Sha256: b4adcaa11baaf52a40c0c480075351ca823081a11530be8b7130eb0e0724d3ce
Contents?: true
Size: 1.84 KB
Versions: 6
Compression:
Stored size: 1.84 KB
Contents
# frozen_string_literal: true
#
# Collect GuardDuty resources
#
class GuardDuty < Mapper
#
# Returns an array of resources.
#
def collect
resources = []
#
# list_detectors
#
@client.list_detectors.each_with_index do |response, page|
log(response.context.operation_name, page)
response.detector_ids.each do |detector|
log(response.context.operation_name, 'get_detector', detector)
# get_detector
struct = OpenStruct.new(@client.get_detector({ detector_id: detector }).to_h)
struct.type = 'detector'
struct.arn = "arn:aws:guardduty:#{@region}:detector/#{detector}"
# get_findings_statistics (only active findings)
struct.findings_statistics = @client.get_findings_statistics({
detector_id: detector,
finding_statistic_types: ['COUNT_BY_SEVERITY'],
finding_criteria: {
criterion: {
'service.archived': {
eq: ['false']
}
}
}
}).finding_statistics.to_h
# get_master_account
struct.master_account = @client.get_master_account({ detector_id: detector }).master.to_h
resources.push(struct.to_h)
end
end
resources
end
end
Version data entries
6 entries across 6 versions & 1 rubygems