Cloud Security Command Center V1 API - Class Google::Cloud::SecurityCenter::V1::Finding (v0.41.0)

Reference documentation and code samples for the Cloud Security Command Center V1 API class Google::Cloud::SecurityCenter::V1::Finding.

Security Command Center finding.

A finding is a record of assessment data like security, risk, health, or privacy, that is ingested into Security Command Center for presentation, notification, analysis, policy testing, and enforcement. For example, a cross-site scripting (XSS) vulnerability in an App Engine application is a finding.

Inherits

Extended By

  • Google::Protobuf::MessageExts::ClassMethods

Includes

  • Google::Protobuf::MessageExts

Methods

#access

def access() -> ::Google::Cloud::SecurityCenter::V1::Access
Returns

#access=

def access=(value) -> ::Google::Cloud::SecurityCenter::V1::Access
Parameter
Returns

#application

def application() -> ::Google::Cloud::SecurityCenter::V1::Application
Returns

#application=

def application=(value) -> ::Google::Cloud::SecurityCenter::V1::Application
Parameter
Returns

#backup_disaster_recovery

def backup_disaster_recovery() -> ::Google::Cloud::SecurityCenter::V1::BackupDisasterRecovery
Returns

#backup_disaster_recovery=

def backup_disaster_recovery=(value) -> ::Google::Cloud::SecurityCenter::V1::BackupDisasterRecovery
Parameter
Returns

#canonical_name

def canonical_name() -> ::String
Returns
  • (::String) — The canonical name of the finding. It's either "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", "folders/{folder_id}/sources/{source_id}/findings/{finding_id}" or "projects/{project_number}/sources/{source_id}/findings/{finding_id}", depending on the closest CRM ancestor of the resource associated with the finding.

#canonical_name=

def canonical_name=(value) -> ::String
Parameter
  • value (::String) — The canonical name of the finding. It's either "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", "folders/{folder_id}/sources/{source_id}/findings/{finding_id}" or "projects/{project_number}/sources/{source_id}/findings/{finding_id}", depending on the closest CRM ancestor of the resource associated with the finding.
Returns
  • (::String) — The canonical name of the finding. It's either "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", "folders/{folder_id}/sources/{source_id}/findings/{finding_id}" or "projects/{project_number}/sources/{source_id}/findings/{finding_id}", depending on the closest CRM ancestor of the resource associated with the finding.

#category

def category() -> ::String
Returns
  • (::String) — The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: "XSS_FLASH_INJECTION"

#category=

def category=(value) -> ::String
Parameter
  • value (::String) — The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: "XSS_FLASH_INJECTION"
Returns
  • (::String) — The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: "XSS_FLASH_INJECTION"

#cloud_armor

def cloud_armor() -> ::Google::Cloud::SecurityCenter::V1::CloudArmor
Returns

#cloud_armor=

def cloud_armor=(value) -> ::Google::Cloud::SecurityCenter::V1::CloudArmor
Parameter
Returns

#cloud_dlp_data_profile

def cloud_dlp_data_profile() -> ::Google::Cloud::SecurityCenter::V1::CloudDlpDataProfile
Returns

#cloud_dlp_data_profile=

def cloud_dlp_data_profile=(value) -> ::Google::Cloud::SecurityCenter::V1::CloudDlpDataProfile
Parameter
Returns

#cloud_dlp_inspection

def cloud_dlp_inspection() -> ::Google::Cloud::SecurityCenter::V1::CloudDlpInspection
Returns

#cloud_dlp_inspection=

def cloud_dlp_inspection=(value) -> ::Google::Cloud::SecurityCenter::V1::CloudDlpInspection
Parameter
Returns

#compliances

def compliances() -> ::Array<::Google::Cloud::SecurityCenter::V1::Compliance>
Returns

#compliances=

def compliances=(value) -> ::Array<::Google::Cloud::SecurityCenter::V1::Compliance>
Parameter
Returns

#connections

def connections() -> ::Array<::Google::Cloud::SecurityCenter::V1::Connection>
Returns

#connections=

def connections=(value) -> ::Array<::Google::Cloud::SecurityCenter::V1::Connection>
Parameter
Returns

#contacts

def contacts() -> ::Google::Protobuf::Map{::String => ::Google::Cloud::SecurityCenter::V1::ContactDetails}
Returns
  • (::Google::Protobuf::Map{::String => ::Google::Cloud::SecurityCenter::V1::ContactDetails}) —

    Output only. Map containing the points of contact for the given finding. The key represents the type of contact, while the value contains a list of all the contacts that pertain. Please refer to: https://cloud.google.com/resource-manager/docs/managing-notification-contacts#notification-categories

    {
      "security": {
        "contacts": [
          {
            "email": "person1@company.com"
          },
          {
            "email": "person2@company.com"
          }
        ]
      }
    }
    

#containers

def containers() -> ::Array<::Google::Cloud::SecurityCenter::V1::Container>
Returns

#containers=

def containers=(value) -> ::Array<::Google::Cloud::SecurityCenter::V1::Container>
Parameter
Returns

#create_time

def create_time() -> ::Google::Protobuf::Timestamp
Returns

#create_time=

def create_time=(value) -> ::Google::Protobuf::Timestamp
Parameter
Returns

#database

def database() -> ::Google::Cloud::SecurityCenter::V1::Database
Returns

#database=

def database=(value) -> ::Google::Cloud::SecurityCenter::V1::Database
Parameter
Returns

#description

def description() -> ::String
Returns
  • (::String) — Contains more details about the finding.

#description=

def description=(value) -> ::String
Parameter
  • value (::String) — Contains more details about the finding.
Returns
  • (::String) — Contains more details about the finding.

#event_time

def event_time() -> ::Google::Protobuf::Timestamp
Returns
  • (::Google::Protobuf::Timestamp) — The time the finding was first detected. If an existing finding is updated, then this is the time the update occurred. For example, if the finding represents an open firewall, this property captures the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding is later resolved, then this time reflects when the finding was resolved. This must not be set to a value greater than the current timestamp.

#event_time=

def event_time=(value) -> ::Google::Protobuf::Timestamp
Parameter
  • value (::Google::Protobuf::Timestamp) — The time the finding was first detected. If an existing finding is updated, then this is the time the update occurred. For example, if the finding represents an open firewall, this property captures the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding is later resolved, then this time reflects when the finding was resolved. This must not be set to a value greater than the current timestamp.
Returns
  • (::Google::Protobuf::Timestamp) — The time the finding was first detected. If an existing finding is updated, then this is the time the update occurred. For example, if the finding represents an open firewall, this property captures the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding is later resolved, then this time reflects when the finding was resolved. This must not be set to a value greater than the current timestamp.

#exfiltration

def exfiltration() -> ::Google::Cloud::SecurityCenter::V1::Exfiltration
Returns

#exfiltration=

def exfiltration=(value) -> ::Google::Cloud::SecurityCenter::V1::Exfiltration
Parameter
Returns

#external_systems

def external_systems() -> ::Google::Protobuf::Map{::String => ::Google::Cloud::SecurityCenter::V1::ExternalSystem}
Returns
  • (::Google::Protobuf::Map{::String => ::Google::Cloud::SecurityCenter::V1::ExternalSystem}) — Output only. Third party SIEM/SOAR fields within SCC, contains external system information and external system finding fields.

#external_uri

def external_uri() -> ::String
Returns
  • (::String) — The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.

#external_uri=

def external_uri=(value) -> ::String
Parameter
  • value (::String) — The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.
Returns
  • (::String) — The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.

#files

def files() -> ::Array<::Google::Cloud::SecurityCenter::V1::File>
Returns

#files=

def files=(value) -> ::Array<::Google::Cloud::SecurityCenter::V1::File>
Parameter
Returns

#finding_class

def finding_class() -> ::Google::Cloud::SecurityCenter::V1::Finding::FindingClass
Returns

#finding_class=

def finding_class=(value) -> ::Google::Cloud::SecurityCenter::V1::Finding::FindingClass
Parameter
Returns

#group_memberships

def group_memberships() -> ::Array<::Google::Cloud::SecurityCenter::V1::GroupMembership>
Returns
  • (::Array<::Google::Cloud::SecurityCenter::V1::GroupMembership>) — Contains details about groups of which this finding is a member. A group is a collection of findings that are related in some way. This field cannot be updated. Its value is ignored in all update requests.

#group_memberships=

def group_memberships=(value) -> ::Array<::Google::Cloud::SecurityCenter::V1::GroupMembership>
Parameter
  • value (::Array<::Google::Cloud::SecurityCenter::V1::GroupMembership>) — Contains details about groups of which this finding is a member. A group is a collection of findings that are related in some way. This field cannot be updated. Its value is ignored in all update requests.
Returns
  • (::Array<::Google::Cloud::SecurityCenter::V1::GroupMembership>) — Contains details about groups of which this finding is a member. A group is a collection of findings that are related in some way. This field cannot be updated. Its value is ignored in all update requests.

#iam_bindings

def iam_bindings() -> ::Array<::Google::Cloud::SecurityCenter::V1::IamBinding>
Returns

#iam_bindings=

def iam_bindings=(value) -> ::Array<::Google::Cloud::SecurityCenter::V1::IamBinding>
Parameter
Returns

#indicator

def indicator() -> ::Google::Cloud::SecurityCenter::V1::Indicator
Returns

#indicator=

def indicator=(value) -> ::Google::Cloud::SecurityCenter::V1::Indicator
Parameter
Returns

#kernel_rootkit

def kernel_rootkit() -> ::Google::Cloud::SecurityCenter::V1::KernelRootkit
Returns

#kernel_rootkit=

def kernel_rootkit=(value) -> ::Google::Cloud::SecurityCenter::V1::KernelRootkit
Parameter
Returns

#kubernetes

def kubernetes() -> ::Google::Cloud::SecurityCenter::V1::Kubernetes
Returns

#kubernetes=

def kubernetes=(value) -> ::Google::Cloud::SecurityCenter::V1::Kubernetes
Parameter
Returns

#load_balancers

def load_balancers() -> ::Array<::Google::Cloud::SecurityCenter::V1::LoadBalancer>
Returns

#load_balancers=

def load_balancers=(value) -> ::Array<::Google::Cloud::SecurityCenter::V1::LoadBalancer>
Parameter
Returns

#log_entries

def log_entries() -> ::Array<::Google::Cloud::SecurityCenter::V1::LogEntry>
Returns

#log_entries=

def log_entries=(value) -> ::Array<::Google::Cloud::SecurityCenter::V1::LogEntry>
Parameter
Returns

#mitre_attack

def mitre_attack() -> ::Google::Cloud::SecurityCenter::V1::MitreAttack
Returns

#mitre_attack=

def mitre_attack=(value) -> ::Google::Cloud::SecurityCenter::V1::MitreAttack
Parameter
Returns

#module_name

def module_name() -> ::String
Returns
  • (::String) — Unique identifier of the module which generated the finding. Example: folders/598186756061/securityHealthAnalyticsSettings/customModules/56799441161885

#module_name=

def module_name=(value) -> ::String
Parameter
  • value (::String) — Unique identifier of the module which generated the finding. Example: folders/598186756061/securityHealthAnalyticsSettings/customModules/56799441161885
Returns
  • (::String) — Unique identifier of the module which generated the finding. Example: folders/598186756061/securityHealthAnalyticsSettings/customModules/56799441161885

#mute

def mute() -> ::Google::Cloud::SecurityCenter::V1::Finding::Mute
Returns

#mute=

def mute=(value) -> ::Google::Cloud::SecurityCenter::V1::Finding::Mute
Parameter
Returns

#mute_initiator

def mute_initiator() -> ::String
Returns
  • (::String) — Records additional information about the mute operation, for example, the mute configuration that muted the finding and the user who muted the finding.

#mute_initiator=

def mute_initiator=(value) -> ::String
Parameter
  • value (::String) — Records additional information about the mute operation, for example, the mute configuration that muted the finding and the user who muted the finding.
Returns
  • (::String) — Records additional information about the mute operation, for example, the mute configuration that muted the finding and the user who muted the finding.

#mute_update_time

def mute_update_time() -> ::Google::Protobuf::Timestamp
Returns

#name

def name() -> ::String
Returns
  • (::String) — The relative resource name of the finding. Example: "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", "folders/{folder_id}/sources/{source_id}/findings/{finding_id}", "projects/{project_id}/sources/{source_id}/findings/{finding_id}".

#name=

def name=(value) -> ::String
Parameter
  • value (::String) — The relative resource name of the finding. Example: "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", "folders/{folder_id}/sources/{source_id}/findings/{finding_id}", "projects/{project_id}/sources/{source_id}/findings/{finding_id}".
Returns
  • (::String) — The relative resource name of the finding. Example: "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", "folders/{folder_id}/sources/{source_id}/findings/{finding_id}", "projects/{project_id}/sources/{source_id}/findings/{finding_id}".

#next_steps

def next_steps() -> ::String
Returns
  • (::String) — Steps to address the finding.

#next_steps=

def next_steps=(value) -> ::String
Parameter
  • value (::String) — Steps to address the finding.
Returns
  • (::String) — Steps to address the finding.

#notebook

def notebook() -> ::Google::Cloud::SecurityCenter::V1::Notebook
Returns

#notebook=

def notebook=(value) -> ::Google::Cloud::SecurityCenter::V1::Notebook
Parameter
Returns

#org_policies

def org_policies() -> ::Array<::Google::Cloud::SecurityCenter::V1::OrgPolicy>
Returns

#org_policies=

def org_policies=(value) -> ::Array<::Google::Cloud::SecurityCenter::V1::OrgPolicy>
Parameter
Returns

#parent

def parent() -> ::String
Returns
  • (::String) — The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: "organizations/{organization_id}/sources/{source_id}"

#parent=

def parent=(value) -> ::String
Parameter
  • value (::String) — The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: "organizations/{organization_id}/sources/{source_id}"
Returns
  • (::String) — The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: "organizations/{organization_id}/sources/{source_id}"

#parent_display_name

def parent_display_name() -> ::String
Returns
  • (::String) — Output only. The human readable display name of the finding source such as "Event Threat Detection" or "Security Health Analytics".

#processes

def processes() -> ::Array<::Google::Cloud::SecurityCenter::V1::Process>
Returns

#processes=

def processes=(value) -> ::Array<::Google::Cloud::SecurityCenter::V1::Process>
Parameter
Returns

#resource_name

def resource_name() -> ::String
Returns
  • (::String) — For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.

#resource_name=

def resource_name=(value) -> ::String
Parameter
  • value (::String) — For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.
Returns
  • (::String) — For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.

#security_marks

def security_marks() -> ::Google::Cloud::SecurityCenter::V1::SecurityMarks
Returns

#security_posture

def security_posture() -> ::Google::Cloud::SecurityCenter::V1::SecurityPosture
Returns

#security_posture=

def security_posture=(value) -> ::Google::Cloud::SecurityCenter::V1::SecurityPosture
Parameter
Returns

#severity

def severity() -> ::Google::Cloud::SecurityCenter::V1::Finding::Severity
Returns

#severity=

def severity=(value) -> ::Google::Cloud::SecurityCenter::V1::Finding::Severity
Parameter
Returns

#source_properties

def source_properties() -> ::Google::Protobuf::Map{::String => ::Google::Protobuf::Value}
Returns
  • (::Google::Protobuf::Map{::String => ::Google::Protobuf::Value}) — Source specific properties. These properties are managed by the source that writes the finding. The key names in the source_properties map must be between 1 and 255 characters, and must start with a letter and contain alphanumeric characters or underscores only.

#source_properties=

def source_properties=(value) -> ::Google::Protobuf::Map{::String => ::Google::Protobuf::Value}
Parameter
  • value (::Google::Protobuf::Map{::String => ::Google::Protobuf::Value}) — Source specific properties. These properties are managed by the source that writes the finding. The key names in the source_properties map must be between 1 and 255 characters, and must start with a letter and contain alphanumeric characters or underscores only.
Returns
  • (::Google::Protobuf::Map{::String => ::Google::Protobuf::Value}) — Source specific properties. These properties are managed by the source that writes the finding. The key names in the source_properties map must be between 1 and 255 characters, and must start with a letter and contain alphanumeric characters or underscores only.

#state

def state() -> ::Google::Cloud::SecurityCenter::V1::Finding::State
Returns

#state=

def state=(value) -> ::Google::Cloud::SecurityCenter::V1::Finding::State
Parameter
Returns

#toxic_combination

def toxic_combination() -> ::Google::Cloud::SecurityCenter::V1::ToxicCombination
Returns
  • (::Google::Cloud::SecurityCenter::V1::ToxicCombination) — Contains details about a group of security issues that, when the issues occur together, represent a greater risk than when the issues occur independently. A group of such issues is referred to as a toxic combination. This field cannot be updated. Its value is ignored in all update requests.

#toxic_combination=

def toxic_combination=(value) -> ::Google::Cloud::SecurityCenter::V1::ToxicCombination
Parameter
  • value (::Google::Cloud::SecurityCenter::V1::ToxicCombination) — Contains details about a group of security issues that, when the issues occur together, represent a greater risk than when the issues occur independently. A group of such issues is referred to as a toxic combination. This field cannot be updated. Its value is ignored in all update requests.
Returns
  • (::Google::Cloud::SecurityCenter::V1::ToxicCombination) — Contains details about a group of security issues that, when the issues occur together, represent a greater risk than when the issues occur independently. A group of such issues is referred to as a toxic combination. This field cannot be updated. Its value is ignored in all update requests.

#vulnerability

def vulnerability() -> ::Google::Cloud::SecurityCenter::V1::Vulnerability
Returns

#vulnerability=

def vulnerability=(value) -> ::Google::Cloud::SecurityCenter::V1::Vulnerability
Parameter
Returns