GetFindings C++ Example
#include <CkRest.h>
#include <CkAuthAws.h>
#include <CkJsonObject.h>
#include <CkStringBuilder.h>
void ChilkatSample(void)
{
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
CkRest rest;
bool success;
CkAuthAws authAws;
authAws.put_AccessKey("AWS_ACCESS_KEY");
authAws.put_SecretKey("AWS_SECRET_KEY");
// Don't forget to change the region to your particular region. (Also make the same change in the call to Connect below.)
authAws.put_Region("us-west-2");
authAws.put_ServiceName("guardduty");
// SetAuthAws causes Chilkat to automatically add the following headers: Authorization, X-Amz-Date
rest.SetAuthAws(authAws);
// URL: https://guardduty.us-west-2.amazonaws.com/
// Use the same region as specified above.
success = rest.Connect("guardduty.us-west-2.amazonaws.com",443,true,true);
if (success != true) {
std::cout << "ConnectFailReason: " << rest.get_ConnectFailReason() << "\r\n";
std::cout << rest.lastErrorText() << "\r\n";
return;
}
// The following code creates the JSON request body.
// The JSON created by this code is shown below.
// Use this online tool to generate code from sample JSON:
// Generate Code to Create JSON
CkJsonObject json;
json.UpdateString("findingIds[0]","string");
json.UpdateString("sortCriteria.attributeName","string");
json.UpdateString("sortCriteria.orderBy","string");
// The JSON request body created by the above code:
// {
// "findingIds": [
// "string"
// ],
// "sortCriteria": {
// "attributeName": "string",
// "orderBy": "string"
// }
// }
rest.AddHeader("Content-Type","application/x-amz-json-1.1");
rest.AddHeader("X-Amz-Target","GetFindings");
CkStringBuilder sbRequestBody;
json.EmitSb(sbRequestBody);
CkStringBuilder sbResponseBody;
success = rest.FullRequestSb("POST","/detector/{detectorId}/findings/get",sbRequestBody,sbResponseBody);
if (success != true) {
std::cout << rest.lastErrorText() << "\r\n";
return;
}
int respStatusCode = rest.get_ResponseStatusCode();
std::cout << "response status code = " << respStatusCode << "\r\n";
if (respStatusCode != 200) {
std::cout << "Response Header:" << "\r\n";
std::cout << rest.responseHeader() << "\r\n";
std::cout << "Response Body:" << "\r\n";
std::cout << sbResponseBody.getAsString() << "\r\n";
return;
}
CkJsonObject jResp;
jResp.LoadSb(sbResponseBody);
// The following code parses the JSON response.
// A sample JSON response is shown below the sample code.
// Use this online tool to generate parsing code from sample JSON:
// Generate Parsing Code from JSON
// Chilkat functions returning "const char *" return a pointer to temporary internal memory owned and managed by Chilkat.
// See this example explaining how this memory should be used: const char * functions.
const char *accountId = 0;
const char *arn = 0;
int confidence;
const char *createdAt = 0;
const char *description = 0;
const char *id = 0;
const char *partition = 0;
const char *region = 0;
const char *AccessKeyId = 0;
const char *PrincipalId = 0;
const char *UserName = 0;
const char *UserType = 0;
const char *Arn = 0;
int CreatedAt;
const char *Name = 0;
const char *Status = 0;
const char *VpcId = 0;
const char *AvailabilityZone = 0;
const char *IamInstanceProfileArn = 0;
const char *Id = 0;
const char *ImageDescription = 0;
const char *ImageId = 0;
const char *InstanceId = 0;
const char *InstanceState = 0;
const char *InstanceType = 0;
const char *LaunchTime = 0;
const char *OutpostArn = 0;
const char *Platform = 0;
const char *Uid = 0;
const char *Username = 0;
int HostNetwork;
const char *KubernetesWorkloadDetailsName = 0;
const char *Namespace = 0;
const char *v_Type = 0;
const char *KubernetesWorkloadDetailsUid = 0;
const char *ResourceType = 0;
const char *schemaVersion = 0;
const char *ActionType = 0;
const char *Api = 0;
const char *CallerType = 0;
const char *Domain = 0;
const char *ErrorCode = 0;
const char *AccountId = 0;
int Affiliated;
const char *CityName = 0;
const char *CountryCode = 0;
const char *CountryName = 0;
int Lat;
int Lon;
const char *IpAddressV4 = 0;
const char *v_Asn = 0;
const char *AsnOrg = 0;
const char *Isp = 0;
const char *Org = 0;
const char *ServiceName = 0;
const char *UserAgent = 0;
const char *DnsRequestActionDomain = 0;
const char *Parameters = 0;
const char *CityCityName = 0;
const char *CountryCountryCode = 0;
const char *CountryCountryName = 0;
int GeoLocationLat;
int GeoLocationLon;
const char *RemoteIpDetailsIpAddressV4 = 0;
const char *OrganizationAsn = 0;
const char *OrganizationAsnOrg = 0;
const char *OrganizationIsp = 0;
const char *OrganizationOrg = 0;
const char *RequestUri = 0;
int StatusCode;
const char *KubernetesApiCallActionUserAgent = 0;
const char *Verb = 0;
int Blocked;
const char *ConnectionDirection = 0;
const char *LocalIpDetailsIpAddressV4 = 0;
int Port;
const char *PortName = 0;
const char *Protocol = 0;
int RemotePortDetailsPort;
const char *RemotePortDetailsPortName = 0;
int PortProbeActionBlocked;
int Archived;
int Count;
const char *DetectorId = 0;
const char *EventFirstSeen = 0;
const char *EventLastSeen = 0;
const char *ResourceRole = 0;
const char *serviceServiceName = 0;
const char *UserFeedback = 0;
int severity;
const char *title = 0;
const char *v_type = 0;
const char *updatedAt = 0;
int j;
int count_j;
const char *key = 0;
const char *value = 0;
const char *networkInterfaceId = 0;
const char *privateDnsName = 0;
const char *privateIpAddress = 0;
const char *publicDnsName = 0;
const char *publicIp = 0;
const char *subnetId = 0;
const char *vpcId = 0;
int k;
int count_k;
const char *strVal = 0;
const char *groupId = 0;
const char *groupName = 0;
const char *code = 0;
const char *productType = 0;
const char *containerRuntime = 0;
const char *image = 0;
const char *imagePrefix = 0;
const char *name = 0;
int Privileged;
const char *mountPath = 0;
const char *Path = 0;
int createdAt_int;
const char *EncryptionType = 0;
const char *KmsMasterKeyArn = 0;
const char *ownerId = 0;
const char *EffectivePermission = 0;
int BlockPublicAcls;
int BlockPublicPolicy;
int IgnorePublicAcls;
int RestrictPublicBuckets;
int AllowsPublicReadAccess;
int AllowsPublicWriteAccess;
int BlockPublicAccessBlockPublicAcls;
int BlockPublicAccessBlockPublicPolicy;
int BlockPublicAccessIgnorePublicAcls;
int BlockPublicAccessRestrictPublicBuckets;
int BucketPolicyAllowsPublicReadAccess;
int BucketPolicyAllowsPublicWriteAccess;
const char *localIpDetailsIpAddressV4 = 0;
int localPortDetailsPort;
const char *localPortDetailsPortName = 0;
const char *remoteIpDetailsIpAddressV4 = 0;
const char *threatListName = 0;
int i = 0;
int count_i = jResp.SizeOfArray("findings");
while (i < count_i) {
jResp.put_I(i);
accountId = jResp.stringOf("findings[i].accountId");
arn = jResp.stringOf("findings[i].arn");
confidence = jResp.IntOf("findings[i].confidence");
createdAt = jResp.stringOf("findings[i].createdAt");
description = jResp.stringOf("findings[i].description");
id = jResp.stringOf("findings[i].id");
partition = jResp.stringOf("findings[i].partition");
region = jResp.stringOf("findings[i].region");
AccessKeyId = jResp.stringOf("findings[i].resource.accessKeyDetails.accessKeyId");
PrincipalId = jResp.stringOf("findings[i].resource.accessKeyDetails.principalId");
UserName = jResp.stringOf("findings[i].resource.accessKeyDetails.userName");
UserType = jResp.stringOf("findings[i].resource.accessKeyDetails.userType");
Arn = jResp.stringOf("findings[i].resource.eksClusterDetails.arn");
CreatedAt = jResp.IntOf("findings[i].resource.eksClusterDetails.createdAt");
Name = jResp.stringOf("findings[i].resource.eksClusterDetails.name");
Status = jResp.stringOf("findings[i].resource.eksClusterDetails.status");
VpcId = jResp.stringOf("findings[i].resource.eksClusterDetails.vpcId");
AvailabilityZone = jResp.stringOf("findings[i].resource.instanceDetails.availabilityZone");
IamInstanceProfileArn = jResp.stringOf("findings[i].resource.instanceDetails.iamInstanceProfile.arn");
Id = jResp.stringOf("findings[i].resource.instanceDetails.iamInstanceProfile.id");
ImageDescription = jResp.stringOf("findings[i].resource.instanceDetails.imageDescription");
ImageId = jResp.stringOf("findings[i].resource.instanceDetails.imageId");
InstanceId = jResp.stringOf("findings[i].resource.instanceDetails.instanceId");
InstanceState = jResp.stringOf("findings[i].resource.instanceDetails.instanceState");
InstanceType = jResp.stringOf("findings[i].resource.instanceDetails.instanceType");
LaunchTime = jResp.stringOf("findings[i].resource.instanceDetails.launchTime");
OutpostArn = jResp.stringOf("findings[i].resource.instanceDetails.outpostArn");
Platform = jResp.stringOf("findings[i].resource.instanceDetails.platform");
Uid = jResp.stringOf("findings[i].resource.kubernetesDetails.kubernetesUserDetails.uid");
Username = jResp.stringOf("findings[i].resource.kubernetesDetails.kubernetesUserDetails.username");
HostNetwork = jResp.IntOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.hostNetwork");
KubernetesWorkloadDetailsName = jResp.stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.name");
Namespace = jResp.stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.namespace");
v_Type = jResp.stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.type");
KubernetesWorkloadDetailsUid = jResp.stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.uid");
ResourceType = jResp.stringOf("findings[i].resource.resourceType");
schemaVersion = jResp.stringOf("findings[i].schemaVersion");
ActionType = jResp.stringOf("findings[i].service.action.actionType");
Api = jResp.stringOf("findings[i].service.action.awsApiCallAction.api");
CallerType = jResp.stringOf("findings[i].service.action.awsApiCallAction.callerType");
Domain = jResp.stringOf("findings[i].service.action.awsApiCallAction.domainDetails.domain");
ErrorCode = jResp.stringOf("findings[i].service.action.awsApiCallAction.errorCode");
AccountId = jResp.stringOf("findings[i].service.action.awsApiCallAction.remoteAccountDetails.accountId");
Affiliated = jResp.IntOf("findings[i].service.action.awsApiCallAction.remoteAccountDetails.affiliated");
CityName = jResp.stringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.city.cityName");
CountryCode = jResp.stringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.country.countryCode");
CountryName = jResp.stringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.country.countryName");
Lat = jResp.IntOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.geoLocation.lat");
Lon = jResp.IntOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.geoLocation.lon");
IpAddressV4 = jResp.stringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.ipAddressV4");
v_Asn = jResp.stringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.organization.asn");
AsnOrg = jResp.stringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg");
Isp = jResp.stringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.organization.isp");
Org = jResp.stringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.organization.org");
ServiceName = jResp.stringOf("findings[i].service.action.awsApiCallAction.serviceName");
UserAgent = jResp.stringOf("findings[i].service.action.awsApiCallAction.userAgent");
DnsRequestActionDomain = jResp.stringOf("findings[i].service.action.dnsRequestAction.domain");
Parameters = jResp.stringOf("findings[i].service.action.kubernetesApiCallAction.parameters");
CityCityName = jResp.stringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.city.cityName");
CountryCountryCode = jResp.stringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.country.countryCode");
CountryCountryName = jResp.stringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.country.countryName");
GeoLocationLat = jResp.IntOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.geoLocation.lat");
GeoLocationLon = jResp.IntOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.geoLocation.lon");
RemoteIpDetailsIpAddressV4 = jResp.stringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV4");
OrganizationAsn = jResp.stringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.organization.asn");
OrganizationAsnOrg = jResp.stringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.organization.asnOrg");
OrganizationIsp = jResp.stringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.organization.isp");
OrganizationOrg = jResp.stringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.organization.org");
RequestUri = jResp.stringOf("findings[i].service.action.kubernetesApiCallAction.requestUri");
StatusCode = jResp.IntOf("findings[i].service.action.kubernetesApiCallAction.statusCode");
KubernetesApiCallActionUserAgent = jResp.stringOf("findings[i].service.action.kubernetesApiCallAction.userAgent");
Verb = jResp.stringOf("findings[i].service.action.kubernetesApiCallAction.verb");
Blocked = jResp.IntOf("findings[i].service.action.networkConnectionAction.blocked");
ConnectionDirection = jResp.stringOf("findings[i].service.action.networkConnectionAction.connectionDirection");
LocalIpDetailsIpAddressV4 = jResp.stringOf("findings[i].service.action.networkConnectionAction.localIpDetails.ipAddressV4");
Port = jResp.IntOf("findings[i].service.action.networkConnectionAction.localPortDetails.port");
PortName = jResp.stringOf("findings[i].service.action.networkConnectionAction.localPortDetails.portName");
Protocol = jResp.stringOf("findings[i].service.action.networkConnectionAction.protocol");
CityCityName = jResp.stringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.city.cityName");
CountryCountryCode = jResp.stringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.country.countryCode");
CountryCountryName = jResp.stringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.country.countryName");
GeoLocationLat = jResp.IntOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.geoLocation.lat");
GeoLocationLon = jResp.IntOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.geoLocation.lon");
RemoteIpDetailsIpAddressV4 = jResp.stringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.ipAddressV4");
OrganizationAsn = jResp.stringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.organization.asn");
OrganizationAsnOrg = jResp.stringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg");
OrganizationIsp = jResp.stringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.organization.isp");
OrganizationOrg = jResp.stringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.organization.org");
RemotePortDetailsPort = jResp.IntOf("findings[i].service.action.networkConnectionAction.remotePortDetails.port");
RemotePortDetailsPortName = jResp.stringOf("findings[i].service.action.networkConnectionAction.remotePortDetails.portName");
PortProbeActionBlocked = jResp.IntOf("findings[i].service.action.portProbeAction.blocked");
Archived = jResp.IntOf("findings[i].service.archived");
Count = jResp.IntOf("findings[i].service.count");
DetectorId = jResp.stringOf("findings[i].service.detectorId");
EventFirstSeen = jResp.stringOf("findings[i].service.eventFirstSeen");
EventLastSeen = jResp.stringOf("findings[i].service.eventLastSeen");
ResourceRole = jResp.stringOf("findings[i].service.resourceRole");
serviceServiceName = jResp.stringOf("findings[i].service.serviceName");
UserFeedback = jResp.stringOf("findings[i].service.userFeedback");
severity = jResp.IntOf("findings[i].severity");
title = jResp.stringOf("findings[i].title");
v_type = jResp.stringOf("findings[i].type");
updatedAt = jResp.stringOf("findings[i].updatedAt");
j = 0;
count_j = jResp.SizeOfArray("findings[i].resource.eksClusterDetails.tags");
while (j < count_j) {
jResp.put_J(j);
key = jResp.stringOf("findings[i].resource.eksClusterDetails.tags[j].key");
value = jResp.stringOf("findings[i].resource.eksClusterDetails.tags[j].value");
j = j + 1;
}
j = 0;
count_j = jResp.SizeOfArray("findings[i].resource.instanceDetails.networkInterfaces");
while (j < count_j) {
jResp.put_J(j);
networkInterfaceId = jResp.stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].networkInterfaceId");
privateDnsName = jResp.stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].privateDnsName");
privateIpAddress = jResp.stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].privateIpAddress");
publicDnsName = jResp.stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].publicDnsName");
publicIp = jResp.stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].publicIp");
subnetId = jResp.stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].subnetId");
vpcId = jResp.stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].vpcId");
k = 0;
count_k = jResp.SizeOfArray("findings[i].resource.instanceDetails.networkInterfaces[j].ipv6Addresses");
while (k < count_k) {
jResp.put_K(k);
strVal = jResp.stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].ipv6Addresses[k]");
k = k + 1;
}
k = 0;
count_k = jResp.SizeOfArray("findings[i].resource.instanceDetails.networkInterfaces[j].privateIpAddresses");
while (k < count_k) {
jResp.put_K(k);
privateDnsName = jResp.stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].privateIpAddresses[k].privateDnsName");
privateIpAddress = jResp.stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].privateIpAddresses[k].privateIpAddress");
k = k + 1;
}
k = 0;
count_k = jResp.SizeOfArray("findings[i].resource.instanceDetails.networkInterfaces[j].securityGroups");
while (k < count_k) {
jResp.put_K(k);
groupId = jResp.stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].securityGroups[k].groupId");
groupName = jResp.stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].securityGroups[k].groupName");
k = k + 1;
}
j = j + 1;
}
j = 0;
count_j = jResp.SizeOfArray("findings[i].resource.instanceDetails.productCodes");
while (j < count_j) {
jResp.put_J(j);
code = jResp.stringOf("findings[i].resource.instanceDetails.productCodes[j].code");
productType = jResp.stringOf("findings[i].resource.instanceDetails.productCodes[j].productType");
j = j + 1;
}
j = 0;
count_j = jResp.SizeOfArray("findings[i].resource.instanceDetails.tags");
while (j < count_j) {
jResp.put_J(j);
key = jResp.stringOf("findings[i].resource.instanceDetails.tags[j].key");
value = jResp.stringOf("findings[i].resource.instanceDetails.tags[j].value");
j = j + 1;
}
j = 0;
count_j = jResp.SizeOfArray("findings[i].resource.kubernetesDetails.kubernetesUserDetails.groups");
while (j < count_j) {
jResp.put_J(j);
strVal = jResp.stringOf("findings[i].resource.kubernetesDetails.kubernetesUserDetails.groups[j]");
j = j + 1;
}
j = 0;
count_j = jResp.SizeOfArray("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers");
while (j < count_j) {
jResp.put_J(j);
containerRuntime = jResp.stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].containerRuntime");
id = jResp.stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].id");
image = jResp.stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].image");
imagePrefix = jResp.stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].imagePrefix");
name = jResp.stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].name");
Privileged = jResp.IntOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].securityContext.privileged");
k = 0;
count_k = jResp.SizeOfArray("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].volumeMounts");
while (k < count_k) {
jResp.put_K(k);
mountPath = jResp.stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].volumeMounts[k].mountPath");
name = jResp.stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].volumeMounts[k].name");
k = k + 1;
}
j = j + 1;
}
j = 0;
count_j = jResp.SizeOfArray("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.volumes");
while (j < count_j) {
jResp.put_J(j);
Path = jResp.stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.volumes[j].hostPath.path");
name = jResp.stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.volumes[j].name");
j = j + 1;
}
j = 0;
count_j = jResp.SizeOfArray("findings[i].resource.s3BucketDetails");
while (j < count_j) {
jResp.put_J(j);
arn = jResp.stringOf("findings[i].resource.s3BucketDetails[j].arn");
createdAt_int = jResp.IntOf("findings[i].resource.s3BucketDetails[j].createdAt");
EncryptionType = jResp.stringOf("findings[i].resource.s3BucketDetails[j].defaultServerSideEncryption.encryptionType");
KmsMasterKeyArn = jResp.stringOf("findings[i].resource.s3BucketDetails[j].defaultServerSideEncryption.kmsMasterKeyArn");
name = jResp.stringOf("findings[i].resource.s3BucketDetails[j].name");
ownerId = jResp.stringOf("findings[i].resource.s3BucketDetails[j].owner.id");
EffectivePermission = jResp.stringOf("findings[i].resource.s3BucketDetails[j].publicAccess.effectivePermission");
BlockPublicAcls = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.accountLevelPermissions.blockPublicAccess.blockPublicAcls");
BlockPublicPolicy = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.accountLevelPermissions.blockPublicAccess.blockPublicPolicy");
IgnorePublicAcls = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.accountLevelPermissions.blockPublicAccess.ignorePublicAcls");
RestrictPublicBuckets = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.accountLevelPermissions.blockPublicAccess.restrictPublicBuckets");
AllowsPublicReadAccess = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.accessControlList.allowsPublicReadAccess");
AllowsPublicWriteAccess = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.accessControlList.allowsPublicWriteAccess");
BlockPublicAccessBlockPublicAcls = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.blockPublicAccess.blockPublicAcls");
BlockPublicAccessBlockPublicPolicy = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.blockPublicAccess.blockPublicPolicy");
BlockPublicAccessIgnorePublicAcls = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.blockPublicAccess.ignorePublicAcls");
BlockPublicAccessRestrictPublicBuckets = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.blockPublicAccess.restrictPublicBuckets");
BucketPolicyAllowsPublicReadAccess = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.bucketPolicy.allowsPublicReadAccess");
BucketPolicyAllowsPublicWriteAccess = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.bucketPolicy.allowsPublicWriteAccess");
v_type = jResp.stringOf("findings[i].resource.s3BucketDetails[j].type");
k = 0;
count_k = jResp.SizeOfArray("findings[i].resource.s3BucketDetails[j].tags");
while (k < count_k) {
jResp.put_K(k);
key = jResp.stringOf("findings[i].resource.s3BucketDetails[j].tags[k].key");
value = jResp.stringOf("findings[i].resource.s3BucketDetails[j].tags[k].value");
k = k + 1;
}
j = j + 1;
}
j = 0;
count_j = jResp.SizeOfArray("findings[i].service.action.kubernetesApiCallAction.sourceIps");
while (j < count_j) {
jResp.put_J(j);
strVal = jResp.stringOf("findings[i].service.action.kubernetesApiCallAction.sourceIps[j]");
j = j + 1;
}
j = 0;
count_j = jResp.SizeOfArray("findings[i].service.action.portProbeAction.portProbeDetails");
while (j < count_j) {
jResp.put_J(j);
localIpDetailsIpAddressV4 = jResp.stringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].localIpDetails.ipAddressV4");
localPortDetailsPort = jResp.IntOf("findings[i].service.action.portProbeAction.portProbeDetails[j].localPortDetails.port");
localPortDetailsPortName = jResp.stringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].localPortDetails.portName");
CityCityName = jResp.stringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.city.cityName");
CountryCountryCode = jResp.stringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.country.countryCode");
CountryCountryName = jResp.stringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.country.countryName");
GeoLocationLat = jResp.IntOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.geoLocation.lat");
GeoLocationLon = jResp.IntOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.geoLocation.lon");
remoteIpDetailsIpAddressV4 = jResp.stringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.ipAddressV4");
OrganizationAsn = jResp.stringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.organization.asn");
OrganizationAsnOrg = jResp.stringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.organization.asnOrg");
OrganizationIsp = jResp.stringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.organization.isp");
OrganizationOrg = jResp.stringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.organization.org");
j = j + 1;
}
j = 0;
count_j = jResp.SizeOfArray("findings[i].service.evidence.threatIntelligenceDetails");
while (j < count_j) {
jResp.put_J(j);
threatListName = jResp.stringOf("findings[i].service.evidence.threatIntelligenceDetails[j].threatListName");
k = 0;
count_k = jResp.SizeOfArray("findings[i].service.evidence.threatIntelligenceDetails[j].threatNames");
while (k < count_k) {
jResp.put_K(k);
strVal = jResp.stringOf("findings[i].service.evidence.threatIntelligenceDetails[j].threatNames[k]");
k = k + 1;
}
j = j + 1;
}
i = i + 1;
}
// A sample JSON response body parsed by the above code:
// {
// "findings": [
// {
// "accountId": "string",
// "arn": "string",
// "confidence": number,
// "createdAt": "string",
// "description": "string",
// "id": "string",
// "partition": "string",
// "region": "string",
// "resource": {
// "accessKeyDetails": {
// "accessKeyId": "string",
// "principalId": "string",
// "userName": "string",
// "userType": "string"
// },
// "eksClusterDetails": {
// "arn": "string",
// "createdAt": number,
// "name": "string",
// "status": "string",
// "tags": [
// {
// "key": "string",
// "value": "string"
// }
// ],
// "vpcId": "string"
// },
// "instanceDetails": {
// "availabilityZone": "string",
// "iamInstanceProfile": {
// "arn": "string",
// "id": "string"
// },
// "imageDescription": "string",
// "imageId": "string",
// "instanceId": "string",
// "instanceState": "string",
// "instanceType": "string",
// "launchTime": "string",
// "networkInterfaces": [
// {
// "ipv6Addresses": [
// "string"
// ],
// "networkInterfaceId": "string",
// "privateDnsName": "string",
// "privateIpAddress": "string",
// "privateIpAddresses": [
// {
// "privateDnsName": "string",
// "privateIpAddress": "string"
// }
// ],
// "publicDnsName": "string",
// "publicIp": "string",
// "securityGroups": [
// {
// "groupId": "string",
// "groupName": "string"
// }
// ],
// "subnetId": "string",
// "vpcId": "string"
// }
// ],
// "outpostArn": "string",
// "platform": "string",
// "productCodes": [
// {
// "code": "string",
// "productType": "string"
// }
// ],
// "tags": [
// {
// "key": "string",
// "value": "string"
// }
// ]
// },
// "kubernetesDetails": {
// "kubernetesUserDetails": {
// "groups": [
// "string"
// ],
// "uid": "string",
// "username": "string"
// },
// "kubernetesWorkloadDetails": {
// "containers": [
// {
// "containerRuntime": "string",
// "id": "string",
// "image": "string",
// "imagePrefix": "string",
// "name": "string",
// "securityContext": {
// "privileged": boolean
// },
// "volumeMounts": [
// {
// "mountPath": "string",
// "name": "string"
// }
// ]
// }
// ],
// "hostNetwork": boolean,
// "name": "string",
// "namespace": "string",
// "type": "string",
// "uid": "string",
// "volumes": [
// {
// "hostPath": {
// "path": "string"
// },
// "name": "string"
// }
// ]
// }
// },
// "resourceType": "string",
// "s3BucketDetails": [
// {
// "arn": "string",
// "createdAt": number,
// "defaultServerSideEncryption": {
// "encryptionType": "string",
// "kmsMasterKeyArn": "string"
// },
// "name": "string",
// "owner": {
// "id": "string"
// },
// "publicAccess": {
// "effectivePermission": "string",
// "permissionConfiguration": {
// "accountLevelPermissions": {
// "blockPublicAccess": {
// "blockPublicAcls": boolean,
// "blockPublicPolicy": boolean,
// "ignorePublicAcls": boolean,
// "restrictPublicBuckets": boolean
// }
// },
// "bucketLevelPermissions": {
// "accessControlList": {
// "allowsPublicReadAccess": boolean,
// "allowsPublicWriteAccess": boolean
// },
// "blockPublicAccess": {
// "blockPublicAcls": boolean,
// "blockPublicPolicy": boolean,
// "ignorePublicAcls": boolean,
// "restrictPublicBuckets": boolean
// },
// "bucketPolicy": {
// "allowsPublicReadAccess": boolean,
// "allowsPublicWriteAccess": boolean
// }
// }
// }
// },
// "tags": [
// {
// "key": "string",
// "value": "string"
// }
// ],
// "type": "string"
// }
// ]
// },
// "schemaVersion": "string",
// "service": {
// "action": {
// "actionType": "string",
// "awsApiCallAction": {
// "api": "string",
// "callerType": "string",
// "domainDetails": {
// "domain": "string"
// },
// "errorCode": "string",
// "remoteAccountDetails": {
// "accountId": "string",
// "affiliated": boolean
// },
// "remoteIpDetails": {
// "city": {
// "cityName": "string"
// },
// "country": {
// "countryCode": "string",
// "countryName": "string"
// },
// "geoLocation": {
// "lat": number,
// "lon": number
// },
// "ipAddressV4": "string",
// "organization": {
// "asn": "string",
// "asnOrg": "string",
// "isp": "string",
// "org": "string"
// }
// },
// "serviceName": "string",
// "userAgent": "string"
// },
// "dnsRequestAction": {
// "domain": "string"
// },
// "kubernetesApiCallAction": {
// "parameters": "string",
// "remoteIpDetails": {
// "city": {
// "cityName": "string"
// },
// "country": {
// "countryCode": "string",
// "countryName": "string"
// },
// "geoLocation": {
// "lat": number,
// "lon": number
// },
// "ipAddressV4": "string",
// "organization": {
// "asn": "string",
// "asnOrg": "string",
// "isp": "string",
// "org": "string"
// }
// },
// "requestUri": "string",
// "sourceIps": [
// "string"
// ],
// "statusCode": number,
// "userAgent": "string",
// "verb": "string"
// },
// "networkConnectionAction": {
// "blocked": boolean,
// "connectionDirection": "string",
// "localIpDetails": {
// "ipAddressV4": "string"
// },
// "localPortDetails": {
// "port": number,
// "portName": "string"
// },
// "protocol": "string",
// "remoteIpDetails": {
// "city": {
// "cityName": "string"
// },
// "country": {
// "countryCode": "string",
// "countryName": "string"
// },
// "geoLocation": {
// "lat": number,
// "lon": number
// },
// "ipAddressV4": "string",
// "organization": {
// "asn": "string",
// "asnOrg": "string",
// "isp": "string",
// "org": "string"
// }
// },
// "remotePortDetails": {
// "port": number,
// "portName": "string"
// }
// },
// "portProbeAction": {
// "blocked": boolean,
// "portProbeDetails": [
// {
// "localIpDetails": {
// "ipAddressV4": "string"
// },
// "localPortDetails": {
// "port": number,
// "portName": "string"
// },
// "remoteIpDetails": {
// "city": {
// "cityName": "string"
// },
// "country": {
// "countryCode": "string",
// "countryName": "string"
// },
// "geoLocation": {
// "lat": number,
// "lon": number
// },
// "ipAddressV4": "string",
// "organization": {
// "asn": "string",
// "asnOrg": "string",
// "isp": "string",
// "org": "string"
// }
// }
// }
// ]
// }
// },
// "archived": boolean,
// "count": number,
// "detectorId": "string",
// "eventFirstSeen": "string",
// "eventLastSeen": "string",
// "evidence": {
// "threatIntelligenceDetails": [
// {
// "threatListName": "string",
// "threatNames": [
// "string"
// ]
// }
// ]
// },
// "resourceRole": "string",
// "serviceName": "string",
// "userFeedback": "string"
// },
// "severity": number,
// "title": "string",
// "type": "string",
// "updatedAt": "string"
// }
// ]
// }
}
