Struct googapis::google::cloud::securitycenter::v1::Finding[][src]

pub struct Finding {
Show 19 fields
    pub name: String,
    pub parent: String,
    pub resource_name: String,
    pub state: i32,
    pub category: String,
    pub external_uri: String,
    pub source_properties: HashMap<String, Value>,
    pub security_marks: Option<SecurityMarks>,
    pub event_time: Option<Timestamp>,
    pub create_time: Option<Timestamp>,
    pub severity: i32,
    pub canonical_name: String,
    pub mute: i32,
    pub finding_class: i32,
    pub indicator: Option<Indicator>,
    pub vulnerability: Option<Vulnerability>,
    pub mute_update_time: Option<Timestamp>,
    pub external_systems: HashMap<String, ExternalSystem>,
    pub mute_initiator: String,

}
Expand description

Security Command Center finding.

A finding is a record of assessment data like security, risk, health, or privacy, that is ingested into Security Command Center for presentation, notification, analysis, policy testing, and enforcement. For example, a cross-site scripting (XSS) vulnerability in an App Engine application is a finding.

Fields

name: String

The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: “organizations/{organization_id}/sources/{source_id}/findings/{finding_id}”

parent: String

The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: “organizations/{organization_id}/sources/{source_id}”

resource_name: String

For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.

state: i32

The state of the finding.

category: String

The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: “XSS_FLASH_INJECTION”

external_uri: String

The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.

source_properties: HashMap<String, Value>

Source specific properties. These properties are managed by the source that writes the finding. The key names in the source_properties map must be between 1 and 255 characters, and must start with a letter and contain alphanumeric characters or underscores only.

security_marks: Option<SecurityMarks>

Output only. User specified security marks. These marks are entirely managed by the user and come from the SecurityMarks resource that belongs to the finding.

event_time: Option<Timestamp>

The time at which the event took place, or when an update to the finding occurred. For example, if the finding represents an open firewall it would capture the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding were to be resolved afterward, this time would reflect when the finding was resolved. Must not be set to a value greater than the current timestamp.

create_time: Option<Timestamp>

The time at which the finding was created in Security Command Center.

severity: i32

The severity of the finding. This field is managed by the source that writes the finding.

canonical_name: String

The canonical name of the finding. It’s either “organizations/{organization_id}/sources/{source_id}/findings/{finding_id}”, “folders/{folder_id}/sources/{source_id}/findings/{finding_id}” or “projects/{project_number}/sources/{source_id}/findings/{finding_id}”, depending on the closest CRM ancestor of the resource associated with the finding.

mute: i32

Indicates the mute state of a finding (either unspecified, muted, unmuted or undefined).

finding_class: i32

The class of the finding.

indicator: Option<Indicator>

Represents what’s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise

vulnerability: Option<Vulnerability>

Represents vulnerability specific fields like cve, cvss scores etc. CVE stands for Common Vulnerabilities and Exposures (https://cve.mitre.org/about/)

mute_update_time: Option<Timestamp>

Output only. The most recent time this finding was muted or unmuted.

external_systems: HashMap<String, ExternalSystem>

Output only. Third party SIEM/SOAR fields within SCC, contains external system information and external system finding fields.

mute_initiator: String

First known as mute_annotation. Records additional information about the mute operation e.g. mute config that muted the finding, user who muted the finding, etc.

Implementations

Returns the enum value of state, or the default if the field is set to an invalid enum value.

Sets state to the provided enum value.

Returns the enum value of severity, or the default if the field is set to an invalid enum value.

Sets severity to the provided enum value.

Returns the enum value of mute, or the default if the field is set to an invalid enum value.

Sets mute to the provided enum value.

Returns the enum value of finding_class, or the default if the field is set to an invalid enum value.

Sets finding_class to the provided enum value.

Trait Implementations

Returns a copy of the value. Read more

Performs copy-assignment from source. Read more

Formats the value using the given formatter. Read more

Returns the “default value” for a type. Read more

Returns the encoded length of the message without a length delimiter.

Clears the message, resetting all fields to their default.

Encodes the message to a buffer. Read more

Encodes the message to a newly allocated buffer.

Encodes the message with a length-delimiter to a buffer. Read more

Encodes the message with a length-delimiter to a newly allocated buffer.

Decodes an instance of the message from a buffer. Read more

Decodes a length-delimited instance of the message from the buffer.

Decodes an instance of the message from a buffer, and merges it into self. Read more

Decodes a length-delimited instance of the message from buffer, and merges it into self. Read more

This method tests for self and other values to be equal, and is used by ==. Read more

This method tests for !=.

Auto Trait Implementations

Blanket Implementations

Gets the TypeId of self. Read more

Immutably borrows from an owned value. Read more

Mutably borrows from an owned value. Read more

Performs the conversion.

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more

Instruments this type with the current Span, returning an Instrumented wrapper. Read more

Performs the conversion.

Wrap the input message T in a tonic::Request

The resulting type after obtaining ownership.

Creates owned data from borrowed data, usually by cloning. Read more

🔬 This is a nightly-only experimental API. (toowned_clone_into)

recently added

Uses borrowed data to replace owned data, usually by cloning. Read more

The type returned in the event of a conversion error.

Performs the conversion.

The type returned in the event of a conversion error.

Performs the conversion.

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more