GetFindings Swift3 Example
func chilkatTest() {
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
let rest = CkoRest()!
var success: Bool
let authAws = CkoAuthAws()!
authAws.accessKey = "AWS_ACCESS_KEY"
authAws.secretKey = "AWS_SECRET_KEY"
// Don't forget to change the region to your particular region. (Also make the same change in the call to Connect below.)
authAws.region = "us-west-2"
authAws.serviceName = "guardduty"
// SetAuthAws causes Chilkat to automatically add the following headers: Authorization, X-Amz-Date
rest.setAuthAws(authAws)
// URL: https://guardduty.us-west-2.amazonaws.com/
// Use the same region as specified above.
success = rest.connect("guardduty.us-west-2.amazonaws.com", port: 443, tls: true, autoReconnect: true)
if success != true {
print("ConnectFailReason: \(rest.connectFailReason.intValue)")
print("\(rest.lastErrorText!)")
return
}
// The following code creates the JSON request body.
// The JSON created by this code is shown below.
// Use this online tool to generate code from sample JSON:
// Generate Code to Create JSON
let json = CkoJsonObject()!
json.update("findingIds[0]", value: "string")
json.update("sortCriteria.attributeName", value: "string")
json.update("sortCriteria.orderBy", value: "string")
// The JSON request body created by the above code:
// {
// "findingIds": [
// "string"
// ],
// "sortCriteria": {
// "attributeName": "string",
// "orderBy": "string"
// }
// }
rest.addHeader("Content-Type", value: "application/x-amz-json-1.1")
rest.addHeader("X-Amz-Target", value: "GetFindings")
let sbRequestBody = CkoStringBuilder()!
json.emitSb(sbRequestBody)
let sbResponseBody = CkoStringBuilder()!
success = rest.fullRequestSb("POST", uriPath: "/detector/{detectorId}/findings/get", requestBody: sbRequestBody, responseBody: sbResponseBody)
if success != true {
print("\(rest.lastErrorText!)")
return
}
var respStatusCode: Int = rest.responseStatusCode.intValue
print("response status code = \(respStatusCode)")
if respStatusCode != 200 {
print("Response Header:")
print("\(rest.responseHeader!)")
print("Response Body:")
print("\(sbResponseBody.getAsString()!)")
return
}
let jResp = CkoJsonObject()!
jResp.loadSb(sbResponseBody)
// The following code parses the JSON response.
// A sample JSON response is shown below the sample code.
// Use this online tool to generate parsing code from sample JSON:
// Generate Parsing Code from JSON
var accountId: String?
var arn: String?
var confidence: Int
var createdAt: String?
var description: String?
var id: String?
var partition: String?
var region: String?
var AccessKeyId: String?
var PrincipalId: String?
var UserName: String?
var UserType: String?
var Arn: String?
var CreatedAt: Int
var Name: String?
var Status: String?
var VpcId: String?
var AvailabilityZone: String?
var IamInstanceProfileArn: String?
var Id: String?
var ImageDescription: String?
var ImageId: String?
var InstanceId: String?
var InstanceState: String?
var InstanceType: String?
var LaunchTime: String?
var OutpostArn: String?
var Platform: String?
var Uid: String?
var Username: String?
var HostNetwork: Int
var KubernetesWorkloadDetailsName: String?
var Namespace: String?
var v_Type: String?
var KubernetesWorkloadDetailsUid: String?
var ResourceType: String?
var schemaVersion: String?
var ActionType: String?
var Api: String?
var CallerType: String?
var Domain: String?
var ErrorCode: String?
var AccountId: String?
var Affiliated: Int
var CityName: String?
var CountryCode: String?
var CountryName: String?
var Lat: Int
var Lon: Int
var IpAddressV4: String?
var v_Asn: String?
var AsnOrg: String?
var Isp: String?
var Org: String?
var ServiceName: String?
var UserAgent: String?
var DnsRequestActionDomain: String?
var Parameters: String?
var CityCityName: String?
var CountryCountryCode: String?
var CountryCountryName: String?
var GeoLocationLat: Int
var GeoLocationLon: Int
var RemoteIpDetailsIpAddressV4: String?
var OrganizationAsn: String?
var OrganizationAsnOrg: String?
var OrganizationIsp: String?
var OrganizationOrg: String?
var RequestUri: String?
var StatusCode: Int
var KubernetesApiCallActionUserAgent: String?
var Verb: String?
var Blocked: Int
var ConnectionDirection: String?
var LocalIpDetailsIpAddressV4: String?
var Port: Int
var PortName: String?
var Protocol: String?
var RemotePortDetailsPort: Int
var RemotePortDetailsPortName: String?
var PortProbeActionBlocked: Int
var Archived: Int
var Count: Int
var DetectorId: String?
var EventFirstSeen: String?
var EventLastSeen: String?
var ResourceRole: String?
var serviceServiceName: String?
var UserFeedback: String?
var severity: Int
var title: String?
var v_type: String?
var updatedAt: String?
var j: Int
var count_j: Int
var key: String?
var value: String?
var networkInterfaceId: String?
var privateDnsName: String?
var privateIpAddress: String?
var publicDnsName: String?
var publicIp: String?
var subnetId: String?
var vpcId: String?
var k: Int
var count_k: Int
var strVal: String?
var groupId: String?
var groupName: String?
var code: String?
var productType: String?
var containerRuntime: String?
var image: String?
var imagePrefix: String?
var name: String?
var Privileged: Int
var mountPath: String?
var Path: String?
var createdAt_int: Int
var EncryptionType: String?
var KmsMasterKeyArn: String?
var ownerId: String?
var EffectivePermission: String?
var BlockPublicAcls: Int
var BlockPublicPolicy: Int
var IgnorePublicAcls: Int
var RestrictPublicBuckets: Int
var AllowsPublicReadAccess: Int
var AllowsPublicWriteAccess: Int
var BlockPublicAccessBlockPublicAcls: Int
var BlockPublicAccessBlockPublicPolicy: Int
var BlockPublicAccessIgnorePublicAcls: Int
var BlockPublicAccessRestrictPublicBuckets: Int
var BucketPolicyAllowsPublicReadAccess: Int
var BucketPolicyAllowsPublicWriteAccess: Int
var localIpDetailsIpAddressV4: String?
var localPortDetailsPort: Int
var localPortDetailsPortName: String?
var remoteIpDetailsIpAddressV4: String?
var threatListName: String?
var i: Int = 0
var count_i: Int = jResp.size(ofArray: "findings").intValue
while i < count_i {
jResp.i = i
accountId = jResp.string(of: "findings[i].accountId")
arn = jResp.string(of: "findings[i].arn")
confidence = jResp.int(of: "findings[i].confidence").intValue
createdAt = jResp.string(of: "findings[i].createdAt")
description = jResp.string(of: "findings[i].description")
id = jResp.string(of: "findings[i].id")
partition = jResp.string(of: "findings[i].partition")
region = jResp.string(of: "findings[i].region")
AccessKeyId = jResp.string(of: "findings[i].resource.accessKeyDetails.accessKeyId")
PrincipalId = jResp.string(of: "findings[i].resource.accessKeyDetails.principalId")
UserName = jResp.string(of: "findings[i].resource.accessKeyDetails.userName")
UserType = jResp.string(of: "findings[i].resource.accessKeyDetails.userType")
Arn = jResp.string(of: "findings[i].resource.eksClusterDetails.arn")
CreatedAt = jResp.int(of: "findings[i].resource.eksClusterDetails.createdAt").intValue
Name = jResp.string(of: "findings[i].resource.eksClusterDetails.name")
Status = jResp.string(of: "findings[i].resource.eksClusterDetails.status")
VpcId = jResp.string(of: "findings[i].resource.eksClusterDetails.vpcId")
AvailabilityZone = jResp.string(of: "findings[i].resource.instanceDetails.availabilityZone")
IamInstanceProfileArn = jResp.string(of: "findings[i].resource.instanceDetails.iamInstanceProfile.arn")
Id = jResp.string(of: "findings[i].resource.instanceDetails.iamInstanceProfile.id")
ImageDescription = jResp.string(of: "findings[i].resource.instanceDetails.imageDescription")
ImageId = jResp.string(of: "findings[i].resource.instanceDetails.imageId")
InstanceId = jResp.string(of: "findings[i].resource.instanceDetails.instanceId")
InstanceState = jResp.string(of: "findings[i].resource.instanceDetails.instanceState")
InstanceType = jResp.string(of: "findings[i].resource.instanceDetails.instanceType")
LaunchTime = jResp.string(of: "findings[i].resource.instanceDetails.launchTime")
OutpostArn = jResp.string(of: "findings[i].resource.instanceDetails.outpostArn")
Platform = jResp.string(of: "findings[i].resource.instanceDetails.platform")
Uid = jResp.string(of: "findings[i].resource.kubernetesDetails.kubernetesUserDetails.uid")
Username = jResp.string(of: "findings[i].resource.kubernetesDetails.kubernetesUserDetails.username")
HostNetwork = jResp.int(of: "findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.hostNetwork").intValue
KubernetesWorkloadDetailsName = jResp.string(of: "findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.name")
Namespace = jResp.string(of: "findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.namespace")
v_Type = jResp.string(of: "findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.type")
KubernetesWorkloadDetailsUid = jResp.string(of: "findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.uid")
ResourceType = jResp.string(of: "findings[i].resource.resourceType")
schemaVersion = jResp.string(of: "findings[i].schemaVersion")
ActionType = jResp.string(of: "findings[i].service.action.actionType")
Api = jResp.string(of: "findings[i].service.action.awsApiCallAction.api")
CallerType = jResp.string(of: "findings[i].service.action.awsApiCallAction.callerType")
Domain = jResp.string(of: "findings[i].service.action.awsApiCallAction.domainDetails.domain")
ErrorCode = jResp.string(of: "findings[i].service.action.awsApiCallAction.errorCode")
AccountId = jResp.string(of: "findings[i].service.action.awsApiCallAction.remoteAccountDetails.accountId")
Affiliated = jResp.int(of: "findings[i].service.action.awsApiCallAction.remoteAccountDetails.affiliated").intValue
CityName = jResp.string(of: "findings[i].service.action.awsApiCallAction.remoteIpDetails.city.cityName")
CountryCode = jResp.string(of: "findings[i].service.action.awsApiCallAction.remoteIpDetails.country.countryCode")
CountryName = jResp.string(of: "findings[i].service.action.awsApiCallAction.remoteIpDetails.country.countryName")
Lat = jResp.int(of: "findings[i].service.action.awsApiCallAction.remoteIpDetails.geoLocation.lat").intValue
Lon = jResp.int(of: "findings[i].service.action.awsApiCallAction.remoteIpDetails.geoLocation.lon").intValue
IpAddressV4 = jResp.string(of: "findings[i].service.action.awsApiCallAction.remoteIpDetails.ipAddressV4")
v_Asn = jResp.string(of: "findings[i].service.action.awsApiCallAction.remoteIpDetails.organization.asn")
AsnOrg = jResp.string(of: "findings[i].service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg")
Isp = jResp.string(of: "findings[i].service.action.awsApiCallAction.remoteIpDetails.organization.isp")
Org = jResp.string(of: "findings[i].service.action.awsApiCallAction.remoteIpDetails.organization.org")
ServiceName = jResp.string(of: "findings[i].service.action.awsApiCallAction.serviceName")
UserAgent = jResp.string(of: "findings[i].service.action.awsApiCallAction.userAgent")
DnsRequestActionDomain = jResp.string(of: "findings[i].service.action.dnsRequestAction.domain")
Parameters = jResp.string(of: "findings[i].service.action.kubernetesApiCallAction.parameters")
CityCityName = jResp.string(of: "findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.city.cityName")
CountryCountryCode = jResp.string(of: "findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.country.countryCode")
CountryCountryName = jResp.string(of: "findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.country.countryName")
GeoLocationLat = jResp.int(of: "findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.geoLocation.lat").intValue
GeoLocationLon = jResp.int(of: "findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.geoLocation.lon").intValue
RemoteIpDetailsIpAddressV4 = jResp.string(of: "findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV4")
OrganizationAsn = jResp.string(of: "findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.organization.asn")
OrganizationAsnOrg = jResp.string(of: "findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.organization.asnOrg")
OrganizationIsp = jResp.string(of: "findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.organization.isp")
OrganizationOrg = jResp.string(of: "findings[i].service.action.kubernetesApiCallAction.remoteIpDetails.organization.org")
RequestUri = jResp.string(of: "findings[i].service.action.kubernetesApiCallAction.requestUri")
StatusCode = jResp.int(of: "findings[i].service.action.kubernetesApiCallAction.statusCode").intValue
KubernetesApiCallActionUserAgent = jResp.string(of: "findings[i].service.action.kubernetesApiCallAction.userAgent")
Verb = jResp.string(of: "findings[i].service.action.kubernetesApiCallAction.verb")
Blocked = jResp.int(of: "findings[i].service.action.networkConnectionAction.blocked").intValue
ConnectionDirection = jResp.string(of: "findings[i].service.action.networkConnectionAction.connectionDirection")
LocalIpDetailsIpAddressV4 = jResp.string(of: "findings[i].service.action.networkConnectionAction.localIpDetails.ipAddressV4")
Port = jResp.int(of: "findings[i].service.action.networkConnectionAction.localPortDetails.port").intValue
PortName = jResp.string(of: "findings[i].service.action.networkConnectionAction.localPortDetails.portName")
Protocol = jResp.string(of: "findings[i].service.action.networkConnectionAction.protocol")
CityCityName = jResp.string(of: "findings[i].service.action.networkConnectionAction.remoteIpDetails.city.cityName")
CountryCountryCode = jResp.string(of: "findings[i].service.action.networkConnectionAction.remoteIpDetails.country.countryCode")
CountryCountryName = jResp.string(of: "findings[i].service.action.networkConnectionAction.remoteIpDetails.country.countryName")
GeoLocationLat = jResp.int(of: "findings[i].service.action.networkConnectionAction.remoteIpDetails.geoLocation.lat").intValue
GeoLocationLon = jResp.int(of: "findings[i].service.action.networkConnectionAction.remoteIpDetails.geoLocation.lon").intValue
RemoteIpDetailsIpAddressV4 = jResp.string(of: "findings[i].service.action.networkConnectionAction.remoteIpDetails.ipAddressV4")
OrganizationAsn = jResp.string(of: "findings[i].service.action.networkConnectionAction.remoteIpDetails.organization.asn")
OrganizationAsnOrg = jResp.string(of: "findings[i].service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg")
OrganizationIsp = jResp.string(of: "findings[i].service.action.networkConnectionAction.remoteIpDetails.organization.isp")
OrganizationOrg = jResp.string(of: "findings[i].service.action.networkConnectionAction.remoteIpDetails.organization.org")
RemotePortDetailsPort = jResp.int(of: "findings[i].service.action.networkConnectionAction.remotePortDetails.port").intValue
RemotePortDetailsPortName = jResp.string(of: "findings[i].service.action.networkConnectionAction.remotePortDetails.portName")
PortProbeActionBlocked = jResp.int(of: "findings[i].service.action.portProbeAction.blocked").intValue
Archived = jResp.int(of: "findings[i].service.archived").intValue
Count = jResp.int(of: "findings[i].service.count").intValue
DetectorId = jResp.string(of: "findings[i].service.detectorId")
EventFirstSeen = jResp.string(of: "findings[i].service.eventFirstSeen")
EventLastSeen = jResp.string(of: "findings[i].service.eventLastSeen")
ResourceRole = jResp.string(of: "findings[i].service.resourceRole")
serviceServiceName = jResp.string(of: "findings[i].service.serviceName")
UserFeedback = jResp.string(of: "findings[i].service.userFeedback")
severity = jResp.int(of: "findings[i].severity").intValue
title = jResp.string(of: "findings[i].title")
v_type = jResp.string(of: "findings[i].type")
updatedAt = jResp.string(of: "findings[i].updatedAt")
j = 0
count_j = jResp.size(ofArray: "findings[i].resource.eksClusterDetails.tags").intValue
while j < count_j {
jResp.j = j
key = jResp.string(of: "findings[i].resource.eksClusterDetails.tags[j].key")
value = jResp.string(of: "findings[i].resource.eksClusterDetails.tags[j].value")
j = j + 1
}
j = 0
count_j = jResp.size(ofArray: "findings[i].resource.instanceDetails.networkInterfaces").intValue
while j < count_j {
jResp.j = j
networkInterfaceId = jResp.string(of: "findings[i].resource.instanceDetails.networkInterfaces[j].networkInterfaceId")
privateDnsName = jResp.string(of: "findings[i].resource.instanceDetails.networkInterfaces[j].privateDnsName")
privateIpAddress = jResp.string(of: "findings[i].resource.instanceDetails.networkInterfaces[j].privateIpAddress")
publicDnsName = jResp.string(of: "findings[i].resource.instanceDetails.networkInterfaces[j].publicDnsName")
publicIp = jResp.string(of: "findings[i].resource.instanceDetails.networkInterfaces[j].publicIp")
subnetId = jResp.string(of: "findings[i].resource.instanceDetails.networkInterfaces[j].subnetId")
vpcId = jResp.string(of: "findings[i].resource.instanceDetails.networkInterfaces[j].vpcId")
k = 0
count_k = jResp.size(ofArray: "findings[i].resource.instanceDetails.networkInterfaces[j].ipv6Addresses").intValue
while k < count_k {
jResp.k = k
strVal = jResp.string(of: "findings[i].resource.instanceDetails.networkInterfaces[j].ipv6Addresses[k]")
k = k + 1
}
k = 0
count_k = jResp.size(ofArray: "findings[i].resource.instanceDetails.networkInterfaces[j].privateIpAddresses").intValue
while k < count_k {
jResp.k = k
privateDnsName = jResp.string(of: "findings[i].resource.instanceDetails.networkInterfaces[j].privateIpAddresses[k].privateDnsName")
privateIpAddress = jResp.string(of: "findings[i].resource.instanceDetails.networkInterfaces[j].privateIpAddresses[k].privateIpAddress")
k = k + 1
}
k = 0
count_k = jResp.size(ofArray: "findings[i].resource.instanceDetails.networkInterfaces[j].securityGroups").intValue
while k < count_k {
jResp.k = k
groupId = jResp.string(of: "findings[i].resource.instanceDetails.networkInterfaces[j].securityGroups[k].groupId")
groupName = jResp.string(of: "findings[i].resource.instanceDetails.networkInterfaces[j].securityGroups[k].groupName")
k = k + 1
}
j = j + 1
}
j = 0
count_j = jResp.size(ofArray: "findings[i].resource.instanceDetails.productCodes").intValue
while j < count_j {
jResp.j = j
code = jResp.string(of: "findings[i].resource.instanceDetails.productCodes[j].code")
productType = jResp.string(of: "findings[i].resource.instanceDetails.productCodes[j].productType")
j = j + 1
}
j = 0
count_j = jResp.size(ofArray: "findings[i].resource.instanceDetails.tags").intValue
while j < count_j {
jResp.j = j
key = jResp.string(of: "findings[i].resource.instanceDetails.tags[j].key")
value = jResp.string(of: "findings[i].resource.instanceDetails.tags[j].value")
j = j + 1
}
j = 0
count_j = jResp.size(ofArray: "findings[i].resource.kubernetesDetails.kubernetesUserDetails.groups").intValue
while j < count_j {
jResp.j = j
strVal = jResp.string(of: "findings[i].resource.kubernetesDetails.kubernetesUserDetails.groups[j]")
j = j + 1
}
j = 0
count_j = jResp.size(ofArray: "findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers").intValue
while j < count_j {
jResp.j = j
containerRuntime = jResp.string(of: "findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].containerRuntime")
id = jResp.string(of: "findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].id")
image = jResp.string(of: "findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].image")
imagePrefix = jResp.string(of: "findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].imagePrefix")
name = jResp.string(of: "findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].name")
Privileged = jResp.int(of: "findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].securityContext.privileged").intValue
k = 0
count_k = jResp.size(ofArray: "findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].volumeMounts").intValue
while k < count_k {
jResp.k = k
mountPath = jResp.string(of: "findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].volumeMounts[k].mountPath")
name = jResp.string(of: "findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.containers[j].volumeMounts[k].name")
k = k + 1
}
j = j + 1
}
j = 0
count_j = jResp.size(ofArray: "findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.volumes").intValue
while j < count_j {
jResp.j = j
Path = jResp.string(of: "findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.volumes[j].hostPath.path")
name = jResp.string(of: "findings[i].resource.kubernetesDetails.kubernetesWorkloadDetails.volumes[j].name")
j = j + 1
}
j = 0
count_j = jResp.size(ofArray: "findings[i].resource.s3BucketDetails").intValue
while j < count_j {
jResp.j = j
arn = jResp.string(of: "findings[i].resource.s3BucketDetails[j].arn")
createdAt_int = jResp.int(of: "findings[i].resource.s3BucketDetails[j].createdAt").intValue
EncryptionType = jResp.string(of: "findings[i].resource.s3BucketDetails[j].defaultServerSideEncryption.encryptionType")
KmsMasterKeyArn = jResp.string(of: "findings[i].resource.s3BucketDetails[j].defaultServerSideEncryption.kmsMasterKeyArn")
name = jResp.string(of: "findings[i].resource.s3BucketDetails[j].name")
ownerId = jResp.string(of: "findings[i].resource.s3BucketDetails[j].owner.id")
EffectivePermission = jResp.string(of: "findings[i].resource.s3BucketDetails[j].publicAccess.effectivePermission")
BlockPublicAcls = jResp.int(of: "findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.accountLevelPermissions.blockPublicAccess.blockPublicAcls").intValue
BlockPublicPolicy = jResp.int(of: "findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.accountLevelPermissions.blockPublicAccess.blockPublicPolicy").intValue
IgnorePublicAcls = jResp.int(of: "findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.accountLevelPermissions.blockPublicAccess.ignorePublicAcls").intValue
RestrictPublicBuckets = jResp.int(of: "findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.accountLevelPermissions.blockPublicAccess.restrictPublicBuckets").intValue
AllowsPublicReadAccess = jResp.int(of: "findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.accessControlList.allowsPublicReadAccess").intValue
AllowsPublicWriteAccess = jResp.int(of: "findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.accessControlList.allowsPublicWriteAccess").intValue
BlockPublicAccessBlockPublicAcls = jResp.int(of: "findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.blockPublicAccess.blockPublicAcls").intValue
BlockPublicAccessBlockPublicPolicy = jResp.int(of: "findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.blockPublicAccess.blockPublicPolicy").intValue
BlockPublicAccessIgnorePublicAcls = jResp.int(of: "findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.blockPublicAccess.ignorePublicAcls").intValue
BlockPublicAccessRestrictPublicBuckets = jResp.int(of: "findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.blockPublicAccess.restrictPublicBuckets").intValue
BucketPolicyAllowsPublicReadAccess = jResp.int(of: "findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.bucketPolicy.allowsPublicReadAccess").intValue
BucketPolicyAllowsPublicWriteAccess = jResp.int(of: "findings[i].resource.s3BucketDetails[j].publicAccess.permissionConfiguration.bucketLevelPermissions.bucketPolicy.allowsPublicWriteAccess").intValue
v_type = jResp.string(of: "findings[i].resource.s3BucketDetails[j].type")
k = 0
count_k = jResp.size(ofArray: "findings[i].resource.s3BucketDetails[j].tags").intValue
while k < count_k {
jResp.k = k
key = jResp.string(of: "findings[i].resource.s3BucketDetails[j].tags[k].key")
value = jResp.string(of: "findings[i].resource.s3BucketDetails[j].tags[k].value")
k = k + 1
}
j = j + 1
}
j = 0
count_j = jResp.size(ofArray: "findings[i].service.action.kubernetesApiCallAction.sourceIps").intValue
while j < count_j {
jResp.j = j
strVal = jResp.string(of: "findings[i].service.action.kubernetesApiCallAction.sourceIps[j]")
j = j + 1
}
j = 0
count_j = jResp.size(ofArray: "findings[i].service.action.portProbeAction.portProbeDetails").intValue
while j < count_j {
jResp.j = j
localIpDetailsIpAddressV4 = jResp.string(of: "findings[i].service.action.portProbeAction.portProbeDetails[j].localIpDetails.ipAddressV4")
localPortDetailsPort = jResp.int(of: "findings[i].service.action.portProbeAction.portProbeDetails[j].localPortDetails.port").intValue
localPortDetailsPortName = jResp.string(of: "findings[i].service.action.portProbeAction.portProbeDetails[j].localPortDetails.portName")
CityCityName = jResp.string(of: "findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.city.cityName")
CountryCountryCode = jResp.string(of: "findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.country.countryCode")
CountryCountryName = jResp.string(of: "findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.country.countryName")
GeoLocationLat = jResp.int(of: "findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.geoLocation.lat").intValue
GeoLocationLon = jResp.int(of: "findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.geoLocation.lon").intValue
remoteIpDetailsIpAddressV4 = jResp.string(of: "findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.ipAddressV4")
OrganizationAsn = jResp.string(of: "findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.organization.asn")
OrganizationAsnOrg = jResp.string(of: "findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.organization.asnOrg")
OrganizationIsp = jResp.string(of: "findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.organization.isp")
OrganizationOrg = jResp.string(of: "findings[i].service.action.portProbeAction.portProbeDetails[j].remoteIpDetails.organization.org")
j = j + 1
}
j = 0
count_j = jResp.size(ofArray: "findings[i].service.evidence.threatIntelligenceDetails").intValue
while j < count_j {
jResp.j = j
threatListName = jResp.string(of: "findings[i].service.evidence.threatIntelligenceDetails[j].threatListName")
k = 0
count_k = jResp.size(ofArray: "findings[i].service.evidence.threatIntelligenceDetails[j].threatNames").intValue
while k < count_k {
jResp.k = k
strVal = jResp.string(of: "findings[i].service.evidence.threatIntelligenceDetails[j].threatNames[k]")
k = k + 1
}
j = j + 1
}
i = i + 1
}
// A sample JSON response body parsed by the above code:
// {
// "findings": [
// {
// "accountId": "string",
// "arn": "string",
// "confidence": number,
// "createdAt": "string",
// "description": "string",
// "id": "string",
// "partition": "string",
// "region": "string",
// "resource": {
// "accessKeyDetails": {
// "accessKeyId": "string",
// "principalId": "string",
// "userName": "string",
// "userType": "string"
// },
// "eksClusterDetails": {
// "arn": "string",
// "createdAt": number,
// "name": "string",
// "status": "string",
// "tags": [
// {
// "key": "string",
// "value": "string"
// }
// ],
// "vpcId": "string"
// },
// "instanceDetails": {
// "availabilityZone": "string",
// "iamInstanceProfile": {
// "arn": "string",
// "id": "string"
// },
// "imageDescription": "string",
// "imageId": "string",
// "instanceId": "string",
// "instanceState": "string",
// "instanceType": "string",
// "launchTime": "string",
// "networkInterfaces": [
// {
// "ipv6Addresses": [
// "string"
// ],
// "networkInterfaceId": "string",
// "privateDnsName": "string",
// "privateIpAddress": "string",
// "privateIpAddresses": [
// {
// "privateDnsName": "string",
// "privateIpAddress": "string"
// }
// ],
// "publicDnsName": "string",
// "publicIp": "string",
// "securityGroups": [
// {
// "groupId": "string",
// "groupName": "string"
// }
// ],
// "subnetId": "string",
// "vpcId": "string"
// }
// ],
// "outpostArn": "string",
// "platform": "string",
// "productCodes": [
// {
// "code": "string",
// "productType": "string"
// }
// ],
// "tags": [
// {
// "key": "string",
// "value": "string"
// }
// ]
// },
// "kubernetesDetails": {
// "kubernetesUserDetails": {
// "groups": [
// "string"
// ],
// "uid": "string",
// "username": "string"
// },
// "kubernetesWorkloadDetails": {
// "containers": [
// {
// "containerRuntime": "string",
// "id": "string",
// "image": "string",
// "imagePrefix": "string",
// "name": "string",
// "securityContext": {
// "privileged": boolean
// },
// "volumeMounts": [
// {
// "mountPath": "string",
// "name": "string"
// }
// ]
// }
// ],
// "hostNetwork": boolean,
// "name": "string",
// "namespace": "string",
// "type": "string",
// "uid": "string",
// "volumes": [
// {
// "hostPath": {
// "path": "string"
// },
// "name": "string"
// }
// ]
// }
// },
// "resourceType": "string",
// "s3BucketDetails": [
// {
// "arn": "string",
// "createdAt": number,
// "defaultServerSideEncryption": {
// "encryptionType": "string",
// "kmsMasterKeyArn": "string"
// },
// "name": "string",
// "owner": {
// "id": "string"
// },
// "publicAccess": {
// "effectivePermission": "string",
// "permissionConfiguration": {
// "accountLevelPermissions": {
// "blockPublicAccess": {
// "blockPublicAcls": boolean,
// "blockPublicPolicy": boolean,
// "ignorePublicAcls": boolean,
// "restrictPublicBuckets": boolean
// }
// },
// "bucketLevelPermissions": {
// "accessControlList": {
// "allowsPublicReadAccess": boolean,
// "allowsPublicWriteAccess": boolean
// },
// "blockPublicAccess": {
// "blockPublicAcls": boolean,
// "blockPublicPolicy": boolean,
// "ignorePublicAcls": boolean,
// "restrictPublicBuckets": boolean
// },
// "bucketPolicy": {
// "allowsPublicReadAccess": boolean,
// "allowsPublicWriteAccess": boolean
// }
// }
// }
// },
// "tags": [
// {
// "key": "string",
// "value": "string"
// }
// ],
// "type": "string"
// }
// ]
// },
// "schemaVersion": "string",
// "service": {
// "action": {
// "actionType": "string",
// "awsApiCallAction": {
// "api": "string",
// "callerType": "string",
// "domainDetails": {
// "domain": "string"
// },
// "errorCode": "string",
// "remoteAccountDetails": {
// "accountId": "string",
// "affiliated": boolean
// },
// "remoteIpDetails": {
// "city": {
// "cityName": "string"
// },
// "country": {
// "countryCode": "string",
// "countryName": "string"
// },
// "geoLocation": {
// "lat": number,
// "lon": number
// },
// "ipAddressV4": "string",
// "organization": {
// "asn": "string",
// "asnOrg": "string",
// "isp": "string",
// "org": "string"
// }
// },
// "serviceName": "string",
// "userAgent": "string"
// },
// "dnsRequestAction": {
// "domain": "string"
// },
// "kubernetesApiCallAction": {
// "parameters": "string",
// "remoteIpDetails": {
// "city": {
// "cityName": "string"
// },
// "country": {
// "countryCode": "string",
// "countryName": "string"
// },
// "geoLocation": {
// "lat": number,
// "lon": number
// },
// "ipAddressV4": "string",
// "organization": {
// "asn": "string",
// "asnOrg": "string",
// "isp": "string",
// "org": "string"
// }
// },
// "requestUri": "string",
// "sourceIps": [
// "string"
// ],
// "statusCode": number,
// "userAgent": "string",
// "verb": "string"
// },
// "networkConnectionAction": {
// "blocked": boolean,
// "connectionDirection": "string",
// "localIpDetails": {
// "ipAddressV4": "string"
// },
// "localPortDetails": {
// "port": number,
// "portName": "string"
// },
// "protocol": "string",
// "remoteIpDetails": {
// "city": {
// "cityName": "string"
// },
// "country": {
// "countryCode": "string",
// "countryName": "string"
// },
// "geoLocation": {
// "lat": number,
// "lon": number
// },
// "ipAddressV4": "string",
// "organization": {
// "asn": "string",
// "asnOrg": "string",
// "isp": "string",
// "org": "string"
// }
// },
// "remotePortDetails": {
// "port": number,
// "portName": "string"
// }
// },
// "portProbeAction": {
// "blocked": boolean,
// "portProbeDetails": [
// {
// "localIpDetails": {
// "ipAddressV4": "string"
// },
// "localPortDetails": {
// "port": number,
// "portName": "string"
// },
// "remoteIpDetails": {
// "city": {
// "cityName": "string"
// },
// "country": {
// "countryCode": "string",
// "countryName": "string"
// },
// "geoLocation": {
// "lat": number,
// "lon": number
// },
// "ipAddressV4": "string",
// "organization": {
// "asn": "string",
// "asnOrg": "string",
// "isp": "string",
// "org": "string"
// }
// }
// }
// ]
// }
// },
// "archived": boolean,
// "count": number,
// "detectorId": "string",
// "eventFirstSeen": "string",
// "eventLastSeen": "string",
// "evidence": {
// "threatIntelligenceDetails": [
// {
// "threatListName": "string",
// "threatNames": [
// "string"
// ]
// }
// ]
// },
// "resourceRole": "string",
// "serviceName": "string",
// "userFeedback": "string"
// },
// "severity": number,
// "title": "string",
// "type": "string",
// "updatedAt": "string"
// }
// ]
// }
}
