bypo
commented
1 month ago Those functions are provided as template and must not be exposed to the public internet. The authentication/authorization is managed directly through Cloud Function (please have a look at this link https://cloud.google.com/functions/docs/securing/authenticating, https://cloud.google.com/functions/docs/securing/managing-access-iam) and VPC-SC should be leveraged to further increase security (https://cloud.google.com/functions/docs/securing/using-vpc-service-controls).
Those functions are provided as sample implementation so feel free to customize/enhance it as you prefer.
Thanks!
L’SQL mostrato è in formato SQL dinamico all’interno di un template di codice JavaScript e utilizza interpolazioni di variabili (${chronicle_tla}, ${sec_late}, ${limit_count}), il che potrebbe potenzialmente esporre il sistema a rischi di SQL Injection se tali variabili non sono sanificate correttamente prima di essere inserite nella query. Se le variabili utilizzate (chronicle_tla, sec_late e limit_count) possono essere manipolate da un utente malintenzionato e non sono validate o sanificate, si potrebbe alterare la logica della query SQL.
const sqlQuery1 =
SELECT principal.hostname as gateway, MAX(metadata.event_timestamp.seconds) as maxtime, count(*) FROM chronicle-?.datalake.events as events WHERE DATE(hour_time_bucket) > DATE_SUB(CURRENT_DATE(), INTERVAL 3 DAY) GROUP BY 1 HAVING count(*) > 1000 AND (unix_seconds(current_timestamp()) - maxtime ) > ? ORDER BY gateway LIMIT ?;// Passare i parametri in modo sicuro const parameters = [chronicle_tla, sec_late, limit_count];