- HTTP request
- Path parameters
- Query parameters
- Request body
- Response body
- Authorization scopes
- IAM Permissions
- Try it!
Full name: projects.locations.instances.legacy.legacySearchRuleDetectionCountBuckets
Legacy endpoint for listing detection count buckets for a Rules Engine rule.
HTTP request
GET https://chronicle.googleapis.com/v1alpha/{instance}/legacy:legacySearchRuleDetectionCountBuckets
Path parameters
| Parameters | |
|---|---|
instance |
Required. The instance the resource belongs to. Format: projects/{project}/locations/{location}/instances/{instance} |
Query parameters
| Parameters | |
|---|---|
rule |
Required. The rule/curated rule ID to return buckets for. |
version |
Optional. The version timestamp of the rule. If not specified for a customer rule, buckets will be returned for the latest revision of the rule. Ignored for curated rules. Uses RFC 3339, where generated output will always be Z-normalized and uses 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted.Examples: |
time |
Required. The time range to return buckets for. |
bucket |
Required. The bucket size. Only BUCKET_SIZE_DAY is currently supported. |
rule |
Optional. The rule source to return buckets for. If omitted, will default to USER_RULE. Should be consistent with rule_id (USER_RULE for rules, UPPERCASE_RULE for curated rules); otherwise, there could be unexpected behavior. |
Request body
The request body must be empty.
Response body
Legacy response with list of found detection count buckets.
If successful, the response body contains data with the following structure:
| JSON representation |
|---|
{
"detection_count_buckets": [
{
object ( |
| Fields | |
|---|---|
detection_ |
Detection count buckets for the rule/curated rule. |
Authorization scopes
Requires the following OAuth scope:
https://www.googleapis.com/auth/cloud-platform
For more information, see the Authentication Overview.
IAM Permissions
Requires the following IAM permission on the instance resource:
chronicle.legacies.legacySearchRuleDetectionCountBuckets
For more information, see the IAM documentation.