Class: GuardDuty
Overview
Collect GuardDuty resources
Constant Summary
Constants inherited from Mapper
Mapper::SINGLE_REGION_SERVICES
Instance Method Summary collapse
-
#collect ⇒ Object
Returns an array of resources.
Methods inherited from Mapper
Constructor Details
This class inherits a constructor from Mapper
Instance Method Details
#collect ⇒ Object
Returns an array of resources.
10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 |
# File 'lib/aws_recon/collectors/guardduty.rb', line 10 def collect resources = [] # # list_detectors # @client.list_detectors.each_with_index do |response, page| log(response.context.operation_name, page) response.detector_ids.each do |detector| log(response.context.operation_name, 'get_detector', detector) # get_detector struct = OpenStruct.new(@client.get_detector({ detector_id: detector }).to_h) struct.type = 'detector' struct.arn = "arn:aws:guardduty:#{@region}:#{@account}:detector/#{detector}" # get_findings_statistics (only active findings) struct.findings_statistics = @client.get_findings_statistics({ detector_id: detector, finding_statistic_types: ['COUNT_BY_SEVERITY'], finding_criteria: finding_criteria }).finding_statistics.to_h # get_findings_statistics (only active findings older than 7 days) struct.findings_statistics_aged_short = @client.get_findings_statistics({ detector_id: detector, finding_statistic_types: ['COUNT_BY_SEVERITY'], finding_criteria: finding_criteria(7) }).finding_statistics.to_h # get_findings_statistics (only active findings older than 30 days) struct.findings_statistics_aged_long = @client.get_findings_statistics({ detector_id: detector, finding_statistic_types: ['COUNT_BY_SEVERITY'], finding_criteria: finding_criteria(30) }).finding_statistics.to_h # get_master_account struct.master_account = @client.get_master_account({ detector_id: detector }).master.to_h resources.push(struct.to_h) end end resources end |