- HTTP request
- Path parameters
- Query parameters
- Request body
- Response body
- Authorization scopes
- Try it!
Full name: projects.locations.instances.iocs.fetchRelated
List related IOCs for a given threat resource.
HTTP request
Path parameters
Parameters | |
---|---|
parent |
Required. The parent resource of the IOCs. Format: projects/{project}/locations/{location}/instances/{instance} |
Query parameters
Parameters | |
---|---|
iocType |
Required. The type of related IOCs to return. Only supports DOMAIN, IP, FILE_HASH.*, and URL types. |
pageSize |
Optional. The maximum number of IOCs to return. The default is 10, and the maximum value is 40. |
pageToken |
Optional. A page token, received from a previous |
orderBy |
Optional. The order to sort the returned IOCs by. Default is descending name-. The supported order syntax matches the fields defined in the GTI API docs here: https://gtidocs.virustotal.com/reference/list-threats#allowed-orders Supported orders: - name: sorts objects alphabetically by name, ascending + or descending -. Name in this context refers to the displayName for an IOC. |
Union parameter threat_resource . The threat resource to get the related IOCs for. threat_resource can be only one of the following: |
|
iocAssociation |
Optional. The name of the IocAssociation resource (Threat Actor or Malware Family) to get the related IOCs for. Format: projects/{project}/locations/{location}/instances/{instance}/iocAssociations/{iocAssociation} |
threatCollection |
Optional. The name of the ThreatCollection resource (GTI Campaign or Report) to get the related IOCs for. Format: projects/{project}/locations/{location}/instances/{instance}/threatCollections/{threatCollection} |
Request body
The request body must be empty.
Response body
Response containing a list of related IOCs for a given threat resource.
If successful, the response body contains data with the following structure:
JSON representation |
---|
{
"iocs": [
{
object ( |
Fields | |
---|---|
iocs[] |
Output only. The list of related IOCs. |
nextPageToken |
Output only. A token that can be sent as |
totalSize |
Output only. The total number of IOCs that match the request. The count of |
Authorization scopes
Requires the following OAuth scope:
https://www.googleapis.com/auth/cloud-platform
For more information, see the Authentication Overview.