security_incidents
Creates, updates, deletes, gets or lists a security_incidents resource.
Overview
| Name | security_incidents |
| Type | Resource |
| Id | google.apigee.security_incidents |
Fields
The following fields are returned by SELECT queries:
- organizations_environments_security_incidents_get
- organizations_environments_security_incidents_list
Successful response
| Name | Datatype | Description |
|---|---|---|
name | string | Immutable. Name of the security incident resource. Format: organizations/{org}/environments/{environment}/securityIncidents/{incident} Example: organizations/apigee-org/environments/dev/securityIncidents/1234-5678-9101-1111 |
detectionTypes | array | Output only. Detection types which are part of the incident. Examples: Flooder, OAuth Abuser, Static Content Scraper, Anomaly Detection. |
displayName | string | Optional. Display name of the security incident. |
firstDetectedTime | string (google-datetime) | Output only. The time when events associated with the incident were first detected. |
lastDetectedTime | string (google-datetime) | Output only. The time when events associated with the incident were last detected. |
lastObservabilityChangeTime | string (google-datetime) | Output only. The time when the incident observability was last changed. |
observability | string | Optional. Indicates if the user archived this incident. |
riskLevel | string | Output only. Risk level of the incident. |
trafficCount | string (int64) | Total traffic detected as part of the incident. |
Successful response
| Name | Datatype | Description |
|---|---|---|
name | string | Immutable. Name of the security incident resource. Format: organizations/{org}/environments/{environment}/securityIncidents/{incident} Example: organizations/apigee-org/environments/dev/securityIncidents/1234-5678-9101-1111 |
detectionTypes | array | Output only. Detection types which are part of the incident. Examples: Flooder, OAuth Abuser, Static Content Scraper, Anomaly Detection. |
displayName | string | Optional. Display name of the security incident. |
firstDetectedTime | string (google-datetime) | Output only. The time when events associated with the incident were first detected. |
lastDetectedTime | string (google-datetime) | Output only. The time when events associated with the incident were last detected. |
lastObservabilityChangeTime | string (google-datetime) | Output only. The time when the incident observability was last changed. |
observability | string | Optional. Indicates if the user archived this incident. |
riskLevel | string | Output only. Risk level of the incident. |
trafficCount | string (int64) | Total traffic detected as part of the incident. |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
organizations_environments_security_incidents_get | select | organizationsId, environmentsId, securityIncidentsId | GetSecurityIncident gets the specified security incident. Returns NOT_FOUND if security incident is not present for the specified organization and environment. | |
organizations_environments_security_incidents_list | select | organizationsId, environmentsId | pageSize, pageToken, filter | ListSecurityIncidents lists all the security incident associated with the environment. |
organizations_environments_security_incidents_patch | update | organizationsId, environmentsId, securityIncidentsId | updateMask | UpdateSecurityIncidents updates an existing security incident. |
organizations_environments_security_incidents_batch_update | update | organizationsId, environmentsId | BatchUpdateSecurityIncident updates multiple existing security incidents. |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
environmentsId | string | |
organizationsId | string | |
securityIncidentsId | string | |
filter | string | |
pageSize | integer (int32) | |
pageToken | string | |
updateMask | string (google-fieldmask) |
SELECT examples
- organizations_environments_security_incidents_get
- organizations_environments_security_incidents_list
GetSecurityIncident gets the specified security incident. Returns NOT_FOUND if security incident is not present for the specified organization and environment.
SELECT
name,
detectionTypes,
displayName,
firstDetectedTime,
lastDetectedTime,
lastObservabilityChangeTime,
observability,
riskLevel,
trafficCount
FROM google.apigee.security_incidents
WHERE organizationsId = '{{ organizationsId }}' -- required
AND environmentsId = '{{ environmentsId }}' -- required
AND securityIncidentsId = '{{ securityIncidentsId }}' -- required;
ListSecurityIncidents lists all the security incident associated with the environment.
SELECT
name,
detectionTypes,
displayName,
firstDetectedTime,
lastDetectedTime,
lastObservabilityChangeTime,
observability,
riskLevel,
trafficCount
FROM google.apigee.security_incidents
WHERE organizationsId = '{{ organizationsId }}' -- required
AND environmentsId = '{{ environmentsId }}' -- required
AND pageSize = '{{ pageSize }}'
AND pageToken = '{{ pageToken }}'
AND filter = '{{ filter }}';
UPDATE examples
- organizations_environments_security_incidents_patch
- organizations_environments_security_incidents_batch_update
UpdateSecurityIncidents updates an existing security incident.
UPDATE google.apigee.security_incidents
SET
data__name = '{{ name }}',
data__displayName = '{{ displayName }}',
data__trafficCount = '{{ trafficCount }}',
data__observability = '{{ observability }}'
WHERE
organizationsId = '{{ organizationsId }}' --required
AND environmentsId = '{{ environmentsId }}' --required
AND securityIncidentsId = '{{ securityIncidentsId }}' --required
AND updateMask = '{{ updateMask}}'
RETURNING
name,
detectionTypes,
displayName,
firstDetectedTime,
lastDetectedTime,
lastObservabilityChangeTime,
observability,
riskLevel,
trafficCount;
BatchUpdateSecurityIncident updates multiple existing security incidents.
UPDATE google.apigee.security_incidents
SET
data__requests = '{{ requests }}'
WHERE
organizationsId = '{{ organizationsId }}' --required
AND environmentsId = '{{ environmentsId }}' --required
RETURNING
securityIncidents;