REST Resource: projects.locations.instances.caseQueueFilters

Resource: CaseQueueFilter
- JSON representation
FilterOperator
CaseQueueCriteria
- JSON representation
CaseQueueFilterType
CompareOperator
SearchTimeRangeType
Methods

Resource: CaseQueueFilter

This service is available for customers who migrated SOAR to a customer managed project and have the Chronicle API enabled. Case Queue Filters enable users to narrow your case search in the queue to precisely target the cases you want to analyze, by saving and editing filters that are significantly useful for them.

JSON representation

JSON representation
{ "name": string, "displayName": string, "filterOperator": enum (`FilterOperator`), "criteria": [ { object (`CaseQueueCriteria`) } ], "timeRangeFilter": enum (`SearchTimeRangeType`), "startTime": string, "endTime": string, "author": string }

{
  "name": string,
  "displayName": string,
  "filterOperator": enum (FilterOperator),
  "criteria": [
    {
      object (CaseQueueCriteria)
    }
  ],
  "timeRangeFilter": enum (SearchTimeRangeType),
  "startTime": string,
  "endTime": string,
  "author": string
}

Fields
`name`	`string` Identifier. The unique name(ID) of the CaseQueueFilter. Format: projects/{project}/locations/{location}/instances/{instance}/caseQueueFilters/{caseQueueFilter}
`displayName`	`string` Required. This is the name of the case queue filter that will be applied to the case filter.
`filterOperator`	`enum (FilterOperator)` Required. Specifies the logical operator for combining multiple filtering criteria. Required if Criteria is available.
`criteria[]`	`object (CaseQueueCriteria)` Optional. List of filters to apply, optional.
`timeRangeFilter`	`enum (SearchTimeRangeType)` Optional. Specifies the time range filter type to apply.
`startTime`	`string (int64 format)` Optional. Specifies the start time for filtering cases based on timestamp.
`endTime`	`string (int64 format)` Optional. Specifies the end time for filtering cases based on timestamp.
`author`	`string` Output only. Specifies the author of the case queue filter.

FilterOperator

Enum defining logical operators for combining multiple filters.

Enums
`FILTER_OPERATOR_UNSPECIFIED`	Default value. This value is unused.
`OR`	The value is equal to any of the values.
`AND`	The value is equal to all of the values.

CaseQueueCriteria

The filtering criteria that each case queue filter can have.

JSON representation
{ "type": enum (`CaseQueueFilterType`), "operator": enum (`CompareOperator`), "values": [ string ], "includeUsers": boolean }

Fields
`type`	`enum (CaseQueueFilterType)` Required. The type of the filter.
`operator`	`enum (CompareOperator)` Required. The comparison operator used for the filter.
`values[]`	`string` Required. The values of the filter.
`includeUsers`	`boolean` Optional. If the filter is of type Analysts (Roles / users) , and this is set to True, then the BE will also search for cases assigned to users that are a part of the roles in the search. "Include users associated with selected roles" in the UI. Otherwise the related to the selected roles users will not be included in the result.

CaseQueueFilterType

Enum representing different filter types that can be used for case queue filtering.

Enums
`CASE_QUEUE_FILTER_TYPE_UNSPECIFIED`	Default value. This value is unused.
`ENVIRONMENTS`	The value is Environments.
`PRIORITIES`	The value is Priorities.
`STAGES`	The value is Stages.
`TAGS`	The value is Tags.
`ALERTS_NAME`	The value is Alerts name.
`PRODUCTS`	The value is Products.
`PLATFORMS`	The value is Platforms.
`ANALYSTS`	The value is Analysts.
`ALERTS_VENDOR`	The value is Alerts vendor.
`TYPE`	The value is Type.
`ENVIRONMENT_DYNAMIC_PARAMETERS`	The value is Environments dynamic parameters.

CompareOperator

Enum defining comparison operators used in filtering criteria.

Enums
`COMPARE_OPERATOR_UNSPECIFIED`	Default value. This value is unused.
`IS`	The value is equal to any of the selected values.
`IS_NOT`	The value is not equal to any of the selected values.

SearchTimeRangeType

Enum representing predefined time range filters. The SEARCH_TIME_RANGE_TYPE_UNSPECIFIED (Custom value in the UI) provides a fixed interval search - e.g. to find cases only for [March 10 - March 30]. The rest of enum values provide dynamic time range search - e.g. if LAST_WEEK is selected it always queries cases for the last week.

Enums
`SEARCH_TIME_RANGE_TYPE_UNSPECIFIED`	Default value.
`CUSTOM`	Custom time Range.
`LAST_DAY`	Search for cases for the last day.
`LAST_2_DAYS`	Search for cases for the last 2 days.
`LAST_3_DAYS`	Search for cases for the last 3 days.
`LAST_WEEK`	Search for cases for the last 7 days.
`LAST_YEAR`	Search for cases for the last year.

Methods
`create`	Create a CaseQueueFilter.
`delete`	Delete a CaseQueueFilter.
`get`	Get a CaseQueueFilter.
`getShareConfig`	Get a ShareConfig.
`list`	Lists CaseQueueFilters.
`patch`	Update a CaseQueueFilter.
`updateShareConfig`	Update a ShareConfig.

REST Resource: projects.locations.instances.caseQueueFilters

Resource: CaseQueueFilter

FilterOperator

CaseQueueCriteria

CaseQueueFilterType

CompareOperator

SearchTimeRangeType

Methods

`create`

`delete`

`get`

`getShareConfig`

`list`

`patch`

`updateShareConfig`

REST Resource: projects.locations.instances.caseQueueFilters Stay organized with collections Save and categorize content based on your preferences.

Resource: CaseQueueFilter

FilterOperator

CaseQueueCriteria

CaseQueueFilterType

CompareOperator

SearchTimeRangeType

Methods

create

delete

get

getShareConfig

list

patch

updateShareConfig

REST Resource: projects.locations.instances.caseQueueFilters

`create`

`delete`

`get`

`getShareConfig`

`list`

`patch`

`updateShareConfig`