/AWS1/IF_SHB=>GETFINDINGSV2()¶
About GetFindingsV2¶
Returns a list of findings that match the specified criteria.
You can use the Scopes parameter to define the data boundary for the query. Currently, Scopes supports AwsOrganizations, which lets you retrieve findings from your entire organization or from specific organizational units. Only the delegated administrator account can use Scopes.
You can use the Filters parameter to refine results based on finding attributes. You can use Scopes and Filters independently or together. When both are provided, Scopes narrows the data set first, and then Filters refines results within that scoped data set.
GetFindings and GetFindingsV2 both use securityhub:GetFindings in the Action element of an IAM policy statement.
You must have permission to perform the securityhub:GetFindings action.
Method Signature¶
METHODS /AWS1/IF_SHB~GETFINDINGSV2
IMPORTING
!IO_FILTERS TYPE REF TO /AWS1/CL_SHBOCSFFINDINGFILTERS OPTIONAL
!IO_SCOPES TYPE REF TO /AWS1/CL_SHBFINDINGSCOPES OPTIONAL
!IT_SORTCRITERIA TYPE /AWS1/CL_SHBSORTCRITERION=>TT_SORTCRITERIA OPTIONAL
!IV_NEXTTOKEN TYPE /AWS1/SHBNEXTTOKEN OPTIONAL
!IV_MAXRESULTS TYPE /AWS1/SHBMAXRESULTS OPTIONAL
RETURNING
VALUE(OO_OUTPUT) TYPE REF TO /aws1/cl_shbgetfindingsv2rsp
RAISING
/AWS1/CX_SHBACCESSDENIEDEX
/AWS1/CX_SHBCONFLICTEXCEPTION
/AWS1/CX_SHBINTERNALSERVEREX
/AWS1/CX_SHBORGALUNITNOTFNDEX
/AWS1/CX_SHBORGNOTFOUNDEX
/AWS1/CX_SHBTHROTTLINGEX
/AWS1/CX_SHBVALIDATIONEX
/AWS1/CX_SHBCLIENTEXC
/AWS1/CX_SHBSERVEREXC
/AWS1/CX_RT_TECHNICAL_GENERIC
/AWS1/CX_RT_SERVICE_GENERIC.
IMPORTING¶
Optional arguments:¶
io_filters TYPE REF TO /AWS1/CL_SHBOCSFFINDINGFILTERS /AWS1/CL_SHBOCSFFINDINGFILTERS¶
The finding attributes used to define a condition to filter the returned OCSF findings. You can filter up to 10 composite filters. For each filter type inside of a composite filter, you can provide up to 20 filters.
io_scopes TYPE REF TO /AWS1/CL_SHBFINDINGSCOPES /AWS1/CL_SHBFINDINGSCOPES¶
Limits the results to findings from specific organizational units or from the delegated administrator's organization. Only the delegated administrator account can use this parameter. Other accounts receive an
AccessDeniedException.This parameter is optional. If you omit it, the delegated administrator sees findings from all accounts across the entire organization. Other accounts see only their own findings.
You can specify up to 10 entries in
Scopes.AwsOrganizations. If multiple entries are specified, the entries are combined using OR logic.
it_sortcriteria TYPE /AWS1/CL_SHBSORTCRITERION=>TT_SORTCRITERIA TT_SORTCRITERIA¶
The finding attributes used to sort the list of returned findings.
iv_nexttoken TYPE /AWS1/SHBNEXTTOKEN /AWS1/SHBNEXTTOKEN¶
The token required for pagination. On your first call, set the value of this parameter to
NULL. For subsequent calls, to continue listing data, set the value of this parameter to the value returned in the previous response.
iv_maxresults TYPE /AWS1/SHBMAXRESULTS /AWS1/SHBMAXRESULTS¶
The maximum number of results to return.
RETURNING¶
oo_output TYPE REF TO /aws1/cl_shbgetfindingsv2rsp /AWS1/CL_SHBGETFINDINGSV2RSP¶
Examples¶
Syntax Example¶
This is an example of the syntax for calling the method. It includes every possible argument and initializes every possible value. The data provided is not necessarily semantically accurate (for example the value "string" may be provided for something that is intended to be an instance ID, or in some cases two arguments may be mutually exclusive). The syntax shows the ABAP syntax for creating the various data structures.
DATA(lo_result) = lo_client->getfindingsv2(
io_filters = new /aws1/cl_shbocsffindingfilters(
it_compositefilters = VALUE /aws1/cl_shbcompositefilter=>tt_compositefilterlist(
(
new /aws1/cl_shbcompositefilter(
it_booleanfilters = VALUE /aws1/cl_shbocsfbooleanfilter=>tt_ocsfbooleanfilterlist(
(
new /aws1/cl_shbocsfbooleanfilter(
io_filter = new /aws1/cl_shbbooleanfilter( ABAP_TRUE )
iv_fieldname = |string|
)
)
)
it_datefilters = VALUE /aws1/cl_shbocsfdatefilter=>tt_ocsfdatefilterlist(
(
new /aws1/cl_shbocsfdatefilter(
io_filter = new /aws1/cl_shbdatefilter(
io_daterange = new /aws1/cl_shbdaterange(
iv_unit = |string|
iv_value = 123
)
iv_end = |string|
iv_start = |string|
)
iv_fieldname = |string|
)
)
)
it_ipfilters = VALUE /aws1/cl_shbocsfipfilter=>tt_ocsfipfilterlist(
(
new /aws1/cl_shbocsfipfilter(
io_filter = new /aws1/cl_shbipfilter( |string| )
iv_fieldname = |string|
)
)
)
it_mapfilters = VALUE /aws1/cl_shbocsfmapfilter=>tt_ocsfmapfilterlist(
(
new /aws1/cl_shbocsfmapfilter(
io_filter = new /aws1/cl_shbmapfilter(
iv_comparison = |string|
iv_key = |string|
iv_value = |string|
)
iv_fieldname = |string|
)
)
)
it_nestedcompositefilters = VALUE /aws1/cl_shbcompositefilter=>tt_compositefilterlist(
)
it_numberfilters = VALUE /aws1/cl_shbocsfnumberfilter=>tt_ocsfnumberfilterlist(
(
new /aws1/cl_shbocsfnumberfilter(
io_filter = new /aws1/cl_shbnumberfilter(
iv_eq = '0.1'
iv_gt = '0.1'
iv_gte = '0.1'
iv_lt = '0.1'
iv_lte = '0.1'
)
iv_fieldname = |string|
)
)
)
it_stringfilters = VALUE /aws1/cl_shbocsfstringfilter=>tt_ocsfstringfilterlist(
(
new /aws1/cl_shbocsfstringfilter(
io_filter = new /aws1/cl_shbstringfilter(
iv_comparison = |string|
iv_value = |string|
)
iv_fieldname = |string|
)
)
)
iv_operator = |string|
)
)
)
iv_compositeoperator = |string|
)
io_scopes = new /aws1/cl_shbfindingscopes(
it_awsorganizations = VALUE /aws1/cl_shbawsorgscope=>tt_awsorganizationscopelist(
(
new /aws1/cl_shbawsorgscope(
iv_organizationalunitid = |string|
iv_organizationid = |string|
)
)
)
)
it_sortcriteria = VALUE /aws1/cl_shbsortcriterion=>tt_sortcriteria(
(
new /aws1/cl_shbsortcriterion(
iv_field = |string|
iv_sortorder = |string|
)
)
)
iv_maxresults = 123
iv_nexttoken = |string|
).
This is an example of reading all possible response values
lo_result = lo_result.
IF lo_result IS NOT INITIAL.
LOOP AT lo_result->get_findings( ) into lo_row.
lo_row_1 = lo_row.
IF lo_row_1 IS NOT INITIAL.
ENDIF.
ENDLOOP.
lv_nexttoken = lo_result->get_nexttoken( ).
ENDIF.