REST Resource: projects.locations.instances.users.searchQueries

Resource: SearchQuery

Represents a Search Query from a Chronicle user.

JSON representation 
{
  "name": string,
  "metadata": {
    object (EntryMetadata)
  },
  "display_name": string,
  "query": string,
  "query_id": string,
  "user_id": string,
  "description": string,
  "placeholder_names": [
    string
  ],
  "placeholder_descriptions": [
    string
  ],
  "query_type": enum (QueryType),
  "natural_language_query": string,
  "case_insensitive": boolean
}
Fields
name

string

Output only. Identifier. The resource name of the SearchQuery.
metadata

object (EntryMetadata)

Optional. Metadata about the search query.
display_name

string

Optional. Name of the query to be shown in the UI.
query

string

Required. The query the user is saving.
query_id

string (bytes format)

Optional. The 16 byte UUID for this query.

A base64-encoded string.
user_id

string

Optional. The user ID for this query.
description

string

Optional. Description of the overall query, to be shown in the UI.
placeholder_names[]

string

Optional. Name of query placeholder value, to be shown in the UI. Each element's position corresponds to the description in the placeholder_descriptions field.
placeholder_descriptions[]

string

Optional. Description of the placeholder value, to be shown in the UI.
query_type

enum (QueryType)

Optional. The query type.
natural_language_query

string

Optional. If applicable, the natural language query used to generate the UDM Search Query.
case_insensitive

boolean

Optional. If true, the search was performed in a case-insensitive manner.

EntryMetadata

Metadata necessary for storage in the UserDataService backend.

JSON representation 
{
  "sharing_mode": enum (SharingMode),
  "create_time": string,
  "update_time": string
}
Fields
sharing_mode

enum (SharingMode)

Optional. Whether other users in the same customer can read this entry.
create_time

string (Timestamp format)

Optional. The time that this entry was created.

Uses RFC 3339, where generated output will always be Z-normalized and uses 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted.Examples: "2014-10-02T15:01:23Z", "2014-10-02T15:01:23.045123456Z" or "2014-10-02T15:01:23+05:30".
update_time

string (Timestamp format)

Optional. The last time the entry was updated.

Uses RFC 3339, where generated output will always be Z-normalized and uses 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted.Examples: "2014-10-02T15:01:23Z", "2014-10-02T15:01:23.045123456Z" or "2014-10-02T15:01:23+05:30".

SharingMode

SharingMode specifies how a resource is shared with other users.

Enums
MODE_PRIVATE Only the user that created the resource can read it.
MODE_SHARED_WITH_CUSTOMER Other users within the same customer can read this resource.

QueryType

The type of the query in the request.

Enums
QUERY_TYPE_UNSPECIFIED The default query type.
QUERY_TYPE_UDM_QUERY Unified Data Model Query.
QUERY_TYPE_RAW_LOG_QUERY Raw Log Query.
QUERY_TYPE_DASHBOARD_QUERY Dashboards Query.
QUERY_TYPE_STATS_QUERY Stats Query.

Methods

create

 Endpoint for adding a new entry to the specified collection of user data

delete

 Endpoint for deleting a user data saved query entry

get

 Endpoint for getting a user's Saved query entry

list

 Endpoint for listing the user data saved queries owned by the specified user

patch

 Endpoint for updating user data saved query