- 1.39.0 (latest)
- 1.38.0
- 1.37.0
- 1.36.0
- 1.35.1
- 1.33.1
- 1.32.1
- 1.31.0
- 1.30.1
- 1.29.0
- 1.28.0
- 1.27.0
- 1.26.1
- 1.25.0
- 1.24.1
- 1.23.2
- 1.22.0
- 1.21.0
- 1.20.0
- 1.19.1
- 1.18.2
- 1.17.0
- 1.16.2
- 1.15.0
- 1.14.0
- 1.13.0
- 1.12.0
- 1.11.1
- 1.10.0
- 1.9.0
- 1.8.0
- 1.7.0
- 1.6.0
- 1.5.2
- 1.4.0
- 1.3.1
- 1.2.0
- 1.1.0
- 1.0.0
- 0.7.3
- 0.6.0
- 0.5.0
- 0.4.0
- 0.3.0
GroupFindingsRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)Request message for grouping by findings.
Attributes |
|
|---|---|
| Name | Description |
parent |
str
Required. Name of the source to groupBy. If no ___location is specified, finding is assumed to be in global. The following list shows some examples: - organizations/[organization_id]/sources/[source_id]
-
organizations/[organization_id]/sources/[source_id]/locations/[location_id]
- folders/[folder_id]/sources/[source_id]
- folders/[folder_id]/sources/[source_id]/locations/[location_id]
- projects/[project_id]/sources/[source_id]
- projects/[project_id]/sources/[source_id]/locations/[location_id]
To groupBy across all sources provide a source_id of -.
The following list shows some examples:
- organizations/{organization_id}/sources/-
- organizations/{organization_id}/sources/-/locations/[location_id]
- folders/{folder_id}/sources/-
- folders/{folder_id}/sources/-/locations/[location_id]
- projects/{project_id}/sources/-
- projects/{project_id}/sources/-/locations/[location_id]
|
filter |
str
Expression that defines the filter to apply across findings. The expression is a list of one or more restrictions combined via logical operators AND and OR.
Parentheses are supported, and OR has higher precedence
than AND.
Restrictions have the form - character in front of them to indicate
negation. Examples include:
- name
- security_marks.marks.marka
The supported operators are:
- = for all value types.
- >, >=, <> for integer values.
- :, meaning substring matching, for strings.
The supported value types are:
- string literals in quotes.
- integer literals without quotes.
- boolean literals true and false without quotes.
The following field and operator combinations are supported:
- name: =
- parent: =, :
- resource_name: =, :
- state: =, :
- category: =, :
- external_uri: =, :
- event_time: =, >, >=, <>
Usage: This should be milliseconds since epoch or an
RFC3339 string. Examples:
event_time = "2019-06-10T16:07:18-07:00"
event_time = 1560208038000
- severity: =, :
- security_marks.marks: =, :
- resource:
- resource.name: =, :
- resource.parent_name: =, :
- resource.parent_display_name: =, :
- resource.project_name: =, :
- resource.project_display_name: =, :
- resource.type: =, :
|
group_by |
str
Required. Expression that defines what assets fields to use for grouping. The string value should follow SQL syntax: comma separated list of fields. For example: "parent,resource_name". |
page_token |
str
The value returned by the last GroupFindingsResponse;
indicates that this is a continuation of a prior
GroupFindings call, and that the system should return
the next page of data.
|
page_size |
int
The maximum number of results to return in a single response. Default is 10, minimum is 1, maximum is 1000. |