REST Resource: projects.locations.instances.cases.caseAlerts.connectorEvents

Resource: ConnectorEvent

This service is available for customers who migrated SOAR to a customer managed project and have the Chronicle API enabled. ConnectorEvent - Chronicle Connector Event. Types of ConnectorEvents: general, case-spesific

JSON representation 
{
  "name": string,
  "createTime": string,
  "updateTime": string,
  "alertIdentifier": string,
  "environment": string,
  "eventIdentifier": string,
  "alertGroupIdentifier": string,
  "mappedEventJson": string,
  "eventJsonData": {
    object (RawEventData)
  },
  "caseId": string
}
Fields
name

string

Identifier. The resource name of the ConnectorEvent. Format: projects/{project}/locations/{location}/instances/{instance}/cases/{case}/caseAlerts/{caseAlert}/connectorEvents/{connectorEvent}
createTime

string (int64 format)

Output only. The createTime of the ConnectorEvent.
updateTime

string (int64 format)

Output only. The updateTime of the ConnectorEvent.
alertIdentifier

string

Output only. The alertIdentifier of the ConnectorEvent.
environment

string

Output only. The environment of the ConnectorEvent.
eventIdentifier

string

Output only. The eventIdentifier of the ConnectorEvent.
alertGroupIdentifier

string

Output only. The alertGroupIdentifier of the ConnectorEvent.
mappedEventJson

string

Output only. The mappedEventJson of the ConnectorEvent.
eventJsonData

object (RawEventData)

Output only. The rawEvent of the ConnectorEvent.
caseId

string (int64 format)

Output only. The caseId of the ConnectorEvent.

RawEventData

Raw Event Data - Available through expansion.

JSON representation 
{
  "rawEvent": string
}
Fields
rawEvent

string

Output only. The raw event of the ConnectorEvent.

Methods

get

 Get a ConnectorEvent.

getFormatted

 Get a formatted ConnectorEvents for a given case/alert.

list

 List page of ConnectorEvents.