GetFindings Perl Example
use chilkat();
# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
$rest = chilkat::CkRest->new();
$authAws = chilkat::CkAuthAws->new();
$authAws->put_AccessKey("AWS_ACCESS_KEY");
$authAws->put_SecretKey("AWS_SECRET_KEY");
# Don't forget to change the region to your particular region. (Also make the same change in the call to Connect below.)
$authAws->put_Region("us-west-2");
$authAws->put_ServiceName("guardduty");
# SetAuthAws causes Chilkat to automatically add the following headers: Authorization, X-Amz-Date
$rest->SetAuthAws($authAws);
# URL: https://guardduty.us-west-2.amazonaws.com/
# Use the same region as specified above.
$success = $rest->Connect("guardduty.us-west-2.amazonaws.com",443,1,1);
if ($success != 1) {
print "ConnectFailReason: " . $rest->get_ConnectFailReason() . "\r\n";
print $rest->lastErrorText() . "\r\n";
exit;
}
# The following code creates the JSON request body.
# The JSON created by this code is shown below.
# Use this online tool to generate code from sample JSON:
# Generate Code to Create JSON
$json = chilkat::CkJsonObject->new();
$json->UpdateString("findingIds[0]","string");
$json->UpdateString("sortCriteria.attributeName","string");
$json->UpdateString("sortCriteria.orderBy","string");
# The JSON request body created by the above code:
# {
# "findingIds": [
# "string"
# ],
# "sortCriteria": {
# "attributeName": "string",
# "orderBy": "string"
# }
# }
$rest->AddHeader("Content-Type","application/x-amz-json-1.1");
$rest->AddHeader("X-Amz-Target","GetFindings");
$sbRequestBody = chilkat::CkStringBuilder->new();
$json->EmitSb($sbRequestBody);
$sbResponseBody = chilkat::CkStringBuilder->new();
$success = $rest->FullRequestSb("POST","/detector/{detectorId}/findings/get",$sbRequestBody,$sbResponseBody);
if ($success != 1) {
print $rest->lastErrorText() . "\r\n";
exit;
}
$respStatusCode = $rest->get_ResponseStatusCode();
print "response status code = " . $respStatusCode . "\r\n";
if ($respStatusCode != 200) {
print "Response Header:" . "\r\n";
print $rest->responseHeader() . "\r\n";
print "Response Body:" . "\r\n";
print $sbResponseBody->getAsString() . "\r\n";
exit;
}
$jResp = chilkat::CkJsonObject->new();
$jResp->LoadSb($sbResponseBody);
# The following code parses the JSON response.
# A sample JSON response is shown below the sample code.
# Use this online tool to generate parsing code from sample JSON:
# Generate Parsing Code from JSON
$i = 0;
$count_i = $jResp->SizeOfArray("findings");
while ($i < $count_i) {
$jResp->put_I($i);
$accountId = $jResp->stringOf("findings[i].accountId");
$arn = $jResp->stringOf("findings[i].arn");
$confidence = $jResp->IntOf("findings[i].confidence");
$createdAt = $jResp->stringOf("findings[i].createdAt");
$description = $jResp->stringOf("findings[i].description");
$id = $jResp->stringOf("findings[i].id");
$partition = $jResp->stringOf("findings[i].partition");
$region = $jResp->stringOf("findings[i].region");
$AccessKeyId = $jResp->stringOf("findings[i].resource.accessKeyDetails.accessKeyId");
$PrincipalId = $jResp->stringOf("findings[i].resource.accessKeyDetails.principalId");
$UserName = $jResp->stringOf("findings[i].resource.accessKeyDetails.userName");
$UserType = $jResp->stringOf("findings[i].resource.accessKeyDetails.userType");
$Arn = $jResp->stringOf("findings[i].resource.eksClusterDetails.arn");
$CreatedAt = $jResp->IntOf("findings[i].resource.eksClusterDetails.createdAt");
$Name = $jResp->stringOf("findings[i].resource.eksClusterDetails.name");
$Status = $jResp->stringOf("findings[i].resource.eksClusterDetails.status");
$VpcId = $jResp->stringOf("findings[i].resource.eksClusterDetails.vpcId");
$AvailabilityZone = $jResp->stringOf("findings[i].resource.instanceDetails.availabilityZone");
$IamInstanceProfileArn = $jResp->stringOf("findings[i].resource.instanceDetails.iamInstanceProfile.arn");
$Id = $jResp->stringOf("findings[i].resource.instanceDetails.iamInstanceProfile.id");
$ImageDescription = $jResp->stringOf("findings[i].resource.instanceDetails.imageDescription");
$ImageId = $jResp->stringOf("findings[i].resource.instanceDetails.imageId");
$InstanceId = $jResp->stringOf("findings[i].resource.instanceDetails.instanceId");
$InstanceState = $jResp->stringOf("findings[i].resource.instanceDetails.instanceState");
$InstanceType = $jResp->stringOf("findings[i].resource.instanceDetails.instanceType");
$LaunchTime = $jResp->stringOf("findings[i].resource.instanceDetails.launchTime");
$OutpostArn = $jResp->stringOf("findings[i].resource.instanceDetails.outpostArn");
$Platform = $jResp->stringOf("findings[i].resource.instanceDetails.platform");
$Uid = $jResp->stringOf("findings[i].resource.kubernetesDetails.kubernetesUserDetails.uid");
$Username = $jResp->stringOf("findings[i].resource.kubernetesDetails.kubernetesUserDetails.username");
$HostNetwork = $jResp->IntOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.hostNetwork");
$KubernetesWorkloadDetailsName = $jResp->stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.name");
$Namespace = $jResp->stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.namespace");
$v_Type = $jResp->stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.type");
$KubernetesWorkloadDetailsUid = $jResp->stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.uid");
$ResourceType = $jResp->stringOf("findings[i].resource.resourceType");
$schemaVersion = $jResp->stringOf("findings[i].schemaVersion");
$ActionType = $jResp->stringOf("findings[i].service.action.actionType");
$Api = $jResp->stringOf("findings[i].service.action.awsApiCallAction.api");
$CallerType = $jResp->stringOf("findings[i].service.action.awsApiCallAction.callerType");
$Domain = $jResp->stringOf("findings[i].service.action.awsApiCallAction.domainDetails.domain");
$ErrorCode = $jResp->stringOf("findings[i].service.action.awsApiCallAction.errorCode");
$AccountId = $jResp->stringOf("findings[i].service.action.awsApiCallAction.remoteAccountDetails.accountId");
$Affiliated = $jResp->IntOf("findings[i].service.action.awsApiCallAction.remoteAccountDetails.affiliated");
$CityName = $jResp->stringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.city.cityName");
$CountryCode = $jResp->stringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.country.countryCode");
$CountryName = $jResp->stringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.country.countryName");
$Lat = $jResp->IntOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.geoLocation.lat");
$Lon = $jResp->IntOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.geoLocation.lon");
$IpAddressV4 = $jResp->stringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.ipAddressV4");
$v_Asn = $jResp->stringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.organization.asn");
$AsnOrg = $jResp->stringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg");
$Isp = $jResp->stringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.organization.isp");
$Org = $jResp->stringOf("findings[i].service.action.awsApiCallAction.remoteIpDetails.organization.org");
$ServiceName = $jResp->stringOf("findings[i].service.action.awsApiCallAction.serviceName");
$UserAgent = $jResp->stringOf("findings[i].service.action.awsApiCallAction.userAgent");
$DnsRequestActionDomain = $jResp->stringOf("findings[i].service.action.dnsRequestAction.domain");
$Parameters = $jResp->stringOf("findings[i].service.action.kubernetesApiCallAction.parameters");
$CityCityName = $jResp->stringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.city.cityName");
$CountryCountryCode = $jResp->stringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.country.countryCode");
$CountryCountryName = $jResp->stringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.country.countryName");
$GeoLocationLat = $jResp->IntOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.geoLocation.lat");
$GeoLocationLon = $jResp->IntOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.geoLocation.lon");
$RemoteIpDetailsIpAddressV4 = $jResp->stringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV4");
$OrganizationAsn = $jResp->stringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.organization.asn");
$OrganizationAsnOrg = $jResp->stringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.organization.asnOrg");
$OrganizationIsp = $jResp->stringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.organization.isp");
$OrganizationOrg = $jResp->stringOf("findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.organization.org");
$RequestUri = $jResp->stringOf("findings[i].service.action.kubernetesApiCallAction.requestUri");
$StatusCode = $jResp->IntOf("findings[i].service.action.kubernetesApiCallAction.statusCode");
$KubernetesApiCallActionUserAgent = $jResp->stringOf("findings[i].service.action.kubernetesApiCallAction.userAgent");
$Verb = $jResp->stringOf("findings[i].service.action.kubernetesApiCallAction.verb");
$Blocked = $jResp->IntOf("findings[i].service.action.networkConnectionAction.blocked");
$ConnectionDirection = $jResp->stringOf("findings[i].service.action.networkConnectionAction.connectionDirection");
$LocalIpDetailsIpAddressV4 = $jResp->stringOf("findings[i].service.action.networkConnectionAction.localIpDetails.ipAddressV4");
$Port = $jResp->IntOf("findings[i].service.action.networkConnectionAction.localPortDetails.port");
$PortName = $jResp->stringOf("findings[i].service.action.networkConnectionAction.localPortDetails.portName");
$Protocol = $jResp->stringOf("findings[i].service.action.networkConnectionAction.protocol");
$CityCityName = $jResp->stringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.city.cityName");
$CountryCountryCode = $jResp->stringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.country.countryCode");
$CountryCountryName = $jResp->stringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.country.countryName");
$GeoLocationLat = $jResp->IntOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.geoLocation.lat");
$GeoLocationLon = $jResp->IntOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.geoLocation.lon");
$RemoteIpDetailsIpAddressV4 = $jResp->stringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.ipAddressV4");
$OrganizationAsn = $jResp->stringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.organization.asn");
$OrganizationAsnOrg = $jResp->stringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg");
$OrganizationIsp = $jResp->stringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.organization.isp");
$OrganizationOrg = $jResp->stringOf("findings[i].service.action.networkConnectionAction.remoteIpDetails.organization.org");
$RemotePortDetailsPort = $jResp->IntOf("findings[i].service.action.networkConnectionAction.remotePortDetails.port");
$RemotePortDetailsPortName = $jResp->stringOf("findings[i].service.action.networkConnectionAction.remotePortDetails.portName");
$PortProbeActionBlocked = $jResp->IntOf("findings[i].service.action.portProbeAction.blocked");
$Archived = $jResp->IntOf("findings[i].service.archived");
$Count = $jResp->IntOf("findings[i].service.count");
$DetectorId = $jResp->stringOf("findings[i].service.detectorId");
$EventFirstSeen = $jResp->stringOf("findings[i].service.eventFirstSeen");
$EventLastSeen = $jResp->stringOf("findings[i].service.eventLastSeen");
$ResourceRole = $jResp->stringOf("findings[i].service.resourceRole");
$serviceServiceName = $jResp->stringOf("findings[i].service.serviceName");
$UserFeedback = $jResp->stringOf("findings[i].service.userFeedback");
$severity = $jResp->IntOf("findings[i].severity");
$title = $jResp->stringOf("findings[i].title");
$v_type = $jResp->stringOf("findings[i].type");
$updatedAt = $jResp->stringOf("findings[i].updatedAt");
$j = 0;
$count_j = $jResp->SizeOfArray("findings[i].resource.eksClusterDetails.tags");
while ($j < $count_j) {
$jResp->put_J($j);
$key = $jResp->stringOf("findings[i].resource.eksClusterDetails.tags[j].key");
$value = $jResp->stringOf("findings[i].resource.eksClusterDetails.tags[j].value");
$j = $j + 1;
}
$j = 0;
$count_j = $jResp->SizeOfArray("findings[i].resource.instanceDetails.networkInterfaces");
while ($j < $count_j) {
$jResp->put_J($j);
$networkInterfaceId = $jResp->stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].networkInterfaceId");
$privateDnsName = $jResp->stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].privateDnsName");
$privateIpAddress = $jResp->stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].privateIpAddress");
$publicDnsName = $jResp->stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].publicDnsName");
$publicIp = $jResp->stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].publicIp");
$subnetId = $jResp->stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].subnetId");
$vpcId = $jResp->stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].vpcId");
$k = 0;
$count_k = $jResp->SizeOfArray("findings[i].resource.instanceDetails.networkInterfaces[j].ipv6Addresses");
while ($k < $count_k) {
$jResp->put_K($k);
$strVal = $jResp->stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].ipv6Addresses[k]");
$k = $k + 1;
}
$k = 0;
$count_k = $jResp->SizeOfArray("findings[i].resource.instanceDetails.networkInterfaces[j].privateIpAddresses");
while ($k < $count_k) {
$jResp->put_K($k);
$privateDnsName = $jResp->stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].privateIpAddresses[k].privateDnsName");
$privateIpAddress = $jResp->stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].privateIpAddresses[k].privateIpAddress");
$k = $k + 1;
}
$k = 0;
$count_k = $jResp->SizeOfArray("findings[i].resource.instanceDetails.networkInterfaces[j].securityGroups");
while ($k < $count_k) {
$jResp->put_K($k);
$groupId = $jResp->stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].securityGroups[k].groupId");
$groupName = $jResp->stringOf("findings[i].resource.instanceDetails.networkInterfaces[j].securityGroups[k].groupName");
$k = $k + 1;
}
$j = $j + 1;
}
$j = 0;
$count_j = $jResp->SizeOfArray("findings[i].resource.instanceDetails.productCodes");
while ($j < $count_j) {
$jResp->put_J($j);
$code = $jResp->stringOf("findings[i].resource.instanceDetails.productCodes[j].code");
$productType = $jResp->stringOf("findings[i].resource.instanceDetails.productCodes[j].productType");
$j = $j + 1;
}
$j = 0;
$count_j = $jResp->SizeOfArray("findings[i].resource.instanceDetails.tags");
while ($j < $count_j) {
$jResp->put_J($j);
$key = $jResp->stringOf("findings[i].resource.instanceDetails.tags[j].key");
$value = $jResp->stringOf("findings[i].resource.instanceDetails.tags[j].value");
$j = $j + 1;
}
$j = 0;
$count_j = $jResp->SizeOfArray("findings[i].resource.kubernetesDetails.kubernetesUserDetails.groups");
while ($j < $count_j) {
$jResp->put_J($j);
$strVal = $jResp->stringOf("findings[i].resource.kubernetesDetails.kubernetesUserDetails.groups[j]");
$j = $j + 1;
}
$j = 0;
$count_j = $jResp->SizeOfArray("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers");
while ($j < $count_j) {
$jResp->put_J($j);
$containerRuntime = $jResp->stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].containerRuntime");
$id = $jResp->stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].id");
$image = $jResp->stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].image");
$imagePrefix = $jResp->stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].imagePrefix");
$name = $jResp->stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].name");
$Privileged = $jResp->IntOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].securityContext.privileged");
$k = 0;
$count_k = $jResp->SizeOfArray("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].volumeMounts");
while ($k < $count_k) {
$jResp->put_K($k);
$mountPath = $jResp->stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].volumeMounts[k].mountPath");
$name = $jResp->stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].volumeMounts[k].name");
$k = $k + 1;
}
$j = $j + 1;
}
$j = 0;
$count_j = $jResp->SizeOfArray("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.volumes");
while ($j < $count_j) {
$jResp->put_J($j);
$Path = $jResp->stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.volumes[j].hostPath.path");
$name = $jResp->stringOf("findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.volumes[j].name");
$j = $j + 1;
}
$j = 0;
$count_j = $jResp->SizeOfArray("findings[i].resource.s3BucketDetails");
while ($j < $count_j) {
$jResp->put_J($j);
$arn = $jResp->stringOf("findings[i].resource.s3BucketDetails[j].arn");
$createdAt_int = $jResp->IntOf("findings[i].resource.s3BucketDetails[j].createdAt");
$EncryptionType = $jResp->stringOf("findings[i].resource.s3BucketDetails[j].defaultServerSideEncryption.encryptionType");
$KmsMasterKeyArn = $jResp->stringOf("findings[i].resource.s3BucketDetails[j].defaultServerSideEncryption.kmsMasterKeyArn");
$name = $jResp->stringOf("findings[i].resource.s3BucketDetails[j].name");
$ownerId = $jResp->stringOf("findings[i].resource.s3BucketDetails[j].owner.id");
$EffectivePermission = $jResp->stringOf("findings[i].resource.s3BucketDetails[j].publicAccess.effectivePermission");
$BlockPublicAcls = $jResp->IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.accountLevelPermissions.blockPublicAccess.blockPublicAcls");
$BlockPublicPolicy = $jResp->IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.accountLevelPermissions.blockPublicAccess.blockPublicPolicy");
$IgnorePublicAcls = $jResp->IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.accountLevelPermissions.blockPublicAccess.ignorePublicAcls");
$RestrictPublicBuckets = $jResp->IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.accountLevelPermissions.blockPublicAccess.restrictPublicBuckets");
$AllowsPublicReadAccess = $jResp->IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.accessControlList.allowsPublicReadAccess");
$AllowsPublicWriteAccess = $jResp->IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.accessControlList.allowsPublicWriteAccess");
$BlockPublicAccessBlockPublicAcls = $jResp->IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.blockPublicAccess.blockPublicAcls");
$BlockPublicAccessBlockPublicPolicy = $jResp->IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.blockPublicAccess.blockPublicPolicy");
$BlockPublicAccessIgnorePublicAcls = $jResp->IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.blockPublicAccess.ignorePublicAcls");
$BlockPublicAccessRestrictPublicBuckets = $jResp->IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.blockPublicAccess.restrictPublicBuckets");
$BucketPolicyAllowsPublicReadAccess = $jResp->IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.bucketPolicy.allowsPublicReadAccess");
$BucketPolicyAllowsPublicWriteAccess = $jResp->IntOf("findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.bucketPolicy.allowsPublicWriteAccess");
$v_type = $jResp->stringOf("findings[i].resource.s3BucketDetails[j].type");
$k = 0;
$count_k = $jResp->SizeOfArray("findings[i].resource.s3BucketDetails[j].tags");
while ($k < $count_k) {
$jResp->put_K($k);
$key = $jResp->stringOf("findings[i].resource.s3BucketDetails[j].tags[k].key");
$value = $jResp->stringOf("findings[i].resource.s3BucketDetails[j].tags[k].value");
$k = $k + 1;
}
$j = $j + 1;
}
$j = 0;
$count_j = $jResp->SizeOfArray("findings[i].service.action.kubernetesApiCallAction.sourceIps");
while ($j < $count_j) {
$jResp->put_J($j);
$strVal = $jResp->stringOf("findings[i].service.action.kubernetesApiCallAction.sourceIps[j]");
$j = $j + 1;
}
$j = 0;
$count_j = $jResp->SizeOfArray("findings[i].service.action.portProbeAction.portProbeDetails");
while ($j < $count_j) {
$jResp->put_J($j);
$localIpDetailsIpAddressV4 = $jResp->stringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].localIpDetails.ipAddressV4");
$localPortDetailsPort = $jResp->IntOf("findings[i].service.action.portProbeAction.portProbeDetails[j].localPortDetails.port");
$localPortDetailsPortName = $jResp->stringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].localPortDetails.portName");
$CityCityName = $jResp->stringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.city.cityName");
$CountryCountryCode = $jResp->stringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.country.countryCode");
$CountryCountryName = $jResp->stringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.country.countryName");
$GeoLocationLat = $jResp->IntOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.geoLocation.lat");
$GeoLocationLon = $jResp->IntOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.geoLocation.lon");
$remoteIpDetailsIpAddressV4 = $jResp->stringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.ipAddressV4");
$OrganizationAsn = $jResp->stringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.organization.asn");
$OrganizationAsnOrg = $jResp->stringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.organization.asnOrg");
$OrganizationIsp = $jResp->stringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.organization.isp");
$OrganizationOrg = $jResp->stringOf("findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.organization.org");
$j = $j + 1;
}
$j = 0;
$count_j = $jResp->SizeOfArray("findings[i].service.evidence.threatIntelligenceDetails");
while ($j < $count_j) {
$jResp->put_J($j);
$threatListName = $jResp->stringOf("findings[i].service.evidence.threatIntelligenceDetails[j].threatListName");
$k = 0;
$count_k = $jResp->SizeOfArray("findings[i].service.evidence.threatIntelligenceDetails[j].threatNames");
while ($k < $count_k) {
$jResp->put_K($k);
$strVal = $jResp->stringOf("findings[i].service.evidence.threatIntelligenceDetails[j].threatNames[k]");
$k = $k + 1;
}
$j = $j + 1;
}
$i = $i + 1;
}
# A sample JSON response body parsed by the above code:
# {
# "findings": [
# {
# "accountId": "string",
# "arn": "string",
# "confidence": number,
# "createdAt": "string",
# "description": "string",
# "id": "string",
# "partition": "string",
# "region": "string",
# "resource": {
# "accessKeyDetails": {
# "accessKeyId": "string",
# "principalId": "string",
# "userName": "string",
# "userType": "string"
# },
# "eksClusterDetails": {
# "arn": "string",
# "createdAt": number,
# "name": "string",
# "status": "string",
# "tags": [
# {
# "key": "string",
# "value": "string"
# }
# ],
# "vpcId": "string"
# },
# "instanceDetails": {
# "availabilityZone": "string",
# "iamInstanceProfile": {
# "arn": "string",
# "id": "string"
# },
# "imageDescription": "string",
# "imageId": "string",
# "instanceId": "string",
# "instanceState": "string",
# "instanceType": "string",
# "launchTime": "string",
# "networkInterfaces": [
# {
# "ipv6Addresses": [
# "string"
# ],
# "networkInterfaceId": "string",
# "privateDnsName": "string",
# "privateIpAddress": "string",
# "privateIpAddresses": [
# {
# "privateDnsName": "string",
# "privateIpAddress": "string"
# }
# ],
# "publicDnsName": "string",
# "publicIp": "string",
# "securityGroups": [
# {
# "groupId": "string",
# "groupName": "string"
# }
# ],
# "subnetId": "string",
# "vpcId": "string"
# }
# ],
# "outpostArn": "string",
# "platform": "string",
# "productCodes": [
# {
# "code": "string",
# "productType": "string"
# }
# ],
# "tags": [
# {
# "key": "string",
# "value": "string"
# }
# ]
# },
# "kubernetesDetails": {
# "kubernetesUserDetails": {
# "groups": [
# "string"
# ],
# "uid": "string",
# "username": "string"
# },
# "kubernetesWorkloadDetails": {
# "containers": [
# {
# "containerRuntime": "string",
# "id": "string",
# "image": "string",
# "imagePrefix": "string",
# "name": "string",
# "securityContext": {
# "privileged": boolean
# },
# "volumeMounts": [
# {
# "mountPath": "string",
# "name": "string"
# }
# ]
# }
# ],
# "hostNetwork": boolean,
# "name": "string",
# "namespace": "string",
# "type": "string",
# "uid": "string",
# "volumes": [
# {
# "hostPath": {
# "path": "string"
# },
# "name": "string"
# }
# ]
# }
# },
# "resourceType": "string",
# "s3BucketDetails": [
# {
# "arn": "string",
# "createdAt": number,
# "defaultServerSideEncryption": {
# "encryptionType": "string",
# "kmsMasterKeyArn": "string"
# },
# "name": "string",
# "owner": {
# "id": "string"
# },
# "publicAccess": {
# "effectivePermission": "string",
# "permissionConfiguration": {
# "accountLevelPermissions": {
# "blockPublicAccess": {
# "blockPublicAcls": boolean,
# "blockPublicPolicy": boolean,
# "ignorePublicAcls": boolean,
# "restrictPublicBuckets": boolean
# }
# },
# "bucketLevelPermissions": {
# "accessControlList": {
# "allowsPublicReadAccess": boolean,
# "allowsPublicWriteAccess": boolean
# },
# "blockPublicAccess": {
# "blockPublicAcls": boolean,
# "blockPublicPolicy": boolean,
# "ignorePublicAcls": boolean,
# "restrictPublicBuckets": boolean
# },
# "bucketPolicy": {
# "allowsPublicReadAccess": boolean,
# "allowsPublicWriteAccess": boolean
# }
# }
# }
# },
# "tags": [
# {
# "key": "string",
# "value": "string"
# }
# ],
# "type": "string"
# }
# ]
# },
# "schemaVersion": "string",
# "service": {
# "action": {
# "actionType": "string",
# "awsApiCallAction": {
# "api": "string",
# "callerType": "string",
# "domainDetails": {
# "domain": "string"
# },
# "errorCode": "string",
# "remoteAccountDetails": {
# "accountId": "string",
# "affiliated": boolean
# },
# "remoteIpDetails": {
# "city": {
# "cityName": "string"
# },
# "country": {
# "countryCode": "string",
# "countryName": "string"
# },
# "geoLocation": {
# "lat": number,
# "lon": number
# },
# "ipAddressV4": "string",
# "organization": {
# "asn": "string",
# "asnOrg": "string",
# "isp": "string",
# "org": "string"
# }
# },
# "serviceName": "string",
# "userAgent": "string"
# },
# "dnsRequestAction": {
# "domain": "string"
# },
# "kubernetesApiCallAction": {
# "parameters": "string",
# "remoteIpDetails": {
# "city": {
# "cityName": "string"
# },
# "country": {
# "countryCode": "string",
# "countryName": "string"
# },
# "geoLocation": {
# "lat": number,
# "lon": number
# },
# "ipAddressV4": "string",
# "organization": {
# "asn": "string",
# "asnOrg": "string",
# "isp": "string",
# "org": "string"
# }
# },
# "requestUri": "string",
# "sourceIps": [
# "string"
# ],
# "statusCode": number,
# "userAgent": "string",
# "verb": "string"
# },
# "networkConnectionAction": {
# "blocked": boolean,
# "connectionDirection": "string",
# "localIpDetails": {
# "ipAddressV4": "string"
# },
# "localPortDetails": {
# "port": number,
# "portName": "string"
# },
# "protocol": "string",
# "remoteIpDetails": {
# "city": {
# "cityName": "string"
# },
# "country": {
# "countryCode": "string",
# "countryName": "string"
# },
# "geoLocation": {
# "lat": number,
# "lon": number
# },
# "ipAddressV4": "string",
# "organization": {
# "asn": "string",
# "asnOrg": "string",
# "isp": "string",
# "org": "string"
# }
# },
# "remotePortDetails": {
# "port": number,
# "portName": "string"
# }
# },
# "portProbeAction": {
# "blocked": boolean,
# "portProbeDetails": [
# {
# "localIpDetails": {
# "ipAddressV4": "string"
# },
# "localPortDetails": {
# "port": number,
# "portName": "string"
# },
# "remoteIpDetails": {
# "city": {
# "cityName": "string"
# },
# "country": {
# "countryCode": "string",
# "countryName": "string"
# },
# "geoLocation": {
# "lat": number,
# "lon": number
# },
# "ipAddressV4": "string",
# "organization": {
# "asn": "string",
# "asnOrg": "string",
# "isp": "string",
# "org": "string"
# }
# }
# }
# ]
# }
# },
# "archived": boolean,
# "count": number,
# "detectorId": "string",
# "eventFirstSeen": "string",
# "eventLastSeen": "string",
# "evidence": {
# "threatIntelligenceDetails": [
# {
# "threatListName": "string",
# "threatNames": [
# "string"
# ]
# }
# ]
# },
# "resourceRole": "string",
# "serviceName": "string",
# "userFeedback": "string"
# },
# "severity": number,
# "title": "string",
# "type": "string",
# "updatedAt": "string"
# }
# ]
# }
