Method: iocs.fetchRelated

HTTP request
Path parameters
Query parameters
Request body
Response body
- JSON representation
Authorization scopes
Try it!

Full name: projects.locations.instances.iocs.fetchRelated

List related IOCs for a given threat resource.

HTTP request

Choose a location:

Path parameters

Parameters

Parameters
`parent`	`string` Required. The parent resource of the IOCs. Format: projects/{project}/locations/{location}/instances/{instance}

parent

string

Required. The parent resource of the IOCs. Format: projects/{project}/locations/{location}/instances/{instance}

Query parameters

Parameters
`iocType`	`enum (IocType)` Required. The type of related IOCs to return. Only supports DOMAIN, IP, FILE_HASH.*, and URL types.
`pageSize`	`integer` Optional. The maximum number of IOCs to return. The default is 10, and the maximum value is 40.
`pageToken`	`string` Optional. A page token, received from a previous `iocs.fetchRelated` call. Provide this to retrieve the subsequent page. When paginating, all other parameters provided to `iocs.fetchRelated` must match the call that provided the page token.
`orderBy`	`string` Optional. The order to sort the returned IOCs by. Default is descending name-. The supported order syntax matches the fields defined in the GTI API docs here: https://gtidocs.virustotal.com/reference/list-threats#allowed-orders Supported orders: - name: sorts objects alphabetically by name, ascending + or descending -. Name in this context refers to the displayName for an IOC.
Union parameter `threat_resource`. The threat resource to get the related IOCs for. `threat_resource` can be only one of the following:
`iocAssociation`	`string` Optional. The name of the IocAssociation resource (Threat Actor or Malware Family) to get the related IOCs for. Format: projects/{project}/locations/{location}/instances/{instance}/iocAssociations/{iocAssociation}
`threatCollection`	`string` Optional. The name of the ThreatCollection resource (GTI Campaign or Report) to get the related IOCs for. Format: projects/{project}/locations/{location}/instances/{instance}/threatCollections/{threatCollection}

Request body

The request body must be empty.

Response body

Response containing a list of related IOCs for a given threat resource.

If successful, the response body contains data with the following structure:

JSON representation
{ "iocs": [ { object (`Ioc`) } ], "nextPageToken": string, "totalSize": integer }

Fields

Fields
`iocs[]`	`object (Ioc)` Output only. The list of related IOCs.
`nextPageToken`	`string` Output only. A token that can be sent as `pageToken` to retrieve the next page. If this field is omitted, there are no subsequent pages.
`totalSize`	`integer` Output only. The total number of IOCs that match the request. The count of `iocs` returned by pagination may be less than the `totalSize` that matches.

iocs[]

object (Ioc)

Output only. The list of related IOCs.

nextPageToken

string

Output only. A token that can be sent as pageToken to retrieve the next page. If this field is omitted, there are no subsequent pages.

totalSize

integer

Output only. The total number of IOCs that match the request. The count of iocs returned by pagination may be less than the totalSize that matches.

Authorization scopes

Requires the following OAuth scope:

https://www.googleapis.com/auth/cloud-platform

For more information, see the Authentication Overview.