Resource: FindingsRefinement
Represents a set of logic conditions used to refine various types of findings such as curated rule detections.
| JSON representation |
|---|
{
"name": string,
"displayName": string,
"type": enum ( |
| Fields | |
|---|---|
name |
Full resource name for the findings refinement. Format: projects/{project}/locations/{region}/instances/{instance}/findingsRefinements/{findingsRefinement} |
displayName |
Display name of the findings refinement. |
type |
The type of findings refinement. |
createTime |
Output only. The timestamp of when the findings refinement was created. Uses RFC 3339, where generated output will always be Z-normalized and uses 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: |
updateTime |
Output only. The timestamp of when the findings refinement was last updated. Uses RFC 3339, where generated output will always be Z-normalized and uses 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: |
query |
The query for the findings refinement. Works in conjunction with the type field to determine the findings refinement behavior. The syntax of this query is the same as a UDM search string. See the following for more information: https://cloud.google.com/chronicle/docs/investigation/udm-search |
FindingsRefinementType
The type of findings refinement, which determines what the findings refinement runs over and the mechanism by which it runs.
| Enums | |
|---|---|
FINDINGS_REFINEMENT_TYPE_UNSPECIFIED |
The findings refinement type is unspecified. |
DETECTION_EXCLUSION |
Indicates that the findings refinement is a detection exclusion and should exclude matching detections. |
Methods |
|
|---|---|
|
Returns findings refinement activity for a specific findings refinement. |
|
Creates a new findings refinement. |
|
Gets a single findings refinement. |
|
Gets a findings refinement deployment. |
|
Lists a collection of findings refinements. |
|
Updates a findings refinement. |
|
Updates a findings refinement deployment. |