Export findings from a project to a BigQuery dataset by creating an export configuration.
Code sample
Java
To authenticate to Security Command Center, set up Application Default Credentials. For more information, see Set up authentication for a local development environment .
import
com.google.cloud.securitycenter.v1. BigQueryExport
;
import
com.google.cloud.securitycenter.v1. CreateBigQueryExportRequest
;
import
com.google.cloud.securitycenter.v1. SecurityCenterClient
;
import
java.io.IOException
;
import
java.util.UUID
;
public
class
CreateBigQueryExport
{
public
static
void
main
(
String
[]
args
)
throws
IOException
{
// TODO(Developer): Modify the following variable values.
// parent: Use any one of the following resource paths:
// - organizations/{organization_id}
// - folders/{folder_id}
// - projects/{project_id}
String
parent
=
String
.
format
(
"projects/%s"
,
"your-google-cloud-project-id"
);
// filter: Expression that defines the filter to apply across create/update events of findings.
String
filter
=
"severity=\"LOW\" OR severity=\"MEDIUM\" AND "
+
"category=\"Persistence: IAM Anomalous Grant\" AND "
+
"-resource.type:\"compute\""
;
// bigQueryDatasetId: The BigQuery dataset to write findings' updates to.
String
bigQueryDatasetId
=
"your-bigquery-dataset-id"
;
// bigQueryExportId: Unique identifier provided by the client.
// For more info, see:
// https://cloud.google.com/security-command-center/docs/how-to-analyze-findings-in-big-query#export_findings_from_to
String
bigQueryExportId
=
"default-"
+
UUID
.
randomUUID
().
toString
().
split
(
"-"
)
[
0
]
;
createBigQueryExport
(
parent
,
filter
,
bigQueryDatasetId
,
bigQueryExportId
);
}
// Create export configuration to export findings from a project to a BigQuery dataset.
// Optionally specify filter to export certain findings only.
public
static
void
createBigQueryExport
(
String
parent
,
String
filter
,
String
bigQueryDatasetId
,
String
bigQueryExportId
)
throws
IOException
{
// Initialize client that will be used to send requests. This client only needs to be created
// once, and can be reused for multiple requests. After completing all of your requests, call
// the "close" method on the client to safely clean up any remaining background resources.
try
(
SecurityCenterClient
client
=
SecurityCenterClient
.
create
())
{
// Create the BigQuery export configuration.
BigQueryExport
bigQueryExport
=
BigQueryExport
.
newBuilder
()
.
setDescription
(
"Export low and medium findings if the compute resource "
+
"has an IAM anomalous grant"
)
.
setFilter
(
filter
)
.
setDataset
(
String
.
format
(
"%s/datasets/%s"
,
parent
,
bigQueryDatasetId
))
.
build
();
CreateBigQueryExportRequest
bigQueryExportRequest
=
CreateBigQueryExportRequest
.
newBuilder
()
.
setParent
(
parent
)
.
setBigQueryExport
(
bigQueryExport
)
.
setBigQueryExportId
(
bigQueryExportId
)
.
build
();
// Create the export request.
BigQueryExport
response
=
client
.
createBigQueryExport
(
bigQueryExportRequest
);
System
.
out
.
printf
(
"BigQuery export request created successfully: %s\n"
,
response
.
getName
());
}
}
}
Python
To authenticate to Security Command Center, set up Application Default Credentials. For more information, see Set up authentication for a local development environment .
def
create_bigquery_export
(
parent
:
str
,
export_filter
:
str
,
bigquery_dataset_id
:
str
,
bigquery_export_id
:
str
):
from
google.cloud
import
securitycenter
"""
Create export configuration to export findings from a project to a BigQuery dataset.
Optionally specify filter to export certain findings only.
Args:
parent: Use any one of the following resource paths:
- organizations/{organization_id}
- folders/{folder_id}
- projects/{project_id}
export_filter: Expression that defines the filter to apply across create/update events of findings.
bigquery_dataset_id: The BigQuery dataset to write findings' updates to.
bigquery_export_id: Unique identifier provided by the client.
- example id: f"default-{str(uuid.uuid4()).split('-')[0]}"
For more info, see:
https://cloud.google.com/security-command-center/docs/how-to-analyze-findings-in-big-query#export_findings_from_to
"""
client
=
securitycenter
.
SecurityCenterClient
()
# Create the BigQuery export configuration.
bigquery_export
=
securitycenter
.
BigQueryExport
()
bigquery_export
.
description
=
"Export low and medium findings if the compute resource has an IAM anomalous grant"
bigquery_export
.
filter
=
export_filter
bigquery_export
.
dataset
=
f
"
{
parent
}
/datasets/
{
bigquery_dataset_id
}
"
request
=
securitycenter
.
CreateBigQueryExportRequest
()
request
.
parent
=
parent
request
.
big_query_export
=
bigquery_export
request
.
big_query_export_id
=
bigquery_export_id
# Create the export request.
response
=
client
.
create_big_query_export
(
request
)
print
(
f
"BigQuery export request created successfully:
{
response
.
name
}
\n
"
)
What's next
To search and filter code samples for other Google Cloud products, see the Google Cloud sample browser .
