding's state remained unchanged, or if the finding was added during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time.
The state_change value is derived based on the presence and state of the finding at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the finding is made inactive and then active again.
Possible "state_change" values when compare_duration is specified:
- "CHANGED": indicates that the finding was present and matched the given filter at the start of compare_duration, but changed its state at read_time.
- "UNCHANGED": indicates that the finding was present and matched the given filter at the start of compare_duration and did not change state at read_time.
- "ADDED": indicates that the finding did not match the given filter or was not present at the start of compare_duration, but was present at read_time.
"REMOVED": indicates that the finding was present and matched the filter at the start of compare_duration, but did not match the filter at read_time.
If compare_duration is not specified, then the only possible state_change is "UNUSED", which will be the state_change set for all findings present at read_time.
If this field is set then
state_change
must be a specified field ingroup_by
.
.google.protobuf.Duration compare_duration = 5;
Parameter | |
---|---|
Name | Description |
value | Duration |
Returns | |
---|---|
Type | Description |
GroupFindingsRequest.Builder |
setCompareDuration(Duration.Builder builderForValue)
public GroupFindingsRequest.Builder setCompareDuration(Duration.Builder builderForValue)
When compare_duration is set, the GroupResult's "state_change" attribute is updated to indicate whether the finding had its state changed, the finding's state remained unchanged, or if the finding was added during the compare_duration period of time that precedes the read_time. This is the time between (read_time - compare_duration) and read_time.
The state_change value is derived based on the presence and state of the finding at the two points in time. Intermediate state changes between the two times don't affect the result. For example, the results aren't affected if the finding is made inactive and then active again.
Possible "state_change" values when compare_duration is specified:
- "CHANGED": indicates that the finding was present and matched the given filter at the start of compare_duration, but changed its state at read_time.
- "UNCHANGED": indicates that the finding was present and matched the given filter at the start of compare_duration and did not change state at read_time.
- "ADDED": indicates that the finding did not match the given filter or was not present at the start of compare_duration, but was present at read_time.
"REMOVED": indicates that the finding was present and matched the filter at the start of compare_duration, but did not match the filter at read_time.
If compare_duration is not specified, then the only possible state_change is "UNUSED", which will be the state_change set for all findings present at read_time.
If this field is set then
state_change
must be a specified field ingroup_by
.
.google.protobuf.Duration compare_duration = 5;
Parameter | |
---|---|
Name | Description |
builderForValue | Builder |
Returns | |
---|---|
Type | Description |
GroupFindingsRequest.Builder |
setField(Descriptors.FieldDescriptor field, Object value)
public GroupFindingsRequest.Builder setField(Descriptors.FieldDescriptor field, Object value)
Parameters | |
---|---|
Name | Description |
field | FieldDescriptor |
value | Object |
Returns | |
---|---|
Type | Description |
GroupFindingsRequest.Builder |
setFilter(String value)
public GroupFindingsRequest.Builder setFilter(String value)
Expression that defines the filter to apply across findings.
The expression is a list of one or more restrictions combined via logical
operators AND
and OR
.
Parentheses are supported, and OR
has higher precedence than AND
.
Restrictions have the form <field> <operator> <value>
and may have a -
character in front of them to indicate negation. Examples include:
- name
- source_properties.a_property
security_marks.marks.marka
The supported operators are:
=
for all value types.>
,<
,>=
,<=
for integer values.:
, meaning substring matching, for strings.
The supported value types are:
- string literals in quotes.
- integer literals without quotes.
- boolean literals
true
andfalse
without quotes.
The following field and operator combinations are supported:
- name:
=
- parent:
=
,:
- resource_name:
=
,:
- state:
=
,:
- category:
=
,:
- external_uri:
=
,:
- event_time:
=
,>
,<
,>=
,<=
- severity:
=
,:
Usage: This should be milliseconds since epoch or an RFC3339 string. Examples:
event_time = "2019-06-10T16:07:18-07:00"
event_time = 1560208038000
- security_marks.marks:
=
,:
- source_properties:
=
,:
,>
,<
,>=
,<=
For example,
source_properties.size = 100
is a valid filter string.Use a partial match on the empty string to filter based on a property existing:
source_properties.my_property : ""
Use a negated partial match on the empty string to filter based on a property not existing:
-source_properties.my_property : ""
string filter = 2;
Parameter | |
---|---|
Name | Description |
value | String The filter to set. |
Returns | |
---|---|
Type | Description |
GroupFindingsRequest.Builder | This builder for chaining. |
setFilterBytes(ByteString value)
public GroupFindingsRequest.Builder setFilterBytes(ByteString value)
Expression that defines the filter to apply across findings.
The expression is a list of one or more restrictions combined via logical
operators AND
and OR
.
Parentheses are supported, and OR
has higher precedence than AND
.
Restrictions have the form <field> <operator> <value>
and may have a -
character in front of them to indicate negation. Examples include:
- name
- source_properties.a_property
security_marks.marks.marka
The supported operators are:
=
for all value types.>
,<
,>=
,<=
for integer values.:
, meaning substring matching, for strings.
The supported value types are:
- string literals in quotes.
- integer literals without quotes.
- boolean literals
true
andfalse
without quotes.
The following field and operator combinations are supported:
- name:
=
- parent:
=
,:
- resource_name:
=
,:
- state:
=
,:
- category:
=
,:
- external_uri:
=
,:
- event_time:
=
,>
,<
,>=
,<=
- severity:
=
,:
Usage: This should be milliseconds since epoch or an RFC3339 string. Examples:
event_time = "2019-06-10T16:07:18-07:00"
event_time = 1560208038000
- security_marks.marks:
=
,:
- source_properties:
=
,:
,>
,<
,>=
,<=
For example,
source_properties.size = 100
is a valid filter string.Use a partial match on the empty string to filter based on a property existing:
source_properties.my_property : ""
Use a negated partial match on the empty string to filter based on a property not existing:
-source_properties.my_property : ""
string filter = 2;
Parameter | |
---|---|
Name | Description |
value | ByteString The bytes for filter to set. |
Returns | |
---|---|
Type | Description |
GroupFindingsRequest.Builder | This builder for chaining. |
setGroupBy(String value)
public GroupFindingsRequest.Builder setGroupBy(String value)
Required. Expression that defines what assets fields to use for grouping (including
state_change
). The string value should follow SQL syntax: comma separated
list of fields. For example: "parent,resource_name".
The following fields are supported:
- resource_name
- category
- state
- parent
severity
The following fields are supported when compare_duration is set:
state_change
string group_by = 3 [(.google.api.field_behavior) = REQUIRED];
Parameter | |
---|---|
Name | Description |
value | String The groupBy to set. |
Returns | |
---|---|
Type | Description |
GroupFindingsRequest.Builder | This builder for chaining. |
setGroupByBytes(ByteString value)
public GroupFindingsRequest.Builder setGroupByBytes(ByteString value)
Required. Expression that defines what assets fields to use for grouping (including
state_change
). The string value should follow SQL syntax: comma separated
list of fields. For example: "parent,resource_name".
The following fields are supported:
- resource_name
- category
- state
- parent
severity
The following fields are supported when compare_duration is set:
state_change
string group_by = 3 [(.google.api.field_behavior) = REQUIRED];
Parameter | |
---|---|
Name | Description |
value | ByteString The bytes for groupBy to set. |
Returns | |
---|---|
Type | Description |
GroupFindingsRequest.Builder | This builder for chaining. |
setPageSize(int value)
public GroupFindingsRequest.Builder setPageSize(int value)
The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.
int32 page_size = 8;
Parameter | |
---|---|
Name | Description |
value | int The pageSize to set. |
Returns | |
---|---|
Type | Description |
GroupFindingsRequest.Builder | This builder for chaining. |
setPageToken(String value)
public GroupFindingsRequest.Builder setPageToken(String value)
The value returned by the last GroupFindingsResponse
; indicates
that this is a continuation of a prior GroupFindings
call, and
that the system should return the next page of data.
string page_token = 7;
Parameter | |
---|---|
Name | Description |
value | String The pageToken to set. |
Returns | |
---|---|
Type | Description |
GroupFindingsRequest.Builder | This builder for chaining. |
setPageTokenBytes(ByteString value)
public GroupFindingsRequest.Builder setPageTokenBytes(ByteString value)
The value returned by the last GroupFindingsResponse
; indicates
that this is a continuation of a prior GroupFindings
call, and
that the system should return the next page of data.
string page_token = 7;
Parameter | |
---|---|
Name | Description |
value | ByteString The bytes for pageToken to set. |
Returns | |
---|---|
Type | Description |
GroupFindingsRequest.Builder | This builder for chaining. |
setParent(String value)
public GroupFindingsRequest.Builder setParent(String value)
Required. Name of the source to groupBy. Its format is
"organizations/[organization_id]/sources/[source_id]",
folders/[folder_id]/sources/[source_id], or
projects/[project_id]/sources/[source_id]. To groupBy across all sources
provide a source_id of -
. For example:
organizations/{organization_id}/sources/-, folders/{folder_id}/sources/-,
or projects/{project_id}/sources/-
string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
Parameter | |
---|---|
Name | Description |
value | String The parent to set. |
Returns | |
---|---|
Type | Description |
GroupFindingsRequest.Builder | This builder for chaining. |
setParentBytes(ByteString value)
public GroupFindingsRequest.Builder setParentBytes(ByteString value)
Required. Name of the source to groupBy. Its format is
"organizations/[organization_id]/sources/[source_id]",
folders/[folder_id]/sources/[source_id], or
projects/[project_id]/sources/[source_id]. To groupBy across all sources
provide a source_id of -
. For example:
organizations/{organization_id}/sources/-, folders/{folder_id}/sources/-,
or projects/{project_id}/sources/-
string parent = 1 [(.google.api.field_behavior) = REQUIRED, (.google.api.resource_reference) = { ... }
Parameter | |
---|---|
Name | Description |
value | ByteString The bytes for parent to set. |
Returns | |
---|---|
Type | Description |
GroupFindingsRequest.Builder | This builder for chaining. |
setReadTime(Timestamp value)
public GroupFindingsRequest.Builder setReadTime(Timestamp value)
Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.
.google.protobuf.Timestamp read_time = 4;
Parameter | |
---|---|
Name | Description |
value | Timestamp |
Returns | |
---|---|
Type | Description |
GroupFindingsRequest.Builder |
setReadTime(Timestamp.Builder builderForValue)
public GroupFindingsRequest.Builder setReadTime(Timestamp.Builder builderForValue)
Time used as a reference point when filtering findings. The filter is limited to findings existing at the supplied time and their values are those at that specific time. Absence of this field will default to the API's version of NOW.
.google.protobuf.Timestamp read_time = 4;
Parameter | |
---|---|
Name | Description |
builderForValue | Builder |
Returns | |
---|---|
Type | Description |
GroupFindingsRequest.Builder |
setRepeatedField(Descriptors.FieldDescriptor field, int index, Object value)
public GroupFindingsRequest.Builder setRepeatedField(Descriptors.FieldDescriptor field, int index, Object value)
Parameters | |
---|---|
Name | Description |
field | FieldDescriptor |
index | int |
value | Object |
Returns | |
---|---|
Type | Description |
GroupFindingsRequest.Builder |
setUnknownFields(UnknownFieldSet unknownFields)
public final GroupFindingsRequest.Builder setUnknownFields(UnknownFieldSet unknownFields)
Parameter | |
---|---|
Name | Description |
unknownFields | UnknownFieldSet |
Returns | |
---|---|
Type | Description |
GroupFindingsRequest.Builder |