- HTTP request
- Path parameters
- Query parameters
- Request body
- Response body
- Authorization scopes
- IAM Permissions
- IocMatchMetadata
- Try it!
Full name: projects.locations.instances.threatCollections.fetchIocMatchMetadata
Gets a batch (list) of ioc match metadata for a list of threat collections.
HTTP request
Path parameters
| Parameters | |
|---|---|
parent |
Required. The parent resource of the ioc match metadata. Format: projects/{project}/locations/{location}/instances/{instance} |
Query parameters
| Parameters | |
|---|---|
threatCollections[] |
Required. The |
Request body
The request body must be empty.
Response body
Response containing a list of ioc match metadata.
If successful, the response body contains data with the following structure:
| JSON representation |
|---|
{
"iocMatchMetadata": [
{
object ( |
| Fields | |
|---|---|
iocMatchMetadata[] |
Output only. The list of ioc match metadata requested. |
Authorization scopes
Requires the following OAuth scope:
https://www.googleapis.com/auth/cloud-platform
For more information, see the Authentication Overview.
IAM Permissions
Requires the following IAM permission on the parent resource:
chronicle.threatCollections.fetchIocMatchMetadata
For more information, see the IAM documentation.
IocMatchMetadata
IOC match metadata for a threat collection.
| JSON representation |
|---|
{ "threatCollection": string, "iocMatchesCount": integer } |
| Fields | |
|---|---|
threatCollection |
The alt_name (Mandiant ID) of the ThreatCollections that has IOC matches. ( i.e. "CAMP.22.147") |
iocMatchesCount |
Number of ioc matches that correlates to the threatCollection |