Benutzerdefiniertes Modul für die Ereignis-Bedrohungserkennung aktualisieren

Beispielcode zum Aktualisieren benutzerdefinierter Event Threat Detection-Module

Codebeispiel

Go

Richten Sie die Standardanmeldedaten für Anwendungen ein, um sich bei Security Command Center zu authentifizieren. Weitere Informationen finden Sie unter Authentifizierung für eine lokale Entwicklungsumgebung einrichten. 


import (
	"context"
	"fmt"
	"io"

	securitycentermanagement "cloud.google.com/go/securitycentermanagement/apiv1"
	securitycentermanagementpb "cloud.google.com/go/securitycentermanagement/apiv1/securitycentermanagementpb"
	fieldmaskpb "google.golang.org/protobuf/types/known/fieldmaskpb"
)

// updateEventThreatDetectionCustomModule updates a custom module for Event Threat Detection.
func updateEventThreatDetectionCustomModule(w io.Writer, parent string, customModuleID string) error {
	// parent: Use any one of the following options:
	// - organizations/{organization_id}/locations/{location_id}
	// - folders/{folder_id}/locations/{location_id}
	// - projects/{project_id}/locations/{location_id}

	ctx := context.Background()
	client, err := securitycentermanagement.NewClient(ctx)
	if err != nil {
		return fmt.Errorf("securitycentermanagement.NewClient: %w", err)
	}
	defer client.Close()

	// Define the custom module configuration
	customModule := &securitycentermanagementpb.EventThreatDetectionCustomModule{
		Name:            fmt.Sprintf("%s/eventThreatDetectionCustomModules/%s", parent, customModuleID),
		EnablementState: securitycentermanagementpb.EventThreatDetectionCustomModule_DISABLED,
	}

	req := &securitycentermanagementpb.UpdateEventThreatDetectionCustomModuleRequest{
		UpdateMask: &fieldmaskpb.FieldMask{
			Paths: []string{
				"enablement_state",
			},
		},
		EventThreatDetectionCustomModule: customModule,
	}

	module, err := client.UpdateEventThreatDetectionCustomModule(ctx, req)
	if err != nil {
		return fmt.Errorf("failed to update EventThreatDetectionCustomModule: %w", err)
	}

	fmt.Fprintf(w, "Updated EventThreatDetectionCustomModule: %s\n", module.Name)
	return nil
}

Java

Richten Sie die Standardanmeldedaten für Anwendungen ein, um sich bei Security Command Center zu authentifizieren. Weitere Informationen finden Sie unter Authentifizierung für eine lokale Entwicklungsumgebung einrichten. 

import com.google.cloud.securitycentermanagement.v1.EventThreatDetectionCustomModule;
import com.google.cloud.securitycentermanagement.v1.EventThreatDetectionCustomModule.EnablementState;
import com.google.cloud.securitycentermanagement.v1.SecurityCenterManagementClient;
import com.google.cloud.securitycentermanagement.v1.UpdateEventThreatDetectionCustomModuleRequest;
import com.google.protobuf.FieldMask;
import java.io.IOException;

public class UpdateEventThreatDetectionCustomModule {

  public static void main(String[] args) throws IOException {
    // TODO: Developer should replace project_id with a real project ID before running this code
    String projectId = "project_id";

    String customModuleId = "custom_module_id";

    updateEventThreatDetectionCustomModule(projectId, customModuleId);
  }

  public static EventThreatDetectionCustomModule updateEventThreatDetectionCustomModule(
      String projectId, String customModuleId) throws IOException {

    // Initialize client that will be used to send requests. This client only needs
    // to be created
    // once, and can be reused for multiple requests.
    try (SecurityCenterManagementClient client = SecurityCenterManagementClient.create()) {

      String qualifiedModuleName =
          String.format(
              "projects/%s/locations/global/eventThreatDetectionCustomModules/%s",
              projectId, customModuleId);

      // Define the event threat detection custom module configuration, update the
      // DisplayName and EnablementState accordingly.
      EventThreatDetectionCustomModule eventThreatDetectionCustomModule =
          EventThreatDetectionCustomModule.newBuilder()
              .setName(qualifiedModuleName)
              .setDisplayName("updated_custom_module_name")
              .setEnablementState(EnablementState.DISABLED)
              .build();

      // Set the field mask to specify which properties should be updated. In the below example we
      // are updating displayName and EnablementState
      // https://cloud.google.com/security-command-center/docs/reference/security-center-management/rest/v1/organizations.locations.eventThreatDetectionCustomModules/patch#query-parameters
      // https://protobuf.dev/reference/protobuf/google.protobuf/#field-mask
      FieldMask fieldMask =
          FieldMask.newBuilder().addPaths("display_name").addPaths("enablement_state").build();

      UpdateEventThreatDetectionCustomModuleRequest request =
          UpdateEventThreatDetectionCustomModuleRequest.newBuilder()
              .setEventThreatDetectionCustomModule(eventThreatDetectionCustomModule)
              .setUpdateMask(fieldMask)
              .build();

      EventThreatDetectionCustomModule response =
          client.updateEventThreatDetectionCustomModule(request);

      return response;
    }
  }
}

Nächste Schritte

Informationen zum Suchen und Filtern von Codebeispielen für andere Google Cloud -Produkte finden Sie im Google Cloud -Beispielbrowser.