Class Finding (2.32.0)

public final class Finding extends GeneratedMessageV3 implements FindingOrBuilder

Security Command Center finding.

A finding is a record of assessment data like security, risk, health, or privacy, that is ingested into Security Command Center for presentation, notification, analysis, policy testing, and enforcement. For example, a cross-site scripting (XSS) vulnerability in an App Engine application is a finding.

Protobuf type google.cloud.securitycenter.v1.Finding

Implements

FindingOrBuilder

Static Fields

ACCESS_FIELD_NUMBER

public static final int ACCESS_FIELD_NUMBER
Field Value
TypeDescription
int

CANONICAL_NAME_FIELD_NUMBER

public static final int CANONICAL_NAME_FIELD_NUMBER
Field Value
TypeDescription
int

CATEGORY_FIELD_NUMBER

public static final int CATEGORY_FIELD_NUMBER
Field Value
TypeDescription
int

CLOUD_DLP_DATA_PROFILE_FIELD_NUMBER

public static final int CLOUD_DLP_DATA_PROFILE_FIELD_NUMBER
Field Value
TypeDescription
int

CLOUD_DLP_INSPECTION_FIELD_NUMBER

public static final int CLOUD_DLP_INSPECTION_FIELD_NUMBER
Field Value
TypeDescription
int

COMPLIANCES_FIELD_NUMBER

public static final int COMPLIANCES_FIELD_NUMBER
Field Value
TypeDescription
int

CONNECTIONS_FIELD_NUMBER

public static final int CONNECTIONS_FIELD_NUMBER
Field Value
TypeDescription
int

CONTACTS_FIELD_NUMBER

public static final int CONTACTS_FIELD_NUMBER
Field Value
TypeDescription
int

CONTAINERS_FIELD_NUMBER

public static final int CONTAINERS_FIELD_NUMBER
Field Value
TypeDescription
int

CREATE_TIME_FIELD_NUMBER

public static final int CREATE_TIME_FIELD_NUMBER
Field Value
TypeDescription
int

DATABASE_FIELD_NUMBER

public static final int DATABASE_FIELD_NUMBER
Field Value
TypeDescription
int

DESCRIPTION_FIELD_NUMBER

public static final int DESCRIPTION_FIELD_NUMBER
Field Value
TypeDescription
int

EVENT_TIME_FIELD_NUMBER

public static final int EVENT_TIME_FIELD_NUMBER
Field Value
TypeDescription
int

EXFILTRATION_FIELD_NUMBER

public static final int EXFILTRATION_FIELD_NUMBER
Field Value
TypeDescription
int

EXTERNAL_SYSTEMS_FIELD_NUMBER

public static final int EXTERNAL_SYSTEMS_FIELD_NUMBER
Field Value
TypeDescription
int

EXTERNAL_URI_FIELD_NUMBER

public static final int EXTERNAL_URI_FIELD_NUMBER
Field Value
TypeDescription
int

FILES_FIELD_NUMBER

public static final int FILES_FIELD_NUMBER
Field Value
TypeDescription
int

FINDING_CLASS_FIELD_NUMBER

public static final int FINDING_CLASS_FIELD_NUMBER
Field Value
TypeDescription
int

IAM_BINDINGS_FIELD_NUMBER

public static final int IAM_BINDINGS_FIELD_NUMBER
Field Value
TypeDescription
int

INDICATOR_FIELD_NUMBER

public static final int INDICATOR_FIELD_NUMBER
Field Value
TypeDescription
int

KERNEL_ROOTKIT_FIELD_NUMBER

public static final int KERNEL_ROOTKIT_FIELD_NUMBER
Field Value
TypeDescription
int

KUBERNETES_FIELD_NUMBER

public static final int KUBERNETES_FIELD_NUMBER
Field Value
TypeDescription
int

MITRE_ATTACK_FIELD_NUMBER

public static final int MITRE_ATTACK_FIELD_NUMBER
Field Value
TypeDescription
int

MODULE_NAME_FIELD_NUMBER

public static final int MODULE_NAME_FIELD_NUMBER
Field Value
TypeDescription
int

MUTE_FIELD_NUMBER

public static final int MUTE_FIELD_NUMBER
Field Value
TypeDescription
int

MUTE_INITIATOR_FIELD_NUMBER

public static final int MUTE_INITIATOR_FIELD_NUMBER
Field Value
TypeDescription
int

MUTE_UPDATE_TIME_FIELD_NUMBER

public static final int MUTE_UPDATE_TIME_FIELD_NUMBER
Field Value
TypeDescription
int

NAME_FIELD_NUMBER

public static final int NAME_FIELD_NUMBER
Field Value
TypeDescription
int

NEXT_STEPS_FIELD_NUMBER

public static final int NEXT_STEPS_FIELD_NUMBER
Field Value
TypeDescription
int

PARENT_DISPLAY_NAME_FIELD_NUMBER

public static final int PARENT_DISPLAY_NAME_FIELD_NUMBER
Field Value
TypeDescription
int

PARENT_FIELD_NUMBER

public static final int PARENT_FIELD_NUMBER
Field Value
TypeDescription
int

PROCESSES_FIELD_NUMBER

public static final int PROCESSES_FIELD_NUMBER
Field Value
TypeDescription
int

RESOURCE_NAME_FIELD_NUMBER

public static final int RESOURCE_NAME_FIELD_NUMBER
Field Value
TypeDescription
int

SECURITY_MARKS_FIELD_NUMBER

public static final int SECURITY_MARKS_FIELD_NUMBER
Field Value
TypeDescription
int

SEVERITY_FIELD_NUMBER

public static final int SEVERITY_FIELD_NUMBER
Field Value
TypeDescription
int

SOURCE_PROPERTIES_FIELD_NUMBER

public static final int SOURCE_PROPERTIES_FIELD_NUMBER
Field Value
TypeDescription
int

STATE_FIELD_NUMBER

public static final int STATE_FIELD_NUMBER
Field Value
TypeDescription
int

VULNERABILITY_FIELD_NUMBER

public static final int VULNERABILITY_FIELD_NUMBER
Field Value
TypeDescription
int

Static Methods

getDefaultInstance()

public static Finding getDefaultInstance()
Returns
TypeDescription
Finding

getDescriptor()

public static final Descriptors.Descriptor getDescriptor()
Returns
TypeDescription
Descriptor

newBuilder()

public static Finding.Builder newBuilder()
Returns
TypeDescription
Finding.Builder

newBuilder(Finding prototype)

public static Finding.Builder newBuilder(Finding prototype)
Parameter
NameDescription
prototypeFinding
Returns
TypeDescription
Finding.Builder

parseDelimitedFrom(InputStream input)

public static Finding parseDelimitedFrom(InputStream input)
Parameter
NameDescription
inputInputStream
Returns
TypeDescription
Finding
Exceptions
TypeDescription
IOException

parseDelimitedFrom(InputStream input, ExtensionRegistryLite extensionRegistry)

public static Finding parseDelimitedFrom(InputStream input, ExtensionRegistryLite extensionRegistry)
Parameters
NameDescription
inputInputStream
extensionRegistryExtensionRegistryLite
Returns
TypeDescription
Finding
Exceptions
TypeDescription
IOException

parseFrom(byte[] data)

public static Finding parseFrom(byte[] data)
Parameter
NameDescription
databyte[]
Returns
TypeDescription
Finding
Exceptions
TypeDescription
InvalidProtocolBufferException

parseFrom(byte[] data, ExtensionRegistryLite extensionRegistry)

public static Finding parseFrom(byte[] data, ExtensionRegistryLite extensionRegistry)
Parameters
NameDescription
databyte[]
extensionRegistryExtensionRegistryLite
Returns
TypeDescription
Finding
Exceptions
TypeDescription
InvalidProtocolBufferException

parseFrom(ByteString data)

public static Finding parseFrom(ByteString data)
Parameter
NameDescription
dataByteString
Returns
TypeDescription
Finding
Exceptions
TypeDescription
InvalidProtocolBufferException

parseFrom(ByteString data, ExtensionRegistryLite extensionRegistry)

public static Finding parseFrom(ByteString data, ExtensionRegistryLite extensionRegistry)
Parameters
NameDescription
dataByteString
extensionRegistryExtensionRegistryLite
Returns
TypeDescription
Finding
Exceptions
TypeDescription
InvalidProtocolBufferException

parseFrom(CodedInputStream input)

public static Finding parseFrom(CodedInputStream input)
Parameter
NameDescription
inputCodedInputStream
Returns
TypeDescription
Finding
Exceptions
TypeDescription
IOException

parseFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)

public static Finding parseFrom(CodedInputStream input, ExtensionRegistryLite extensionRegistry)
Parameters
NameDescription
inputCodedInputStream
extensionRegistryExtensionRegistryLite
Returns
TypeDescription
Finding
Exceptions
TypeDescription
IOException

parseFrom(InputStream input)

public static Finding parseFrom(InputStream input)
Parameter
NameDescription
inputInputStream
Returns
TypeDescription
Finding
Exceptions
TypeDescription
IOException

parseFrom(InputStream input, ExtensionRegistryLite extensionRegistry)

public static Finding parseFrom(InputStream input, ExtensionRegistryLite extensionRegistry)
Parameters
NameDescription
inputInputStream
extensionRegistryExtensionRegistryLite
Returns
TypeDescription
Finding
Exceptions
TypeDescription
IOException

parseFrom(ByteBuffer data)

public static Finding parseFrom(ByteBuffer data)
Parameter
NameDescription
dataByteBuffer
Returns
TypeDescription
Finding
Exceptions
TypeDescription
InvalidProtocolBufferException

parseFrom(ByteBuffer data, ExtensionRegistryLite extensionRegistry)

public static Finding parseFrom(ByteBuffer data, ExtensionRegistryLite extensionRegistry)
Parameters
NameDescription
dataByteBuffer
extensionRegistryExtensionRegistryLite
Returns
TypeDescription
Finding
Exceptions
TypeDescription
InvalidProtocolBufferException

parser()

public static Parser<Finding> parser()
Returns
TypeDescription
Parser<Finding>

Methods

containsContacts(String key)

public boolean containsContacts(String key)

Output only. Map containing the points of contact for the given finding. The key represents the type of contact, while the value contains a list of all the contacts that pertain. Please refer to: https://cloud.google.com/resource-manager/docs/managing-notification-contacts#notification-categories

 {
   "security": {
     "contacts": [
       {
         "email": "person1&#64;company.com"
       },
       {
         "email": "person2&#64;company.com"
       }
     ]
   }
 }

map<string, .google.cloud.securitycenter.v1.ContactDetails> contacts = 33 [(.google.api.field_behavior) = OUTPUT_ONLY];

Parameter
NameDescription
keyString
Returns
TypeDescription
boolean

containsExternalSystems(String key)

public boolean containsExternalSystems(String key)

Output only. Third party SIEM/SOAR fields within SCC, contains external system information and external system finding fields.

map<string, .google.cloud.securitycenter.v1.ExternalSystem> external_systems = 22 [(.google.api.field_behavior) = OUTPUT_ONLY];

Parameter
NameDescription
keyString
Returns
TypeDescription
boolean

containsSourceProperties(String key)

public boolean containsSourceProperties(String key)

Source specific properties. These properties are managed by the source that writes the finding. The key names in the source_properties map must be between 1 and 255 characters, and must start with a letter and contain alphanumeric characters or underscores only.

map<string, .google.protobuf.Value> source_properties = 7;

Parameter
NameDescription
keyString
Returns
TypeDescription
boolean

equals(Object obj)

public boolean equals(Object obj)
Parameter
NameDescription
objObject
Returns
TypeDescription
boolean
Overrides

getAccess()

public Access getAccess()

Access details associated with the finding, such as more information on the caller, which method was accessed, and from where.

.google.cloud.securitycenter.v1.Access access = 26;

Returns
TypeDescription
Access

The access.

getAccessOrBuilder()

public AccessOrBuilder getAccessOrBuilder()

Access details associated with the finding, such as more information on the caller, which method was accessed, and from where.

.google.cloud.securitycenter.v1.Access access = 26;

Returns
TypeDescription
AccessOrBuilder

getCanonicalName()

public String getCanonicalName()

The canonical name of the finding. It's either "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", "folders/{folder_id}/sources/{source_id}/findings/{finding_id}" or "projects/{project_number}/sources/{source_id}/findings/{finding_id}", depending on the closest CRM ancestor of the resource associated with the finding.

string canonical_name = 14;

Returns
TypeDescription
String

The canonicalName.

getCanonicalNameBytes()

public ByteString getCanonicalNameBytes()

The canonical name of the finding. It's either "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", "folders/{folder_id}/sources/{source_id}/findings/{finding_id}" or "projects/{project_number}/sources/{source_id}/findings/{finding_id}", depending on the closest CRM ancestor of the resource associated with the finding.

string canonical_name = 14;

Returns
TypeDescription
ByteString

The bytes for canonicalName.

getCategory()

public String getCategory()

The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: "XSS_FLASH_INJECTION"

string category = 5;

Returns
TypeDescription
String

The category.

getCategoryBytes()

public ByteString getCategoryBytes()

The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: "XSS_FLASH_INJECTION"

string category = 5;

Returns
TypeDescription
ByteString

The bytes for category.

getCloudDlpDataProfile()

public CloudDlpDataProfile getCloudDlpDataProfile()

Cloud DLP data profile that is associated with the finding.

.google.cloud.securitycenter.v1.CloudDlpDataProfile cloud_dlp_data_profile = 49;

Returns
TypeDescription
CloudDlpDataProfile

The cloudDlpDataProfile.

getCloudDlpDataProfileOrBuilder()

public CloudDlpDataProfileOrBuilder getCloudDlpDataProfileOrBuilder()

Cloud DLP data profile that is associated with the finding.

.google.cloud.securitycenter.v1.CloudDlpDataProfile cloud_dlp_data_profile = 49;

Returns
TypeDescription
CloudDlpDataProfileOrBuilder

getCloudDlpInspection()

public CloudDlpInspection getCloudDlpInspection()

Cloud Data Loss Prevention (Cloud DLP) inspection results that are associated with the finding.

.google.cloud.securitycenter.v1.CloudDlpInspection cloud_dlp_inspection = 48;

Returns
TypeDescription
CloudDlpInspection

The cloudDlpInspection.

getCloudDlpInspectionOrBuilder()

public CloudDlpInspectionOrBuilder getCloudDlpInspectionOrBuilder()

Cloud Data Loss Prevention (Cloud DLP) inspection results that are associated with the finding.

.google.cloud.securitycenter.v1.CloudDlpInspection cloud_dlp_inspection = 48;

Returns
TypeDescription
CloudDlpInspectionOrBuilder

getCompliances(int index)

public Compliance getCompliances(int index)

Contains compliance information for security standards associated to the finding.

repeated .google.cloud.securitycenter.v1.Compliance compliances = 34;

Parameter
NameDescription
indexint
Returns
TypeDescription
Compliance

getCompliancesCount()

public int getCompliancesCount()

Contains compliance information for security standards associated to the finding.

repeated .google.cloud.securitycenter.v1.Compliance compliances = 34;

Returns
TypeDescription
int

getCompliancesList()

public List<Compliance> getCompliancesList()

Contains compliance information for security standards associated to the finding.

repeated .google.cloud.securitycenter.v1.Compliance compliances = 34;

Returns
TypeDescription
List<Compliance>

getCompliancesOrBuilder(int index)

public ComplianceOrBuilder getCompliancesOrBuilder(int index)

Contains compliance information for security standards associated to the finding.

repeated .google.cloud.securitycenter.v1.Compliance compliances = 34;

Parameter
NameDescription
indexint
Returns
TypeDescription
ComplianceOrBuilder

getCompliancesOrBuilderList()

public List<? extends ComplianceOrBuilder> getCompliancesOrBuilderList()

Contains compliance information for security standards associated to the finding.

repeated .google.cloud.securitycenter.v1.Compliance compliances = 34;

Returns
TypeDescription
List<? extends com.google.cloud.securitycenter.v1.ComplianceOrBuilder>

getConnections(int index)

public Connection getConnections(int index)

Contains information about the IP connection associated with the finding.

repeated .google.cloud.securitycenter.v1.Connection connections = 31;

Parameter
NameDescription
indexint
Returns
TypeDescription
Connection

getConnectionsCount()

public int getConnectionsCount()

Contains information about the IP connection associated with the finding.

repeated .google.cloud.securitycenter.v1.Connection connections = 31;

Returns
TypeDescription
int

getConnectionsList()

public List<Connection> getConnectionsList()

Contains information about the IP connection associated with the finding.

repeated .google.cloud.securitycenter.v1.Connection connections = 31;

Returns
TypeDescription
List<Connection>

getConnectionsOrBuilder(int index)

public ConnectionOrBuilder getConnectionsOrBuilder(int index)

Contains information about the IP connection associated with the finding.

repeated .google.cloud.securitycenter.v1.Connection connections = 31;

Parameter
NameDescription
indexint
Returns
TypeDescription
ConnectionOrBuilder

getConnectionsOrBuilderList()

public List<? extends ConnectionOrBuilder> getConnectionsOrBuilderList()

Contains information about the IP connection associated with the finding.

repeated .google.cloud.securitycenter.v1.Connection connections = 31;

Returns
TypeDescription
List<? extends com.google.cloud.securitycenter.v1.ConnectionOrBuilder>

getContacts()

public Map<String,ContactDetails> getContacts()

Use #getContactsMap() instead.

Returns
TypeDescription
Map<String,ContactDetails>

getContactsCount()

public int getContactsCount()

Output only. Map containing the points of contact for the given finding. The key represents the type of contact, while the value contains a list of all the contacts that pertain. Please refer to: https://cloud.google.com/resource-manager/docs/managing-notification-contacts#notification-categories

 {
   "security": {
     "contacts": [
       {
         "email": "person1&#64;company.com"
       },
       {
         "email": "person2&#64;company.com"
       }
     ]
   }
 }

map<string, .google.cloud.securitycenter.v1.ContactDetails> contacts = 33 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
TypeDescription
int

getContactsMap()

public Map<String,ContactDetails> getContactsMap()

Output only. Map containing the points of contact for the given finding. The key represents the type of contact, while the value contains a list of all the contacts that pertain. Please refer to: https://cloud.google.com/resource-manager/docs/managing-notification-contacts#notification-categories

 {
   "security": {
     "contacts": [
       {
         "email": "person1&#64;company.com"
       },
       {
         "email": "person2&#64;company.com"
       }
     ]
   }
 }

map<string, .google.cloud.securitycenter.v1.ContactDetails> contacts = 33 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
TypeDescription
Map<String,ContactDetails>

getContactsOrDefault(String key, ContactDetails defaultValue)

public ContactDetails getContactsOrDefault(String key, ContactDetails defaultValue)

Output only. Map containing the points of contact for the given finding. The key represents the type of contact, while the value contains a list of all the contacts that pertain. Please refer to: https://cloud.google.com/resource-manager/docs/managing-notification-contacts#notification-categories

 {
   "security": {
     "contacts": [
       {
         "email": "person1&#64;company.com"
       },
       {
         "email": "person2&#64;company.com"
       }
     ]
   }
 }

map<string, .google.cloud.securitycenter.v1.ContactDetails> contacts = 33 [(.google.api.field_behavior) = OUTPUT_ONLY];

Parameters
NameDescription
keyString
defaultValueContactDetails
Returns
TypeDescription
ContactDetails

getContactsOrThrow(String key)

public ContactDetails getContactsOrThrow(String key)

Output only. Map containing the points of contact for the given finding. The key represents the type of contact, while the value contains a list of all the contacts that pertain. Please refer to: https://cloud.google.com/resource-manager/docs/managing-notification-contacts#notification-categories

 {
   "security": {
     "contacts": [
       {
         "email": "person1&#64;company.com"
       },
       {
         "email": "person2&#64;company.com"
       }
     ]
   }
 }

map<string, .google.cloud.securitycenter.v1.ContactDetails> contacts = 33 [(.google.api.field_behavior) = OUTPUT_ONLY];

Parameter
NameDescription
keyString
Returns
TypeDescription
ContactDetails

getContainers(int index)

public Container getContainers(int index)

Containers associated with the finding. This field provides information for both Kubernetes and non-Kubernetes containers.

repeated .google.cloud.securitycenter.v1.Container containers = 42;

Parameter
NameDescription
indexint
Returns
TypeDescription
Container

getContainersCount()

public int getContainersCount()

Containers associated with the finding. This field provides information for both Kubernetes and non-Kubernetes containers.

repeated .google.cloud.securitycenter.v1.Container containers = 42;

Returns
TypeDescription
int

getContainersList()

public List<Container> getContainersList()

Containers associated with the finding. This field provides information for both Kubernetes and non-Kubernetes containers.

repeated .google.cloud.securitycenter.v1.Container containers = 42;

Returns
TypeDescription
List<Container>

getContainersOrBuilder(int index)

public ContainerOrBuilder getContainersOrBuilder(int index)

Containers associated with the finding. This field provides information for both Kubernetes and non-Kubernetes containers.

repeated .google.cloud.securitycenter.v1.Container containers = 42;

Parameter
NameDescription
indexint
Returns
TypeDescription
ContainerOrBuilder

getContainersOrBuilderList()

public List<? extends ContainerOrBuilder> getContainersOrBuilderList()

Containers associated with the finding. This field provides information for both Kubernetes and non-Kubernetes containers.

repeated .google.cloud.securitycenter.v1.Container containers = 42;

Returns
TypeDescription
List<? extends com.google.cloud.securitycenter.v1.ContainerOrBuilder>

getCreateTime()

public Timestamp getCreateTime()

The time at which the finding was created in Security Command Center.

.google.protobuf.Timestamp create_time = 10;

Returns
TypeDescription
Timestamp

The createTime.

getCreateTimeOrBuilder()

public TimestampOrBuilder getCreateTimeOrBuilder()

The time at which the finding was created in Security Command Center.

.google.protobuf.Timestamp create_time = 10;

Returns
TypeDescription
TimestampOrBuilder

getDatabase()

public Database getDatabase()

Database associated with the finding.

.google.cloud.securitycenter.v1.Database database = 44;

Returns
TypeDescription
Database

The database.

getDatabaseOrBuilder()

public DatabaseOrBuilder getDatabaseOrBuilder()

Database associated with the finding.

.google.cloud.securitycenter.v1.Database database = 44;

Returns
TypeDescription
DatabaseOrBuilder

getDefaultInstanceForType()

public Finding getDefaultInstanceForType()
Returns
TypeDescription
Finding

getDescription()

public String getDescription()

Contains more details about the finding.

string description = 37;

Returns
TypeDescription
String

The description.

getDescriptionBytes()

public ByteString getDescriptionBytes()

Contains more details about the finding.

string description = 37;

Returns
TypeDescription
ByteString

The bytes for description.

getEventTime()

public Timestamp getEventTime()

The time the finding was first detected. If an existing finding is updated, then this is the time the update occurred. For example, if the finding represents an open firewall, this property captures the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding is later resolved, then this time reflects when the finding was resolved. This must not be set to a value greater than the current timestamp.

.google.protobuf.Timestamp event_time = 9;

Returns
TypeDescription
Timestamp

The eventTime.

getEventTimeOrBuilder()

public TimestampOrBuilder getEventTimeOrBuilder()

The time the finding was first detected. If an existing finding is updated, then this is the time the update occurred. For example, if the finding represents an open firewall, this property captures the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding is later resolved, then this time reflects when the finding was resolved. This must not be set to a value greater than the current timestamp.

.google.protobuf.Timestamp event_time = 9;

Returns
TypeDescription
TimestampOrBuilder

getExfiltration()

public Exfiltration getExfiltration()

Represents exfiltrations associated with the finding.

.google.cloud.securitycenter.v1.Exfiltration exfiltration = 38;

Returns
TypeDescription
Exfiltration

The exfiltration.

getExfiltrationOrBuilder()

public ExfiltrationOrBuilder getExfiltrationOrBuilder()

Represents exfiltrations associated with the finding.

.google.cloud.securitycenter.v1.Exfiltration exfiltration = 38;

Returns
TypeDescription
ExfiltrationOrBuilder

getExternalSystems()

public Map<String,ExternalSystem> getExternalSystems()
Returns
TypeDescription
Map<String,ExternalSystem>

getExternalSystemsCount()

public int getExternalSystemsCount()

Output only. Third party SIEM/SOAR fields within SCC, contains external system information and external system finding fields.

map<string, .google.cloud.securitycenter.v1.ExternalSystem> external_systems = 22 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
TypeDescription
int

getExternalSystemsMap()

public Map<String,ExternalSystem> getExternalSystemsMap()

Output only. Third party SIEM/SOAR fields within SCC, contains external system information and external system finding fields.

map<string, .google.cloud.securitycenter.v1.ExternalSystem> external_systems = 22 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
TypeDescription
Map<String,ExternalSystem>

getExternalSystemsOrDefault(String key, ExternalSystem defaultValue)

public ExternalSystem getExternalSystemsOrDefault(String key, ExternalSystem defaultValue)

Output only. Third party SIEM/SOAR fields within SCC, contains external system information and external system finding fields.

map<string, .google.cloud.securitycenter.v1.ExternalSystem> external_systems = 22 [(.google.api.field_behavior) = OUTPUT_ONLY];

Parameters
NameDescription
keyString
defaultValueExternalSystem
Returns
TypeDescription
ExternalSystem

getExternalSystemsOrThrow(String key)

public ExternalSystem getExternalSystemsOrThrow(String key)

Output only. Third party SIEM/SOAR fields within SCC, contains external system information and external system finding fields.

map<string, .google.cloud.securitycenter.v1.ExternalSystem> external_systems = 22 [(.google.api.field_behavior) = OUTPUT_ONLY];

Parameter
NameDescription
keyString
Returns
TypeDescription
ExternalSystem

getExternalUri()

public String getExternalUri()

The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.

string external_uri = 6;

Returns
TypeDescription
String

The externalUri.

getExternalUriBytes()

public ByteString getExternalUriBytes()

The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.

string external_uri = 6;

Returns
TypeDescription
ByteString

The bytes for externalUri.

getFiles(int index)

public File getFiles(int index)

File associated with the finding.

repeated .google.cloud.securitycenter.v1.File files = 46;

Parameter
NameDescription
indexint
Returns
TypeDescription
File

getFilesCount()

public int getFilesCount()

File associated with the finding.

repeated .google.cloud.securitycenter.v1.File files = 46;

Returns
TypeDescription
int

getFilesList()

public List<File> getFilesList()

File associated with the finding.

repeated .google.cloud.securitycenter.v1.File files = 46;

Returns
TypeDescription
List<File>

getFilesOrBuilder(int index)

public FileOrBuilder getFilesOrBuilder(int index)

File associated with the finding.

repeated .google.cloud.securitycenter.v1.File files = 46;

Parameter
NameDescription
indexint
Returns
TypeDescription
FileOrBuilder

getFilesOrBuilderList()

public List<? extends FileOrBuilder> getFilesOrBuilderList()

File associated with the finding.

repeated .google.cloud.securitycenter.v1.File files = 46;

Returns
TypeDescription
List<? extends com.google.cloud.securitycenter.v1.FileOrBuilder>

getFindingClass()

public Finding.FindingClass getFindingClass()

The class of the finding.

.google.cloud.securitycenter.v1.Finding.FindingClass finding_class = 17;

Returns
TypeDescription
Finding.FindingClass

The findingClass.

getFindingClassValue()

public int getFindingClassValue()

The class of the finding.

.google.cloud.securitycenter.v1.Finding.FindingClass finding_class = 17;

Returns
TypeDescription
int

The enum numeric value on the wire for findingClass.

getIamBindings(int index)

public IamBinding getIamBindings(int index)

Represents IAM bindings associated with the finding.

repeated .google.cloud.securitycenter.v1.IamBinding iam_bindings = 39;

Parameter
NameDescription
indexint
Returns
TypeDescription
IamBinding

getIamBindingsCount()

public int getIamBindingsCount()

Represents IAM bindings associated with the finding.

repeated .google.cloud.securitycenter.v1.IamBinding iam_bindings = 39;

Returns
TypeDescription
int

getIamBindingsList()

public List<IamBinding> getIamBindingsList()

Represents IAM bindings associated with the finding.

repeated .google.cloud.securitycenter.v1.IamBinding iam_bindings = 39;

Returns
TypeDescription
List<IamBinding>

getIamBindingsOrBuilder(int index)

public IamBindingOrBuilder getIamBindingsOrBuilder(int index)

Represents IAM bindings associated with the finding.

repeated .google.cloud.securitycenter.v1.IamBinding iam_bindings = 39;

Parameter
NameDescription
indexint
Returns
TypeDescription
IamBindingOrBuilder

getIamBindingsOrBuilderList()

public List<? extends IamBindingOrBuilder> getIamBindingsOrBuilderList()

Represents IAM bindings associated with the finding.

repeated .google.cloud.securitycenter.v1.IamBinding iam_bindings = 39;

Returns
TypeDescription
List<? extends com.google.cloud.securitycenter.v1.IamBindingOrBuilder>

getIndicator()

public Indicator getIndicator()

Represents what's commonly known as an indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. For more information, see Indicator of compromise.

.google.cloud.securitycenter.v1.Indicator indicator = 18;

Returns
TypeDescription
Indicator

The indicator.

getIndicatorOrBuilder()

public IndicatorOrBuilder getIndicatorOrBuilder()

Represents what's commonly known as an indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. For more information, see Indicator of compromise.

.google.cloud.securitycenter.v1.Indicator indicator = 18;

Returns
TypeDescription
IndicatorOrBuilder

getKernelRootkit()

public KernelRootkit getKernelRootkit()

Signature of the kernel rootkit.

.google.cloud.securitycenter.v1.KernelRootkit kernel_rootkit = 50;

Returns
TypeDescription
KernelRootkit

The kernelRootkit.

getKernelRootkitOrBuilder()

public KernelRootkitOrBuilder getKernelRootkitOrBuilder()

Signature of the kernel rootkit.

.google.cloud.securitycenter.v1.KernelRootkit kernel_rootkit = 50;

Returns
TypeDescription
KernelRootkitOrBuilder

getKubernetes()

public Kubernetes getKubernetes()

Kubernetes resources associated with the finding.

.google.cloud.securitycenter.v1.Kubernetes kubernetes = 43;

Returns
TypeDescription
Kubernetes

The kubernetes.

getKubernetesOrBuilder()

public KubernetesOrBuilder getKubernetesOrBuilder()

Kubernetes resources associated with the finding.

.google.cloud.securitycenter.v1.Kubernetes kubernetes = 43;

Returns
TypeDescription
KubernetesOrBuilder

getMitreAttack()

public MitreAttack getMitreAttack()

MITRE ATT&CK tactics and techniques related to this finding. See: https://attack.mitre.org

.google.cloud.securitycenter.v1.MitreAttack mitre_attack = 25;

Returns
TypeDescription
MitreAttack

The mitreAttack.

getMitreAttackOrBuilder()

public MitreAttackOrBuilder getMitreAttackOrBuilder()

MITRE ATT&CK tactics and techniques related to this finding. See: https://attack.mitre.org

.google.cloud.securitycenter.v1.MitreAttack mitre_attack = 25;

Returns
TypeDescription
MitreAttackOrBuilder

getModuleName()

public String getModuleName()

Unique identifier of the module which generated the finding. Example: folders/598186756061/securityHealthAnalyticsSettings/customModules/56799441161885

string module_name = 41;

Returns
TypeDescription
String

The moduleName.

getModuleNameBytes()

public ByteString getModuleNameBytes()

Unique identifier of the module which generated the finding. Example: folders/598186756061/securityHealthAnalyticsSettings/customModules/56799441161885

string module_name = 41;

Returns
TypeDescription
ByteString

The bytes for moduleName.

getMute()

public Finding.Mute getMute()

Indicates the mute state of a finding (either muted, unmuted or undefined). Unlike other attributes of a finding, a finding provider shouldn't set the value of mute.

.google.cloud.securitycenter.v1.Finding.Mute mute = 15;

Returns
TypeDescription
Finding.Mute

The mute.

getMuteInitiator()

public String getMuteInitiator()

Records additional information about the mute operation, for example, the mute configuration that muted the finding and the user who muted the finding.

string mute_initiator = 28;

Returns
TypeDescription
String

The muteInitiator.

getMuteInitiatorBytes()

public ByteString getMuteInitiatorBytes()

Records additional information about the mute operation, for example, the mute configuration that muted the finding and the user who muted the finding.

string mute_initiator = 28;

Returns
TypeDescription
ByteString

The bytes for muteInitiator.

getMuteUpdateTime()

public Timestamp getMuteUpdateTime()

Output only. The most recent time this finding was muted or unmuted.

.google.protobuf.Timestamp mute_update_time = 21 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
TypeDescription
Timestamp

The muteUpdateTime.

getMuteUpdateTimeOrBuilder()

public TimestampOrBuilder getMuteUpdateTimeOrBuilder()

Output only. The most recent time this finding was muted or unmuted.

.google.protobuf.Timestamp mute_update_time = 21 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
TypeDescription
TimestampOrBuilder

getMuteValue()

public int getMuteValue()

Indicates the mute state of a finding (either muted, unmuted or undefined). Unlike other attributes of a finding, a finding provider shouldn't set the value of mute.

.google.cloud.securitycenter.v1.Finding.Mute mute = 15;

Returns
TypeDescription
int

The enum numeric value on the wire for mute.

getName()

public String getName()

The relative resource name of the finding. Example: "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", "folders/{folder_id}/sources/{source_id}/findings/{finding_id}", "projects/{project_id}/sources/{source_id}/findings/{finding_id}".

string name = 1;

Returns
TypeDescription
String

The name.

getNameBytes()

public ByteString getNameBytes()

The relative resource name of the finding. Example: "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", "folders/{folder_id}/sources/{source_id}/findings/{finding_id}", "projects/{project_id}/sources/{source_id}/findings/{finding_id}".

string name = 1;

Returns
TypeDescription
ByteString

The bytes for name.

getNextSteps()

public String getNextSteps()

Steps to address the finding.

string next_steps = 40;

Returns
TypeDescription
String

The nextSteps.

getNextStepsBytes()

public ByteString getNextStepsBytes()

Steps to address the finding.

string next_steps = 40;

Returns
TypeDescription
ByteString

The bytes for nextSteps.

getParent()

public String getParent()

The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: "organizations/{organization_id}/sources/{source_id}"

string parent = 2;

Returns
TypeDescription
String

The parent.

getParentBytes()

public ByteString getParentBytes()

The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: "organizations/{organization_id}/sources/{source_id}"

string parent = 2;

Returns
TypeDescription
ByteString

The bytes for parent.

getParentDisplayName()

public String getParentDisplayName()

Output only. The human readable display name of the finding source such as "Event Threat Detection" or "Security Health Analytics".

string parent_display_name = 36 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
TypeDescription
String

The parentDisplayName.

getParentDisplayNameBytes()

public ByteString getParentDisplayNameBytes()

Output only. The human readable display name of the finding source such as "Event Threat Detection" or "Security Health Analytics".

string parent_display_name = 36 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
TypeDescription
ByteString

The bytes for parentDisplayName.

getParserForType()

public Parser<Finding> getParserForType()
Returns
TypeDescription
Parser<Finding>
Overrides

getProcesses(int index)

public Process getProcesses(int index)

Represents operating system processes associated with the Finding.

repeated .google.cloud.securitycenter.v1.Process processes = 30;

Parameter
NameDescription
indexint
Returns
TypeDescription
Process

getProcessesCount()

public int getProcessesCount()

Represents operating system processes associated with the Finding.

repeated .google.cloud.securitycenter.v1.Process processes = 30;

Returns
TypeDescription
int

getProcessesList()

public List<Process> getProcessesList()

Represents operating system processes associated with the Finding.

repeated .google.cloud.securitycenter.v1.Process processes = 30;

Returns
TypeDescription
List<Process>

getProcessesOrBuilder(int index)

public ProcessOrBuilder getProcessesOrBuilder(int index)

Represents operating system processes associated with the Finding.

repeated .google.cloud.securitycenter.v1.Process processes = 30;

Parameter
NameDescription
indexint
Returns
TypeDescription
ProcessOrBuilder

getProcessesOrBuilderList()

public List<? extends ProcessOrBuilder> getProcessesOrBuilderList()

Represents operating system processes associated with the Finding.

repeated .google.cloud.securitycenter.v1.Process processes = 30;

Returns
TypeDescription
List<? extends com.google.cloud.securitycenter.v1.ProcessOrBuilder>

getResourceName()

public String getResourceName()

For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.

string resource_name = 3;

Returns
TypeDescription
String

The resourceName.

getResourceNameBytes()

public ByteString getResourceNameBytes()

For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.

string resource_name = 3;

Returns
TypeDescription
ByteString

The bytes for resourceName.

getSecurityMarks()

public SecurityMarks getSecurityMarks()

Output only. User specified security marks. These marks are entirely managed by the user and come from the SecurityMarks resource that belongs to the finding.

.google.cloud.securitycenter.v1.SecurityMarks security_marks = 8 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
TypeDescription
SecurityMarks

The securityMarks.

getSecurityMarksOrBuilder()

public SecurityMarksOrBuilder getSecurityMarksOrBuilder()

Output only. User specified security marks. These marks are entirely managed by the user and come from the SecurityMarks resource that belongs to the finding.

.google.cloud.securitycenter.v1.SecurityMarks security_marks = 8 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
TypeDescription
SecurityMarksOrBuilder

getSerializedSize()

public int getSerializedSize()
Returns
TypeDescription
int
Overrides

getSeverity()

public Finding.Severity getSeverity()

The severity of the finding. This field is managed by the source that writes the finding.

.google.cloud.securitycenter.v1.Finding.Severity severity = 12;

Returns
TypeDescription
Finding.Severity

The severity.

getSeverityValue()

public int getSeverityValue()

The severity of the finding. This field is managed by the source that writes the finding.

.google.cloud.securitycenter.v1.Finding.Severity severity = 12;

Returns
TypeDescription
int

The enum numeric value on the wire for severity.

getSourceProperties()

public Map<String,Value> getSourceProperties()
Returns
TypeDescription
Map<String,Value>

getSourcePropertiesCount()

public int getSourcePropertiesCount()

Source specific properties. These properties are managed by the source that writes the finding. The key names in the source_properties map must be between 1 and 255 characters, and must start with a letter and contain alphanumeric characters or underscores only.

map<string, .google.protobuf.Value> source_properties = 7;

Returns
TypeDescription
int

getSourcePropertiesMap()

public Map<String,Value> getSourcePropertiesMap()

Source specific properties. These properties are managed by the source that writes the finding. The key names in the source_properties map must be between 1 and 255 characters, and must start with a letter and contain alphanumeric characters or underscores only.

map<string, .google.protobuf.Value> source_properties = 7;

Returns
TypeDescription
Map<String,Value>

getSourcePropertiesOrDefault(String key, Value defaultValue)

public Value getSourcePropertiesOrDefault(String key, Value defaultValue)

Source specific properties. These properties are managed by the source that writes the finding. The key names in the source_properties map must be between 1 and 255 characters, and must start with a letter and contain alphanumeric characters or underscores only.

map<string, .google.protobuf.Value> source_properties = 7;

Parameters
NameDescription
keyString
defaultValueValue
Returns
TypeDescription
Value

getSourcePropertiesOrThrow(String key)

public Value getSourcePropertiesOrThrow(String key)

Source specific properties. These properties are managed by the source that writes the finding. The key names in the source_properties map must be between 1 and 255 characters, and must start with a letter and contain alphanumeric characters or underscores only.

map<string, .google.protobuf.Value> source_properties = 7;

Parameter
NameDescription
keyString
Returns
TypeDescription
Value

getState()

public Finding.State getState()

The state of the finding.

.google.cloud.securitycenter.v1.Finding.State state = 4;

Returns
TypeDescription
Finding.State

The state.

getStateValue()

public int getStateValue()

The state of the finding.

.google.cloud.securitycenter.v1.Finding.State state = 4;

Returns
TypeDescription
int

The enum numeric value on the wire for state.

getVulnerability()

public Vulnerability getVulnerability()

Represents vulnerability-specific fields like CVE and CVSS scores. CVE stands for Common Vulnerabilities and Exposures (https://cve.mitre.org/about/)

.google.cloud.securitycenter.v1.Vulnerability vulnerability = 20;

Returns
TypeDescription
Vulnerability

The vulnerability.

getVulnerabilityOrBuilder()

public VulnerabilityOrBuilder getVulnerabilityOrBuilder()

Represents vulnerability-specific fields like CVE and CVSS scores. CVE stands for Common Vulnerabilities and Exposures (https://cve.mitre.org/about/)

.google.cloud.securitycenter.v1.Vulnerability vulnerability = 20;

Returns
TypeDescription
VulnerabilityOrBuilder

hasAccess()

public boolean hasAccess()

Access details associated with the finding, such as more information on the caller, which method was accessed, and from where.

.google.cloud.securitycenter.v1.Access access = 26;

Returns
TypeDescription
boolean

Whether the access field is set.

hasCloudDlpDataProfile()

public boolean hasCloudDlpDataProfile()

Cloud DLP data profile that is associated with the finding.

.google.cloud.securitycenter.v1.CloudDlpDataProfile cloud_dlp_data_profile = 49;

Returns
TypeDescription
boolean

Whether the cloudDlpDataProfile field is set.

hasCloudDlpInspection()

public boolean hasCloudDlpInspection()

Cloud Data Loss Prevention (Cloud DLP) inspection results that are associated with the finding.

.google.cloud.securitycenter.v1.CloudDlpInspection cloud_dlp_inspection = 48;

Returns
TypeDescription
boolean

Whether the cloudDlpInspection field is set.

hasCreateTime()

public boolean hasCreateTime()

The time at which the finding was created in Security Command Center.

.google.protobuf.Timestamp create_time = 10;

Returns
TypeDescription
boolean

Whether the createTime field is set.

hasDatabase()

public boolean hasDatabase()

Database associated with the finding.

.google.cloud.securitycenter.v1.Database database = 44;

Returns
TypeDescription
boolean

Whether the database field is set.

hasEventTime()

public boolean hasEventTime()

The time the finding was first detected. If an existing finding is updated, then this is the time the update occurred. For example, if the finding represents an open firewall, this property captures the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding is later resolved, then this time reflects when the finding was resolved. This must not be set to a value greater than the current timestamp.

.google.protobuf.Timestamp event_time = 9;

Returns
TypeDescription
boolean

Whether the eventTime field is set.

hasExfiltration()

public boolean hasExfiltration()

Represents exfiltrations associated with the finding.

.google.cloud.securitycenter.v1.Exfiltration exfiltration = 38;

Returns
TypeDescription
boolean

Whether the exfiltration field is set.

hasIndicator()

public boolean hasIndicator()

Represents what's commonly known as an indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. For more information, see Indicator of compromise.

.google.cloud.securitycenter.v1.Indicator indicator = 18;

Returns
TypeDescription
boolean

Whether the indicator field is set.

hasKernelRootkit()

public boolean hasKernelRootkit()

Signature of the kernel rootkit.

.google.cloud.securitycenter.v1.KernelRootkit kernel_rootkit = 50;

Returns
TypeDescription
boolean

Whether the kernelRootkit field is set.

hasKubernetes()

public boolean hasKubernetes()

Kubernetes resources associated with the finding.

.google.cloud.securitycenter.v1.Kubernetes kubernetes = 43;

Returns
TypeDescription
boolean

Whether the kubernetes field is set.

hasMitreAttack()

public boolean hasMitreAttack()

MITRE ATT&CK tactics and techniques related to this finding. See: https://attack.mitre.org

.google.cloud.securitycenter.v1.MitreAttack mitre_attack = 25;

Returns
TypeDescription
boolean

Whether the mitreAttack field is set.

hasMuteUpdateTime()

public boolean hasMuteUpdateTime()

Output only. The most recent time this finding was muted or unmuted.

.google.protobuf.Timestamp mute_update_time = 21 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
TypeDescription
boolean

Whether the muteUpdateTime field is set.

hasSecurityMarks()

public boolean hasSecurityMarks()

Output only. User specified security marks. These marks are entirely managed by the user and come from the SecurityMarks resource that belongs to the finding.

.google.cloud.securitycenter.v1.SecurityMarks security_marks = 8 [(.google.api.field_behavior) = OUTPUT_ONLY];

Returns
TypeDescription
boolean

Whether the securityMarks field is set.

hasVulnerability()

public boolean hasVulnerability()

Represents vulnerability-specific fields like CVE and CVSS scores. CVE stands for Common Vulnerabilities and Exposures (https://cve.mitre.org/about/)

.google.cloud.securitycenter.v1.Vulnerability vulnerability = 20;

Returns
TypeDescription
boolean

Whether the vulnerability field is set.

hashCode()

public int hashCode()
Returns
TypeDescription
int
Overrides

internalGetFieldAccessorTable()

protected GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()
Returns
TypeDescription
FieldAccessorTable
Overrides

internalGetMapField(int number)

protected MapField internalGetMapField(int number)
Parameter
NameDescription
numberint
Returns
TypeDescription
MapField
Overrides

isInitialized()

public final boolean isInitialized()
Returns
TypeDescription
boolean
Overrides

newBuilderForType()

public Finding.Builder newBuilderForType()
Returns
TypeDescription
Finding.Builder

newBuilderForType(GeneratedMessageV3.BuilderParent parent)

protected Finding.Builder newBuilderForType(GeneratedMessageV3.BuilderParent parent)
Parameter
NameDescription
parentBuilderParent
Returns
TypeDescription
Finding.Builder
Overrides

newInstance(GeneratedMessageV3.UnusedPrivateParameter unused)

protected Object newInstance(GeneratedMessageV3.UnusedPrivateParameter unused)
Parameter
NameDescription
unusedUnusedPrivateParameter
Returns
TypeDescription
Object
Overrides

toBuilder()

public Finding.Builder toBuilder()
Returns
TypeDescription
Finding.Builder

writeTo(CodedOutputStream output)

public void writeTo(CodedOutputStream output)
Parameter
NameDescription
outputCodedOutputStream
Overrides
Exceptions
TypeDescription
IOException