Demonstrates how to create a new finding
Code sample
Go
To authenticate to Security Command Center, set up Application Default Credentials. For more information, see Set up authentication for a local development environment .
import
(
"context"
"fmt"
"io"
"time"
securitycenter
"cloud.google.com/go/securitycenter/apiv1"
"cloud.google.com/go/securitycenter/apiv1/securitycenterpb"
"github.com/golang/protobuf/ptypes"
)
// createFinding demonstrates how to create a new security finding in CSCC.
// sourceName is the full resource name of the source the finding should
// be associated with.
func
createFinding
(
w
io
.
Writer
,
sourceName
string
)
error
{
// sourceName := "organizations/111122222444/sources/1234"
// Instantiate a context and a security service client to make API calls.
ctx
:=
context
.
Background
()
client
,
err
:=
securitycenter
.
NewClient
(
ctx
)
if
err
!=
nil
{
return
fmt
.
Errorf
(
"securitycenter.NewClient: %w"
,
err
)
}
defer
client
.
Close
()
// Closing the client safely cleans up background resources.
// Use now as the eventTime for the security finding.
eventTime
,
err
:=
ptypes
.
TimestampProto
(
time
.
Now
())
if
err
!=
nil
{
return
fmt
.
Errorf
(
"TimestampProto: %w"
,
err
)
}
req
:=
& securitycenterpb
.
CreateFindingRequest
{
Parent
:
sourceName
,
FindingId
:
"samplefindingid"
,
Finding
:
& securitycenterpb
.
Finding
{
State
:
securitycenterpb
.
Finding_ACTIVE
,
// Resource the finding is associated with. This is an
// example any resource identifier can be used.
ResourceName
:
"//cloudresourcemanager.googleapis.com/organizations/11232"
,
// A free-form category.
Category
:
"MEDIUM_RISK_ONE"
,
// The time associated with discovering the issue.
EventTime
:
eventTime
,
},
}
finding
,
err
:=
client
.
CreateFinding
(
ctx
,
req
)
if
err
!=
nil
{
return
fmt
.
Errorf
(
"CreateFinding: %w"
,
err
)
}
fmt
.
Fprintf
(
w
,
"New finding created: %s\n"
,
finding
.
Name
)
fmt
.
Fprintf
(
w
,
"Event time (Epoch Seconds): %d\n"
,
eventTime
.
Seconds
)
return
nil
}
Java
To authenticate to Security Command Center, set up Application Default Credentials. For more information, see Set up authentication for a local development environment .
static
Finding
createFinding
(
SourceName
sourceName
,
String
findingId
)
{
try
(
SecurityCenterClient
client
=
SecurityCenterClient
.
create
())
{
// SourceName sourceName = SourceName.of(/*organization=*/"123234324",/*source=*/
// "423432321");
// String findingId = "samplefindingid";
// Use the current time as the finding "event time".
Instant
eventTime
=
Instant
.
now
();
// The resource this finding applies to. The CSCC UI can link
// the findings for a resource to the corresponding Asset of a resource
// if there are matches.
String
resourceName
=
"//cloudresourcemanager.googleapis.com/organizations/11232"
;
// Start setting up a request to create a finding in a source.
Finding
finding
=
Finding
.
newBuilder
()
.
setParent
(
sourceName
.
toString
())
.
setState
(
State
.
ACTIVE
)
.
setResourceName
(
resourceName
)
.
setEventTime
(
Timestamp
.
newBuilder
()
.
setSeconds
(
eventTime
.
getEpochSecond
())
.
setNanos
(
eventTime
.
getNano
()))
.
setCategory
(
"MEDIUM_RISK_ONE"
)
.
build
();
// Call the API.
Finding
response
=
client
.
createFinding
(
sourceName
,
findingId
,
finding
);
System
.
out
.
println
(
"Created Finding: "
+
response
);
return
response
;
}
catch
(
IOException
e
)
{
throw
new
RuntimeException
(
"Couldn't create client."
,
e
);
}
}
Node.js
To authenticate to Security Command Center, set up Application Default Credentials. For more information, see Set up authentication for a local development environment .
// Imports the Google Cloud client library.
const
{
SecurityCenterClient
}
=
require
(
' @google-cloud/security-center
'
);
// Creates a new client.
const
client
=
new
SecurityCenterClient
();
// sourceName is the full resource name of the source the finding should
// be associated with.
/*
* TODO(developer): Uncomment the following lines
*/
// const sourceName = "organizations/111122222444/sources/1234";
// Use now as the eventTime for the security finding.
const
eventTime
=
new
Date
();
async
function
createFinding
()
{
const
[
newFinding
]
=
await
client
.
createFinding
({
parent
:
sourceName
,
findingId
:
'samplefindingid'
,
finding
:
{
state
:
'ACTIVE'
,
// Resource the finding is associated with. This is an
// example any resource identifier can be used.
resourceName
:
'//cloudresourcemanager.googleapis.com/organizations/11232'
,
// A free-form category.
category
:
'MEDIUM_RISK_ONE'
,
// The time associated with discovering the issue.
eventTime
:
{
seconds
:
Math
.
floor
(
eventTime
.
getTime
()
/
1000
),
nanos
:
(
eventTime
.
getTime
()
%
1000
)
*
1e6
,
},
},
});
console
.
log
(
'New finding created: %j'
,
newFinding
);
}
await
createFinding
();
Python
To authenticate to Security Command Center, set up Application Default Credentials. For more information, see Set up authentication for a local development environment .
from
datetime
import
datetime
,
timezone
from
google.cloud
import
securitycenter_v1
from
google.cloud.securitycenter_v1
import
Finding
# Create a new client.
client
=
securitycenter_v1
.
SecurityCenterClient
()
# Use the current time as the finding "event time".
event_time
=
datetime
.
now
(
tz
=
timezone
.
utc
)
# 'source_name' is the resource path for a source that has been
# created previously (you can use list_sources to find a specific one).
# Its format is:
# source_name = "organizations/{organization_id}/sources/{source_id}"
# e.g.:
# source_name = "organizations/111122222444/sources/1234"
# The resource this finding applies to. The CSCC UI can link
# the findings for a resource to the corresponding Asset of a resource
# if there are matches.
resource_name
=
"//cloudresourcemanager.googleapis.com/organizations/11232"
finding
=
Finding
(
state
=
Finding
.
State
.
ACTIVE
,
resource_name
=
resource_name
,
category
=
"MEDIUM_RISK_ONE"
,
event_time
=
event_time
,
)
# Call The API.
created_finding
=
client
.
create_finding
(
request
=
{
"parent"
:
source_name
,
"finding_id"
:
finding_id
,
"finding"
:
finding
}
)
print
(
created_finding
)
What's next
To search and filter code samples for other Google Cloud products, see the Google Cloud sample browser .
