Resource: Instance
A Instance represents an instantiation of the Instance product.
| JSON representation |
|---|
{
"name": string,
"state": enum ( |
| Fields | |
|---|---|
name |
Output only. The resource name of this instance. Format: projects/{project}/locations/{region}/instances/{instance} |
state |
Output only. The state of the instance. |
State
The state of the instance.
| Enums | |
|---|---|
STATE_UNSPECIFIED |
The default value. |
ACTIVE |
The instance is active. |
SOFT_DELETED |
The instance is soft-deleted. |
SOFT_DELETE_INITIATED |
The instance is in the process of being soft-deleted. |
UNDELETE_INITIATED |
The instance is in the process of being undeleted. |
Methods |
|
|---|---|
|
Validates a batch of entities that could be added into watchlist under an instance. |
|
Returns findings refinement activity for all findings refinements. |
|
Count detections across all curated rule sets. |
|
RPC to submit user feedback on content generated by AI services. |
|
ExtractSyslog extracts structured part of log from a unstructured log by running a grok regex over it. |
|
Identifies the entity type and retrieves relevant data associated with a specified indicator. |
|
Get alerts for an entity |
|
Finds all the entities associated with provided entity. |
|
Finds ingested UDM field values that match a query. |
|
GenerateCollectionAgentAuth generates an auth json file for the collection agent. |
|
GenerateSoarAuthJwt signs a jwt in order to proceed with jwt exchange based authenticate with soar. |
|
GenerateUDMKeyValueMappings generates key value mapping of a raw log. |
|
Generates a token that can be used to connect a workspace customer to a chronicle instance |
|
Gets a Instance. |
|
Gets the super and subtenants and gets the current tenant name. |
|
Queries the instance to get the Risk Configurations used for the computation of Entity Risk Score. |
|
Lists all findings refinement deployments. |
|
Gets available product sources along with their stats. |
|
Generate a report summarizing this chronicle instance. |
|
Identifies the entity type and retrieves relevant data associated with a specified indicator. |
|
Api to get events, entities, or unparsed raw logs matching the given raw log query. |
|
Parses the query and identifies the entities contained within the search query. |
|
Returns all entity data over specified time. |
|
Tests for and returns past activity for a findings refinement, including, potentially, times when the findings refinement was not yet created. |
|
Translate natural language to a UDM Search query. |
|
Translate natural language to a Yara-L rule. |
|
Performs a UDM search that returns matching events for the query. |
|
Updates RiskConfig used for the computation of Entity Risk Score. |
|
Validates UDM search query by compiling the query. |
|
VerifyReferenceList validates list content and returns line errors, if any. |
|
Verifies the given rule text. |