REST Resource: projects.locations.instances.contentHub.contentPacks

Resource: ContentPack

This service is available for customers who migrated SOAR to a customer managed project and have the Chronicle API enabled. ContentPack - Chronicle SOAR Content Pack.

JSON representation 
{
  "name": string,
  "title": string,
  "categories": [
    string
  ],
  "description": string,
  "videoUri": string,
  "uploader": string,
  "integrations": [
    {
      object (ContentPackIntegrationItem)
    }
  ],
  "connectorDefinitions": [
    {
      object (ContentPackItem)
    }
  ],
  "connectorInstances": [
    {
      object (ContentPackItem)
    }
  ],
  "testCases": [
    {
      object (ContentPackItem)
    }
  ],
  "playbooks": [
    {
      object (ContentPackItem)
    }
  ],
  "detectionRules": [
    {
      object (ContentPackItem)
    }
  ],
  "searchQueries": [
    {
      object (ContentPackItem)
    }
  ],
  "dashboards": [
    {
      object (ContentPackItem)
    }
  ],
  "type": enum (ContentPackType),
  "identifier": string,
  "ruleSets": [
    {
      object (ContentPackItem)
    }
  ],
  "custom": boolean,
  "highlighted": boolean,
  "ontology": boolean,
  "conflicts": boolean,
  "deployed": boolean,
  "preInstallationGuidance": string,
  "postInstallationGuidance": string,
  "community": boolean,
  "image": string
}
Fields
name

string

Identifier. The unique name(ID) of the content pack. Format: projects/{project}/locations/{location}/instances/{instance}/contentHub/content-packs/{content-pack}
title

string

Output only. The title of the content pack, limited to 200 characters.
categories[]

string

Output only. Categories used for filtering. Each category name is limited to 50 characters.
description

string

Output only. Provides a detailed description of the content-pack, suitable for display in a list view. Limited to 200 characters.
videoUri

string

Output only. URL of e video associated with this content pack. Must be a valid URL with a maximum length of 2048 characters.
uploader

string

Output only. The uploader of the content pack, might not be a registered user of the platform.
integrations[]

object (ContentPackIntegrationItem)

Output only. The integrations of the content pack
connectorDefinitions[]

object (ContentPackItem)

Output only. The connectors definitions of the content pack
connectorInstances[]

object (ContentPackItem)

Output only. The connectors instances of the content pack
testCases[]

object (ContentPackItem)

Output only. The test cases of the content pack
playbooks[]

object (ContentPackItem)

Output only. The playbooks of the content pack
detectionRules[]

object (ContentPackItem)

Output only. The detection rules of the content pack
searchQueries[]

object (ContentPackItem)

Output only. The search query records of the content pack
dashboards[]

object (ContentPackItem)

Output only. The dashboards records of the content pack
type

enum (ContentPackType)

Output only. Enum type of content pack
identifier

string

Output only. The identifier of the content pack.
ruleSets[]

object (ContentPackItem)

Output only. The rule sets of the content pack
custom

boolean

Output only. Determines if the content-pack is custom or commercial.
highlighted

boolean

Output only. Represent if the content pack is marked as highlighted. Used by a client.
ontology

boolean

Output only. Represents if Content Pack has ontology
conflicts

boolean

Output only. Represents if Content Pack has ontology conflicts
deployed

boolean

Output only. Represents if Content Pack is deployed
preInstallationGuidance

string

Output only. a guidance for the customer before installing the content pack.
postInstallationGuidance

string

Output only. a guidance for the customer after installing the content pack.
community

boolean

Output only. Represents if Content Pack is available in community
image

string

Output only. The image of the content pack.

ContentPackIntegrationItem

ContentPackIntegrationItem - Represents an integration item of a content pack.

JSON representation 
{
  "id": string,
  "title": string,
  "version": string,
  "custom": boolean,
  "iconSvg": string,
  "ontology": boolean,
  "conflicts": boolean
}
Fields
id

string

Output only. The unique ID of the content pack item.
title

string

Output only. The display name of the item
version

string

Output only. Represents the integration version
custom

boolean

Output only. Represent if the content item is custom or commercial
iconSvg

string

Output only. SVG icon for representation, limited to 1MB.
ontology

boolean

Output only. Represents if integration has ontology
conflicts

boolean

Output only. Represents if integration ontology has conflicts

ContentPackItem

ContentPackItem - Represents a content pack item.

JSON representation 
{
  "id": string,
  "title": string,
  "custom": boolean
}
Fields
id

string

Output only. The unique ID of the content pack item.
title

string

Output only. The display name of the item
custom

boolean

Output only. Represent if the content item is custom or commercial

ContentPackType

content pack type enum

Enums
CONTENT_PACK_TYPE_UNSPECIFIED Unspecified content pack type
SOAR_LEGACY Soar legacy content pack
SEC_OPS_USE_CASE SecOps use case content pack
PRODUCT Product content pack
ONBOARDING Onboarding content pack

Methods

add

 Create a ContentPack.

alignPlaybooks

 Align Playbooks from a Content Pack.

delete

 Delete a ContentPack.

deployConnectorInstances

 Install Connector Instances from a Content Pack.

deployPlaybooks

 Install Playbooks from a Content Pack.

deployTestCases

 Install test cases.

download

 Export Content Pack.

get

 Get a ContentPack.

installIntegration

 Install integration.

list

 Lists ContentPacks.

markAsDeployed

 Mark Content Pack as deployed.

upload

 Import Content Pack.