- HTTP request
- Path parameters
- Request body
- Response body
- Authorization scopes
- IAM Permissions
- Try it!
Full name: projects.locations.instances.legacyCases.executeManualAction
Executes a given SOAR playbook action on specific entities within a case.
HTTP request
POST https://chronicle.africa-south1.rep.googleapis.com/v1alpha/{name}/legacyCases:executeManualAction Path parameters
| Parameters | |
|---|---|
name |
Required. The resource name of the LegacyCase to retrieve. Format: projects/{project}/locations/{location}/instances/{instance}/LegacyCases |
Request body
The request body contains data with the following structure:
| JSON representation |
|---|
{
"caseId": string,
"targetEntities": [
{
object ( |
| Fields | |
|---|---|
caseId |
Required. CaseId is the ID of the case associated with the manual action. |
targetEntities[] |
Optional. TargetEntities is a list of entities targeted by the manual action. |
properties |
Optional. Properties is a dictionary of properties associated with the manual action. An object containing a list of |
actionProvider |
Required. ActionProvider is the provider of the action. |
actionName |
Required. ActionName is the name of the action. |
scope |
Optional. Scope is the scope of the action. |
alertGroupIdentifiers[] |
Optional. AlertGroupIdentifiers is a list of identifiers for alert groups. |
isPredefinedScope |
Optional. IsPredefinedScope indicates if the scope is predefined. |
Response body
If successful, the response body contains an instance of ApiActionResultDataModel.
Authorization scopes
Requires the following OAuth scope:
https://www.googleapis.com/auth/cloud-platform
For more information, see the Authentication Overview.
IAM Permissions
Requires the following IAM permission on the name resource:
chronicle.legacyCases.runManualAction
For more information, see the IAM documentation.