- HTTP request
- Path parameters
- Query parameters
- Request body
- Response body
- Authorization scopes
- IAM Permissions
- IocMatchMetadata
Full name: projects.locations.instances.threatCollections.fetchIocMatchMetadata
Gets a batch (list) of ioc match metadata for a list of threat collections.
HTTP request
GET https://chronicle.africa-south1.rep.googleapis.com/v1beta/{parent}/threatCollections:fetchIocMatchMetadata Path parameters
| Parameters | |
|---|---|
parent |
Required. The parent resource of the ioc match metadata. Format: projects/{project}/locations/{location}/instances/{instance} |
Query parameters
| Parameters | |
|---|---|
threatCollections[] |
Required. The GTI IDs of the ThreatCollections to fetch IOC match metadata for (e.g. "campaign--604aff2a-754f-5b8d-8d37-c00711ffab43"). |
Request body
The request body must be empty.
Response body
Response containing a list of ioc match metadata.
If successful, the response body contains data with the following structure:
| JSON representation |
|---|
{
"iocMatchMetadata": [
{
object ( |
| Fields | |
|---|---|
iocMatchMetadata[] |
Output only. The list of ioc match metadata requested. |
Authorization scopes
Requires one of the following OAuth scopes:
https://www.googleapis.com/auth/cloud-platformhttps://www.googleapis.com/auth/chroniclehttps://www.googleapis.com/auth/chronicle.readonly
For more information, see the Authentication Overview.
IAM Permissions
Requires the following IAM permission on the parent resource:
chronicle.threatCollections.fetchIocMatchMetadata
For more information, see the IAM documentation.
IocMatchMetadata
IOC match metadata for a threat collection.
| JSON representation |
|---|
{ "threatCollection": string, "iocMatchesCount": integer } |
| Fields | |
|---|---|
threatCollection |
The GTI ID of the ThreatCollection that has IOC matches (e.g. "campaign--604aff2a-754f-5b8d-8d37-c00711ffab43"). |
iocMatchesCount |
Number of ioc matches that correlates to the threatCollection |