The Google Cloud Security Operations API (Chronicle API) provides endpoints that help analysts investigate and mitigate security threats throughout their lifecycle.
- REST Resource: v1beta.projects.locations.instances
- REST Resource: v1beta.projects.locations.instances.dataAccessLabels
- REST Resource: v1beta.projects.locations.instances.dataAccessScopes
- REST Resource: v1beta.projects.locations.instances.operations
- REST Resource: v1beta.projects.locations.instances.referenceLists
- REST Resource: v1beta.projects.locations.instances.rules
- REST Resource: v1beta.projects.locations.instances.rules.deployments
- REST Resource: v1beta.projects.locations.instances.rules.retrohunts
- REST Resource: v1beta.projects.locations.instances.watchlists
- REST Resource: v1alpha.projects.locations.instances
- REST Resource: v1alpha.projects.locations.instances.alertGroupingRules
- REST Resource: v1alpha.projects.locations.instances.analytics
- REST Resource: v1alpha.projects.locations.instances.analytics.entities.analyticValues
- REST Resource: v1alpha.projects.locations.instances.announcements
- REST Resource: v1alpha.projects.locations.instances.bigQueryAccess
- REST Resource: v1alpha.projects.locations.instances.bigQueryExport
- REST Resource: v1alpha.projects.locations.instances.caseCloseDefinitions
- REST Resource: v1alpha.projects.locations.instances.caseQueueFilters
- REST Resource: v1alpha.projects.locations.instances.caseStageDefinitions
- REST Resource: v1alpha.projects.locations.instances.caseTagDefinitions
- REST Resource: v1alpha.projects.locations.instances.cases
- REST Resource: v1alpha.projects.locations.instances.cases.alerts.contextProperties
- REST Resource: v1alpha.projects.locations.instances.cases.alerts.customFieldValues
- REST Resource: v1alpha.projects.locations.instances.cases.caseAlerts
- REST Resource: v1alpha.projects.locations.instances.cases.caseAlerts.connectorEvents
- REST Resource: v1alpha.projects.locations.instances.cases.caseAlerts.involvedEntities
- REST Resource: v1alpha.projects.locations.instances.cases.caseComments
- REST Resource: v1alpha.projects.locations.instances.cases.caseWallRecords
- REST Resource: v1alpha.projects.locations.instances.cases.chatMessages
- REST Resource: v1alpha.projects.locations.instances.cases.chatMessages.attachments
- REST Resource: v1alpha.projects.locations.instances.cases.chatMessages.legacySoarUsers
- REST Resource: v1alpha.projects.locations.instances.cases.contextProperties
- REST Resource: v1alpha.projects.locations.instances.cases.customFieldValues
- REST Resource: v1alpha.projects.locations.instances.contentHub.contentPacks
- REST Resource: v1alpha.projects.locations.instances.contentHub.featuredContentNativeDashboards
- REST Resource: v1alpha.projects.locations.instances.contentHub.featuredContentRules
- REST Resource: v1alpha.projects.locations.instances.contentHub.featuredContentSearchQueries
- REST Resource: v1alpha.projects.locations.instances.contextProperties
- REST Resource: v1alpha.projects.locations.instances.curatedRuleSetCategories
- REST Resource: v1alpha.projects.locations.instances.curatedRuleSetCategories.curatedRuleSets
- REST Resource: v1alpha.projects.locations.instances.curatedRuleSetCategories.curatedRuleSets.curatedRuleSetDeployments
- REST Resource: v1alpha.projects.locations.instances.curatedRules
- REST Resource: v1alpha.projects.locations.instances.customFields
- REST Resource: v1alpha.projects.locations.instances.customLists
- REST Resource: v1alpha.projects.locations.instances.dashboardCharts
- REST Resource: v1alpha.projects.locations.instances.dashboardQueries
- REST Resource: v1alpha.projects.locations.instances.dashboards
- REST Resource: v1alpha.projects.locations.instances.dataAccessLabels
- REST Resource: v1alpha.projects.locations.instances.dataAccessScopes
- REST Resource: v1alpha.projects.locations.instances.dataExports
- REST Resource: v1alpha.projects.locations.instances.dataTableOperationErrors
- REST Resource: v1alpha.projects.locations.instances.dataTables
- REST Resource: v1alpha.projects.locations.instances.dataTables.dataTableRows
- REST Resource: v1alpha.projects.locations.instances.dataTaps
- REST Resource: v1alpha.projects.locations.instances.dynamicParameters
- REST Resource: v1alpha.projects.locations.instances.emailTemplates
- REST Resource: v1alpha.projects.locations.instances.enrichmentControls
- REST Resource: v1alpha.projects.locations.instances.entities
- REST Resource: v1alpha.projects.locations.instances.entitiesBlocklists
- REST Resource: v1alpha.projects.locations.instances.entityRiskScores
- REST Resource: v1alpha.projects.locations.instances.environmentGroups
- REST Resource: v1alpha.projects.locations.instances.environments
- REST Resource: v1alpha.projects.locations.instances.errorNotificationConfigs
- REST Resource: v1alpha.projects.locations.instances.events
- REST Resource: v1alpha.projects.locations.instances.federationGroups
- REST Resource: v1alpha.projects.locations.instances.feedPacks
- REST Resource: v1alpha.projects.locations.instances.feedServiceAccounts
- REST Resource: v1alpha.projects.locations.instances.feedSourceTypeSchemas
- REST Resource: v1alpha.projects.locations.instances.feedSourceTypeSchemas.logTypeSchemas
- REST Resource: v1alpha.projects.locations.instances.feeds
- REST Resource: v1alpha.projects.locations.instances.findingsGraph
- REST Resource: v1alpha.projects.locations.instances.findingsRefinements
- REST Resource: v1alpha.projects.locations.instances.forwarders
- REST Resource: v1alpha.projects.locations.instances.forwarders.collectors
- REST Resource: v1alpha.projects.locations.instances.ingestionLogLabels
- REST Resource: v1alpha.projects.locations.instances.ingestionLogNamespaces
- REST Resource: v1alpha.projects.locations.instances.integrations
- REST Resource: v1alpha.projects.locations.instances.integrations.actions
- REST Resource: v1alpha.projects.locations.instances.integrations.actions.revisions
- REST Resource: v1alpha.projects.locations.instances.integrations.connectors
- REST Resource: v1alpha.projects.locations.instances.integrations.connectors.connectorInstances
- REST Resource: v1alpha.projects.locations.instances.integrations.connectors.connectorInstances.logs
- REST Resource: v1alpha.projects.locations.instances.integrations.connectors.contextProperties
- REST Resource: v1alpha.projects.locations.instances.integrations.connectors.revisions
- REST Resource: v1alpha.projects.locations.instances.integrations.integrationInstances
- REST Resource: v1alpha.projects.locations.instances.integrations.jobs
- REST Resource: v1alpha.projects.locations.instances.integrations.jobs.contextProperties
- REST Resource: v1alpha.projects.locations.instances.integrations.jobs.jobInstances
- REST Resource: v1alpha.projects.locations.instances.integrations.jobs.jobInstances.logs
- REST Resource: v1alpha.projects.locations.instances.integrations.jobs.revisions
- REST Resource: v1alpha.projects.locations.instances.integrations.managers
- REST Resource: v1alpha.projects.locations.instances.integrations.managers.revisions
- REST Resource: v1alpha.projects.locations.instances.investigations
- REST Resource: v1alpha.projects.locations.instances.investigations.investigationSteps
- REST Resource: v1alpha.projects.locations.instances.iocAssociations
- REST Resource: v1alpha.projects.locations.instances.iocs
- REST Resource: v1alpha.projects.locations.instances.labsExperiments
- REST Resource: v1alpha.projects.locations.instances.labsExperiments.executions
- REST Resource: v1alpha.projects.locations.instances.legacy
- REST Resource: v1alpha.projects.locations.instances.legacyCaseFederationPlatforms
- REST Resource: v1alpha.projects.locations.instances.legacyConfiguration
- REST Resource: v1alpha.projects.locations.instances.legacyFederatedCases
- REST Resource: v1alpha.projects.locations.instances.legacyPlaybooks
- REST Resource: v1alpha.projects.locations.instances.legacyPublisher
- REST Resource: v1alpha.projects.locations.instances.legacySdk
- REST Resource: v1alpha.projects.locations.instances.legacySoarAudit
- REST Resource: v1alpha.projects.locations.instances.legacySoarDashboard
- REST Resource: v1alpha.projects.locations.instances.legacySoarIdpMappingGroups
- REST Resource: v1alpha.projects.locations.instances.legacySoarSettings
- REST Resource: v1alpha.projects.locations.instances.legacySoarUsers
- REST Resource: v1alpha.projects.locations.instances.legacySoarUsers.attachments
- REST Resource: v1alpha.projects.locations.instances.legacySoarUsers.userNotifications
- REST Resource: v1alpha.projects.locations.instances.legacySoarUsers.workdeskContacts
- REST Resource: v1alpha.projects.locations.instances.legacySoarUsers.workdeskLinks
- REST Resource: v1alpha.projects.locations.instances.legacySoarUsers.workdeskNotes
- REST Resource: v1alpha.projects.locations.instances.legacySystem
- REST Resource: v1alpha.projects.locations.instances.legacySystemMetadata
- REST Resource: v1alpha.projects.locations.instances.logTypes
- REST Resource: v1alpha.projects.locations.instances.logTypes.logTypeSettings
- REST Resource: v1alpha.projects.locations.instances.logTypes.logs
- REST Resource: v1alpha.projects.locations.instances.logTypes.parserExtensions
- REST Resource: v1alpha.projects.locations.instances.logTypes.parserExtensions.extensionValidationReports
- REST Resource: v1alpha.projects.locations.instances.logTypes.parserExtensions.extensionValidationReports.validationErrors
- REST Resource: v1alpha.projects.locations.instances.logTypes.parserExtensions.validationReports
- REST Resource: v1alpha.projects.locations.instances.logTypes.parserExtensions.validationReports.parsingErrors
- REST Resource: v1alpha.projects.locations.instances.logTypes.parsers
- REST Resource: v1alpha.projects.locations.instances.logTypes.parsers.validationReports
- REST Resource: v1alpha.projects.locations.instances.logTypes.parsers.validationReports.parsingErrors
- REST Resource: v1alpha.projects.locations.instances.logs
- REST Resource: v1alpha.projects.locations.instances.marketplaceIntegrations
- REST Resource: v1alpha.projects.locations.instances.moduleSettings
- REST Resource: v1alpha.projects.locations.instances.moduleSettings.properties
- REST Resource: v1alpha.projects.locations.instances.nativeDashboards
- REST Resource: v1alpha.projects.locations.instances.notebooks
- REST Resource: v1alpha.projects.locations.instances.ontologyRecords
- REST Resource: v1alpha.projects.locations.instances.ontologyRecords.mappingRules
- REST Resource: v1alpha.projects.locations.instances.ontologyRecords.visualFamilies
- REST Resource: v1alpha.projects.locations.instances.operations
- REST Resource: v1alpha.projects.locations.instances.propertySchemaDefinitions
- REST Resource: v1alpha.projects.locations.instances.referenceLists
- REST Resource: v1alpha.projects.locations.instances.remoteAgents
- REST Resource: v1alpha.projects.locations.instances.requestTemplates
- REST Resource: v1alpha.projects.locations.instances.ruleExecutionErrors
- REST Resource: v1alpha.projects.locations.instances.rules
- REST Resource: v1alpha.projects.locations.instances.rules.deployments
- REST Resource: v1alpha.projects.locations.instances.rules.retrohunts
- REST Resource: v1alpha.projects.locations.instances.slaDefinitions
- REST Resource: v1alpha.projects.locations.instances.soarDomains
- REST Resource: v1alpha.projects.locations.instances.soarNetworks
- REST Resource: v1alpha.projects.locations.instances.socRoles
- REST Resource: v1alpha.projects.locations.instances.tasks
- REST Resource: v1alpha.projects.locations.instances.threatCollections
- REST Resource: v1alpha.projects.locations.instances.uniqueEntities
- REST Resource: v1alpha.projects.locations.instances.users
- REST Resource: v1alpha.projects.locations.instances.users.conversations
- REST Resource: v1alpha.projects.locations.instances.users.conversations.messages
- REST Resource: v1alpha.projects.locations.instances.users.searchQueries
- REST Resource: v1alpha.projects.locations.instances.watchlists
- REST Resource: v1alpha.projects.locations.instances.watchlists.entities
- REST Resource: v1alpha.projects.locations.instances.webhooks
- REST Resource: v1.projects.locations.instances
- REST Resource: v1.projects.locations.instances.dataAccessLabels
- REST Resource: v1.projects.locations.instances.dataAccessScopes
- REST Resource: v1.projects.locations.instances.operations
- REST Resource: v1.projects.locations.instances.referenceLists
- REST Resource: v1.projects.locations.instances.rules
- REST Resource: v1.projects.locations.instances.rules.deployments
- REST Resource: v1.projects.locations.instances.rules.retrohunts
- REST Resource: v1.projects.locations.instances.watchlists
Service: chronicle.googleapis.com
Service endpoint
A service endpoint is the base URL that specifies the network address of an API service. A single service can have multiple service endpoints. Chronicle is a regional service and only supports regional endpoints. Requests sent to the global chronicle.googleapis.com
endpoint will fail with a `404` error. To find your regional endpoint, see Regional service endpoint.
Regional service endpoint
A regional service endpoint is a base URL that specifies the network address of an API service in a single region. A service that is available in multiple regions might have multiple regional endpoints. Select a location to see its regional service endpoint for this service.
REST Resource: v1beta.projects.locations.instances
Methods | |
---|---|
get |
GET /v1beta/{name} Gets a Instance. |
REST Resource: v1beta.projects.locations.instances.dataAccessLabels
Methods | |
---|---|
create |
POST /v1beta/{parent}/dataAccessLabels Creates a data access label. |
delete |
DELETE /v1beta/{name} Deletes a data access label. |
get |
GET /v1beta/{name} Gets a data access label. |
list |
GET /v1beta/{parent}/dataAccessLabels Lists all data access labels for the customer. |
patch |
PATCH /v1beta/{dataAccessLabel.name} Updates a data access label. |
REST Resource: v1beta.projects.locations.instances.dataAccessScopes
Methods | |
---|---|
create |
POST /v1beta/{parent}/dataAccessScopes Creates a data access scope. |
delete |
DELETE /v1beta/{name} Deletes a data access scope. |
get |
GET /v1beta/{name} Retrieves an existing data access scope. |
list |
GET /v1beta/{parent}/dataAccessScopes Lists all existing data access scopes for the customer. |
patch |
PATCH /v1beta/{dataAccessScope.name} Updates a data access scope. |
REST Resource: v1beta.projects.locations.instances.operations
Methods | |
---|---|
cancel |
POST /v1beta/{name}:cancel Starts asynchronous cancellation on a long-running operation. |
delete |
DELETE /v1beta/{name} Deletes a long-running operation. |
get |
GET /v1beta/{name} Gets the latest state of a long-running operation. |
list |
GET /v1beta/{name}/operations Lists operations that match the specified filter in the request. |
REST Resource: v1beta.projects.locations.instances.referenceLists
Methods | |
---|---|
create |
POST /v1beta/{parent}/referenceLists Creates a new reference list. |
get |
GET /v1beta/{name} Gets a single reference list. |
list |
GET /v1beta/{parent}/referenceLists Lists a collection of reference lists. |
patch |
PATCH /v1beta/{referenceList.name} Updates an existing reference list. |
REST Resource: v1beta.projects.locations.instances.rules
Methods | |
---|---|
create |
POST /v1beta/{parent}/rules Creates a new Rule. |
delete |
DELETE /v1beta/{name} Deletes a Rule. |
get |
GET /v1beta/{name} Gets a Rule. |
getDeployment |
GET /v1beta/{name} Gets a RuleDeployment. |
list |
GET /v1beta/{parent}/rules Lists Rules. |
listRevisions |
GET /v1beta/{name}:listRevisions Lists all revisions of the rule. |
patch |
PATCH /v1beta/{rule.name} Updates a Rule. |
updateDeployment |
PATCH /v1beta/{ruleDeployment.name} Updates a RuleDeployment. |
REST Resource: v1beta.projects.locations.instances.rules.deployments
Methods | |
---|---|
list |
GET /v1beta/{parent}/deployments Lists RuleDeployments across all Rules. |
REST Resource: v1beta.projects.locations.instances.rules.retrohunts
Methods | |
---|---|
create |
POST /v1beta/{parent}/retrohunts Create a Retrohunt. |
get |
GET /v1beta/{name} Get a Retrohunt. |
list |
GET /v1beta/{parent}/retrohunts List Retrohunts. |
REST Resource: v1beta.projects.locations.instances.watchlists
Methods | |
---|---|
create |
POST /v1beta/{parent}/watchlists Creates a watchlist for the given instance. |
delete |
DELETE /v1beta/{name} Deletes the watchlist for the given instance. |
get |
GET /v1beta/{name} Gets watchlist details for the given watchlist ID. |
list |
GET /v1beta/{parent}/watchlists Lists all watchlists for the given instance. |
patch |
PATCH /v1beta/{watchlist.name} Updates the watchlist for the given instance. |
REST Resource: v1alpha.projects.locations.instances
Methods | |
---|---|
batchValidateWatchlistEntities |
POST /v1alpha/{parent}:batchValidateWatchlistEntities Validates a batch of entities that could be added into watchlist under an instance. |
computeAllFindingsRefinementActivities |
POST /v1alpha/{instance}:computeAllFindingsRefinementActivities Returns findings refinement activity for all findings refinements. |
continuePocGraduation |
POST /v1alpha/{name}:continuePocGraduation ContinuePocGraduation verifies and proceeds graduation. |
countAllCuratedRuleSetDetections |
POST /v1alpha/{instance}:countAllCuratedRuleSetDetections Count detections across all curated rule sets. |
createFeedback |
POST /v1alpha/{instance}:createFeedback RPC to submit user feedback on content generated by AI services. |
delete |
DELETE /v1alpha/{name} DeleteInstance deletes an Instance. |
extractSyslog |
POST /v1alpha/{instance}:extractSyslog ExtractSyslog extracts structured part of log from a unstructured log by running a grok regex over it. |
fetchFederationAccess |
GET /v1alpha/{name}:fetchFederationAccess FetchFederationAccess method lists all the instances the authenticated user has access to and the operations they can perform over these instances. |
findEntity |
GET /v1alpha/{instance}:findEntity Identifies the entity type and retrieves relevant data associated with a specified indicator. |
findEntityAlerts |
GET /v1alpha/{instance}:findEntityAlerts Get alerts for an entity |
findRelatedEntities |
GET /v1alpha/{instance}:findRelatedEntities Finds all the entities associated with provided entity. |
findUdmFieldValues |
GET /v1alpha/{instance}:findUdmFieldValues Finds ingested UDM field values that match a query. |
generateCollectionAgentAuth |
POST /v1alpha/{name}:generateCollectionAgentAuth GenerateCollectionAgentAuth generates an auth json file for the collection agent. |
generateSoarAuthJwt |
POST /v1alpha/{name}:generateSoarAuthJwt GenerateSoarAuthJwt signs a jwt in order to proceed with jwt exchange based authenticate with soar. |
generateSoarChatMessage |
POST /v1alpha/{instance}:generateSoarChatMessage Generates a SOAR chat message based on the given intent. |
generateUdmKeyValueMappings |
POST /v1alpha/{instance}:generateUdmKeyValueMappings GenerateUDMKeyValueMappings generates key value mapping of a raw log. |
generateWorkspaceConnectionToken |
POST /v1alpha/{name}:generateWorkspaceConnectionToken Generates a token that can be used to connect a workspace customer to a chronicle instance |
get |
GET /v1alpha/{name} Gets a Instance. |
getBigQueryExport |
GET /v1alpha/{name} Get the BigQuery export configuration for a Chronicle instance. |
getMultitenantDirectory |
GET /v1alpha/{name} Gets the super and subtenants and gets the current tenant name. |
getRiskConfig |
GET /v1alpha/{name} Queries the instance to get the Risk Configurations used for the computation of Entity Risk Score. |
getThreatCollectionFilterSet |
GET /v1alpha/{name} Get the set of threat collection filter options. |
graduatePocInstance |
POST /v1alpha/{name}:graduatePocInstance GraduatePocInstance graduates an instance. |
legacyCaseFederationPlatforms |
GET /v1alpha/{parent}/legacyCaseFederationPlatforms Legacy endpoint for listing case federation platforms. |
legacySystemMetadata |
GET /v1alpha/{instance}/legacySystemMetadata Legacy Get System Metadata. |
listAllFindingsRefinementDeployments |
GET /v1alpha/{instance}:listAllFindingsRefinementDeployments Lists all findings refinement deployments. |
patch |
PATCH /v1alpha/{instance.name} Updates an Instance. |
queryProductSourceStats |
GET /v1alpha/{instance}:queryProductSourceStats Gets available product sources along with their stats. |
searchEntities |
GET /v1alpha/{instance}:searchEntities Identifies the entity type and retrieves relevant data associated with a specified indicator. |
searchRawLogs |
POST /v1alpha/{instance}:searchRawLogs Api to get events, entities, or unparsed raw logs matching the given raw log query. |
submitResponseFeedback |
POST /v1alpha/{instance}:submitResponseFeedback Submits a Response Feedback. |
summarizeEntitiesFromQuery |
GET /v1alpha/{instance}:summarizeEntitiesFromQuery Parses the query and identifies the entities contained within the search query. |
summarizeEntity |
GET /v1alpha/{instance}:summarizeEntity Returns all entity data over specified time. |
testFindingsRefinement |
POST /v1alpha/{instance}:testFindingsRefinement Tests for and returns past activity for a findings refinement, including, potentially, times when the findings refinement was not yet created. |
translateUdmQuery |
POST /v1alpha/{instance}:translateUdmQuery Translate natural language to a UDM Search query. |
translateYlRule |
POST /v1alpha/{instance}:translateYlRule Translate natural language to a Yara-L rule. |
udmSearch |
GET /v1alpha/{instance}:udmSearch Performs a UDM search that returns matching events for the query. |
undelete |
POST /v1alpha/{name}:undelete UndeleteInstance undeletes a soft-deleted Instance. |
updateBigQueryExport |
PATCH /v1alpha/{bigQueryExport.name} Update the BigQuery export configuration for a Chronicle instance. |
updateRiskConfig |
PATCH /v1alpha/{riskConfig.name} Updates RiskConfig used for the computation of Entity Risk Score. |
validateQuery |
GET /v1alpha/{instance}:validateQuery Validates UDM search query by compiling the query. |
verifyNonce |
POST /v1alpha/{name}:verifyNonce Verifies the nonce used to graduate an instance. |
verifyReferenceList |
POST /v1alpha/{instance}:verifyReferenceList VerifyReferenceList validates list content and returns line errors, if any. |
verifyRuleText |
POST /v1alpha/{instance}:verifyRuleText Verifies the given rule text. |
REST Resource: v1alpha.projects.locations.instances.alertGroupingRules
Methods | |
---|---|
create |
POST /v1alpha/{parent}/alertGroupingRules Create a AlertGroupingRule. |
delete |
DELETE /v1alpha/{name} Delete a AlertGroupingRule. |
get |
GET /v1alpha/{name} Get a AlertGroupingRule. |
list |
GET /v1alpha/{parent}/alertGroupingRules List page of AlertGroupingRules. |
patch |
PATCH /v1alpha/{alertGroupingRule.name} Update a AlertGroupingRule. |
REST Resource: v1alpha.projects.locations.instances.analytics
Methods | |
---|---|
list |
GET /v1alpha/{parent}/analytics Lists all supported analytics for APIs which can filter by analytic type, such as ListAnalyticValues. |
REST Resource: v1alpha.projects.locations.instances.analytics.entities.analyticValues
Methods | |
---|---|
list |
GET /v1alpha/{parent}/analyticValues Lists analytic values. |
REST Resource: v1alpha.projects.locations.instances.announcements
Methods | |
---|---|
create |
POST /v1alpha/{parent}/announcements Create an Announcement. |
delete |
DELETE /v1alpha/{name} Delete an Announcement. |
get |
GET /v1alpha/{name} Get an Announcement. |
list |
GET /v1alpha/{parent}/announcements List page of Announcements. |
patch |
PATCH /v1alpha/{announcement.name} Update an Announcement. |
REST Resource: v1alpha.projects.locations.instances.bigQueryAccess
Methods | |
---|---|
provide |
POST /v1alpha/{parent}/bigQueryAccess:provide Provide BigQuery access for the given email. |
REST Resource: v1alpha.projects.locations.instances.bigQueryExport
Methods | |
---|---|
provision |
POST /v1alpha/{parent}/bigQueryExport:provision Provision the BigQuery export for a Chronicle instance. |
REST Resource: v1alpha.projects.locations.instances.caseCloseDefinitions
Methods | |
---|---|
create |
POST /v1alpha/{parent}/caseCloseDefinitions Creates a CaseCloseDefinition. |
delete |
DELETE /v1alpha/{name} Deletes a CaseCloseDefinition. |
get |
GET /v1alpha/{name} Gets a CaseCloseDefinition. |
list |
GET /v1alpha/{parent}/caseCloseDefinitions Lists CaseCloseDefinitions. |
patch |
PATCH /v1alpha/{caseCloseDefinition.name} Updates a CaseCloseDefinition. |
REST Resource: v1alpha.projects.locations.instances.caseQueueFilters
Methods | |
---|---|
create |
POST /v1alpha/{parent}/caseQueueFilters Create a CaseQueueFilter. |
delete |
DELETE /v1alpha/{name} Delete a CaseQueueFilter. |
get |
GET /v1alpha/{name} Get a CaseQueueFilter. |
getShareConfig |
GET /v1alpha/{name} Get a ShareConfig. |
list |
GET /v1alpha/{parent}/caseQueueFilters Lists CaseQueueFilters. |
patch |
PATCH /v1alpha/{caseQueueFilter.name} Update a CaseQueueFilter. |
updateShareConfig |
PATCH /v1alpha/{shareConfig.name} Update a ShareConfig. |
REST Resource: v1alpha.projects.locations.instances.caseStageDefinitions
Methods | |
---|---|
create |
POST /v1alpha/{parent}/caseStageDefinitions Create a stages available for case management. |
delete |
DELETE /v1alpha/{name} Delete a stages available for case management. |
get |
GET /v1alpha/{name} Get specific stage available for case management. |
list |
GET /v1alpha/{parent}/caseStageDefinitions Lists all stages available for case management. |
patch |
PATCH /v1alpha/{caseStageDefinition.name} Update a stages available for case management. |
REST Resource: v1alpha.projects.locations.instances.caseTagDefinitions
Methods | |
---|---|
create |
POST /v1alpha/{parent}/caseTagDefinitions Create a CaseTagDefinition. |
delete |
DELETE /v1alpha/{name} Delete a CaseTagDefinition. |
get |
GET /v1alpha/{name} Get a CaseTagDefinition. |
import |
POST /v1alpha/{parent}/caseTagDefinitions:import Import CaseTagDefinitions. |
list |
GET /v1alpha/{parent}/caseTagDefinitions Lists CaseTagDefinitions. |
patch |
PATCH /v1alpha/{caseTagDefinition.name} Update a CaseTagDefinition. |
REST Resource: v1alpha.projects.locations.instances.cases
Methods | |
---|---|
addTag |
POST /v1alpha/{name}:addTag Add a case tag. |
countPriorities |
GET /v1alpha/{parent}/cases:countPriorities Count a selection of cases by priority. |
createInsight |
POST /v1alpha/{name}:createInsight Add a case insight. |
executeBulkAddTag |
POST /v1alpha/{parent}/cases:executeBulkAddTag Add cases tags in bulk. |
executeBulkAssign |
POST /v1alpha/{parent}/cases:executeBulkAssign Assign cases in bulk. |
executeBulkChangePriority |
POST /v1alpha/{parent}/cases:executeBulkChangePriority Change cases priority in bulk. |
executeBulkChangeStage |
POST /v1alpha/{parent}/cases:executeBulkChangeStage Add cases stage in bulk. |
executeBulkClose |
POST /v1alpha/{parent}/cases:executeBulkClose Close cases in bulk. |
executeBulkReopen |
POST /v1alpha/{parent}/cases:executeBulkReopen Reopen cases in bulk. |
generateReport |
POST /v1alpha/{name}:generateReport Generate case report. |
get |
GET /v1alpha/{name} Get a case. |
getCaseOverviewData |
GET /v1alpha/{name}:caseOverviewData Get case overview. |
list |
GET /v1alpha/{parent}/cases Lists cases. |
merge |
POST /v1alpha/{parent}/cases:merge Merge cases. |
patch |
PATCH /v1alpha/{case.name} Update a case. |
pauseSla |
POST /v1alpha/{name}:pauseSla Pause case SLA. |
removeTag |
POST /v1alpha/{name}:removeTag Remove a case tag. |
resolveOverviewWidget |
GET /v1alpha/{name}:resolveOverviewWidget Resolve case overview widget. |
resumeSla |
POST /v1alpha/{name}:resumeSla Resume case SLA. |
REST Resource: v1alpha.projects.locations.instances.cases.alerts.contextProperties
Methods | |
---|---|
clearAll |
POST /v1alpha/{parent}/contextProperties:clearAll The method clears all context-properties set on a specific context. |
create |
POST /v1alpha/{parent}/contextProperties Create a context-property. |
delete |
DELETE /v1alpha/{name} Delete a context-property. |
get |
GET /v1alpha/{name} Get a context-property. |
list |
GET /v1alpha/{parent}/contextProperties List context-properties. |
patch |
PATCH /v1alpha/{contextProperty.name} Update a context-property. |
REST Resource: v1alpha.projects.locations.instances.cases.alerts.customFieldValues
Methods | |
---|---|
batchUpdate |
POST /v1alpha/{parent}/customFieldValues:batchUpdate Batch update CustomFieldValues. |
get |
GET /v1alpha/{name} Get a CustomFieldValue. |
list |
GET /v1alpha/{parent}/customFieldValues Lists CustomFieldValues. |
patch |
PATCH /v1alpha/{customFieldValue.name} Update a CustomFieldValue. |
REST Resource: v1alpha.projects.locations.instances.cases.caseAlerts
Methods | |
---|---|
get |
GET /v1alpha/{name} Get a CaseAlert. |
getAlertOverviewData |
GET /v1alpha/{name}:alertOverviewData Get alert overview. |
list |
GET /v1alpha/{parent}/caseAlerts List CaseAlerts. |
move |
POST /v1alpha/{name}:move Move CaseAlert to a different case. |
patch |
PATCH /v1alpha/{caseAlert.name} Update a CaseAlert. |
pauseSla |
POST /v1alpha/{name}:pauseSla Pause a CaseAlert SLA. |
resolveOverviewWidget |
GET /v1alpha/{name}:resolveOverviewWidget Resolve alert overview widget. |
resumeSla |
POST /v1alpha/{name}:resumeSla Resume a CaseAlert SLA. |
setSla |
POST /v1alpha/{name}:setSla Set CaseAlert SLA. |
REST Resource: v1alpha.projects.locations.instances.cases.caseAlerts.connectorEvents
Methods | |
---|---|
get |
GET /v1alpha/{name} Get a ConnectorEvent. |
getFormatted |
GET /v1alpha/{parent}/connectorEvents:formatted Get a formatted ConnectorEvents for a given case/alert. |
list |
GET /v1alpha/{parent}/connectorEvents List page of ConnectorEvents. |
REST Resource: v1alpha.projects.locations.instances.cases.caseAlerts.involvedEntities
Methods | |
---|---|
addProperty |
POST /v1alpha/{name}:addProperty Add a property to an InvolvedEntity. |
create |
POST /v1alpha/{parent}/involvedEntities Create an InvolvedEntity. |
fetchCards |
GET /v1alpha/{parent}/involvedEntities:fetchCards Fetch invloved entities cards. |
get |
GET /v1alpha/{name} Get an InvolvedEntity. |
list |
GET /v1alpha/{parent}/involvedEntities Lists InvolvedEntities. |
patch |
PATCH /v1alpha/{involvedEntity.name} Update an InvolvedEntity. |
updateProperty |
POST /v1alpha/{name}:updateProperty Update a property of an InvolvedEntity. |
REST Resource: v1alpha.projects.locations.instances.cases.caseComments
Methods | |
---|---|
create |
POST /v1alpha/{parent}/caseComments Create a CaseComment. |
delete |
DELETE /v1alpha/{name} Delete a CaseComment. |
get |
GET /v1alpha/{name} Get a CaseComment. |
list |
GET /v1alpha/{parent}/caseComments Lists CaseComments. |
patch |
PATCH /v1alpha/{caseComment.name} Update a CaseComment. |
REST Resource: v1alpha.projects.locations.instances.cases.caseWallRecords
Methods | |
---|---|
favorite |
PATCH /v1alpha/{favoriteRequest.name}:favorite Set a wall item as a favorite one. |
fetchActivitiesCount |
GET /v1alpha/{parent}/caseWallRecords:fetchActivitiesCount Fetches the count of activities for a given type. |
get |
GET /v1alpha/{name} Get a CaseWallRecord. |
list |
GET /v1alpha/{parent} Lists CaseWallRecords. |
REST Resource: v1alpha.projects.locations.instances.cases.chatMessages
Methods | |
---|---|
create |
POST /v1alpha/{parent}/chatMessages Creates a Case-chat message. |
get |
GET /v1alpha/{name} Gets a Case-chat message. |
list |
GET /v1alpha/{parent}/chatMessages Lists all Case-chat messages for a given case. |
pinMessage |
POST /v1alpha/{name}:pinMessage Pins a Case-chat message to the case wall. |
unpinMessage |
POST /v1alpha/{name}:unpinMessage Unpins a Case-chat message from the case wall. |
upload |
POST /v1alpha/{parent}/chatMessages:createWithAttachment POST /upload/v1alpha/{parent}/chatMessages:createWithAttachment Creates a Case-chat message with an attachment. |
REST Resource: v1alpha.projects.locations.instances.cases.chatMessages.attachments
Methods | |
---|---|
download |
GET /v1alpha/{name}:download Downloads a Case-chat message attachment. |
REST Resource: v1alpha.projects.locations.instances.cases.chatMessages.legacySoarUsers
Methods | |
---|---|
unreadMessagesCount |
GET /v1alpha/{parent}:unreadMessagesCount Gets the amount of unread messages for current user |
REST Resource: v1alpha.projects.locations.instances.cases.contextProperties
Methods | |
---|---|
clearAll |
POST /v1alpha/{parent}/contextProperties:clearAll The method clears all context-properties set on a specific context. |
create |
POST /v1alpha/{parent}/contextProperties Create a context-property. |
delete |
DELETE /v1alpha/{name} Delete a context-property. |
get |
GET /v1alpha/{name} Get a context-property. |
list |
GET /v1alpha/{parent}/contextProperties List context-properties. |
patch |
PATCH /v1alpha/{contextProperty.name} Update a context-property. |
REST Resource: v1alpha.projects.locations.instances.cases.customFieldValues
Methods | |
---|---|
batchUpdate |
POST /v1alpha/{parent}/customFieldValues:batchUpdate Batch update CustomFieldValues. |
get |
GET /v1alpha/{name} Get a CustomFieldValue. |
list |
GET /v1alpha/{parent}/customFieldValues Lists CustomFieldValues. |
patch |
PATCH /v1alpha/{customFieldValue.name} Update a CustomFieldValue. |
REST Resource: v1alpha.projects.locations.instances.contentHub.contentPacks
Methods | |
---|---|
add |
POST /v1alpha/{parent}:add Create a ContentPack. |
alignPlaybooks |
POST /v1alpha/{name}:alignPlaybooks Align Playbooks from a Content Pack. |
delete |
DELETE /v1alpha/{name} Delete a ContentPack. |
deployConnectorInstances |
POST /v1alpha/{name}:deployConnectorInstances Install Connector Instances from a Content Pack. |
deployPlaybooks |
POST /v1alpha/{name}:deployPlaybooks Install Playbooks from a Content Pack. |
deployTestCases |
POST /v1alpha/{name}:deployTestCases Install test cases. |
download |
GET /v1alpha/{name}:exportPack Export Content Pack. |
get |
GET /v1alpha/{name} Get a ContentPack. |
installIntegration |
POST /v1alpha/{name}:installIntegration Install integration. |
list |
GET /v1alpha/{parent} Lists ContentPacks. |
markAsDeployed |
POST /v1alpha/{name}:markAsDeployed Mark Content Pack as deployed. |
upload |
POST /v1alpha/{parent}/contentPacks:importPack POST /upload/v1alpha/{parent}/contentPacks:importPack Import Content Pack. |
REST Resource: v1alpha.projects.locations.instances.contentHub.featuredContentNativeDashboards
Methods | |
---|---|
get |
GET /v1alpha/{name} Get a native dashboard featured content. |
install |
POST /v1alpha/{name}:install Install a native dashboard featured content. |
list |
GET /v1alpha/{parent}/featuredContentNativeDashboards List all native dashboards featured content. |
REST Resource: v1alpha.projects.locations.instances.contentHub.featuredContentRules
Methods | |
---|---|
list |
GET /v1alpha/{parent}/featuredContentRules Lists FeaturedContentRules |
REST Resource: v1alpha.projects.locations.instances.contentHub.featuredContentSearchQueries
Methods | |
---|---|
get |
GET /v1alpha/{name} Get a search featured content. |
installFeaturedContentSearchQuery |
POST /v1alpha/{name} Install a search featured content. |
list |
GET /v1alpha/{parent}/featuredContentSearchQueries List all searches featured content. |
REST Resource: v1alpha.projects.locations.instances.contextProperties
Methods | |
---|---|
clearAll |
POST /v1alpha/{parent}/contextProperties:clearAll The method clears all context-properties set on a specific context. |
create |
POST /v1alpha/{parent}/contextProperties Create a context-property. |
delete |
DELETE /v1alpha/{name} Delete a context-property. |
get |
GET /v1alpha/{name} Get a context-property. |
list |
GET /v1alpha/{parent}/contextProperties List context-properties. |
patch |
PATCH /v1alpha/{contextProperty.name} Update a context-property. |
REST Resource: v1alpha.projects.locations.instances.curatedRuleSetCategories
Methods | |
---|---|
get |
GET /v1alpha/{name} Gets a CuratedRuleSetCategory. |
list |
GET /v1alpha/{parent}/curatedRuleSetCategories Lists CuratedRuleSetCategories. |
REST Resource: v1alpha.projects.locations.instances.curatedRuleSetCategories.curatedRuleSets
Methods | |
---|---|
countCuratedRuleSetDetections |
POST /v1alpha/{name}:countCuratedRuleSetDetections Counts the detections generated by a CuratedRuleSet. |
get |
GET /v1alpha/{name} Gets a CuratedRuleSet. |
list |
GET /v1alpha/{parent}/curatedRuleSets Lists CuratedRuleSets. |
REST Resource: v1alpha.projects.locations.instances.curatedRuleSetCategories.curatedRuleSets.curatedRuleSetDeployments
Methods | |
---|---|
batchUpdate |
POST /v1alpha/{parent}/curatedRuleSetDeployments:batchUpdate Update multiple deployments of curated rule sets. |
get |
GET /v1alpha/{name} Get a deployment of a curated rule set. |
list |
GET /v1alpha/{parent}/curatedRuleSetDeployments Lists deployments for a curated rule set. |
patch |
PATCH /v1alpha/{curatedRuleSetDeployment.name} Update a deployment of a curated rule set. |
REST Resource: v1alpha.projects.locations.instances.curatedRules
Methods | |
---|---|
get |
GET /v1alpha/{name} Gets a CuratedRule. |
list |
GET /v1alpha/{parent}/curatedRules Lists CuratedRules. |
REST Resource: v1alpha.projects.locations.instances.customFields
Methods | |
---|---|
batchGet |
GET /v1alpha/{parent}/customFields:batchGet Batch gets multiple CustomFields. |
create |
POST /v1alpha/{parent}/customFields Create a CustomField. |
delete |
DELETE /v1alpha/{name} Delete a CustomField. |
get |
GET /v1alpha/{name} Get a CustomField. |
list |
GET /v1alpha/{parent}/customFields Lists custom fields. |
patch |
PATCH /v1alpha/{customField.name} Update a CustomField. |
REST Resource: v1alpha.projects.locations.instances.customLists
Methods | |
---|---|
batchDelete |
POST /v1alpha/{parent}/customLists:batchDelete Batch delete custom lists by custom lists names. |
create |
POST /v1alpha/{parent}/customLists Create a CustomList. |
delete |
DELETE /v1alpha/{name} Delete a custom list. |
export |
POST /v1alpha/{parent}/customLists:export Export custom lists by custom lists names. |
get |
GET /v1alpha/{name} Get a CustomList. |
import |
POST /v1alpha/{parent}/customLists:import Import custom lists from CSV file. |
list |
GET /v1alpha/{parent}/customLists List all CustomLists. |
patch |
PATCH /v1alpha/{customList.name} Update a CustomList. |
REST Resource: v1alpha.projects.locations.instances.dashboardCharts
Methods | |
---|---|
batchGet |
GET /v1alpha/{parent}/dashboardCharts:batchGet Get dashboard charts in batches. |
get |
GET /v1alpha/{name} Get a dashboard chart. |
REST Resource: v1alpha.projects.locations.instances.dashboardQueries
Methods | |
---|---|
execute |
POST /v1alpha/{parent}/dashboardQueries:execute Execute a query and return the data. |
get |
GET /v1alpha/{name} Get a dashboard query. |
REST Resource: v1alpha.projects.locations.instances.dashboards
Methods | |
---|---|
copy |
POST /v1alpha/{name}:copy Copy a dashboard of one type to a dashbooard of another type. |
create |
POST /v1alpha/{parent}/dashboards Create a dashboard. |
delete |
DELETE /v1alpha/{name} Delete a dashboard. |
get |
GET /v1alpha/{name} Get a dashboard. |
list |
GET /v1alpha/{parent}/dashboards List all dashboards. |
REST Resource: v1alpha.projects.locations.instances.dataAccessLabels
Methods | |
---|---|
create |
POST /v1alpha/{parent}/dataAccessLabels Creates a data access label. |
delete |
DELETE /v1alpha/{name} Deletes a data access label. |
get |
GET /v1alpha/{name} Gets a data access label. |
list |
GET /v1alpha/{parent}/dataAccessLabels Lists all data access labels for the customer. |
patch |
PATCH /v1alpha/{dataAccessLabel.name} Updates a data access label. |
REST Resource: v1alpha.projects.locations.instances.dataAccessScopes
Methods | |
---|---|
create |
POST /v1alpha/{parent}/dataAccessScopes Creates a data access scope. |
delete |
DELETE /v1alpha/{name} Deletes a data access scope. |
get |
GET /v1alpha/{name} Retrieves an existing data access scope. |
list |
GET /v1alpha/{parent}/dataAccessScopes Lists all existing data access scopes for the customer. |
patch |
PATCH /v1alpha/{dataAccessScope.name} Updates a data access scope. |
REST Resource: v1alpha.projects.locations.instances.dataExports
Methods | |
---|---|
cancel |
POST /v1alpha/{name}:cancel Cancels a DataExport. |
create |
POST /v1alpha/{parent}/dataExports Creates a new DataExport. |
fetchavailablelogtypes |
POST /v1alpha/{parent}/dataExports:fetchavailablelogtypes Fetches available log types for export. |
get |
GET /v1alpha/{name} Gets a DataExport. |
REST Resource: v1alpha.projects.locations.instances.dataTableOperationErrors
Methods | |
---|---|
get |
GET /v1alpha/{name} Get the error for a data table operation. |
REST Resource: v1alpha.projects.locations.instances.dataTables
Methods | |
---|---|
create |
POST /v1alpha/{parent}/dataTables Create a new data table. |
delete |
DELETE /v1alpha/{name} Delete data table. |
get |
GET /v1alpha/{name} Get data table info. |
list |
GET /v1alpha/{parent}/dataTables List data tables. |
patch |
PATCH /v1alpha/{dataTable.name} Update data table. |
upload |
POST /v1alpha/{parent}/dataTables:bulkCreateDataTableAsync POST /upload/v1alpha/{parent}/dataTables:bulkCreateDataTableAsync Create data table from a bulk file. |
REST Resource: v1alpha.projects.locations.instances.dataTables.dataTableRows
Methods | |
---|---|
bulkCreate |
POST /v1alpha/{parent}/dataTableRows:bulkCreate Create data table rows in bulk. |
bulkCreateAsync |
POST /v1alpha/{parent}/dataTableRows:bulkCreateAsync Create data table rows in bulk asynchronously. |
bulkGet |
POST /v1alpha/{parent}/dataTableRows:bulkGet Get data table rows in bulk. |
bulkReplace |
POST /v1alpha/{parent}/dataTableRows:bulkReplace Replace all existing data table rows with new data table rows. |
bulkReplaceAsync |
POST /v1alpha/{parent}/dataTableRows:bulkReplaceAsync Replace all existing data table rows with new data table rows asynchronously. |
bulkUpdate |
POST /v1alpha/{parent}/dataTableRows:bulkUpdate Update data table rows in bulk. |
bulkUpdateAsync |
POST /v1alpha/{parent}/dataTableRows:bulkUpdateAsync Update data table rows in bulk asynchronously. |
create |
POST /v1alpha/{parent}/dataTableRows Create a new data table row. |
delete |
DELETE /v1alpha/{name} Delete data table row. |
get |
GET /v1alpha/{name} Get data table row |
list |
GET /v1alpha/{parent}/dataTableRows List data table rows. |
patch |
PATCH /v1alpha/{dataTableRow.name} Update data table row |
REST Resource: v1alpha.projects.locations.instances.dataTaps
Methods | |
---|---|
create |
POST /v1alpha/{parent}/dataTaps Creates a DataTap. |
delete |
DELETE /v1alpha/{name} Deletes a DataTap. |
get |
GET /v1alpha/{name} Gets a DataTap. |
list |
GET /v1alpha/{parent}/dataTaps Lists DataTaps. |
patch |
PATCH /v1alpha/{dataTap.name} Updates a DataTap. |
REST Resource: v1alpha.projects.locations.instances.dynamicParameters
Methods | |
---|---|
create |
POST /v1alpha/{parent}/dynamicParameters Create a DynamicParameter. |
delete |
DELETE /v1alpha/{name} Delete a DynamicParameter. |
export |
POST /v1alpha/{parent}/dynamicParameters:export Export all DynamicParameters. |
get |
GET /v1alpha/{name} Get a DynamicParameter. |
import |
POST /v1alpha/{parent}/dynamicParameters:import Import DynamicParameters. |
list |
GET /v1alpha/{parent}/dynamicParameters Lists DynamicParameters. |
patch |
PATCH /v1alpha/{dynamicParameter.name} Update a DynamicParameter. |
REST Resource: v1alpha.projects.locations.instances.emailTemplates
Methods | |
---|---|
batchDelete |
POST /v1alpha/{parent}/emailTemplates:batchDelete Batch delete email templates. |
create |
POST /v1alpha/{parent}/emailTemplates Creates an EmailTemplate for a given instance. |
delete |
DELETE /v1alpha/{name} Deletes an EmailTemplate for a given instance. |
export |
POST /v1alpha/{parent}/emailTemplates:export Export email templates as file stream. |
get |
GET /v1alpha/{name} Gets an EmailTemplate by name. |
import |
POST /v1alpha/{parent}/emailTemplates:import Import email templates from file stream. |
list |
GET /v1alpha/{parent}/emailTemplates Lists all EmailTemplates for a given instance. |
patch |
PATCH /v1alpha/{emailTemplate.name} Updates an EmailTemplate for a given instance. |
REST Resource: v1alpha.projects.locations.instances.enrichmentControls
Methods | |
---|---|
create |
POST /v1alpha/{parent}/enrichmentControls Create an EnrichmentControl resource. |
delete |
DELETE /v1alpha/{name} Delete an EnrichmentControl. |
get |
GET /v1alpha/{name} Get an EnrichmentControl. |
list |
GET /v1alpha/{parent}/enrichmentControls List all EnrichmentControls. |
REST Resource: v1alpha.projects.locations.instances.entities
Methods | |
---|---|
get |
GET /v1alpha/{name} Gets an entity by name. |
import |
POST /v1alpha/{parent}/entities:import ImportEntities import the entities. |
modifyEntityRiskScore |
POST /v1alpha/{name}:modifyEntityRiskScore Modify base entity risk score for an entity. |
queryEntityRiskScoreModifications |
GET /v1alpha/{name}:queryEntityRiskScoreModifications Query modifications to base entity risk score for an entity. |
REST Resource: v1alpha.projects.locations.instances.entitiesBlocklists
Methods | |
---|---|
create |
POST /v1alpha/{parent}/entitiesBlocklists Create a EntitiesBlocklist. |
delete |
DELETE /v1alpha/{name} Delete a EntitiesBlocklist. |
get |
GET /v1alpha/{name} Get a EntitiesBlocklist. |
list |
GET /v1alpha/{parent}/entitiesBlocklists List page of EntitiesBlocklists. |
patch |
PATCH /v1alpha/{entitiesBlocklist.name} Update a EntitiesBlocklist. |
REST Resource: v1alpha.projects.locations.instances.entityRiskScores
Methods | |
---|---|
query |
GET /v1alpha/{instance}/entityRiskScores:query Queries the instance for EntityRiskScores. |
REST Resource: v1alpha.projects.locations.instances.environmentGroups
Methods | |
---|---|
create |
POST /v1alpha/{parent}/environmentGroups Create an EnvironmentGroup. |
delete |
DELETE /v1alpha/{name} Delete an EnvironmentGroup. |
get |
GET /v1alpha/{name} Get an EnvironmentGroup. |
list |
GET /v1alpha/{parent}/environmentGroups List EnvironmentGroups. |
patch |
PATCH /v1alpha/{environmentGroup.name} Update an EnvironmentGroup. |
REST Resource: v1alpha.projects.locations.instances.environments
Methods | |
---|---|
create |
POST /v1alpha/{parent}/environments Creates a Environment. |
delete |
DELETE /v1alpha/{name} Deletes a Environment. |
get |
GET /v1alpha/{name} Gets a Environment. |
list |
GET /v1alpha/{parent}/environments Lists Environments. |
patch |
PATCH /v1alpha/{environment.name} Updates a Environment. |
resetWeights |
POST /v1alpha/{name}/environments:resetWeights Reset weights of all environments. |
REST Resource: v1alpha.projects.locations.instances.errorNotificationConfigs
Methods | |
---|---|
create |
POST /v1alpha/{parent}/errorNotificationConfigs Creates a new error notification config for the customer |
delete |
DELETE /v1alpha/{name} Deletes an error notification config. |
get |
GET /v1alpha/{name} Gets a single error notification config. |
list |
GET /v1alpha/{parent}/errorNotificationConfigs Lists error notification configurations for the customer. |
patch |
PATCH /v1alpha/{errorNotificationConfig.name} Updates an error notification config. |
REST Resource: v1alpha.projects.locations.instances.events
Methods | |
---|---|
batchGet |
GET /v1alpha/{parent}/events:batchGet Gets a batch (list) of events given a list of names and a parent. |
get |
GET /v1alpha/{name} Gets an event given a name. |
import |
POST /v1alpha/{parent}/events:import ImportEvents import the events. |
REST Resource: v1alpha.projects.locations.instances.federationGroups
Methods | |
---|---|
create |
POST /v1alpha/{parent}/federationGroups CreateFederationGroup method creates a new Federation group. |
delete |
DELETE /v1alpha/{name} DeleteFederationGroup method deletes a Federation group. |
get |
GET /v1alpha/{name} GetFederationGroup method gets a Federation group. |
list |
GET /v1alpha/{parent}/federationGroups ListFederationGroups method lists all Federation groups. |
patch |
PATCH /v1alpha/{federationGroup.name} UpdateFederationGroup method updates a Federation group. |
REST Resource: v1alpha.projects.locations.instances.feedPacks
Methods | |
---|---|
get |
GET /v1alpha/{name} Gets a feed pack. |
list |
GET /v1alpha/{parent}/feedPacks Lists Packs for which feeds can be configured. |
REST Resource: v1alpha.projects.locations.instances.feedServiceAccounts
Methods | |
---|---|
fetchServiceAccountForCustomer |
GET /v1alpha/{parent}/feedServiceAccounts:fetchServiceAccountForCustomer Fetch Chronicle's service account used for ingesting data from Cloud Storage buckets. |
REST Resource: v1alpha.projects.locations.instances.feedSourceTypeSchemas
Methods | |
---|---|
list |
GET /v1alpha/{parent}/feedSourceTypeSchemas List all FeedSourceTypeSchemas. |
REST Resource: v1alpha.projects.locations.instances.feedSourceTypeSchemas.logTypeSchemas
Methods | |
---|---|
list |
GET /v1alpha/{parent}/logTypeSchemas List all LogTypeSchemas compatible with a given FeedSourceType. |
REST Resource: v1alpha.projects.locations.instances.feeds
Methods | |
---|---|
create |
POST /v1alpha/{parent}/feeds Creates a feed. |
delete |
DELETE /v1alpha/{name} Deletes a feed. |
disable |
POST /v1alpha/{name}:disable Disable feed for ingestion. |
enable |
POST /v1alpha/{name}:enable Enable feed for ingestion. |
generateSecret |
POST /v1alpha/{name}:generateSecret Generates a new secret for https push feeds which do not support jwt tokens. |
get |
GET /v1alpha/{name} Gets a feed. |
importPushLogs |
POST /v1alpha/{parent}:importPushLogs Import logs coming from https push feeds. |
list |
GET /v1alpha/{parent}/feeds Lists all feeds for the customer. |
patch |
PATCH /v1alpha/{feed.name} Updates the full feed. |
scheduleTransfer |
POST /v1alpha/{name}:scheduleTransfer Schedules a feed transfer for the feed. |
REST Resource: v1alpha.projects.locations.instances.findingsGraph
Methods | |
---|---|
exploreNode |
GET /v1alpha/{name}:exploreNode Explores a node to find related nodes if it is an IndividualNode or retrieve the individual nodes within the group if it is a GroupNode and return a graph composed by the nodes and their edges over a time range. |
initializeGraph |
GET /v1alpha/{name}:initializeGraph Initialize a graph from a resource such as a detection or an entity. |
REST Resource: v1alpha.projects.locations.instances.findingsRefinements
Methods | |
---|---|
computeFindingsRefinementActivity |
POST /v1alpha/{name}:computeFindingsRefinementActivity Returns findings refinement activity for a specific findings refinement. |
create |
POST /v1alpha/{parent}/findingsRefinements Creates a new findings refinement. |
get |
GET /v1alpha/{name} Gets a single findings refinement. |
getDeployment |
GET /v1alpha/{name} Gets a findings refinement deployment. |
list |
GET /v1alpha/{parent}/findingsRefinements Lists a collection of findings refinements. |
patch |
PATCH /v1alpha/{findingsRefinement.name} Updates a findings refinement. |
updateDeployment |
PATCH /v1alpha/{findingsRefinementDeployment.name} Updates a findings refinement deployment. |
REST Resource: v1alpha.projects.locations.instances.forwarders
Methods | |
---|---|
create |
POST /v1alpha/{parent}/forwarders Create a forwarder. |
delete |
DELETE /v1alpha/{name} Delete a forwarder by forwarder ID. |
generateForwarderFiles |
GET /v1alpha/{name}:generateForwarderFiles Generates a forwarder's configuration files. |
get |
GET /v1alpha/{name} Get a forwarder by forwarder ID. |
importStatsEvents |
POST /v1alpha/{name}:importStatsEvents ImportStatsEvents imports stats events from a forwarder. |
list |
GET /v1alpha/{parent}/forwarders List all forwarders for the instance. |
patch |
PATCH /v1alpha/{forwarder.name} Update a forwarder. |
REST Resource: v1alpha.projects.locations.instances.forwarders.collectors
Methods | |
---|---|
create |
POST /v1alpha/{parent}/collectors Create a collector. |
delete |
DELETE /v1alpha/{name} Delete a collector by collector ID. |
get |
GET /v1alpha/{name} Get a collector by collector ID. |
list |
GET /v1alpha/{parent}/collectors List all collectors for the forwarder. |
patch |
PATCH /v1alpha/{collector.name} Update a collector. |
REST Resource: v1alpha.projects.locations.instances.ingestionLogLabels
Methods | |
---|---|
list |
GET /v1alpha/{parent}/ingestionLogLabels Returns the ingestion log labels for the customer. |
REST Resource: v1alpha.projects.locations.instances.ingestionLogNamespaces
Methods | |
---|---|
list |
GET /v1alpha/{parent}/ingestionLogNamespaces Lists ingestion log namespaces for the customer. |
REST Resource: v1alpha.projects.locations.instances.integrations
Methods | |
---|---|
create |
POST /v1alpha/{parent}/integrations Create a SOAR Integration. |
delete |
DELETE /v1alpha/{name} Deletes a SOAR Integration. |
download |
GET /v1alpha/{name}:exportItems Export items from existing integration to a zipped folder. |
downloadDependency |
POST /v1alpha/{name}:downloadDependency Download integration dependency. |
fetchAffectedItems |
GET /v1alpha/{name}:fetchAffectedItems Get items that can be affected due to a change in the integration (for example, removal of the integration). |
fetchAgentIntegrations |
GET /v1alpha/{parent}:fetchAgentIntegrations Get the integrations that are installed on a specific agent. |
fetchCommercialDiff |
GET /v1alpha/{name}:fetchCommercialDiff Get a diff between the current integration and the matching commercial integration from the store |
fetchDependencies |
GET /v1alpha/{name}:fetchDependencies List all of the downloaded dependencies of a custom integration. |
fetchRestrictedAgents |
GET /v1alpha/{name}:fetchRestrictedAgents Returns a list of all agents that an integration update should be restricted on, due to possible incompatibility, such as: unsupported Python version. |
get |
GET /v1alpha/{name} Get a SOAR Integration. |
getFetchProductionDiff |
GET /v1alpha/{name}:fetchProductionDiff Get a diff between the current staging integration and the matching production integration |
getFetchStagingDiff |
GET /v1alpha/{name}:fetchStagingDiff Get a diff between the current production integration and the matching staging |
list |
GET /v1alpha/{parent}/integrations Lists SOAR Integrations. |
patch |
PATCH /v1alpha/{integration.name} Updates a SOAR Integration. |
pushToProduction |
POST /v1alpha/{name}:pushToProduction Push an integration from Staging to Production mode. |
pushToStaging |
POST /v1alpha/{name}:pushToStaging Push an integration from Production to Staging mode. |
upload |
POST /v1alpha/{parent}/integrations:extractIntegrationDetails POST /upload/v1alpha/{parent}/integrations:extractIntegrationDetails Get the zip file content before importing an integration to the system |
REST Resource: v1alpha.projects.locations.instances.integrations.actions
Methods | |
---|---|
create |
POST /v1alpha/{parent}/actions CreateIntegrationAction creates a IntegrationAction. |
delete |
DELETE /v1alpha/{name} DeleteIntegrationAction deletes a IntegrationAction. |
executeTest |
POST /v1alpha/{name}:executeTest Executes a test on a action definition script. |
fetchActionsByEnvironment |
GET /v1alpha/{parent}/actions:fetchActionsByEnvironment Fetch actions by environment. |
fetchTemplate |
GET /v1alpha/{parent}/actions:fetchTemplate Fetches the default action template, mainly used for obtaining the default script allowing quick start. |
get |
GET /v1alpha/{name} GetIntegrationAction gets a IntegrationAction. |
list |
GET /v1alpha/{parent}/actions ListIntegrationActions lists IntegrationActions. |
patch |
PATCH /v1alpha/{integrationAction.name} UpdateIntegrationAction updates a IntegrationAction. |
REST Resource: v1alpha.projects.locations.instances.integrations.actions.revisions
Methods | |
---|---|
create |
POST /v1alpha/{parent}/revisions CreateActionRevision creates a new action revision. |
delete |
DELETE /v1alpha/{name} DeleteActionRevision deletes an action revision. |
list |
GET /v1alpha/{parent}/revisions List all revisions of an action. |
rollback |
POST /v1alpha/{name}:rollback RollbackIntegrationActionRevision rolls back the action definition to a saved revision. |
REST Resource: v1alpha.projects.locations.instances.integrations.connectors
Methods | |
---|---|
create |
POST /v1alpha/{parent}/connectors Create a Integration Connector. |
delete |
DELETE /v1alpha/{name} Delete a Connector. |
executeTest |
POST /v1alpha/{integrationIdentifier}:executeTest Execute a test on a connector definition script. |
fetchTemplate |
GET /v1alpha/{parent}/connectors:fetchTemplate Retrieve the default recommended Integration Connector script template. |
get |
GET /v1alpha/{name} Get a integration connector. |
list |
GET /v1alpha/{parent}/connectors List integration connectors. |
patch |
PATCH /v1alpha/{integrationConnector.name} Update a Integration Connector. |
REST Resource: v1alpha.projects.locations.instances.integrations.connectors.connectorInstances
Methods | |
---|---|
create |
POST /v1alpha/{parent}/connectorInstances Create a ConnectorInstance. |
delete |
DELETE /v1alpha/{name} Delete a ConnectorInstance. |
fetchLatestDefinition |
GET /v1alpha/{parent}:fetchLatestDefinition Fetch the latest definition of a connector. |
get |
GET /v1alpha/{name} Get a ConnectorInstance. |
list |
GET /v1alpha/{parent}/connectorInstances List ConnectorInstances. |
patch |
PATCH /v1alpha/{connectorInstance.name} Update a ConnectorInstance. |
runOnDemand |
POST /v1alpha/{name}:runOnDemand Run a connector on demand. |
setLogsCollection |
POST /v1alpha/{name}:setLogsCollection Set the logs collection for a connector. |
REST Resource: v1alpha.projects.locations.instances.integrations.connectors.connectorInstances.logs
Methods | |
---|---|
get |
GET /v1alpha/{name} Get a single ConnectorInstanceLog. |
list |
GET /v1alpha/{parent}/logs List all ConnectorInstanceLogs for a given ConnectorInstance. |
REST Resource: v1alpha.projects.locations.instances.integrations.connectors.contextProperties
Methods | |
---|---|
clearAll |
POST /v1alpha/{parent}/contextProperties:clearAll The method clears all context-properties set on a specific context. |
create |
POST /v1alpha/{parent}/contextProperties Create a context-property. |
delete |
DELETE /v1alpha/{name} Delete a context-property. |
get |
GET /v1alpha/{name} Get a context-property. |
list |
GET /v1alpha/{parent}/contextProperties List context-properties. |
patch |
PATCH /v1alpha/{contextProperty.name} Update a context-property. |
REST Resource: v1alpha.projects.locations.instances.integrations.connectors.revisions
Methods | |
---|---|
create |
POST /v1alpha/{parent}/revisions Creates a new connector revision. |
delete |
DELETE /v1alpha/{name} Deletes a connector revision. |
list |
GET /v1alpha/{parent}/revisions Lists all revisions of a connector. |
rollback |
POST /v1alpha/{name}:rollback RollbackConnectorRevision rolls back the connector definition to a saved revision. |
REST Resource: v1alpha.projects.locations.instances.integrations.integrationInstances
Methods | |
---|---|
create |
POST /v1alpha/{parent}/integrationInstances Create a IntegrationInstance. |
delete |
DELETE /v1alpha/{name} Delete a IntegrationInstance. |
executeTest |
POST /v1alpha/{name}:executeTest Execute a test for a given IntegrationInstance. |
fetchAffectedItems |
GET /v1alpha/{name}:fetchAffectedItems Fetch affected items for a given IntegrationInstance. |
fetchDefaultInstance |
GET /v1alpha/{parent}/integrationInstances:fetchDefaultInstance Execute a test for a given IntegrationInstance. |
get |
GET /v1alpha/{name} Get IntegrationInstance for a given instance. |
list |
GET /v1alpha/{parent}/integrationInstances List IntegrationInstances for a given instance. |
patch |
PATCH /v1alpha/{integrationInstance.name} Update a IntegrationInstance. |
REST Resource: v1alpha.projects.locations.instances.integrations.jobs
Methods | |
---|---|
create |
POST /v1alpha/{parent}/jobs CreateIntegrationJob creates a IntegrationJob. |
delete |
DELETE /v1alpha/{name} DeleteIntegrationJob deletes a IntegrationJob. |
executeTest |
POST /v1alpha/{name}:executeTest Executes a test on a job definition script. |
fetchTemplate |
GET /v1alpha/{parent}/jobs:fetchTemplate Fetches the default job template, mainly used for obtaining the default script allowing quick start. |
get |
GET /v1alpha/{name} GetIntegrationJob gets a IntegrationJob. |
list |
GET /v1alpha/{parent}/jobs ListIntegrationJobs lists IntegrationJobs. |
patch |
PATCH /v1alpha/{integrationJob.name} UpdateIntegrationJob updates a IntegrationJob. |
REST Resource: v1alpha.projects.locations.instances.integrations.jobs.contextProperties
Methods | |
---|---|
clearAll |
POST /v1alpha/{parent}/contextProperties:clearAll The method clears all context-properties set on a specific context. |
create |
POST /v1alpha/{parent}/contextProperties Create a context-property. |
delete |
DELETE /v1alpha/{name} Delete a context-property. |
get |
GET /v1alpha/{name} Get a context-property. |
list |
GET /v1alpha/{parent}/contextProperties List context-properties. |
patch |
PATCH /v1alpha/{contextProperty.name} Update a context-property. |
REST Resource: v1alpha.projects.locations.instances.integrations.jobs.jobInstances
Methods | |
---|---|
create |
POST /v1alpha/{parent}/jobInstances CreateJobInstance creates a new job instance. |
delete |
DELETE /v1alpha/{name} DeleteJobInstance deletes a job instance. |
get |
GET /v1alpha/{name} Get instance of a job. |
list |
GET /v1alpha/{parent}/jobInstances List all instances of a job. |
patch |
PATCH /v1alpha/{integrationJobInstance.name} UpdateIntegrationJobInstance updates an instance of a job instance. |
runOnDemand |
POST /v1alpha/{name}:runOnDemand RunOnDemandIntegrationJobInstance runs job instance script once. |
REST Resource: v1alpha.projects.locations.instances.integrations.jobs.jobInstances.logs
Methods | |
---|---|
get |
GET /v1alpha/{name} Get a single IntegrationJobInstanceLog. |
list |
GET /v1alpha/{parent}/logs List all IntegrationJobInstanceLogs for a given IntegrationJobInstance. |
REST Resource: v1alpha.projects.locations.instances.integrations.jobs.revisions
Methods | |
---|---|
create |
POST /v1alpha/{parent}/revisions CreateJobRevision creates a new job revision. |
delete |
DELETE /v1alpha/{name} DeleteJobRevision deletes a job revision. |
list |
GET /v1alpha/{parent}/revisions List all revisions of a job. |
rollback |
POST /v1alpha/{name}:rollback RollbackIntegrationJobRevision rolls back the job definition to a saved revision. |
REST Resource: v1alpha.projects.locations.instances.integrations.managers
Methods | |
---|---|
create |
POST /v1alpha/{parent}/managers Create an Integration Manager. |
delete |
DELETE /v1alpha/{name} Delete an Integration Manager. |
fetchTemplate |
GET /v1alpha/{parent}/managers:fetchTemplate Retrieve the default recommended Integration Manager script template. |
get |
GET /v1alpha/{name} Get an Integration Manager. |
list |
GET /v1alpha/{parent}/managers List Integration Managers for a given integration. |
patch |
PATCH /v1alpha/{integrationManager.name} Update an Integration Manager. |
REST Resource: v1alpha.projects.locations.instances.integrations.managers.revisions
Methods | |
---|---|
create |
POST /v1alpha/{parent}/revisions CreateIntegrationManagerRevision creates a new manager revision. |
delete |
DELETE /v1alpha/{name} DeleteIntegrationManagerRevision deletes a specific manager revision. |
get |
GET /v1alpha/{name} GetIntegrationManagerRevision gets a specific manager revision. |
list |
GET /v1alpha/{parent}/revisions ListIntegrationManagerRevisions lists all manager revisions for a given manager. |
rollback |
POST /v1alpha/{name}:rollback RollbackIntegrationManagerRevision rolls back the manager definition to a saved revision. |
REST Resource: v1alpha.projects.locations.instances.investigations
Methods | |
---|---|
get |
GET /v1alpha/{name} GetInvestigation is used to retrieve an investigation. |
list |
GET /v1alpha/{parent}/investigations ListInvestigations is used to retrieve existing investigations for a given instance. |
trigger |
POST /v1alpha/{parent}/investigations:trigger Custom method to manually trigger an investigation for a given alert. |
REST Resource: v1alpha.projects.locations.instances.investigations.investigationSteps
Methods | |
---|---|
get |
GET /v1alpha/{name} GetInvestigationStep is used to retrieve an investigation step. |
list |
GET /v1alpha/{parent}/investigationSteps ListInvestigationSteps is used to retrieve existing investigation steps for a given investigation. |
REST Resource: v1alpha.projects.locations.instances.iocAssociations
Methods | |
---|---|
batchGet |
GET /v1alpha/{parent}/iocAssociations:batchGet Gets a batch (list) of IocAssociations given a list of names and a parent. |
fetchRelatedIocAssociations |
GET /v1alpha/{name}:fetchRelatedIocAssociations List related Ioc Associations for a given Ioc Association. |
fetchRelatedThreatCollections |
GET /v1alpha/{name}:fetchRelatedThreatCollections List related threat collections for an IocAssociation. |
get |
GET /v1alpha/{name} Get an Ioc Association by resource name. |
REST Resource: v1alpha.projects.locations.instances.iocs
Methods | |
---|---|
batchGet |
GET /v1alpha/{parent}/iocs:batchGet Gets a batch (list) of iocs given a list of names and a parent. |
findFirstAndLastSeen |
GET /v1alpha/{name}:findFirstAndLastSeen FindFirstAndLastSeen for an Ioc. |
get |
GET /v1alpha/{name} Get an Ioc. |
getIocState |
GET /v1alpha/{name} Gets the status of an ioc |
searchCuratedDetectionsForIoc |
GET /v1alpha/{name}:searchCuratedDetectionsForIoc Search curated detections for an Ioc. |
updateIocState |
PATCH /v1alpha/{iocState.name} Update an Ioc state. |
REST Resource: v1alpha.projects.locations.instances.labsExperiments
Methods | |
---|---|
execute |
POST /v1alpha/{parent}:execute Executes a LabsExperiment. |
get |
GET /v1alpha/{name} Gets a LabExperiment. |
list |
GET /v1alpha/{parent}/labsExperiments Lists LabsExperiments. |
patch |
PATCH /v1alpha/{labsExperiment.name} Update a LabsExperiment. |
REST Resource: v1alpha.projects.locations.instances.labsExperiments.executions
Methods | |
---|---|
get |
GET /v1alpha/{name} Retrieves a specific LabsExperimentExecution resource. |
list |
GET /v1alpha/{parent}/executions Lists LabsExperimentExecution resources. |
patch |
PATCH /v1alpha/{labsExperimentExecution.name} Updates a LabsExperimentExecution. |
REST Resource: v1alpha.projects.locations.instances.legacy
Methods | |
---|---|
legacyBatchGetCases |
GET /v1alpha/{instance}/legacy:legacyBatchGetCases RPC for fetching cases for the given caseNames. |
legacyBatchGetCollections |
GET /v1alpha/{instance}/legacy:legacyBatchGetCollections RPC for getting a batch of collections based on their Collection Ids. |
legacyCreateOrUpdateCase |
POST /v1alpha/{instance}/legacy:legacyCreateOrUpdateCase Legacy RPC for creating or updating an existing case. |
legacyCreateSoarAlert |
POST /v1alpha/{instance}/legacy:legacyCreateSoarAlert RPC for creating a SOAR alert. |
legacyFetchAlertsView |
GET /v1alpha/{instance}/legacy:legacyFetchAlertsView Legacy streaming endpoint for getting alerts (and in some cases, non-alerting detections) along with aggregated fields that match the query. |
legacyFetchUdmSearchCsv |
POST /v1alpha/{instance}/legacy:legacyFetchUdmSearchCsv Legacy endpoint for fetching csv rows for matching UDM search. |
legacyFetchUdmSearchView |
POST /v1alpha/{instance}/legacy:legacyFetchUdmSearchView Legacy endpoint for fetching events, filters, and histograms matching UDM search. |
legacyFindAssetEvents |
GET /v1alpha/{instance}/legacy:legacyFindAssetEvents Legacy endpoint for getting events for an asset indicator. |
legacyFindRawLogs |
GET /v1alpha/{instance}/legacy:legacyFindRawLogs Legacy endpoint for getting events for a raw log search query. |
legacyFindUdmEvents |
GET /v1alpha/{instance}/legacy:legacyFindUdmEvents Legacy endpoint for finding UDM/entity events using tokens or ids. |
legacyGetAlert |
GET /v1alpha/{instance}/legacy:legacyGetAlert RPC for fetching an alert based on its Alert Id. |
legacyGetCuratedRulesTrends |
GET /v1alpha/{instance}/legacy:legacyGetCuratedRulesTrends Legacy RPC for listing detection counts and last detection timestamp for a list of Curated Rule ids. |
legacyGetDetection |
GET /v1alpha/{instance}/legacy:legacyGetDetection Legacy endpoint for fetching a Detection. |
legacyGetEventForDetection |
GET /v1alpha/{instance}/legacy:legacyGetEventForDetection Legacy endpoint for getting event for curated detection. |
legacyGetRuleCounts |
GET /v1alpha/{instance}/legacy:legacyGetRuleCounts RPC to get rule counts. |
legacyGetRulesTrends |
GET /v1alpha/{instance}/legacy:legacyGetRulesTrends Legacy RPC for listing detection counts and last detection timestamp for a list of user-defined rule ids. |
legacyRunTestRule |
POST /v1alpha/{instance}/legacy:legacyRunTestRule Legacy RPC to test a rule and stream back the responses. |
legacySearchArtifactEvents |
GET /v1alpha/{instance}/legacy:legacySearchArtifactEvents Legacy endpoint for getting events for a given artifact. |
legacySearchArtifactIoCDetails |
GET /v1alpha/{instance}/legacy:legacySearchArtifactIoCDetails Rpc to search for IoC details for a particular artifact. |
legacySearchAssetEvents |
GET /v1alpha/{instance}/legacy:legacySearchAssetEvents Legacy endpoint for getting events for a given asset. |
legacySearchCuratedDetections |
GET /v1alpha/{instance}/legacy:legacySearchCuratedDetections Legacy endpoint for searcing detections for a Curated Rule. |
legacySearchCustomerStats |
POST /v1alpha/{instance}/legacy:legacySearchCustomerStats LegacySearchCustomerStats gets data collection stats about a customer, e.g., the first time data was seen from a customer, the last time, etc. |
legacySearchDetections |
GET /v1alpha/{instance}/legacy:legacySearchDetections Legacy endpoint for searching detections for a rule version. |
legacySearchDomainsRecentlyRegistered |
GET /v1alpha/{instance}/legacy:legacySearchDomainsRecentlyRegistered Given a list of domain names and a time, returns only the domains that were recently registered relative to that time. |
legacySearchDomainsTimingStats |
GET /v1alpha/{instance}/legacy:legacySearchDomainsTimingStats Given a list of domain names, returns time-related statistics for those domains (ex: the first seen in the enterprise time). |
legacySearchEnterpriseWideAlerts |
GET /v1alpha/{instance}/legacy:legacySearchEnterpriseWideAlerts RPC for getting all alerts in a time range in legacy page site. |
legacySearchEnterpriseWideIoCs |
GET /v1alpha/{instance}/legacy:legacySearchEnterpriseWideIoCs RPC for listing IoC matches against ingested events. |
legacySearchFindings |
GET /v1alpha/{instance}/legacy:legacySearchFindings Legacy endpoint for listing Findings. |
legacySearchIngestionStats |
POST /v1alpha/{instance}/legacy:legacySearchIngestionStats LegacySearchIngestionStats gets data ingestion stats about a given customer, e.g. |
legacySearchIoCInsights |
GET /v1alpha/{instance}/legacy:legacySearchIoCInsights Rpc to list IoC insights on given artifacts. |
legacySearchRawLogs |
GET /v1alpha/{instance}/legacy:legacySearchRawLogs Legacy endpoint for getting events for a raw log search. |
legacySearchRuleDetectionCountBuckets |
GET /v1alpha/{instance}/legacy:legacySearchRuleDetectionCountBuckets Legacy endpoint for listing detection count buckets for a Rules Engine rule. |
legacySearchRuleDetectionEvents |
GET /v1alpha/{instance}/legacy:legacySearchRuleDetectionEvents Legacy RPC for listing events associated with a particular Detection generated by a Rules Engine rule. |
legacySearchRuleResults |
GET /v1alpha/{instance}/legacy:legacySearchRuleResults Legacy endpoint for listing aggregated results for a Rules Engine rule. |
legacySearchRulesAlerts |
GET /v1alpha/{instance}/legacy:legacySearchRulesAlerts RPC to get the list of Rules Engine generated alerts for a customer. |
legacySearchUserEvents |
GET /v1alpha/{instance}/legacy:legacySearchUserEvents Legacy endpoint for getting events for a given user. |
legacyStreamDetectionAlerts |
POST /v1alpha/{instance}/legacy:legacyStreamDetectionAlerts Legacy StreamDetectionAlerts continuously streams new detection alerts as they are discovered. |
legacyTestRuleStreaming |
POST /v1alpha/{instance}/legacy:legacyTestRuleStreaming LegacyTestRuleStreaming tests the given rule text over a specified time range and streams detections/errors back without persisting them. |
legacyUpdateAlert |
POST /v1alpha/{instance}/legacy:legacyUpdateAlert Legacy endpoint for updating an alert. |
REST Resource: v1alpha.projects.locations.instances.legacyCaseFederationPlatforms
Methods | |
---|---|
create |
POST /v1alpha/{parent}/legacyCaseFederationPlatforms Legacy endpoint for creating a case federation platform. |
legacyDeleteCaseFederationPlatform |
DELETE /v1alpha/{name} Legacy endpoint for deleting a case federation platform. |
legacyGetCaseFederationPlatform |
GET /v1alpha/{name} Legacy endpoint for getting a case federation platform. |
REST Resource: v1alpha.projects.locations.instances.legacyConfiguration
Methods | |
---|---|
legacyGetMaximumAlertsGroupingConfiguration |
GET /v1alpha/{instance}/legacyConfiguration:legacyGetMaximumAlertsGroupingConfiguration Legacy endpoint for fetching audit logs. |
REST Resource: v1alpha.projects.locations.instances.legacyFederatedCases
Methods | |
---|---|
legacyBatchPatchFederatedCases |
POST /v1alpha/{parent}/legacyFederatedCases:legacyBatchPatchFederatedCases Batch patch federated cases into the primary platform. |
legacyFetchCasesToSync |
GET /v1alpha/{parent}/legacyFederatedCases:legacyFetchCasesToSync Legacy endpoint for fetching cases to sync. |
legacyGetFederatedCase |
GET /v1alpha/{name} Get a federated case. |
legacyListFederatedCases |
POST /v1alpha/{parent}/legacyFederatedCases:legacyListFederatedCases List federated cases. |
REST Resource: v1alpha.projects.locations.instances.legacyPlaybooks
Methods | |
---|---|
download |
GET /v1alpha/{instance}/legacyPlaybooks:legacyExportDefinitions LegacyPlaybookExportDefinitions exports workflows as a zip file. |
legacyActionWidgetTemplate |
GET /v1alpha/{instance}/legacyPlaybooks:legacyActionWidgetTemplate LegacyPlaybookActionWidgetTemplate returns the action widget template for a given action identifier. |
legacyAddOrUpdatePlaybookCategory |
POST /v1alpha/{instance}/legacyPlaybooks:legacyAddOrUpdatePlaybookCategory Add or update workflow categories. |
legacyAiGenerate |
POST /v1alpha/{instance}/legacyPlaybooks:legacyAiGenerate Generates a playbook using AI based on the provided user prompt. |
legacyAiGenerateByAlert |
POST /v1alpha/{instance}/legacyPlaybooks:legacyAiGenerateByAlert AI Generation of a new playbook based on a given security alert. |
legacyAiUpdate |
POST /v1alpha/{instance}/legacyPlaybooks:legacyAiUpdate Updates playbook using AI based on the provided user prompt. |
legacyApplyApprovalLink |
POST /v1alpha/{instance}/legacyPlaybooks:legacyApplyApprovalLink LegacyPlaybookApplyApprovalLink applies an approval link to a workflow. |
legacyAttachNestedWorkflowToCase |
POST /v1alpha/{instance}/legacyPlaybooks:legacyAttachNestedWorkflowToCase LegacyPlaybookAttachNestedWorkflowToCase attaches a nested workflow to a case. |
legacyAttachWorkflowToCase |
POST /v1alpha/{instance}/legacyPlaybooks:legacyAttachWorkflowToCase LegacyPlaybookAttachWorkflowToCase attaches a workflow to a case. |
legacyCheckWorkflowNameInDifferentEnvironments |
POST /v1alpha/{instance}/legacyPlaybooks:legacyCheckWorkflowNameInDifferentEnvironments LegacyPlaybookCheckWorkflowNameInDifferentEnvironments checks if the workflow name is used in different environments. |
legacyCloneWorkflow |
POST /v1alpha/{instance}/legacyPlaybooks:legacyCloneWorkflow legacyCloneWorkflow clones a workflow. |
legacyCreateFeedback |
POST /v1alpha/{instance}/legacyPlaybooks:legacyCreateFeedback LegacyCreateFeedback creates a feedback for a playbook. |
legacyDeleteWorkflow |
POST /v1alpha/{instance}/legacyPlaybooks:legacyDeleteWorkflow LegacyPlaybookDeleteWorkflow deletes a workflow definition. |
legacyDeleteWorkflows |
POST /v1alpha/{instance}/legacyPlaybooks:legacyDeleteWorkflows Delete workflows. |
legacyDuplicateNestedWorkflows |
POST /v1alpha/{instance}/legacyPlaybooks:legacyDuplicateNestedWorkflows legacyDuplicateNestedWorkflows duplicates nested workflows. |
legacyDuplicateWorkflow |
POST /v1alpha/{instance}/legacyPlaybooks:legacyDuplicateWorkflow legacyDuplicateWorkflow duplicates a workflow. |
legacyDuplicateWorkflows |
POST /v1alpha/{instance}/legacyPlaybooks:legacyDuplicateWorkflows legacyDuplicateWorkflows duplicates workflows. |
legacyExecuteManualStep |
POST /v1alpha/{instance}/legacyPlaybooks:legacyExecuteManualStep LegacyPlaybookExecuteManualStep executes a manual step. |
legacyExecuteStep |
POST /v1alpha/{instance}/legacyPlaybooks:legacyExecuteStep LegacyPlaybookExecuteStep executes a step. |
legacyFetchActionResultsForSimulation |
POST /v1alpha/{instance}/legacyPlaybooks:legacyFetchActionResultsForSimulation LegacyPlaybookFetchActionResultsForSimulation returns action results for workflow instance id filtered by loop iteration. |
legacyGetActionResultsOfWFId |
GET /v1alpha/{instance}/legacyPlaybooks:legacyGetActionResultsOfWFId LegacyPlaybookGetActionResultsOfWFId returns action results by workflow (playbook) instance id. |
legacyGetAiGenerationStatusByAlert |
GET /v1alpha/{instance}/legacyPlaybooks:legacyGetAiGenerationStatusByAlert Get a status of AI generation of a playbook based on a given security alert. |
legacyGetCaseEntities |
GET /v1alpha/{instance}/legacyPlaybooks:legacyGetCaseEntities LegacyPlaybookGetCaseEntities get case entities. |
legacyGetContextGroupByKey |
GET /v1alpha/{instance}/legacyPlaybooks:legacyGetContextGroupByKey LegacyPlaybookGetContextGroupByKey returns the context group by key. |
legacyGetDebugStepCaseData |
POST /v1alpha/{instance}/legacyPlaybooks:legacyGetDebugStepCaseData LegacyPlaybookGetDebugStepCaseData gets the debug step case data. |
legacyGetEnabledWFCards |
POST /v1alpha/{instance}/legacyPlaybooks:legacyGetEnabledWFCards Get enabled workflow cards. |
legacyGetEnabledWFNames |
GET /v1alpha/{instance}/legacyPlaybooks:legacyGetEnabledWFNames Get enabled workflow names. |
legacyGetHtmlViewPresets |
GET /v1alpha/{instance}/legacyPlaybooks:legacyGetHtmlViewPresets LegacyPlaybookGetHtmlViewPresets gets the html view presets. |
legacyGetNestedPlaybookParams |
GET /v1alpha/{instance}/legacyPlaybooks:legacyGetNestedPlaybookParams Get Nested Playbooks by environments as steps. |
legacyGetNestedPlaybooksAsSteps |
GET /v1alpha/{instance}/legacyPlaybooks:legacyGetNestedPlaybooksAsSteps Get Nested Playbooks as steps. |
legacyGetNestedPlaybooksByEnvironmentsAsSteps |
POST /v1alpha/{instance}/legacyPlaybooks:legacyGetNestedPlaybooksByEnvironmentsAsSteps Get Nested Playbooks by environments as steps. |
legacyGetNestedWorkflowDefaultInputs |
POST /v1alpha/{instance}/legacyPlaybooks:legacyGetNestedWorkflowDefaultInputs LegacyPlaybookGetNestedWorkflowDefaultInputs get the latest input values for a nested workflow. |
legacyGetOverviewTemplate |
GET /v1alpha/{instance}/legacyPlaybooks:legacyGetOverviewTemplate LegacyPlaybookGetOverviewTemplate returns the overview template by template identifier. |
legacyGetOverviewTemplates |
POST /v1alpha/{instance}/legacyPlaybooks:legacyGetOverviewTemplates LegacyPlaybookGetOverviewTemplateByPlaybookIdentifier returns the overview template by playbook identifier. |
legacyGetPendingStep |
POST /v1alpha/{instance}/legacyPlaybooks:legacyGetPendingStep Get legacyGetPendingStep returns a pending step by alert identifier. |
legacyGetPendingStepsCountForUser |
GET /v1alpha/{instance}/legacyPlaybooks:legacyGetPendingStepsCountForUser Get legacyGetPendingStepsCountForUser returns pending steps count for the user running the request. |
legacyGetPendingStepsUserRelated |
GET /v1alpha/{instance}/legacyPlaybooks:legacyGetPendingStepsUserRelated Get legacyGetPendingStepsUserRelated returns pending steps related to the user. |
legacyGetPlaybookSimulationEnrichment |
POST /v1alpha/{instance}/legacyPlaybooks:legacyGetPlaybookSimulationEnrichment LegacyPlaybookGetPlaybookSimulationEnrichment returns the playbook simulation enrichment. |
legacyGetPlaybookStatsMap |
POST /v1alpha/{instance}/legacyPlaybooks:legacyGetPlaybookStatsMap LegacyPlaybookGetPlaybookStatsMap returns statistic data related to the workflow (such as number of runs, distribution by time, etc.). |
legacyGetPlaybooksUsingBlocks |
POST /v1alpha/{instance}/legacyPlaybooks:legacyGetPlaybooksUsingBlocks Get legacyGetPlaybooksUsingBlocks returns a list of the existing playbooks using blocks based on the block identifiers provided. |
legacyGetTriggerTags |
POST /v1alpha/{instance}/legacyPlaybooks:legacyGetTriggerTags LegacyPlaybookGetTriggerTags returns a list of all the tags that are relevant to the trigger type tag. |
legacyGetWorkFlowVersionLogs |
POST /v1alpha/{instance}/legacyPlaybooks:legacyGetWorkFlowVersionLogs LegacyPlaybookGetWorkFlowVersionLogs gets workflow version logs. |
legacyGetWorkflowCategories |
GET /v1alpha/{instance}/legacyPlaybooks:legacyGetWorkflowCategories Get workflow categories. |
legacyGetWorkflowFullInfoByIdentifier |
GET /v1alpha/{instance}/legacyPlaybooks:legacyGetWorkflowFullInfoByIdentifier Get legacyGetWorkflowFullInfoByIdentifier returns full info of a workflow by identifier. |
legacyGetWorkflowFullInfoWithEnvFilterByIdentifier |
GET /v1alpha/{instance}/legacyPlaybooks:legacyGetWorkflowFullInfoWithEnvFilterByIdentifier Get legacyGetWorkflowFullInfoWithEnvFilterByIdentifier returns full info of a workflow by identifier including environment filter. |
legacyGetWorkflowInstance |
POST /v1alpha/{instance}/legacyPlaybooks:legacyGetWorkflowInstance LegacyPlaybookExecuteManualStep returns the Instance (done \ pending) that was created for a given case+alert Identifier combo and the wf identifier. |
legacyGetWorkflowInstanceSummary |
POST /v1alpha/{instance}/legacyPlaybooks:legacyGetWorkflowInstanceSummary LegacyPlaybookGetWorkflowInstanceSummary returns the summary of an executed playbook for a given case including the alert and playbook Identifiers. |
legacyGetWorkflowInstancesCards |
POST /v1alpha/{instance}/legacyPlaybooks:legacyGetWorkflowInstancesCards LegacyPlaybookGetWorkflowInstancesCards returns the workflow instances cards for a given case+alert Identifier combo. |
legacyGetWorkflowMenuCard |
GET /v1alpha/{instance}/legacyPlaybooks:legacyGetWorkflowMenuCard Get legacyGetWorkflowMenuCard returns a workflow menu card by identifier. |
legacyGetWorkflowMenuCardWithEnvFilter |
GET /v1alpha/{instance}/legacyPlaybooks:legacyGetWorkflowMenuCardWithEnvFilter Get legacyGetWorkflowMenuCardWithEnvFilter returns a workflow menu card by identifier with environment filter. |
legacyGetWorkflowMenuCards |
POST /v1alpha/{instance}/legacyPlaybooks:legacyGetWorkflowMenuCards Get legacyGetWorkflowMenuCards returns a list of the existing playbook cards. |
legacyGetWorkflowMenuCardsWithEnvFilter |
POST /v1alpha/{instance}/legacyPlaybooks:legacyGetWorkflowMenuCardsWithEnvFilter Get legacyGetWorkflowMenuCards returns a list of the existing playbook cards with environment filter. |
legacyGetWorkflowStepInstance |
POST /v1alpha/{instance}/legacyPlaybooks:legacyGetWorkflowStepInstance LegacyPlaybookGetWorkflowStepInstance returns a workflow step instance. |
legacyGetWorkflowsContainsActionAsync |
GET /v1alpha/{instance}/legacyPlaybooks:legacyGetWorkflowsContainsActionAsync Get legacyGetWorkflowsContainsActionAsync returns workflows containing a specified action asynchronously. |
legacyGetWorkflowsInvolvingAction |
POST /v1alpha/{instance}/legacyPlaybooks:legacyGetWorkflowsInvolvingAction LegacyPlaybookGetWorkflowsInvolvingAction returns a list of actions that are part of the workflow. |
legacyMoveDefinitionsToCategory |
POST /v1alpha/{instance}/legacyPlaybooks:legacyMoveDefinitionsToCategory LegacyPlaybookMoveDefinitionsToCategory moves the workflow definitions to a selected category. |
legacyPermissions |
DELETE /v1alpha/{instance}/legacyPlaybooks:legacyPermissions LegacyPlaybookDeletePermissions Removes all access permissions for the given workflow. |
legacyPermissionsOptions |
POST /v1alpha/{instance}/legacyPlaybooks:legacyPermissionsOptions LegacyPlaybookPermissionsOptions return playbook access permission options. |
legacyRemoveCategories |
POST /v1alpha/{instance}/legacyPlaybooks:legacyRemoveCategories Remove workflow categories. |
legacyRerunBlock |
POST /v1alpha/{instance}/legacyPlaybooks:legacyRerunBlock LegacyPlaybookRerunBlock reruns block on a given alert. |
legacyRerunPlaybook |
POST /v1alpha/{instance}/legacyPlaybooks:legacyRerunPlaybook LegacyPlaybookRerunPlaybook reruns a playbook on a given alert. |
legacyRestoreWorkflowDefinition |
POST /v1alpha/{instance}/legacyPlaybooks:legacyRestoreWorkflowDefinition LegacyPlaybookRestoreWorkflowDefinition restores workflow definition. |
legacyRunPlaybookInDebug |
POST /v1alpha/{instance}/legacyPlaybooks:legacyRunPlaybookInDebug Run playbook in debug mode. |
legacySaveLogVersionOfWorkflowDefinitions |
POST /v1alpha/{instance}/legacyPlaybooks:legacySaveLogVersionOfWorkflowDefinitions LegacyPlaybookSaveLogVersionOfWorkflowDefinitions saves log version of workflow definitions. |
legacySaveWorkflowDefinitions |
POST /v1alpha/{instance}/legacyPlaybooks:legacySaveWorkflowDefinitions Save workflow definitions. |
legacySkip |
POST /v1alpha/{instance}/legacyPlaybooks:legacySkip LegacyPlaybookSkip will skip a pending playbook action, resulting in the execution of the following steps. |
legacyTestPipeExample |
POST /v1alpha/{instance}/legacyPlaybooks:legacyTestPipeExample LegacyPlaybookTestPipeExample tests a pipe example. |
legacyUpdateDefinitionsPriority |
POST /v1alpha/{instance}/legacyPlaybooks:legacyUpdateDefinitionsPriority LegacyPlaybookUpdateDefinitionsPriority updates the priority of the workflow definitions. |
upload |
POST /v1alpha/{instance}/legacyPlaybooks:legacyImportDefinitions POST /upload/v1alpha/{instance}/legacyPlaybooks:legacyImportDefinitions LegacyPlaybookImportDefinitions Import workflows from a zip file. |
REST Resource: v1alpha.projects.locations.instances.legacyPublisher
Methods | |
---|---|
download |
GET /v1alpha/{instance}/legacyPublisher:legacyGetTaskData Legacy endpoint for getting a task data. |
legacyAddConnectorPackage |
POST /v1alpha/{instance}/legacyPublisher:legacyAddConnectorPackage Legacy endpoint for uploading a connector package.. |
legacyCloudLog |
POST /v1alpha/{instance}/legacyPublisher:legacyCloudLog Legacy endpoint for sending a log to the Publisher. |
legacyDeleteIntegration |
POST /v1alpha/{instance}/legacyPublisher:legacyDeleteIntegration Legacy endpoint for deleting integration from Publisher. |
legacyGetHasLocallyScheduledRemoteConnectors |
GET /v1alpha/{instance}/legacyPublisher:legacyGetHasLocallyScheduledRemoteConnectors Legacy endpoint for checking if the integration has locally scheduled remote connectors. |
legacyGetIntegrationDependencies |
GET /v1alpha/{instance}/legacyPublisher:legacyGetIntegrationDependencies Legacy endpoint for getting all the dependencies of the integration. |
legacyGetLatestIntegrationVersion |
GET /v1alpha/{instance}/legacyPublisher:legacyGetLatestIntegrationVersion Legacy endpoint for getting the latest version of an integration. |
legacyKeepAlive |
POST /v1alpha/{instance}/legacyPublisher:legacyKeepAlive Legacy endpoint for sending keep alive message to Publisher. |
legacyListTasks |
GET /v1alpha/{instance}/legacyPublisher:legacyListTasks Legacy endpoint for listing remote tasks. |
legacyPing |
GET /v1alpha/{instance}/legacyPublisher:legacyPing Legacy endpoint for pinging the Publisher server. |
legacySetUpgradeInProgress |
POST /v1alpha/{instance}/legacyPublisher:legacySetUpgradeInProgress Legacy endpoint for updating upgrade_in_progress status. |
legacyUpdateIntegrationStatus |
POST /v1alpha/{instance}/legacyPublisher:legacyUpdateIntegrationStatus Legacy endpoint for updating integration status. |
legacyUpdateTask |
POST /v1alpha/{instance}/legacyPublisher:legacyUpdateTask Legacy endpoint for updating task status. |
upload |
POST /v1alpha/{instance}/legacyPublisher:legacyUpdateTaskResult POST /upload/v1alpha/{instance}/legacyPublisher:legacyUpdateTaskResult Legacy endpoint for updating a task result. |
REST Resource: v1alpha.projects.locations.instances.legacySdk
Methods | |
---|---|
legacyAddAgentConnectorLogs |
POST /v1alpha/{instance}/legacySdk:legacyAddAgentConnectorLogs Legacy RPC for add agent connector logs. |
legacyAddAgentLogs |
POST /v1alpha/{instance}/legacySdk:legacyAddAgentLogs Legacy RPC for add agent logs. |
legacyAddAttachment |
POST /v1alpha/{instance}/legacySdk:legacyAddAttachment Legacy RPC for add attachment. |
legacyAddComment |
POST /v1alpha/{instance}/legacySdk:legacyAddComment Legacy RPC for add comment. |
legacyAddEntitiesToCustomList |
POST /v1alpha/{instance}/legacySdk:legacyAddEntitiesToCustomList Legacy RPC for add entities to custom list. |
legacyAddOrUpdateCaseTask |
POST /v1alpha/{instance}/legacySdk:legacyAddOrUpdateCaseTask Legacy RPC for add or update case task. |
legacyAddTag |
POST /v1alpha/{instance}/legacySdk:legacyAddTag Legacy RPC for adding tag. |
legacyAlertFullDetails |
POST /v1alpha/{instance}/legacySdk:legacyAlertFullDetails Legacy RPC for getting alert full details. |
legacyAlertSourceFile |
GET /v1alpha/{instance}/legacySdk:legacyAlertSourceFile Legacy RPC for getting alert source file. |
legacyAlertsFullDetails |
GET /v1alpha/{instance}/legacySdk:legacyAlertsFullDetails Legacy RPC for getting alerts full details. |
legacyAlertsTicketIdsByCaseId |
GET /v1alpha/{instance}/legacySdk:legacyAlertsTicketIdsByCaseId Legacy RPC for getting alerts ticket ids by case id. |
legacyAnyEntityInCustomList |
POST /v1alpha/{instance}/legacySdk:legacyAnyEntityInCustomList Legacy RPC for check any entity in custom list. |
legacyAssignUser |
POST /v1alpha/{instance}/legacySdk:legacyAssignUser Legacy RPC for assign user to case. |
legacyAttacheWorkflowToCase |
POST /v1alpha/{instance}/legacySdk:legacyAttacheWorkflowToCase Legacy RPC for attach workflow to case. |
legacyAttachmentData |
GET /v1alpha/{instance}/legacySdk:legacyAttachmentData Legacy RPC for getting attachment. |
legacyAttachments |
GET /v1alpha/{instance}/legacySdk:legacyAttachments Legacy RPC for getting attachments. |
legacyCaseFullDetails |
GET /v1alpha/{instance}/legacySdk:legacyCaseFullDetails Legacy RPC for getting case full details. |
legacyCaseMetadata |
GET /v1alpha/{instance}/legacySdk:legacyCaseMetadata Legacy RPC for getting case metadata. |
legacyChangeCaseStage |
POST /v1alpha/{instance}/legacySdk:legacyChangeCaseStage Legacy RPC for change case stage. |
legacyChangePriority |
POST /v1alpha/{instance}/legacySdk:legacyChangePriority Legacy RPC for change case priority. |
legacyCheckMarketplaceStatus |
GET /v1alpha/{instance}/legacySdk:legacyCheckMarketplaceStatus Legacy RPC for check marketplace status. |
legacyCloseAlert |
POST /v1alpha/{instance}/legacySdk:legacyCloseAlert Legacy RPC for close alert. |
legacyCloseCase |
POST /v1alpha/{instance}/legacySdk:legacyCloseCase Legacy RPC for close case. |
legacyCreateCase |
POST /v1alpha/{instance}/legacySdk:legacyCreateCase Legacy RPC for create case. |
legacyCreateCaseInsight |
POST /v1alpha/{instance}/legacySdk:legacyCreateCaseInsight Legacy RPC for creating case insight. |
legacyCreateConnectorPackage |
POST /v1alpha/{instance}/legacySdk:legacyCreateConnectorPackage Legacy RPC for create connector package. |
legacyCreateEntity |
POST /v1alpha/{instance}/legacySdk:legacyCreateEntity Legacy RPC for create entity. |
legacyDismissAlert |
POST /v1alpha/{instance}/legacySdk:legacyDismissAlert Legacy RPC for dismiss alert. |
legacyGetAgentById |
GET /v1alpha/{instance}/legacySdk:legacyGetAgentById Legacy RPC for get agent by id. |
legacyGetAlertsTicketIdsFromCasesClosedSinceTimestamp |
POST /v1alpha/{instance}/legacySdk:legacyGetAlertsTicketIdsFromCasesClosedSinceTimestamp Legacy RPC for getting alerts ticket ids from cases closed since timestamp. |
legacyGetAlertsToSync |
POST /v1alpha/{instance}/legacySdk:legacyGetAlertsToSync Legacy RPC for get alerts to sync. |
legacyGetCaseClosureDetails |
POST /v1alpha/{instance}/legacySdk:legacyGetCaseClosureDetails Legacy RPC for getting case closure details. |
legacyGetCaseComment |
GET /v1alpha/{instance}/legacySdk:legacyGetCaseComment Legacy RPC for getting case comment. |
legacyGetCaseComments |
GET /v1alpha/{instance}/legacySdk:legacyGetCaseComments Legacy RPC for getting case comments. |
legacyGetCaseTasks |
GET /v1alpha/{instance}/legacySdk:legacyGetCaseTasks Legacy RPC for getting case tasks. |
legacyGetCasesByFilter |
POST /v1alpha/{instance}/legacySdk:legacyGetCasesByFilter Legacy RPC for getting cases by filter. |
legacyGetCasesByRequest |
POST /v1alpha/{instance}/legacySdk:legacyGetCasesByRequest Legacy RPC for get cases by request. |
legacyGetCasesFilter |
GET /v1alpha/{instance}/legacySdk:legacyGetCasesFilter Legacy RPC for get cases filter. |
legacyGetCasesIdByFilter |
POST /v1alpha/{instance}/legacySdk:legacyGetCasesIdByFilter Legacy RPC for getting cases id by filter. |
legacyGetConnectorParameters |
GET /v1alpha/{instance}/legacySdk:legacyGetConnectorParameters Legacy RPC for getting connector parameters. |
legacyGetContextProperty |
POST /v1alpha/{instance}/legacySdk:legacyGetContextProperty Legacy RPC for getting context property. |
legacyGetCurrentSiemplifyVersion |
GET /v1alpha/{instance}/legacySdk:legacyGetCurrentSiemplifyVersion Legacy RPC for getting current siemplify version. |
legacyGetCustomListCategories |
GET /v1alpha/{instance}/legacySdk:legacyGetCustomListCategories Legacy RPC for getting custom list categories. |
legacyGetFailedActions |
GET /v1alpha/{instance}/legacySdk:legacyGetFailedActions Legacy RPC for getting failed actions. |
legacyGetFailedConnectors |
POST /v1alpha/{instance}/legacySdk:legacyGetFailedConnectors Legacy RPC for getting failed connectors. |
legacyGetFailedETLOperations |
GET /v1alpha/{instance}/legacySdk:legacyGetFailedETLOperations Legacy RPC for getting failed ETL operations. |
legacyGetFailedJobs |
GET /v1alpha/{instance}/legacySdk:legacyGetFailedJobs Legacy RPC for getting failed jobs. |
legacyGetIntegrationVersion |
GET /v1alpha/{instance}/legacySdk:legacyGetIntegrationVersion Legacy RPC for getting integration version. |
legacyGetProxySettings |
GET /v1alpha/{instance}/legacySdk:legacyGetProxySettings Legacy RPC for getting proxy settings. |
legacyGetPublisherById |
GET /v1alpha/{instance}/legacySdk:legacyGetPublisherById Legacy RPC for getting publisher by ID. |
legacyGetRemoteConnectorsKeysMap |
GET /v1alpha/{instance}/legacySdk:legacyGetRemoteConnectorsKeysMap Legacy RPC for getting remote connectors keys map. |
legacyGetSimilarCasesIds |
POST /v1alpha/{instance}/legacySdk:legacyGetSimilarCasesIds Legacy RPC for getting similar cases ids. |
legacyGetSyncAlerts |
POST /v1alpha/{instance}/legacySdk:legacyGetSyncAlerts Legacy RPC for getting sync alerts. |
legacyGetSyncCases |
POST /v1alpha/{instance}/legacySdk:legacyGetSyncCases Legacy RPC for getting sync cases. |
legacyGetTicketIdsForAlertsDismissedSinceTimestamp |
POST /v1alpha/{instance}/legacySdk:legacyGetTicketIdsForAlertsDismissedSinceTimestamp Legacy RPC for getting ticket ids for alerts dismissed since timestamp. |
legacyGetUpdatedSyncAlertsMetadata |
POST /v1alpha/{instance}/legacySdk:legacyGetUpdatedSyncAlertsMetadata Legacy RPC for getting updated sync alerts metadata. |
legacyGetUpdatedSyncCasesMetadata |
POST /v1alpha/{instance}/legacySdk:legacyGetUpdatedSyncCasesMetadata Legacy RPC for getting updated sync cases metadata. |
legacyGetUserFullName |
GET /v1alpha/{instance}/legacySdk:legacyGetUserFullName Legacy RPC for getting user full name. |
legacyIntegrationConfiguration |
GET /v1alpha/{instance}/legacySdk:legacyIntegrationConfiguration Legacy RPC for getting integration configuration. |
legacyKeepAlive |
GET /v1alpha/{instance}/legacySdk:legacyKeepAlive Legacy RPC for keeping the SDK alive. |
legacyMarkAsImportant |
POST /v1alpha/{instance}/legacySdk:legacyMarkAsImportant Legacy RPC for mark as important. |
legacyOpenCases |
GET /v1alpha/{instance}/legacySdk:legacyOpenCases Legacy RPC for getting a LegacySdk. |
legacyRaiseIncident |
POST /v1alpha/{instance}/legacySdk:legacyRaiseIncident Legacy RPC for raise incident. |
legacyRemoveEntitiesFromCustomList |
POST /v1alpha/{instance}/legacySdk:legacyRemoveEntitiesFromCustomList Legacy RPC for remove entities from custom list. |
legacySendEmailWithAttachment |
POST /v1alpha/{instance}/legacySdk:legacySendEmailWithAttachment Legacy RPC for send email with attachment. |
legacySendSystemNotification |
POST /v1alpha/{instance}/legacySdk:legacySendSystemNotification Legacy RPC for sending system notification. |
legacySetAlertSla |
POST /v1alpha/{instance}/legacySdk:legacySetAlertSla Legacy RPC for setting alert sla. |
legacySetCaseSla |
POST /v1alpha/{instance}/legacySdk:legacySetCaseSla Legacy RPC for setting case sla. |
legacySetContextProperty |
POST /v1alpha/{instance}/legacySdk:legacySetContextProperty Legacy RPC for setting context property. |
legacySystemInfo |
GET /v1alpha/{instance}/legacySdk:legacySystemInfo Legacy RPC for getting system info. |
legacyTrySetContextProperty |
POST /v1alpha/{instance}/legacySdk:legacyTrySetContextProperty Legacy RPC for setting context property. |
legacyUnraiseIncident |
POST /v1alpha/{instance}/legacySdk:legacyUnraiseIncident Legacy RPC for unraising incident. |
legacyUpdateAlertPriority |
POST /v1alpha/{instance}/legacySdk:legacyUpdateAlertPriority Legacy RPC for update alert priority. |
legacyUpdateAlertsAdditional |
POST /v1alpha/{instance}/legacySdk:legacyUpdateAlertsAdditional Legacy RPC for update alerts additional data. |
legacyUpdateBatchCasesExternalCaseIds |
POST /v1alpha/{instance}/legacySdk:legacyUpdateBatchCasesExternalCaseIds Legacy RPC for update batch cases external case ids. |
legacyUpdateCaseScore |
PATCH /v1alpha/{instance}/legacySdk:legacyUpdateCaseScore Legacy RPC for updating case score. |
legacyUpdateConfigurationProperty |
PUT /v1alpha/{instance}/legacySdk:legacyUpdateConfigurationProperty Legacy RPC for update configuration property. |
legacyUpdateConnectorParameter |
PUT /v1alpha/{instance}/legacySdk:legacyUpdateConnectorParameter Legacy RPC for update connector parameter. |
legacyUpdateEntities |
POST /v1alpha/{instance}/legacySdk:legacyUpdateEntities Legacy RPC for updating entities. |
legacyUpdateNewAlertsSyncStatus |
POST /v1alpha/{instance}/legacySdk:legacyUpdateNewAlertsSyncStatus Legacy RPC for updating the sync status of new alerts. |
REST Resource: v1alpha.projects.locations.instances.legacySoarAudit
Methods | |
---|---|
legacyExportAuditLastWeekAsCsvV2 |
POST /v1alpha/{instance}/legacySoarAudit:legacyExportAuditLastWeekAsCsvV2 Exports the audit data for the last week as a CSV file. |
legacyGetAuditDataV2 |
POST /v1alpha/{instance}/legacySoarAudit:legacyGetAuditDataV2 Gets the audit data. |
REST Resource: v1alpha.projects.locations.instances.legacySoarDashboard
Methods | |
---|---|
legacyAddOrUpdateDashboard |
POST /v1alpha/{instance}/legacySoarDashboard:legacyAddOrUpdateDashboard Adds a new dashboard or updates an existing one (determined by dashboard identifier). |
legacyAddOrUpdateDashboardWidget |
POST /v1alpha/{instance}/legacySoarDashboard:legacyAddOrUpdateDashboardWidget Adds a new dashboard widget or update an existing one (determined by widget identifier). |
legacyDeleteDashboard |
POST /v1alpha/{instance}/legacySoarDashboard:legacyDeleteDashboard Deletes a dashboard. |
legacyDeleteDashboardWidget |
POST /v1alpha/{instance}/legacySoarDashboard:legacyDeleteDashboardWidget Deletes a dashboard widget. |
legacyGetCasesTimeToRespond |
GET /v1alpha/{instance}/legacySoarDashboard:legacyGetCasesTimeToRespond Returns the time to respond for cases in the dashboard. |
legacyGetDashboard |
POST /v1alpha/{name}/legacySoarDashboard:legacyGetDashboard Returns a dashboard by id. |
legacyGetDashboardCards |
GET /v1alpha/{instance}/legacySoarDashboard:legacyGetDashboardCards Returns the cards of a dashboard. |
legacyGetDashboardCustomWidgetCaseIds |
POST /v1alpha/{instance}/legacySoarDashboard:legacyGetDashboardCustomWidgetCaseIds Returns the case ids of a custom widget in a dashboard. |
legacyGetDashboardPlaybookRuns |
POST /v1alpha/{instance}/legacySoarDashboard:legacyGetDashboardPlaybookRuns Returns the playbook runs of a dashboard. |
legacyGetDashboardPlaybooks |
GET /v1alpha/{instance}/legacySoarDashboard:legacyGetDashboardPlaybooks Returns the playbooks of a dashboard. |
legacyGetDashboardWidgetCaseIds |
POST /v1alpha/{instance}/legacySoarDashboard:legacyGetDashboardWidgetCaseIds Returns the case ids of a widget in a dashboard. |
legacyGetDashboardWidgetDefinitions |
GET /v1alpha/{instance}/legacySoarDashboard:legacyGetDashboardWidgetDefinitions Returns the widget definitions of a dashboard. |
legacyGetDashboardWidgetValues |
POST /v1alpha/{instance}/legacySoarDashboard:legacyGetDashboardWidgetValues Returns the values of a widget in a dashboard. |
legacyGetOpenedAndClosedCasesTrends |
GET /v1alpha/{instance}/legacySoarDashboard:legacyGetOpenedAndClosedCasesTrends Returns the opened and closed cases trends. |
legacyGetPlaybookMonitoring |
POST /v1alpha/{instance}/legacySoarDashboard:legacyGetPlaybookMonitoring Returns the playbook monitoring data of a dashboard. |
legacyImportDashboard |
POST /v1alpha/{instance}/legacySoarDashboard:legacyImportDashboard Imports a dashboard from a file. |
legacySaveDashboardAsReportTemplate |
POST /v1alpha/{instance}/legacySoarDashboard:legacySaveDashboardAsReportTemplate Saves a dashboard as a report template. |
REST Resource: v1alpha.projects.locations.instances.legacySoarIdpMappingGroups
Methods | |
---|---|
create |
POST /v1alpha/{parent}/legacySoarIdpMappingGroups Creates a LegacySoarIdpMappingGroup. |
delete |
DELETE /v1alpha/{name} Deletes a LegacySoarIdpMappingGroup. |
get |
GET /v1alpha/{name} Gets a LegacySoarIdpMappingGroup. |
getExternalProviders |
GET /v1alpha/{name}/legacySoarIdpMappingGroups:getExternalProviders Gets the external providers for a LegacySoarIdpMappingGroup. |
list |
GET /v1alpha/{parent}/legacySoarIdpMappingGroups Lists LegacySoarIdpMappingGroups. |
patch |
PATCH /v1alpha/{legacySoarIdpMappingGroup.name} Updates a LegacySoarIdpMappingGroup. |
updateDefaultAccessSettings |
POST /v1alpha/{name}/legacySoarIdpMappingGroups:updateDefaultAccessSettings Patches the external providers for a LegacySoarIdpMappingGroup. |
REST Resource: v1alpha.projects.locations.instances.legacySoarSettings
Methods | |
---|---|
legacyAddVisualSummaryRecords |
POST /v1alpha/{instance}/legacySoarSettings:legacyAddVisualSummaryRecords AddVisualSummaryRecords adds visual summary records to the environment. |
legacyGetAllPlaybookActionDefinitions |
GET /v1alpha/{instance}/legacySoarSettings:legacyGetAllPlaybookActionDefinitions LegacyGetAllPlaybookActionDefinitions returns all playbook action definitions. |
legacyGetCaseAlertPlaybookTriggerFilterValues |
GET /v1alpha/{instance}/legacySoarSettings:legacyGetCaseAlertPlaybookTriggerFilterValues LegacyGetCaseAlertPlaybookTriggerFilterValues returns the case alert playbook trigger filter values. |
legacyGetCaseAlertTypeFilterValues |
GET /v1alpha/{instance}/legacySoarSettings:legacyGetCaseAlertTypeFilterValues LegacyGetCaseAlertTypeFilterValues returns the case alert type filter values. |
legacyGetCustomActionDetailsById |
GET /v1alpha/{instance}/legacySoarSettings:legacyGetCustomActionDetailsById LegacyGetCustomActionDetailsById returns the custom action details by id. |
legacyGetDataSourcesForGroupingRule |
POST /v1alpha/{instance}/legacySoarSettings:legacyGetDataSourcesForGroupingRule LegacyGetDataSourcesForGroupingRule returns the data sources for grouping rule. |
legacyGetEnvironmentActionDefinitions |
POST /v1alpha/{instance}/legacySoarSettings:legacyGetEnvironmentActionDefinitions LegacyGetEnvironmentActionDefinitions returns the environment action definitions. |
legacyGetEnvironmentStatistics |
POST /v1alpha/{instance}/legacySoarSettings:legacyGetEnvironmentStatistics LegacyGetEnvironmentStatistics returns the environment statistics. |
legacyGetPlaybookActionDefinitions |
POST /v1alpha/{instance}/legacySoarSettings:legacyGetPlaybookActionDefinitions LegacyGetPlaybookActionDefinitions returns the playbook action definitions. |
legacyGetProductsForGroupingRule |
POST /v1alpha/{instance}/legacySoarSettings:legacyGetProductsForGroupingRule LegacyGetProductsForGroupingRule returns the products for grouping rule. |
legacyGetSystemEventEntityTypes |
GET /v1alpha/{instance}/legacySoarSettings:legacyGetSystemEventEntityTypes LegacyGetSystemEventEntityTypes returns the system event entity types. |
legacyGetTimeZones |
GET /v1alpha/{instance}/legacySoarSettings:legacyGetTimeZones LegacyGetTimeZones returns the time zones. |
legacyGetUserRegistrationSettings |
GET /v1alpha/{instance}/legacySoarSettings:legacyGetUserRegistrationSettings LegacyGetUserRegistrationSettings returns the user registration settings. |
legacyGetVisualSummaryRecords |
GET /v1alpha/{instance}/legacySoarSettings:legacyGetVisualSummaryRecords LegacyGetVisualSummaryRecords returns the visual summary records. |
legacyIsPermittedToEnvironment |
GET /v1alpha/{instance}/legacySoarSettings:legacyIsPermittedToEnvironment LegacyIsPermittedToEnvironment checks if the user is permitted to the environment. |
legacyTestEmailSettings |
POST /v1alpha/{instance}/legacySoarSettings:legacyTestEmailSettings LegacyTestEmailSettings tests the email settings. |
legacyUploadCustomActionResultJson |
POST /v1alpha/{instance}/legacySoarSettings:legacyUploadCustomActionResultJson LegacyUploadCustomActionResultJson uploads the custom action result json. |
REST Resource: v1alpha.projects.locations.instances.legacySoarUsers
Methods | |
---|---|
delete |
DELETE /v1alpha/{name} Delete a LegacySoarUser. |
get |
GET /v1alpha/{name} Get a LegacySoarUser. |
getLocalization |
GET /v1alpha/{name} Get a user Localization. |
getNotificationSettings |
GET /v1alpha/{name} Gets the notification settings for a user. |
list |
GET /v1alpha/{parent}/legacySoarUsers Lists LegacySoarUsers. |
updateLocalization |
PATCH /v1alpha/{userLocalization.name} Update a user localization. |
updateNotificationSettings |
PATCH /v1alpha/{notificationSettings.name} Updates the notification settings for a user. |
REST Resource: v1alpha.projects.locations.instances.legacySoarUsers.attachments
Methods | |
---|---|
delete |
DELETE /v1alpha/{name} Delete an Attachment. |
download |
GET /v1alpha/{name}:download Export an Attachment. |
get |
GET /v1alpha/{name} Get an Attachment. |
list |
GET /v1alpha/{parent}/attachments List Attachments. |
upload |
POST /v1alpha/{parent}/attachments:create POST /upload/v1alpha/{parent}/attachments:create Create an Attachment. |
REST Resource: v1alpha.projects.locations.instances.legacySoarUsers.userNotifications
Methods | |
---|---|
count |
GET /v1alpha/{parent}/userNotifications:count Counts UserNotifications for a given user. |
get |
GET /v1alpha/{name} Get a User UserNotification. |
list |
GET /v1alpha/{parent}/userNotifications Lists User Notifications. |
markAsRead |
POST /v1alpha/{parent}/userNotifications:markAsRead Marks UserNotification as read. |
REST Resource: v1alpha.projects.locations.instances.legacySoarUsers.workdeskContacts
Methods | |
---|---|
create |
POST /v1alpha/{parent}/workdeskContacts Create a WorkdeskContact. |
delete |
DELETE /v1alpha/{name} Delete a WorkdeskContact. |
get |
GET /v1alpha/{name} Get a SOAR WorkdeskContact. |
list |
GET /v1alpha/{parent}/workdeskContacts Lists SOAR workdeskContacts. |
patch |
PATCH /v1alpha/{workdeskContact.name} Update a WorkdeskContact. |
REST Resource: v1alpha.projects.locations.instances.legacySoarUsers.workdeskLinks
Methods | |
---|---|
create |
POST /v1alpha/{parent}/workdeskLinks Create a WorkdeskLink. |
delete |
DELETE /v1alpha/{name} Delete a WorkdeskLink. |
get |
GET /v1alpha/{name} Get a WorkdeskLink. |
list |
GET /v1alpha/{parent}/workdeskLinks List page of WorkdeskLinks. |
patch |
PATCH /v1alpha/{workdeskLink.name} Update a WorkdeskLink. |
REST Resource: v1alpha.projects.locations.instances.legacySoarUsers.workdeskNotes
Methods | |
---|---|
create |
POST /v1alpha/{parent}/workdeskNotes Create a WorkdeskNote. |
delete |
DELETE /v1alpha/{name} Delete a WorkdeskNote. |
get |
GET /v1alpha/{name} Get a SOAR WorkdeskNote. |
list |
GET /v1alpha/{parent}/workdeskNotes Lists SOAR WorkdeskNotes. |
patch |
PATCH /v1alpha/{workdeskNote.name} Update a WorkdeskNote. |
REST Resource: v1alpha.projects.locations.instances.legacySystem
Methods | |
---|---|
legacyGetLicenseStatus |
GET /v1alpha/{instance}/legacySystem:legacyGetLicenseStatus Legacy endpoint for getting the license status. |
legacyGetMaximumDataRetentionValue |
GET /v1alpha/{instance}/legacySystem:legacyGetMaximumDataRetentionValue Legacy endpoint for getting the maximum data retention value. |
legacyGetSystemVersion |
GET /v1alpha/{instance}/legacySystem:legacyGetSystemVersion Legacy endpoint for getting the system version. |
REST Resource: v1alpha.projects.locations.instances.legacySystemMetadata
Methods | |
---|---|
placeholders |
GET /v1alpha/{instance}/legacySystemMetadata:placeholders Legacy Get Placeholder Names. |
REST Resource: v1alpha.projects.locations.instances.logTypes
Methods | |
---|---|
create |
POST /v1alpha/{parent}/logTypes Create LogType. |
generateEventTypesSuggestions |
POST /v1alpha/{logtype}:generateEventTypesSuggestions GenerateEventTypesSuggestions generates event types suggestions that can be mapped by a lowcode parser. |
getLogTypeSetting |
GET /v1alpha/{name} Gets a LogTypeSetting. |
legacySubmitParserExtension |
POST /v1alpha/{parent}:legacySubmitParserExtension LegacySubmitParserExtension creates validates and then makes the extension live. |
list |
GET /v1alpha/{parent}/logTypes Lists all LogTypes. |
runParser |
POST /v1alpha/{logtype}:runParser RunParser runs the parser against a log and returns normalized events or any error that occurred during the normalization. |
updateLogTypeSetting |
PATCH /v1alpha/{logTypeSetting.name} UpdateLogTypeSetting updates the log type setting for a log type. |
REST Resource: v1alpha.projects.locations.instances.logTypes.logTypeSettings
Methods | |
---|---|
list |
GET /v1alpha/{parent}/logTypeSettings Lists all LogTypeSettings. |
REST Resource: v1alpha.projects.locations.instances.logTypes.logs
Methods | |
---|---|
import |
POST /v1alpha/{parent}/logs:import Import log telemetry. |
list |
GET /v1alpha/{parent}/logs Lists all Logs. |
REST Resource: v1alpha.projects.locations.instances.logTypes.parserExtensions
Methods | |
---|---|
activate |
POST /v1alpha/{name}:activate ActivateParserExtension switches the customer to use requested parser extension, This will set the extension state to ACTIVE. |
create |
POST /v1alpha/{parent}/parserExtensions Create a parser extension. |
delete |
DELETE /v1alpha/{name} Delete a parser extension. |
get |
GET /v1alpha/{name} Get a parser extension. |
list |
GET /v1alpha/{parent}/parserExtensions List all parser extensions. |
REST Resource: v1alpha.projects.locations.instances.logTypes.parserExtensions.extensionValidationReports
Methods | |
---|---|
get |
GET /v1alpha/{name} Get a parser vaildation report. |
list |
GET /v1alpha/{parent}/extensionValidationReports List all parser validation reports for a parser extension. |
REST Resource: v1alpha.projects.locations.instances.logTypes.parserExtensions.extensionValidationReports.validationErrors
Methods | |
---|---|
list |
GET /v1alpha/{parent}/validationErrors List validation errors of a parser extension validation report. |
REST Resource: v1alpha.projects.locations.instances.logTypes.parserExtensions.validationReports
Methods | |
---|---|
get |
GET /v1alpha/{name} Get a validation report. |
REST Resource: v1alpha.projects.locations.instances.logTypes.parserExtensions.validationReports.parsingErrors
Methods | |
---|---|
list |
GET /v1alpha/{parent}/parsingErrors List parsing errors of a validation report. |
REST Resource: v1alpha.projects.locations.instances.logTypes.parsers
Methods | |
---|---|
activate |
POST /v1alpha/{name}:activate ActivateParser switches the customer to use requested parser, This will set the Parser state to ACTIVE. |
activateReleaseCandidateParser |
POST /v1alpha/{name}:activateReleaseCandidateParser ActivateReleaseCandidateParser makes the release candidate parser live for that customer. |
copy |
POST /v1alpha/{name}:copy CopyPrebuiltParser makes a copy of a prebuilt parser. |
create |
POST /v1alpha/{parent}/parsers Create a parser. |
deactivate |
POST /v1alpha/{name}:deactivate DeactivateParser deactivates the requested parser, and activates the prebuilt release parser. |
delete |
DELETE /v1alpha/{name} Delete a parser. |
get |
GET /v1alpha/{name} Get a parser. |
list |
GET /v1alpha/{parent}/parsers List all parsers. |
REST Resource: v1alpha.projects.locations.instances.logTypes.parsers.validationReports
Methods | |
---|---|
get |
GET /v1alpha/{name} Get a validation report. |
REST Resource: v1alpha.projects.locations.instances.logTypes.parsers.validationReports.parsingErrors
Methods | |
---|---|
list |
GET /v1alpha/{parent}/parsingErrors List parsing errors of a validation report. |
REST Resource: v1alpha.projects.locations.instances.logs
Methods | |
---|---|
classify |
POST /v1alpha/{parent}/logs:classify Classify the logs to the corresponding logType. |
REST Resource: v1alpha.projects.locations.instances.marketplaceIntegrations
Methods | |
---|---|
fetchCommercialDiff |
GET /v1alpha/{name}:fetchCommercialDiff Fetches the diff between the commercial and the marketplace integration. |
get |
GET /v1alpha/{name} Gets a MarketplaceIntegration. |
install |
POST /v1alpha/{parent}:install Installs a MarketplaceIntegration. |
list |
GET /v1alpha/{parent}/marketplaceIntegrations Lists MarketplaceIntegrations. |
uninstall |
POST /v1alpha/{name}:uninstall Uninstalls a MarketplaceIntegration. |
REST Resource: v1alpha.projects.locations.instances.moduleSettings
Methods | |
---|---|
get |
GET /v1alpha/{name} Get a ModuleSettings. |
list |
GET /v1alpha/{parent}/moduleSettings List ModuleSettings. |
rebrandingSettings |
GET /v1alpha/{parent}/moduleSettings:rebrandingSettings The method returns the rebranding settings. |
REST Resource: v1alpha.projects.locations.instances.moduleSettings.properties
Methods | |
---|---|
batchUpdate |
POST /v1alpha/{parent}/properties:batchUpdate Batch update ModuleSettingsProperties. |
get |
GET /v1alpha/{name} Get a ModuleSettingsProperty. |
list |
GET /v1alpha/{parent}/properties List ModuleSettingsProperties. |
patch |
PATCH /v1alpha/{moduleSettingsProperty.name} Update a ModuleSettingsProperty. |
testSettings |
POST /v1alpha/{parent}/properties:testSettings The method tests the configured module settings, and by this ensures that all settings of the module were configured properly. |
REST Resource: v1alpha.projects.locations.instances.nativeDashboards
Methods | |
---|---|
addChart |
POST /v1alpha/{name}:addChart Add chart in a dashboard. |
create |
POST /v1alpha/{parent}/nativeDashboards Create a dashboard. |
delete |
DELETE /v1alpha/{name} Delete a dashboard. |
duplicate |
POST /v1alpha/{name}:duplicate Duplicate a dashboard. |
duplicateChart |
POST /v1alpha/{name}:duplicateChart Duplicate chart in a dashboard. |
editChart |
POST /v1alpha/{name}:editChart Edit chart in a dashboard. |
export |
POST /v1alpha/{parent}/nativeDashboards:export Exports the dashboards. |
get |
GET /v1alpha/{name} Get a dashboard. |
import |
POST /v1alpha/{parent}/nativeDashboards:import Imports the dashboards. |
list |
GET /v1alpha/{parent}/nativeDashboards List all dashboards. |
patch |
PATCH /v1alpha/{nativeDashboard.name} Update a dashboard. |
removeChart |
POST /v1alpha/{name}:removeChart Remove chart from a dashboard. |
REST Resource: v1alpha.projects.locations.instances.notebooks
Methods | |
---|---|
get |
GET /v1alpha/{name} GetNotebook is used to retrieve an notebook. |
list |
GET /v1alpha/{parent}/notebooks ListNotebooks is used to retrieve existing notebooks for a given instance. |
REST Resource: v1alpha.projects.locations.instances.ontologyRecords
Methods | |
---|---|
delete |
DELETE /v1alpha/{name} Delete an ontology record. |
export |
POST /v1alpha/{parent}/ontologyRecords:export Export ontology records. |
get |
GET /v1alpha/{name} Get specific ontology record. |
import |
POST /v1alpha/{parent}/ontologyRecords:import Import ontology records. |
list |
GET /v1alpha/{parent}/ontologyRecords List all ontology records. |
patch |
PATCH /v1alpha/{ontologyRecord.name} Update an ontology record. |
statistics |
GET /v1alpha/{parent}/ontologyRecords:statistics Get ontology records statistics. |
REST Resource: v1alpha.projects.locations.instances.ontologyRecords.mappingRules
Methods | |
---|---|
delete |
DELETE /v1alpha/{name} Delete a MappingRule. |
fetchAll |
GET /v1alpha/{parent}/mappingRules:fetchAll Fetch all mapping rules, existing and candidates. |
get |
GET /v1alpha/{name} Get a MappingRule. |
list |
GET /v1alpha/{parent}/mappingRules Lists MappingRules. |
patch |
PATCH /v1alpha/{mappingRule.name} Update a MappingRule. |
save |
POST /v1alpha/{parent}/mappingRules:save Save a mapping rule. |
test |
POST /v1alpha/{name}:test Test a MappingRule. |
REST Resource: v1alpha.projects.locations.instances.ontologyRecords.visualFamilies
Methods | |
---|---|
create |
POST /v1alpha/{parent}/visualFamilies Creates a new VisualFamily. |
delete |
DELETE /v1alpha/{name} Deletes a VisualFamily. |
export |
POST /v1alpha/{parent}/visualFamilies:export Exports VisualFamilies. |
get |
GET /v1alpha/{name} Gets a VisualFamily. |
import |
POST /v1alpha/{parent}/visualFamilies:import Imports VisualFamilies. |
list |
GET /v1alpha/{parent}/visualFamilies Lists VisualFamilies in a given ontology record. |
patch |
PATCH /v1alpha/{visualFamily.name} Updates a VisualFamily. |
REST Resource: v1alpha.projects.locations.instances.operations
Methods | |
---|---|
cancel |
POST /v1alpha/{name}:cancel Starts asynchronous cancellation on a long-running operation. |
delete |
DELETE /v1alpha/{name} Deletes a long-running operation. |
get |
GET /v1alpha/{name} Gets the latest state of a long-running operation. |
list |
GET /v1alpha/{name}/operations Lists operations that match the specified filter in the request. |
streamSearch |
GET /v1alpha/{name}:streamSearch Streams the results of an in-progress search operation, or returns the final results of a completed operation. |
REST Resource: v1alpha.projects.locations.instances.propertySchemaDefinitions
Methods | |
---|---|
create |
POST /v1alpha/{parent}/propertySchemaDefinitions Create a PropertySchemaDefinition. |
delete |
DELETE /v1alpha/{name} Delete a PropertySchemaDefinition. |
get |
GET /v1alpha/{name} Get a PropertySchemaDefinition. |
list |
GET /v1alpha/{parent}/propertySchemaDefinitions Lists PropertySchemaDefinitions. |
patch |
PATCH /v1alpha/{propertySchemaDefinition.name} Update a PropertySchemaDefinition. |
REST Resource: v1alpha.projects.locations.instances.referenceLists
Methods | |
---|---|
create |
POST /v1alpha/{parent}/referenceLists Creates a new reference list. |
get |
GET /v1alpha/{name} Gets a single reference list. |
list |
GET /v1alpha/{parent}/referenceLists Lists a collection of reference lists. |
patch |
PATCH /v1alpha/{referenceList.name} Updates an existing reference list. |
REST Resource: v1alpha.projects.locations.instances.remoteAgents
Methods | |
---|---|
connectorValidRemoteAgents |
GET /v1alpha/{parent}/remoteAgents:connectorValidRemoteAgents Returns a list of all remote agents, including their availability state with respect to this specific connector. |
create |
POST /v1alpha/{parent}/remoteAgents Creates a SOAR remote agent. |
delete |
DELETE /v1alpha/{name} Deletes a SOAR remote agent. |
fetchEditableRemoteAgents |
GET /v1alpha/{parent}/remoteAgents:fetchEditableRemoteAgents Returns a list of all the remote agents that the user can edit. |
fetchInstallationCommand |
GET /v1alpha/{name}:fetchInstallationCommand Fetches the installation command of the remote agent. |
fetchInstallerFile |
GET /v1alpha/{name}:fetchInstallerFile Returns the installer file of the remote agent. |
fetchRedeployStatus |
GET /v1alpha/{name}:fetchRedeployStatus Returns the redeploy status of the integrations in the remote agent. |
fetchRemoteAgentsCompatibleWithJobs |
GET /v1alpha/{parent}/remoteAgents:fetchRemoteAgentsCompatibleWithJobs Return a list of all the remote agents with availability status for jobs on specific integration. |
fetchRemoteAgentsInformation |
POST /v1alpha/{parent}/remoteAgents:fetchRemoteAgentsInformation Returns a list of all remote agents, including their advanced information. |
get |
GET /v1alpha/{name} Gets a SOAR remote agent. |
list |
GET /v1alpha/{parent}/remoteAgents Lists SOAR remote agents. |
migrateConnectors |
POST /v1alpha/{name}:migrateConnectors Migrates legacy connector from remote to local scheduling. |
patch |
PATCH /v1alpha/{remoteAgent.name} Updates an existing remote agent. |
redeployRemoteAgent |
POST /v1alpha/{parent}/remoteAgents:redeployRemoteAgent Redeploys remote agent from an already existing remote agent. |
sendRemoteAgentInstaller |
POST /v1alpha/{name}:sendRemoteAgentInstaller Sends the remote agent installer to the recipients. |
upgradeRemoteAgent |
POST /v1alpha/{name}:upgradeRemoteAgent Upgrades remote agent to the latest version. |
REST Resource: v1alpha.projects.locations.instances.requestTemplates
Methods | |
---|---|
create |
POST /v1alpha/{parent}/requestTemplates Creates a RequestTemplate. |
delete |
DELETE /v1alpha/{name} Deletes a RequestTemplate. |
get |
GET /v1alpha/{name} Gets a RequestTemplate. |
list |
GET /v1alpha/{parent}/requestTemplates Lists RequestTemplates. |
patch |
PATCH /v1alpha/{requestTemplate.name} Updates a RequestTemplate. |
REST Resource: v1alpha.projects.locations.instances.ruleExecutionErrors
Methods | |
---|---|
list |
GET /v1alpha/{parent}/ruleExecutionErrors Lists rule execution errors. |
REST Resource: v1alpha.projects.locations.instances.rules
Methods | |
---|---|
create |
POST /v1alpha/{parent}/rules Creates a new Rule. |
delete |
DELETE /v1alpha/{name} Deletes a Rule. |
get |
GET /v1alpha/{name} Gets a Rule. |
getDeployment |
GET /v1alpha/{name} Gets a RuleDeployment. |
list |
GET /v1alpha/{parent}/rules Lists Rules. |
listRevisions |
GET /v1alpha/{name}:listRevisions Lists all revisions of the rule. |
patch |
PATCH /v1alpha/{rule.name} Updates a Rule. |
updateDeployment |
PATCH /v1alpha/{ruleDeployment.name} Updates a RuleDeployment. |
REST Resource: v1alpha.projects.locations.instances.rules.deployments
Methods | |
---|---|
list |
GET /v1alpha/{parent}/deployments Lists RuleDeployments across all Rules. |
REST Resource: v1alpha.projects.locations.instances.rules.retrohunts
Methods | |
---|---|
create |
POST /v1alpha/{parent}/retrohunts Create a Retrohunt. |
get |
GET /v1alpha/{name} Get a Retrohunt. |
list |
GET /v1alpha/{parent}/retrohunts List Retrohunts. |
REST Resource: v1alpha.projects.locations.instances.slaDefinitions
Methods | |
---|---|
create |
POST /v1alpha/{parent}/slaDefinitions Creates a SlaDefinition. |
delete |
DELETE /v1alpha/{name} Deletes a SlaDefinition. |
export |
GET /v1alpha/{parent}/slaDefinitions:export Exports a SlaDefinitions. |
get |
GET /v1alpha/{name} Gets a SlaDefinition. |
import |
POST /v1alpha/{parent}/slaDefinitions:import Imports a SlaDefinitions. |
list |
GET /v1alpha/{parent}/slaDefinitions Lists a SlaDefinitions. |
patch |
PATCH /v1alpha/{slaDefinition.name} Updates a SlaDefinition. |
REST Resource: v1alpha.projects.locations.instances.soarDomains
Methods | |
---|---|
create |
POST /v1alpha/{parent}/soarDomains Create a SoarDomain. |
delete |
DELETE /v1alpha/{name} Delete a SoarDomain. |
export |
GET /v1alpha/{parent}/soarDomains:export Export SoarDomains. |
get |
GET /v1alpha/{name} Get a SoarDomain. |
import |
POST /v1alpha/{parent}/soarDomains:import Import SoarDomains. |
list |
GET /v1alpha/{parent}/soarDomains Lists soar domains. |
patch |
PATCH /v1alpha/{soarDomain.name} Update a SoarDomain. |
REST Resource: v1alpha.projects.locations.instances.soarNetworks
Methods | |
---|---|
create |
POST /v1alpha/{parent}/soarNetworks Create a SoarNetwork. |
delete |
DELETE /v1alpha/{name} Delete a SoarNetwork. |
deleteAll |
DELETE /v1alpha/{parent}/soarNetworks:all Delete a SoarNetwork. |
export |
GET /v1alpha/{parent}/soarNetworks:export Export SoarNetworks. |
get |
GET /v1alpha/{name} Get a SoarNetwork. |
import |
POST /v1alpha/{parent}/soarNetworks:import Import SoarNetworks. |
list |
GET /v1alpha/{parent}/soarNetworks Lists SOAR SoarNetworks. |
patch |
PATCH /v1alpha/{soarNetwork.name} Update a SoarNetwork. |
REST Resource: v1alpha.projects.locations.instances.socRoles
Methods | |
---|---|
create |
POST /v1alpha/{parent}/socRoles Creates a SocRole. |
delete |
DELETE /v1alpha/{name} Deletes a SocRole. |
get |
GET /v1alpha/{name} Gets a SocRole. |
list |
GET /v1alpha/{parent}/socRoles Lists SocRoles. |
patch |
PATCH /v1alpha/{socRole.name} Updates a SocRole. |
REST Resource: v1alpha.projects.locations.instances.tasks
Methods | |
---|---|
create |
POST /v1alpha/{parent}/tasks Create a Task. |
delete |
DELETE /v1alpha/{name} Delete a Task. |
get |
GET /v1alpha/{name} Get a Task. |
list |
GET /v1alpha/{parent}/tasks Lists soar tasks. |
patch |
PATCH /v1alpha/{task.name} Update a Task. |
REST Resource: v1alpha.projects.locations.instances.threatCollections
Methods | |
---|---|
fetchIocMatchMetadata |
GET /v1alpha/{parent}/threatCollections:fetchIocMatchMetadata Gets a batch (list) of ioc match metadata for a list of threat collections. |
get |
GET /v1alpha/{name} Gets a threat collection by resource name. |
list |
GET /v1alpha/{parent}/threatCollections Lists threat collections, which contain reports and tracked threat campaigns from Google Threat Intelligence. |
REST Resource: v1alpha.projects.locations.instances.uniqueEntities
Methods | |
---|---|
addNote |
POST /v1alpha/{parent}/uniqueEntities:addNote Adds a note to a UniqueEntity. |
download |
GET /v1alpha/{name}/uniqueEntities:generateReport Downloads a unique entity report. |
fetchFull |
POST /v1alpha/{parent}/uniqueEntities:fetchFull Fetches a full UniqueEntity. |
get |
GET /v1alpha/{name} Get a UniqueEntity. |
list |
GET /v1alpha/{parent}/uniqueEntities Lists UniqueEntities. |
patch |
PATCH /v1alpha/{uniqueEntity.name} Update a UniqueEntity. |
REST Resource: v1alpha.projects.locations.instances.users
Methods | |
---|---|
clearConversationHistory |
POST /v1alpha/{name}:clearConversationHistory ClearConversationHistory deletes all the user's data (messages and conversations) except of feedbacks. |
getPreferenceSet |
GET /v1alpha/{name} Endpoint for getting a user's PreferenceSet |
updatePreferenceSet |
PATCH /v1alpha/{preferenceSet.name} Endpoint for updating user data saved query |
REST Resource: v1alpha.projects.locations.instances.users.conversations
Methods | |
---|---|
create |
POST /v1alpha/{parent}/conversations CreateConversation is used to create a new conversation. |
delete |
DELETE /v1alpha/{name} DeleteConversation is used to delete a conversation. |
get |
GET /v1alpha/{name} GetConversation is used to retrieve an existing conversation. |
list |
GET /v1alpha/{parent}/conversations ListConversations is used to retrieve existing conversations. |
patch |
PATCH /v1alpha/{conversation.name} UpdateConversation is used to update an existing conversation. |
REST Resource: v1alpha.projects.locations.instances.users.conversations.messages
Methods | |
---|---|
create |
POST /v1alpha/{parent}/messages CreateMessage is used to create a new message in a conversation. |
delete |
DELETE /v1alpha/{name} DeleteMessage is used to delete a message. |
get |
GET /v1alpha/{name} GetMessage is used to retrieve a message. |
list |
GET /v1alpha/{parent}/messages ListMessages is used to retrieve existing messages for a conversation. |
patch |
PATCH /v1alpha/{message.name} UpdateMessage is used to update an existing message. |
REST Resource: v1alpha.projects.locations.instances.users.searchQueries
Methods | |
---|---|
create |
POST /v1alpha/{parent}/searchQueries Endpoint for adding a new entry to the specified collection of user data |
delete |
DELETE /v1alpha/{name} Endpoint for deleting a user data saved query entry |
get |
GET /v1alpha/{name} Endpoint for getting a user's Saved query entry |
list |
GET /v1alpha/{parent}/searchQueries Endpoint for listing the user data saved queries owned by the specified user |
patch |
PATCH /v1alpha/{searchQuery.name} Endpoint for updating user data saved query |
REST Resource: v1alpha.projects.locations.instances.watchlists
Methods | |
---|---|
create |
POST /v1alpha/{parent}/watchlists Creates a watchlist for the given instance. |
delete |
DELETE /v1alpha/{name} Deletes the watchlist for the given instance. |
get |
GET /v1alpha/{name} Gets watchlist details for the given watchlist ID. |
list |
GET /v1alpha/{parent}/watchlists Lists all watchlists for the given instance. |
listEntities |
GET /v1alpha/{parent}:listEntities Lists all entities for the given watchlist. |
patch |
PATCH /v1alpha/{watchlist.name} Updates the watchlist for the given instance. |
REST Resource: v1alpha.projects.locations.instances.watchlists.entities
Methods | |
---|---|
add |
POST /v1alpha/{parent}/entities:add Adds an entity in watchlist. |
batchAdd |
POST /v1alpha/{parent}/entities:batchAdd Adds a batch of entities under watchlist. |
batchRemove |
POST /v1alpha/{parent}/entities:batchRemove Removes entities in batch in the given watchlist. |
remove |
POST /v1alpha/{name}:remove Removes the entity in the given watchlist. |
REST Resource: v1alpha.projects.locations.instances.webhooks
Methods | |
---|---|
create |
POST /v1alpha/{parent}/webhooks Create a SOAR webhook configuration. |
delete |
DELETE /v1alpha/{name} Delete a webhook. |
exportLogs |
POST /v1alpha/{name}:exportLogs Exports logs for a given webhook. |
get |
GET /v1alpha/{name} Get a single webhook. |
getLogs |
GET /v1alpha/{name}:getLogs Get a log for a given webhook. |
getStatistics |
GET /v1alpha/{name}:getStatistics Get statistics for a given webhook. |
ingest |
POST /v1alpha/{name}:ingest Ingest data for a given webhook. |
list |
GET /v1alpha/{parent}/webhooks Lists existing SOAR webhooks. |
patch |
PATCH /v1alpha/{webhook.name} Update a webhook. |
revokeUrl |
POST /v1alpha/{name}:revokeUrl RevokeUrl revokes a previously registered webhook URL, invalidating it and preventing further access. |
REST Resource: v1.projects.locations.instances
Methods | |
---|---|
get |
GET /v1/{name} Gets a Instance. |
REST Resource: v1.projects.locations.instances.dataAccessLabels
Methods | |
---|---|
create |
POST /v1/{parent}/dataAccessLabels Creates a data access label. |
delete |
DELETE /v1/{name} Deletes a data access label. |
get |
GET /v1/{name} Gets a data access label. |
list |
GET /v1/{parent}/dataAccessLabels Lists all data access labels for the customer. |
patch |
PATCH /v1/{dataAccessLabel.name} Updates a data access label. |
REST Resource: v1.projects.locations.instances.dataAccessScopes
Methods | |
---|---|
create |
POST /v1/{parent}/dataAccessScopes Creates a data access scope. |
delete |
DELETE /v1/{name} Deletes a data access scope. |
get |
GET /v1/{name} Retrieves an existing data access scope. |
list |
GET /v1/{parent}/dataAccessScopes Lists all existing data access scopes for the customer. |
patch |
PATCH /v1/{dataAccessScope.name} Updates a data access scope. |
REST Resource: v1.projects.locations.instances.operations
Methods | |
---|---|
cancel |
POST /v1/{name}:cancel Starts asynchronous cancellation on a long-running operation. |
delete |
DELETE /v1/{name} Deletes a long-running operation. |
get |
GET /v1/{name} Gets the latest state of a long-running operation. |
list |
GET /v1/{name}/operations Lists operations that match the specified filter in the request. |
REST Resource: v1.projects.locations.instances.referenceLists
Methods | |
---|---|
create |
POST /v1/{parent}/referenceLists Creates a new reference list. |
get |
GET /v1/{name} Gets a single reference list. |
list |
GET /v1/{parent}/referenceLists Lists a collection of reference lists. |
patch |
PATCH /v1/{referenceList.name} Updates an existing reference list. |
REST Resource: v1.projects.locations.instances.rules
Methods | |
---|---|
create |
POST /v1/{parent}/rules Creates a new Rule. |
delete |
DELETE /v1/{name} Deletes a Rule. |
get |
GET /v1/{name} Gets a Rule. |
getDeployment |
GET /v1/{name} Gets a RuleDeployment. |
list |
GET /v1/{parent}/rules Lists Rules. |
listRevisions |
GET /v1/{name}:listRevisions Lists all revisions of the rule. |
patch |
PATCH /v1/{rule.name} Updates a Rule. |
updateDeployment |
PATCH /v1/{ruleDeployment.name} Updates a RuleDeployment. |
REST Resource: v1.projects.locations.instances.rules.deployments
Methods | |
---|---|
list |
GET /v1/{parent}/deployments Lists RuleDeployments across all Rules. |
REST Resource: v1.projects.locations.instances.rules.retrohunts
Methods | |
---|---|
create |
POST /v1/{parent}/retrohunts Create a Retrohunt. |
get |
GET /v1/{name} Get a Retrohunt. |
list |
GET /v1/{parent}/retrohunts List Retrohunts. |
REST Resource: v1.projects.locations.instances.watchlists
Methods | |
---|---|
create |
POST /v1/{parent}/watchlists Creates a watchlist for the given instance. |
delete |
DELETE /v1/{name} Deletes the watchlist for the given instance. |
get |
GET /v1/{name} Gets watchlist details for the given watchlist ID. |
list |
GET /v1/{parent}/watchlists Lists all watchlists for the given instance. |
patch |
PATCH /v1/{watchlist.name} Updates the watchlist for the given instance. |