소스 속성으로 발견 항목 만들기
컬렉션을 사용해 정리하기
내 환경설정을 기준으로 콘텐츠를 저장하고 분류하세요.
sourceProperties를 통해 추가 메타데이터가 포함된 새로운 보안 발견 항목을 만드는 방법을 설명합니다.
코드 샘플
Go
Security Command Center에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다.
자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
Java
Security Command Center에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다.
자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
Node.js
Security Command Center에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다.
자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
Python
Security Command Center에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다.
자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
달리 명시되지 않는 한 이 페이지의 콘텐츠에는 Creative Commons Attribution 4.0 라이선스에 따라 라이선스가 부여되며, 코드 샘플에는 Apache 2.0 라이선스에 따라 라이선스가 부여됩니다. 자세한 내용은 Google Developers 사이트 정책을 참조하세요. 자바는 Oracle 및/또는 Oracle 계열사의 등록 상표입니다.
[[["이해하기 쉬움","easyToUnderstand","thumb-up"],["문제가 해결됨","solvedMyProblem","thumb-up"],["기타","otherUp","thumb-up"]],[["이해하기 어려움","hardToUnderstand","thumb-down"],["잘못된 정보 또는 샘플 코드","incorrectInformationOrSampleCode","thumb-down"],["필요한 정보/샘플이 없음","missingTheInformationSamplesINeed","thumb-down"],["번역 문제","translationIssue","thumb-down"],["기타","otherDown","thumb-down"]],[],[],[],null,["Demonstrates how to create a new security finding that includes additional metadata via sourceProperties\n\nCode sample \n\nGo\n\n\nTo authenticate to Security Command Center, set up Application Default Credentials.\nFor more information, see\n\n[Set up authentication for a local development environment](/docs/authentication/set-up-adc-local-dev-environment).\n\n import (\n \t\"context\"\n \t\"fmt\"\n \t\"io\"\n \t\"time\"\n\n \tsecuritycenter \"cloud.google.com/go/securitycenter/apiv1\"\n \t\"cloud.google.com/go/securitycenter/apiv1/securitycenterpb\"\n \t\"github.com/golang/protobuf/ptypes\"\n \tstructpb \"github.com/golang/protobuf/ptypes/struct\"\n )\n\n // createFindingWithProperties demonstrates how to create a new security\n // finding in CSCC that includes additional metadata via sourceProperties.\n // sourceName is the full resource name of the source the finding should be\n // associated with.\n func createFindingWithProperties(w io.Writer, sourceName string) error {\n \t// sourceName := \"organizations/111122222444/sources/1234\"\n \t// Instantiate a context and a security service client to make API calls.\n \tctx := context.Background()\n \tclient, err := securitycenter.https://cloud.google.com/go/docs/reference/cloud.google.com/go/securitycenter/latest/apiv1.html#cloud_google_com_go_securitycenter_apiv1_Client_NewClient(ctx)\n \tif err != nil {\n \t\treturn fmt.Errorf(\"securitycenter.NewClient: %w\", err)\n \t}\n \tdefer client.https://cloud.google.com/go/docs/reference/cloud.google.com/go/securitycenter/latest/apiv1.html#cloud_google_com_go_securitycenter_apiv1_Client_Close() // Closing the client safely cleans up background resources.\n \t// Use now as the eventTime for the security finding.\n \teventTime, err := ptypes.TimestampProto(time.Now())\n \tif err != nil {\n \t\treturn fmt.Errorf(\"TimestampProto: %w\", err)\n \t}\n\n \treq := &securitycenterpb.CreateFindingRequest{\n \t\tParent: sourceName,\n \t\tFindingId: \"samplefindingprops\",\n \t\tFinding: &securitycenterpb.Finding{\n \t\t\tState: securitycenterpb.https://cloud.google.com/go/docs/reference/cloud.google.com/go/securitycenter/latest/apiv1/securitycenterpb.html#cloud_google_com_go_securitycenter_apiv1_securitycenterpb_Finding_STATE_UNSPECIFIED_Finding_ACTIVE_Finding_INACTIVE,\n \t\t\t// Resource the finding is associated with. This is an\n \t\t\t// example any resource identifier can be used.\n \t\t\tResourceName: \"//cloudresourcemanager.googleapis.com/organizations/11232\",\n \t\t\t// A free-form category.Error converting now\n \t\t\tCategory: \"MEDIUM_RISK_ONE\",\n \t\t\t// The time associated with discovering the issue.\n \t\t\tEventTime: eventTime,\n \t\t\t// Define key-value pair metadata to include with the finding.\n \t\t\tSourceProperties: map[string]*structpb.Value{\n \t\t\t\t\"s_value\": {\n \t\t\t\t\tKind: &structpb.Value_StringValue{StringValue: \"string_example\"},\n \t\t\t\t},\n \t\t\t\t\"n_value\": {\n \t\t\t\t\tKind: &structpb.Value_NumberValue{NumberValue: 1234},\n \t\t\t\t},\n \t\t\t},\n \t\t},\n \t}\n\n \tfinding, err := client.CreateFinding(ctx, req)\n \tif err != nil {\n \t\treturn fmt.Errorf(\"CreateFinding: %w\", err)\n \t}\n \tfmt.Fprintf(w, \"New finding created: %s\\n\", finding.Name)\n \tfmt.Fprintf(w, \"Event time (Epoch Seconds): %d\\n\", eventTime.Seconds)\n \tfmt.Fprintf(w, \"Source Properties:\\n\")\n \tfor k, v := range finding.SourceProperties {\n \t\tfmt.Fprintf(w, \"%s = %v\\n\", k, v)\n \t}\n\n \treturn nil\n }\n\nJava\n\n\nTo authenticate to Security Command Center, set up Application Default Credentials.\nFor more information, see\n\n[Set up authentication for a local development environment](/docs/authentication/set-up-adc-local-dev-environment).\n\n static Finding createFindingWithSourceProperties(SourceName sourceName) {\n try (SecurityCenterClient client = SecurityCenterClient.create()) {\n // SourceName sourceName = SourceName.of(/*organization=*/\"123234324\",/*source=*/\n // \"423432321\");\n\n // Use the current time as the finding \"event time\".\n Instant eventTime = Instant.now();\n\n // Controlled by caller.\n String findingId = \"samplefindingid2\";\n\n // The resource this finding applies to. The CSCC UI can link\n // the findings for a resource to the corresponding Asset of a resource\n // if there are matches.\n String resourceName = \"//cloudresourcemanager.googleapis.com/organizations/11232\";\n\n // Define source properties values as protobuf \"Value\" objects.\n Value stringValue = Value.newBuilder().setStringValue(\"stringExample\").build();\n Value numValue = Value.newBuilder().setNumberValue(1234).build();\n ImmutableMap\u003cString, Value\u003e sourceProperties =\n ImmutableMap.of(\"stringKey\", stringValue, \"numKey\", numValue);\n\n // Start setting up a request to create a finding in a source.\n Finding finding =\n Finding.newBuilder()\n .setParent(sourceName.toString())\n .setState(State.ACTIVE)\n .setResourceName(resourceName)\n .setEventTime(\n Timestamp.newBuilder()\n .setSeconds(eventTime.getEpochSecond())\n .setNanos(eventTime.getNano()))\n .putAllSourceProperties(sourceProperties)\n .build();\n\n // Call the API.\n Finding response = client.createFinding(sourceName, findingId, finding);\n\n System.out.println(\"Created Finding with Source Properties: \" + response);\n return response;\n } catch (IOException e) {\n throw new RuntimeException(\"Couldn't create client.\", e);\n }\n }\n\nNode.js\n\n\nTo authenticate to Security Command Center, set up Application Default Credentials.\nFor more information, see\n\n[Set up authentication for a local development environment](/docs/authentication/set-up-adc-local-dev-environment).\n\n // Imports the Google Cloud client library.\n const {SecurityCenterClient} = require('https://cloud.google.com/nodejs/docs/reference/security-center/latest/overview.html');\n\n // Creates a new client.\n const client = new https://cloud.google.com/nodejs/docs/reference/security-center/latest/overview.html();\n // sourceName is the full resource name of the source the finding should\n // be associated with.\n /*\n * TODO(developer): Uncomment the following lines\n */\n // const sourceName = \"organizations/111122222444/sources/1234\";\n\n // Use now as the eventTime for the security finding.\n const eventTime = new Date();\n async function createFinding() {\n const [newFinding] = await client.createFinding({\n parent: sourceName,\n findingId: 'findingwithprops',\n finding: {\n state: 'ACTIVE',\n // Resource the finding is associated with. This is an\n // example any resource identifier can be used.\n resourceName:\n '//cloudresourcemanager.googleapis.com/organizations/11232',\n // A free-form category.\n category: 'MEDIUM_RISK_ONE',\n // The time associated with discovering the issue.\n eventTime: {\n seconds: Math.floor(eventTime.getTime() / 1000),\n nanos: (eventTime.getTime() % 1000) * 1e6,\n },\n sourceProperties: {\n s_value: {stringValue: 'string_example'},\n n_value: {numberValue: 1234},\n },\n },\n });\n console.log('New finding created: %j', newFinding);\n }\n createFinding();\n\nPython\n\n\nTo authenticate to Security Command Center, set up Application Default Credentials.\nFor more information, see\n\n[Set up authentication for a local development environment](/docs/authentication/set-up-adc-local-dev-environment).\n\n from datetime import datetime, timezone\n\n from google.cloud import securitycenter_v1\n from google.cloud.securitycenter_v1 import Finding\n from google.protobuf.struct_pb2 import Value\n\n # Create a new client.\n client = securitycenter_v1.SecurityCenterClient()\n\n # 'source_name' is the resource path for a source that has been\n # created previously (you can use list_sources to find a specific one).\n # Its format is:\n # source_name = \"organizations/{organization_id}/sources/{source_id}\"\n # e.g.:\n # source_name = \"organizations/111122222444/sources/1234\"\n\n # Controlled by caller.\n finding_id = \"samplefindingid2\"\n\n # The resource this finding applies to. The CSCC UI can link\n # the findings for a resource to the corresponding Asset of a resource\n # if there are matches.\n resource_name = \"//cloudresourcemanager.googleapis.com/organizations/11232\"\n\n # Define source properties values as protobuf \"Value\" objects.\n str_value = Value()\n str_value.string_value = \"string_example\"\n num_value = Value()\n num_value.number_value = 1234\n\n # Use the current time as the finding \"event time\".\n event_time = datetime.now(tz=timezone.utc)\n\n finding = Finding(\n state=Finding.State.ACTIVE,\n resource_name=resource_name,\n category=\"MEDIUM_RISK_ONE\",\n source_properties={\"s_value\": \"string_example\", \"n_value\": 1234},\n event_time=event_time,\n )\n\n created_finding = client.https://cloud.google.com/python/docs/reference/securitycenter/latest/google.cloud.securitycenter_v1.services.security_center.SecurityCenterClient.html#google_cloud_securitycenter_v1_services_security_center_SecurityCenterClient_create_finding(\n request={\"parent\": source_name, \"finding_id\": finding_id, \"finding\": finding}\n )\n print(created_finding)\n\nWhat's next\n\n\nTo search and filter code samples for other Google Cloud products, see the\n[Google Cloud sample browser](/docs/samples?product=securitycenter)."]]
