GetFindings Classic ASP Example
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<%
' This example requires the Chilkat API to have been previously unlocked.
' See Global Unlock Sample for sample code.
set rest = Server.CreateObject("Chilkat_9_5_0.Rest")
set authAws = Server.CreateObject("Chilkat_9_5_0.AuthAws")
authAws.AccessKey = "AWS_ACCESS_KEY"
authAws.SecretKey = "AWS_SECRET_KEY"
' Don't forget to change the region to your particular region. (Also make the same change in the call to Connect below.)
authAws.Region = "us-west-2"
authAws.ServiceName = "guardduty"
' SetAuthAws causes Chilkat to automatically add the following headers: Authorization, X-Amz-Date
success = rest.SetAuthAws(authAws)
' URL: https://guardduty.us-west-2.amazonaws.com/
' Use the same region as specified above.
success = rest.Connect("guardduty.us-west-2.amazonaws.com",443,1,1)
If (success <> 1) Then
Response.Write "<pre>" & Server.HTMLEncode( "ConnectFailReason: " & rest.ConnectFailReason) & "</pre>"
Response.Write "<pre>" & Server.HTMLEncode( rest.LastErrorText) & "</pre>"
Response.End
End If
' The following code creates the JSON request body.
' The JSON created by this code is shown below.
' Use this online tool to generate code from sample JSON:
' Generate Code to Create JSON
set json = Server.CreateObject("Chilkat_9_5_0.JsonObject")
success = json.UpdateString("findingIds[0]","string")
success = json.UpdateString("sortCriteria.attributeName","string")
success = json.UpdateString("sortCriteria.orderBy","string")
' The JSON request body created by the above code:
' {
' "findingIds": [
' "string"
' ],
' "sortCriteria": {
' "attributeName": "string",
' "orderBy": "string"
' }
' }
success = rest.AddHeader("Content-Type","application/x-amz-json-1.1")
success = rest.AddHeader("X-Amz-Target","GetFindings")
set sbRequestBody = Server.CreateObject("Chilkat_9_5_0.StringBuilder")
success = json.EmitSb(sbRequestBody)
set sbResponseBody = Server.CreateObject("Chilkat_9_5_0.StringBuilder")
success = rest.FullRequestSb("POST","/detector/{detectorId}/findings/get",sbRequestBody,sbResponseBody)
If (success <> 1) Then
Response.Write "<pre>" & Server.HTMLEncode( rest.LastErrorText) & "</pre>"
Response.End
End If
respStatusCode = rest.ResponseStatusCode
Response.Write "<pre>" & Server.HTMLEncode( "response status code = " & respStatusCode) & "</pre>"
If (respStatusCode <> 200) Then
Response.Write "<pre>" & Server.HTMLEncode( "Response Header:") & "</pre>"
Response.Write "<pre>" & Server.HTMLEncode( rest.ResponseHeader) & "</pre>"
Response.Write "<pre>" & Server.HTMLEncode( "Response Body:") & "</pre>"
Response.Write "<pre>" & Server.HTMLEncode( sbResponseBody.GetAsString()) & "</pre>"
Response.End
End If
set jResp = Server.CreateObject("Chilkat_9_5_0.JsonObject")
success = jResp.LoadSb(sbResponseBody)
' The following code parses the JSON response.
' A sample JSON response is shown below the sample code.
' Use this online tool to generate parsing code from sample JSON:
' Generate Parsing Code from JSON
i = 0
count_i = jResp.SizeOfArray("findings")
Do While i < count_i
jResp.I = i
accountId = jResp.StringOf("findings[i].accountId")
arn = jResp.StringOf("findings[i].arn")
confidence = jResp.IntOf("findings[i].confidence")
createdAt = jResp.StringOf("findings[i].createdAt")
description = jResp.StringOf("findings[i].description")
id = jResp.StringOf("findings[i].id")
partition = jResp.StringOf("findings[i].partition")
region = jResp.StringOf("findings[i].region")
AccessKeyId = jResp.StringOf("findings[i].resource.accessKeyDetails.accessKeyId")
PrincipalId = jResp.StringOf("findings[i].resource.accessKeyDetails.principalId")
UserName = jResp.StringOf("findings[i].resource.accessKeyDetails.userName")
UserType = jResp.StringOf("findings[i].resource.accessKeyDetails.userType")
Arn = jResp.StringOf("findings[i].resource.eksClusterDetails.arn")
CreatedAt = jResp.IntOf("findings[i].resource.eksClusterDetails.createdAt")
Name = jResp.StringOf("findings[i].resource.eksClusterDetails.name")
Status = jResp.StringOf("findings[i].resource.eksClusterDetails.status")
VpcId = jResp.StringOf("findings[i].resource.eksClusterDetails.vpcId")
AvailabilityZone = jResp.StringOf("findings[i].resource.instanceDetails.availabilityZone")
IamInstanceProfileArn = jResp.StringOf("findings[i].resource.instanceDetails.iamInstanceProfile.arn")
Id = jResp.StringOf("findings[i].resource.instanceDetails.iamInstanceProfile.id")
ImageDescription = jResp.StringOf("findings[i].resource.instanceDetails.imageDescription")
ImageId = jResp.StringOf("findings[i].resource.instanceDetails.imageId")
InstanceId = jResp.StringOf("findings[i].resource.instanceDetails.instanceId")
InstanceState = jResp.StringOf("findings[i].resource.instanceDetails.instanceState")
InstanceType = jResp.StringOf("findings[i].resource.instanceDetails.instanceType")
LaunchTime = jResp.StringOf("findings[i].resource.instanceDetails.launchTime")
OutpostArn = jResp.StringOf("findings[i].resource.instanceDetails.outpostArn")
Platform = jResp.StringOf("findings[i].resource.instanceDetails.platform")
Uid = jResp.StringOf("findings[i].resource.kubernetesDetails.kubernetesUserDetails.uid")
Username = jResp.StringOf("findings[i].resource.kubernetesDetails.kubernetesUserDetails.username")
HostNetwork = jResp.IntOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.hostNetwork")
KubernetesWorkloadDetailsName = jResp.StringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.name")
Namespace = jResp.StringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.namespace")
v_Type = jResp.StringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.type")
KubernetesWorkloadDetailsUid = jResp.StringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.uid")
ResourceType = jResp.StringOf("findings[i].resource.resourceType")
schemaVersion = jResp.StringOf("findings[i].schemaVersion")
ActionType = jResp.StringOf("findings[i].service.action.actionType")
Api = jResp.StringOf("findings[i].service.action.awsApiCallAction.api")
CallerType = jResp.StringOf("findings[i].service.action.awsApiCallAction.callerType")
Domain = jResp.StringOf("findings[i].service.action.awsApiCallAction.domainDetails.domain")
ErrorCode = jResp.StringOf("findings[i].service.action.awsApiCallAction.errorCode")
AccountId = jResp.StringOf("findings[i].service.action.awsApiCallAction.remoteAccountDetails.accountId")
Affiliated = jResp.IntOf("findings[i].service.action.awsApiCallAction.remoteAccountDetails.affiliated")
CityName = jResp.StringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.city.cityName")
CountryCode = jResp.StringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.country.countryCode")
CountryName = jResp.StringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.country.countryName")
Lat = jResp.IntOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.geoLocation.lat")
Lon = jResp.IntOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.geoLocation.lon")
IpAddressV4 = jResp.StringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.ipAddressV4")
v_Asn = jResp.StringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.organization.asn")
AsnOrg = jResp.StringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg")
Isp = jResp.StringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.organization.isp")
Org = jResp.StringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.organization.org")
ServiceName = jResp.StringOf("findings[i].service.action.awsApiCallAction.serviceName")
UserAgent = jResp.StringOf("findings[i].service.action.awsApiCallAction.userAgent")
DnsRequestActionDomain = jResp.StringOf("findings[i].service.action.dnsRequestAction.domain")
Parameters = jResp.StringOf("findings[i].service.action.kubernetesApiCallAction.parameters")
CityCityName = jResp.StringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.city.cityName")
CountryCountryCode = jResp.StringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.country.countryCode")
CountryCountryName = jResp.StringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.country.countryName")
GeoLocationLat = jResp.IntOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.geoLocation.lat")
GeoLocationLon = jResp.IntOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.geoLocation.lon")
RemoteIpDetailsIpAddressV4 = jResp.StringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV4")
OrganizationAsn = jResp.StringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.organization.asn")
OrganizationAsnOrg = jResp.StringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.organization.asnOrg")
OrganizationIsp = jResp.StringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.organization.isp")
OrganizationOrg = jResp.StringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.organization.org")
RequestUri = jResp.StringOf("findings[i].service.action.kubernetesApiCallAction.requestUri")
StatusCode = jResp.IntOf("findings[i].service.action.kubernetesApiCallAction.statusCode")
KubernetesApiCallActionUserAgent = jResp.StringOf("findings[i].service.action.kubernetesApiCallAction.userAgent")
Verb = jResp.StringOf("findings[i].service.action.kubernetesApiCallAction.verb")
Blocked = jResp.IntOf("findings[i].service.action.networkConnectionAction.blocked")
ConnectionDirection = jResp.StringOf("findings[i].service.action.networkConnectionAction.connectionDirection")
LocalIpDetailsIpAddressV4 = jResp.StringOf("findings[i].service.action.networkConnectionAction.localIpDetails.ipAddressV4")
Port = jResp.IntOf("findings[i].service.action.networkConnectionAction.localPortDetails.port")
PortName = jResp.StringOf("findings[i].service.action.networkConnectionAction.localPortDetails.portName")
Protocol = jResp.StringOf("findings[i].service.action.networkConnectionAction.protocol")
CityCityName = jResp.StringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.city.cityName")
CountryCountryCode = jResp.StringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.country.countryCode")
CountryCountryName = jResp.StringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.country.countryName")
GeoLocationLat = jResp.IntOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.geoLocation.lat")
GeoLocationLon = jResp.IntOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.geoLocation.lon")
RemoteIpDetailsIpAddressV4 = jResp.StringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.ipAddressV4")
OrganizationAsn = jResp.StringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.organization.asn")
OrganizationAsnOrg = jResp.StringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg")
OrganizationIsp = jResp.StringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.organization.isp")
OrganizationOrg = jResp.StringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.organization.org")
RemotePortDetailsPort = jResp.IntOf("findings[i].service.action.networkConnectionAction.remotePortDetails.port")
RemotePortDetailsPortName = jResp.StringOf("findings[i].service.action.networkConnectionAction.remotePortDetails.portName")
PortProbeActionBlocked = jResp.IntOf("findings[i].service.action.portProbeAction.blocked")
Archived = jResp.IntOf("findings[i].service.archived")
Count = jResp.IntOf("findings[i].service.count")
DetectorId = jResp.StringOf("findings[i].service.detectorId")
EventFirstSeen = jResp.StringOf("findings[i].service.eventFirstSeen")
EventLastSeen = jResp.StringOf("findings[i].service.eventLastSeen")
ResourceRole = jResp.StringOf("findings[i].service.resourceRole")
serviceServiceName = jResp.StringOf("findings[i].service.serviceName")
UserFeedback = jResp.StringOf("findings[i].service.userFeedback")
severity = jResp.IntOf("findings[i].severity")
title = jResp.StringOf("findings[i].title")
v_type = jResp.StringOf("findings[i].type")
updatedAt = jResp.StringOf("findings[i].updatedAt")
j = 0
count_j = jResp.SizeOfArray("findings[i].resource.eksClusterDetails.tags")
Do While j < count_j
jResp.J = j
key = jResp.StringOf("findings[i].resource.eksClusterDetails.tags[j].key")
value = jResp.StringOf("findings[i].resource.eksClusterDetails.tags[j].value")
j = j + 1
Loop
j = 0
count_j = jResp.SizeOfArray("findings[i].resource.instanceDetails.networkInterfaces")
Do While j < count_j
jResp.J = j
networkInterfaceId = jResp.StringOf("findings[i].resource.instanceDetails.networkInterfaces[j].networkInterfaceId")
privateDnsName = jResp.StringOf("findings[i].resource.instanceDetails.networkInterfaces[j].privateDnsName")
privateIpAddress = jResp.StringOf("findings[i].resource.instanceDetails.networkInterfaces[j].privateIpAddress")
publicDnsName = jResp.StringOf("findings[i].resource.instanceDetails.networkInterfaces[j].publicDnsName")
publicIp = jResp.StringOf("findings[i].resource.instanceDetails.networkInterfaces[j].publicIp")
subnetId = jResp.StringOf("findings[i].resource.instanceDetails.networkInterfaces[j].subnetId")
vpcId = jResp.StringOf("findings[i].resource.instanceDetails.networkInterfaces[j].vpcId")
k = 0
count_k = jResp.SizeOfArray("findings[i].resource.instanceDetails.networkInterfaces[j].ipv6Addresses")
Do While k < count_k
jResp.K = k
strVal = jResp.StringOf("findings[i].resource.instanceDetails.networkInterfaces[j].ipv6Addresses[k]")
k = k + 1
Loop
k = 0
count_k = jResp.SizeOfArray("findings[i].resource.instanceDetails.networkInterfaces[j].privateIpAddresses")
Do While k < count_k
jResp.K = k
privateDnsName = jResp.StringOf("findings[i].resource.instanceDetails.networkInterfaces[j].privateIpAddresses[k].privateDnsName")
privateIpAddress = jResp.StringOf("findings[i].resource.instanceDetails.networkInterfaces[j].privateIpAddresses[k].privateIpAddress")
k = k + 1
Loop
k = 0
count_k = jResp.SizeOfArray("findings[i].resource.instanceDetails.networkInterfaces[j].securityGroups")
Do While k < count_k
jResp.K = k
groupId = jResp.StringOf("findings[i].resource.instanceDetails.networkInterfaces[j].securityGroups[k].groupId")
groupName = jResp.StringOf("findings[i].resource.instanceDetails.networkInterfaces[j].securityGroups[k].groupName")
k = k + 1
Loop
j = j + 1
Loop
j = 0
count_j = jResp.SizeOfArray("findings[i].resource.instanceDetails.productCodes")
Do While j < count_j
jResp.J = j
code = jResp.StringOf("findings[i].resource.instanceDetails.productCodes[j].code")
productType = jResp.StringOf("findings[i].resource.instanceDetails.productCodes[j].productType")
j = j + 1
Loop
j = 0
count_j = jResp.SizeOfArray("findings[i].resource.instanceDetails.tags")
Do While j < count_j
jResp.J = j
key = jResp.StringOf("findings[i].resource.instanceDetails.tags[j].key")
value = jResp.StringOf("findings[i].resource.instanceDetails.tags[j].value")
j = j + 1
Loop
j = 0
count_j = jResp.SizeOfArray("findings[i].resource.kubernetesDetails.kubernetesUserDetails.groups")
Do While j < count_j
jResp.J = j
strVal = jResp.StringOf("findings[i].resource.kubernetesDetails.kubernetesUserDetails.groups[j]")
j = j + 1
Loop
j = 0
count_j = jResp.SizeOfArray("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers")
Do While j < count_j
jResp.J = j
containerRuntime = jResp.StringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].containerRuntime")
id = jResp.StringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].id")
image = jResp.StringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].image")
imagePrefix = jResp.StringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].imagePrefix")
name = jResp.StringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].name")
Privileged = jResp.IntOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].securityContext.privileged")
k = 0
count_k = jResp.SizeOfArray("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].volumeMounts")
Do While k < count_k
jResp.K = k
mountPath = jResp.StringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].volumeMounts[k].mountPath")
name = jResp.StringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].volumeMounts[k].name")
k = k + 1
Loop
j = j + 1
Loop
j = 0
count_j = jResp.SizeOfArray("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.volumes")
Do While j < count_j
jResp.J = j
Path = jResp.StringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.volumes[j].hostPath.path")
name = jResp.StringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.volumes[j].name")
j = j + 1
Loop
j = 0
count_j = jResp.SizeOfArray("findings[i].resource.s3BucketDetails")
Do While j < count_j
jResp.J = j
arn = jResp.StringOf("findings[i].resource.s3BucketDetails[j].arn")
createdAt_int = jResp.IntOf("findings[i].resource.s3BucketDetails[j].createdAt")
EncryptionType = jResp.StringOf("findings[i].resource.s3BucketDetails[j].defaultServerSideEncryption.encryptionType")
KmsMasterKeyArn = jResp.StringOf("findings[i].resource.s3BucketDetails[j].defaultServerSideEncryption.kmsMasterKeyArn")
name = jResp.StringOf("findings[i].resource.s3BucketDetails[j].name")
ownerId = jResp.StringOf("findings[i].resource.s3BucketDetails[j].owner.id")
EffectivePermission = jResp.StringOf("findings[i].resource.s3BucketDetails[j].publicAccess.effectivePermission")
BlockPublicAcls = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.accountLevelPermissions.blockPublicAccess.blockPublicAcls")
BlockPublicPolicy = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.accountLevelPermissions.blockPublicAccess.blockPublicPolicy")
IgnorePublicAcls = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.accountLevelPermissions.blockPublicAccess.ignorePublicAcls")
RestrictPublicBuckets = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.accountLevelPermissions.blockPublicAccess.restrictPublicBuckets")
AllowsPublicReadAccess = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.accessControlList.allowsPublicReadAccess")
AllowsPublicWriteAccess = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.accessControlList.allowsPublicWriteAccess")
BlockPublicAccessBlockPublicAcls = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.blockPublicAccess.blockPublicAcls")
BlockPublicAccessBlockPublicPolicy = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.blockPublicAccess.blockPublicPolicy")
BlockPublicAccessIgnorePublicAcls = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.blockPublicAccess.ignorePublicAcls")
BlockPublicAccessRestrictPublicBuckets = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.blockPublicAccess.restrictPublicBuckets")
BucketPolicyAllowsPublicReadAccess = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.bucketPolicy.allowsPublicReadAccess")
BucketPolicyAllowsPublicWriteAccess = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.bucketPolicy.allowsPublicWriteAccess")
v_type = jResp.StringOf("findings[i].resource.s3BucketDetails[j].type")
k = 0
count_k = jResp.SizeOfArray("findings[i].resource.s3BucketDetails[j].tags")
Do While k < count_k
jResp.K = k
key = jResp.StringOf("findings[i].resource.s3BucketDetails[j].tags[k].key")
value = jResp.StringOf("findings[i].resource.s3BucketDetails[j].tags[k].value")
k = k + 1
Loop
j = j + 1
Loop
j = 0
count_j = jResp.SizeOfArray("findings[i].service.action.kubernetesApiCallAction.sourceIps")
Do While j < count_j
jResp.J = j
strVal = jResp.StringOf("findings[i].service.action.kubernetesApiCallAction.sourceIps[j]")
j = j + 1
Loop
j = 0
count_j = jResp.SizeOfArray("findings[i].service.action.portProbeAction.portProbeDetails")
Do While j < count_j
jResp.J = j
localIpDetailsIpAddressV4 = jResp.StringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].localIpDetails.ipAddressV4")
localPortDetailsPort = jResp.IntOf("findings[i].service.action.portProbeAction.portProbeDetails[j].localPortDetails.port")
localPortDetailsPortName = jResp.StringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].localPortDetails.portName")
CityCityName = jResp.StringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.city.cityName")
CountryCountryCode = jResp.StringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.country.countryCode")
CountryCountryName = jResp.StringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.country.countryName")
GeoLocationLat = jResp.IntOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.geoLocation.lat")
GeoLocationLon = jResp.IntOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.geoLocation.lon")
remoteIpDetailsIpAddressV4 = jResp.StringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.ipAddressV4")
OrganizationAsn = jResp.StringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.organization.asn")
OrganizationAsnOrg = jResp.StringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.organization.asnOrg")
OrganizationIsp = jResp.StringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.organization.isp")
OrganizationOrg = jResp.StringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.organization.org")
j = j + 1
Loop
j = 0
count_j = jResp.SizeOfArray("findings[i].service.evidence.threatIntelligenceDetails")
Do While j < count_j
jResp.J = j
threatListName = jResp.StringOf("findings[i].service.evidence.threatIntelligenceDetails[j].threatListName")
k = 0
count_k = jResp.SizeOfArray("findings[i].service.evidence.threatIntelligenceDetails[j].threatNames")
Do While k < count_k
jResp.K = k
strVal = jResp.StringOf("findings[i].service.evidence.threatIntelligenceDetails[j].threatNames[k]")
k = k + 1
Loop
j = j + 1
Loop
i = i + 1
Loop
' A sample JSON response body parsed by the above code:
' {
' "findings": [
' {
' "accountId": "string",
' "arn": "string",
' "confidence": number,
' "createdAt": "string",
' "description": "string",
' "id": "string",
' "partition": "string",
' "region": "string",
' "resource": {
' "accessKeyDetails": {
' "accessKeyId": "string",
' "principalId": "string",
' "userName": "string",
' "userType": "string"
' },
' "eksClusterDetails": {
' "arn": "string",
' "createdAt": number,
' "name": "string",
' "status": "string",
' "tags": [
' {
' "key": "string",
' "value": "string"
' }
' ],
' "vpcId": "string"
' },
' "instanceDetails": {
' "availabilityZone": "string",
' "iamInstanceProfile": {
' "arn": "string",
' "id": "string"
' },
' "imageDescription": "string",
' "imageId": "string",
' "instanceId": "string",
' "instanceState": "string",
' "instanceType": "string",
' "launchTime": "string",
' "networkInterfaces": [
' {
' "ipv6Addresses": [
' "string"
' ],
' "networkInterfaceId": "string",
' "privateDnsName": "string",
' "privateIpAddress": "string",
' "privateIpAddresses": [
' {
' "privateDnsName": "string",
' "privateIpAddress": "string"
' }
' ],
' "publicDnsName": "string",
' "publicIp": "string",
' "securityGroups": [
' {
' "groupId": "string",
' "groupName": "string"
' }
' ],
' "subnetId": "string",
' "vpcId": "string"
' }
' ],
' "outpostArn": "string",
' "platform": "string",
' "productCodes": [
' {
' "code": "string",
' "productType": "string"
' }
' ],
' "tags": [
' {
' "key": "string",
' "value": "string"
' }
' ]
' },
' "kubernetesDetails": {
' "kubernetesUserDetails": {
' "groups": [
' "string"
' ],
' "uid": "string",
' "username": "string"
' },
' "kubernetesWorkloadDetails": {
' "containers": [
' {
' "containerRuntime": "string",
' "id": "string",
' "image": "string",
' "imagePrefix": "string",
' "name": "string",
' "securityContext": {
' "privileged": boolean
' },
' "volumeMounts": [
' {
' "mountPath": "string",
' "name": "string"
' }
' ]
' }
' ],
' "hostNetwork": boolean,
' "name": "string",
' "namespace": "string",
' "type": "string",
' "uid": "string",
' "volumes": [
' {
' "hostPath": {
' "path": "string"
' },
' "name": "string"
' }
' ]
' }
' },
' "resourceType": "string",
' "s3BucketDetails": [
' {
' "arn": "string",
' "createdAt": number,
' "defaultServerSideEncryption": {
' "encryptionType": "string",
' "kmsMasterKeyArn": "string"
' },
' "name": "string",
' "owner": {
' "id": "string"
' },
' "publicAccess": {
' "effectivePermission": "string",
' "permissionConfiguration": {
' "accountLevelPermissions": {
' "blockPublicAccess": {
' "blockPublicAcls": boolean,
' "blockPublicPolicy": boolean,
' "ignorePublicAcls": boolean,
' "restrictPublicBuckets": boolean
' }
' },
' "bucketLevelPermissions": {
' "accessControlList": {
' "allowsPublicReadAccess": boolean,
' "allowsPublicWriteAccess": boolean
' },
' "blockPublicAccess": {
' "blockPublicAcls": boolean,
' "blockPublicPolicy": boolean,
' "ignorePublicAcls": boolean,
' "restrictPublicBuckets": boolean
' },
' "bucketPolicy": {
' "allowsPublicReadAccess": boolean,
' "allowsPublicWriteAccess": boolean
' }
' }
' }
' },
' "tags": [
' {
' "key": "string",
' "value": "string"
' }
' ],
' "type": "string"
' }
' ]
' },
' "schemaVersion": "string",
' "service": {
' "action": {
' "actionType": "string",
' "awsApiCallAction": {
' "api": "string",
' "callerType": "string",
' "domainDetails": {
' "domain": "string"
' },
' "errorCode": "string",
' "remoteAccountDetails": {
' "accountId": "string",
' "affiliated": boolean
' },
' "remoteIpDetails": {
' "city": {
' "cityName": "string"
' },
' "country": {
' "countryCode": "string",
' "countryName": "string"
' },
' "geoLocation": {
' "lat": number,
' "lon": number
' },
' "ipAddressV4": "string",
' "organization": {
' "asn": "string",
' "asnOrg": "string",
' "isp": "string",
' "org": "string"
' }
' },
' "serviceName": "string",
' "userAgent": "string"
' },
' "dnsRequestAction": {
' "domain": "string"
' },
' "kubernetesApiCallAction": {
' "parameters": "string",
' "remoteIpDetails": {
' "city": {
' "cityName": "string"
' },
' "country": {
' "countryCode": "string",
' "countryName": "string"
' },
' "geoLocation": {
' "lat": number,
' "lon": number
' },
' "ipAddressV4": "string",
' "organization": {
' "asn": "string",
' "asnOrg": "string",
' "isp": "string",
' "org": "string"
' }
' },
' "requestUri": "string",
' "sourceIps": [
' "string"
' ],
' "statusCode": number,
' "userAgent": "string",
' "verb": "string"
' },
' "networkConnectionAction": {
' "blocked": boolean,
' "connectionDirection": "string",
' "localIpDetails": {
' "ipAddressV4": "string"
' },
' "localPortDetails": {
' "port": number,
' "portName": "string"
' },
' "protocol": "string",
' "remoteIpDetails": {
' "city": {
' "cityName": "string"
' },
' "country": {
' "countryCode": "string",
' "countryName": "string"
' },
' "geoLocation": {
' "lat": number,
' "lon": number
' },
' "ipAddressV4": "string",
' "organization": {
' "asn": "string",
' "asnOrg": "string",
' "isp": "string",
' "org": "string"
' }
' },
' "remotePortDetails": {
' "port": number,
' "portName": "string"
' }
' },
' "portProbeAction": {
' "blocked": boolean,
' "portProbeDetails": [
' {
' "localIpDetails": {
' "ipAddressV4": "string"
' },
' "localPortDetails": {
' "port": number,
' "portName": "string"
' },
' "remoteIpDetails": {
' "city": {
' "cityName": "string"
' },
' "country": {
' "countryCode": "string",
' "countryName": "string"
' },
' "geoLocation": {
' "lat": number,
' "lon": number
' },
' "ipAddressV4": "string",
' "organization": {
' "asn": "string",
' "asnOrg": "string",
' "isp": "string",
' "org": "string"
' }
' }
' }
' ]
' }
' },
' "archived": boolean,
' "count": number,
' "detectorId": "string",
' "eventFirstSeen": "string",
' "eventLastSeen": "string",
' "evidence": {
' "threatIntelligenceDetails": [
' {
' "threatListName": "string",
' "threatNames": [
' "string"
' ]
' }
' ]
' },
' "resourceRole": "string",
' "serviceName": "string",
' "userFeedback": "string"
' },
' "severity": number,
' "title": "string",
' "type": "string",
' "updatedAt": "string"
' }
' ]
' }
%>
</body>
</html>
