演示如何按安全标记过滤和列出发现结果
深入探索
如需查看包含此代码示例的详细文档,请参阅以下内容:
代码示例
Go
如需向 Security Command Center 进行身份验证,请设置应用默认凭据。 如需了解详情,请参阅为本地开发环境设置身份验证。
import (
"context"
"fmt"
"io"
securitycenter "cloud.google.com/go/securitycenter/apiv1"
"cloud.google.com/go/securitycenter/apiv1/securitycenterpb"
"google.golang.org/api/iterator"
)
// listFindingsWithMarks prints findings that don't have a security mark
// key_a equal to value_a to w. sourceName is the full resource name
// of the source to search for findings under.
func listFindingsWithMarks(w io.Writer, sourceName string) error {
// sourceName := "{parent}/sources/{sourceId}"
// where,
// Parent must be in one of the following formats:
// "organizations/{orgId}"
// "projects/{projectId}"
// "folders/{folderId}"
// Instantiate a context and a security service client to make API calls.
ctx := context.Background()
client, err := securitycenter.NewClient(ctx)
if err != nil {
return fmt.Errorf("securitycenter.NewClient: %w", err)
}
defer client.Close() // Closing the client safely cleans up background resources.
req := &securitycenterpb.ListFindingsRequest{
Parent: sourceName,
Filter: `NOT security_marks.marks.key_a="value_a"`,
}
it := client.ListFindings(ctx, req)
for {
result, err := it.Next()
if err == iterator.Done {
break
}
if err != nil {
return fmt.Errorf("it.Next: %w", err)
}
finding := result.Finding
fmt.Fprintf(w, "Finding Name: %s, ", finding.Name)
fmt.Fprintf(w, "Resource Name %s, ", finding.ResourceName)
fmt.Fprintf(w, "Category: %s\n", finding.Category)
}
return nil
}
Java
如需向 Security Command Center 进行身份验证,请设置应用默认凭据。 如需了解详情,请参阅为本地开发环境设置身份验证。
static ImmutableList<ListFindingsResult> listFindingsWithQueryMarks(SourceName sourceName) {
try (SecurityCenterClient client = SecurityCenterClient.create()) {
// Start setting up a request to list all findings filtered by a specific security mark.
//
// 'parent' must be in one of the following formats:
// * OrganizationName organizationName = OrganizationName.of("organization-id");
// String parent = organizationName.getOrganization();
// * ProjectName projectName = ProjectName.of("project-id");
// String parent = projectName.getProject();
// * FolderName folderName = FolderName.of("folder-id");
// String parent = folderName.getFolder();
// SourceName sourceName = SourceName.of(parent, {source-id});
String filter = "NOT security_marks.marks.key_a=\"value_a\"";
ListFindingsRequest.Builder request =
ListFindingsRequest.newBuilder().setParent(sourceName.toString()).setFilter(filter);
// Call the API.
ListFindingsPagedResponse response = client.listFindings(request.build());
// This creates one list for all findings in the filter.If your organization has a large
// number of
// findings this can cause out of memory issues. You can process them batches by returning
// the Iterable returned response.iterateAll() directly.
ImmutableList<ListFindingsResult> results = ImmutableList.copyOf(response.iterateAll());
System.out.println("Findings with security mark - key_a=value_a:");
System.out.println(results);
return results;
} catch (IOException e) {
throw new RuntimeException("Couldn't create client.", e);
}
}
Node.js
如需向 Security Command Center 进行身份验证,请设置应用默认凭据。 如需了解详情,请参阅为本地开发环境设置身份验证。
// Imports the Google Cloud client library.
const {SecurityCenterClient} = require('@google-cloud/security-center');
// Creates a new client.
const client = new SecurityCenterClient();
// sourceName is the full resource path of the source to search for
// findings.
/*
* TODO(developer): Uncomment the following lines
*/
// const sourceName = `${parent}/sources/${sourceId}`;
// where,
// parent: must be in one of the following formats:
// `organizations/${organization_id}`
// `projects/${project_id}`
// `folders/${folder_id}`
async function listFindingsWithSecurityMarks() {
const [response] = await client.listFindings({
// List findings across all sources.
parent: sourceName,
filter: 'NOT security_marks.marks.key_a="value_a"',
});
let count = 0;
Array.from(response).forEach(result =>
console.log(
`${++count} ${result.finding.name} ${result.finding.resourceName}`
)
);
}
listFindingsWithSecurityMarks();
Python
如需向 Security Command Center 进行身份验证,请设置应用默认凭据。 如需了解详情,请参阅为本地开发环境设置身份验证。
from google.cloud import securitycenter
client = securitycenter.SecurityCenterClient()
# 'source_name' is the resource path for a source that has been
# created previously (you can use list_sources to find a specific one).
# Its format is:
# source_name = "{parent}/sources/{source_id}"
# 'parent' must be in one of the following formats:
# "organizations/{organization_id}"
# "projects/{project_id}"
# "folders/{folder_id}"
# source_name = "organizations/111122222444/sources/1234"
marks_filter = 'NOT security_marks.marks.finding_key_a="value_a"'
# Call the API and print results.
finding_iterator = client.list_findings(
request={"parent": source_name, "filter": marks_filter}
)
for i, finding_result in enumerate(finding_iterator):
print(i, finding_result)
后续步骤
如需搜索和过滤其他 Google Cloud 产品的代码示例,请参阅 Google Cloud 示例浏览器。