Cloud Security Command Center V1 API - Class Google::Cloud::SecurityCenter::V1::Finding (v0.29.0)

Reference documentation and code samples for the Cloud Security Command Center V1 API class Google::Cloud::SecurityCenter::V1::Finding.

Security Command Center finding.

A finding is a record of assessment data like security, risk, health, or privacy, that is ingested into Security Command Center for presentation, notification, analysis, policy testing, and enforcement. For example, a cross-site scripting (XSS) vulnerability in an App Engine application is a finding.

Inherits

  • Object

Extended By

  • Google::Protobuf::MessageExts::ClassMethods

Includes

  • Google::Protobuf::MessageExts

Methods

#access

def access() -> ::Google::Cloud::SecurityCenter::V1::Access
Returns

#access=

def access=(value) -> ::Google::Cloud::SecurityCenter::V1::Access
Parameter
Returns

#canonical_name

def canonical_name() -> ::String
Returns
  • (::String) — The canonical name of the finding. It's either "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", "folders/{folder_id}/sources/{source_id}/findings/{finding_id}" or "projects/{project_number}/sources/{source_id}/findings/{finding_id}", depending on the closest CRM ancestor of the resource associated with the finding.

#canonical_name=

def canonical_name=(value) -> ::String
Parameter
  • value (::String) — The canonical name of the finding. It's either "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", "folders/{folder_id}/sources/{source_id}/findings/{finding_id}" or "projects/{project_number}/sources/{source_id}/findings/{finding_id}", depending on the closest CRM ancestor of the resource associated with the finding.
Returns
  • (::String) — The canonical name of the finding. It's either "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", "folders/{folder_id}/sources/{source_id}/findings/{finding_id}" or "projects/{project_number}/sources/{source_id}/findings/{finding_id}", depending on the closest CRM ancestor of the resource associated with the finding.

#category

def category() -> ::String
Returns
  • (::String) — The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: "XSS_FLASH_INJECTION"

#category=

def category=(value) -> ::String
Parameter
  • value (::String) — The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: "XSS_FLASH_INJECTION"
Returns
  • (::String) — The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: "XSS_FLASH_INJECTION"

#cloud_dlp_data_profile

def cloud_dlp_data_profile() -> ::Google::Cloud::SecurityCenter::V1::CloudDlpDataProfile
Returns

#cloud_dlp_data_profile=

def cloud_dlp_data_profile=(value) -> ::Google::Cloud::SecurityCenter::V1::CloudDlpDataProfile
Parameter
Returns

#cloud_dlp_inspection

def cloud_dlp_inspection() -> ::Google::Cloud::SecurityCenter::V1::CloudDlpInspection
Returns

#cloud_dlp_inspection=

def cloud_dlp_inspection=(value) -> ::Google::Cloud::SecurityCenter::V1::CloudDlpInspection
Parameter
Returns

#compliances

def compliances() -> ::Array<::Google::Cloud::SecurityCenter::V1::Compliance>
Returns

#compliances=

def compliances=(value) -> ::Array<::Google::Cloud::SecurityCenter::V1::Compliance>
Parameter
Returns

#connections

def connections() -> ::Array<::Google::Cloud::SecurityCenter::V1::Connection>
Returns

#connections=

def connections=(value) -> ::Array<::Google::Cloud::SecurityCenter::V1::Connection>
Parameter
Returns

#contacts

def contacts() -> ::Google::Protobuf::Map{::String => ::Google::Cloud::SecurityCenter::V1::ContactDetails}
Returns
  • (::Google::Protobuf::Map{::String => ::Google::Cloud::SecurityCenter::V1::ContactDetails}) —

    Output only. Map containing the points of contact for the given finding. The key represents the type of contact, while the value contains a list of all the contacts that pertain. Please refer to: https://cloud.google.com/resource-manager/docs/managing-notification-contacts#notification-categories

    {
      "security": {
        "contacts": [
          {
            "email": "person1@company.com"
          },
          {
            "email": "person2@company.com"
          }
        ]
      }
    }
    

#containers

def containers() -> ::Array<::Google::Cloud::SecurityCenter::V1::Container>
Returns

#containers=

def containers=(value) -> ::Array<::Google::Cloud::SecurityCenter::V1::Container>
Parameter
Returns

#create_time

def create_time() -> ::Google::Protobuf::Timestamp
Returns

#create_time=

def create_time=(value) -> ::Google::Protobuf::Timestamp
Parameter
Returns

#database

def database() -> ::Google::Cloud::SecurityCenter::V1::Database
Returns

#database=

def database=(value) -> ::Google::Cloud::SecurityCenter::V1::Database
Parameter
Returns

#description

def description() -> ::String
Returns
  • (::String) — Contains more details about the finding.

#description=

def description=(value) -> ::String
Parameter
  • value (::String) — Contains more details about the finding.
Returns
  • (::String) — Contains more details about the finding.

#event_time

def event_time() -> ::Google::Protobuf::Timestamp
Returns
  • (::Google::Protobuf::Timestamp) — The time the finding was first detected. If an existing finding is updated, then this is the time the update occurred. For example, if the finding represents an open firewall, this property captures the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding is later resolved, then this time reflects when the finding was resolved. This must not be set to a value greater than the current timestamp.

#event_time=

def event_time=(value) -> ::Google::Protobuf::Timestamp
Parameter
  • value (::Google::Protobuf::Timestamp) — The time the finding was first detected. If an existing finding is updated, then this is the time the update occurred. For example, if the finding represents an open firewall, this property captures the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding is later resolved, then this time reflects when the finding was resolved. This must not be set to a value greater than the current timestamp.
Returns
  • (::Google::Protobuf::Timestamp) — The time the finding was first detected. If an existing finding is updated, then this is the time the update occurred. For example, if the finding represents an open firewall, this property captures the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding is later resolved, then this time reflects when the finding was resolved. This must not be set to a value greater than the current timestamp.

#exfiltration

def exfiltration() -> ::Google::Cloud::SecurityCenter::V1::Exfiltration
Returns

#exfiltration=

def exfiltration=(value) -> ::Google::Cloud::SecurityCenter::V1::Exfiltration
Parameter
Returns

#external_systems

def external_systems() -> ::Google::Protobuf::Map{::String => ::Google::Cloud::SecurityCenter::V1::ExternalSystem}
Returns
  • (::Google::Protobuf::Map{::String => ::Google::Cloud::SecurityCenter::V1::ExternalSystem}) — Output only. Third party SIEM/SOAR fields within SCC, contains external system information and external system finding fields.

#external_uri

def external_uri() -> ::String
Returns
  • (::String) — The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.

#external_uri=

def external_uri=(value) -> ::String
Parameter
  • value (::String) — The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.
Returns
  • (::String) — The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.

#files

def files() -> ::Array<::Google::Cloud::SecurityCenter::V1::File>
Returns

#files=

def files=(value) -> ::Array<::Google::Cloud::SecurityCenter::V1::File>
Parameter
Returns

#finding_class

def finding_class() -> ::Google::Cloud::SecurityCenter::V1::Finding::FindingClass
Returns

#finding_class=

def finding_class=(value) -> ::Google::Cloud::SecurityCenter::V1::Finding::FindingClass
Parameter
Returns

#iam_bindings

def iam_bindings() -> ::Array<::Google::Cloud::SecurityCenter::V1::IamBinding>
Returns

#iam_bindings=

def iam_bindings=(value) -> ::Array<::Google::Cloud::SecurityCenter::V1::IamBinding>
Parameter
Returns

#indicator

def indicator() -> ::Google::Cloud::SecurityCenter::V1::Indicator
Returns

#indicator=

def indicator=(value) -> ::Google::Cloud::SecurityCenter::V1::Indicator
Parameter
Returns

#kernel_rootkit

def kernel_rootkit() -> ::Google::Cloud::SecurityCenter::V1::KernelRootkit
Returns

#kernel_rootkit=

def kernel_rootkit=(value) -> ::Google::Cloud::SecurityCenter::V1::KernelRootkit
Parameter
Returns

#kubernetes

def kubernetes() -> ::Google::Cloud::SecurityCenter::V1::Kubernetes
Returns

#kubernetes=

def kubernetes=(value) -> ::Google::Cloud::SecurityCenter::V1::Kubernetes
Parameter
Returns

#mitre_attack

def mitre_attack() -> ::Google::Cloud::SecurityCenter::V1::MitreAttack
Returns

#mitre_attack=

def mitre_attack=(value) -> ::Google::Cloud::SecurityCenter::V1::MitreAttack
Parameter
Returns

#module_name

def module_name() -> ::String
Returns
  • (::String) — Unique identifier of the module which generated the finding. Example: folders/598186756061/securityHealthAnalyticsSettings/customModules/56799441161885

#module_name=

def module_name=(value) -> ::String
Parameter
  • value (::String) — Unique identifier of the module which generated the finding. Example: folders/598186756061/securityHealthAnalyticsSettings/customModules/56799441161885
Returns
  • (::String) — Unique identifier of the module which generated the finding. Example: folders/598186756061/securityHealthAnalyticsSettings/customModules/56799441161885

#mute

def mute() -> ::Google::Cloud::SecurityCenter::V1::Finding::Mute
Returns

#mute=

def mute=(value) -> ::Google::Cloud::SecurityCenter::V1::Finding::Mute
Parameter
Returns

#mute_initiator

def mute_initiator() -> ::String
Returns
  • (::String) — Records additional information about the mute operation, for example, the mute configuration that muted the finding and the user who muted the finding.

#mute_initiator=

def mute_initiator=(value) -> ::String
Parameter
  • value (::String) — Records additional information about the mute operation, for example, the mute configuration that muted the finding and the user who muted the finding.
Returns
  • (::String) — Records additional information about the mute operation, for example, the mute configuration that muted the finding and the user who muted the finding.

#mute_update_time

def mute_update_time() -> ::Google::Protobuf::Timestamp
Returns

#name

def name() -> ::String
Returns
  • (::String) — The relative resource name of the finding. Example: "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", "folders/{folder_id}/sources/{source_id}/findings/{finding_id}", "projects/{project_id}/sources/{source_id}/findings/{finding_id}".

#name=

def name=(value) -> ::String
Parameter
  • value (::String) — The relative resource name of the finding. Example: "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", "folders/{folder_id}/sources/{source_id}/findings/{finding_id}", "projects/{project_id}/sources/{source_id}/findings/{finding_id}".
Returns
  • (::String) — The relative resource name of the finding. Example: "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", "folders/{folder_id}/sources/{source_id}/findings/{finding_id}", "projects/{project_id}/sources/{source_id}/findings/{finding_id}".

#next_steps

def next_steps() -> ::String
Returns
  • (::String) — Steps to address the finding.

#next_steps=

def next_steps=(value) -> ::String
Parameter
  • value (::String) — Steps to address the finding.
Returns
  • (::String) — Steps to address the finding.

#parent

def parent() -> ::String
Returns
  • (::String) — The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: "organizations/{organization_id}/sources/{source_id}"

#parent=

def parent=(value) -> ::String
Parameter
  • value (::String) — The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: "organizations/{organization_id}/sources/{source_id}"
Returns
  • (::String) — The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: "organizations/{organization_id}/sources/{source_id}"

#parent_display_name

def parent_display_name() -> ::String
Returns
  • (::String) — Output only. The human readable display name of the finding source such as "Event Threat Detection" or "Security Health Analytics".

#processes

def processes() -> ::Array<::Google::Cloud::SecurityCenter::V1::Process>
Returns

#processes=

def processes=(value) -> ::Array<::Google::Cloud::SecurityCenter::V1::Process>
Parameter
Returns

#resource_name

def resource_name() -> ::String
Returns
  • (::String) — For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.

#resource_name=

def resource_name=(value) -> ::String
Parameter
  • value (::String) — For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.
Returns
  • (::String) — For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.

#security_marks

def security_marks() -> ::Google::Cloud::SecurityCenter::V1::SecurityMarks
Returns

#severity

def severity() -> ::Google::Cloud::SecurityCenter::V1::Finding::Severity
Returns

#severity=

def severity=(value) -> ::Google::Cloud::SecurityCenter::V1::Finding::Severity
Parameter
Returns

#source_properties

def source_properties() -> ::Google::Protobuf::Map{::String => ::Google::Protobuf::Value}
Returns
  • (::Google::Protobuf::Map{::String => ::Google::Protobuf::Value}) — Source specific properties. These properties are managed by the source that writes the finding. The key names in the source_properties map must be between 1 and 255 characters, and must start with a letter and contain alphanumeric characters or underscores only.

#source_properties=

def source_properties=(value) -> ::Google::Protobuf::Map{::String => ::Google::Protobuf::Value}
Parameter
  • value (::Google::Protobuf::Map{::String => ::Google::Protobuf::Value}) — Source specific properties. These properties are managed by the source that writes the finding. The key names in the source_properties map must be between 1 and 255 characters, and must start with a letter and contain alphanumeric characters or underscores only.
Returns
  • (::Google::Protobuf::Map{::String => ::Google::Protobuf::Value}) — Source specific properties. These properties are managed by the source that writes the finding. The key names in the source_properties map must be between 1 and 255 characters, and must start with a letter and contain alphanumeric characters or underscores only.

#state

def state() -> ::Google::Cloud::SecurityCenter::V1::Finding::State
Returns

#state=

def state=(value) -> ::Google::Cloud::SecurityCenter::V1::Finding::State
Parameter
Returns

#vulnerability

def vulnerability() -> ::Google::Cloud::SecurityCenter::V1::Vulnerability
Returns

#vulnerability=

def vulnerability=(value) -> ::Google::Cloud::SecurityCenter::V1::Vulnerability
Parameter
Returns