列出含有安全標記的發現項目
透過集合功能整理內容
你可以依據偏好儲存及分類內容。
示範如何依安全標記篩選及列出發現項目
程式碼範例
Go
如要向 Security Command Center 進行驗證,請設定應用程式預設憑證。
詳情請參閱「為本機開發環境設定驗證」。
Java
如要向 Security Command Center 進行驗證,請設定應用程式預設憑證。
詳情請參閱「為本機開發環境設定驗證」。
Node.js
如要向 Security Command Center 進行驗證,請設定應用程式預設憑證。
詳情請參閱「為本機開發環境設定驗證」。
Python
如要向 Security Command Center 進行驗證,請設定應用程式預設憑證。
詳情請參閱「為本機開發環境設定驗證」。
除非另有註明,否則本頁面中的內容是採用創用 CC 姓名標示 4.0 授權,程式碼範例則為阿帕契 2.0 授權。詳情請參閱《Google Developers 網站政策》。Java 是 Oracle 和/或其關聯企業的註冊商標。
[[["容易理解","easyToUnderstand","thumb-up"],["確實解決了我的問題","solvedMyProblem","thumb-up"],["其他","otherUp","thumb-up"]],[["難以理解","hardToUnderstand","thumb-down"],["資訊或程式碼範例有誤","incorrectInformationOrSampleCode","thumb-down"],["缺少我需要的資訊/範例","missingTheInformationSamplesINeed","thumb-down"],["翻譯問題","translationIssue","thumb-down"],["其他","otherDown","thumb-down"]],[],[],[],null,["Demonstrates how to filter and list findings by security mark\n\nCode sample \n\nGo\n\n\nTo authenticate to Security Command Center, set up Application Default Credentials.\nFor more information, see\n\n[Set up authentication for a local development environment](/docs/authentication/set-up-adc-local-dev-environment).\n\n import (\n \t\"context\"\n \t\"fmt\"\n \t\"io\"\n\n \tsecuritycenter \"cloud.google.com/go/securitycenter/apiv1\"\n \t\"cloud.google.com/go/securitycenter/apiv1/securitycenterpb\"\n \t\"google.golang.org/api/iterator\"\n )\n\n // listFindingsWithMarks prints findings that don't have a security mark\n // key_a equal to value_a to w. sourceName is the full resource name\n // of the source to search for findings under.\n func listFindingsWithMarks(w io.Writer, sourceName string) error {\n \t// sourceName := \"{parent}/sources/{sourceId}\"\n \t// where,\n \t// Parent must be in one of the following formats:\n \t//\t\t\"organizations/{orgId}\"\n \t//\t\t\"projects/{projectId}\"\n \t//\t\t\"folders/{folderId}\"\n \t// Instantiate a context and a security service client to make API calls.\n \tctx := context.Background()\n \tclient, err := securitycenter.https://cloud.google.com/go/docs/reference/cloud.google.com/go/securitycenter/latest/apiv1.html#cloud_google_com_go_securitycenter_apiv1_Client_NewClient(ctx)\n \tif err != nil {\n \t\treturn fmt.Errorf(\"securitycenter.NewClient: %w\", err)\n \t}\n \tdefer client.https://cloud.google.com/go/docs/reference/cloud.google.com/go/securitycenter/latest/apiv1.html#cloud_google_com_go_securitycenter_apiv1_Client_Close() // Closing the client safely cleans up background resources.\n\n \treq := &securitycenterpb.ListFindingsRequest{\n \t\tParent: sourceName,\n \t\tFilter: `NOT security_marks.marks.key_a=\"value_a\"`,\n \t}\n \tit := client.ListFindings(ctx, req)\n \tfor {\n \t\tresult, err := it.Next()\n \t\tif err == iterator.Done {\n \t\t\tbreak\n \t\t}\n \t\tif err != nil {\n \t\t\treturn fmt.Errorf(\"it.Next: %w\", err)\n \t\t}\n \t\tfinding := result.Finding\n \t\tfmt.Fprintf(w, \"Finding Name: %s, \", finding.Name)\n \t\tfmt.Fprintf(w, \"Resource Name %s, \", finding.ResourceName)\n \t\tfmt.Fprintf(w, \"Category: %s\\n\", finding.Category)\n \t}\n \treturn nil\n }\n\nJava\n\n\nTo authenticate to Security Command Center, set up Application Default Credentials.\nFor more information, see\n\n[Set up authentication for a local development environment](/docs/authentication/set-up-adc-local-dev-environment).\n\n static ImmutableList\u003cListFindingsResult\u003e listFindingsWithQueryMarks(SourceName sourceName) {\n try (SecurityCenterClient client = SecurityCenterClient.create()) {\n // Start setting up a request to list all findings filtered by a specific security mark.\n //\n // 'parent' must be in one of the following formats:\n // * OrganizationName organizationName = OrganizationName.of(\"organization-id\");\n // String parent = organizationName.getOrganization();\n // * ProjectName projectName = ProjectName.of(\"project-id\");\n // String parent = projectName.getProject();\n // * FolderName folderName = FolderName.of(\"folder-id\");\n // String parent = folderName.getFolder();\n // SourceName sourceName = SourceName.of(parent, {source-id});\n\n String filter = \"NOT security_marks.marks.key_a=\\\"value_a\\\"\";\n\n ListFindingsRequest.Builder request =\n ListFindingsRequest.newBuilder().setParent(sourceName.toString()).setFilter(filter);\n\n // Call the API.\n ListFindingsPagedResponse response = client.listFindings(request.build());\n\n // This creates one list for all findings in the filter.If your organization has a large\n // number of\n // findings this can cause out of memory issues. You can process them batches by returning\n // the Iterable returned response.iterateAll() directly.\n ImmutableList\u003cListFindingsResult\u003e results = ImmutableList.copyOf(response.iterateAll());\n System.out.println(\"Findings with security mark - key_a=value_a:\");\n System.out.println(results);\n return results;\n } catch (IOException e) {\n throw new RuntimeException(\"Couldn't create client.\", e);\n }\n }\n\nNode.js\n\n\nTo authenticate to Security Command Center, set up Application Default Credentials.\nFor more information, see\n\n[Set up authentication for a local development environment](/docs/authentication/set-up-adc-local-dev-environment).\n\n // Imports the Google Cloud client library.\n const {SecurityCenterClient} = require('https://cloud.google.com/nodejs/docs/reference/security-center/latest/overview.html');\n\n // Creates a new client.\n const client = new https://cloud.google.com/nodejs/docs/reference/security-center/latest/overview.html();\n // sourceName is the full resource path of the source to search for\n // findings.\n /*\n * TODO(developer): Uncomment the following lines\n */\n // const sourceName = `${parent}/sources/${sourceId}`;\n // where,\n // parent: must be in one of the following formats:\n // `organizations/${organization_id}`\n // `projects/${project_id}`\n // `folders/${folder_id}`\n\n async function listFindingsWithSecurityMarks() {\n const [response] = await client.listFindings({\n // List findings across all sources.\n parent: sourceName,\n filter: 'NOT security_marks.marks.key_a=\"value_a\"',\n });\n let count = 0;\n Array.from(response).forEach(result =\u003e\n console.log(\n `${++count} ${result.finding.name} ${result.finding.resourceName}`\n )\n );\n }\n listFindingsWithSecurityMarks();\n\nPython\n\n\nTo authenticate to Security Command Center, set up Application Default Credentials.\nFor more information, see\n\n[Set up authentication for a local development environment](/docs/authentication/set-up-adc-local-dev-environment).\n\n from google.cloud import securitycenter\n\n client = securitycenter.SecurityCenterClient()\n\n # 'source_name' is the resource path for a source that has been\n # created previously (you can use list_sources to find a specific one).\n # Its format is:\n # source_name = \"{parent}/sources/{source_id}\"\n # 'parent' must be in one of the following formats:\n # \"organizations/{organization_id}\"\n # \"projects/{project_id}\"\n # \"folders/{folder_id}\"\n # source_name = \"organizations/111122222444/sources/1234\"\n marks_filter = 'NOT security_marks.marks.finding_key_a=\"value_a\"'\n\n # Call the API and print results.\n finding_iterator = client.https://cloud.google.com/python/docs/reference/securitycenter/latest/google.cloud.securitycenter_v1.services.security_center.SecurityCenterClient.html#google_cloud_securitycenter_v1_services_security_center_SecurityCenterClient_list_findings(\n request={\"parent\": source_name, \"filter\": marks_filter}\n )\n for i, finding_result in enumerate(finding_iterator):\n print(i, finding_result)\n\nWhat's next\n\n\nTo search and filter code samples for other Google Cloud products, see the\n[Google Cloud sample browser](/docs/samples?product=securitycenter)."]]
