GetFindings Java Example
import com.chilkatsoft.*;
public class ChilkatExample {
static {
try {
System.loadLibrary("chilkat");
} catch (UnsatisfiedLinkError e) {
System.err.println("Native code library failed to load.\n" + e);
System.exit(1);
}
}
public static void main(String argv[])
{
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
CkRest rest = new CkRest();
boolean success;
CkAuthAws authAws = new CkAuthAws();
authAws.put_AccessKey("AWS_ACCESS_KEY");
authAws.put_SecretKey("AWS_SECRET_KEY");
// Don't forget to change the region to your particular region. (Also make the same change in the call to Connect below.)
authAws.put_Region("us-west-2");
authAws.put_ServiceName("guardduty");
// SetAuthAws causes Chilkat to automatically add the following headers: Authorization, X-Amz-Date
rest.SetAuthAws(authAws);
// URL: https://guardduty.us-west-2.amazonaws.com/
// Use the same region as specified above.
success = rest.Connect("guardduty.us-west-2.amazonaws.com",443,true,true);
if (success != true) {
System.out.println("ConnectFailReason: " + rest.get_ConnectFailReason());
System.out.println(rest.lastErrorText());
return;
}
// The following code creates the JSON request body.
// The JSON created by this code is shown below.
// Use this online tool to generate code from sample JSON:
// Generate Code to Create JSON
CkJsonObject json = new CkJsonObject();
json.UpdateString("findingIds[0]","string");
json.UpdateString("sortCriteria.attributeName","string");
json.UpdateString("sortCriteria.orderBy","string");
// The JSON request body created by the above code:
// {
// "findingIds": [
// "string"
// ],
// "sortCriteria": {
// "attributeName": "string",
// "orderBy": "string"
// }
// }
rest.AddHeader("Content-Type","application/x-amz-json-1.1");
rest.AddHeader("X-Amz-Target","GetFindings");
CkStringBuilder sbRequestBody = new CkStringBuilder();
json.EmitSb(sbRequestBody);
CkStringBuilder sbResponseBody = new CkStringBuilder();
success = rest.FullRequestSb("POST","/detector/{detectorId}/findings/get",sbRequestBody,sbResponseBody);
if (success != true) {
System.out.println(rest.lastErrorText());
return;
}
int respStatusCode = rest.get_ResponseStatusCode();
System.out.println("response status code = " + respStatusCode);
if (respStatusCode != 200) {
System.out.println("Response Header:");
System.out.println(rest.responseHeader());
System.out.println("Response Body:");
System.out.println(sbResponseBody.getAsString());
return;
}
CkJsonObject jResp = new CkJsonObject();
jResp.LoadSb(sbResponseBody);
// The following code parses the JSON response.
// A sample JSON response is shown below the sample code.
// Use this online tool to generate parsing code from sample JSON:
// Generate Parsing Code from JSON
String accountId;
String arn;
int confidence;
String createdAt;
String description;
String id;
String partition;
String region;
String AccessKeyId;
String PrincipalId;
String UserName;
String UserType;
String Arn;
int CreatedAt;
String Name;
String Status;
String VpcId;
String AvailabilityZone;
String IamInstanceProfileArn;
String Id;
String ImageDescription;
String ImageId;
String InstanceId;
String InstanceState;
String InstanceType;
String LaunchTime;
String OutpostArn;
String Platform;
String Uid;
String Username;
int HostNetwork;
String KubernetesWorkloadDetailsName;
String Namespace;
String v_Type;
String KubernetesWorkloadDetailsUid;
String ResourceType;
String schemaVersion;
String ActionType;
String Api;
String CallerType;
String Domain;
String ErrorCode;
String AccountId;
int Affiliated;
String CityName;
String CountryCode;
String CountryName;
int Lat;
int Lon;
String IpAddressV4;
String v_Asn;
String AsnOrg;
String Isp;
String Org;
String ServiceName;
String UserAgent;
String DnsRequestActionDomain;
String Parameters;
String CityCityName;
String CountryCountryCode;
String CountryCountryName;
int GeoLocationLat;
int GeoLocationLon;
String RemoteIpDetailsIpAddressV4;
String OrganizationAsn;
String OrganizationAsnOrg;
String OrganizationIsp;
String OrganizationOrg;
String RequestUri;
int StatusCode;
String KubernetesApiCallActionUserAgent;
String Verb;
int Blocked;
String ConnectionDirection;
String LocalIpDetailsIpAddressV4;
int Port;
String PortName;
String Protocol;
int RemotePortDetailsPort;
String RemotePortDetailsPortName;
int PortProbeActionBlocked;
int Archived;
int Count;
String DetectorId;
String EventFirstSeen;
String EventLastSeen;
String ResourceRole;
String serviceServiceName;
String UserFeedback;
int severity;
String title;
String v_type;
String updatedAt;
int j;
int count_j;
String key;
String value;
String networkInterfaceId;
String privateDnsName;
String privateIpAddress;
String publicDnsName;
String publicIp;
String subnetId;
String vpcId;
int k;
int count_k;
String strVal;
String groupId;
String groupName;
String code;
String productType;
String containerRuntime;
String image;
String imagePrefix;
String name;
int Privileged;
String mountPath;
String Path;
int createdAt_int;
String EncryptionType;
String KmsMasterKeyArn;
String ownerId;
String EffectivePermission;
int BlockPublicAcls;
int BlockPublicPolicy;
int IgnorePublicAcls;
int RestrictPublicBuckets;
int AllowsPublicReadAccess;
int AllowsPublicWriteAccess;
int BlockPublicAccessBlockPublicAcls;
int BlockPublicAccessBlockPublicPolicy;
int BlockPublicAccessIgnorePublicAcls;
int BlockPublicAccessRestrictPublicBuckets;
int BucketPolicyAllowsPublicReadAccess;
int BucketPolicyAllowsPublicWriteAccess;
String localIpDetailsIpAddressV4;
int localPortDetailsPort;
String localPortDetailsPortName;
String remoteIpDetailsIpAddressV4;
String threatListName;
int i = 0;
int count_i = jResp.SizeOfArray("findings");
while (i < count_i) {
jResp.put_I(i);
accountId = jResp.stringOf("findings[i].accountId");
arn = jResp.stringOf("findings[i].arn");
confidence = jResp.IntOf("findings[i].confidence");
createdAt = jResp.stringOf("findings[i].createdAt");
description = jResp.stringOf("findings[i].description");
id = jResp.stringOf("findings[i].id");
partition = jResp.stringOf("findings[i].partition");
region = jResp.stringOf("findings[i].region");
AccessKeyId = jResp.stringOf("findings[i].resource.accessKeyDetails.accessKeyId");
PrincipalId = jResp.stringOf("findings[i].resource.accessKeyDetails.principalId");
UserName = jResp.stringOf("findings[i].resource.accessKeyDetails.userName");
UserType = jResp.stringOf("findings[i].resource.accessKeyDetails.userType");
Arn = jResp.stringOf("findings[i].resource.eksClusterDetails.arn");
CreatedAt = jResp.IntOf("findings[i].resource.eksClusterDetails.createdAt");
Name = jResp.stringOf("findings[i].resource.eksClusterDetails.name");
Status = jResp.stringOf("findings[i].resource.eksClusterDetails.status");
VpcId = jResp.stringOf("findings[i].resource.eksClusterDetails.vpcId");
AvailabilityZone = jResp.stringOf("findings[i].resource.instanceDetails.availabilityZone");
IamInstanceProfileArn = jResp.stringOf("findings[i].resource.instanceDetails.iamInstanceProfile.arn");
Id = jResp.stringOf("findings[i].resource.instanceDetails.iamInstanceProfile.id");
ImageDescription = jResp.stringOf("findings[i].resource.instanceDetails.imageDescription");
ImageId = jResp.stringOf("findings[i].resource.instanceDetails.imageId");
InstanceId = jResp.stringOf("findings[i].resource.instanceDetails.instanceId");
InstanceState = jResp.stringOf("findings[i].resource.instanceDetails.instanceState");
InstanceType = jResp.stringOf("findings[i].resource.instanceDetails.instanceType");
LaunchTime = jResp.stringOf("findings[i].resource.instanceDetails.launchTime");
OutpostArn = jResp.stringOf("findings[i].resource.instanceDetails.outpostArn");
Platform = jResp.stringOf("findings[i].resource.instanceDetails.platform");
Uid = jResp.stringOf("findings[i].resource.kubernetesDetails.kubernetesUserDetails.uid");
Username = jResp.stringOf("findings[i].resource.kubernetesDetails.kubernetesUserDetails.username");
HostNetwork = jResp.IntOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.hostNetwork");
KubernetesWorkloadDetailsName = jResp.stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.name");
Namespace = jResp.stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.namespace");
v_Type = jResp.stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.type");
KubernetesWorkloadDetailsUid = jResp.stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.uid");
ResourceType = jResp.stringOf("findings[i].resource.resourceType");
schemaVersion = jResp.stringOf("findings[i].schemaVersion");
ActionType = jResp.stringOf("findings[i].service.action.actionType");
Api = jResp.stringOf("findings[i].service.action.awsApiCallAction.api");
CallerType = jResp.stringOf("findings[i].service.action.awsApiCallAction.callerType");
Domain = jResp.stringOf("findings[i].service.action.awsApiCallAction.domainDetails.domain");
ErrorCode = jResp.stringOf("findings[i].service.action.awsApiCallAction.errorCode");
AccountId = jResp.stringOf("findings[i].service.action.awsApiCallAction.remoteAccountDetails.accountId");
Affiliated = jResp.IntOf("findings[i].service.action.awsApiCallAction.remoteAccountDetails.affiliated");
CityName = jResp.stringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.city.cityName");
CountryCode = jResp.stringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.country.countryCode");
CountryName = jResp.stringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.country.countryName");
Lat = jResp.IntOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.geoLocation.lat");
Lon = jResp.IntOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.geoLocation.lon");
IpAddressV4 = jResp.stringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.ipAddressV4");
v_Asn = jResp.stringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.organization.asn");
AsnOrg = jResp.stringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg");
Isp = jResp.stringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.organization.isp");
Org = jResp.stringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.organization.org");
ServiceName = jResp.stringOf("findings[i].service.action.awsApiCallAction.serviceName");
UserAgent = jResp.stringOf("findings[i].service.action.awsApiCallAction.userAgent");
DnsRequestActionDomain = jResp.stringOf("findings[i].service.action.dnsRequestAction.domain");
Parameters = jResp.stringOf("findings[i].service.action.kubernetesApiCallAction.parameters");
CityCityName = jResp.stringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.city.cityName");
CountryCountryCode = jResp.stringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.country.countryCode");
CountryCountryName = jResp.stringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.country.countryName");
GeoLocationLat = jResp.IntOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.geoLocation.lat");
GeoLocationLon = jResp.IntOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.geoLocation.lon");
RemoteIpDetailsIpAddressV4 = jResp.stringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV4");
OrganizationAsn = jResp.stringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.organization.asn");
OrganizationAsnOrg = jResp.stringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.organization.asnOrg");
OrganizationIsp = jResp.stringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.organization.isp");
OrganizationOrg = jResp.stringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.organization.org");
RequestUri = jResp.stringOf("findings[i].service.action.kubernetesApiCallAction.requestUri");
StatusCode = jResp.IntOf("findings[i].service.action.kubernetesApiCallAction.statusCode");
KubernetesApiCallActionUserAgent = jResp.stringOf("findings[i].service.action.kubernetesApiCallAction.userAgent");
Verb = jResp.stringOf("findings[i].service.action.kubernetesApiCallAction.verb");
Blocked = jResp.IntOf("findings[i].service.action.networkConnectionAction.blocked");
ConnectionDirection = jResp.stringOf("findings[i].service.action.networkConnectionAction.connectionDirection");
LocalIpDetailsIpAddressV4 = jResp.stringOf("findings[i].service.action.networkConnectionAction.localIpDetails.ipAddressV4");
Port = jResp.IntOf("findings[i].service.action.networkConnectionAction.localPortDetails.port");
PortName = jResp.stringOf("findings[i].service.action.networkConnectionAction.localPortDetails.portName");
Protocol = jResp.stringOf("findings[i].service.action.networkConnectionAction.protocol");
CityCityName = jResp.stringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.city.cityName");
CountryCountryCode = jResp.stringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.country.countryCode");
CountryCountryName = jResp.stringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.country.countryName");
GeoLocationLat = jResp.IntOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.geoLocation.lat");
GeoLocationLon = jResp.IntOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.geoLocation.lon");
RemoteIpDetailsIpAddressV4 = jResp.stringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.ipAddressV4");
OrganizationAsn = jResp.stringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.organization.asn");
OrganizationAsnOrg = jResp.stringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg");
OrganizationIsp = jResp.stringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.organization.isp");
OrganizationOrg = jResp.stringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.organization.org");
RemotePortDetailsPort = jResp.IntOf("findings[i].service.action.networkConnectionAction.remotePortDetails.port");
RemotePortDetailsPortName = jResp.stringOf("findings[i].service.action.networkConnectionAction.remotePortDetails.portName");
PortProbeActionBlocked = jResp.IntOf("findings[i].service.action.portProbeAction.blocked");
Archived = jResp.IntOf("findings[i].service.archived");
Count = jResp.IntOf("findings[i].service.count");
DetectorId = jResp.stringOf("findings[i].service.detectorId");
EventFirstSeen = jResp.stringOf("findings[i].service.eventFirstSeen");
EventLastSeen = jResp.stringOf("findings[i].service.eventLastSeen");
ResourceRole = jResp.stringOf("findings[i].service.resourceRole");
serviceServiceName = jResp.stringOf("findings[i].service.serviceName");
UserFeedback = jResp.stringOf("findings[i].service.userFeedback");
severity = jResp.IntOf("findings[i].severity");
title = jResp.stringOf("findings[i].title");
v_type = jResp.stringOf("findings[i].type");
updatedAt = jResp.stringOf("findings[i].updatedAt");
j = 0;
count_j = jResp.SizeOfArray("findings[i].resource.eksClusterDetails.tags");
while (j < count_j) {
jResp.put_J(j);
key = jResp.stringOf("findings[i].resource.eksClusterDetails.tags[j].key");
value = jResp.stringOf("findings[i].resource.eksClusterDetails.tags[j].value");
j = j+1;
}
j = 0;
count_j = jResp.SizeOfArray("findings[i].resource.instanceDetails.networkInterfaces");
while (j < count_j) {
jResp.put_J(j);
networkInterfaceId = jResp.stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].networkInterfaceId");
privateDnsName = jResp.stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].privateDnsName");
privateIpAddress = jResp.stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].privateIpAddress");
publicDnsName = jResp.stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].publicDnsName");
publicIp = jResp.stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].publicIp");
subnetId = jResp.stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].subnetId");
vpcId = jResp.stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].vpcId");
k = 0;
count_k = jResp.SizeOfArray("findings[i].resource.instanceDetails.networkInterfaces[j].ipv6Addresses");
while (k < count_k) {
jResp.put_K(k);
strVal = jResp.stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].ipv6Addresses[k]");
k = k+1;
}
k = 0;
count_k = jResp.SizeOfArray("findings[i].resource.instanceDetails.networkInterfaces[j].privateIpAddresses");
while (k < count_k) {
jResp.put_K(k);
privateDnsName = jResp.stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].privateIpAddresses[k].privateDnsName");
privateIpAddress = jResp.stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].privateIpAddresses[k].privateIpAddress");
k = k+1;
}
k = 0;
count_k = jResp.SizeOfArray("findings[i].resource.instanceDetails.networkInterfaces[j].securityGroups");
while (k < count_k) {
jResp.put_K(k);
groupId = jResp.stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].securityGroups[k].groupId");
groupName = jResp.stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].securityGroups[k].groupName");
k = k+1;
}
j = j+1;
}
j = 0;
count_j = jResp.SizeOfArray("findings[i].resource.instanceDetails.productCodes");
while (j < count_j) {
jResp.put_J(j);
code = jResp.stringOf("findings[i].resource.instanceDetails.productCodes[j].code");
productType = jResp.stringOf("findings[i].resource.instanceDetails.productCodes[j].productType");
j = j+1;
}
j = 0;
count_j = jResp.SizeOfArray("findings[i].resource.instanceDetails.tags");
while (j < count_j) {
jResp.put_J(j);
key = jResp.stringOf("findings[i].resource.instanceDetails.tags[j].key");
value = jResp.stringOf("findings[i].resource.instanceDetails.tags[j].value");
j = j+1;
}
j = 0;
count_j = jResp.SizeOfArray("findings[i].resource.kubernetesDetails.kubernetesUserDetails.groups");
while (j < count_j) {
jResp.put_J(j);
strVal = jResp.stringOf("findings[i].resource.kubernetesDetails.kubernetesUserDetails.groups[j]");
j = j+1;
}
j = 0;
count_j = jResp.SizeOfArray("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers");
while (j < count_j) {
jResp.put_J(j);
containerRuntime = jResp.stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].containerRuntime");
id = jResp.stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].id");
image = jResp.stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].image");
imagePrefix = jResp.stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].imagePrefix");
name = jResp.stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].name");
Privileged = jResp.IntOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].securityContext.privileged");
k = 0;
count_k = jResp.SizeOfArray("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].volumeMounts");
while (k < count_k) {
jResp.put_K(k);
mountPath = jResp.stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].volumeMounts[k].mountPath");
name = jResp.stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].volumeMounts[k].name");
k = k+1;
}
j = j+1;
}
j = 0;
count_j = jResp.SizeOfArray("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.volumes");
while (j < count_j) {
jResp.put_J(j);
Path = jResp.stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.volumes[j].hostPath.path");
name = jResp.stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.volumes[j].name");
j = j+1;
}
j = 0;
count_j = jResp.SizeOfArray("findings[i].resource.s3BucketDetails");
while (j < count_j) {
jResp.put_J(j);
arn = jResp.stringOf("findings[i].resource.s3BucketDetails[j].arn");
createdAt_int = jResp.IntOf("findings[i].resource.s3BucketDetails[j].createdAt");
EncryptionType = jResp.stringOf("findings[i].resource.s3BucketDetails[j].defaultServerSideEncryption.encryptionType");
KmsMasterKeyArn = jResp.stringOf("findings[i].resource.s3BucketDetails[j].defaultServerSideEncryption.kmsMasterKeyArn");
name = jResp.stringOf("findings[i].resource.s3BucketDetails[j].name");
ownerId = jResp.stringOf("findings[i].resource.s3BucketDetails[j].owner.id");
EffectivePermission = jResp.stringOf("findings[i].resource.s3BucketDetails[j].publicAccess.effectivePermission");
BlockPublicAcls = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.accountLevelPermissions.blockPublicAccess.blockPublicAcls");
BlockPublicPolicy = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.accountLevelPermissions.blockPublicAccess.blockPublicPolicy");
IgnorePublicAcls = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.accountLevelPermissions.blockPublicAccess.ignorePublicAcls");
RestrictPublicBuckets = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.accountLevelPermissions.blockPublicAccess.restrictPublicBuckets");
AllowsPublicReadAccess = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.accessControlList.allowsPublicReadAccess");
AllowsPublicWriteAccess = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.accessControlList.allowsPublicWriteAccess");
BlockPublicAccessBlockPublicAcls = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.blockPublicAccess.blockPublicAcls");
BlockPublicAccessBlockPublicPolicy = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.blockPublicAccess.blockPublicPolicy");
BlockPublicAccessIgnorePublicAcls = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.blockPublicAccess.ignorePublicAcls");
BlockPublicAccessRestrictPublicBuckets = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.blockPublicAccess.restrictPublicBuckets");
BucketPolicyAllowsPublicReadAccess = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.bucketPolicy.allowsPublicReadAccess");
BucketPolicyAllowsPublicWriteAccess = jResp.IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.bucketPolicy.allowsPublicWriteAccess");
v_type = jResp.stringOf("findings[i].resource.s3BucketDetails[j].type");
k = 0;
count_k = jResp.SizeOfArray("findings[i].resource.s3BucketDetails[j].tags");
while (k < count_k) {
jResp.put_K(k);
key = jResp.stringOf("findings[i].resource.s3BucketDetails[j].tags[k].key");
value = jResp.stringOf("findings[i].resource.s3BucketDetails[j].tags[k].value");
k = k+1;
}
j = j+1;
}
j = 0;
count_j = jResp.SizeOfArray("findings[i].service.action.kubernetesApiCallAction.sourceIps");
while (j < count_j) {
jResp.put_J(j);
strVal = jResp.stringOf("findings[i].service.action.kubernetesApiCallAction.sourceIps[j]");
j = j+1;
}
j = 0;
count_j = jResp.SizeOfArray("findings[i].service.action.portProbeAction.portProbeDetails");
while (j < count_j) {
jResp.put_J(j);
localIpDetailsIpAddressV4 = jResp.stringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].localIpDetails.ipAddressV4");
localPortDetailsPort = jResp.IntOf("findings[i].service.action.portProbeAction.portProbeDetails[j].localPortDetails.port");
localPortDetailsPortName = jResp.stringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].localPortDetails.portName");
CityCityName = jResp.stringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.city.cityName");
CountryCountryCode = jResp.stringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.country.countryCode");
CountryCountryName = jResp.stringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.country.countryName");
GeoLocationLat = jResp.IntOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.geoLocation.lat");
GeoLocationLon = jResp.IntOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.geoLocation.lon");
remoteIpDetailsIpAddressV4 = jResp.stringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.ipAddressV4");
OrganizationAsn = jResp.stringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.organization.asn");
OrganizationAsnOrg = jResp.stringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.organization.asnOrg");
OrganizationIsp = jResp.stringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.organization.isp");
OrganizationOrg = jResp.stringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.organization.org");
j = j+1;
}
j = 0;
count_j = jResp.SizeOfArray("findings[i].service.evidence.threatIntelligenceDetails");
while (j < count_j) {
jResp.put_J(j);
threatListName = jResp.stringOf("findings[i].service.evidence.threatIntelligenceDetails[j].threatListName");
k = 0;
count_k = jResp.SizeOfArray("findings[i].service.evidence.threatIntelligenceDetails[j].threatNames");
while (k < count_k) {
jResp.put_K(k);
strVal = jResp.stringOf("findings[i].service.evidence.threatIntelligenceDetails[j].threatNames[k]");
k = k+1;
}
j = j+1;
}
i = i+1;
}
// A sample JSON response body parsed by the above code:
// {
// "findings": [
// {
// "accountId": "string",
// "arn": "string",
// "confidence": number,
// "createdAt": "string",
// "description": "string",
// "id": "string",
// "partition": "string",
// "region": "string",
// "resource": {
// "accessKeyDetails": {
// "accessKeyId": "string",
// "principalId": "string",
// "userName": "string",
// "userType": "string"
// },
// "eksClusterDetails": {
// "arn": "string",
// "createdAt": number,
// "name": "string",
// "status": "string",
// "tags": [
// {
// "key": "string",
// "value": "string"
// }
// ],
// "vpcId": "string"
// },
// "instanceDetails": {
// "availabilityZone": "string",
// "iamInstanceProfile": {
// "arn": "string",
// "id": "string"
// },
// "imageDescription": "string",
// "imageId": "string",
// "instanceId": "string",
// "instanceState": "string",
// "instanceType": "string",
// "launchTime": "string",
// "networkInterfaces": [
// {
// "ipv6Addresses": [
// "string"
// ],
// "networkInterfaceId": "string",
// "privateDnsName": "string",
// "privateIpAddress": "string",
// "privateIpAddresses": [
// {
// "privateDnsName": "string",
// "privateIpAddress": "string"
// }
// ],
// "publicDnsName": "string",
// "publicIp": "string",
// "securityGroups": [
// {
// "groupId": "string",
// "groupName": "string"
// }
// ],
// "subnetId": "string",
// "vpcId": "string"
// }
// ],
// "outpostArn": "string",
// "platform": "string",
// "productCodes": [
// {
// "code": "string",
// "productType": "string"
// }
// ],
// "tags": [
// {
// "key": "string",
// "value": "string"
// }
// ]
// },
// "kubernetesDetails": {
// "kubernetesUserDetails": {
// "groups": [
// "string"
// ],
// "uid": "string",
// "username": "string"
// },
// "kubernetesWorkloadDetails": {
// "containers": [
// {
// "containerRuntime": "string",
// "id": "string",
// "image": "string",
// "imagePrefix": "string",
// "name": "string",
// "securityContext": {
// "privileged": boolean
// },
// "volumeMounts": [
// {
// "mountPath": "string",
// "name": "string"
// }
// ]
// }
// ],
// "hostNetwork": boolean,
// "name": "string",
// "namespace": "string",
// "type": "string",
// "uid": "string",
// "volumes": [
// {
// "hostPath": {
// "path": "string"
// },
// "name": "string"
// }
// ]
// }
// },
// "resourceType": "string",
// "s3BucketDetails": [
// {
// "arn": "string",
// "createdAt": number,
// "defaultServerSideEncryption": {
// "encryptionType": "string",
// "kmsMasterKeyArn": "string"
// },
// "name": "string",
// "owner": {
// "id": "string"
// },
// "publicAccess": {
// "effectivePermission": "string",
// "permissionConfiguration": {
// "accountLevelPermissions": {
// "blockPublicAccess": {
// "blockPublicAcls": boolean,
// "blockPublicPolicy": boolean,
// "ignorePublicAcls": boolean,
// "restrictPublicBuckets": boolean
// }
// },
// "bucketLevelPermissions": {
// "accessControlList": {
// "allowsPublicReadAccess": boolean,
// "allowsPublicWriteAccess": boolean
// },
// "blockPublicAccess": {
// "blockPublicAcls": boolean,
// "blockPublicPolicy": boolean,
// "ignorePublicAcls": boolean,
// "restrictPublicBuckets": boolean
// },
// "bucketPolicy": {
// "allowsPublicReadAccess": boolean,
// "allowsPublicWriteAccess": boolean
// }
// }
// }
// },
// "tags": [
// {
// "key": "string",
// "value": "string"
// }
// ],
// "type": "string"
// }
// ]
// },
// "schemaVersion": "string",
// "service": {
// "action": {
// "actionType": "string",
// "awsApiCallAction": {
// "api": "string",
// "callerType": "string",
// "domainDetails": {
// "domain": "string"
// },
// "errorCode": "string",
// "remoteAccountDetails": {
// "accountId": "string",
// "affiliated": boolean
// },
// "remoteIpDetails": {
// "city": {
// "cityName": "string"
// },
// "country": {
// "countryCode": "string",
// "countryName": "string"
// },
// "geoLocation": {
// "lat": number,
// "lon": number
// },
// "ipAddressV4": "string",
// "organization": {
// "asn": "string",
// "asnOrg": "string",
// "isp": "string",
// "org": "string"
// }
// },
// "serviceName": "string",
// "userAgent": "string"
// },
// "dnsRequestAction": {
// "domain": "string"
// },
// "kubernetesApiCallAction": {
// "parameters": "string",
// "remoteIpDetails": {
// "city": {
// "cityName": "string"
// },
// "country": {
// "countryCode": "string",
// "countryName": "string"
// },
// "geoLocation": {
// "lat": number,
// "lon": number
// },
// "ipAddressV4": "string",
// "organization": {
// "asn": "string",
// "asnOrg": "string",
// "isp": "string",
// "org": "string"
// }
// },
// "requestUri": "string",
// "sourceIps": [
// "string"
// ],
// "statusCode": number,
// "userAgent": "string",
// "verb": "string"
// },
// "networkConnectionAction": {
// "blocked": boolean,
// "connectionDirection": "string",
// "localIpDetails": {
// "ipAddressV4": "string"
// },
// "localPortDetails": {
// "port": number,
// "portName": "string"
// },
// "protocol": "string",
// "remoteIpDetails": {
// "city": {
// "cityName": "string"
// },
// "country": {
// "countryCode": "string",
// "countryName": "string"
// },
// "geoLocation": {
// "lat": number,
// "lon": number
// },
// "ipAddressV4": "string",
// "organization": {
// "asn": "string",
// "asnOrg": "string",
// "isp": "string",
// "org": "string"
// }
// },
// "remotePortDetails": {
// "port": number,
// "portName": "string"
// }
// },
// "portProbeAction": {
// "blocked": boolean,
// "portProbeDetails": [
// {
// "localIpDetails": {
// "ipAddressV4": "string"
// },
// "localPortDetails": {
// "port": number,
// "portName": "string"
// },
// "remoteIpDetails": {
// "city": {
// "cityName": "string"
// },
// "country": {
// "countryCode": "string",
// "countryName": "string"
// },
// "geoLocation": {
// "lat": number,
// "lon": number
// },
// "ipAddressV4": "string",
// "organization": {
// "asn": "string",
// "asnOrg": "string",
// "isp": "string",
// "org": "string"
// }
// }
// }
// ]
// }
// },
// "archived": boolean,
// "count": number,
// "detectorId": "string",
// "eventFirstSeen": "string",
// "eventLastSeen": "string",
// "evidence": {
// "threatIntelligenceDetails": [
// {
// "threatListName": "string",
// "threatNames": [
// "string"
// ]
// }
// ]
// },
// "resourceRole": "string",
// "serviceName": "string",
// "userFeedback": "string"
// },
// "severity": number,
// "title": "string",
// "type": "string",
// "updatedAt": "string"
// }
// ]
// }
}
}