Security Command Center V2 API - Class Google::Cloud::SecurityCenter::V2::GroupFindingsRequest (v1.5.1)

Reference documentation and code samples for the Security Command Center V2 API class Google::Cloud::SecurityCenter::V2::GroupFindingsRequest.

Request message for grouping by findings.

Inherits

Extended By

  • Google::Protobuf::MessageExts::ClassMethods

Includes

  • Google::Protobuf::MessageExts

Methods

#filter

def filter() -> ::String
Returns
  • (::String) —

    Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND.

    Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. Examples include:

    • name
    • security_marks.marks.marka

    The supported operators are:

    • = for all value types.
    • >, <, >=, <= for integer values.
    • :, meaning substring matching, for strings.

    The supported value types are:

    • string literals in quotes.
    • integer literals without quotes.
    • boolean literals true and false without quotes.

    The following field and operator combinations are supported:

    • name: =
    • parent: =, :
    • resource_name: =, :
    • state: =, :
    • category: =, :
    • external_uri: =, :
    • event_time: =, >, <, >=, <=

    Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: event_time = "2019-06-10T16:07:18-07:00" event_time = 1560208038000

    • severity: =, :
    • security_marks.marks: =, :
    • resource:
      • resource.name: =, :
      • resource.parent_name: =, :
      • resource.parent_display_name: =, :
      • resource.project_name: =, :
      • resource.project_display_name: =, :
      • resource.type: =, :

#filter=

def filter=(value) -> ::String
Parameter
  • value (::String) —

    Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND.

    Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. Examples include:

    • name
    • security_marks.marks.marka

    The supported operators are:

    • = for all value types.
    • >, <, >=, <= for integer values.
    • :, meaning substring matching, for strings.

    The supported value types are:

    • string literals in quotes.
    • integer literals without quotes.
    • boolean literals true and false without quotes.

    The following field and operator combinations are supported:

    • name: =
    • parent: =, :
    • resource_name: =, :
    • state: =, :
    • category: =, :
    • external_uri: =, :
    • event_time: =, >, <, >=, <=

    Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: event_time = "2019-06-10T16:07:18-07:00" event_time = 1560208038000

    • severity: =, :
    • security_marks.marks: =, :
    • resource:
      • resource.name: =, :
      • resource.parent_name: =, :
      • resource.parent_display_name: =, :
      • resource.project_name: =, :
      • resource.project_display_name: =, :
      • resource.type: =, :
Returns
  • (::String) —

    Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined via logical operators AND and OR. Parentheses are supported, and OR has higher precedence than AND.

    Restrictions have the form <field> <operator> <value> and may have a - character in front of them to indicate negation. Examples include:

    • name
    • security_marks.marks.marka

    The supported operators are:

    • = for all value types.
    • >, <, >=, <= for integer values.
    • :, meaning substring matching, for strings.

    The supported value types are:

    • string literals in quotes.
    • integer literals without quotes.
    • boolean literals true and false without quotes.

    The following field and operator combinations are supported:

    • name: =
    • parent: =, :
    • resource_name: =, :
    • state: =, :
    • category: =, :
    • external_uri: =, :
    • event_time: =, >, <, >=, <=

    Usage: This should be milliseconds since epoch or an RFC3339 string. Examples: event_time = "2019-06-10T16:07:18-07:00" event_time = 1560208038000

    • severity: =, :
    • security_marks.marks: =, :
    • resource:
      • resource.name: =, :
      • resource.parent_name: =, :
      • resource.parent_display_name: =, :
      • resource.project_name: =, :
      • resource.project_display_name: =, :
      • resource.type: =, :

#group_by

def group_by() -> ::String
Returns
  • (::String) — Required. Expression that defines what assets fields to use for grouping. The string value should follow SQL syntax: comma separated list of fields. For example: "parent,resource_name".

#group_by=

def group_by=(value) -> ::String
Parameter
  • value (::String) — Required. Expression that defines what assets fields to use for grouping. The string value should follow SQL syntax: comma separated list of fields. For example: "parent,resource_name".
Returns
  • (::String) — Required. Expression that defines what assets fields to use for grouping. The string value should follow SQL syntax: comma separated list of fields. For example: "parent,resource_name".

#page_size

def page_size() -> ::Integer
Returns
  • (::Integer) — The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.

#page_size=

def page_size=(value) -> ::Integer
Parameter
  • value (::Integer) — The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.
Returns
  • (::Integer) — The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000.

#page_token

def page_token() -> ::String
Returns
  • (::String) — The value returned by the last GroupFindingsResponse; indicates that this is a continuation of a prior GroupFindings call, and that the system should return the next page of data.

#page_token=

def page_token=(value) -> ::String
Parameter
  • value (::String) — The value returned by the last GroupFindingsResponse; indicates that this is a continuation of a prior GroupFindings call, and that the system should return the next page of data.
Returns
  • (::String) — The value returned by the last GroupFindingsResponse; indicates that this is a continuation of a prior GroupFindings call, and that the system should return the next page of data.

#parent

def parent() -> ::String
Returns
  • (::String) —

    Required. Name of the source to groupBy. If no location is specified, finding is assumed to be in global. The following list shows some examples:

    • organizations/[organization_id]/sources/[source_id] + organizations/[organization_id]/sources/[source_id]/locations/[location_id]
    • folders/[folder_id]/sources/[source_id]
    • folders/[folder_id]/sources/[source_id]/locations/[location_id]
    • projects/[project_id]/sources/[source_id]
    • projects/[project_id]/sources/[source_id]/locations/[location_id]

    To groupBy across all sources provide a source_id of -. The following list shows some examples:

    • organizations/{organization_id}/sources/-
    • organizations/{organization_id}/sources/-/locations/[location_id]
    • folders/{folder_id}/sources/-
    • folders/{folder_id}/sources/-/locations/[location_id]
    • projects/{project_id}/sources/-
    • projects/{project_id}/sources/-/locations/[location_id]

#parent=

def parent=(value) -> ::String
Parameter
  • value (::String) —

    Required. Name of the source to groupBy. If no location is specified, finding is assumed to be in global. The following list shows some examples:

    • organizations/[organization_id]/sources/[source_id] + organizations/[organization_id]/sources/[source_id]/locations/[location_id]
    • folders/[folder_id]/sources/[source_id]
    • folders/[folder_id]/sources/[source_id]/locations/[location_id]
    • projects/[project_id]/sources/[source_id]
    • projects/[project_id]/sources/[source_id]/locations/[location_id]

    To groupBy across all sources provide a source_id of -. The following list shows some examples:

    • organizations/{organization_id}/sources/-
    • organizations/{organization_id}/sources/-/locations/[location_id]
    • folders/{folder_id}/sources/-
    • folders/{folder_id}/sources/-/locations/[location_id]
    • projects/{project_id}/sources/-
    • projects/{project_id}/sources/-/locations/[location_id]
Returns
  • (::String) —

    Required. Name of the source to groupBy. If no location is specified, finding is assumed to be in global. The following list shows some examples:

    • organizations/[organization_id]/sources/[source_id] + organizations/[organization_id]/sources/[source_id]/locations/[location_id]
    • folders/[folder_id]/sources/[source_id]
    • folders/[folder_id]/sources/[source_id]/locations/[location_id]
    • projects/[project_id]/sources/[source_id]
    • projects/[project_id]/sources/[source_id]/locations/[location_id]

    To groupBy across all sources provide a source_id of -. The following list shows some examples:

    • organizations/{organization_id}/sources/-
    • organizations/{organization_id}/sources/-/locations/[location_id]
    • folders/{folder_id}/sources/-
    • folders/{folder_id}/sources/-/locations/[location_id]
    • projects/{project_id}/sources/-
    • projects/{project_id}/sources/-/locations/[location_id]