GetFindings C# Example
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
Chilkat.Rest rest = new Chilkat.Rest();
bool success;
Chilkat.AuthAws authAws = new Chilkat.AuthAws();
authAws.AccessKey = "AWS_ACCESS_KEY";
authAws.SecretKey = "AWS_SECRET_KEY";
// Don't forget to change the region to your particular region. (Also make the same change in the call to Connect below.)
authAws.Region = "us-west-2";
authAws.ServiceName = "guardduty";
// SetAuthAws causes Chilkat to automatically add the following headers: Authorization, X-Amz-Date
rest.SetAuthAws(authAws);
// URL: https://guardduty.us-west-2.amazonaws.com/
// Use the same region as specified above.
success = rest.Connect("guardduty.us-west-2.amazonaws.com",443,true,true);
if (success != true) {
Debug.WriteLine("ConnectFailReason: " + Convert.ToString(rest.ConnectFailReason));
Debug.WriteLine(rest.LastErrorText);
return;
}
// The following code creates the JSON request body.
// The JSON created by this code is shown below.
// Use this online tool to generate code from sample JSON:
// Generate Code to Create JSON
Chilkat.JsonObject json = new Chilkat.JsonObject();
json.UpdateString("findingIds[0]","string");
json.UpdateString("sortCriteria.attributeName","string");
json.UpdateString("sortCriteria.orderBy","string");
// The JSON request body created by the above code:
// {
// "findingIds": [
// "string"
// ],
// "sortCriteria": {
// "attributeName": "string",
// "orderBy": "string"
// }
// }
rest.AddHeader("Content-Type","application/x-amz-json-1.1");
rest.AddHeader("X-Amz-Target","GetFindings");
Chilkat.StringBuilder sbRequestBody = new Chilkat.StringBuilder();
json.EmitSb(sbRequestBody);
Chilkat.StringBuilder sbResponseBody = new Chilkat.StringBuilder();
success = rest.FullRequestSb("POST","/detector/{detectorId}/findings/get",sbRequestBody,sbResponseBody);
if (success != true) {
Debug.WriteLine(rest.LastErrorText);
return;
}
int respStatusCode = rest.ResponseStatusCode;
Debug.WriteLine("response status code = " + Convert.ToString(respStatusCode));
if (respStatusCode != 200) {
Debug.WriteLine("Response Header:");
Debug.WriteLine(rest.ResponseHeader);
Debug.WriteLine("Response Body:");
Debug.WriteLine(sbResponseBody.GetAsString());
return;
}
Chilkat.JsonObject jResp = new Chilkat.JsonObject();
jResp.LoadSb(sbResponseBody);
// The following code parses the JSON response.
// A sample JSON response is shown below the sample code.
// Use this online tool to generate parsing code from sample JSON:
// Generate Parsing Code from JSON
string accountId;
string arn;
int confidence;
string createdAt;
string description;
string id;
string partition;
string region;
string AccessKeyId;
string PrincipalId;
string UserName;
string UserType;
string Arn;
int CreatedAt;
string Name;
string Status;
string VpcId;
string AvailabilityZone;
string IamInstanceProfileArn;
string Id;
string ImageDescription;
string ImageId;
string InstanceId;
string InstanceState;
string InstanceType;
string LaunchTime;
string OutpostArn;
string Platform;
string Uid;
string Username;
int HostNetwork;
string KubernetesWorkloadDetailsName;
string Namespace;
string v_Type;
string KubernetesWorkloadDetailsUid;
string ResourceType;
string schemaVersion;
string ActionType;
string Api;
string CallerType;
string Domain;
string ErrorCode;
string AccountId;
int Affiliated;
string CityName;
string CountryCode;
string CountryName;
int Lat;
int Lon;
string IpAddressV4;
string v_Asn;
string AsnOrg;
string Isp;
string Org;
string ServiceName;
string UserAgent;
string DnsRequestActionDomain;
string Parameters;
string CityCityName;
string CountryCountryCode;
string CountryCountryName;
int GeoLocationLat;
int GeoLocationLon;
string RemoteIpDetailsIpAddressV4;
string OrganizationAsn;
string OrganizationAsnOrg;
string OrganizationIsp;
string OrganizationOrg;
string RequestUri;
int StatusCode;
string KubernetesApiCallActionUserAgent;
string Verb;
int Blocked;
string ConnectionDirection;
string LocalIpDetailsIpAddressV4;
int Port;
string PortName;
string Protocol;
int RemotePortDetailsPort;
string RemotePortDetailsPortName;
int PortProbeActionBlocked;
int Archived;
int Count;
string DetectorId;
string EventFirstSeen;
string EventLastSeen;
string ResourceRole;
string serviceServiceName;
string UserFeedback;
int severity;
string title;
string v_type;
string updatedAt;
int j;
int count_j;
string key;
string value;
string networkInterfaceId;
string privateDnsName;
string privateIpAddress;
string publicDnsName;
string publicIp;
string subnetId;
string vpcId;
int k;
int count_k;
string strVal;
string groupId;
string groupName;
string code;
string productType;
string containerRuntime;
string image;
string imagePrefix;
string name;
int Privileged;
string mountPath;
string Path;
int createdAt_int;
string EncryptionType;
string KmsMasterKeyArn;
string ownerId;
string EffectivePermission;
int BlockPublicAcls;
int BlockPublicPolicy;
int IgnorePublicAcls;
int RestrictPublicBuckets;
int AllowsPublicReadAccess;
int AllowsPublicWriteAccess;
int BlockPublicAccessBlockPublicAcls;
int BlockPublicAccessBlockPublicPolicy;
int BlockPublicAccessIgnorePublicAcls;
int BlockPublicAccessRestrictPublicBuckets;
int BucketPolicyAllowsPublicReadAccess;
int BucketPolicyAllowsPublicWriteAccess;
string localIpDetailsIpAddressV4;
int localPortDetailsPort;
string localPortDetailsPortName;
string remoteIpDetailsIpAddressV4;
string threatListName;
int i = 0;
int count_i = jResp.SizeOfArray("findings");
while (i < count_i) {
jResp.I = i;
accountId = jResp.StringOf("findings[i].accountId");
arn = jResp.StringOf("findings[i].arn");
confidence = jResp.IntOf("findings[i].confidence");
createdAt = jResp.StringOf("findings[i].createdAt");
description = jResp.StringOf("findings[i].description");
id = jResp.StringOf("findings[i].id");
partition = jResp.StringOf("findings[i].partition");
region = jResp.StringOf("findings[i].region");
AccessKeyId = jResp.StringOf("findings[i].resource.accessKeyDetails.accessKeyId");
PrincipalId = jResp.StringOf("findings[i].resource.accessKeyDetails.principalId");
UserName = jResp.StringOf("findings[i].resource.accessKeyDetails.userName");
UserType = jResp.StringOf("findings[i].resource.accessKeyDetails.userType");
Arn = jResp.StringOf("findings[i].resource.eksClusterDetails.arn");
CreatedAt = jResp.IntOf("findings[i].resource.eksClusterDetails.createdAt");
Name = jResp.StringOf("findings[i].resource.eksClusterDetails.name");
Status = jResp.StringOf("findings[i].resource.eksClusterDetails.status");
VpcId = jResp.StringOf("findings[i].resource.eksClusterDetails.vpcId");
AvailabilityZone = jResp.StringOf("findings[i].resource.instanceDetails.availabilityZone");
IamInstanceProfileArn = jResp.StringOf("findings[i].resource.instanceDetails.iamInstanceProfile.arn");
Id = jResp.StringOf("findings[i].resource.instanceDetails.iamInstanceProfile.id");
ImageDescription = jResp.StringOf("findings[i].resource.instanceDetails.imageDescription");
ImageId = jResp.StringOf("findings[i].resource.instanceDetails.imageId");
InstanceId = jResp.StringOf("findings[i].resource.instanceDetails.instanceId");
InstanceState = jResp.StringOf("findings[i].resource.instanceDetails.instanceState");
InstanceType = jResp.StringOf("findings[i].resource.instanceDetails.instanceType");
LaunchTime = jResp.StringOf("findings[i].resource.instanceDetails.launchTime");
OutpostArn = jResp.StringOf("findings[i].resource.instanceDetails.outpostArn");
Platform = jResp.StringOf("findings[i].resource.instanceDetails.platform");
Uid = jResp.StringOf("findings[i].resource.kubernetesDetails.kubernetesUserDetails.uid");
Username = jResp.StringOf("findings[i].resource.kubernetesDetails.kubernetesUserDetails.username");
HostNetwork = jResp.IntOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.hostNetwork");
KubernetesWorkloadDetailsName = jResp.StringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.name");
Namespace = jResp.StringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.namespace");
v_Type = jResp.StringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.type");
KubernetesWorkloadDetailsUid = jResp.StringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.uid");
ResourceType = jResp.StringOf("findings[i].resource.resourceType");
schemaVersion = jResp.StringOf("findings[i].schemaVersion");
ActionType = jResp.StringOf("findings[i].service.action.actionType");
Api = jResp.StringOf("findings[i].service.action.awsApiCallAction.api");
CallerType = jResp.StringOf("findings[i].service.action.awsApiCallAction.callerType");
Domain = jResp.StringOf("findings[i].service.action.awsApiCallAction.domainDetails.domain");
ErrorCode = jResp.StringOf("findings[i].service.action.awsApiCallAction.errorCode");
AccountId = jResp.StringOf("findings[i].service.action.awsApiCallAction.remoteAccountDetails.accountId");
Affiliated = jResp.IntOf("findings[i].service.action.awsApiCallAction.remoteAccountDetails.affiliated");
CityName = jResp.StringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.city.cityName");
CountryCode = jResp.StringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.country.countryCode");
CountryName = jResp.StringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.country.countryName");
Lat = jResp.IntOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.geoLocation.lat");
Lon = jResp.IntOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.geoLocation.lon");
IpAddressV4 = jResp.StringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.ipAddressV4");
v_Asn = jResp.StringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.organization.asn");
AsnOrg = jResp.StringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg");
Isp = jResp.StringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.organization.isp");
Org = jResp.StringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.organization.org");
ServiceName = jResp.StringOf("findings[i].service.action.awsApiCallAction.serviceName");
UserAgent = jResp.StringOf("findings[i].service.action.awsApiCallAction.userAgent");
DnsRequestActionDomain = jResp.StringOf("findings[i].service.action.dnsRequestAction.domain");
Parameters = jResp.StringOf("findings[i].service.action.kubernetesApiCallAction.parameters");
CityCityName = jResp.StringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.city.cityName");
CountryCountryCode = jResp.StringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.country.countryCode");
CountryCountryName = jResp.StringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.country.countryName");
GeoLocationLat = jResp.IntOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.geoLocation.lat");
GeoLocationLon = jResp.IntOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.geoLocation.lon");
RemoteIpDetailsIpAddressV4 = jResp.StringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV4");
OrganizationAsn = jResp.StringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.organization.asn");
OrganizationAsnOrg = jResp.StringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.organization.asnOrg");
OrganizationIsp = jResp.StringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.organization.isp");
OrganizationOrg = jResp.StringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.organization.org");
RequestUri = jResp.StringOf("findings[i].service.action.kubernetesApiCallAction.requestUri");
StatusCode = jResp.IntOf("findings[i].service.action.kubernetesApiCallAction.statusCode");
KubernetesApiCallActionUserAgent = jResp.StringOf("findings[i].service.action.kubernetesApiCallAction.userAgent");
Verb = jResp.StringOf("findings[i].service.action.kubernetesApiCallAction.verb");
Blocked = jResp.IntOf("findings[i].service.action.networkConnectionAction.blocked");
ConnectionDirection = jResp.StringOf("findings[i].service.action.networkConnectionAction.connectionDirection");
LocalIpDetailsIpAddressV4 = jResp.StringOf("findings[i].service.action.networkConnectionAction.localIpDetails.ipAddressV4");
Port = jResp.IntOf("findings[i].service.action.networkConnectionAction.localPortDetails.port");
PortName = jResp.StringOf("findings[i].service.action.networkConnectionAction.localPortDetails.portName");
Protocol = jResp.StringOf("findings[i].service.action.networkConnectionAction.protocol");
CityCityName = jResp.StringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.city.cityName");
CountryCountryCode = jResp.StringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.country.countryCode");
CountryCountryName = jResp.StringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.country.countryName");
GeoLocationLat = jResp.IntOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.geoLocation.lat");
GeoLocationLon = jResp.IntOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.geoLocation.lon");
RemoteIpDetailsIpAddressV4 = jResp.StringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.ipAddressV4");
OrganizationAsn = jResp.StringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.organization.asn");
OrganizationAsnOrg = jResp.StringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg");
OrganizationIsp = jResp.StringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.organization.isp");
OrganizationOrg = jResp.StringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.organization.org");
RemotePortDetailsPort = jResp.IntOf("findings[i].service.action.networkConnectionAction.remotePortDetails.port");
RemotePortDetailsPortName = jResp.StringOf("findings[i].service.action.networkConnectionAction.remotePortDetails.portName");
PortProbeActionBlocked = jResp.IntOf("findings[i].service.action.portProbeAction.blocked");
Archived = jResp.IntOf("findings[i].service.archived");
Count = jResp.IntOf("findings[i].service.count");
DetectorId = jResp.StringOf("findings[i].service.detectorId");
EventFirstSeen = jResp.StringOf("findings[i].service.eventFirstSeen");
EventLastSeen = jResp.StringOf("findings[i].service.eventLastSeen");
ResourceRole = jResp.StringOf("findings[i].service.resourceRole");
serviceServiceName = jResp.StringOf("findings[i].service.serviceName");
UserFeedback = jResp.StringOf("findings[i].service.userFeedback");
severity = jResp.IntOf("findings[i].severity");
title = jResp.StringOf("findings[i].title");
v_type = jResp.StringOf("findings[i].type");
updatedAt = jResp.StringOf("findings[i].updatedAt");
j = 0;
count_j = jResp.SizeOfArray("findings[i].resource.eksClusterDetails.tags");
while (j < count_j) {
jResp.J = j;
key = jResp.StringOf("findings[i].resource.eksClusterDetails.tags[j].key");
value = jResp.StringOf("findings[i].resource.eksClusterDetails.tags[j].value");
j = j + 1;
}
j = 0;
count_j = jResp.SizeOfArray("findings[i].resource.instanceDetails.networkInterfaces");
while (j < count_j) {
jResp.J = j;
networkInterfaceId = jResp.StringOf("findings[i].resource.instanceDetails.networkInterfaces[j].networkInterfaceId");
privateDnsName = jResp.StringOf("findings[i].resource.instanceDetails.networkInterfaces[j].privateDnsName");
privateIpAddress = jResp.StringOf("findings[i].resource.instanceDetails.networkInterfaces[j].privateIpAddress");
publicDnsName = jResp.StringOf("findings[i].resource.instanceDetails.networkInterfaces[j].publicDnsName");
publicIp = jResp.StringOf("findings[i].resource.instanceDetails.networkInterfaces[j].publicIp");
subnetId = jResp.StringOf("findings[i].resource.instanceDetails.networkInterfaces[j].subnetId");
vpcId = jResp.StringOf("findings[i].resource.instanceDetails.networkInterfaces[j].vpcId");
k = 0;
count_k = jResp.SizeOfArray("findings[i].resource.instanceDetails.networkInterfaces[j].ipv6Addresses");
while (k < count_k) {
jResp.K = k;
strVal = jResp.StringOf("findings[i].resource.instanceDetails.networkInterfaces[j].ipv6Addresses[k]");
k = k + 1;
}
k = 0;
count_k = jResp.SizeOfArray("findings[i].resource.instanceDetails.networkInterfaces[j].privateIpAddresses");
while (k < count_k) {
jResp.K = k;
privateDnsName = jResp.StringOf("findings[i].resource.instanceDetails.networkInterfaces[j].privateIpAddresses[k].privateDnsName");
privateIpAddress = jResp.StringOf("findings[i].resource.instanceDetails.networkInterfaces[j].privateIpAddresses[k].privateIpAddress");
k = k + 1;
}
k = 0;
count_k = jResp.SizeOfArray("findings[i].resource.instanceDetails.networkInterfaces[j].securityGroups");
while (k < count_k) {
jResp.K = k;
groupId = jResp.StringOf("findings[i].resource.instanceDetails.networkInterfaces[j].securityGroups[k].groupId");
groupName = jResp.StringOf("findings[i].resource.instanceDetails.networkInterfaces[j].securityGroups[k].groupName");
k = k + 1;
}
j = j + 1;
}
j = 0;
count_j = jResp.SizeOfArray("findings[i].resource.instanceDetails.productCodes");
while (j < count_j) {
jResp.J = j;
code = jResp.StringOf("findings[i].resource.instanceDetails.productCodes[j].code");
productType = jResp.StringOf("findings[i].resource.instanceDetails.productCodes[j].productType");
j = j + 1;
}
j = 0;
count_j = jResp.SizeOfArray("findings[i].resource.instanceDetails.tags");
while (j < count_j) {
jResp.J = j;
key = jResp.StringOf("findings[i].resource.instanceDetails.tags[j].key");
value = jResp.StringOf("findings[i].resource.instanceDetails.tags[j].value");
j = j + 1;
}
j = 0;
count_j = jResp.SizeOfArray("findings[i].resource.kubernetesDetails.kubernetesUserDetails.groups");
while (j < count_j) {
jResp.J = j;
strVal = jResp.StringOf("findings[i].resource.kubernetesDetails.kubernetesUserDetails.groups[j]");
j = j + 1;
}
j = 0;
count_j = jResp.SizeOfArray("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers");
while (j < count_j) {
jResp.J = j;
containerRuntime = jResp.StringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].containerRuntime");
id = jResp.StringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].id");
image = jResp.StringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].image");
imagePrefix = jResp.StringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].imagePrefix");
name = jResp.StringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].name");
Privileged = jResp.IntOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].securityContext.privileged");
k = 0;
count_k = jResp.SizeOfArray("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].volumeMounts");
while (k < count_k) {
jResp.K = k;
mountPath = jResp.StringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].volumeMounts[k].mountPath");
name = jResp.StringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].volumeMounts[k].name");
k = k + 1;
}
j = j + 1;
}
j = 0;
count_j = jResp.SizeOfArray("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.volumes");
while (j < count_j) {
jResp.J = j;
Path = jResp.StringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.volumes[j].hostPath.path");
name = jResp.StringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.volumes[j].name");
j = j + 1;
}
j = 0;
count_j = jResp.SizeOfArray("findings[i].resource.s3BucketDetails");
while (j < count_j) {
jResp.J = j;
arn = jResp.StringOf("findings[i].resource.s3BucketDetails[j].arn");
createdAt_int = jResp.IntOf("findings[i].resource.s3BucketDetails[j].createdAt");
EncryptionType = jResp.StringOf("findings[i].resource.s3BucketDetails[j].defaultServerSideEncryption.encryptionType");
KmsMasterKeyArn = jResp.StringOf("findings[i].resource.s3BucketDetails[j].defaultServerSideEncryption.kmsMasterKeyArn");
name = jResp.StringOf("findings[i].resource.s3BucketDetails[j].name");
ownerId = jResp.StringOf("findings[i].resource.s3BucketDetails[j].owner.id");
EffectivePermission = jResp.StringOf("findings[i].resource.s3BucketDetails[j].publicAccess.effectivePermission");
BlockPublicAcls = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.accountLevelPermissions.blockPublicAccess.blockPublicAcls");
BlockPublicPolicy = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.accountLevelPermissions.blockPublicAccess.blockPublicPolicy");
IgnorePublicAcls = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.accountLevelPermissions.blockPublicAccess.ignorePublicAcls");
RestrictPublicBuckets = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.accountLevelPermissions.blockPublicAccess.restrictPublicBuckets");
AllowsPublicReadAccess = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.accessControlList.allowsPublicReadAccess");
AllowsPublicWriteAccess = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.accessControlList.allowsPublicWriteAccess");
BlockPublicAccessBlockPublicAcls = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.blockPublicAccess.blockPublicAcls");
BlockPublicAccessBlockPublicPolicy = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.blockPublicAccess.blockPublicPolicy");
BlockPublicAccessIgnorePublicAcls = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.blockPublicAccess.ignorePublicAcls");
BlockPublicAccessRestrictPublicBuckets = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.blockPublicAccess.restrictPublicBuckets");
BucketPolicyAllowsPublicReadAccess = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.bucketPolicy.allowsPublicReadAccess");
BucketPolicyAllowsPublicWriteAccess = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.bucketPolicy.allowsPublicWriteAccess");
v_type = jResp.StringOf("findings[i].resource.s3BucketDetails[j].type");
k = 0;
count_k = jResp.SizeOfArray("findings[i].resource.s3BucketDetails[j].tags");
while (k < count_k) {
jResp.K = k;
key = jResp.StringOf("findings[i].resource.s3BucketDetails[j].tags[k].key");
value = jResp.StringOf("findings[i].resource.s3BucketDetails[j].tags[k].value");
k = k + 1;
}
j = j + 1;
}
j = 0;
count_j = jResp.SizeOfArray("findings[i].service.action.kubernetesApiCallAction.sourceIps");
while (j < count_j) {
jResp.J = j;
strVal = jResp.StringOf("findings[i].service.action.kubernetesApiCallAction.sourceIps[j]");
j = j + 1;
}
j = 0;
count_j = jResp.SizeOfArray("findings[i].service.action.portProbeAction.portProbeDetails");
while (j < count_j) {
jResp.J = j;
localIpDetailsIpAddressV4 = jResp.StringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].localIpDetails.ipAddressV4");
localPortDetailsPort = jResp.IntOf("findings[i].service.action.portProbeAction.portProbeDetails[j].localPortDetails.port");
localPortDetailsPortName = jResp.StringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].localPortDetails.portName");
CityCityName = jResp.StringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.city.cityName");
CountryCountryCode = jResp.StringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.country.countryCode");
CountryCountryName = jResp.StringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.country.countryName");
GeoLocationLat = jResp.IntOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.geoLocation.lat");
GeoLocationLon = jResp.IntOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.geoLocation.lon");
remoteIpDetailsIpAddressV4 = jResp.StringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.ipAddressV4");
OrganizationAsn = jResp.StringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.organization.asn");
OrganizationAsnOrg = jResp.StringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.organization.asnOrg");
OrganizationIsp = jResp.StringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.organization.isp");
OrganizationOrg = jResp.StringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.organization.org");
j = j + 1;
}
j = 0;
count_j = jResp.SizeOfArray("findings[i].service.evidence.threatIntelligenceDetails");
while (j < count_j) {
jResp.J = j;
threatListName = jResp.StringOf("findings[i].service.evidence.threatIntelligenceDetails[j].threatListName");
k = 0;
count_k = jResp.SizeOfArray("findings[i].service.evidence.threatIntelligenceDetails[j].threatNames");
while (k < count_k) {
jResp.K = k;
strVal = jResp.StringOf("findings[i].service.evidence.threatIntelligenceDetails[j].threatNames[k]");
k = k + 1;
}
j = j + 1;
}
i = i + 1;
}
// A sample JSON response body parsed by the above code:
// {
// "findings": [
// {
// "accountId": "string",
// "arn": "string",
// "confidence": number,
// "createdAt": "string",
// "description": "string",
// "id": "string",
// "partition": "string",
// "region": "string",
// "resource": {
// "accessKeyDetails": {
// "accessKeyId": "string",
// "principalId": "string",
// "userName": "string",
// "userType": "string"
// },
// "eksClusterDetails": {
// "arn": "string",
// "createdAt": number,
// "name": "string",
// "status": "string",
// "tags": [
// {
// "key": "string",
// "value": "string"
// }
// ],
// "vpcId": "string"
// },
// "instanceDetails": {
// "availabilityZone": "string",
// "iamInstanceProfile": {
// "arn": "string",
// "id": "string"
// },
// "imageDescription": "string",
// "imageId": "string",
// "instanceId": "string",
// "instanceState": "string",
// "instanceType": "string",
// "launchTime": "string",
// "networkInterfaces": [
// {
// "ipv6Addresses": [
// "string"
// ],
// "networkInterfaceId": "string",
// "privateDnsName": "string",
// "privateIpAddress": "string",
// "privateIpAddresses": [
// {
// "privateDnsName": "string",
// "privateIpAddress": "string"
// }
// ],
// "publicDnsName": "string",
// "publicIp": "string",
// "securityGroups": [
// {
// "groupId": "string",
// "groupName": "string"
// }
// ],
// "subnetId": "string",
// "vpcId": "string"
// }
// ],
// "outpostArn": "string",
// "platform": "string",
// "productCodes": [
// {
// "code": "string",
// "productType": "string"
// }
// ],
// "tags": [
// {
// "key": "string",
// "value": "string"
// }
// ]
// },
// "kubernetesDetails": {
// "kubernetesUserDetails": {
// "groups": [
// "string"
// ],
// "uid": "string",
// "username": "string"
// },
// "kubernetesWorkloadDetails": {
// "containers": [
// {
// "containerRuntime": "string",
// "id": "string",
// "image": "string",
// "imagePrefix": "string",
// "name": "string",
// "securityContext": {
// "privileged": boolean
// },
// "volumeMounts": [
// {
// "mountPath": "string",
// "name": "string"
// }
// ]
// }
// ],
// "hostNetwork": boolean,
// "name": "string",
// "namespace": "string",
// "type": "string",
// "uid": "string",
// "volumes": [
// {
// "hostPath": {
// "path": "string"
// },
// "name": "string"
// }
// ]
// }
// },
// "resourceType": "string",
// "s3BucketDetails": [
// {
// "arn": "string",
// "createdAt": number,
// "defaultServerSideEncryption": {
// "encryptionType": "string",
// "kmsMasterKeyArn": "string"
// },
// "name": "string",
// "owner": {
// "id": "string"
// },
// "publicAccess": {
// "effectivePermission": "string",
// "permissionConfiguration": {
// "accountLevelPermissions": {
// "blockPublicAccess": {
// "blockPublicAcls": boolean,
// "blockPublicPolicy": boolean,
// "ignorePublicAcls": boolean,
// "restrictPublicBuckets": boolean
// }
// },
// "bucketLevelPermissions": {
// "accessControlList": {
// "allowsPublicReadAccess": boolean,
// "allowsPublicWriteAccess": boolean
// },
// "blockPublicAccess": {
// "blockPublicAcls": boolean,
// "blockPublicPolicy": boolean,
// "ignorePublicAcls": boolean,
// "restrictPublicBuckets": boolean
// },
// "bucketPolicy": {
// "allowsPublicReadAccess": boolean,
// "allowsPublicWriteAccess": boolean
// }
// }
// }
// },
// "tags": [
// {
// "key": "string",
// "value": "string"
// }
// ],
// "type": "string"
// }
// ]
// },
// "schemaVersion": "string",
// "service": {
// "action": {
// "actionType": "string",
// "awsApiCallAction": {
// "api": "string",
// "callerType": "string",
// "domainDetails": {
// "domain": "string"
// },
// "errorCode": "string",
// "remoteAccountDetails": {
// "accountId": "string",
// "affiliated": boolean
// },
// "remoteIpDetails": {
// "city": {
// "cityName": "string"
// },
// "country": {
// "countryCode": "string",
// "countryName": "string"
// },
// "geoLocation": {
// "lat": number,
// "lon": number
// },
// "ipAddressV4": "string",
// "organization": {
// "asn": "string",
// "asnOrg": "string",
// "isp": "string",
// "org": "string"
// }
// },
// "serviceName": "string",
// "userAgent": "string"
// },
// "dnsRequestAction": {
// "domain": "string"
// },
// "kubernetesApiCallAction": {
// "parameters": "string",
// "remoteIpDetails": {
// "city": {
// "cityName": "string"
// },
// "country": {
// "countryCode": "string",
// "countryName": "string"
// },
// "geoLocation": {
// "lat": number,
// "lon": number
// },
// "ipAddressV4": "string",
// "organization": {
// "asn": "string",
// "asnOrg": "string",
// "isp": "string",
// "org": "string"
// }
// },
// "requestUri": "string",
// "sourceIps": [
// "string"
// ],
// "statusCode": number,
// "userAgent": "string",
// "verb": "string"
// },
// "networkConnectionAction": {
// "blocked": boolean,
// "connectionDirection": "string",
// "localIpDetails": {
// "ipAddressV4": "string"
// },
// "localPortDetails": {
// "port": number,
// "portName": "string"
// },
// "protocol": "string",
// "remoteIpDetails": {
// "city": {
// "cityName": "string"
// },
// "country": {
// "countryCode": "string",
// "countryName": "string"
// },
// "geoLocation": {
// "lat": number,
// "lon": number
// },
// "ipAddressV4": "string",
// "organization": {
// "asn": "string",
// "asnOrg": "string",
// "isp": "string",
// "org": "string"
// }
// },
// "remotePortDetails": {
// "port": number,
// "portName": "string"
// }
// },
// "portProbeAction": {
// "blocked": boolean,
// "portProbeDetails": [
// {
// "localIpDetails": {
// "ipAddressV4": "string"
// },
// "localPortDetails": {
// "port": number,
// "portName": "string"
// },
// "remoteIpDetails": {
// "city": {
// "cityName": "string"
// },
// "country": {
// "countryCode": "string",
// "countryName": "string"
// },
// "geoLocation": {
// "lat": number,
// "lon": number
// },
// "ipAddressV4": "string",
// "organization": {
// "asn": "string",
// "asnOrg": "string",
// "isp": "string",
// "org": "string"
// }
// }
// }
// ]
// }
// },
// "archived": boolean,
// "count": number,
// "detectorId": "string",
// "eventFirstSeen": "string",
// "eventLastSeen": "string",
// "evidence": {
// "threatIntelligenceDetails": [
// {
// "threatListName": "string",
// "threatNames": [
// "string"
// ]
// }
// ]
// },
// "resourceRole": "string",
// "serviceName": "string",
// "userFeedback": "string"
// },
// "severity": number,
// "title": "string",
// "type": "string",
// "updatedAt": "string"
// }
// ]
// }
