- HTTP request
- Path parameters
- Query parameters
- Request body
- Response body
- Authorization scopes
- IAM Permissions
- AnalyticValue
- Try it!
Full name: projects.locations.instances.analytics.entities.analyticValues.list
Lists analytic values. An analytic value refers to a data point (numeric value & interval) for a specific entity and analytic. The API returns matching AnalyticValues for the desired entity and analytic, according to the following filters:
Timestamps use RFC 3339. Read more here
- lookback_interval: Filter by the lookback interval, up to 90 days. Example:
lookback_interval.start_time greater than or equal to
"2023-08-10T14:20:59.950218416Z" AND lookback_interval.end_time less
than or equal to "2023-08-17T14:20:59.950219626Z"
aggregateFunction: Filter by the aggregate function. This represents the mathematical function used to calculate the analytic value. Some examples are MIN, AVG, and SUM.
dimensions: Filter by the dimensions. This describes which field is used as the dimension when grouping data to calculate the aggregate analytic. Some examples are PRINCIPAL_DEVICE, PRINCIPAL_FILE_HASH, and EVENT_TYPE.
eventType: Filter by event type. This gives us details about the event type, which may be important if this analytic was computed over grouped data.
HTTP request
Path parameters
| Parameters | |
|---|---|
parent |
Required. The parent, which owns this collection of AnalyticValues. Format: |
Query parameters
| Parameters | |
|---|---|
pageSize |
Optional. The maximum number of entity analytic values to return. The service may return fewer than this value. |
pageToken |
Optional. A page token, received from a previous |
filter |
Optional. Filter to be applied over multiple AnalyticValue fields. Please see API definition for usage. |
orderBy |
Optional. Configures ordering of AnalyticValues in the response. |
Request body
The request body must be empty.
Response body
Response message for analyticValues.list.
If successful, the response body contains data with the following structure:
| JSON representation |
|---|
{
"analyticValues": [
{
object ( |
| Fields | |
|---|---|
analyticValues[] |
List of AnalyticValues returned by the API. |
nextPageToken |
A token, which can be sent as |
Authorization scopes
Requires the following OAuth scope:
https://www.googleapis.com/auth/cloud-platform
For more information, see the Authentication Overview.
IAM Permissions
Requires the following IAM permission on the parent resource:
chronicle.analyticValues.list
For more information, see the IAM documentation.
AnalyticValue
An AnalyticValue represents a data point for an analytic which is exhibited by an entity at a given time interval.
| JSON representation |
|---|
{ "name": string, "value": number, "interval": { object ( |
| Fields | |
|---|---|
name |
Identifier. The resource name. Format: |
value |
Output only. The numeric value of the analytic value (i.e., the y-coordinate of the data point). |
interval |
Output only. The interval that the numeric value was computed over (i.e., the x-coordinate of the data point). |
eventCount |
The total number of events aggregated to generate this analytic value. |
aggregateFunction |
Required. The aggregate function used to compute this analytic. |
dimensions[] |
The dimensions describe how analytics data was grouped prior to aggregation. |
eventType |
The event type for this analytic. This will only be present if dimensions includes EVENT_TYPE. |
label |
Output only. The label representing analytic display phrase. |