Security Health Analytics Mute Configuration
A Security Health Analytics Mute Configuration in Google Cloud is used to suppress or mute specific security findings generated by Security Health Analytics. It allows administrators to define conditions under which certain findings are ignored, helping reduce noise and focus on high-priority issues. This configuration can be applied at various levels, such as organization, folder, or project, and supports flexible filtering based on finding attributes.
gcp.securitycenter_mute_config
Fields
| Title | ID | Type | Data Type | Description |
|---|
| _key | core | string | |
| ancestors | core | array<string> | |
| create_time | core | timestamp | Output only. The time at which the mute config was created. This field is set by the server and will be ignored if provided on config creation. |
| datadog_display_name | core | string | |
| description | core | string | A description of the mute config. |
| expiry_time | core | timestamp | Optional. The expiry of the mute config. Only applicable for dynamic configs. If the expiry is set, when the config expires, it is removed from all findings. |
| filter | core | string | Required. An expression that defines the filter to apply across create/update events of findings. While creating a filter string, be mindful of the scope in which the mute configuration is being created. E.g., If a filter contains project = X but is created under the project = Y scope, it might not match any findings. The following field and operator combinations are supported: * severity: `=`, `:` * category: `=`, `:` * resource.name: `=`, `:` * resource.project_name: `=`, `:` * resource.project_display_name: `=`, `:` * resource.folders.resource_folder: `=`, `:` * resource.parent_name: `=`, `:` * resource.parent_display_name: `=`, `:` * resource.type: `=`, `:` * finding_class: `=`, `:` * indicator.ip_addresses: `=`, `:` * indicator.domains: `=`, `:` |
| gcp_display_name | core | string | The human readable name to be displayed for the mute config. |
| labels | core | array<string> | |
| most_recent_editor | core | string | Output only. Email address of the user who last edited the mute config. This field is set by the server and will be ignored if provided on config creation or update. |
| name | core | string | This field will be ignored if provided on config creation. Format `organizations/{organization}/muteConfigs/{mute_config}` `folders/{folder}/muteConfigs/{mute_config}` `projects/{project}/muteConfigs/{mute_config}` `organizations/{organization}/locations/global/muteConfigs/{mute_config}` `folders/{folder}/locations/global/muteConfigs/{mute_config}` `projects/{project}/locations/global/muteConfigs/{mute_config}` |
| organization_id | core | string | |
| parent | core | string | |
| project_id | core | string | |
| project_number | core | string | |
| region_id | core | string | |
| resource_name | core | string | |
| tags | core | hstore_csv | |
| type | core | string | Optional. The type of the mute config, which determines what type of mute state the config affects. The static mute state takes precedence over the dynamic mute state. Immutable after creation. STATIC by default if not set during creation. |
| update_time | core | timestamp | Output only. The most recent time at which the mute config was updated. This field is set by the server and will be ignored if provided on config creation or update. |
| zone_id | core | string | |
