GetFindings delphiAx Example
var
rest: TChilkatRest;
success: Integer;
authAws: TChilkatAuthAws;
json: TChilkatJsonObject;
sbRequestBody: TChilkatStringBuilder;
sbResponseBody: TChilkatStringBuilder;
respStatusCode: Integer;
jResp: TChilkatJsonObject;
accountId: WideString;
arn: WideString;
confidence: Integer;
createdAt: WideString;
description: WideString;
id: WideString;
partition: WideString;
region: WideString;
AccessKeyId: WideString;
PrincipalId: WideString;
UserName: WideString;
UserType: WideString;
Arn: WideString;
CreatedAt: Integer;
Name: WideString;
Status: WideString;
VpcId: WideString;
AvailabilityZone: WideString;
IamInstanceProfileArn: WideString;
Id: WideString;
ImageDescription: WideString;
ImageId: WideString;
InstanceId: WideString;
InstanceState: WideString;
InstanceType: WideString;
LaunchTime: WideString;
OutpostArn: WideString;
Platform: WideString;
Uid: WideString;
Username: WideString;
HostNetwork: Integer;
KubernetesWorkloadDetailsName: WideString;
Namespace: WideString;
v_Type: WideString;
KubernetesWorkloadDetailsUid: WideString;
ResourceType: WideString;
schemaVersion: WideString;
ActionType: WideString;
Api: WideString;
CallerType: WideString;
Domain: WideString;
ErrorCode: WideString;
AccountId: WideString;
Affiliated: Integer;
CityName: WideString;
CountryCode: WideString;
CountryName: WideString;
Lat: Integer;
Lon: Integer;
IpAddressV4: WideString;
v_Asn: WideString;
AsnOrg: WideString;
Isp: WideString;
Org: WideString;
ServiceName: WideString;
UserAgent: WideString;
DnsRequestActionDomain: WideString;
Parameters: WideString;
CityCityName: WideString;
CountryCountryCode: WideString;
CountryCountryName: WideString;
GeoLocationLat: Integer;
GeoLocationLon: Integer;
RemoteIpDetailsIpAddressV4: WideString;
OrganizationAsn: WideString;
OrganizationAsnOrg: WideString;
OrganizationIsp: WideString;
OrganizationOrg: WideString;
RequestUri: WideString;
StatusCode: Integer;
KubernetesApiCallActionUserAgent: WideString;
Verb: WideString;
Blocked: Integer;
ConnectionDirection: WideString;
LocalIpDetailsIpAddressV4: WideString;
Port: Integer;
PortName: WideString;
Protocol: WideString;
RemotePortDetailsPort: Integer;
RemotePortDetailsPortName: WideString;
PortProbeActionBlocked: Integer;
Archived: Integer;
Count: Integer;
DetectorId: WideString;
EventFirstSeen: WideString;
EventLastSeen: WideString;
ResourceRole: WideString;
serviceServiceName: WideString;
UserFeedback: WideString;
severity: Integer;
title: WideString;
v_type: WideString;
updatedAt: WideString;
j: Integer;
count_j: Integer;
key: WideString;
value: WideString;
networkInterfaceId: WideString;
privateDnsName: WideString;
privateIpAddress: WideString;
publicDnsName: WideString;
publicIp: WideString;
subnetId: WideString;
vpcId: WideString;
k: Integer;
count_k: Integer;
strVal: WideString;
groupId: WideString;
groupName: WideString;
code: WideString;
productType: WideString;
containerRuntime: WideString;
image: WideString;
imagePrefix: WideString;
name: WideString;
Privileged: Integer;
mountPath: WideString;
Path: WideString;
createdAt_int: Integer;
EncryptionType: WideString;
KmsMasterKeyArn: WideString;
ownerId: WideString;
EffectivePermission: WideString;
BlockPublicAcls: Integer;
BlockPublicPolicy: Integer;
IgnorePublicAcls: Integer;
RestrictPublicBuckets: Integer;
AllowsPublicReadAccess: Integer;
AllowsPublicWriteAccess: Integer;
BlockPublicAccessBlockPublicAcls: Integer;
BlockPublicAccessBlockPublicPolicy: Integer;
BlockPublicAccessIgnorePublicAcls: Integer;
BlockPublicAccessRestrictPublicBuckets: Integer;
BucketPolicyAllowsPublicReadAccess: Integer;
BucketPolicyAllowsPublicWriteAccess: Integer;
localIpDetailsIpAddressV4: WideString;
localPortDetailsPort: Integer;
localPortDetailsPortName: WideString;
remoteIpDetailsIpAddressV4: WideString;
threatListName: WideString;
i: Integer;
count_i: Integer;
begin
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
rest := TChilkatRest.Create(Self);
authAws := TChilkatAuthAws.Create(Self);
authAws.AccessKey := 'AWS_ACCESS_KEY';
authAws.SecretKey := 'AWS_SECRET_KEY';
// Don't forget to change the region to your particular region. (Also make the same change in the call to Connect below.)
authAws.Region := 'us-west-2';
authAws.ServiceName := 'guardduty';
// SetAuthAws causes Chilkat to automatically add the following headers: Authorization, X-Amz-Date
rest.SetAuthAws(authAws.ControlInterface);
// URL: https://guardduty.us-west-2.amazonaws.com/
// Use the same region as specified above.
success := rest.Connect('guardduty.us-west-2.amazonaws.com',443,1,1);
if (success <> 1) then
begin
Memo1.Lines.Add('ConnectFailReason: ' + IntToStr(rest.ConnectFailReason));
Memo1.Lines.Add(rest.LastErrorText);
Exit;
end;
// The following code creates the JSON request body.
// The JSON created by this code is shown below.
// Use this online tool to generate code from sample JSON:
// Generate Code to Create JSON
json := TChilkatJsonObject.Create(Self);
json.UpdateString('findingIds[0]','string');
json.UpdateString('sortCriteria.attributeName','string');
json.UpdateString('sortCriteria.orderBy','string');
// The JSON request body created by the above code:
// {
// "findingIds": [
// "string"
// ],
// "sortCriteria": {
// "attributeName": "string",
// "orderBy": "string"
// }
// }
rest.AddHeader('Content-Type','application/x-amz-json-1.1');
rest.AddHeader('X-Amz-Target','GetFindings');
sbRequestBody := TChilkatStringBuilder.Create(Self);
json.EmitSb(sbRequestBody.ControlInterface);
sbResponseBody := TChilkatStringBuilder.Create(Self);
success := rest.FullRequestSb('POST','/detector/{detectorId}/findings/get',sbRequestBody.ControlInterface,sbResponseBody.ControlInterface);
if (success <> 1) then
begin
Memo1.Lines.Add(rest.LastErrorText);
Exit;
end;
respStatusCode := rest.ResponseStatusCode;
Memo1.Lines.Add('response status code = ' + IntToStr(respStatusCode));
if (respStatusCode <> 200) then
begin
Memo1.Lines.Add('Response Header:');
Memo1.Lines.Add(rest.ResponseHeader);
Memo1.Lines.Add('Response Body:');
Memo1.Lines.Add(sbResponseBody.GetAsString());
Exit;
end;
jResp := TChilkatJsonObject.Create(Self);
jResp.LoadSb(sbResponseBody.ControlInterface);
// The following code parses the JSON response.
// A sample JSON response is shown below the sample code.
// Use this online tool to generate parsing code from sample JSON:
// Generate Parsing Code from JSON
i := 0;
count_i := jResp.SizeOfArray('findings');
while i < count_i do
begin
jResp.I := i;
accountId := jResp.StringOf('findings[i].accountId');
arn := jResp.StringOf('findings[i].arn');
confidence := jResp.IntOf('findings[i].confidence');
createdAt := jResp.StringOf('findings[i].createdAt');
description := jResp.StringOf('findings[i].description');
id := jResp.StringOf('findings[i].id');
partition := jResp.StringOf('findings[i].partition');
region := jResp.StringOf('findings[i].region');
AccessKeyId := jResp.StringOf('findings[i].resource.accessKeyDetails.accessKeyId');
PrincipalId := jResp.StringOf('findings[i].resource.accessKeyDetails.principalId');
UserName := jResp.StringOf('findings[i].resource.accessKeyDetails.userName');
UserType := jResp.StringOf('findings[i].resource.accessKeyDetails.userType');
Arn := jResp.StringOf('findings[i].resource.eksClusterDetails.arn');
CreatedAt := jResp.IntOf('findings[i].resource.eksClusterDetails.createdAt');
Name := jResp.StringOf('findings[i].resource.eksClusterDetails.name');
Status := jResp.StringOf('findings[i].resource.eksClusterDetails.status');
VpcId := jResp.StringOf('findings[i].resource.eksClusterDetails.vpcId');
AvailabilityZone := jResp.StringOf('findings[i].resource.instanceDetails.availabilityZone');
IamInstanceProfileArn := jResp.StringOf('findings[i].resource.instanceDetails.iamInstanceProfile.arn');
Id := jResp.StringOf('findings[i].resource.instanceDetails.iamInstanceProfile.id');
ImageDescription := jResp.StringOf('findings[i].resource.instanceDetails.imageDescription');
ImageId := jResp.StringOf('findings[i].resource.instanceDetails.imageId');
InstanceId := jResp.StringOf('findings[i].resource.instanceDetails.instanceId');
InstanceState := jResp.StringOf('findings[i].resource.instanceDetails.instanceState');
InstanceType := jResp.StringOf('findings[i].resource.instanceDetails.instanceType');
LaunchTime := jResp.StringOf('findings[i].resource.instanceDetails.launchTime');
OutpostArn := jResp.StringOf('findings[i].resource.instanceDetails.outpostArn');
Platform := jResp.StringOf('findings[i].resource.instanceDetails.platform');
Uid := jResp.StringOf('findings[i].resource.kubernetesDetails.kubernetesUserDetails.uid');
Username := jResp.StringOf('findings[i].resource.kubernetesDetails.kubernetesUserDetails.username');
HostNetwork := jResp.IntOf('findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.hostNetwork');
KubernetesWorkloadDetailsName := jResp.StringOf('findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.name');
Namespace := jResp.StringOf('findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.namespace');
v_Type := jResp.StringOf('findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.type');
KubernetesWorkloadDetailsUid := jResp.StringOf('findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.uid');
ResourceType := jResp.StringOf('findings[i].resource.resourceType');
schemaVersion := jResp.StringOf('findings[i].schemaVersion');
ActionType := jResp.StringOf('findings[i].service.action.actionType');
Api := jResp.StringOf('findings[i].service.action.awsApiCallAction.api');
CallerType := jResp.StringOf('findings[i].service.action.awsApiCallAction.callerType');
Domain := jResp.StringOf('findings[i].service.action.awsApiCallAction.domainDetails.domain');
ErrorCode := jResp.StringOf('findings[i].service.action.awsApiCallAction.errorCode');
AccountId := jResp.StringOf('findings[i].service.action.awsApiCallAction.remoteAccountDetails.accountId');
Affiliated := jResp.IntOf('findings[i].service.action.awsApiCallAction.remoteAccountDetails.affiliated');
CityName := jResp.StringOf('findings[i].service.action.awsApiCallAction.remoteIpDetails.city.cityName');
CountryCode := jResp.StringOf('findings[i].service.action.awsApiCallAction.remoteIpDetails.country.countryCode');
CountryName := jResp.StringOf('findings[i].service.action.awsApiCallAction.remoteIpDetails.country.countryName');
Lat := jResp.IntOf('findings[i].service.action.awsApiCallAction.remoteIpDetails.geoLocation.lat');
Lon := jResp.IntOf('findings[i].service.action.awsApiCallAction.remoteIpDetails.geoLocation.lon');
IpAddressV4 := jResp.StringOf('findings[i].service.action.awsApiCallAction.remoteIpDetails.ipAddressV4');
v_Asn := jResp.StringOf('findings[i].service.action.awsApiCallAction.remoteIpDetails.organization.asn');
AsnOrg := jResp.StringOf('findings[i].service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg');
Isp := jResp.StringOf('findings[i].service.action.awsApiCallAction.remoteIpDetails.organization.isp');
Org := jResp.StringOf('findings[i].service.action.awsApiCallAction.remoteIpDetails.organization.org');
ServiceName := jResp.StringOf('findings[i].service.action.awsApiCallAction.serviceName');
UserAgent := jResp.StringOf('findings[i].service.action.awsApiCallAction.userAgent');
DnsRequestActionDomain := jResp.StringOf('findings[i].service.action.dnsRequestAction.domain');
Parameters := jResp.StringOf('findings[i].service.action.kubernetesApiCallAction.parameters');
CityCityName := jResp.StringOf('findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.city.cityName');
CountryCountryCode := jResp.StringOf('findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.country.countryCode');
CountryCountryName := jResp.StringOf('findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.country.countryName');
GeoLocationLat := jResp.IntOf('findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.geoLocation.lat');
GeoLocationLon := jResp.IntOf('findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.geoLocation.lon');
RemoteIpDetailsIpAddressV4 := jResp.StringOf('findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV4');
OrganizationAsn := jResp.StringOf('findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.organization.asn');
OrganizationAsnOrg := jResp.StringOf('findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.organization.asnOrg');
OrganizationIsp := jResp.StringOf('findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.organization.isp');
OrganizationOrg := jResp.StringOf('findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.organization.org');
RequestUri := jResp.StringOf('findings[i].service.action.kubernetesApiCallAction.requestUri');
StatusCode := jResp.IntOf('findings[i].service.action.kubernetesApiCallAction.statusCode');
KubernetesApiCallActionUserAgent := jResp.StringOf('findings[i].service.action.kubernetesApiCallAction.userAgent');
Verb := jResp.StringOf('findings[i].service.action.kubernetesApiCallAction.verb');
Blocked := jResp.IntOf('findings[i].service.action.networkConnectionAction.blocked');
ConnectionDirection := jResp.StringOf('findings[i].service.action.networkConnectionAction.connectionDirection');
LocalIpDetailsIpAddressV4 := jResp.StringOf('findings[i].service.action.networkConnectionAction.localIpDetails.ipAddressV4');
Port := jResp.IntOf('findings[i].service.action.networkConnectionAction.localPortDetails.port');
PortName := jResp.StringOf('findings[i].service.action.networkConnectionAction.localPortDetails.portName');
Protocol := jResp.StringOf('findings[i].service.action.networkConnectionAction.protocol');
CityCityName := jResp.StringOf('findings[i].service.action.networkConnectionAction.remoteIpDetails.city.cityName');
CountryCountryCode := jResp.StringOf('findings[i].service.action.networkConnectionAction.remoteIpDetails.country.countryCode');
CountryCountryName := jResp.StringOf('findings[i].service.action.networkConnectionAction.remoteIpDetails.country.countryName');
GeoLocationLat := jResp.IntOf('findings[i].service.action.networkConnectionAction.remoteIpDetails.geoLocation.lat');
GeoLocationLon := jResp.IntOf('findings[i].service.action.networkConnectionAction.remoteIpDetails.geoLocation.lon');
RemoteIpDetailsIpAddressV4 := jResp.StringOf('findings[i].service.action.networkConnectionAction.remoteIpDetails.ipAddressV4');
OrganizationAsn := jResp.StringOf('findings[i].service.action.networkConnectionAction.remoteIpDetails.organization.asn');
OrganizationAsnOrg := jResp.StringOf('findings[i].service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg');
OrganizationIsp := jResp.StringOf('findings[i].service.action.networkConnectionAction.remoteIpDetails.organization.isp');
OrganizationOrg := jResp.StringOf('findings[i].service.action.networkConnectionAction.remoteIpDetails.organization.org');
RemotePortDetailsPort := jResp.IntOf('findings[i].service.action.networkConnectionAction.remotePortDetails.port');
RemotePortDetailsPortName := jResp.StringOf('findings[i].service.action.networkConnectionAction.remotePortDetails.portName');
PortProbeActionBlocked := jResp.IntOf('findings[i].service.action.portProbeAction.blocked');
Archived := jResp.IntOf('findings[i].service.archived');
Count := jResp.IntOf('findings[i].service.count');
DetectorId := jResp.StringOf('findings[i].service.detectorId');
EventFirstSeen := jResp.StringOf('findings[i].service.eventFirstSeen');
EventLastSeen := jResp.StringOf('findings[i].service.eventLastSeen');
ResourceRole := jResp.StringOf('findings[i].service.resourceRole');
serviceServiceName := jResp.StringOf('findings[i].service.serviceName');
UserFeedback := jResp.StringOf('findings[i].service.userFeedback');
severity := jResp.IntOf('findings[i].severity');
title := jResp.StringOf('findings[i].title');
v_type := jResp.StringOf('findings[i].type');
updatedAt := jResp.StringOf('findings[i].updatedAt');
j := 0;
count_j := jResp.SizeOfArray('findings[i].resource.eksClusterDetails.tags');
while j < count_j do
begin
jResp.J := j;
key := jResp.StringOf('findings[i].resource.eksClusterDetails.tags[j].key');
value := jResp.StringOf('findings[i].resource.eksClusterDetails.tags[j].value');
j := j + 1;
end;
j := 0;
count_j := jResp.SizeOfArray('findings[i].resource.instanceDetails.networkInterfaces');
while j < count_j do
begin
jResp.J := j;
networkInterfaceId := jResp.StringOf('findings[i].resource.instanceDetails.networkInterfaces[j].networkInterfaceId');
privateDnsName := jResp.StringOf('findings[i].resource.instanceDetails.networkInterfaces[j].privateDnsName');
privateIpAddress := jResp.StringOf('findings[i].resource.instanceDetails.networkInterfaces[j].privateIpAddress');
publicDnsName := jResp.StringOf('findings[i].resource.instanceDetails.networkInterfaces[j].publicDnsName');
publicIp := jResp.StringOf('findings[i].resource.instanceDetails.networkInterfaces[j].publicIp');
subnetId := jResp.StringOf('findings[i].resource.instanceDetails.networkInterfaces[j].subnetId');
vpcId := jResp.StringOf('findings[i].resource.instanceDetails.networkInterfaces[j].vpcId');
k := 0;
count_k := jResp.SizeOfArray('findings[i].resource.instanceDetails.networkInterfaces[j].ipv6Addresses');
while k < count_k do
begin
jResp.K := k;
strVal := jResp.StringOf('findings[i].resource.instanceDetails.networkInterfaces[j].ipv6Addresses[k]');
k := k + 1;
end;
k := 0;
count_k := jResp.SizeOfArray('findings[i].resource.instanceDetails.networkInterfaces[j].privateIpAddresses');
while k < count_k do
begin
jResp.K := k;
privateDnsName := jResp.StringOf('findings[i].resource.instanceDetails.networkInterfaces[j].privateIpAddresses[k].privateDnsName');
privateIpAddress := jResp.StringOf('findings[i].resource.instanceDetails.networkInterfaces[j].privateIpAddresses[k].privateIpAddress');
k := k + 1;
end;
k := 0;
count_k := jResp.SizeOfArray('findings[i].resource.instanceDetails.networkInterfaces[j].securityGroups');
while k < count_k do
begin
jResp.K := k;
groupId := jResp.StringOf('findings[i].resource.instanceDetails.networkInterfaces[j].securityGroups[k].groupId');
groupName := jResp.StringOf('findings[i].resource.instanceDetails.networkInterfaces[j].securityGroups[k].groupName');
k := k + 1;
end;
j := j + 1;
end;
j := 0;
count_j := jResp.SizeOfArray('findings[i].resource.instanceDetails.productCodes');
while j < count_j do
begin
jResp.J := j;
code := jResp.StringOf('findings[i].resource.instanceDetails.productCodes[j].code');
productType := jResp.StringOf('findings[i].resource.instanceDetails.productCodes[j].productType');
j := j + 1;
end;
j := 0;
count_j := jResp.SizeOfArray('findings[i].resource.instanceDetails.tags');
while j < count_j do
begin
jResp.J := j;
key := jResp.StringOf('findings[i].resource.instanceDetails.tags[j].key');
value := jResp.StringOf('findings[i].resource.instanceDetails.tags[j].value');
j := j + 1;
end;
j := 0;
count_j := jResp.SizeOfArray('findings[i].resource.kubernetesDetails.kubernetesUserDetails.groups');
while j < count_j do
begin
jResp.J := j;
strVal := jResp.StringOf('findings[i].resource.kubernetesDetails.kubernetesUserDetails.groups[j]');
j := j + 1;
end;
j := 0;
count_j := jResp.SizeOfArray('findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers');
while j < count_j do
begin
jResp.J := j;
containerRuntime := jResp.StringOf('findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].containerRuntime');
id := jResp.StringOf('findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].id');
image := jResp.StringOf('findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].image');
imagePrefix := jResp.StringOf('findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].imagePrefix');
name := jResp.StringOf('findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].name');
Privileged := jResp.IntOf('findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].securityContext.privileged');
k := 0;
count_k := jResp.SizeOfArray('findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].volumeMounts');
while k < count_k do
begin
jResp.K := k;
mountPath := jResp.StringOf('findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].volumeMounts[k].mountPath');
name := jResp.StringOf('findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].volumeMounts[k].name');
k := k + 1;
end;
j := j + 1;
end;
j := 0;
count_j := jResp.SizeOfArray('findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.volumes');
while j < count_j do
begin
jResp.J := j;
Path := jResp.StringOf('findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.volumes[j].hostPath.path');
name := jResp.StringOf('findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.volumes[j].name');
j := j + 1;
end;
j := 0;
count_j := jResp.SizeOfArray('findings[i].resource.s3BucketDetails');
while j < count_j do
begin
jResp.J := j;
arn := jResp.StringOf('findings[i].resource.s3BucketDetails[j].arn');
createdAt_int := jResp.IntOf('findings[i].resource.s3BucketDetails[j].createdAt');
EncryptionType := jResp.StringOf('findings[i].resource.s3BucketDetails[j].defaultServerSideEncryption.encryptionType');
KmsMasterKeyArn := jResp.StringOf('findings[i].resource.s3BucketDetails[j].defaultServerSideEncryption.kmsMasterKeyArn');
name := jResp.StringOf('findings[i].resource.s3BucketDetails[j].name');
ownerId := jResp.StringOf('findings[i].resource.s3BucketDetails[j].owner.id');
EffectivePermission := jResp.StringOf('findings[i].resource.s3BucketDetails[j].publicAccess.effectivePermission');
BlockPublicAcls := jResp.IntOf('findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.accountLevelPermissions.blockPublicAccess.blockPublicAcls');
BlockPublicPolicy := jResp.IntOf('findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.accountLevelPermissions.blockPublicAccess.blockPublicPolicy');
IgnorePublicAcls := jResp.IntOf('findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.accountLevelPermissions.blockPublicAccess.ignorePublicAcls');
RestrictPublicBuckets := jResp.IntOf('findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.accountLevelPermissions.blockPublicAccess.restrictPublicBuckets');
AllowsPublicReadAccess := jResp.IntOf('findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.accessControlList.allowsPublicReadAccess');
AllowsPublicWriteAccess := jResp.IntOf('findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.accessControlList.allowsPublicWriteAccess');
BlockPublicAccessBlockPublicAcls := jResp.IntOf('findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.blockPublicAccess.blockPublicAcls');
BlockPublicAccessBlockPublicPolicy := jResp.IntOf('findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.blockPublicAccess.blockPublicPolicy');
BlockPublicAccessIgnorePublicAcls := jResp.IntOf('findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.blockPublicAccess.ignorePublicAcls');
BlockPublicAccessRestrictPublicBuckets := jResp.IntOf('findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.blockPublicAccess.restrictPublicBuckets');
BucketPolicyAllowsPublicReadAccess := jResp.IntOf('findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.bucketPolicy.allowsPublicReadAccess');
BucketPolicyAllowsPublicWriteAccess := jResp.IntOf('findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.bucketPolicy.allowsPublicWriteAccess');
v_type := jResp.StringOf('findings[i].resource.s3BucketDetails[j].type');
k := 0;
count_k := jResp.SizeOfArray('findings[i].resource.s3BucketDetails[j].tags');
while k < count_k do
begin
jResp.K := k;
key := jResp.StringOf('findings[i].resource.s3BucketDetails[j].tags[k].key');
value := jResp.StringOf('findings[i].resource.s3BucketDetails[j].tags[k].value');
k := k + 1;
end;
j := j + 1;
end;
j := 0;
count_j := jResp.SizeOfArray('findings[i].service.action.kubernetesApiCallAction.sourceIps');
while j < count_j do
begin
jResp.J := j;
strVal := jResp.StringOf('findings[i].service.action.kubernetesApiCallAction.sourceIps[j]');
j := j + 1;
end;
j := 0;
count_j := jResp.SizeOfArray('findings[i].service.action.portProbeAction.portProbeDetails');
while j < count_j do
begin
jResp.J := j;
localIpDetailsIpAddressV4 := jResp.StringOf('findings[i].service.action.portProbeAction.portProbeDetails[j].localIpDetails.ipAddressV4');
localPortDetailsPort := jResp.IntOf('findings[i].service.action.portProbeAction.portProbeDetails[j].localPortDetails.port');
localPortDetailsPortName := jResp.StringOf('findings[i].service.action.portProbeAction.portProbeDetails[j].localPortDetails.portName');
CityCityName := jResp.StringOf('findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.city.cityName');
CountryCountryCode := jResp.StringOf('findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.country.countryCode');
CountryCountryName := jResp.StringOf('findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.country.countryName');
GeoLocationLat := jResp.IntOf('findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.geoLocation.lat');
GeoLocationLon := jResp.IntOf('findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.geoLocation.lon');
remoteIpDetailsIpAddressV4 := jResp.StringOf('findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.ipAddressV4');
OrganizationAsn := jResp.StringOf('findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.organization.asn');
OrganizationAsnOrg := jResp.StringOf('findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.organization.asnOrg');
OrganizationIsp := jResp.StringOf('findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.organization.isp');
OrganizationOrg := jResp.StringOf('findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.organization.org');
j := j + 1;
end;
j := 0;
count_j := jResp.SizeOfArray('findings[i].service.evidence.threatIntelligenceDetails');
while j < count_j do
begin
jResp.J := j;
threatListName := jResp.StringOf('findings[i].service.evidence.threatIntelligenceDetails[j].threatListName');
k := 0;
count_k := jResp.SizeOfArray('findings[i].service.evidence.threatIntelligenceDetails[j].threatNames');
while k < count_k do
begin
jResp.K := k;
strVal := jResp.StringOf('findings[i].service.evidence.threatIntelligenceDetails[j].threatNames[k]');
k := k + 1;
end;
j := j + 1;
end;
i := i + 1;
end;
// A sample JSON response body parsed by the above code:
// {
// "findings": [
// {
// "accountId": "string",
// "arn": "string",
// "confidence": number,
// "createdAt": "string",
// "description": "string",
// "id": "string",
// "partition": "string",
// "region": "string",
// "resource": {
// "accessKeyDetails": {
// "accessKeyId": "string",
// "principalId": "string",
// "userName": "string",
// "userType": "string"
// },
// "eksClusterDetails": {
// "arn": "string",
// "createdAt": number,
// "name": "string",
// "status": "string",
// "tags": [
// {
// "key": "string",
// "value": "string"
// }
// ],
// "vpcId": "string"
// },
// "instanceDetails": {
// "availabilityZone": "string",
// "iamInstanceProfile": {
// "arn": "string",
// "id": "string"
// },
// "imageDescription": "string",
// "imageId": "string",
// "instanceId": "string",
// "instanceState": "string",
// "instanceType": "string",
// "launchTime": "string",
// "networkInterfaces": [
// {
// "ipv6Addresses": [
// "string"
// ],
// "networkInterfaceId": "string",
// "privateDnsName": "string",
// "privateIpAddress": "string",
// "privateIpAddresses": [
// {
// "privateDnsName": "string",
// "privateIpAddress": "string"
// }
// ],
// "publicDnsName": "string",
// "publicIp": "string",
// "securityGroups": [
// {
// "groupId": "string",
// "groupName": "string"
// }
// ],
// "subnetId": "string",
// "vpcId": "string"
// }
// ],
// "outpostArn": "string",
// "platform": "string",
// "productCodes": [
// {
// "code": "string",
// "productType": "string"
// }
// ],
// "tags": [
// {
// "key": "string",
// "value": "string"
// }
// ]
// },
// "kubernetesDetails": {
// "kubernetesUserDetails": {
// "groups": [
// "string"
// ],
// "uid": "string",
// "username": "string"
// },
// "kubernetesWorkloadDetails": {
// "containers": [
// {
// "containerRuntime": "string",
// "id": "string",
// "image": "string",
// "imagePrefix": "string",
// "name": "string",
// "securityContext": {
// "privileged": boolean
// },
// "volumeMounts": [
// {
// "mountPath": "string",
// "name": "string"
// }
// ]
// }
// ],
// "hostNetwork": boolean,
// "name": "string",
// "namespace": "string",
// "type": "string",
// "uid": "string",
// "volumes": [
// {
// "hostPath": {
// "path": "string"
// },
// "name": "string"
// }
// ]
// }
// },
// "resourceType": "string",
// "s3BucketDetails": [
// {
// "arn": "string",
// "createdAt": number,
// "defaultServerSideEncryption": {
// "encryptionType": "string",
// "kmsMasterKeyArn": "string"
// },
// "name": "string",
// "owner": {
// "id": "string"
// },
// "publicAccess": {
// "effectivePermission": "string",
// "permissionConfiguration": {
// "accountLevelPermissions": {
// "blockPublicAccess": {
// "blockPublicAcls": boolean,
// "blockPublicPolicy": boolean,
// "ignorePublicAcls": boolean,
// "restrictPublicBuckets": boolean
// }
// },
// "bucketLevelPermissions": {
// "accessControlList": {
// "allowsPublicReadAccess": boolean,
// "allowsPublicWriteAccess": boolean
// },
// "blockPublicAccess": {
// "blockPublicAcls": boolean,
// "blockPublicPolicy": boolean,
// "ignorePublicAcls": boolean,
// "restrictPublicBuckets": boolean
// },
// "bucketPolicy": {
// "allowsPublicReadAccess": boolean,
// "allowsPublicWriteAccess": boolean
// }
// }
// }
// },
// "tags": [
// {
// "key": "string",
// "value": "string"
// }
// ],
// "type": "string"
// }
// ]
// },
// "schemaVersion": "string",
// "service": {
// "action": {
// "actionType": "string",
// "awsApiCallAction": {
// "api": "string",
// "callerType": "string",
// "domainDetails": {
// "domain": "string"
// },
// "errorCode": "string",
// "remoteAccountDetails": {
// "accountId": "string",
// "affiliated": boolean
// },
// "remoteIpDetails": {
// "city": {
// "cityName": "string"
// },
// "country": {
// "countryCode": "string",
// "countryName": "string"
// },
// "geoLocation": {
// "lat": number,
// "lon": number
// },
// "ipAddressV4": "string",
// "organization": {
// "asn": "string",
// "asnOrg": "string",
// "isp": "string",
// "org": "string"
// }
// },
// "serviceName": "string",
// "userAgent": "string"
// },
// "dnsRequestAction": {
// "domain": "string"
// },
// "kubernetesApiCallAction": {
// "parameters": "string",
// "remoteIpDetails": {
// "city": {
// "cityName": "string"
// },
// "country": {
// "countryCode": "string",
// "countryName": "string"
// },
// "geoLocation": {
// "lat": number,
// "lon": number
// },
// "ipAddressV4": "string",
// "organization": {
// "asn": "string",
// "asnOrg": "string",
// "isp": "string",
// "org": "string"
// }
// },
// "requestUri": "string",
// "sourceIps": [
// "string"
// ],
// "statusCode": number,
// "userAgent": "string",
// "verb": "string"
// },
// "networkConnectionAction": {
// "blocked": boolean,
// "connectionDirection": "string",
// "localIpDetails": {
// "ipAddressV4": "string"
// },
// "localPortDetails": {
// "port": number,
// "portName": "string"
// },
// "protocol": "string",
// "remoteIpDetails": {
// "city": {
// "cityName": "string"
// },
// "country": {
// "countryCode": "string",
// "countryName": "string"
// },
// "geoLocation": {
// "lat": number,
// "lon": number
// },
// "ipAddressV4": "string",
// "organization": {
// "asn": "string",
// "asnOrg": "string",
// "isp": "string",
// "org": "string"
// }
// },
// "remotePortDetails": {
// "port": number,
// "portName": "string"
// }
// },
// "portProbeAction": {
// "blocked": boolean,
// "portProbeDetails": [
// {
// "localIpDetails": {
// "ipAddressV4": "string"
// },
// "localPortDetails": {
// "port": number,
// "portName": "string"
// },
// "remoteIpDetails": {
// "city": {
// "cityName": "string"
// },
// "country": {
// "countryCode": "string",
// "countryName": "string"
// },
// "geoLocation": {
// "lat": number,
// "lon": number
// },
// "ipAddressV4": "string",
// "organization": {
// "asn": "string",
// "asnOrg": "string",
// "isp": "string",
// "org": "string"
// }
// }
// }
// ]
// }
// },
// "archived": boolean,
// "count": number,
// "detectorId": "string",
// "eventFirstSeen": "string",
// "eventLastSeen": "string",
// "evidence": {
// "threatIntelligenceDetails": [
// {
// "threatListName": "string",
// "threatNames": [
// "string"
// ]
// }
// ]
// },
// "resourceRole": "string",
// "serviceName": "string",
// "userFeedback": "string"
// },
// "severity": number,
// "title": "string",
// "type": "string",
// "updatedAt": "string"
// }
// ]
// }
