lib/google/apis/securitycenter_v1beta2/classes.rb in google-apis-securitycenter_v1beta2-0.9.0 vs lib/google/apis/securitycenter_v1beta2/classes.rb in google-apis-securitycenter_v1beta2-0.10.0

@@ -319,10 +319,16 @@
         # value greater than the current timestamp.
         # Corresponds to the JSON property `eventTime`
         # @return [String]
         attr_accessor :event_time
       
+        # Output only. Third party SIEM/SOAR fields within SCC, contains external system
+        # information and external system finding fields.
+        # Corresponds to the JSON property `externalSystems`
+        # @return [Hash<String,Google::Apis::SecuritycenterV1beta2::GoogleCloudSecuritycenterV1ExternalSystem>]
+        attr_accessor :external_systems
+      
         # The URI that, if available, points to a web page outside of Security Command
         # Center where additional information about the finding can be found. This field
         # is guaranteed to be either empty or a well formed URL.
         # Corresponds to the JSON property `externalUri`
         # @return [String]
@@ -339,10 +345,28 @@
         # Reference: https://en.wikipedia.org/wiki/Indicator_of_compromise
         # Corresponds to the JSON property `indicator`
         # @return [Google::Apis::SecuritycenterV1beta2::Indicator]
         attr_accessor :indicator
       
+        # Indicates the mute state of a finding (either unspecified, muted, unmuted or
+        # undefined).
+        # Corresponds to the JSON property `mute`
+        # @return [String]
+        attr_accessor :mute
+      
+        # First known as mute_annotation. Records additional information about the mute
+        # operation e.g. mute config that muted the finding, user who muted the finding,
+        # etc.
+        # Corresponds to the JSON property `muteInitiator`
+        # @return [String]
+        attr_accessor :mute_initiator
+      
+        # Output only. The most recent time this finding was muted or unmuted.
+        # Corresponds to the JSON property `muteUpdateTime`
+        # @return [String]
+        attr_accessor :mute_update_time
+      
         # The relative resource name of this finding. See: https://cloud.google.com/apis/
         # design/resource_names#relative_resource_name Example: "organizations/`
         # organization_id`/sources/`source_id`/findings/`finding_id`"
         # Corresponds to the JSON property `name`
         # @return [String]
@@ -405,13 +429,17 @@
         def update!(**args)
           @canonical_name = args[:canonical_name] if args.key?(:canonical_name)
           @category = args[:category] if args.key?(:category)
           @create_time = args[:create_time] if args.key?(:create_time)
           @event_time = args[:event_time] if args.key?(:event_time)
+          @external_systems = args[:external_systems] if args.key?(:external_systems)
           @external_uri = args[:external_uri] if args.key?(:external_uri)
           @finding_class = args[:finding_class] if args.key?(:finding_class)
           @indicator = args[:indicator] if args.key?(:indicator)
+          @mute = args[:mute] if args.key?(:mute)
+          @mute_initiator = args[:mute_initiator] if args.key?(:mute_initiator)
+          @mute_update_time = args[:mute_update_time] if args.key?(:mute_update_time)
           @name = args[:name] if args.key?(:name)
           @parent = args[:parent] if args.key?(:parent)
           @resource_name = args[:resource_name] if args.key?(:resource_name)
           @security_marks = args[:security_marks] if args.key?(:security_marks)
           @severity = args[:severity] if args.key?(:severity)
@@ -442,9 +470,129 @@
       
         # Update properties of this object
         def update!(**args)
           @resource_folder = args[:resource_folder] if args.key?(:resource_folder)
           @resource_folder_display_name = args[:resource_folder_display_name] if args.key?(:resource_folder_display_name)
+        end
+      end
+      
+      # Representation of third party SIEM/SOAR fields within SCC.
+      class GoogleCloudSecuritycenterV1ExternalSystem
+        include Google::Apis::Core::Hashable
+      
+        # References primary/secondary etc assignees in the external system.
+        # Corresponds to the JSON property `assignees`
+        # @return [Array<String>]
+        attr_accessor :assignees
+      
+        # The most recent time when the corresponding finding's ticket/tracker was
+        # updated in the external system.
+        # Corresponds to the JSON property `externalSystemUpdateTime`
+        # @return [String]
+        attr_accessor :external_system_update_time
+      
+        # Identifier that's used to track the given finding in the external system.
+        # Corresponds to the JSON property `externalUid`
+        # @return [String]
+        attr_accessor :external_uid
+      
+        # External System Name e.g. jira, demisto, etc. e.g.: organizations/1234/sources/
+        # 5678/findings/123456/externalSystems/jira folders/1234/sources/5678/findings/
+        # 123456/externalSystems/jira projects/1234/sources/5678/findings/123456/
+        # externalSystems/jira
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+      
+        # Most recent status of the corresponding finding's ticket/tracker in the
+        # external system.
+        # Corresponds to the JSON property `status`
+        # @return [String]
+        attr_accessor :status
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @assignees = args[:assignees] if args.key?(:assignees)
+          @external_system_update_time = args[:external_system_update_time] if args.key?(:external_system_update_time)
+          @external_uid = args[:external_uid] if args.key?(:external_uid)
+          @name = args[:name] if args.key?(:name)
+          @status = args[:status] if args.key?(:status)
+        end
+      end
+      
+      # A mute config is a Cloud SCC resource that contains the configuration to mute
+      # create/update events of findings.
+      class GoogleCloudSecuritycenterV1MuteConfig
+        include Google::Apis::Core::Hashable
+      
+        # Output only. The time at which the mute config was created. This field is set
+        # by the server and will be ignored if provided on config creation.
+        # Corresponds to the JSON property `createTime`
+        # @return [String]
+        attr_accessor :create_time
+      
+        # A description of the mute config.
+        # Corresponds to the JSON property `description`
+        # @return [String]
+        attr_accessor :description
+      
+        # The human readable name to be displayed for the mute config.
+        # Corresponds to the JSON property `displayName`
+        # @return [String]
+        attr_accessor :display_name
+      
+        # Required. An expression that defines the filter to apply across create/update
+        # events of findings. While creating a filter string, be mindful of the scope in
+        # which the mute configuration is being created. E.g., If a filter contains
+        # project = X but is created under the project = Y scope, it might not match any
+        # findings. The following field and operator combinations are supported: *
+        # severity: `=`, `:` * category: `=`, `:` * resource.name: `=`, `:` * resource.
+        # project_name: `=`, `:` * resource.project_display_name: `=`, `:` * resource.
+        # folders.resource_folder: `=`, `:` * resource.parent_name: `=`, `:` * resource.
+        # parent_display_name: `=`, `:` * resource.type: `=`, `:` * finding_class: `=`, `
+        # :` * indicator.ip_addresses: `=`, `:` * indicator.domains: `=`, `:`
+        # Corresponds to the JSON property `filter`
+        # @return [String]
+        attr_accessor :filter
+      
+        # Output only. Email address of the user who last edited the mute config. This
+        # field is set by the server and will be ignored if provided on config creation
+        # or update.
+        # Corresponds to the JSON property `mostRecentEditor`
+        # @return [String]
+        attr_accessor :most_recent_editor
+      
+        # This field will be ignored if provided on config creation. Format "
+        # organizations/`organization`/muteConfigs/`mute_config`" "folders/`folder`/
+        # muteConfigs/`mute_config`" "projects/`project`/muteConfigs/`mute_config`"
+        # Corresponds to the JSON property `name`
+        # @return [String]
+        attr_accessor :name
+      
+        # Output only. The most recent time at which the mute config was updated. This
+        # field is set by the server and will be ignored if provided on config creation
+        # or update.
+        # Corresponds to the JSON property `updateTime`
+        # @return [String]
+        attr_accessor :update_time
+      
+        def initialize(**args)
+           update!(**args)
+        end
+      
+        # Update properties of this object
+        def update!(**args)
+          @create_time = args[:create_time] if args.key?(:create_time)
+          @description = args[:description] if args.key?(:description)
+          @display_name = args[:display_name] if args.key?(:display_name)
+          @filter = args[:filter] if args.key?(:filter)
+          @most_recent_editor = args[:most_recent_editor] if args.key?(:most_recent_editor)
+          @name = args[:name] if args.key?(:name)
+          @update_time = args[:update_time] if args.key?(:update_time)
         end
       end
       
       # Cloud SCC's Notification
       class GoogleCloudSecuritycenterV1NotificationMessage