- HTTP request
- Path parameters
- Query parameters
- Request body
- Response body
- Authorization scopes
- IAM Permissions
- Try it!
Full name: projects.locations.instances.threatCollections.fetchRelated
List related threat collections for a threat artifact.
HTTP request
Path parameters
Parameters | |
---|---|
parent |
Required. The parent resource of the threat collections. Format: projects/{project}/locations/{location}/instances/{instance} |
Query parameters
Parameters | |
---|---|
threatCollectionType |
Required. The type (Campaign or Report) of related threat collections to return. |
pageSize |
Optional. The maximum number of threat collections to return. The default is 10, and the maximum value is 40. |
pageToken |
Optional. A page token, received from a previous |
orderBy |
Optional. The order to sort the returned threat collections by. Default is descending last_modification_date. The supported order syntax matches the fields defined in the GTI API docs here: https://gtidocs.virustotal.com/reference/list-threats#allowed-orders Supported orders: - name: sorts objects alphabetically by name, ascending + or descending -. Name in this context refers to the displayName for a threat collection. - creation_date: sorts objects descending - (default) by most recently created objects first, or ascending + by oldest created objects first. This refers to the createTime field for a threat collection. - last_modification_date: sorts objects descending - by most recently modified objects first, or ascending + by firstly modified objects first. This refers to the updateTime field for a threat collection. |
Union parameter threat_resource . The threat resource to get the related ThreatCollections (GTI Campaigns or Reports) for. threat_resource can be only one of the following: |
|
iocAssociation |
Optional. The name of the IocAssociation (Threat Actor or Malware Family) resource to get related threat collections for. Format: projects/{project}/locations/{location}/instances/{instance}/iocAssociations/{iocAssociation} |
ioc |
Optional. The name of the ioc resource to get related threat collections for. Format: projects/{project}/locations/{location}/instances/{instance}/iocs/{ioc} |
threatCollection |
Optional. The name of the ThreatCollection (GTI Campaign or Report) resource to get related threat collections for. Format: projects/{project}/locations/{location}/instances/{instance}/threatCollections/{threatCollection} |
Request body
The request body must be empty.
Response body
Response containing a list of threat collections for a given threat artifact.
If successful, the response body contains data with the following structure:
JSON representation |
---|
{
"threatCollections": [
{
object ( |
Fields | |
---|---|
threatCollections[] |
Output only. The list of ThreatCollections. |
nextPageToken |
Output only. A token that can be sent as |
totalSize |
Output only. The total number of ThreatCollections that match the request. The count of |
Authorization scopes
Requires the following OAuth scope:
https://www.googleapis.com/auth/cloud-platform
For more information, see the Authentication Overview.
IAM Permissions
Requires the following IAM permission on the parent
resource:
chronicle.threatCollections.fetchRelated
For more information, see the IAM documentation.