Struct googapis::google::cloud::securitycenter::v1::Finding [−][src]
pub struct Finding {Show 19 fields
pub name: String,
pub parent: String,
pub resource_name: String,
pub state: i32,
pub category: String,
pub external_uri: String,
pub source_properties: HashMap<String, Value>,
pub security_marks: Option<SecurityMarks>,
pub event_time: Option<Timestamp>,
pub create_time: Option<Timestamp>,
pub severity: i32,
pub canonical_name: String,
pub mute: i32,
pub finding_class: i32,
pub indicator: Option<Indicator>,
pub vulnerability: Option<Vulnerability>,
pub mute_update_time: Option<Timestamp>,
pub external_systems: HashMap<String, ExternalSystem>,
pub mute_initiator: String,
}
Expand description
Security Command Center finding.
A finding is a record of assessment data like security, risk, health, or privacy, that is ingested into Security Command Center for presentation, notification, analysis, policy testing, and enforcement. For example, a cross-site scripting (XSS) vulnerability in an App Engine application is a finding.
Fields
name: String
The relative resource name of this finding. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name Example: “organizations/{organization_id}/sources/{source_id}/findings/{finding_id}”
parent: String
The relative resource name of the source the finding belongs to. See: https://cloud.google.com/apis/design/resource_names#relative_resource_name This field is immutable after creation time. For example: “organizations/{organization_id}/sources/{source_id}”
resource_name: String
For findings on Google Cloud resources, the full resource name of the Google Cloud resource this finding is for. See: https://cloud.google.com/apis/design/resource_names#full_resource_name When the finding is for a non-Google Cloud resource, the resourceName can be a customer or partner defined string. This field is immutable after creation time.
state: i32
The state of the finding.
category: String
The additional taxonomy group within findings from a given source. This field is immutable after creation time. Example: “XSS_FLASH_INJECTION”
external_uri: String
The URI that, if available, points to a web page outside of Security Command Center where additional information about the finding can be found. This field is guaranteed to be either empty or a well formed URL.
source_properties: HashMap<String, Value>
Source specific properties. These properties are managed by the source that writes the finding. The key names in the source_properties map must be between 1 and 255 characters, and must start with a letter and contain alphanumeric characters or underscores only.
security_marks: Option<SecurityMarks>
Output only. User specified security marks. These marks are entirely managed by the user and come from the SecurityMarks resource that belongs to the finding.
event_time: Option<Timestamp>
The time at which the event took place, or when an update to the finding occurred. For example, if the finding represents an open firewall it would capture the time the detector believes the firewall became open. The accuracy is determined by the detector. If the finding were to be resolved afterward, this time would reflect when the finding was resolved. Must not be set to a value greater than the current timestamp.
create_time: Option<Timestamp>
The time at which the finding was created in Security Command Center.
severity: i32
The severity of the finding. This field is managed by the source that writes the finding.
canonical_name: String
The canonical name of the finding. It’s either “organizations/{organization_id}/sources/{source_id}/findings/{finding_id}”, “folders/{folder_id}/sources/{source_id}/findings/{finding_id}” or “projects/{project_number}/sources/{source_id}/findings/{finding_id}”, depending on the closest CRM ancestor of the resource associated with the finding.
mute: i32
Indicates the mute state of a finding (either unspecified, muted, unmuted or undefined).
finding_class: i32
The class of the finding.
indicator: Option<Indicator>
Represents what’s commonly known as an Indicator of compromise (IoC) in computer forensics. This is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion. Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise
vulnerability: Option<Vulnerability>
Represents vulnerability specific fields like cve, cvss scores etc. CVE stands for Common Vulnerabilities and Exposures (https://cve.mitre.org/about/)
mute_update_time: Option<Timestamp>
Output only. The most recent time this finding was muted or unmuted.
external_systems: HashMap<String, ExternalSystem>
Output only. Third party SIEM/SOAR fields within SCC, contains external system information and external system finding fields.
mute_initiator: String
First known as mute_annotation. Records additional information about the mute operation e.g. mute config that muted the finding, user who muted the finding, etc.
Implementations
Returns the enum value of state
, or the default if the field is set to an invalid enum value.
Returns the enum value of severity
, or the default if the field is set to an invalid enum value.
Sets severity
to the provided enum value.
Returns the enum value of mute
, or the default if the field is set to an invalid enum value.
Returns the enum value of finding_class
, or the default if the field is set to an invalid enum value.
Sets finding_class
to the provided enum value.
Trait Implementations
fn merge_field<B>(
&mut self,
tag: u32,
wire_type: WireType,
buf: &mut B,
ctx: DecodeContext
) -> Result<(), DecodeError> where
B: Buf,
Returns the encoded length of the message without a length delimiter.
Encodes the message to a buffer. Read more
Encodes the message to a newly allocated buffer.
Encodes the message with a length-delimiter to a buffer. Read more
Encodes the message with a length-delimiter to a newly allocated buffer.
Decodes an instance of the message from a buffer. Read more
fn decode_length_delimited<B>(buf: B) -> Result<Self, DecodeError> where
Self: Default,
B: Buf,
fn decode_length_delimited<B>(buf: B) -> Result<Self, DecodeError> where
Self: Default,
B: Buf,
Decodes a length-delimited instance of the message from the buffer.
Decodes an instance of the message from a buffer, and merges it into self
. Read more
Decodes a length-delimited instance of the message from buffer, and
merges it into self
. Read more
Auto Trait Implementations
impl RefUnwindSafe for Finding
impl UnwindSafe for Finding
Blanket Implementations
Mutably borrows from an owned value. Read more
Wrap the input message T
in a tonic::Request
pub fn vzip(self) -> V
Attaches the provided Subscriber
to this type, returning a
WithDispatch
wrapper. Read more
Attaches the current default Subscriber
to this type, returning a
WithDispatch
wrapper. Read more