Documentation
¶
Index ¶
- type Cloud
- type FindingInfo
- type Metadata
- type MetadataProduct
- type OCSFCompliance
- type OCSFResource
- type Product
- type Remediation
- type ResourceOwner
- type ResourceTag
- type SecurityHubEvent
- type SecurityHubEventInput
- type SecurityHubV2Finding
- func (shf *SecurityHubV2Finding) BuildConsoleUrl(consoleURL, accessPortalURL, accessRoleName, shRegion string) string
- func (shf *SecurityHubV2Finding) GetFindingCategory() string
- func (shf *SecurityHubV2Finding) GetSeverityEmoji() string
- func (shf *SecurityHubV2Finding) IsAlertable() bool
- func (shf *SecurityHubV2Finding) SlackMessage(consoleURL, accessPortalURL, accessRoleName, shRegion string) (slack.MsgOption, slack.MsgOption)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type FindingInfo ¶
type FindingInfo struct {
Analytic *struct {
Type string `json:"type"`
TypeID int `json:"type_id"`
UID string `json:"uid"`
} `json:"analytic,omitempty"`
CreatedTime int64 `json:"created_time"`
CreatedTimeDt string `json:"created_time_dt"`
Desc string `json:"desc"`
FirstSeenTime int64 `json:"first_seen_time"`
FirstSeenTimeDt string `json:"first_seen_time_dt"`
LastSeenTime int64 `json:"last_seen_time"`
LastSeenTimeDt string `json:"last_seen_time_dt"`
ModifiedTime int64 `json:"modified_time"`
ModifiedTimeDt string `json:"modified_time_dt"`
Product *Product `json:"product,omitempty"`
Title string `json:"title"`
Types []string `json:"types"`
UID string `json:"uid"`
UIDalt string `json:"uid_alt,omitempty"`
}
type Metadata ¶
type Metadata struct {
Product MetadataProduct `json:"product"`
Profiles []string `json:"profiles"`
UID string `json:"uid"`
Version string `json:"version"`
}
type MetadataProduct ¶
type OCSFCompliance ¶
type OCSFCompliance struct {
Assessments []struct {
Desc string `json:"desc"`
MeetsCriteria bool `json:"meets_criteria"`
Name string `json:"name"`
} `json:"assessments,omitempty"`
Control string `json:"control,omitempty"`
ControlParameters []any `json:"control_parameters,omitempty"`
Requirements []string `json:"requirements,omitempty"`
Standards []string `json:"standards,omitempty"`
Status string `json:"status,omitempty"`
StatusID int `json:"status_id,omitempty"`
}
type OCSFResource ¶
type OCSFResource struct {
CloudPartition string `json:"cloud_partition,omitempty"`
Data map[string]any `json:"data,omitempty"`
Name string `json:"name,omitempty"`
Owner *ResourceOwner `json:"owner,omitempty"`
Region string `json:"region"`
Tags []ResourceTag `json:"tags,omitempty"`
Type string `json:"type"`
UID string `json:"uid"`
}
type Remediation ¶
type ResourceOwner ¶
type ResourceTag ¶
type SecurityHubEvent ¶
type SecurityHubEventInput ¶
type SecurityHubEventInput struct {
EventID string
DetailType string
Detail json.RawMessage
}
SecurityHubEventInput is a runtime-agnostic representation of a Security Hub event
type SecurityHubV2Finding ¶
type SecurityHubV2Finding struct {
ActivityID int `json:"activity_id"`
ActivityName string `json:"activity_name"`
CategoryName string `json:"category_name"`
CategoryUID int `json:"category_uid"`
ClassName string `json:"class_name"`
ClassUID int `json:"class_uid"`
Cloud Cloud `json:"cloud"`
Compliance *OCSFCompliance `json:"compliance,omitempty"`
FindingInfo FindingInfo `json:"finding_info"`
Metadata Metadata `json:"metadata"`
Remediation *Remediation `json:"remediation,omitempty"`
Resources []OCSFResource `json:"resources"`
Severity string `json:"severity"`
SeverityID int `json:"severity_id"`
Status string `json:"status"`
StatusID int `json:"status_id"`
Time int64 `json:"time"`
TimeDt string `json:"time_dt"`
TypeName string `json:"type_name"`
TypeUID int `json:"type_uid"`
}
func NewSecurityHubFinding ¶
func NewSecurityHubFinding(raw json.RawMessage) (*SecurityHubV2Finding, error)
func (*SecurityHubV2Finding) BuildConsoleUrl ¶
func (shf *SecurityHubV2Finding) BuildConsoleUrl(consoleURL, accessPortalURL, accessRoleName, shRegion string) string
func (*SecurityHubV2Finding) GetFindingCategory ¶
func (shf *SecurityHubV2Finding) GetFindingCategory() string
func (*SecurityHubV2Finding) GetSeverityEmoji ¶
func (shf *SecurityHubV2Finding) GetSeverityEmoji() string
func (*SecurityHubV2Finding) IsAlertable ¶
func (shf *SecurityHubV2Finding) IsAlertable() bool
func (*SecurityHubV2Finding) SlackMessage ¶
Click to show internal directories.
Click to hide internal directories.