REST Resource: projects.locations.instances.legacySdk

Resource

There is no persistent data associated with this resource.

Methods

legacyAddAgentConnectorLogs

 Uploads execution logs for a specific connector running on a remote agent.

legacyAddAgentLogs

 Uploads operational logs for a remote agent to the primary SecOps instance.

legacyAddAttachment

 Adds a new attachment to a specific case.

legacyAddComment

 Adds a comment to a case wall.

legacyAddEntitiesToCustomList

 Adds one or more entities to a specific custom list.

legacyAddOrUpdateCaseTask

 Creates a new task or updates an existing one within a case.

legacyAddTag

 Adds a tag to a case.

legacyAlertFullDetails

 Returns the complete details for a specific alert, including all associated raw event data and its current suspicion status.

legacyAlertSourceFile

 Returns the raw source file content for a specific alert, if available from the original ingestion source.

legacyAlertsFullDetails

 Returns the complete details for all alerts associated with a specific case.

legacyAlertsTicketIdsByCaseId

 Returns all alert ticket identifiers associated with a specific case.

legacyAnyEntityInCustomList

 Checks if any of the provided entities are currently present in a specific custom list.

legacyAssignUser

 Assigns a case to a specific user.

legacyAttacheWorkflowToCase

 Manually initiates a specific response workflow (playbook) for a given security case.

legacyAttachmentData

 Returns the binary content of a specific attachment.

legacyAttachments

 Returns metadata for all attachments associated with a specific case.

legacyCaseFullDetails

 Returns the complete details for a specific case, including its constituent alerts, security entities, and execution history.

legacyCaseMetadata

 Returns high-level metadata for a specific case, such as its title, priority level, and current status.

legacyChangeCaseStage

 Transitions a case to a different investigation stage (e.g., from Triage to Investigation).

legacyChangePriority

 Updates the priority level of a specific case.

legacyCloseAlert

 Closes a specific alert within a case.

legacyCloseCase

 Closes a specific case and all its constituent alerts.

legacyCreateCase

 Creates a new investigation case.

legacyCreateCaseInsight

 Creates a new insight (highlighted observation) for a case.

legacyCreateConnectorPackage

 Initiates the creation of a connector package for a specific integration.

legacyCreateEntity

 Manually adds a new entity to an alert in a case.

legacyGetAgentById

 Returns the technical configuration and operational health status for a specific remote agent.

legacyGetAlertsTicketIdsFromCasesClosedSinceTimestamp

 Returns the alert ticket identifiers associated with cases that were closed after the specified timestamp.

legacyGetAlertsToSync

 Returns a list of alerts that are currently pending technical synchronization between SecOps and an external system (e.g., Chronicle SIEM).

legacyGetCaseClosureDetails

 Returns the resolution details and closure metadata for a list of specified cases.

legacyGetCaseComments

 Returns all comments and wall activities associated with a specific case.

legacyGetCaseTasks

 Returns all technical analyst requirements (tasks) associated with a specific case.

legacyGetCasesByFilter

 Returns a list of case identifiers matching the provided legacy filter criteria.

legacyGetCasesByRequest

 Returns cases matching the provided criteria.

legacyGetCasesIdByFilter

 Returns a list of technical case identifiers matching the provided legacy filter criteria.

legacyGetConnectorParameters

 Returns the current technical configuration parameters for a specific connector instance.

legacyGetContextProperty

 Returns the technical metadata value associated with a specific key from a given investigative context.

legacyGetCurrentSiemplifyVersion

 Returns the technical version identifier for the active SecOps platform instance.

legacyGetCustomListCategories

 Returns the technical categories used to organize and manage custom watchlists and allowlists.

legacyGetFailedActions

 Returns technical details for playbook actions that have failed within a specified timeframe.

legacyGetFailedConnectors

 Returns technical metadata for ingestion connectors that have experienced malfunctions or stopped processing data.

legacyGetFailedETLOperations

 Returns a list of technical ETL (Extract, Transform, Load) operations that have failed during background processing.

legacyGetFailedJobs

 Returns technical metadata for background system jobs that have failed to complete successfully.

legacyGetIntegrationVersion

 Returns the technical version identifier for a specific installed integration.

legacyGetProxySettings

 Returns the technical network configuration (proxy settings) used by the platform for external investigative communication.

legacyGetPublisherById

 Returns technical metadata for a specific remote agent publisher by its identifier.

legacyGetRemoteConnectorsKeysMap

 Returns the technical mapping keys for remote connectors associated with a specified publisher.

legacyGetSimilarCasesIds

 Returns a list of case identifiers for cases that are determined to be similar to the provided criteria.

legacyGetSyncAlerts

 Returns comprehensive technical metadata for a set of alerts (detection events) matching synchronization criteria.

legacyGetSyncCases

 Returns comprehensive investigative data for a set of cases matching technical synchronization criteria.

legacyGetUpdatedSyncAlertsMetadata

 Returns technical metadata for alerts whose tracked fields have been updated within a specified timeframe.

legacyGetUpdatedSyncCasesMetadata

 Returns technical metadata for cases whose tracked fields have been updated.

legacyGetUserFullName

 Returns the display name (full name) for a specified SecOps user.

legacyIntegrationConfiguration

 Returns the technical configuration settings for a specific installed integration.

legacyMarkAsImportant

 Marks a case as important (flagged).

legacyRaiseIncident

 Escalates a specific investigation case to a formal incident.

legacyRemoveEntitiesFromCustomList

 Removes one or more technical entities from a specific custom list.

legacySendEmailWithAttachment

 Shares one or more technical investigative artifacts (attachments) via email to specified recipients.

legacySendSystemNotification

 Broadcasts a technical system notification to specified SecOps users.

legacySetAlertSla

 Configures the technical Service Level Agreement (SLA) target for a specific alert.

legacySetCaseSla

 Configures the technical Service Level Agreement (SLA) target for an entire investigation case.

legacySetContextProperty

 Configures a technical metadata value for a specific key within an investigative context.

legacySystemInfo

 Returns comprehensive technical information about the current state, configuration, and health of the SecOps platform instance.

legacyTrySetContextProperty

 Attempts to set a technical metadata value for a specific key within an investigative context, returning success or failure based on the operation's outcome.

legacyUnraiseIncident

 Reverts a formal incident back to a standard technical investigation case.

legacyUpdateAlertPriority

 Updates the priority level of a specific alert.

legacyUpdateAlertsAdditional

 Updates the additional data fields associated with a specific alert.

legacyUpdateBatchCasesExternalCaseIds

 Performs a technical bulk update of internal case identifiers with their corresponding external ticketing system identifiers.

legacyUpdateCaseScore

 Updates the technical risk score for a specific investigation case.

legacyUpdateConfigurationProperty

 Updates a configuration property for a specific integration.

legacyUpdateConnectorParameter

 Updates a dynamic parameter for a specific connector instance.

legacyUpdateEntities

 Updates the technical metadata for one or more security entities.

legacyUpdateNewAlertsSyncStatus

 Updates the technical synchronization status for a set of new alerts.