- HTTP request
- Path parameters
- Query parameters
- Request body
- Response body
- Authorization scopes
- IAM Permissions
Full name: projects.locations.instances.legacySdk.legacyAlertSourceFile
Returns the raw source file content for a specific alert, if available from the original ingestion source. Use this method to retrieve the original evidence for deeper forensic analysis.
HTTP request
GET https://chronicle.africa-south1.rep.googleapis.com/v1alpha/{instance}/legacySdk:legacyAlertSourceFile Path parameters
| Parameters | |
|---|---|
instance |
Required. The GetAlertSourceFile request. Format: projects/{project}/locations/{location}/instances/{instance}/legacySdk:getAlertSourceFile |
Query parameters
| Parameters | |
|---|---|
alertIdentifier |
Required. The alert identifier to get the alert source file for. |
format |
Optional. The format of the field names in the response. Could be snake or camel. |
Request body
The request body must be empty.
Response body
If successful, the response is a generic HTTP response whose format is defined by the method.
Authorization scopes
Requires one of the following OAuth scopes:
https://www.googleapis.com/auth/cloud-platformhttps://www.googleapis.com/auth/chroniclehttps://www.googleapis.com/auth/chronicle.readonly
For more information, see the Authentication Overview.
IAM Permissions
Requires the following IAM permission on the instance resource:
chronicle.legacySdk.get
For more information, see the IAM documentation.