REST Resource: projects.locations.instances.users.searchQueries

Resource: SearchQuery

Represents a Search Query from a Chronicle user.

JSON representation 
{
  "name": string,
  "metadata": {
    object (EntryMetadata)
  },
  "displayName": string,
  "query": string,
  "queryId": string,
  "userId": string,
  "description": string,
  "placeholderNames": [
    string
  ],
  "placeholderDescriptions": [
    string
  ],
  "queryType": enum (QueryType),
  "naturalLanguageQuery": string,
  "caseInsensitive": boolean,
  "columnSetLabel": string
}
Fields
name

string

Output only. Identifier. The resource name of the SearchQuery.
metadata

object (EntryMetadata)

Optional. Metadata about the search query.
displayName

string

Optional. Name of the query to be shown in the UI.
query

string

Required. The query the user is saving.
queryId

string (bytes format)

Optional. The 16 byte UUID for this query.

A base64-encoded string.
userId

string

Optional. The user ID for this query.
description

string

Optional. Description of the overall query, to be shown in the UI.
placeholderNames[]

string

Optional. Name of query placeholder value, to be shown in the UI. Each element's position corresponds to the description in the placeholderDescriptions field.
placeholderDescriptions[]

string

Optional. Description of the placeholder value, to be shown in the UI.
queryType

enum (QueryType)

Optional. The query type.
naturalLanguageQuery

string

Optional. If applicable, the natural language query used to generate the UDM Search Query.
caseInsensitive

boolean

Optional. If true, the search was performed in a case-insensitive manner.
columnSetLabel

string

Optional. The label of the column set added to the search query. columnSetLabel maps to the columnSets field in the PreferenceSet resource.

EntryMetadata

Metadata necessary for storage in the UserDataService backend.

JSON representation 
{
  "sharingMode": enum (SharingMode),
  "createTime": string,
  "updateTime": string
}
Fields
sharingMode

enum (SharingMode)

Optional. Whether other users in the same customer can read this entry.
createTime

string (Timestamp format)

Optional. The time that this entry was created.

Uses RFC 3339, where generated output will always be Z-normalized and uses 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: "2014-10-02T15:01:23Z", "2014-10-02T15:01:23.045123456Z" or "2014-10-02T15:01:23+05:30".
updateTime

string (Timestamp format)

Optional. The last time the entry was updated.

Uses RFC 3339, where generated output will always be Z-normalized and uses 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: "2014-10-02T15:01:23Z", "2014-10-02T15:01:23.045123456Z" or "2014-10-02T15:01:23+05:30".

SharingMode

SharingMode specifies how a resource is shared with other users.

Enums
MODE_PRIVATE Only the user that created the resource can read it.
MODE_SHARED_WITH_CUSTOMER Other users within the same customer can read this resource.

QueryType

The type of the query in the request.

Enums
QUERY_TYPE_UNSPECIFIED The default query type.
QUERY_TYPE_UDM_QUERY Unified Data Model Query.
QUERY_TYPE_RAW_LOG_QUERY Raw Log Query.
QUERY_TYPE_DASHBOARD_QUERY Dashboards Query.
QUERY_TYPE_STATS_QUERY Stats Query.
QUERY_TYPE_DATA_TABLE_QUERY DataTable Query.
QUERY_TYPE_ENTITY_GRAPH_QUERY Entity Query.
QUERY_TYPE_UDM_DATATABLE_JOIN UDM_Datatable Joins Query.
QUERY_TYPE_JOIN_STATS_QUERY Joins in Stats Query.
QUERY_TYPE_JOIN_QUERY Joins Query.

Methods

create

 Endpoint for adding a new entry to the specified collection of user data

delete

 Endpoint for deleting a user data saved query entry

get

 Endpoint for getting a user's Saved query entry

list

 Endpoint for listing the user data saved queries owned by the specified user

patch

 Endpoint for updating user data saved query