Introduction

With the Security Insights (formerly Security Advisor) component of the IBM Cloud® Security and Compliance Center, you can receive alerts for possible issues, which can help you to feel more confident in the security of your IBM Cloud account and resources.

Based on Grafeas, the Findings API is used to find and display occurrences of security issues in your IBM Cloud account by using the artifact metadata specification. Findings are summarized in cards in the Security and Compliance Center dashboard that allow you to see the security status of your account at a glance and start an investigation into any potential issues.

SDKs for Java, Node, Python, and Go are available to make it easier to programmatically access the API from your code. The client libraries that are provided by the SDKs implement best practices for using the API and reduce the amount of code that you need to write. The tab for each language includes code examples that demonstrate how to use the client libraries. For more information about using the SDKs, see the IBM Cloud SDK Common project on GitHub.

As part of the transition, the Security Advisor SDK package will be deprecated on 31 December 2021. The replacement SDK is already available and this documentation has been updated to support it. If you're working with the Security Advisor SDK and you aren't ready to migrate, you can view the docs in GitHub. But, you must update your applications to use the Security and Compliance Center SDK by 31 December 2021.

Installing the Java SDK

Maven

<dependency>
    <groupId>com.ibm.cloud</groupId>
    <artifactId>findings</artifactId>
    <version>0.0.33</version>
</dependency>

Gradle

compile 'com.ibm.cloud:findings:0.0.33'

View on GitHub

Installing the Go SDK

Go modules (recommended): Add the following import in your code, and then run go build or go mod tidy

import (
    "github.com/IBM/scc-go-sdk/findingsv1"
)

Go get

go get -u github.com/IBM/scc-go-sdk/findingsv1

View on GitHub

Installing the Node SDK

npm install ibm-scc

View on GitHub

Installing the Python SDK

pip install --upgrade "ibm-scc>=0.0.15"

View on GitHub

Endpoint URLs

Security and Compliance Center supports location-specific endpoint URLs that you can use to interact with the Security and Compliance Center over the public internet. A location represents the geographic area where your Security and Compliance Center requests are handled and processed.

When you call this API, be sure to use the endpoint URL that corresponds with the location settings that can be found in the Security and Compliance Center.

You can also retrieve your location settings programmatically by using the Admin API. For more information about viewing and managing your location settings, check out the docs.

Endpoint URLS by location

  • United States: https://us-south.secadvisor.cloud.ibm.com/findings
  • European Union: https://eu.compliance.cloud.ibm.com/si/findings
  • United Kingdom: https://eu-gb.secadvisor.cloud.ibm.com/findings

Base URL

https://{location}.secadvisor.cloud.ibm.com/findings

Authentication

Authorization to the Security and Compliance Center API is enforced by using an IBM Cloud Identity and Access Management (IAM) access token. The token is used to determine the actions that a user or service ID has access to when they use the API.

To work with the API, include a valid IAM token in each outgoing request to the service. You can generate an access token by first creating an API key and then exchanging your API key for an IBM Cloud IAM token.

Don't have an API key? Try running ibmcloud iam oauth-tokens in the IBM Cloud Shell to quickly generate a personal access token.

To generate an access token from your API key, use the following cURL command.

curl -X POST \
  "https://iam.cloud.ibm.com/identity/token" \
  --header 'Content-Type: application/x-www-form-urlencoded' \
  --header 'Accept: application/json' \
  --data-urlencode 'grant_type=urn:ibm:params:oauth:grant-type:apikey' \
  --data-urlencode 'apikey=<API_KEY>'

Replace <API_KEY> with your IBM Cloud API key.

When you use the SDK, configure an IAM authenticator with an IBM Cloud IAM API key. The authenticator automatically obtains the IAM access token for the API key and includes it with each request. You can configure an authenticator in either of two ways:

  • Programmatically by constructing an IAM authenticator instance and supplying your IAM API key
  • By defining the API key in external configuration properties and then using the SDK authenticator factory to construct an IAM authenticator that uses the configured IAM API key

For more information, see the Authentication section of the IBM Cloud SDK Common documentation.

Example for the United States location

curl -X {request_method} "https://us-south.secadvisor.cloud.ibm.com/findings/v1/{account_ID}/{method}" --header "Authorization: Bearer {IAM_token}"

Replace {account_ID} and {IAM_token} with your credentials.

Constructing the service client

import com.ibm.cloud.sdk.core.security.IamAuthenticator;
import com.ibm.cloud.scc.findings.v1.Findings;

IamAuthenticator authenticator = new IamAuthenticator("<API_KEY>");
Findings findingsApi = new Findings("<ACCOUNT_ID>", "findings", authenticator);

findings_api.setServiceUrl("<URL>");

Replace <API_KEY>, <URL> and <ACCOUNT_ID> with your IBM Cloud IAM API key, service endpoint URL and IBM cloud account ID respectively..

Constructing the service client

import (
  "github.com/IBM/go-sdk-core/v5/core"
  "github.com/IBM/scc-go-sdk/findingsv1"
)

authenticator := &core.IamAuthenticator{
ApiKey: "<API_KEY>",
}

service, err := findingsapiv1.NewFindingsApiV1(&findingsapiv1.FindingsApiV1Options{
  Authenticator: authenticator,
  URL: "<URL>",
  AccountID: "<ACCOUNT_ID>"
})

Replace <API_KEY>, <URL> and <ACCOUNT_ID> with your IBM Cloud IAM API key, service endpoint URL and IBM cloud account ID respectively..

Constructing the service client

from ibm_scc import FindingsV1
from ibm_cloud_sdk_core.authenticators import IAMAuthenticator

authenticator = IAMAuthenticator('<API_KEY>')
ibm_cloud_security_advisor =  FindingsV1(authenticator=authenticator, account_id="<ACCOUNT_ID>")

ibm_cloud_security_advisor.set_service_url("<URL>")

Replace <API_KEY>, <URL> and <ACCOUNT_ID> with your IBM Cloud IAM API key, service endpoint URL and IBM cloud account ID respectively..

Constructing the service client

const FindingsAPI =  require('ibm-scc/findings/v1');
const { IamAuthenticator } = require('ibm-scc/auth');

const findingsAPIClient = FindingsAPI.newInstance({
    authenticator: new IamAuthenticator({ apikey: '<API_KEY>' }),
    accountId: "<ACCOUNT_ID>",
});

findingsAPIClient.setServiceUrl('<URL>');

Replace <API_KEY>, <URL> and <ACCOUNT_ID> with your IBM Cloud IAM API key, service endpoint URL and IBM cloud account ID respectively..

Auditing

You can monitor API activity within your account by using the IBM Cloud Activity Tracker service. Whenever an API method is called, an event is generated that you can then track and audit from within Activity Tracker.

The specific event type is listed for each individual method. For more information about how to track Security and Compliance Center activity, see Auditing events for Security and Compliance Center.

Error handling

Security and Compliance Center uses standard HTTP status codes to indicate whether a method completed successfully. A 200 response always indicates success. A 400 type response is some sort of failure, and a 500 type response usually indicates an internal system error.

Status code summary
Status code Description
200 OK Everything worked as expected.
201 OK Everything worked as expected. No content is returned.
400 Bad Request The request was unsuccessful, often due to a missing required parameter.
401 Unauthorized The parameters were valid but the request failed due to insufficient permissions.
404 Not Found The requested resource doesn't exist.
409 Conflict The requested resource conflicts with an already existing resource.
410 Gone The requested resource was deleted and no longer exists.
429 Too Many Requests Too many requests hit the API too quickly.
500 Internal Server Error Something went wrong on Security and Compliance Center's end.

Methods

Query findings

Query findings by using the GraphQL query language. For more information about using GraphQL, see the GraphQL documentation.

Query findings by using the GraphQL query language. For more information about using GraphQL, see the GraphQL documentation.

Query findings by using the GraphQL query language. For more information about using GraphQL, see the GraphQL documentation.

Query findings by using the GraphQL query language. For more information about using GraphQL, see the GraphQL documentation.

Query findings by using the GraphQL query language. For more information about using GraphQL, see the GraphQL documentation.

POST /v1/{account_id}/graph
(findings *FindingsV1) PostGraph(postGraphOptions *PostGraphOptions) (response *core.DetailedResponse, err error)
(findings *FindingsV1) PostGraphWithContext(ctx context.Context, postGraphOptions *PostGraphOptions) (response *core.DetailedResponse, err error)
ServiceCall<Void> postGraph(PostGraphOptions postGraphOptions)
postGraph(params)
post_graph(self,
        body: Union[str, TextIO],
        *,
        content_type: str = None,
        transaction_id: str = None,
        **kwargs
    ) -> DetailedResponse

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > name > Access policies.

  • security-advisor.findings.list

Auditing

Calling this method generates the following auditing event.

  • security-advisor.findings.list

Request

Instantiate the PostGraphOptions struct and set the fields to provide parameter values for the PostGraph method.

Use the PostGraphOptions.Builder to create a PostGraphOptions object that contains the parameter values for the postGraph method.

Custom Headers

  • The transaction ID for the request in UUID v4 format.

    Possible values: Value must match regular expression ^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$|^$

  • Allowable values: [application/graphql,application/json]

Path Parameters

  • Account ID

Body for query findings

WithContext method only

The PostGraph options.

The postGraph options.

parameters

  • Account ID.

  • Body for query findings.

  • The type of the input.

    Allowable values: [application/json,application/graphql]

  • The transaction ID for the request in UUID v4 format.

    Possible values: Value must match regular expression /^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$|^$/

parameters

  • Account ID.

  • Body for query findings.

  • The type of the input.

    Allowable values: [application/json,application/graphql]

  • The transaction ID for the request in UUID v4 format.

    Possible values: Value must match regular expression /^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$|^$/

  • curl -X POST "https://<region>.secadvisor.cloud.ibm.com/findings/v1/graph"   -H 'Authorization: Bearer <IAM_token>'   -H 'Content-Type: application/json'   --data-raw '{
          "query": "{occurrences(kind: \"FINDING\") {name}}"
        }'
  • func PostGraph() {
      headers := make(map[string]string)
      headers["Content-Type"] = "application/graphql"
    
      // Query using ioutils
      newQuery := ioutil.NopCloser(strings.NewReader(`query {findingCount: occurrenceCount(kind: "FINDING")}`))
      postGraphOptions := service.NewPostGraphOptions(accountID)
      postGraphOptions.SetBody(newQuery)
      postGraphOptions.SetHeaders(headers)
      res, operationErr := service.PostGraph(postGraphOptions)
      if operationErr != nil {
        fmt.Println("Err", operationErr)
      }
      fmt.Println(res.Result)
    
    }
  • public class PostGraph {
    
        private PostGraph() { }
    
        public static void main(String[] args) {
            String body = "{notes{id}}";
    
            PostGraphOptions opts = new PostGraphOptions.Builder()
                    .body(new ByteArrayInputStream(body.getBytes()))
            .contentType("application/graphql")
            .build();
    
            Response<Void> resp = findingsApi.postGraph(opts).execute();
            System.out.println(resp.getResult());
        }
    }
  • const params = {
     contentType: "application/graphql",
      body: 'query {occurrences(kind: "FINDING") {name}}'
    };
    
    findingsAPIClient
      .postGraph(params)
      .then(response => {
        console.log(JSON.stringify(response.result, null, 2));
      })
      .catch(err => {
        console.log('error: ', err);
      });
  • response = ibm_cloud_security_advisor.post_graph(
        body='query {occurrences(kind: "FINDING") {name}}',
      content_type="application/graphql"
    )
    
    print(response)

Response

Status Code

  • The query data is returned.

Example responses
  • {
      "data": {
        "occurrences": [
          {
            "name": "fd2349bf5144594dt9914c08c91b6a15a/providers/security-advisor/occurrences/ata-1594862964602"
          },
          {
            "name": "fd2349bf5144594dt9914c08c91b6a15a/providers/security-advisor/occurrences/occurence1"
          },
          {
            "name": "fd2349bf5144594dt9914c08c91b6a15a/providers/security-advisor/occurrences/critical-finding"
          }
        ]
      }
    }
  • {
      "data": {
        "occurrences": [
          {
            "name": "fd2349bf5144594dt9914c08c91b6a15a/providers/security-advisor/occurrences/ata-1594862964602"
          },
          {
            "name": "fd2349bf5144594dt9914c08c91b6a15a/providers/security-advisor/occurrences/occurence1"
          },
          {
            "name": "fd2349bf5144594dt9914c08c91b6a15a/providers/security-advisor/occurrences/critical-finding"
          }
        ]
      }
    }

List providers

List all of the providers for a specified account.

List all of the providers for a specified account.

List all of the providers for a specified account.

List all of the providers for a specified account.

List all of the providers for a specified account.

GET /v1/{account_id}/providers
(findings *FindingsV1) ListProviders(listProvidersOptions *ListProvidersOptions) (result *APIListProvidersResponse, response *core.DetailedResponse, err error)
(findings *FindingsV1) ListProvidersWithContext(ctx context.Context, listProvidersOptions *ListProvidersOptions) (result *APIListProvidersResponse, response *core.DetailedResponse, err error)
ServiceCall<ApiListProvidersResponse> listProviders(ListProvidersOptions listProvidersOptions)
listProviders(params)
list_providers(self,
        *,
        transaction_id: str = None,
        limit: int = None,
        skip: int = None,
        start_provider_id: str = None,
        end_provider_id: str = None,
        **kwargs
    ) -> DetailedResponse

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > name > Access policies.

  • security-advisor.metadata.list

Auditing

Calling this method generates the following auditing event.

  • security-advisor.metadata.list

Request

Instantiate the ListProvidersOptions struct and set the fields to provide parameter values for the ListProviders method.

Use the ListProvidersOptions.Builder to create a ListProvidersOptions object that contains the parameter values for the listProviders method.

Custom Headers

  • The transaction ID for the request in UUID v4 format.

    Possible values: Value must match regular expression ^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$|^$

Path Parameters

  • Account ID

Query Parameters

  • The number of documents that you want to return.

    Possible values: value ≥ 2

  • The offset is the index of the item from which you want to start returning data from. Default is 0.

  • The first provider ID included in the result, sorted in ascending order. If not provided, this parameter is ignored.

  • The last provider ID included in the result, sorted in ascending order. If not provided, this parameter is ignored.

WithContext method only

The ListProviders options.

The listProviders options.

parameters

  • Account ID.

  • The transaction ID for the request in UUID v4 format.

    Possible values: Value must match regular expression /^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$|^$/

  • The number of documents that you want to return.

    Possible values: value ≥ 2

  • The offset is the index of the item from which you want to start returning data from. Default is 0.

  • The first provider ID included in the result, sorted in ascending order. If not provided, this parameter is ignored.

  • The last provider ID included in the result, sorted in ascending order. If not provided, this parameter is ignored.

parameters

  • Account ID.

  • The transaction ID for the request in UUID v4 format.

    Possible values: Value must match regular expression /^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$|^$/

  • The number of documents that you want to return.

    Possible values: value ≥ 2

  • The offset is the index of the item from which you want to start returning data from. Default is 0.

  • The first provider ID included in the result, sorted in ascending order. If not provided, this parameter is ignored.

  • The last provider ID included in the result, sorted in ascending order. If not provided, this parameter is ignored.

  • curl -X GET "https://<region>.secadvisor.cloud.ibm.com/findings/v1/<account_ID>/providers"   -H 'Authorization: Bearer <IAM_token>'   -H 'Content-Type: application/json'
  • func ListProviders() {
      headers := make(map[string]string)
      headers["Content-Type"] = "application/json"
    
       listProvidersOptions := findingsService.NewListProvidersOptions()
    
      res, _, err := service.ListProviders(listProvidersOptions)
      if err != nil {
        fmt.Println("Failed to get list of providers: ", err)
      } else {
        fmt.Printf(`Found %d providers between "a" and "p". Limit is set to 5 per page.`, len(res.Providers))
        fmt.Println()
        if len(res.Providers) > 0 {
          fmt.Println("Providers 1 ID: ", *res.Providers[0].ID)
          fmt.Println("Providers 1 name: ", *res.Providers[0].Name)
    
        }
      }
    }
  • public class ListProviders {
    
        private ListProviders() { }
    
        public static void main(String[] args) {
            ListProvidersOptions opts = new ListProvidersOptions.Builder()
                    .build();
    
            Response<ApiListProvidersResponse> resp = findingsApi.listProviders(opts).execute();
            System.out.println(resp.getResult());
        }
    }
  • const params = {};
    
    findingsAPIClient
      .listProviders(params)
      .then(response => {
        console.log(JSON.stringify(response.result, null, 2));
      })
      .catch(err => {
        console.log('error: ', err);
      });
  • response = ibm_cloud_security_advisor.list_providers(account_id="<account_ID>")
    
    print(response)

Response

A list of providers is returned.

A list of providers is returned.

A list of providers is returned.

A list of providers is returned.

Status Code

  • A list of providers is returned.

Example responses
  • {
      "providers": [
        {
          "name": "fd2349bf5144594dt9914c08c91b6a15a/providers/secadvisor",
          "id": "secadvisor"
        },
        {
          "name": "fd2349bf5144594dt9914c08c91b6a15a/providers/security-advisor",
          "id": "security-advisor"
        }
      ]
    }
  • {
      "providers": [
        {
          "name": "fd2349bf5144594dt9914c08c91b6a15a/providers/secadvisor",
          "id": "secadvisor"
        },
        {
          "name": "fd2349bf5144594dt9914c08c91b6a15a/providers/security-advisor",
          "id": "security-advisor"
        }
      ]
    }

Create a note

Register a new finding type with the Security and Compliance Center.

A successful request creates a note with a high-level description of a particular type of finding. To learn more about creating notes to register findings, see Custom findings.

Register a new finding type with the Security and Compliance Center.

A successful request creates a note with a high-level description of a particular type of finding. To learn more about creating notes to register findings, see Custom findings.

Register a new finding type with the Security and Compliance Center.

A successful request creates a note with a high-level description of a particular type of finding. To learn more about creating notes to register findings, see Custom findings.

Register a new finding type with the Security and Compliance Center.

A successful request creates a note with a high-level description of a particular type of finding. To learn more about creating notes to register findings, see Custom findings.

Register a new finding type with the Security and Compliance Center.

A successful request creates a note with a high-level description of a particular type of finding. To learn more about creating notes to register findings, see Custom findings.

POST /v1/{account_id}/providers/{provider_id}/notes
(findings *FindingsV1) CreateNote(createNoteOptions *CreateNoteOptions) (result *APINote, response *core.DetailedResponse, err error)
(findings *FindingsV1) CreateNoteWithContext(ctx context.Context, createNoteOptions *CreateNoteOptions) (result *APINote, response *core.DetailedResponse, err error)
ServiceCall<ApiNote> createNote(CreateNoteOptions createNoteOptions)
createNote(params)
create_note(self,
        provider_id: str,
        short_description: str,
        long_description: str,
        kind: str,
        id: str,
        reported_by: 'Reporter',
        *,
        related_url: List['ApiNoteRelatedUrl'] = None,
        expiration_time: datetime = None,
        shared: bool = None,
        finding: 'FindingType' = None,
        kpi: 'KpiType' = None,
        card: 'Card' = None,
        section: 'Section' = None,
        transaction_id: str = None,
        **kwargs
    ) -> DetailedResponse

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > name > Access policies.

  • security-advisor.metadata.write

Auditing

Calling this method generates the following auditing event.

  • security-advisor.metadata.write

Request

Instantiate the CreateNoteOptions struct and set the fields to provide parameter values for the CreateNote method.

Use the CreateNoteOptions.Builder to create a CreateNoteOptions object that contains the parameter values for the createNote method.

Custom Headers

  • The transaction ID for the request in UUID v4 format.

    Possible values: Value must match regular expression ^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$|^$

Path Parameters

  • Account ID

  • Part of the parent. This field contains the provider ID. For example: providers/{provider_id}

The request body that is required to create a note.

WithContext method only

The CreateNote options.

The createNote options.

parameters

  • Account ID.

  • Part of the parent. This field contains the provider ID. For example: providers/{provider_id}.

  • A one sentence description of your note.

  • A more detailed description of your note.

  • The type of note. Use this field to filter notes and occurences by kind.

    • FINDING: The note and occurrence represent a finding.
    • KPI: The note and occurrence represent a KPI value.
    • CARD: The note represents a card showing findings and related metric values.
    • CARD_CONFIGURED: The note represents a card configured for a user account.
    • SECTION: The note represents a section in a dashboard.

    Allowable values: [FINDING,KPI,CARD,CARD_CONFIGURED,SECTION]

  • The ID of the note.

  • The entity reporting a note.

  • Metadata for any related URL information.

  • Time of expiration for this note, null if note does not expire.

  • True if this note can be shared by multiple accounts.

    Default: true

  • FindingType provides details about a finding note.

  • KpiType provides details about a KPI note.

  • Card provides details about a card kind of note.

  • Card provides details about a card kind of note.

  • The transaction ID for the request in UUID v4 format.

    Possible values: Value must match regular expression /^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$|^$/

parameters

  • Account ID.

  • Part of the parent. This field contains the provider ID. For example: providers/{provider_id}.

  • A one sentence description of your note.

  • A more detailed description of your note.

  • The type of note. Use this field to filter notes and occurences by kind.

    • FINDING: The note and occurrence represent a finding.
    • KPI: The note and occurrence represent a KPI value.
    • CARD: The note represents a card showing findings and related metric values.
    • CARD_CONFIGURED: The note represents a card configured for a user account.
    • SECTION: The note represents a section in a dashboard.

    Allowable values: [FINDING,KPI,CARD,CARD_CONFIGURED,SECTION]

  • The ID of the note.

  • The entity reporting a note.

  • Metadata for any related URL information.

  • Time of expiration for this note, null if note does not expire.

  • True if this note can be shared by multiple accounts.

    Default: true

  • FindingType provides details about a finding note.

  • KpiType provides details about a KPI note.

  • Card provides details about a card kind of note.

  • Card provides details about a card kind of note.

  • The transaction ID for the request in UUID v4 format.

    Possible values: Value must match regular expression /^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$|^$/

  • curl -X POST "https://<region>.secadvisor.cloud.ibm.com/findings/v1/<account_id>/providers/<provider_id>/notes"   -H 'accept: application/json'   -H 'Authorization: Bearer <IAM_token>'   -H 'Content-Type: application/json'   -d '{
            "kind": "FINDING",
            "short_description": "Inactive user(s) in account",
            "long_description": "Non-active users listed in account",
            "id": "inactiveUsers",
            "reported_by": {
                "id": "my-custom-IAM-scanner",
                "title": "IAMScanner"
            },
            "finding": {
              "severity": "MEDIUM",
              "next_steps": [
                {
                  "title": "Go to account user management",
                  "url": "https://cloud.ibm.com/iam/users"
                },
                {
                  "title": "Visit account user management"
                },
                {
                  "title": "Validate and remove non-active users"
                }
              ]
            }
          }'
  • func CreateFindingNote() {
      headers := make(map[string]string)
      headers["Content-Type"] = "application/json"
    
       providerID := "my-custom-security-tool"
      shortDescription := "Inactive user(s) in account"
      longDescription := "Non-active users listed in account"
      kind := "FINDING"
      id := "inactiveUsers"
      reportedBy, _ := service.NewReporter("my-custom-IAM-scanner", "https://example.com")
      remediationTitle := "Validate and remove non-active users"
      remediationURL := "https://cloud.ibm.com/iam/users"
      nextStep := []findingsapiv1.RemediationStep{{Title: &remediationTitle, URL: &remediationURL}}
      severity := "MEDIUM"
      finding := findingsapiv1.FindingType{Severity: &severity, NextSteps: nextStep}
    
      var createNoteOptions = service.NewCreateNoteOptions(accountID, providerID, shortDescription, longDescription, kind, id, reportedBy)
      createNoteOptions.SetHeaders(headers)
      createNoteOptions.SetFinding(&finding)
    
      result, response, operationErr := service.CreateNote(createNoteOptions)
      if operationErr != nil {
        fmt.Println("Failed to create note: ", operationErr)
        fmt.Println(response.Result)
      } else {
        fmt.Println(response.StatusCode)
        fmt.Println(*result.ID)
        fmt.Println(*result.Kind)
        fmt.Println(*result.ShortDescription)
      }
    
    }
  • public class CreateFinding {
    
        private CreateFinding() { }
    
        public static void main(String[] args) {
            Reporter reporterModel = new Reporter.Builder()
                .id("my-custom-IAM-scanner")
                .title("IAMScanner")
                .build();
    
            RemediationStep nextStep = new RemediationStep.Builder()
                .title("Validate and remove non-active users")
                .url("https://cloud.ibm.com/iam/users")
                .build();
    
            FindingType findingModel = new FindingType.Builder()
                .severity("MEDIUM")
                .nextSteps(new java.util.ArrayList<RemediationStep>(java.util.Arrays.asList(nextStep)))
                .build();
    
            CreateNoteOptions createNoteOptionsModel = new CreateNoteOptions.Builder()
                            .providerId("my-custom-security-tool")
                .shortDescription("Inactive user(s) in account")
                .longDescription("Non-active users listed in account")
                .kind("FINDING")
                .id("inactiveUsers")
                .reportedBy(reporterModel)
                .finding(findingModel)
                .build();
    
            Response<ApiNote> resp = findingsApi.createNote(createNoteOptionsModel).execute();
            System.out.println(resp.getResult());
        }
    }
  • const params = {
      providerId: "my-custom-security-tool",
      newId: "inactiveUsers"
      newKind: "FINDING",
      newShortDescription: "Inactive user(s) in account",
      newLongDescription: "Non-active users listed in account",
      newReportedBy: {
        newId: "my-custom-IAM-scanner",
        title: "IAMScanner"
      },
      newFinding: {
        severity: "MEDIUM",
        next_steps: [{
          title: "Go to account user management",
          url: "https://cloud.ibm.com/iam/users"
          },
          {
          title: "Visit account user management"
          },
          {
          title: "Validate and remove non-active users"
          }
        }]
      }
    };
    
    findingsAPIClient
      .createNote(params)
      .then(response => {
        console.log(JSON.stringify(response.result, null, 2));
      })
      .catch(err => {
        console.log('error: ', err);
      });
  • response = ibm_cloud_security_advisor.create_note(
        provider_id="my-custom-security-tool",
      short_description="Inactive user(s) in account",
      long_description="Non-active users listed in account",
      kind="FINDING",
      id="inactiveUsers",
      reported_by={'id':'my-custom-IAM-scanner','title':'IAMScanner'},
      finding={
        "severity": "MEDIUM",
        "next_steps": [
          {
            "title": "Go to account user management",
            "url": "https://cloud.ibm.com/iam/users"
          },
          {
            "title": "Visit account user management"
          },
          {
            "title": "Validate and remove non-active users"
          }
        ]
      }
    )
    
    print(response)

Response

Provides a detailed description of a note.

Provides a detailed description of a note.

Provides a detailed description of a note.

Provides a detailed description of a note.

Provides a detailed description of a note.

Status Code

  • The note is created successfully.

Example responses
  • {
      "short_description": "Inactive user(s) in account",
      "long_description": "Non-active users listed in account",
      "kind": "FINDING",
      "related_url": [
        {
          "label": "IAMScanner",
          "url": "https://cloud.ibm.com/iam/users"
        }
      ],
      "expiration_time": "2021-06-03T12:20:19.442Z",
      "create_time": "2021-06-03T12:20:19.442Z",
      "update_time": "2021-06-03T12:20:19.442Z",
      "id": "inactiveUsers",
      "shared": true,
      "reported_by": {
        "id": "my-custom-IAM-scanner",
        "title": "IAMScanner",
        "url": "https://cloud.ibm.com/iam/users"
      },
      "finding": {
        "severity": "MEDIUM",
        "next_steps": [
          {
            "title": "Go to account user management",
            "url": "https://cloud.ibm.com/iam/users"
          },
          {
            "title": "Visit account user management"
          },
          {
            "title": "Validate and remove non-active user1"
          }
        ]
      }
    }
  • {
      "short_description": "Inactive user(s) in account",
      "long_description": "Non-active users listed in account",
      "kind": "FINDING",
      "related_url": [
        {
          "label": "IAMScanner",
          "url": "https://cloud.ibm.com/iam/users"
        }
      ],
      "expiration_time": "2021-06-03T12:20:19.442Z",
      "create_time": "2021-06-03T12:20:19.442Z",
      "update_time": "2021-06-03T12:20:19.442Z",
      "id": "inactiveUsers",
      "shared": true,
      "reported_by": {
        "id": "my-custom-IAM-scanner",
        "title": "IAMScanner",
        "url": "https://cloud.ibm.com/iam/users"
      },
      "finding": {
        "severity": "MEDIUM",
        "next_steps": [
          {
            "title": "Go to account user management",
            "url": "https://cloud.ibm.com/iam/users"
          },
          {
            "title": "Visit account user management"
          },
          {
            "title": "Validate and remove non-active user1"
          }
        ]
      }
    }

List notes

List all of the available notes for a specific provider.

List all of the available notes for a specific provider.

List all of the available notes for a specific provider.

List all of the available notes for a specific provider.

List all of the available notes for a specific provider.

GET /v1/{account_id}/providers/{provider_id}/notes
(findings *FindingsV1) ListNotes(listNotesOptions *ListNotesOptions) (result *APIListNotesResponse, response *core.DetailedResponse, err error)
(findings *FindingsV1) ListNotesWithContext(ctx context.Context, listNotesOptions *ListNotesOptions) (result *APIListNotesResponse, response *core.DetailedResponse, err error)
ServiceCall<ApiListNotesResponse> listNotes(ListNotesOptions listNotesOptions)
listNotes(params)
list_notes(self,
        provider_id: str,
        *,
        transaction_id: str = None,
        page_size: int = None,
        page_token: str = None,
        **kwargs
    ) -> DetailedResponse

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > name > Access policies.

  • security-advisor.metadata.list

Auditing

Calling this method generates the following auditing event.

  • security-advisor.metadata.list

Request

Instantiate the ListNotesOptions struct and set the fields to provide parameter values for the ListNotes method.

Use the ListNotesOptions.Builder to create a ListNotesOptions object that contains the parameter values for the listNotes method.

Custom Headers

  • The transaction ID for the request in UUID v4 format.

    Possible values: Value must match regular expression ^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$|^$

Path Parameters

  • Account ID

  • Part of the parent. This field contains the provider ID. For example: providers/{provider_id}

Query Parameters

  • Number of notes to return in the list.

    Possible values: value ≥ 2

  • Token to provide to skip to a particular spot in the list.

WithContext method only

The ListNotes options.

The listNotes options.

parameters

  • Account ID.

  • Part of the parent. This field contains the provider ID. For example: providers/{provider_id}.

  • The transaction ID for the request in UUID v4 format.

    Possible values: Value must match regular expression /^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$|^$/

  • Number of notes to return in the list.

    Possible values: value ≥ 2

  • Token to provide to skip to a particular spot in the list.

parameters

  • Account ID.

  • Part of the parent. This field contains the provider ID. For example: providers/{provider_id}.

  • The transaction ID for the request in UUID v4 format.

    Possible values: Value must match regular expression /^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$|^$/

  • Number of notes to return in the list.

    Possible values: value ≥ 2

  • Token to provide to skip to a particular spot in the list.

  • curl -X GET "https://<region>.secadvisor.cloud.ibm.com/findings/v1/<account_id>/providers/<provider_id>/notes"   -H 'Authorization: Bearer <IAM_token>'   -H 'Content-Type: application/json'
  • func ListNotes() {
      accountID :=  "<account_ID>"
      providerID := "<provider_ID>"
    
      listNotesOptions := service.NewListNotesOptions(accountID, providerID)
      listNotesOptions.SetPageSize(2)
    
      listNotesResult, listNotesResponse, err := service.ListNotes(listNotesOptions)
      if err != nil {
        fmt.Println(err)
        fmt.Println(listNotesResponse.Result)
        return
      }
    
      fmt.Println(listNotesResponse.Result)
      fmt.Println("Result: ", listNotesResult.Notes[0])
    }
  • public class ListNotes {
    
        private ListNotes() { }
    
        public static void main(String[] args) {
            ListNotesOptions opts = new ListNotesOptions.Builder()
                    .providerId("<provider_ID>")
            .build();
    
            Response<ApiListNotesResponse> resp = findingsApi.listNotes(opts).execute();
            System.out.println(resp.getResult());
        }
    }
  • const params = {
      providerId: "<provider_ID>"
    };
    
    findingsAPIClient
      .listNotes(params)
      .then(response => {
        console.log(JSON.stringify(response.result, null, 2));
      })
      .catch(err => {
        console.log('error: ', err);
      });
  • response = ibm_cloud_security_advisor.list_notes(
        provider_id="<provider_ID>",
    )
    
    print(response)

Response

Response including listed notes.

Response including listed notes.

Response including listed notes.

Response including listed notes.

Response including listed notes.

Status Code

  • A list of notes is returned.

Example responses
  • {
      "next_page_token": null,
      "notes": [
        {
          "short_description": "Inactive user(s) in account",
          "long_description": "Non-active users listed in account",
          "kind": "FINDING",
          "related_url": [
            {
              "label": "IAMScanner",
              "url": "https://cloud.ibm.com/iam/users"
            }
          ],
          "expiration_time": "2021-06-03T12:20:19.442Z",
          "create_time": "2021-06-03T12:20:19.442Z",
          "update_time": "2021-06-03T12:20:19.442Z",
          "id": "inactiveUsers",
          "shared": true,
          "reported_by": {
            "id": "my-custom-IAM-scanner",
            "title": "IAMScanner",
            "url": "https://cloud.ibm.com/iam/users"
          },
          "finding": {
            "severity": "MEDIUM",
            "next_steps": [
              {
                "title": "Go to account user management",
                "url": "https://cloud.ibm.com/iam/users"
              },
              {
                "title": "Visit account user management"
              },
              {
                "title": "Validate and remove non-active users"
              }
            ]
          }
        }
      ]
    }
  • {
      "next_page_token": null,
      "notes": [
        {
          "short_description": "Inactive user(s) in account",
          "long_description": "Non-active users listed in account",
          "kind": "FINDING",
          "related_url": [
            {
              "label": "IAMScanner",
              "url": "https://cloud.ibm.com/iam/users"
            }
          ],
          "expiration_time": "2021-06-03T12:20:19.442Z",
          "create_time": "2021-06-03T12:20:19.442Z",
          "update_time": "2021-06-03T12:20:19.442Z",
          "id": "inactiveUsers",
          "shared": true,
          "reported_by": {
            "id": "my-custom-IAM-scanner",
            "title": "IAMScanner",
            "url": "https://cloud.ibm.com/iam/users"
          },
          "finding": {
            "severity": "MEDIUM",
            "next_steps": [
              {
                "title": "Go to account user management",
                "url": "https://cloud.ibm.com/iam/users"
              },
              {
                "title": "Visit account user management"
              },
              {
                "title": "Validate and remove non-active users"
              }
            ]
          }
        }
      ]
    }

Get a note by provider

Get the details of the note that is associated with a specified note ID and provider ID.

Get the details of the note that is associated with a specified note ID and provider ID.

Get the details of the note that is associated with a specified note ID and provider ID.

Get the details of the note that is associated with a specified note ID and provider ID.

Get the details of the note that is associated with a specified note ID and provider ID.

GET /v1/{account_id}/providers/{provider_id}/notes/{note_id}
(findings *FindingsV1) GetNote(getNoteOptions *GetNoteOptions) (result *APINote, response *core.DetailedResponse, err error)
(findings *FindingsV1) GetNoteWithContext(ctx context.Context, getNoteOptions *GetNoteOptions) (result *APINote, response *core.DetailedResponse, err error)
ServiceCall<ApiNote> getNote(GetNoteOptions getNoteOptions)
getNote(params)
get_note(self,
        provider_id: str,
        note_id: str,
        *,
        transaction_id: str = None,
        **kwargs
    ) -> DetailedResponse

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > name > Access policies.

  • security-advisor.metadata.read

Auditing

Calling this method generates the following auditing event.

  • security-advisor.metadata.read

Request

Instantiate the GetNoteOptions struct and set the fields to provide parameter values for the GetNote method.

Use the GetNoteOptions.Builder to create a GetNoteOptions object that contains the parameter values for the getNote method.

Custom Headers

  • The transaction ID for the request in UUID v4 format.

    Possible values: Value must match regular expression ^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$|^$

Path Parameters

  • Account ID

  • Part of the parent. This field contains the provider ID. For example: providers/{provider_id}

  • Second part of note name: providers/{provider_id}/notes/{note_id}

WithContext method only

The GetNote options.

The getNote options.

parameters

  • Account ID.

  • Part of the parent. This field contains the provider ID. For example: providers/{provider_id}.

  • Second part of note name: providers/{provider_id}/notes/{note_id}.

  • The transaction ID for the request in UUID v4 format.

    Possible values: Value must match regular expression /^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$|^$/

parameters

  • Account ID.

  • Part of the parent. This field contains the provider ID. For example: providers/{provider_id}.

  • Second part of note name: providers/{provider_id}/notes/{note_id}.

  • The transaction ID for the request in UUID v4 format.

    Possible values: Value must match regular expression /^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$|^$/

  • curl -X GET "https://<region>.secadvisor.cloud.ibm.com/findings/v1/<account_ID>/providers/<provider_ID>/notes/<notes_ID>"   -H 'Authorization: Bearer <IAM_token>'   -H 'Content-Type: application/json'
  • func GetNote() {
       providerID := "<provider_ID>"
      noteID := "<note_ID>"
    
      getNotesOptions := service.NewGetNoteOptions(accountID, providerID, noteID)
    
      result, response, err := service.GetNote(getNotesOptions)
      if err != nil {
        fmt.Println(err)
        fmt.Println(response.Result)
        return
      }
    
      fmt.Println(response.Result)
      fmt.Println(*result.Kind)
      fmt.Println(*result.ID)
    
    }
  • public final class GetNote {
    
        private GetNote() { }
    
        public static void main(String[] args) {
            GetNoteOptions opts = new GetNoteOptions.Builder()
                    .providerId("<provider_ID>")
            .noteId("<note_ID>")
            .build();
    
            Response<GetNoteResponse> resp = findingsApi.getNote(opts).execute();
            System.out.println(resp.getResult());
        }
    }
  • const params = {
      providerId: "<provider_ID>",
      noteId: "<note_ID>"
    };
    
    findingsAPIClient
      .getNote(params)
      .then(response => {
        console.log(JSON.stringify(response.result, null, 2));
      })
      .catch(err => {
        console.log('error: ', err);
      });
  • response = ibm_cloud_security_advisor.get_note(
        provider_id="<provider_ID>",
      note_id="<note_ID>"
    )
    
    print(response)

Response

Provides a detailed description of a note.

Provides a detailed description of a note.

Provides a detailed description of a note.

Provides a detailed description of a note.

Provides a detailed description of a note.

Status Code

  • The note is returned successfully.

Example responses
  • {
      "short_description": "Inactive user(s) in account",
      "long_description": "Non-active users listed in account",
      "kind": "FINDING",
      "related_url": [
        {
          "label": "IAMScanner",
          "url": "https://cloud.ibm.com/iam/users"
        }
      ],
      "expiration_time": "2021-06-03T12:20:19.442Z",
      "create_time": "2021-06-03T12:20:19.442Z",
      "update_time": "2021-06-03T12:20:19.442Z",
      "id": "inactiveUsers",
      "shared": true,
      "reported_by": {
        "id": "my-custom-IAM-scanner",
        "title": "IAMScanner",
        "url": "https://cloud.ibm.com/iam/users"
      },
      "finding": {
        "severity": "MEDIUM",
        "next_steps": [
          {
            "title": "Go to account user management",
            "url": "https://cloud.ibm.com/iam/users"
          },
          {
            "title": "Visit account user management"
          },
          {
            "title": "Validate and remove non-active user1"
          }
        ]
      }
    }
  • {
      "short_description": "Inactive user(s) in account",
      "long_description": "Non-active users listed in account",
      "kind": "FINDING",
      "related_url": [
        {
          "label": "IAMScanner",
          "url": "https://cloud.ibm.com/iam/users"
        }
      ],
      "expiration_time": "2021-06-03T12:20:19.442Z",
      "create_time": "2021-06-03T12:20:19.442Z",
      "update_time": "2021-06-03T12:20:19.442Z",
      "id": "inactiveUsers",
      "shared": true,
      "reported_by": {
        "id": "my-custom-IAM-scanner",
        "title": "IAMScanner",
        "url": "https://cloud.ibm.com/iam/users"
      },
      "finding": {
        "severity": "MEDIUM",
        "next_steps": [
          {
            "title": "Go to account user management",
            "url": "https://cloud.ibm.com/iam/users"
          },
          {
            "title": "Visit account user management"
          },
          {
            "title": "Validate and remove non-active user1"
          }
        ]
      }
    }

Update a note

Update a note that already exists in your account.

Update a note that already exists in your account.

Update a note that already exists in your account.

Update a note that already exists in your account.

Update a note that already exists in your account.

PUT /v1/{account_id}/providers/{provider_id}/notes/{note_id}
(findings *FindingsV1) UpdateNote(updateNoteOptions *UpdateNoteOptions) (result *APINote, response *core.DetailedResponse, err error)
(findings *FindingsV1) UpdateNoteWithContext(ctx context.Context, updateNoteOptions *UpdateNoteOptions) (result *APINote, response *core.DetailedResponse, err error)
ServiceCall<ApiNote> updateNote(UpdateNoteOptions updateNoteOptions)
updateNote(params)
update_note(self,
        provider_id: str,
        note_id: str,
        short_description: str,
        long_description: str,
        kind: str,
        id: str,
        reported_by: 'Reporter',
        *,
        related_url: List['ApiNoteRelatedUrl'] = None,
        expiration_time: datetime = None,
        shared: bool = None,
        finding: 'FindingType' = None,
        kpi: 'KpiType' = None,
        card: 'Card' = None,
        section: 'Section' = None,
        transaction_id: str = None,
        **kwargs
    ) -> DetailedResponse

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > name > Access policies.

  • security-advisor.metadata.update

Auditing

Calling this method generates the following auditing event.

  • security-advisor.metadata.update

Request

Instantiate the UpdateNoteOptions struct and set the fields to provide parameter values for the UpdateNote method.

Use the UpdateNoteOptions.Builder to create a UpdateNoteOptions object that contains the parameter values for the updateNote method.

Custom Headers

  • The transaction ID for the request in UUID v4 format.

    Possible values: Value must match regular expression ^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$|^$

Path Parameters

  • Account ID

  • Part of the parent. This field contains the provider ID. For example: providers/{provider_id}

  • Second part of note name: providers/{provider_id}/notes/{note_id}

The request body that is required to update a note.

WithContext method only

The UpdateNote options.

The updateNote options.

parameters

  • Account ID.

  • Part of the parent. This field contains the provider ID. For example: providers/{provider_id}.

  • Second part of note name: providers/{provider_id}/notes/{note_id}.

  • A one sentence description of your note.

  • A more detailed description of your note.

  • The type of note. Use this field to filter notes and occurences by kind.

    • FINDING: The note and occurrence represent a finding.
    • KPI: The note and occurrence represent a KPI value.
    • CARD: The note represents a card showing findings and related metric values.
    • CARD_CONFIGURED: The note represents a card configured for a user account.
    • SECTION: The note represents a section in a dashboard.

    Allowable values: [FINDING,KPI,CARD,CARD_CONFIGURED,SECTION]

  • The ID of the note.

  • The entity reporting a note.

  • Metadata for any related URL information.

  • Time of expiration for this note, null if note does not expire.

  • True if this note can be shared by multiple accounts.

    Default: true

  • FindingType provides details about a finding note.

  • KpiType provides details about a KPI note.

  • Card provides details about a card kind of note.

  • Card provides details about a card kind of note.

  • The transaction ID for the request in UUID v4 format.

    Possible values: Value must match regular expression /^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$|^$/

parameters

  • Account ID.

  • Part of the parent. This field contains the provider ID. For example: providers/{provider_id}.

  • Second part of note name: providers/{provider_id}/notes/{note_id}.

  • A one sentence description of your note.

  • A more detailed description of your note.

  • The type of note. Use this field to filter notes and occurences by kind.

    • FINDING: The note and occurrence represent a finding.
    • KPI: The note and occurrence represent a KPI value.
    • CARD: The note represents a card showing findings and related metric values.
    • CARD_CONFIGURED: The note represents a card configured for a user account.
    • SECTION: The note represents a section in a dashboard.

    Allowable values: [FINDING,KPI,CARD,CARD_CONFIGURED,SECTION]

  • The ID of the note.

  • The entity reporting a note.

  • Metadata for any related URL information.

  • Time of expiration for this note, null if note does not expire.

  • True if this note can be shared by multiple accounts.

    Default: true

  • FindingType provides details about a finding note.

  • KpiType provides details about a KPI note.

  • Card provides details about a card kind of note.

  • Card provides details about a card kind of note.

  • The transaction ID for the request in UUID v4 format.

    Possible values: Value must match regular expression /^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$|^$/

  • curl -X PUT "https://<region>.secadvisor.cloud.ibm.com/findings/v1/<account_id>/providers/<provider_id>/notes/<note_ID>"   -H 'accept: application/json'   -H 'Authorization: Bearer <IAM_token>'   -H 'Content-Type: application/json'   -d '{
            "kind": "FINDING",
            "short_description": "LogDNA errors",
            "long_description": "We found errors in LogDNA logs, indicating possible security problems",
            "id": "<note_ID>",
            "reported_by": {
                "id": "my-custom-logdna-scanner",
                "title": "LogDNAScanner"
            },
            "finding": {
              "severity": "MEDIUM",
              "next_steps": [
                {
                  "title": "Go to the LogDNA dashboard",
                  "url": "https://cloud.ibm.com/observe/activitytracker"
                },
                {
                  "title": "Review LogDNA logs"
                }
              ]
            }
          }'
  • func UpdateNote() {
      headers := make(map[string]string)
      headers["Content-Type"] = "application/json"
    
       providerID := "my-custom-security-tool"
      noteID := accountID + "/providers/my-custom-security-tool/notes/logdna"
      shortDescription := "LogDNA errors"
      longDescription := "We found errors in LogDNA logs, indicating possible security problems"
      kind := "FINDING"
      id := "logdna"
      reportedBy, _ := service.NewReporter("LogDNAScanner", "https://example.cp")
      remediationTitle := "Review LogDNA logs"
      remediationURL := "https://cloud.ibm.com/observe/activitytracker"
      nextStep := []findingsapiv1.RemediationStep{{Title: &remediationTitle, URL: &remediationURL}}
      severity := "MEDIUM"
      finding := findingsapiv1.FindingType{Severity: &severity, NextSteps: nextStep}
    
      var updateNoteOptions = service.NewUpdateNoteOptions(accountID, providerID, noteID, shortDescription, longDescription, kind, id, reportedBy)
      updateNoteOptions.SetHeaders(headers)
      updateNoteOptions.SetAccountID(accountID)
      updateNoteOptions.SetFinding(&finding)
    
      result, response, operationErr := service.UpdateNote(updateNoteOptions)
      if operationErr != nil {
        fmt.Println("Failed to edit note: ", operationErr)
        fmt.Println(response.Result)
      } else {
        fmt.Println(*result.ShortDescription)
        fmt.Println(result)
        fmt.Println(response.StatusCode)
    
      }
    }
  • public class UpdateNote {
    
        private UpdateNote() { }
    
        public static void main(String[] args) {
            UpdateNoteOptions opts = new UpdateNoteOptions.Builder()
                    .providerId("<provider_ID>")
            .noteId("<note_ID>")
            .shortDescription("LogDNA errors")
            .longDescription("We found errors in LogDNA logs, indicating possible security problems")
            .kind("FINDING")
            .id("logdna")
            .severity(new java.util.ArrayList<String>(java.util.Arrays.asList("MEDIUM")))
            .build();
    
            Response<UpdateNoteResponse> resp = findingsApi.updateNote(opts).execute();
            System.out.println(resp.getResult());
        }
    }
  • const params = {
      providerId: "my-custom-security-tool",
      newId: "logdna"
      newKind: "FINDING",
      newShortDescription: "LogDNA errors",
      newLongDescription: "We found errors in LogDNA logs, indicating possible security problems",
      newReportedBy: {
        newId: "my-custom-logdna-scanner",
        title: "LogDNAScanner"
      },
      newFinding: {
        severity: "MEDIUM",
        next_steps: [{
          title: "Go to the LogDNA dashboard",
          url: "https://cloud.ibm.com/observe/activitytracker"
          },
          {
          title: "Review LogDNA logs"
          }
        }]
      }
    };
    
    findingsAPIClient
      .updateNote(params)
      .then(response => {
        console.log(JSON.stringify(response.result, null, 2));
      })
      .catch(err => {
        console.log('error: ', err);
      });
  • response = ibm_cloud_security_advisor.update_note(
        provider_id="my-custom-security-tool",
      short_description="LogDNA errors",
      long_description="We found errors in LogDNA logs, indicating possible security problems",
      kind="FINDING",
      id="logdna",
      reported_by={
        'id':'my-custom-logdna-scanner',
        'title':'LogDNAScanner',
        'url':'https://example.com'
      },
      finding={
          "severity": "MEDIUM",
          "next_steps": [
            {
              "title": "Review LogDNA logs",
              "url": "https://cloud.ibm.com/observe/activitytracker"
            }
          ]
      }
    )
    
    print(response)

Response

Provides a detailed description of a note.

Provides a detailed description of a note.

Provides a detailed description of a note.

Provides a detailed description of a note.

Provides a detailed description of a note.