Class Google::Cloud::SecurityCenter::V1::Finding (v0.11.1)

Security Command Center finding.

A finding is a record of assessment data like security, risk, health, or privacy, that is ingested into Security Command Center for presentation, notification, analysis, policy testing, and enforcement. For example, a cross-site scripting (XSS) vulnerability in an App Engine application is a finding.

Inherits

  • Object

Extended By

  • Google::Protobuf::MessageExts::ClassMethods

Includes

  • Google::Protobuf::MessageExts

Methods

#canonical_name

def canonical_name() -> ::String
Returns
  • (::String) — The canonical name of the finding. It's either "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", "folders/{folder_id}/sources/{source_id}/findings/{finding_id}" or "projects/{project_number}/sources/{source_id}/findings/{finding_id}", depending on the closest CRM ancestor of the resource associated with the finding.

#canonical_name=

def canonical_name=(value) -> ::String
Parameter
  • value (::String) — The canonical name of the finding. It's either "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", "folders/{folder_id}/sources/{source_id}/findings/{finding_id}" or "projects/{project_number}/sources/{source_id}/findings/{finding_id}", depending on the closest CRM ancestor of the resource associated with the finding.
Returns
  • (::String) — The canonical name of the finding. It's either "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}", "folders/{folder_id}/sources/{source_id}/findings/{finding_id}" or "projects/{project_number}/sources/{source_id}/findings/{finding_id}", depending on the closest CRM ancestor of the resource associated with the finding.

#category

def category() -> ::String
Returns
  • (::String) — The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: "XSS_FLASH_INJECTION"

#category=

def category=(value) -> ::String
Parameter
  • value (::String) — The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: "XSS_FLASH_INJECTION"
Returns
  • (::String) — The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: "XSS_FLASH_INJECTION"

#create_time

def create_time() -> ::Google::Protobuf::Timestamp
Returns

#create_time=

def create_time=(value) -> ::Google::Protobuf::Timestamp
Parameter
Returns

#event_time

def event_time() -> ::Google::Protobuf::Timestamp
Returns
  • (::Google::Protobuf::Timestamp) — The time at which the event took place, or when an update to the finding occurred. For example, if the finding represents an open firewall it would capture the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding were to be resolved afterward, this time would reflect when the finding was resolved. Must not be set to a value greater than the current timestamp.

#event_time=

def event_time=(value) -> ::Google::Protobuf::Timestamp
Parameter
  • value (::Google::Protobuf::Timestamp) — The time at which the event took place, or when an update to the finding occurred. For example, if the finding represents an open firewall it would capture the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding were to be resolved afterward, this time would reflect when the finding was resolved. Must not be set to a value greater than the current timestamp.
Returns
  • (::Google::Protobuf::Timestamp) — The time at which the event took place, or when an update to the finding occurred. For example, if the finding represents an open firewall it would capture the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding were to be resolved afterward, this time would reflect when the finding was resolved. Must not be set to a value greater than the current timestamp.

#external_systems

def external_systems() -> ::Google::Protobuf::Map{::String => ::Google::Cloud::SecurityCenter::V1::ExternalSystem}
Returns
  • (::Google::Protobuf::Map{::String => ::Google::Cloud::SecurityCenter::V1::ExternalSystem}) — Output only. Third party SIEM/SOAR fields within SCC, contains external system information and external system finding fields.

#external_uri

def external_uri() -> ::String
Returns
  • (::String) — The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.

#external_uri=

def external_uri=(value) -> ::String
Parameter
  • value (::String) — The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.
Returns
  • (::String) — The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.

#finding_class

def finding_class() -> ::Google::Cloud::SecurityCenter::V1::Finding::FindingClass
Returns

#finding_class=

def finding_class=(value) -> ::Google::Cloud::SecurityCenter::V1::Finding::FindingClass
Parameter
Returns

#indicator

def indicator() -> ::Google::Cloud::SecurityCenter::V1::Indicator
Returns
  • (::Google::Cloud::SecurityCenter::V1::Indicator) — Represents what's commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise

#indicator=

def indicator=(value) -> ::Google::Cloud::SecurityCenter::V1::Indicator
Parameter
  • value (::Google::Cloud::SecurityCenter::V1::Indicator) — Represents what's commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise
Returns
  • (::Google::Cloud::SecurityCenter::V1::Indicator) — Represents what's commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise

#mute

def mute() -> ::Google::Cloud::SecurityCenter::V1::Finding::Mute
Returns

#mute=

def mute=(value) -> ::Google::Cloud::SecurityCenter::V1::Finding::Mute
Parameter
Returns

#mute_initiator

def mute_initiator() -> ::String
Returns
  • (::String) — First known as mute_annotation. Records additional information about the mute operation e.g. mute config that muted the finding, user who muted the finding, etc.

#mute_initiator=

def mute_initiator=(value) -> ::String
Parameter
  • value (::String) — First known as mute_annotation. Records additional information about the mute operation e.g. mute config that muted the finding, user who muted the finding, etc.
Returns
  • (::String) — First known as mute_annotation. Records additional information about the mute operation e.g. mute config that muted the finding, user who muted the finding, etc.

#mute_update_time

def mute_update_time() -> ::Google::Protobuf::Timestamp
Returns

#name

def name() -> ::String
Returns
  • (::String) — The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}"

#name=

def name=(value) -> ::String
Parameter
  • value (::String) — The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}"
Returns
  • (::String) — The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: "organizations/{organization_id}/sources/{source_id}/findings/{finding_id}"

#parent

def parent() -> ::String
Returns
  • (::String) — The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: "organizations/{organization_id}/sources/{source_id}"

#parent=

def parent=(value) -> ::String
Parameter
  • value (::String) — The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: "organizations/{organization_id}/sources/{source_id}"
Returns
  • (::String) — The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: "organizations/{organization_id}/sources/{source_id}"

#resource_name

def resource_name() -> ::String
Returns
  • (::String) — For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.

#resource_name=

def resource_name=(value) -> ::String
Parameter
  • value (::String) — For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.
Returns
  • (::String) — For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.

#security_marks

def security_marks() -> ::Google::Cloud::SecurityCenter::V1::SecurityMarks
Returns

#severity

def severity() -> ::Google::Cloud::SecurityCenter::V1::Finding::Severity
Returns

#severity=

def severity=(value) -> ::Google::Cloud::SecurityCenter::V1::Finding::Severity
Parameter
Returns

#source_properties

def source_properties() -> ::Google::Protobuf::Map{::String => ::Google::Protobuf::Value}
Returns
  • (::Google::Protobuf::Map{::String => ::Google::Protobuf::Value}) — Source specific properties. These properties are managed by the source that writes the finding. The key names in the source_properties map must be between 1 and 255 characters, and must start with a letter and contain alphanumeric characters or underscores only.

#source_properties=

def source_properties=(value) -> ::Google::Protobuf::Map{::String => ::Google::Protobuf::Value}
Parameter
  • value (::Google::Protobuf::Map{::String => ::Google::Protobuf::Value}) — Source specific properties. These properties are managed by the source that writes the finding. The key names in the source_properties map must be between 1 and 255 characters, and must start with a letter and contain alphanumeric characters or underscores only.
Returns
  • (::Google::Protobuf::Map{::String => ::Google::Protobuf::Value}) — Source specific properties. These properties are managed by the source that writes the finding. The key names in the source_properties map must be between 1 and 255 characters, and must start with a letter and contain alphanumeric characters or underscores only.

#state

def state() -> ::Google::Cloud::SecurityCenter::V1::Finding::State
Returns

#state=

def state=(value) -> ::Google::Cloud::SecurityCenter::V1::Finding::State
Parameter
Returns

#vulnerability

def vulnerability() -> ::Google::Cloud::SecurityCenter::V1::Vulnerability
Returns

#vulnerability=

def vulnerability=(value) -> ::Google::Cloud::SecurityCenter::V1::Vulnerability
Parameter
Returns