특정 시점의 발견 항목을 그룹화하는 방법을 보여줍니다.
코드 샘플
Go
Security Command Center에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
import (
"context"
"fmt"
"io"
"time"
securitycenter "cloud.google.com/go/securitycenter/apiv1"
"cloud.google.com/go/securitycenter/apiv1/securitycenterpb"
"github.com/golang/protobuf/ptypes"
"google.golang.org/api/iterator"
)
// listFindingsAtTime prints findings that where present for a specific source
// as of five days ago to w. sourceName is the full resource name of the
// source to search for findings under.
func listFindingsAtTime(w io.Writer, sourceName string) error {
// Specific source:
// sourceName := "{parent}/sources/{sourceId}"
// All sources:
// sourceName := "{parent}/sources/-"
// where,
// Parent must be in one of the following formats:
// "organizations/{orgId}"
// "projects/{projectId}"
// "folders/{folderId}"
ctx := context.Background()
client, err := securitycenter.NewClient(ctx)
if err != nil {
return fmt.Errorf("securitycenter.NewClient: %w", err)
}
defer client.Close() // Closing the client safely cleans up background resources.
fiveDaysAgo, err := ptypes.TimestampProto(time.Now().AddDate(0, 0, -5))
if err != nil {
return fmt.Errorf("Error converting five days ago: %w", err)
}
req := &securitycenterpb.ListFindingsRequest{
Parent: sourceName,
ReadTime: fiveDaysAgo,
}
it := client.ListFindings(ctx, req)
for {
result, err := it.Next()
if err == iterator.Done {
break
}
if err != nil {
return fmt.Errorf("it.Next: %w", err)
}
finding := result.Finding
fmt.Fprintf(w, "Finding Name: %s, ", finding.Name)
fmt.Fprintf(w, "Resource Name %s, ", finding.ResourceName)
fmt.Fprintf(w, "Category: %s\n", finding.Category)
}
return nil
}
Java
Security Command Center에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
static ImmutableList<ListFindingsResult> listFindingsAtTime(SourceName sourceName) {
try (SecurityCenterClient client = SecurityCenterClient.create()) {
// parentId: must be one of the following:
// "organization-id"
// "project-id"
// "folder-id"
// SourceName sourceName = SourceName.of(parentId, sourceId);
// 5 days ago
Instant fiveDaysAgo = Instant.now().minus(Duration.ofDays(5));
ListFindingsRequest.Builder request =
ListFindingsRequest.newBuilder()
.setParent(sourceName.toString())
.setReadTime(
Timestamp.newBuilder()
.setSeconds(fiveDaysAgo.getEpochSecond())
.setNanos(fiveDaysAgo.getNano()));
// Call the API.
ListFindingsPagedResponse response = client.listFindings(request.build());
// This creates one list for all findings. If your organization has a large number of
// findings this can cause out of memory issues. You can process them in incrementally
// by returning the Iterable returned response.iterateAll() directly.
ImmutableList<ListFindingsResult> results = ImmutableList.copyOf(response.iterateAll());
System.out.println("Findings:");
System.out.println(results);
return results;
} catch (IOException e) {
throw new RuntimeException("Couldn't create client.", e);
}
}
Node.js
Security Command Center에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
// Imports the Google Cloud client library.
const {SecurityCenterClient} = require('@google-cloud/security-center');
// Creates a new client.
const client = new SecurityCenterClient();
// sourceName is the fully qualified source name to search for findings
// under.
/*
* TODO(developer): Uncomment the following lines
*/
// const sourceName = `${parent}/sources/${sourceId}`;
// where,
// parent: must be in one of the following formats:
// `organizations/${organization_id}`
// `projects/${project_id}`
// `folders/${folder_id}`
const fiveDaysAgo = new Date();
fiveDaysAgo.setDate(fiveDaysAgo.getDate() - 5);
async function listFindingsAtTime() {
const [response] = await client.listFindings({
// List findings across all sources.
parent: sourceName,
readTime: {
seconds: Math.floor(fiveDaysAgo.getTime() / 1000),
nanos: (fiveDaysAgo.getTime() % 1000) * 1e6,
},
});
let count = 0;
Array.from(response).forEach(result =>
console.log(
`${++count} ${result.finding.name} ${result.finding.resourceName}`
)
);
}
listFindingsAtTime();
Python
Security Command Center에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.
from datetime import datetime, timedelta
from google.cloud import securitycenter
# Create a new client.
client = securitycenter.SecurityCenterClient()
# 'source_name' is the resource path for a source that has been
# created previously (you can use list_sources to find a specific one).
# Its format is:
# source_name = f"{parent}/sources/{source_id}"
# 'parent' must be in one of the following formats:
# "organizations/{organization_id}"
# "projects/{project_id}"
# "folders/{folder_id}"
# You an also use a wild-card "-" for all sources:
# source_name = "organizations/111122222444/sources/-"
five_days_ago = str(datetime.now() - timedelta(days=5))
finding_result_iterator = client.list_findings(
request={"parent": source_name, "filter": five_days_ago}
)
for i, finding_result in enumerate(finding_result_iterator):
print(
"{}: name: {} resource: {}".format(
i, finding_result.finding.name, finding_result.finding.resource_name
)
)
다음 단계
다른 Google Cloud 제품의 코드 샘플을 검색하고 필터링하려면 Google Cloud 샘플 브라우저를 참조하세요.