- HTTP request
- Path parameters
- Query parameters
- Request body
- Response body
- Authorization scopes
- IAM Permissions
- Try it!
Full name: projects.locations.instances.iocAssociations.fetchRelated
List related Associations (Threat Actors or Malware Families) for a given threat resource.
HTTP request
Path parameters
Parameters | |
---|---|
parent |
Required. The parent resource of the Associations (Threat Actors or Malware Families). Format: projects/{project}/locations/{location}/instances/{instance} |
Query parameters
Parameters | |
---|---|
associationType |
Required. The type (Threat Actor or Malware Family) of related Associations to return. |
pageSize |
Optional. The maximum number of Associations (Threat Actors or Malware Families) to return. The default is 10, and the maximum value is 40. |
pageToken |
Optional. A page token, received from a previous |
orderBy |
Optional. The order to sort the returned Associations by. Default is descending last_modification_date. The supported order syntax matches the fields defined in the GTI API docs here: https://gtidocs.virustotal.com/reference/list-threats#allowed-orders Supported orders: - name: sorts objects alphabetically by name, ascending + or descending -. Name in this context refers to the threatDisplayName for an Association. - last_modification_date: sorts objects descending - by most recently modified objects first, or ascending + by firstly modified objects first. This refers to the lastReferenceTime field for an Association. |
Union parameter threat_resource . The threat resource to get the related associations (Threat Actors or Malware Families) for. threat_resource can be only one of the following: |
|
iocAssociation |
Optional. The name of the IocAssociation resource (Threat Actor or Malware Family) to get the related associations (Threat Actors or Malware Families) for. Format: projects/{project}/locations/{location}/instances/{instance}/iocAssociations/{iocAssociation} |
ioc |
Optional. The name of the ioc resource to get the related associations (Threat Actors or Malware Families) for. Format: projects/{project}/locations/{location}/instances/{instance}/iocs/{ioc} |
threatCollection |
Optional. The name of the ThreatCollection resource (GTI Campaign or Report) to get the related associations (Threat Actors or Malware Families) for. Format: projects/{project}/locations/{location}/instances/{instance}/threatCollections/{threatCollection} |
Request body
The request body must be empty.
Response body
Response containing a list of related associations (Threat Actors or Malware Families) for a given threat resource.
If successful, the response body contains data with the following structure:
JSON representation |
---|
{
"iocAssociations": [
{
object ( |
Fields | |
---|---|
iocAssociations[] |
Output only. The list of related associations (Threat Actors or Malware Families). |
nextPageToken |
Output only. A token that can be sent as |
totalSize |
Output only. The total number of associations (Threat Actors or Malware Families) that match the request. The count of |
Authorization scopes
Requires the following OAuth scope:
https://www.googleapis.com/auth/cloud-platform
For more information, see the Authentication Overview.
IAM Permissions
Requires the following IAM permission on the parent
resource:
chronicle.iocAssociations.fetchRelated
For more information, see the IAM documentation.