Method: instances.generateSyntheticEvents

HTTP request
Path parameters
Request body
- JSON representation
Response body
- JSON representation
Authorization scopes
GeneratedSyntheticEvent
- JSON representation

Full name: projects.locations.instances.generateSyntheticEvents

Generates synthetic events (both raw logs and UDM) for an input Threat Detection Opportunity (TDO).

HTTP request

POST https://{endpoint}/v1alpha/{instance}:generateSyntheticEvents

Where {endpoint} is one of the supported service endpoints.

Path parameters

Parameters

Parameters
`instance`	`string` Required. The Chronicle instance associated with the request. Format: projects/{project}/locations/{location}/instances/{instance}

instance

string

Required. The Chronicle instance associated with the request. Format: projects/{project}/locations/{location}/instances/{instance}

Request body

The request body contains data with the following structure:

JSON representation
{ "threatDetectionOpportunity": { object (`ThreatDetectionOpportunity`) } }

Fields

Fields
`threatDetectionOpportunity`	`object (ThreatDetectionOpportunity)` Required. The threat detection opportunity to generate synthetic events for - free-form user input.

threatDetectionOpportunity

object (ThreatDetectionOpportunity)

Required. The threat detection opportunity to generate synthetic events for - free-form user input.

Response body

Response message for instances.generateSyntheticEvents.

If successful, the response body contains data with the following structure:

JSON representation
{ "instance": string, "syntheticEvents": [ { object (`GeneratedSyntheticEvent`) } ] }

Fields

Fields
`instance`	`string` The Chronicle instance associated with the TDO. Format: projects/{project}/locations/{location}/instances/{instance}
`syntheticEvents[]`	`object (GeneratedSyntheticEvent)` The generated synthetic events.

instance

string

The Chronicle instance associated with the TDO. Format: projects/{project}/locations/{location}/instances/{instance}

syntheticEvents[]

object (GeneratedSyntheticEvent)

The generated synthetic events.

Authorization scopes

Requires one of the following OAuth scopes:

https://www.googleapis.com/auth/cloud-platform
https://www.googleapis.com/auth/chronicle
https://www.googleapis.com/auth/chronicle.readonly

For more information, see the Authentication Overview.

GeneratedSyntheticEvent

Generated synthetic event. This contains both the raw log and udm form of the synthetic event, along with the UUID of the feedback report.

JSON representation
{ "rawLog": string, "udm": { object (`UDM`) }, "feedbackId": string }

Fields

Fields
`rawLog`	`string (bytes format)` The raw log form of the generated synthetic event. A base64-encoded string.
`udm`	`object (UDM)` The udm form of the generated synthetic event.
`feedbackId`	`string` The ID of the feedback report.

rawLog

string (bytes format)

The raw log form of the generated synthetic event.

A base64-encoded string.

udm

object (UDM)

The udm form of the generated synthetic event.

feedbackId

string

The ID of the feedback report.

Method: instances.generateSyntheticEvents Stay organized with collections Save and categorize content based on your preferences.

HTTP request

Path parameters

Request body

Response body

Authorization scopes

GeneratedSyntheticEvent

Method: instances.generateSyntheticEvents