steampipe plugin install oci

Table: oci_cloud_guard_detector_recipe - Query OCI Cloud Guard Detector Recipes using SQL

OCI Cloud Guard is a security service that identifies potential security weaknesses and consolidates this information into a single dashboard. It provides a comprehensive view of the security and compliance status of your resources in Oracle Cloud Infrastructure. Detector Recipes in Cloud Guard contain the configurations of detectors and the conditions that cause them to trigger.

Table Usage Guide

The oci_cloud_guard_detector_recipe table provides insights into the Detector Recipes within OCI Cloud Guard. As a security analyst, explore recipe-specific details through this table, including the associated managed list types, detector rules, and associated metadata. Utilize it to uncover information about detector recipes, such as their status, the conditions that trigger them, and the actions taken when those conditions are met.

Examples

Basic info

Explore which cloud guard detector recipes have been created, their respective IDs, when they were created, and their current lifecycle states. This information can help in managing and tracking the status of your cloud guard detector recipes.

select
name,
id,
time_created,
lifecycle_state as state
from
oci_cloud_guard_detector_recipe;
select
name,
id,
time_created,
lifecycle_state as state
from
oci_cloud_guard_detector_recipe;

List detector recipes which are not active

Explore which detector recipes in your Cloud Guard are inactive. This is useful for identifying potential security blind spots in your system.

select
name,
id,
time_created,
lifecycle_state as state
from
oci_cloud_guard_detector_recipe
where
lifecycle_state <> 'ACTIVE';
select
name,
id,
time_created,
lifecycle_state as state
from
oci_cloud_guard_detector_recipe
where
lifecycle_state <> 'ACTIVE';

Discover the segments that have password-related rules within the detector recipes. This query is useful for assessing security measures in place and ensuring rules regarding password age and complexity are being enforced.

select
name,
e ->> 'detectorRuleId' as Rule_name,
e -> 'details' ->> 'isEnabled' as status
from
oci_cloud_guard_detector_recipe,
jsonb_array_elements(effective_detector_rules) as e
where
e ->> 'detectorRuleId' = 'PASSWORD_TOO_OLD'
or e ->> 'detectorRuleId' = 'PASSWORD_POLICY_NOT_COMPLEX';
select
name,
json_extract(e.value, '$.detectorRuleId') as Rule_name,
json_extract(json_extract(e.value, '$.details'), '$.isEnabled') as status
from
oci_cloud_guard_detector_recipe,
json_each(effective_detector_rules) as e
where
json_extract(e.value, '$.detectorRuleId') = 'PASSWORD_TOO_OLD'
or json_extract(e.value, '$.detectorRuleId') = 'PASSWORD_POLICY_NOT_COMPLEX';

Schema for oci_cloud_guard_detector_recipe

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
compartment_idtext=The OCID of the compartment in Tenant in which the resource is located.
defined_tagsjsonbDefined tags for resource. Defined tags are set up in your tenancy by an administrator. Only users granted permission to work with the defined tags can apply them to resources.
descriptiontextDetector recipe description.
detectortextType of detector.
detector_rulesjsonbList of detector rules for the detector type for recipe.
effective_detector_rulesjsonbList of detector rules for the detector type for recipe.
freeform_tagsjsonbFree-form tags for resource. This tags can be applied by any user with permissions on the resource.
idtext=Ocid for detector recipe.
lifecycle_statetext=The current state of the detector recipe.
nametext=DisplayName of detector recipe.
ownertextOwner of detector recipe.
source_detector_recipe_idtextRecipe Ocid of the Source Recipe to be cloned.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
system_tagsjsonbSystem tags for resource. System tags can be viewed by users, but can only be created by the system.
tagsjsonbA map of tags for the resource.
tenant_idtext=, !=, ~~, ~~*, !~~, !~~*The OCID of the Tenant in which the resource is located.
tenant_nametextThe name of the Tenant in which the resource is located.
time_createdtimestamp with time zoneThe date and time the detector recipe was created.
time_updatedtimestamp with time zoneThe date and time the detector recipe was updated.
titletextTitle of the resource.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- oci

You can pass the configuration to the command with the --config argument:

steampipe_export_oci --config '<your_config>' oci_cloud_guard_detector_recipe